SDOP Overview
Real-time monitoring of device enrollment, lifecycle state, and governance metrics across all Bell Retail entities.
Total Devices
0
Active Devices
0
Pending Approvals
0
Suspended/Revoked
0
β‘ Recent Activity
| Timestamp | Event | Device | User | Dealer Scope | Status |
|---|---|---|---|---|---|
| No recent activity | |||||
Device Registry
Complete inventory of all enrolled devices with certificate details, lifecycle state, and audit trail.
Status
Dealer Scope
Search
ποΈ Registered Devices
| Device | UUID | Serial | Status | Dealer | Enrolled | Expiry | Actions |
|---|---|---|---|---|---|---|---|
| No devices in registry | |||||||
Pending Approvals
High-risk enrollment requests and reinstatement requests requiring Bell IT Security approval.
Lifecycle Events
Track device state transitions across all lifecycle stages. Monitor enrollment velocity, suspension patterns, and revocation trends.
Enrolling
0
Active
0
Suspended
0
Revoked
0
Expired
0
π Recent State Transitions
| Timestamp | Device | Transition | Actor | Dealer Scope | Reason |
|---|
Threat Detection
Real-time anomaly detection for enrollment abuse, credential compromise, and certificate misuse patterns.
Active Threats
0
Suspicious Activity
0
Blocked Attempts
0
Resolved
0
β οΈ Active Threats
π‘οΈ Detection Rules
Rapid Enrollment Detection
Trigger: >7 devices in 5 minutes from same dealer
Certificate Duplication
Trigger: Same cert UUID seen on multiple Okta device IDs
Credential Stuffing
Trigger: Failed auth attempts >5 from same IP
Abnormal Dealer Activity
Trigger: Enrollment from inactive dealer (>90 days)
Compliance Reports
Generate audit-ready reports for security reviews, policy compliance, and regulatory requirements.
Compliance Rate
97%
Expiring Soon
0
Policy Violations
0
Audit Events
0
π Available Reports
Device Lifecycle Summary
Complete breakdown of devices by lifecycle state with enrollment trends
Format: PDF, CSV, Excel
Certificate Expiry Forecast
Certificates expiring in next 30/60/90 days with renewal schedule
Format: PDF, Excel
Governance Compliance Audit
Policy adherence rates, approval workflow metrics, velocity compliance
Format: PDF
Dealer Activity Report
Enrollment by dealer scope, active devices per entity/POD, anomaly flags
Format: PDF, CSV, Excel
Security Incident Summary
Threat detections, blocked attempts, suspended devices, revocation reasons
Format: PDF
Complete Audit Trail Export
Full immutable audit log for specified date range (SIEM-ready format)
Format: JSON, CSV
π
Scheduled Reports
| Report Type | Frequency | Recipients | Last Run | Status | Actions |
|---|---|---|---|---|---|
| Device Lifecycle Summary | Weekly (Monday 9AM) | bell-it-security@bell.ca | 2026-02-10 09:00 | ACTIVE | |
| Certificate Expiry Forecast | Monthly (1st, 9AM) | pki-team@bell.ca | 2026-02-01 09:00 | ACTIVE | |
| Governance Compliance Audit | Quarterly | compliance@bell.ca, ciso@bell.ca | 2026-01-01 09:00 | ACTIVE |
Audit Logs
Complete immutable audit trail of all SDOP operations. Forwarded to SIEM in real-time.
Event Type
Date Range
to
π Audit Trail
| Timestamp | Event Type | Actor | Device ID | IP Address | Details |
|---|---|---|---|---|---|
| No audit events | |||||
Governance Policies
Configure enrollment velocity limits, risk thresholds, and approval workflows.
βοΈ Enrollment Velocity Controls
Max Devices Per Dealer
Triggers high-risk classification
Velocity Window (minutes)
7+ devices in this window = high-risk
Auto-Approval Threshold
π Certificate Lifecycle
Certificate Validity (years)
Renewal Notification (days before expiry)
Auto-Revoke on Expiry
PKI Configuration
Bell Retail CA connection, certificate templates, and cryptographic settings.
π CA Connection Status
Connected
CA Endpoint: https://bell-retail-ca.internal.bell.ca/api/v1
Intermediate CA: CN=Bell Retail Intermediate CA, O=Bell Canada, C=CA
HSM: Luna SA 7, FIPS 140-2 Level 3
Last Health Check: 2 minutes ago β
Intermediate CA: CN=Bell Retail Intermediate CA, O=Bell Canada, C=CA
HSM: Luna SA 7, FIPS 140-2 Level 3
Last Health Check: 2 minutes ago β
π Certificate Template
Subject DN: CN={random-uuid}
Issuer: Bell Retail Intermediate CA
Key Usage: Digital Signature
Extended Key Usage: Client Authentication (1.3.6.1.5.5.7.3.2)
Validity: 5 years
Key Algorithm: RSA-2048 (Phase 1) β Hardware-backed (Phase 2)
Non-Exportable: Enforced where platform supports
Issuer: Bell Retail Intermediate CA
Key Usage: Digital Signature
Extended Key Usage: Client Authentication (1.3.6.1.5.5.7.3.2)
Validity: 5 years
Key Algorithm: RSA-2048 (Phase 1) β Hardware-backed (Phase 2)
Non-Exportable: Enforced where platform supports