IBM Infrastructure Security Services Managed Security Information and Event Management Service Description

Size: px
Start display at page:

Download "IBM Infrastructure Security Services Managed Security Information and Event Management Service Description"

Transcription

1 IBM Infrastructure Security Services Managed Security Information and Event Management Service Description Z SSA Page 1 of 34

2 Table of Contents 1.0 Scope of Services Definitions General Terms QRadar Technology Terms Service Roles Managed SIEM Services Contacts Security Operations Center Points of Contact IBM Point of Contact Responsibilities Your Point of Contact Responsibilities IBM Authorized Services Contacts Responsibilities IBM Designated Services Contacts Responsibilities Your Authorized Security Contacts Responsibilities Your Designated Services Contacts Responsibilities Managed SIEM Foundational Features MSS Portal IBM MSS Portal Responsibilities Your MSS Portal Responsibilities IBM MSS Portal Users Responsibilities Your MSS Portal Users Responsibilities Security Reporting IBM Security Reporting Responsibilities Your Security Reporting Responsibilities IBM X-Force Threat Analysis IBM Security Intelligence Responsibilities Your Security Intelligence Responsibilities Managed SIEM Service Phases Phase One Project Initiation and Planning IBM Project Initiation and Planning Responsibilities Activity 1 - Kickoff Activity 2 - Requirements Definition and Planning Session Your Project Initiation and Planning Responsibilities Phase Two SIEM System Design IBM SIEM System Design Responsibilities Activity 1 - Process and Data Gathering Activity 2 - Detailed Functional and Non-Functional Requirements Definition and Documentation Activity 3 - Architecture Design Activity 4 - System Design Activity 5 - Design Review Your SIEM System Design Responsibilities Phase Three Implementation IBM SIEM System Implementation Responsibilities Activity 1 - Install Console Appliance Activity 2 - Customize Console Appliance Activity 3 - Deploy Log Collection for Production Environment Activity 4 - Deploy Flow Collection for Production Environment Z SSA Page 2 of 34

3 Activity 5 - Initial Tuning for Production Environment Your SIEM System Implementation Responsibilities Phase Four Integration and Transition IBM Integration and Transition Responsibilities Activity 1 - Staged Transition to Ongoing Operational Support Activity 2 - Reports Definition and Validation Activity 3 - Readiness Assessment Activity 4 - Initiate Steady State Operations Your Integration and Transition Responsibilities Phase Five Ongoing Operational Support IBM Ongoing Operational Support Responsibilities Activity 1 - Threat Analyst Event Monitoring and Notification Activity 2 - SIEM System Infrastructure Management Activity 3 - SIEM System Change Requests Your Ongoing Operational Support Responsibilities Managed SIEM Optional Features Custom Parser Creation IBM Custom Parser Creation Responsibilities Activity 1 - Custom Parser Creation Reports Generation, Review, and Analysis IBM Reports Generation, Review, and Analysis Responsibilities Activity 1 - Reports Generation, Review, and Analysis General SIEM Consulting IBM General SIEM Consulting Responsibilities Activity 1 - General SIEM Consulting Your General SIEM Consulting Responsibilities Ticket System Integration IBM Ticket System Integration Responsibilities Activity 1 - Ticket System Integration Your Ticket System Integration Responsibilities Vulnerability Scanner Integration IBM Vulnerability Scanner Integration Responsibilities Activity 1 - Vulnerability Scanner Integration QRadar Vulnerability Manager Integration and Management IBM Qradar Vulnerability Manager Integration and Management Responsibilities Activity 1 - Qradar Vulnerability Manager Integration and Management Your QVM Responsibilities Service Level Agreements SLA Overview SLA Definitions Service Availability Portal Availability Security Incident Identification and Notification SIEM Agent Health Alerting SLA Root Cause Analysis SLA Remedies Deliverable Materials Z SSA Page 3 of 34

4 9.0 Other Terms and Conditions Intellectual Property Services Components Permission to Perform Testing Disclaimer Employment of Assigned Personnel Z SSA Page 4 of 34

5 IBM Managed Security Information and Event Management IN ADDITION TO THE TERMS AND CONDITIONS SPECIFIED BELOW, THIS SERVICES DESCRIPTION INCLUDES THE IBM MANAGED SECURITY SERVICES GENERAL PROVISIONS ( GENERAL PROVISIONS ) LOCATED AT ibm.com/services/us/iss/html/contracts_worldwide_landing.html AND INCORPORATED HEREIN BY REFERENCE. 1.0 Scope of Services IBM Managed Security Information and Event Management ( Managed SIEM, MSIEM or Services ) is designed to help you plan, implement, manage, and monitor a SIEM System based on your identified business requirements. The Services features described herein are dependent upon the availability and supportability of products and product features being utilized. Even in the case of supported products, not all product features may be supported. Information on supported features is available from IBM upon request. This includes both IBM-provided and non-ibm-provided hardware, software, and firmware. This Services Description is between the Customer referenced herein (also called you and your ) and International Business Machines Corporation ( IBM, or Service Provider ). The MSIEM Service is performed in phases. Phase One Project Initiation and Planning: During this phase, IBM assists you with defining and compiling requirements and develops a Project Plan. Phase Two System Design: During this phase, IBM creates an architectural and system design for your environment. If the SIEM System is already deployed, IBM performs a design review. Phase Three Implementation: During this phase, if not already deployed, IBM installs and configures the SIEM System components and verifies that data is being transmitted and reported. Phase Four Integration and Transition: During this phase, IBM develops processes and corresponding documentation and begins transitioning management and monitoring to the operational support team. Phase Five Ongoing Operational Support: During this phase, IBM provides steady state management and monitoring of the SIEM infrastructure. 2.0 Definitions 2.1 General Terms Alert Condition ( AlertCon ) a global risk metric developed by IBM, using proprietary methods. The AlertCon is based on a variety of factors, including quantity and severity of known vulnerabilities, exploits for such vulnerabilities, the availability of such exploits to the public, mass-propagating worm activity, and global threat activity. The four levels of AlertCon are described in the MSS Portal. Authorized Security Contacts - your decision-maker on all operational issues pertaining to IBM Managed Security Services. Change Request (CR) a specific modification to the SIEM System configuration after the initiation of steady state operations including Event Source and SIEM System component moves, adds, and deletes, SIEM Agent reorganization, network hierarchy modifications, correlation Rule and policy exception alert creation or revision, and report creation beyond the original set. Designated Services Contacts - your decision-maker on a subset of operational issues pertaining to IBM Managed Security Services. Education Materials include, but are not limited to, lab manuals, instructor notes, literature, methodologies, electronic course and case study images, policies and procedures, and all other trainingrelated property created by or on behalf of IBM. Where applicable, Education Materials may include participant manuals, exercise documents, lab documents, and presentation slides provided by IBM. End Date the last date of Services based on the Project Start Date and Contract Period as specified in the Schedule. Event Source any operating system, application, agent, daemon, appliance, or device that will be transmitting security event logs or data to the SIEM System. Z SSA Page 5 of 34

