Important: The GCConnex decommission will not affect GCCollab or GCWiki. Thank you and happy collaborating!

Difference between revisions of "GC ESA Artifact Repository"

From wiki
Jump to navigation Jump to search
 
Line 19: Line 19:
 
! style="background: #c2c2fa; color: black" width="16%" scope="col" | [[Other Resources]]  
 
! style="background: #c2c2fa; color: black" width="16%" scope="col" | [[Other Resources]]  
 
|} </div></div>
 
|} </div></div>
 
+
{{Delete|reason=Expired Content}}
{{TOCright}}
 
 
 
== GC ESA Artifacts ==
 
[[Media:GC ESA Program Charter.pdf|GC ESA Program Charter]] -- [[ESA Program Charter|<u>'''Synopsis'''</u>]] // [[Media:Charte du programme.pdf| Charte du programme de l'ASI du GC]]
 
 
 
[[Media: GC ESA Program Implementation Framework.pdf|GC ESA Program Implementation Framework]] -- [[ESA Program Implementation Framework|<u>'''Synopsis'''</u>]]
 
 
 
[[Media:GC ESA Framework.pdf|GC ESA Framework]] -- [[ESA Framework|<u>'''Synopsis'''</u>]]
 
 
 
[[Media:GC ESA Backgrounder.pdf|GC ESA Backgrounder]] -- [[ESA Backgrounder (Strategy)|<u>'''Synopsis'''</u>]]
 
 
 
[[Media:GC ESA Vision and Strategy.pdf|GC ESA Vision and Strategy]]
 
 
 
[[Media:GC ESA Enterprise Threat Assessment for Executives.pdf|GC ESA Enterprise Threat Assessment - January 2017 Update]]
 
 
 
[[Media:GC ESA Requirements Database Overview.pdf|GC ESA Requirements Database Overview]]
 
 
 
[[Media:GC ESA Architectural Needs Report.xlsx|GC ESA Architectural Needs]]
 
 
 
GC ESA System Requirements Traceability Matrix
 
 
 
GC ESA Security Controls Mapping Matrix
 
 
 
[[Media:Mobile Device Security Considerations Discussion Paper.pdf|Mobile Device Security Considerations Discussion Paper]]
 
 
 
[[Media:GC ESA - PALL-PBMM Security Control Profile Analysis.pdf|GC ESA PALL-PBMM Security Control Profile Analysis]]
 
 
 
[[Media:GC ESA Security Guide for Installation of Interconnections.docx|GC ESA Security Guide for Installation of Interconnections]]
 
 
 
=== ''GC ESA Concept of Operations'' ===
 
[[Media:GC Enterprise Security ConOps.pdf|GC ESA ConOps Main Body]] -- '''[[ESA Security ConOps|<u>Synopsis</u>]]'''
 
 
 
[[Media:GC Enterprise Security ConOps - ANNEX A DLP.pdf|GC ESA ConOps Annex A: Data Loss Prevention]] -- '''<u>[[Annex A: Data Loss Prevention|Synopsis]]</u>'''
 
 
 
[[Media:GC Enterprise Security ConOps - ANNEX B Cloud Security.pdf|GC ESA ConOps Annex B: Cloud Security]] -- '''<u>[[Annex B: Cloud Security|Synopsis]]</u>'''
 
 
 
[[Media:GC ESA ConOps - ANNEX C Secure Enterprise Application Delivery.pdf|GC ESA ConOps Annex C: Secure Enterprise Application Delivery]] -- '''<u>[[Annex C: Secure Enterprise Application Delivery|Synopsis]]</u>'''
 
 
 
[[Media:GC ESA ConOps - ANNEX D Secure Enterprise Systems Administration.pdf|GC ESA ConOps Annex D: Secure Enterprise Systems Administration]] -- '''<u>[[Annex D: Secure Enterprise Systems Administration|Synopsis]]</u>'''
 
 
 
[[Media:GC ESA ConOps - ANNEX E GC Enterprise VMS.pdf|GC ESA ConOps Annex E: Vulnerability Management System]] -- '''<u>[[Annex E: Vulnerability Management System|Synopsis]]</u>'''
 
 
 
===''GC ESA Description Documents'' ===
 
[[Media:GC ESA Description Document (ESADD) - Main Body.pdf|GC ESA Description Document Main Body]] -- [[ESA Architecture Description Document (ESADD)|<u>'''Synopsis'''</u>]]
 
