Support
 
Support Get Quote
 
 
 
 

GPG Compliance Reports

GPG 13 compliance with EventLog Analyzer

The Good Practice Guide 13 (GPG 13) is a framework with twelve Protective Monitoring Controls (PMCs) for all Her Majesty's Government organizations. When it comes to user access to networks and systems, GPG 13 requires organizations to record: 

GPG Compliance Reports

  • Unauthorized application access
  • File access attempts to sensitive information
  • Successful logins and logouts
  • Unsuccessful logins and logouts
  • Privileged system changes (e.g. account management, policy changes, device configuration)

GPG 13 also mandates organizations retain logs for at least six months. Complying with all of GPG 13's PMCs can prove to be difficult, especially for an organization with a small IT security team.

EventLog Analyzer's real-time collection and analysis of logs can help enterprises achieve GPG 13 compliance. It offers predefined reports with each PMC mapped to different security events.

GPG 13 compliance with EventLog Analyzer

Requirement How EventLog Analyzer helps with compliance
PMC-1
Accurate time stamp
Prevents anyone from tampering with log timestamps.
PMC-2
Recording of business traffic crossing a boundary
Records traffic that passes through IIS and Apache web servers in the PMC-2 reports. 
PMC-3
Recording of suspicious activity at the boundary
Displays all connections that have been denied and possible attacks on network perimeter devices in the PMC-3 reports.
PMC-4
Recording of internal workstation, server, or device status
Detects and records any suspicious activity, including configuration changes, privileged access, unexpected system and application restarts, software installation, removable media insertion and removal, and sensitive file access.
PMC-5
Recording of suspicious internal network activity
Records policy changes and helps identify if an inside user is carrying out malicious activity.
PMC-6
Recording of network connections
Records all Windows, Unix, and network perimeter device logons.
PMC-7
Recording of session activity of users and workstations
Tracks entire user sessions from start to close, including details of their activity during the session.
PMC-8
Recording of data backup status
Records failed backups and restoration events.
PMC-9
Alerting when critical events occurs
Sends real-time alerts via email and SMS when any anomalous activity happens in the network. A program can be assigned to run when an alert is generated.
PMC-10
Reporting on the status of the audit system
Tracks the clearing of all security logs and event logs. 
PMC-11
Production of sanitized and statistical management reports
Offers a highly customizable reporting function; admins can configure existing reports to suit their specific requirements, or they can create new ones.
PMC-12
Providing a legal framework for protective monitoring activities
Ensures that all data is collected and analyzed for forensic validity.
Customer Speaks
  • Credit Union of Denver has been using EventLog Analyzer for more than four years for our internal user activity monitoring. EventLog Analyzer provides great value as a network forensic tool and for regulatory due diligence. This product can rapidly be scaled to meet our dynamic business needs.
     
    Benjamin Shumaker
    Vice President of IT / ISO
    Credit Union of Denver
  • The best thing, I like about the application, is the well structured GUI and the automated reports. This is a great help for network engineers to monitor all the devices in a single dashboard. The canned reports are a clever piece of work.
     
    Joseph Graziano, MCSE CCA VCP
    Senior Network Engineer
    Citadel
  • EventLog Analyzer has been a good event log reporting and alerting solution for our information technology needs. It minimizes the amount of time we spent on filtering through event logs and provides almost near real-time notification of administratively defined alerts.
     
    Joseph E. Veretto
    Operations Review Specialist
    Office of Information System
    Florida Department of Transportation
  • I love the alerts feature of the product. We are able to send immediate alerts based on pretty much anything we can think of. We send alerts when certain accounts login, or when groups are changed, etc. That has been very helpful. Also the automatic archive of the log files has been very helpful and has taken the worry out of keeping old logs. The “Ask Me” function is very nice as well. It is great to have some natural language queries built in where you can just click a button and get an answer.
     
    Jim Earnshaw
    Senior Computer Specialist
    Department of Chemistry
    University of Washington
  • Windows Event logs and device Syslogs are a real time synopsis of what is happening on a computer or network. EventLog Analyzer is an economical, functional and easy-to-utilize tool that allows me to know what is going on in the network by pushing alerts and reports, both in real time and scheduled. It is a premium software Intrusion Detection System application.
     
    Jim Lloyd
    Information Systems Manager
    First Mountain Bank

EventLog Analyzer Trusted By

A Single Pane of Glass for Comprehensive Threat Management