6 IBM Managed Security Services ( IBM MSS ) Portal (called MSS Portal ) - provides access to an environment (and associated tools) designed to monitor and manage security posture by merging technology and service data from multiple vendors and geographies into a common, Web-based interface. Incident a security event that requires analysis, investigation, containment, eradication, remediation, or prevention. Information Request an that IBM sends to an Authorized Security Contact or Designated Services Contact to assist IBM with Incident investigation, Offense Rules refinement, and the proactive integration of outputs from the Incident management lifecycle into the overall SIEM System configuration. Issue a non-security event that requires analysis, investigation, or resolution. MSS Portal Users users of the MSS Portal with different levels of authorization to the MSS Portal. MSS Portal Users can have restricted, regular, or administrative MSS Portal access to all MSS Agent(s) or just a subset of MSS Agents(s). The MSS Portal views and permissions available to the Portal Users are dictated by the Authorized Security Contact. Service Feature a line item in the Schedule that describes a specific component of the Service and is associated with a one-time charge or monthly charge. Service Questionnaire a pre-defined list of data collection questions presented by IBM to you for completion prior to deployment or transition. Services Recipient any entity or individual receiving or using the Services, the results of the Services, or acting on behalf of the end user in receiving or using the Services, or the results of the Services. SIEM Agent - the term used to collectively describe any distributed SIEM component. SIEM System the hardware and software components and modules that collectively make up the Security Information and Event Management infrastructure. Ticket a record created in the problem reporting system that requires action to be taken by you or by IBM as appropriate. 2.2 QRadar Technology Terms Dashboard the default view that is displayed when logging into QRadar; it provides a customizable workspace environment that supports multiple assortments which can be used to view network security, activity, or data that QRadar collects. Device Support Module (DSM) the software component that parses incoming events into the QRadar standardized format. Flow a collection of packets constituting communication between hosts that share some common properties. Log Source maps incoming Event Source format to a DSM for parsing enhancement or parsing override. Magnitude - specifies the relative importance of the Offense and is a weighted value that is calculated based on relevance, severity, and credibility. Offense (also referred to as Incident if declared as such), a message sent or event generated in response to a monitored condition. For example, an Offense informs you if a policy has been breached or the network is under attack. It is an event that has been processed through QRadar using multiple inputs, individual events, and events combined with analyzed behavior and vulnerabilities. Magistrate prioritizes the Offenses and assigns a Magnitude value based on several factors including number of events, severity, relevance, and credibility. Offense Manager the interface used to configure Offenses. QRadar Vulnerability Manager (QVM) - this add-on module activated via a license key provides an integrated Dashboard which consolidates results from multiple vulnerability scanners, risk management solutions, and external threat intelligence; includes a high-speed internal scanner which supports discovery, non-authenticated, authenticated, and Open Vulnerability Assessment Language (OVAL) scans and external scanning capabilities to see the network from an attacker s viewpoint; allows suppression of acceptable, false positive, or otherwise non-mitigated vulnerabilities from ongoing reporting and presents data within the overall context of security and threat posture. Can be set up to run both dynamic and periodic scans. Z SSA Page 6 of 34

7 Rules a series of tests that monitors events and flows for a pattern or matching condition to generate a response, typically an Offense. Sentry monitors collections of Views (flow filters) to generate events and alerts. udsm a universal Device Support Module that is customized by IBM to parse incoming events from the native format of a customer-specific Event Source into the QRadar standardized format. View an on-screen display of data that is organized in a specific way that normalizes flow data and defines how flow data is filtered. 2.3 Service Roles Unless otherwise stated within the Communication Plan, the support resources assigned as Deployment Engineer, Security Services Manager, Senior Consultant, and Transition Architect will have limited hours of coverage and support will be provide 9:00 a.m. to 5:00 p.m. Monday through Friday in the time zone selected by you (also referred to as Business Hours, ) except national and your designated holidays. Deployment Engineer The Deployment Engineer (DE) assists with the installation of the SIEM System components. This role participates in Phases One through Three as needed. Security Services Manager The Security Services Manager (SSM) also serves as an advisor and liaison to broader IBM resources, takes direction from your point of contact, and provides project management, contract management, oversight, service delivery expertise, and operational leadership to the IBM team. This role participates in all Phases throughout the contract term. Senior Consultant The Consultant participates in Phases One through Four to collect and map functional and non-functional requirements, offer strategic advice to stakeholders as it pertains to in scope Services, and provide a macro and micro design or design review of the SIEM System. This role also participates in the Readiness Assessment to ensure that the SIEM configuration is primed for a smooth transition to the operational support team. SIEM System Administrator The SIEM System Administrator (Admin) participates in Phases Three through Five to manage the SIEM System infrastructure and perform system administration, configuration, tuning, reports generation, and various customization activities for the environment. SIEM Analyst The SIEM Analysts (also referred to as, Threat Analysts, and SOC Analysts, ) participate in Phases Four and Five, comprising the operational support team that provides Rule customization recommendations and eyes on-screen monitoring for alert and Incident workflow management and daily manual reports review and analysis when this optional Service Feature is purchased. Transition Architect The Transition Architect (TA) participates in Phases One through Four to coordinate and execute the transition activities to transfer management and monitoring of the SIEM System to the operational support team. 3.0 Managed SIEM Services Contacts 3.1 Security Operations Center The Services are delivered from IBM Security Operations Centers ( SOCs ). IBM will provide access to the SOCs 24 hours per day, seven days per week during Steady State Operations. 3.2 Points of Contact To facilitate communications with the IBM team you will be asked to provide contacts and their access levels so that the IBM staff can validate the identity and authority of the contact prior to making system changes. Services Recipient may choose from multiple levels of access in order to accommodate varying roles within your organization: Transition Focal, Authorized Security Contacts, Designated Services Contacts, and MSS Portal Users IBM Point of Contact Responsibilities IBM will provide a Security Services Manager (SSM) who will be IBM s focal point during performance of the Services. The IBM SSM will: a. review the Services Description and associated documents with your Point of Contact; b. serve as a single point of contact to the account management and delivery teams for operational security-related activities during Transition and as the contract focal during Steady State Operations; Z SSA Page 7 of 34