 
 
[[Media:GC ESA Description Document (ESADD) - ANNEX A END.pdf|GC ESA Description Document Annex A - Endpoint Security (END)]] -- <u>'''[[Annex A: Endpoint Security|Synopsis]]'''</u>
 
 
 
[[Media:GC ESA Description Document (ESADD) - ANNEX B DAT.pdf|GC ESA Description Document Annex B - Data Security (DAT)]] -- <u>'''[[Annex B: Data Security|Synopsis]]'''</u>
 
 
 
[[Media:GC ESA Description Document (ESADD) - ANNEX C NCS.pdf|GC ESA Description Document Annex C - Network and Communications Security (NCS)]] -- <u>'''[[Annex C: Network and Communications Security|Synopsis]]'''</u>
 
 
 
[[Media:GC ESA Description Document (ESADD) - ANNEX D OPS.pdf|GC ESA Description Document Annex D - Security Operations (OPS)]]
 
 
 
[[Media:GC ESA Description Document (ESADD) - ANNEX E APP.pdf|GC ESA Description Document Annex E - Application Security (APP)]]
 
 
 
[[Media:GC ESA Description Document (ESADD) - ANNEX F CSS.pdf|GC ESA Description Document Annex F - Compute and Storage Services Security (CSS)]]
 
 
 
=== ''GC ESA Pattern Diagrams & Use Cases'' ===
 
[[Endpoint Security|GC ESA END Pattern Diagrams and Use Cases]]
 
 
 
[[Data Security|GC ESA DAT Pattern Diagrams and Use Cases]]
 
 
 
[[Network and Communications Security|GC ESA NCS Pattern Diagrams and Use Cases]]
 
 
 
[[Security Operations|GC ESA OPS Pattern Diagrams and Use Cases]]
 
 
 
[[Application Security|GC ESA APP Pattern Diagrams and Use Cases]]
 
 
 
[[Compute and Storage Services Security|GC ESA CSS Pattern Diagrams and Use Cases]]
 
 
 
== GC ESA Initiatives ==
 
 
 
'''Cloud Security'''
 
<br>
 
[[Media:GC Cloud Security Risk Management Approach and Procedures - EN.pdf|GC Cloud Security Risk Management Approach and Procedures]] // [[Media:Approche et procédures de gestion des risques liés à la sécurité de l’informatique en nuage - FR.pdf|Approche et procédures de gestion de risque de la sécurité de l’informatique en nuage]]
 
[[Media:GC Cloud Profile PBMM - EN.pdf|GC Security Control Profile for Cloud-Based GC IT Services (PB/M/M) (Version 1.1, March 2018)]] // [[Media:GC Cloud Profile PBMM - FR.pdf|Profil de contrôle de sécurité pour les services de la TI du GC fondés sur l’informatique en nuage (PB/M/M) (Version 1.1, mars 2018)]]
 
* [[Media:GC Cloud Security Controls v1.1.xls|Version 1.1 - Appendix A Matrix (Excel)]]
 
* [[Media:GC Cloud Profile PBMM v1.1 - EN (Track Changes).pdf|Track Changes Version 1.1]]
 
**''Archived Versions''
 
*** [[Media:GC Cloud Profile PBMM v1.0 - EN.pdf|GC Security Control Profile for Cloud-based GC IT Services (PB/M/M) (Version 1.0, Feb 2017)]] // [[Media:GC Cloud Profile PBMM v1.0 - FR.pdf|Profil de contrôle de sécurité pour les services de la TI du GC fondés sur l’informatique en nuage (PB/M/M) (Version 1.0, fev 2017)]]
 
***[[Media:GC Cloud Security Controls v1.0.xls|Version 1.0 - Appendix A Matrix (Excel)]]
 
***[[Media:GC Cloud Profile PBMM v1.0 - EN (Track Changes).pdf|Track Changes Version 1.0]]
 
[[Media:GC Cloud Tiered Assurance Model.xlsx|GC Cloud Tiered Assurance Model]]<br>
 
[[Media:GC SaaS Assessment Tool.xlsx|GC SaaS Assessment Tool]]<br>
 
[[Media:GC Enterprise Hybrid Cloud High-Level Design.pdf|GC Enterprise Hybrid Cloud High-Level Design]]
 
