Specifications include, but are not limited to: Monitoring: 1. All internal corporate systems to include workstations, servers/domain controllers, switching/routing infrastructure, virtualization and storage infrastructure, and other connected IT devices. 2. All external public facing systems to include firewalls, load balancers, web servers, FTP servers, and web service interface points. 3. All DMZ systems to include flow controls from external to internal systems. 4. All wireless systems to include internal touch points from all SSID, broadcast or hidden, as well as encryption levels. 5. All distributed control systems to include corporate LAN to control system LAN and integration systems. 6. All network traffic in and out of the firewalls, and across the internal switches and VLANS. Threat Intelligence and Reporting 1. Gather threat intelligence, provide it to the port, and suggest implementation controls necessary to combat threats. 2. Provide a portal that is usable by port security personnel to look at and monitor activity