8 c. maintain and oversee relationships for delivery organizations providing security support; d. establish and maintain communications through your Point of Contact, as defined in the section titled Your Point of Contact Responsibilities ; e. oversee the management of operational security activities, processes, and policies as required; f. coordinate and manage the technical activities of IBM s assigned personnel; g. track and assist in the management of the resolution of reported operational security issues, recommend actions, review plans, and monitor progress of remediation activities; h. develop and maintain a Report List for the Monthly Status Report; i. work with the security team on the account to produce the Monthly Status Report and deliver to your Point of Contact within the scheduled timeframe; j. work jointly with you to manage the priority of new Event Source deployment and participate in technology roadmap discussions; k. manage Change Requests via the Contract Change Control Procedure specified in the Schedule; l. conduct weekly briefings via teleconference with your Point of Contact and your Key Stakeholders; and m. conduct monthly operational review teleconferences or on-site meetings with your Point of Contact and your Key Stakeholders to review security status, risks, Issues, Incidents, outstanding activities, and trends Your Point of Contact Responsibilities Prior to the start of the Services, you will designate a person ("your Point of Contact"), to whom all communications relative to the Service will be addressed and who will have the authority to act on your behalf in all matters regarding this Services Description until Authorized Security Contacts and Designated Services Contacts are defined and included in the Communications Plan and/or the MSS Portal. Your Point of Contact will: a. serve as the interface between IBM s project team and your key stakeholders as it pertains to the Service; b. provide an executive sponsor for the Service to communicate management commitment to the project; c. facilitate IBM access to your existing applications and technical infrastructure; d. ensure all tasks that impact resource utilization are authorized in a timely manner; e. obtain and provide applicable information, data, consents, decisions and approvals as required by IBM to perform the Services, within two business days of IBM s request; f. ensure, to the extent possible, participation by various management levels with representative skills and data protection ownership and mandates within the business units, security group, information technology, audit and risk departments, and operations management at your facility; g. provide specific documentation with regard to information security policy, standards, and audit controls that could assist with the discovery and requirements definition process; h. define Authorized Security Contacts; i. delegate authority for these responsibilities to at least one Authorized Security Contact if different from your Point of Contact; and j. help resolve Services Issues and escalate Issues within your organization, as necessary IBM Authorized Services Contacts Responsibilities IBM will: a. allow you to create up to three Authorized Security Contacts; b. provide each Authorized Security Contact with: (1) administrative MSS Portal permissions to your MSS Agent(s) as applicable; (2) the authorization to create unlimited Designated Services Contacts and MSS Portal Users; (3) the authorization to delegate responsibility to Designated Services Contacts; Z SSA Page 8 of 34

9 c. interface with Authorized Security Contacts regarding support and notification issues pertaining to the MSS Features; and d. verify the identity of Authorized Security Contacts using an authentication method that utilizes a preshared challenge pass phrase IBM Designated Services Contacts Responsibilities IBM will: a. verify the identity of Designated Services Contacts using an authentication method that utilizes a pre-shared challenge pass phrase; and b. interface only with Designated Services Contacts regarding the subset of operational issues for which such contact is responsible Your Authorized Security Contacts Responsibilities You agree to: a. provide IBM with contact information for each Authorized Security Contact. Such Authorized Security Contacts will be responsible for: (1) creating Designated Services Contacts and delegating responsibilities and permissions to such contacts, as appropriate; (2) authenticating with the SOCs using a pre-shared challenge pass phrase; and (3) maintaining notification paths and your contact information, and providing such information to IBM; b. ensure at least one Authorized Security Contact is available 24 hours per day, seven days per week; c. update IBM within three calendar days when your Authorized Security Contact information changes; and d. acknowledge that you are permitted to have no more than three Authorized Security Contacts regardless of the number of IBM Managed Security Services for which you have contracted Your Designated Services Contacts Responsibilities You agree to: a. provide IBM with contact information and role responsibility for each Designated Services Contact (such Designated Services Contacts will be responsible for authenticating with the SOCs using a passphrase); and b. acknowledge that a Designated Services Contact may be required to be available 24 hours per day, seven days per week based on the subset of responsibilities for which he/she is responsible. 4.0 Managed SIEM Foundational Features Foundational features are included with all variations of the Managed SIEM service regardless of size, complexity, geography, or underlying SIEM technology and are not optional during the initial Contract Period. There may be different levels of a feature that are provided, however these features are included with all Managed SIEM services. IBM will provide MSIEM Transition based on the complexity level and for the one-time charge specified in the Schedule. 4.1 MSS Portal The MSS Portal provides access to an environment (and associated tools) designed to monitor and manage the security posture by merging technology and service data from multiple vendors and geographies into a common, Web-based interface. The Portal may also be used to deliver Education Materials. All such Education Materials are licensed not sold and remain the exclusive property of IBM. IBM grants you a license in accordance with the terms provided in the Portal. EDUCATION MATERIALS ARE PROVIDED AS IS AND WITHOUT WARRANTY OR INDEMNITY OF ANY KIND BY IBM, EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON- INFRINGEMENT OF PROPRIETARY AND INTELLECTUAL PROPERTY RIGHTS IBM MSS Portal Responsibilities IBM will: Z SSA Page 9 of 34

10 a. provide access to the MSS Portal 24 hours per day, seven days per week, except during maintenance windows and emergency maintenance if required. The MSS Portal will provide: (1) multiple levels of access for MSS Portal Users; (2) security intelligence awareness and alerting; (3) security Incident and/or service Ticket information; (4) ticketing and workflow initiation and updates; (5) interaction with SOC analysts; (6) access to Education Materials in accordance with the terms provided in the MSS Portal; and b. provide a username, password, URL, and appropriate permissions to access the MSS Portal Your MSS Portal Responsibilities You agree to: a. utilize the MSS Portal to perform daily operational Services activities; b. ensure your employees accessing the MSS Portal on your behalf comply with the Terms of Use provided therein including, but not limited to, the terms associated with Educational Materials; c. appropriately safeguard your login credentials to the MSS Portal (including not disclosing such credentials to any unauthorized individuals); d. promptly notify IBM if a compromise of your login credentials is suspected; and e. indemnify and hold IBM harmless for any losses incurred by you or other parties resulting from your failure to safeguard your login credentials IBM MSS Portal Users Responsibilities IBM will: a. provide multiple levels of access to the MSS Portal, as follows: (1) administrative user capabilities which will include: (a) creating Portal users; (b) submitting Services requests to the SOCs; (c) live chat communications with SOC analysts regarding specific Incidents or tickets, generated as part of the Services; (d) creating internal Services-related tickets and assigning such Tickets to Portal users; (e) querying, viewing, and updating Services-related tickets; and (2) regular user capabilities which will include all of the capabilities of an administrative user, for the SIEM Agents to which they have been assigned, with the exception of creating Portal users; (3) restricted user capabilities which will include all of the capabilities of a regular user, for the SIEM Agents to which they have been assigned, with the exception of: (a) creating and submitting Services requests; and (b) updating tickets; and b. authenticate MSS Portal Users using a static password; and c. authenticate MSS Portal Users using two-factor authentication tokens you provide (RSA SecureID) Your MSS Portal Users Responsibilities You agree: a. that Portal users will use the Portal to perform daily operational Services activities; b. to be responsible for providing IBM-supported RSA SecureID tokens (as applicable); and c. acknowledge the SOCs will only interface with Authorized Security Contacts and Designated Services Contacts. Z SSA Page 10 of 34