<br>
 
[[Media:Considerations for Use of Cryptography in Cloud.pdf|Considerations for the Use of Cryptography in Cloud]] //
 
[[Media:Considérations relatives à l’utilisation de la cryptographie dans les services d’informatique en nuage commerciaux.pdf|Considérations relatives à l’utilisation de la cryptographie dans les services d’informatique en nuage commerciaux]]
 
<br>
 
[[Media:GC ESA Security Design Patterns for SaaS-based Solutions.pdf|GC ESA SaaS Design Patterns]]
 
*[[Media:Baseline controls for SaaS Solutions.xlsx|Baseline controls for SaaS Solutions]]
 
[[Media:GC Secure Cloud Connectivity Requirements.pdf|GC Secure Cloud Connectivity Requirements]]
 
* [[Media:GC Cloud Access Use Cases.xlsx|GC Cloud Access Use Cases]]
 
* [[Media:GC Cloud Connection Patterns.pdf|GC Connection Patterns]]
 
[[Media:GC Cloud Guardrails.pdf|<nowiki/>]][[Media:GC Cloud Guardrails.pdf|GC Cloud Guardrails]]
 
*[https://www.gcpedia.gc.ca/gcwiki/images/e/ed/GC_Cloud_Guardrails.xlsx GC Cloud Guardrails - Initial 30 Days (Scope is security of the cloud tenant)]
 
*[[Media:SOP for Validating Cloud Guardrails.pdf|<nowiki/>]][[Media:SOP for Validating Cloud Guardrails.pdf|Standard Operating Procedure for Validating Cloud Guardrails]]
 
*[https://canada-ca.github.io/cloud-guardrails-O365 GC Cloud Guardrails for Office 365]
 
*[[Media:Office 365 Security Baseline Configuration.xlsx|Office 365 Security Baseline Configuration]] **Version 1.6 update**
 
*[[Media:GC Departmental Domains.xlsx|GC Departmental Domains - External Access Configuration]]
 
[[Media:Considerations for Enabling Collaboration in MS Teams.pdf|Considerations for Enabling Collaboration in MS Teams]] / [[Media:Considérations pour faciliter la collaboration dans Microsoft Teams.pdf|Considérations pour faciliter la collaboration dans Microsoft Teams]]
 
 
 
[[Media:Considerations for Using Microsoft Cognitive Services.pdf|Considerations for Using Microsoft Cognitive Services]] /  [[Media:Considérations liées à l’utilisation de Microsoft Cognitive Services.pdf|Considérations liées à l’utilisation de Microsoft Cognitive Services]]
 
<br>
 
[[Media:GC Cloud Enablement - The Building Blocks.pptx|GC Cloud Enablement - The Building Blocks]] / [[Media:Les éléments de base pour les solutions infonuagiques du GC.pptx|Les éléments de base pour les solutions infonuagiques du GC]]
 
<br>
 
<br>
 
<br>
 
'''Application Security'''
 
<br> [[Media:GC DevSecOps Conceptual Framework.pdf|GC DevSecOps Conceptual Framework]]
 
<br> [[Media:Guidance for Software Assurance.pdf|DRAFT Guidance on Software Assurance]]
 
<br> [[Media:Guidance for Secure Application Development.pdf|DRAFT Guidance for Secure Application Development]]
 
<br> [[Media:Guidance for Secure Containers and Microservices.pdf|DRAFT Guidance for Secure Containers and Microservices]]
 
<br> [[Media:Security Controls Mapping to Docker and Kubernetes.xlsx|DRAFT Security Controls Mapping to Docker and Kubernetes]]
 
<br>[[Media:Application Security Training.pdf|Application Security Training - Sept 2018]]<br>
 
<br>
 
'''Data Loss Prevention'''
 
<br> [[Media:GC Enterprise DLP HLD.pdf|GC ESA Data Loss Prevention High-Level Design]]
 
<br> [[Media:GC Enterprise DLP Implementation Strategy.pdf|GC Enterprise Data Loss Prevention Implementation Strategy]]
 
<br> [[Media:DRAFT for Discussion - GC Data Protection Strategy - DLP Initiative.pdf|DRAFT GC ESA Data Protection Strategy - DLP Initiative Presentation]]
 
<br>
 
<br> '''Vulnerability Management System'''
 
<br> [[Media:GC Enterprise VMS HLD.pdf|GC ESA Vulnerability Management System High-Level Design]]
 
