b'10 Partner News Winter 2021MODArmy Cyber Information Systems Operations Centre (Army CyISOC) ToolsThe Army Cyber Information Security Operations Centre (CyISOC), located in Corsham in the South-West of England, provides the ability to oversee and assure deployed Army communications equipment and services. The work is divided into the Network Operations Centre (NOC) who monitor, maintain and assure the daily performance of the networks and the Security Operations Centre (SOC) which assures the security of Army owned networks and services. The Army CyISOC has numerous capabilities and unique technologies to facilitate their tasks. All of these being the concern of the Corsham team, there are alsoindividual teams who implement service management all from a system of systems approach. A Network Monitoring Team (NMT) has been created, consisting of 2 x SP and 1 x CS, with a range of tasks. The NMT has the responsibility of monitoring the patching, updates and modifications of services. Whilst also managing severalSgt Tajinder Singh and Cpl Joseph McAllisterdashboards allowing live monitoring of traffic on Operations and exercises. ThisThe network uses two hubs and PRTG hashas allowed us to watch suspected faults data collection, in the hands of the Armyhelped the team become more proactive,unfold and pinpoint the moment at which CyISOC allows proactive fault rectificationas it has now been configured with knownthe network fails and what was happening and triage, enhancing innovative work thatthresholds to immediately alert whenon the network if or when it fails.continues to push the capabilities outputs. assets or entire Operations experience issues or potential faults. In the future, itThis knowledge gained on the SCP has The work so far has involved incorporatingwill prompt the team to begin fault finding,been shared with other formations in Paessler Router Traffic Grapher (PRTG)often before the distant deployment is evenpreparation for their deployments so that Network Monitoring application within ouraware of a problem.they too can exploit the level of detail wide area network. This was previouslyand they will be able to monitor their own unavailable due to some intricateIn addition to PRTG we have started tonetworks when deployed. We are also complications of the nature of the network,implement the use of the Steel Centralbeginning to deliver training to personnel but the innovative work now grants us aPortal (SCP). This allows us to view data forfrom other units and will provide additional great overview of the system of systemsany asset connected to our base network.support during their deployments.network. This can be used for simple viewing of a deployed assets performance,The SCP capability is a tool that additionalWere now working on documentation to through to understanding the criticaltraining has enabled the team to create aassure the progress weve made thus far, network features required for refinement.virtual environment in which they can viewcapturing lessons learned and developing specific information, right down to point topublications to aid in training the engineers This Syslog function also provides anpoint packet conversations and the metricswho will work with this equipment in element of fault information, allowing thethat are used within those individualthe future, be it at the CyISOC or in the NMT to proactively analyse hardwareconversations such as applications anddeployed space.performance. connected networks. The ability to do this'