11 4.2 Security Reporting Security reporting is provided using a combination of the MSS Portal and the native SIEM System console IBM Security Reporting Responsibilities IBM will provide you with access to reporting capabilities within the MSS Portal which includes relative information associated with the Service. Information may include, but is not limited to, some or all of the following (where applicable): a. number of SLAs invoked and met; b. number, types, and summary of Services requests / Tickets; c. number of security Incidents detected and their priority and status; and d. list and summary of security Incidents Your Security Reporting Responsibilities You agree to: a. generate MSS operational reports using the MSS Portal; b. be responsible for scheduling MSS operational reports as desired within the MSS Portal; and c. retrieve SIEM-generated reports from the SIEM System console. 4.3 IBM X-Force Threat Analysis Security intelligence is provided by the IBM X-Force Threat Analysis Center. The X-Force Threat Analysis Center publishes an Internet threat-level. The Internet threat-level describes progressive alert postures of current Internet security threat conditions. In the event Internet threat-level conditions are elevated to AlertCon 3, indicating focused attacks that require immediate defensive action, IBM will provide you with real-time access into IBM s global situation briefing. Utilizing the MSS Portal, you can create a vulnerability watch list with customized threat information. In addition, each MSS Portal User can request to receive an Internet assessment each business day. This assessment provides an analysis of the current known Internet threat conditions, real-time Internet port metrics data, and individualized alerts, advisories and security news. NOTE: Your access and use of the security intelligence provided via the Portal (including the daily Internet assessment ) is subject to the Terms of Use provided therein. Where such Terms of Use conflict with the terms of this Agreement, the Portal Terms of Use shall prevail over this Agreement. In addition to the Terms of Use provided in the Portal, your use of any information on any links or non-ibm Web sites and resources are subject to the terms of use posted on such links, non-ibm Web sites, and resources IBM Security Intelligence Responsibilities IBM will: a. provide access, via the MSS Portal, to the X-Force Hosted Threat Analysis Service for all MSS Portal Users; b. display security information on the MSS Portal as it becomes available; c. if configured by you, provide security intelligence specific to your defined vulnerability watch list, via the MSS Portal; d. if configured by you, provide an Internet security assessment based on your subscription, each business day; e. publish an Internet threat-level via the MSS Portal; f. declare an Internet emergency if the daily Internet threat-level level reaches threat-level 3; g. provide MSS Portal feature functionality to create and maintain a vulnerability watch list; h. provide additional information about an alert, advisory, or other significant security issue as IBM deems necessary; and i. provide access to the regularly produced IBM X-Force Threat Analysis Service Reports, via the MSS Portal. Z SSA Page 11 of 34

12 4.3.2 Your Security Intelligence Responsibilities You will use the MSS Portal to: a. subscribe to the daily Internet security assessment , at your option; b. create a vulnerability watch list, if desired; c. access the IBM X-Force Threat Analysis Service Reports; and d. adhere to the licensing agreement and not forward Services information to individuals who do not have a proper license. 5.0 Managed SIEM Service Phases 5.1 Phase One Project Initiation and Planning During Phase One, the Project Plan will be created, validated, and modified as required. At the completion of this phase and prior to proceeding with further activities in this Services Description, your Point of Contact and the IBM Security Services Manager will assess the results of the Planning Session and either: 1) continue with the Services as described in this Services Description, or 2) upon request, review the possibility of modifying your contract using the Contract Change Procedure. Upon Services renewal, Project Initiation and Planning activities are not included as part of your ongoing renewable services contract IBM Project Initiation and Planning Responsibilities Activity 1 - Kickoff The purpose of this activity is to finalize the project team members, develop a common understanding of the Service objectives, roles, and responsibilities, and assess your readiness to implement the Service by confirming that the appropriate information is documented. IBM will: a. facilitate a project initiation teleconference, for up to four hours, on a mutually agreed date and time to: (1) initiate the project; (2) introduce the project participants; (3) discuss project team roles and responsibilities; (4) review the project objectives; (5) provide an overview of the project methodology; (6) review your environment and organization, including: (a) location(s) to be included in the Services; and (b) emergency contact plan, including event triggers and establishment of designated telephone number(s) and address(es); b. provide the Service Questionnaire to you for completion which includes, but is not limited to, data gathering questions such as: (1) team member names, contact information, roles and responsibilities; (2) unique country and site requirements; (3) network infrastructure, addressing, and environmental data; (4) Event Source inventory; and (5) key business drivers and/or dependencies that could influence Service delivery or timelines; c. develop a preliminary schedule of activities; and d. agree on a date and time for the Planning Session. Completion Criteria: This activity will be complete when the project initiation teleconference has been conducted. Activity 2 - Requirements Definition and Planning Session The purpose of this activity is to compile your requirements and create a Project Plan with timeline and milestones. IBM will conduct a Planning Session for up to eight hours in duration on your premise to Z SSA Page 12 of 34

13 assess the environment and define SIEM System requirements. During and subsequent to the Planning Session, IBM will: a. review the completed Service Questionnaire; b. review and confirm your business objectives; c. review existing security policy; d. review existing IT security environment; e. perform an architecture review and analysis to identify network infrastructure and communication requirements; f. discuss industry regulations and standards that drive your data protection requirements for security auditing and event management; g. provide you with a network access requirements document which details: (1) how IBM will connect remotely to your network; and (2) specific technical requirements to enable such remote connectivity; h. connect to your network through the Internet, using your standard access methods; i. if appropriate, utilize a site-to-site virtual private network ( VPN ) to connect to your network; j. create a Project Plan that includes: (1) activities and tasks for this Services Description; (2) target start dates for the activities in this Services Description; (3) target completion dates for the deliverables in each activity as applicable; (4) identified milestones; and (5) responsible persons and organizations; and k. review the Project Plan with your Point of Contact; Completion Criteria: This activity will be complete when IBM has delivered the initial Project Plan to your Point of Contact. Deliverable Materials: Project Plan, consisting of the following: (1) activities and tasks for this Services Description; (2) target start dates for the activities in this Services Description; (3) target completion dates for the deliverables in each activity as applicable; (4) identified milestones; and (5) responsible persons and organizations Your Project Initiation and Planning Responsibilities You agree to: a. work with IBM to schedule the project initiation teleconference such that all participants have enough notice to attend; b. ensure, to the extent possible, that all your key stakeholders participate in the project initiation teleconference and/or the Planning Session; c. work with IBM to schedule the Planning Session such that all participants have enough notice to attend; d. invite and confirm attendance of all intended participants of the Planning Session, and arrange the meeting room and all logistics on your premise; e. complete and deliver to the SSM, the Service Questionnaire five days prior to the Planning Session; f. review each party s respective responsibilities; g. schedule a review of the Project Plan such that all participants have enough notice to attend; h. review and comment on the draft Project Plan to ensure IBM can finalize the plan within five business days after submitting the draft to your Point of Contact; and i. provide subject matter experts for each of the in-scope Event Sources. Z SSA Page 13 of 34