<br> [[Media:Overview of Vulnerability Disclosure for the GC.pdf|Overview of Vulnerability Disclosure for the GC]]
 
<br> [[Media:Vulnerability Disclosure Program for the GC - Recommendations Report.pdf|Vulnerability Disclosure Program for the GC - Recommendations Report]]
 
<br> [[Media:Vulnerability Disclosure Policy Template.pdf|Vulnerability Disclosure Policy Template]]
 
<br>
 
<br> '''GC Trusted Interconnection Points (GC-TIP)'''
 
<br> [[Media:GC Trusted Interconnection Points (GC-TIP) Concept.pdf|GC Trusted Interconnection Points (GC-TIP) Concept]]
 
<br>
 
<br> '''GC Endpoint Visibility and Awareness (EVA)'''
 
<br> [[Media:GC Endpoint Visibility and Awareness (EVA) Concept.pdf|GC Endpoint Visibility and Awareness (EVA) Concept]]
 
<br>
 
<br> '''GC Zero Trust Security (ZTS)'''
 
<br> [[Media:GC Zero Trust Security Concept.pdf|GC Zero Trust Security (ZTS) Concept]]
 
<br> [[Media:GC Zero Trust Reference Architecture.pdf|DRAFT GC Zero Trust Security Reference Architecture]]
 
<br>
 
<br> '''GC Enterprise Continuous Monitoring'''
 
<br> [[Media:GC Enterprise Information Security Continuous Monitoring Concept Paper.pdf|DRAFT GC Enterprise Information Security Continuous Monitoring Concept]]
 
<br>
 
<br>
 
'''Identity, Credential, and Access Management'''
 
<br>[https://github.com/canada-ca/CATS-STAE Cyber Authentication Technology Solutions (CATS) specifications (2.0 and draft 3.0)]<br>[https://github.com/canada-ca/CATS-STAE/tree/develop/Social DRAFT Social Media Login Guidance]
 
<br>[[Media:GC Cloud Authentication Guidance.pdf|''GC Cloud Authentication Guidance'']]
 
<br>[[Media:Recommendations for 2FA within the GC Enterprise Domain.pdf|Recommendations for Two-Factor Authentication within the GC Enterprise Domain]]
 
<br>[[Media:GC MFA Strategy.pdf|<nowiki/>]][[Media:GC MFA Strategy.pdf|GC Multi-Factor Authentication (MFA) Strategy Paper]]
 
 
 
'''Password Guidance'''<br>[https://www.canada.ca/en/government/system/digital-government/online-security-privacy/password-guidance.html GC Password Guidance]
 
<br>[[Media:Implementation Strategy for GC Password Guidance.pdf|DRAFT Implementation Strategy for GC Password Guidance]]
 
<br>[[Media:GC password manager guidance v0.4 27Jan 20.docx|<nowiki/>]][https://www.gcpedia.gc.ca/gcwiki/images/b/bd/GC_Password_Manager_Guidance_%28July_2020%29.pdf GC Password Manager Guidance]
 
[https://www.gcpedia.gc.ca/gcwiki/images/b/bd/GC_Password_Manager_Guidance_%28July_2020%29.pdf <br>][https://www.gcpedia.gc.ca/gcwiki/images/d/dd/Generic-BRD-Active-Directory-Passphrase-Compatibility-Tools.xlsm Generic BRD for AD Passphrase Compatibility Tools]
 
 
 
<br>
 
 
 
== Guidance ==
 
<br>
 
[https://www.gcpedia.gc.ca/wiki/SPIN_2015-01 SPIN-2015 Priority IT Actions]
 
<br> [https://www.gcpedia.gc.ca/wiki/SPIN_2015-01_Follow-Up_Activities SPIN-2015 Follow-up Activities]
 
<br>
 
[[Media:Guidance for the Secure Use of Collaboration Tools.pdf|Guidance for the Secure Use of Collaboration Tools]] / [[Media:Orientation sur la facilitation de l’accès aux services Web.pdf|Orientation sur la facilitation de l’accès aux services Web]] <br>
 
 
 
[[Media:Availability by Design Position Paper.pdf|DRAFT Availability by Design Position Paper]]<br>
 
 
 
[[Media:Rationale for the Protection Against Exploits of Shared Resources.pdf|Rationale for the Protection Against Exploits of Shared Resources]] *DRAFT*<br>
 
