managed siem, threat intelligence & log management - a … · 2019-02-14 · remote managed...
TRANSCRIPT
A Comprehensive Guide to Remote Managed IT Security
EventTracker
2
About Netsurion
EventTracker
Netsurion powers secure and agile networks for highly distributed and
small-to-medium enterprises and the IT providers that serve them. In
such environments, the convergence of threat protection and network
management are driving the need for greater
interoperability between the NOC (network operations center) and the
SOC (security operations center) as well as solutions that fuse technology
and service to achieve optimal results. To this end, Netsurion has
converged purpose-built network hardware,
innovative security software, and flexible managed services.
Netsurion’s SD-Branch solution, BranchSDO, is a comprehensive network
management and security solution consisting of SD-WAN, next-gen
security, cellular, Wi-Fi, and PCI DSS compliance tools and support. At
the heart of the solution is the CXD, Netsurion’s SD-WAN edge appliance.
Netsurion’s Security Operations solution, EventTracker, delivers advanced
threat protection and compliance benefits in a variety of deployment
options: a SIEM platform, a co-managed SIEM service with 24/7 SOC,
and a managed SIEM for MSPs.
EventTracker3
Hacking accounts for
36% data breaches
third among top 10 sectors breached by number of incidents
Students, faculty and campus employees
phishing, malware and social engineering rampant, how can you secure valuable
EventTracker4
1.36 million
were exposed
related breaches
IT security challenges
IT security challenges because of their openness and
and data from cyber threats, on the interconnected
challenged by security breaches, malware and
EventTracker5
Challenges
• improve security
Someone to +
EventTracker6
Remote Managed SIEM
security data including logs and allows near
forensics, trend analysis and automated
escalates security incidents with context
EventTracker7
Remote Managed SIEMSecurity Experts
professional has, or needs to have, all of the relevant
Unfortunately, the demand for cybersecurity professionals Remote
highly skilled security experts.
EventTracker8
Remote Managed SIEM
• Monitor your network for threats including malware, ransomware, advanced persistent
EventTracker9
E ec veness Exper se Loca on
Co
ntro
l
E ciency Customia o
n Lower Cost Integra
on
• The EventTracker
takes advantage of economies of scale and passes the savings on to you
• Purchase as OpEx or CapEx for lowest cost deployment and maintenance
• Extend security controls to new
increases
• Faster response to new threats
• Improvements are deployed to all customers,
improvement
experts in popular technologies including MS Windows, RedHat, Cisco, VMware, Checkpoint, Exchange, Oracle, Snort, Imperva, McAfee ePO etc
familiarity with your network architecture and users
• All data remains within
premises, subject to your controls
audited access to EventTracker only
• All SIEM data including reports, incidents and notes remain on your premises
• Fine grained
is available to accommodate policy requirements
• Easily integrated with numerous
and other security controls
Control• You can have
as much control as you choose
• Delegate tasks to the ECC to the extent you prefer
$
~~~
EventTracker10
Remote Managed SIEMWhat to Expect
Netsurion’s co-managed SIEM, EventTracker
your team to plan, scope and install the SIEMphonic, provides experts that work with
Netsurion will consult and coordinate with your team to configure and deploy Netsurion to meet your needs. Then the sta� will assume
EventTracker11
Features
volume/performance analysis
EventTracker SOC provides expert EventTracker systemadministration including:
• Generate Weekly System Status Report
• Escalate as needed
Dashboard Powerpoint
RUN
EventTracker12
Features
• Review Top Level Summary Reports forrelevant frameworks
• Review Detailed Reports as necessary
• Cus
The EventTracker SIEMphonic team provides on-demand expert services on an annual retainer
tom Alerts
• Custom Scripts