14 5.2 Phase Two SIEM System Design IBM SIEM System Design Responsibilities During this phase, IBM will work with you to design the elements of the SIEM System based on whether the Services include full implementation and transition or just transition if already deployed. Upon Services renewal, SIEM System Design activities are not included as part of your ongoing renewable services contract. Activity 1 - Process and Data Gathering The purpose of this activity is to gather and review process documentation and data elements that will be needed to develop or review the SIEM strategy for your environment, objectives, and constraints. IBM will: a. conduct interview(s) and review documentation to establish the business goals, security objectives, and high-level requirements relevant to the SIEM implementation; b. collect and review IT process documentation which may include: (1) Incident management; (2) change management; (3) problem management; (4) configuration management (including asset management); (5) security management (including vulnerability management and risk assessments); (6) availability management; and (7) SOC operations; b. collect and review the following data elements: (1) data and Log Sources; (2) Flow sources; (3) QFlow sources; (4) network structure; (5) vulnerability tools; (6) asset data; and (7) application listing; and c. compile collected process documentation and data elements within a central repository for use by IBM delivery personnel and your Authorized Security and Designated Services Contacts. Completion Criteria: This activity will be complete when the aforementioned process documentation and data elements have been collected or that collection is waived by you if non-existent, outdated, or otherwise deemed by you or IBM not adequate for inclusion in the design strategy or deliverable. If waived by you or IBM, IBM reserves the right to make assumptions in the design which may require a scope change via the Contract Change Procedure. Activity 2 - Detailed Functional and Non-Functional Requirements Definition and Documentation The purpose of this activity is to define, document, and map (or review if already deployed) functional and non-functional requirements for the SIEM System. IBM will: a. collaborate with you to define, document, and map the following functional requirements as they pertain to the SIEM System: (1) logging; (2) Event collection; (3) normalization; (4) correlation; (5) storage; (6) system access; Z SSA Page 14 of 34

15 (7) reporting; and (8) customization requirements; b. collaborate with you to define, document, and map the following non-functional requirements as they pertain to the SIEM System: (1) monitoring; (2) retention; (3) reporting; (4) regulatory and contractual considerations; (5) high availability; and (6) disaster recovery. Completion Criteria: This activity will be complete when the aforementioned functional and nonfunctional requirements have been documented, or are waived by you if non-existent, outdated, or otherwise deemed by you or IBM not adequate for inclusion in the design strategy or deliverable. If waived by you or IBM, IBM reserves the right to make assumptions in the design which may require a scope change via the Contract Change Procedure. Activity 3 - Architecture Design The purpose of this activity is to develop, modify, or, if already deployed, review the high-level architectural design for the Service. IBM will: a. design and document or review architecture for installing the SIEM System hardware and software components (if not already deployed); and b. review SIEM System architecture and make recommendations based on findings identified in the Process and Data Gathering and Detailed Functional and Non-Functional Requirements Definition and Documentation Activities. Completion Criteria: This activity will be complete when IBM has reviewed the SIEM System architecture. Activity 4 - System Design The purpose of this activity is to develop both macro and micro system design elements to be implemented in order to reach an initial steady state of operations. IBM will: a. define at the macro system design level: (1) data/event source collection protocols and methods; (2) asset risk weighting criteria; (3) asset classification profiles; (4) compliance groupings for assets; (5) vulnerability scanner usage, configuration, and frequency; (6) final reporting requirements (functional and non-functional); (7) custom data source requirements (or validate if already defined); (8) use case frameworks; (9) customization requirements; (10) Dashboard requirements for the SIEM console; and (11) user accounts and roles; b. define at the micro system design level: (1) data/event source phased integration plan; (2) use cases; (3) alert classification criteria; Z SSA Page 15 of 34

16 (4) vulnerability management systems and process integration plan; and (5) your network hierarchy (including risk weighting) and associated objects; c. prepare the SIEM Macro and Micro Design deliverable which will include: (1) strategy considerations including but not limited to SIEM business drivers and goals, SIEM security objectives, and functional and non-functional requirements; and (2) architectural, macro, and micro design elements as defined in this Activity. Completion Criteria: This activity will be complete when IBM has completed the system design. Activity 5 - Design Review The purpose of this activity is to review the design and finalize the Project Plan. IBM will: a. review the architecture and system design; b. perform one revision of the Project Plan as appropriate; c. deliver the final Project Plan to your Point of Contact; d. deliver the SIEM Macro and Micro Design to your Point of Contact, and e. if requested, review the design and Project Plan with your Point of Contact and your key stakeholders via teleconference or electronically. Completion Criteria: This activity will be complete when the SSM has delivered the SIEM Macro and Micro Design and the final Project Plan report to your Point of Contact. Deliverable Materials: SIEM System Macro and Micro Design and updated Project Plan The SIEM System Macro and Micro Design will comprise strategy considerations including SIEM business drivers, SIEM security objectives, and functional and non-functional requirements. Additionally at the macro and micro architectural level, it will include SIEM use cases, SIEM and vulnerability management system and process integration plan, SIEM alert classification criteria, SIEM data/log source phased integration plan, SIEM reporting requirements, SIEM user accounts and roles, SIEM Dashboards, SIEM udsm integration, preliminary SIEM network hierarchy weighted by risk, and preliminary asset groups weighted by risk Your SIEM System Design Responsibilities In order to develop a successful system design for the Service, your participation is necessary. You agree to: a. provide current network topology diagrams and/or textual descriptions of data and communications paths, protocols, media types, and bandwidth capacity to IBM; and b. participate in the design process as needed. 5.3 Phase Three Implementation IBM SIEM System Implementation Responsibilities During this phase, if this optional Service Feature is purchased as specified in the Schedule, IBM will install and configure the SIEM System in the production environment and assist with transition to managed operations as documented in the Project Plan. Any required changes to the Project Plan will be handled by the IBM SSM who will either: 1) continue with the Services as described in this Services Description, or 2) use the Contract Change Procedure to modify the Services scope and corresponding Schedule. Completion of Phase Two activities, or making available information equivalent to that resulting from Phase Two activities, is a prerequisite for the commencement of the Implementation services described herein. Upon Services renewal, Implementation activities are not included as part of your ongoing renewable services contract. Activity 1 - Install Console Appliance The purpose of this activity is to install and configure the console appliance. IBM will: a. configure the following settings: (1) hostname; (2) IP address; Z SSA Page 16 of 34