 
 
[[Media:ITSG-33 Primer for IT Projects.pdf|ITSG-33 Primer for IT Projects]]
 
<br>
 
[[Media:GC Event Logging Guidance.pdf|GC Event Logging Guidance]]
 
<br>
 
[[Media:GC Patch Management Guidance.pdf|GC Patch Management Guidance]]
 
<br>
 
[[Media:Security Playbook for Information System Solutions.pdf|Security Playbook for Information System Solutions]]
 
*[[Media:Baseline security controls for applications.xlsx|Baseline security controls for applications - Version 1.0 - Appendix A Matrix (Excel)]]
 
[[Media:Ransomware FAQ.pdf|Ransomware FAQ]]
 
<br>
 
[[Media:Considerations for GC Communication Technologies.pdf|Considerations for GC Communication Technologies]] / [[Media:Considérations liées aux technologies des communications du GC.pdf|Considérations liées aux technologies des communications du GC]]
 
<br>
 
 
 
== Security Control Profiles ==
 
[[Media:HR Services Security Control Profile.zip|Security Control Profile for Human Resources Services]]
 
<br>
 
[[Media:FM Services Security Control Profile.zip|Security Control Profile for Financial and Material Management Resources Services]]
 
<br>
 
[[Media:IM Services Security Control Profile.zip|Security Control Profile for Information Management Services]]
 
<br>
 
 
 
 
 
== Standard Operating Procedures ==
 
[[Media:Guideline for Authorization of Enterprise Systems.pdf|Guideline for Authorization of Enterprise Systems]]
 
<br>[[Media:GC Cloud Event Management Standard Operating Procedure.pdf|GC Cloud Event Management Standard Operating Procedure]]
 
<br>[[Media:Exception Request for Inverse Split Tunneling Allow List.xlsx|Exception Process for Inverse Split Tunneling Allow List]]  / [[Media:Demande d’exception visant une mise sur liste blanche de la segmentation du tunnel inverse.xlsx|Demande d’exception visant une mise sur liste autoriser de la segmentation du tunnel inverse]]
 
<br>[[Media:Netlogon Remediation Procedure.docx|Netlogon Remediation Procedure]] / [[Media:Netlogon Remediation Procedure-FR.docx|Procédure de correction pour Netlogon]]
 
 
 
== Tools ==
 
[[Media:GC ESA Tools Report.pdf|GC ESA Tools Report]]
 
 
 
[[Media:Tool-Security Categorization.zip|Security Categorization Tool (incl. Manual & Example)]]
 
 
 
[[Media:Tool-Business Needs for Security.zip|Business Needs for Security Tool (incl. User Manual)]]
 
 
 
[[Media:Tool-Threat Assessment.zip|Threat Assessment Tool (incl. Manual & Example)]]
 
 
 
<br>
 
 
 
== Templates ==
 
[[Media: ITSG-33 Controls Template.vsd|ITSG-33 Controls Template (.VSD)]]
 
 
 
[[Media:GC ESA Concept of Operations (ConOps) Template.docx|Concept of Operations (ConOps) Template]]
 
 
 
[[Media:GC ESA System Concept (SysCon) Document Template.docx|System Operational Concept (SysCon) Template]]
 
 
 
[[Media:GC ESA Guide for ConOps and SysCon Document Templates.pdf|GC ESA Guide for ConOps and SysCon Document Templates]]
 
 
 
[[Media:Comments Template.xlsx|Comments Template]]
 
 
 
<br>
 
 
 
== Presentations ==
 
[[Media: Introduction to Enterprise Security Architecture (GC Security Summit 2014).pptx|Introduction to Enterprise Security Architecture (GC Security Summit 2014)]]
 
 
 
[[Media: Introduction au Programme d’architecture de sécurité intégrée du GC (Sommet sur la sécurité GC 2014).pptx|Introduction au Programme d’architecture de sécurité intégrée du GC (Sommet sur la sécurité GC 2014)]]
 
 
 
<br>
 
 
 
== GC ESA Help Page ==
 
[[GC ESA Help Page|Click Here to Learn How to Edit the ESA Portal]]
 
 
 
[[Category:Government of Canada Enterprise Security Architecture (ESA) Program]]
 
[[Category:Enterprise Security Architecture]]
 
[[Category:GC Enterprise Architecture]]
 

Latest revision as of 13:40, 20 April 2021