17 (3) default gateway; (4) domain name servers (DNS); (5) server; (6) passwords; and (7) license key; b. test connectivity through HTTPS and SSH and ensure that the system is functioning correctly; c. login to the administrative interface to perform the following: (1) user and role creation and management; (2) system configuration (thresholds, authentication); (3) Log Source configuration; (4) Flow Source configuration, if included in the SIEM Macro and Micro Design: (5) vulnerability assessment configuration, if included in the SIEM Macro and Micro Design; (6) Offense resolution configuration; (7) Sentry and View configuration; (8) license management; (9) backup and restore functions; (10) local firewall; (11) management of internal collector interfaces; (12) system date and time; (13) database retention periods and filtering options, if applicable; (14) SNMP settings; and (15) automatic updates. Completion Criteria: This activity will be complete when the console appliance is installed and functioning as documented in the Project Plan. Activity 2 - Customize Console Appliance The purpose of this activity is to customize and tune the console appliance for your environment. IBM will: a. customize Views; b. build basic network hierarchy; c. backup the configuration file; d. analyze and review traffic; e. determine if equations for detecting threats in traffic are appropriate for your requirements; f. adjust equations in accordance with your needs; g. create a threat exception group if necessary; h. create Sentries for alerts; i. analyze and identify appropriate Views/layers where Sentry can be applied; j. add one of each type of Sentry to a View; k. verify that Sentry works as desired; l. configure Offense Manager; m. create and test one custom Rule; n. configure custom Dashboard for up to 10 users; o. demonstrate capabilities of Dashboard to your staff; and p. configure additional SIEM Agents per the SIEM Macro and Micro Design. Z SSA Page 17 of 34

18 Completion Criteria: This activity will be complete when the console appliance has been customized for your environment. Activity 3 - Deploy Log Collection for Production Environment The purpose of this activity is to deploy log collection in the production environment. IBM will collect events from up to three instances of the Log Source types as defined in the design phase. Only Log Sources natively supported by standard Device Support Modules (DSMs) will be collected. No custom parsers or udsms will be created in this activity. Log Source collection is limited to standard configuration guidelines as documented in the latest version of the Configuring DSMs Guide which will be provided to you upon request. Completion Criteria: This activity will be complete when IBM has collected events from up to three instances of the Log Source types for the production environment. Activity 4 - Deploy Flow Collection for Production Environment The purpose of this activity is to deploy Flow collection in the production environment if Flow Collectors/Processors are included in the SIEM Macro and Micro Design. IBM will collect network activity from up to three instances of Flow sources. Flow Source collection is limited to standard configuration guidelines as documented in the latest version of the Configuring DSMs Guide which will be provided to you upon request. Completion Criteria: This activity will be complete when IBM has deployed flow collection, if applicable, in the production environment. Activity 5 - Initial Tuning for Production Environment The purpose of this activity is to perform initial tuning which is focused on enabling out-of-the-box content as well as reducing white noise and false positives. IBM will: a. refer to the system design to perform initial tuning to include: (1) identifying and removing sources of noise; (2) activating Rules, saved searches, and accumulated time series graphs; (3) scheduling reports and modifying reports to meet your requirements; and (4) customizing Dashboards per the SIEM Macro and Micro Design; b. lead your technical personnel through the tuning process to reduce the number of Offenses to a practical level for the environment; and c. collaborate with you and other IBM delivery personnel to determine which standard alerting and reporting elements to enable. Completion Criteria: This activity will be complete when IBM has performed initial tuning in the production environment Your SIEM System Implementation Responsibilities You agree to: a. be responsible for the procurement and provision of all hardware and software; b. be responsible for the physical installation, rack mounting, powering, and network addressing of all SIEM System components and any other necessary equipment; c. ensure and validate that backups of system and user data have been performed before the SIEM System components are deployed; d. provide change management control for your infrastructure changes; e. meet the following pre-requisites prior to the commencement of Phase Three: (1) make final selection of solution and technical architectures; (2) request support access; Z SSA Page 18 of 34

19 (3) request license keys from IBM Support; (4) record installation key(s) located on appliance(s) (sticker placed on top of appliance or located with shipping documentation); (5) rack, power, and cable the appliances; (6) attach monitor & keyboard (or provide KVM/DRAC equivalent) to all appliances or provide equivalent access, if requested; (7) provide hot network connectivity to all appliances; (8) identify appliance network settings: Hostname, IP Address, Subnet mask, Default gateway, NTP/DNS/Mail servers; (9) if requested, provide a workstation to IBM delivery personnel for connecting to the QRadar console that has the following attributes: (a) can access the QRadar console on TCP ports 22, 10000, 80 and 443; (b) has operational secure shell (SSH) and secure copy (SCP/SFTP) programs installed; (c) has a recent version of Mozilla Firefox (preferred), or Internet Explorer 8.0 or 9.0 with Compatibility View enabled; (d) has Java Runtime Environment version 1.6 or above installed; and (e) has Adobe Flash 10.x installed; (10) if requested, configure firewalls between the workstation and the QRadar console to allow the specified connections as instructed by QRadar technical product documentation; (11) configure span/mirror ports and/or taps, if necessary and defined in the SIEM Macro and Micro Design; (12) identify Event Sources, type, and numbers for log collection; (13) identify vulnerability scanner systems desired for integration into QRadar if included in the SIEM Macro and Micro Design; (14) identify Network Hierarchy: Subnet Name, Description, IP/CIDR values, Risk weight (see Install Guide and/or Admin Guide for additional information); (15) identify Critical Assets: Hostname, IP address(s), type (domain controller, mail, web, DNS, scanners, firewalls, etc.); f. enable appropriate audit (log) settings and communications channels on the Event Sources and direct the Event Sources to the SIEM System; g. configure Event Sources per the Configuring DSMs Guide; h. be responsible for configuring audit settings in support of certain report features; i. be responsible for validating and approving outputs from each activity as requested by IBM; j. be responsible for system and data restore in the event of a production system malfunction after the SIEM Agent is deployed; k. be responsible for defining your data security and protection requirements and ensuring IBM has all relevant inputs to proceed with documenting and prioritizing the policies and deployment; l. grant access up to and including full administrative rights as appropriate to IBM personnel for SIEM System components as required for on-site and remote service delivery within one week of Contract Start Date; m. provide a general description of Event Sources, including applicable Log Sources, Flow Sources, and Assets as identified by vulnerability scans to IBM; n. provide Log Source samples to IBM for the creation of udsms/custom agents if requested; o. provide direct access by IBM to subject matter experts who are responsible for the management of the core purpose of each Event Source platform; p. ensure that your staff is available to provide such assistance as IBM reasonably requires and that IBM is given reasonable access to your senior management, as well as any members of your staff to enable IBM to provide the Services and ensure that your staff has the appropriate skills and experience; Z SSA Page 19 of 34

20 q. provide all information and materials reasonably required to enable IBM to provide the Services and that all information disclosed or to be disclosed to IBM is and will be true, accurate, and not misleading in any material respect; r. provide configuration information as requested by IBM to deliver the Services; s. attend project meetings as requested by IBM to deliver the Services; t. make available appropriate staff to shadow deployment activities for knowledge transfer purposes; and u. acknowledge that IBM will not be liable for any loss, damage, or deficiencies in the Services, if any, arising from inaccurate, incomplete, or otherwise defective information and materials supplied by you. 5.4 Phase Four Integration and Transition During this phase, IBM will transition the Service to the IBM operational support team, as documented in the Project Plan. Any required changes to the Project Plan will be handled by the IBM SSM who will either: 1) continue with the Services as described in this Services Description, or 2) use the Contract Change Procedure to modify the Services scope and corresponding Schedule. Completion of Phase Three activities, or making available information equivalent to that resulting from Phase Three activities, is a prerequisite for the commencement of the Integration and Transition activities described herein. Upon Services renewal, Integration and Transition activities are not included as part of your ongoing renewable services contract IBM Integration and Transition Responsibilities Activity 1 - Staged Transition to Ongoing Operational Support The purpose of this activity is to document essential operational elements of the Service and begin the transition of SIEM System management and monitoring to IBM. IBM will: a. review existing security operations processes and documentation; b. create a Communications Plan; c. create a Runbook; d. work jointly with you to define, and document how changes are considered, initiated, processed, recorded, and administered into a mutually agreed upon change management process; e. determine, develop, and review detailed reporting requirements for in scope Event Sources; f. review transition procedures and processes; g. demonstrate MSS Portal features to MSS Portal Users; h. review connectivity needs and access establishment for ongoing service readiness; i. review the draft documents with your Point of Contact; j. recommend modifications, upgrades, or policies based on findings; and k. perform one revision of the documents, if required. Completion Criteria: This activity will be complete when IBM has delivered the Runbook and Communications Plan electronically to your Point of Contact. Deliverable Materials: Runbook and Communications Plan The Communications Plan will comprise: (1) information and knowledge sharing process and vehicle among workgroups, business units, and third party entities as it pertains to the Service; (2) Your Point of Contact and Backup Point of Contact; (3) Authorized Security Contacts; (4) Designated Services Contacts; (5) report recipient list; (6) your key stakeholder list; (7) communications criteria including rules of engagement; (8) security Incident escalation paths; Z SSA Page 20 of 34

IBM Managed Security Services (Cloud Computing) hosted mobile device security management

IBM Managed Security Services (Cloud Computing) hosted mobile device security management IBM Managed Security Services (Cloud Computing) hosted mobile device security management Z125-8855-00 11-2011 Page 1 of 15 Table of Contents 1. Scope of Services... 3 2. Definitions... 3 3. Services...

More information

3.1 Security Operations Centers. 3.2 Portal. 3.3 Services Contacts

3.1 Security Operations Centers. 3.2 Portal. 3.3 Services Contacts Services Description IBM United Kingdom Limited Registered in England: 741598 Registered Office: PO Box 41, North Harbour, Portsmouth, PO6 3AU (hereinafter IBM ) IBM Managed Security Services (Cloud Computing)

More information

IBM Managed Security Services (Cloud Computing) hosted e-mail and Web security - express managed Web security

IBM Managed Security Services (Cloud Computing) hosted e-mail and Web security - express managed Web security IBM Managed Security Services (Cloud Computing) hosted e-mail and Web security - express managed Web security INTC-8608-01 CE 12-2010 Page 1 of 8 Table of Contents 1. Scope of Services...3 2. Definitions...3

More information

How To Use Ibm Managed Security Services (Cloud Computing) On A Pc Or Macbook Or Ipa (For Pc) On An Ipa Or Ipam (For Macbook) On Your Pc Or Ipom (For Ipa) On

How To Use Ibm Managed Security Services (Cloud Computing) On A Pc Or Macbook Or Ipa (For Pc) On An Ipa Or Ipam (For Macbook) On Your Pc Or Ipom (For Ipa) On IBM Managed Security Services (Cloud Computing) - Hosted Security Event and Log Management - Standard Z125-8477-01 11-2010 Page 1 of 19 Table of Contents 1. Scope of Services... 3 2. Definitions... 3 3.

More information

Services Description IBM Infrastructure Security Services - Unified Threat Management - Select

Services Description IBM Infrastructure Security Services - Unified Threat Management - Select Services Description IBM Infrastructure Security Services - Unified Threat Management - Select IBM United Kingdom Limited Registered in England: 741598 Registered Office: PO Box 41, North Harbour, Portsmouth,

More information

Services Description. IBM Managed Security Services (Cloud Computing) - Hosted Vulnerability Management

Services Description. IBM Managed Security Services (Cloud Computing) - Hosted Vulnerability Management Services Description IBM United Kingdom Limited Registered in England: 741598 Registered Office: PO Box 41, North Harbour, Portsmouth, PO6 3AU (hereinafter IBM ) IBM Managed Security Services (Cloud Computing)

More information

Services Description. IBM Managed Security Services (Cloud Computing) - Hosted Security Event and Log Management - Select

Services Description. IBM Managed Security Services (Cloud Computing) - Hosted Security Event and Log Management - Select Services Description IBM United Kingdom Limited Registered in England: 741598 Registered Office: PO Box 41, North Harbour, Portsmouth, PO6 3AU (hereinafter IBM ) IBM Managed Security Services (Cloud Computing)

More information

Service Description IBM Infrastructure Security Services firewall management - managed VPN concentrator

Service Description IBM Infrastructure Security Services firewall management - managed VPN concentrator IBM United Kingdom Limited Registered in England: 741598 Registered Office: PO Box 41, North Harbour, Portsmouth, PO6 3AU (hereinafter IBM ) Service Description IBM Infrastructure Security Services firewall

More information

Extreme Networks Security Analytics G2 Vulnerability Manager

Extreme Networks Security Analytics G2 Vulnerability Manager DATA SHEET Extreme Networks Security Analytics G2 Vulnerability Manager Improve security and compliance by prioritizing security gaps for resolution HIGHLIGHTS Help prevent security breaches by discovering

More information

IBM Vulnerability Management Service

IBM Vulnerability Management Service 1. Service Overview IBM Ireland Limited Registered in Dublin: No. 16226 Registered Office: Oldbrook House Service Description 24-32 Pembroke Road Ballsbridge, Dublin 4. IBM Vulnerability Management Service

More information

IBM Security QRadar Vulnerability Manager

IBM Security QRadar Vulnerability Manager IBM Security QRadar Vulnerability Manager Improve security and compliance by prioritizing security gaps for resolution Highlights Help prevent security breaches by discovering and highlighting high-risk

More information

IBM Security QRadar Vulnerability Manager Version 7.2.1. User Guide

IBM Security QRadar Vulnerability Manager Version 7.2.1. User Guide IBM Security QRadar Vulnerability Manager Version 7.2.1 User Guide Note Before using this information and the product that it supports, read the information in Notices on page 61. Copyright IBM Corporation

More information

THIS PAGE NOT FOR RELEASE TO CUSTOMER

THIS PAGE NOT FOR RELEASE TO CUSTOMER Guidance for Use of This Document THIS PAGE NOT FOR RELEASE TO CUSTOMER Use this Guidance page to determine if this SOW fits your Customer's needs. Discard it prior to presenting the SOW to your Customer.

More information

Device Management Module (North America)

Device Management Module (North America) Device Management Module (North America) Part Number: MSFSEU-10 Motorola's device management module is designed to be utilized alongside an existing Motorola Service Center Support Bronze, Service Center

More information

Oracle Fixed Scope Services Definitions Effective Date: October 14, 2011

Oracle Fixed Scope Services Definitions Effective Date: October 14, 2011 Oracle Fixed Scope Services Definitions Effective Date: October 14, 2011 "You" and "your" refers to the individual or entity that has ordered Advanced Customer Services from Oracle or an authorized distributor.

More information

IBM Global Technology Services Statement of Work. for. IBM Infrastructure Security Services - Penetration Testing - Express Penetration Testing

IBM Global Technology Services Statement of Work. for. IBM Infrastructure Security Services - Penetration Testing - Express Penetration Testing IBM Global Technology Services Statement of Work for IBM Infrastructure Security Services - Penetration Testing - Express Penetration Testing The information in this Statement of Work may not be disclosed

More information

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Security concerns and dangers come both from internal means as well as external. In order to enhance your security posture

More information

IBM Security QRadar Vulnerability Manager Version 7.2.6. User Guide IBM

IBM Security QRadar Vulnerability Manager Version 7.2.6. User Guide IBM IBM Security QRadar Vulnerability Manager Version 7.2.6 User Guide IBM Note Before using this information and the product that it supports, read the information in Notices on page 91. Product information

More information

ediscovery Implementation Services Statement of Work To be Executed under State Blanket Contract ITS53 Cat2B

ediscovery Implementation Services Statement of Work To be Executed under State Blanket Contract ITS53 Cat2B ediscovery Implementation Services Statement of Work To be Executed under State Blanket Contract ITS53 Cat2B Overview: The Massachusetts Water Resources Authority is looking for a vendor to provide business

More information

Managed Services Agreement. Hilliard Office Solutions, Ltd. PO Box 52510 Phone: 432-617-4677 Midland, Texas 79710 Fax: 432-617-3043

Managed Services Agreement. Hilliard Office Solutions, Ltd. PO Box 52510 Phone: 432-617-4677 Midland, Texas 79710 Fax: 432-617-3043 Managed Services Agreement Hilliard Office Solutions, Ltd. PO Box 52510 Phone: 432-617-4677 Midland, Texas 79710 Fax: 432-617-3043 SERVICE DESCRIPTIONS By purchasing these Services from Hilliard Office

More information

MANAGED SECURITY SERVICES RESPONSIBILITIES GUIDE July 2013

MANAGED SECURITY SERVICES RESPONSIBILITIES GUIDE July 2013 MANAGED SECURITY SERVICES RESPONSIBILITIES GUIDE July 2013 1. ABOUT THIS GUIDE...3 1.1 S NEW CTOMERS...3 1.2 S ALL CTOMERS...3 1.3 OUR S...3 1.4 KEEPING R CONTACT DETAILS UP-TO-DATE...4 1.5 RECORDING R

More information

INCIDENT RESPONSE CHECKLIST

INCIDENT RESPONSE CHECKLIST INCIDENT RESPONSE CHECKLIST The purpose of this checklist is to provide clients of Kivu Consulting, Inc. with guidance in the initial stages of an actual or possible data breach. Clients are encouraged

More information

Prepared by: OIC OF SOUTH FLORIDA. May 2013

Prepared by: OIC OF SOUTH FLORIDA. May 2013 OIC OF SOUTH FLORIDA REQUEST FOR PROPOSAL INFORMATION TECHNOLOGY SUPPORT SERVICES Proposals will be received by OIC of South Florida for Information Technology Support Services. Interested vendors should

More information

ExtremeWorks Remote Monitoring Service

ExtremeWorks Remote Monitoring Service SERVICE DESCRIPTION DOCUMENT (SDD) ExtremeWorks Remote Monitoring Service Service: ExtremeWorks Managed Service Remote Monitoring Service Version: 1.0 Date: November 2015 Availability: Global Order Code:

More information

IBM Managed Security Services for Network Intrusion Detection and Intrusion Prevention

IBM Managed Security Services for Network Intrusion Detection and Intrusion Prevention Service Description IBM Ireland Limited Registered in Dublin: No. 16226 Registered Office: Oldbrook House 24-32 Pembroke Road Ballsbridge, Dublin 4. 1. Scope of Services IBM Managed Security Services for

More information

IBM Security QRadar SIEM Version 7.1.0 MR1. Administration Guide

IBM Security QRadar SIEM Version 7.1.0 MR1. Administration Guide IBM Security QRadar SIEM Version 7..0 MR Administration Guide Note: Before using this information and the product that it supports, read the information in Notices and Trademarks on page 07. Copyright

More information

CALNET 3 Category 7 Network Based Management Security. Table of Contents

CALNET 3 Category 7 Network Based Management Security. Table of Contents State of California IFB STPD 12-001-B CALNET 3 Category 7 Network Based Security Table of Contents 7.2.1.4.a DDoS Detection and Mitigation Features... 1 7.2.2.3 Email Monitoring Service Features... 2 7.2.3.2

More information

Vulnerability Management

Vulnerability Management Vulnerability Management Buyer s Guide Buyer s Guide 01 Introduction 02 Key Components 03 Other Considerations About Rapid7 01 INTRODUCTION Exploiting weaknesses in browsers, operating systems and other

More information

Payment Card Industry Data Security Standard

Payment Card Industry Data Security Standard Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security

More information

IBM Security Operations Center Poland! Wrocław! Daniel Donhefner SOC Manager!

IBM Security Operations Center Poland! Wrocław! Daniel Donhefner SOC Manager! IBM Security Operations Center Poland! Wrocław! Daniel Donhefner SOC Manager! IBM can provide unmatched global coverage and security awareness! 4,300 Strategic outsourcing security delivery resources 1,200

More information

How To Control Vcloud Air From A Microsoft Vcloud 1.1.1 (Vcloud)

How To Control Vcloud Air From A Microsoft Vcloud 1.1.1 (Vcloud) SOC 1 Control Objectives/Activities Matrix goes to great lengths to ensure the security and availability of vcloud Air services. In this effort, we have undergone a variety of industry standard audits,

More information

IBM Managed Security Services for Network Firewalls

IBM Managed Security Services for Network Firewalls Service Description IBM Ireland Limited Registered in Dublin: No. 16226 Registered Office: Oldbrook House 24-32 Pembroke Road Ballsbridge, Dublin 4. 1. Scope of Services IBM Managed Security Services for

More information

Symantec Database Security and Audit 3100 Series Appliance. Getting Started Guide

Symantec Database Security and Audit 3100 Series Appliance. Getting Started Guide Symantec Database Security and Audit 3100 Series Appliance Getting Started Guide Symantec Database Security and Audit 3100 Series Getting Started Guide The software described in this book is furnished

More information

SITA Security Requirements for Third-Party Service Providers that Access, Process, Store or Transmit Data on Behalf of SITA

SITA Security Requirements for Third-Party Service Providers that Access, Process, Store or Transmit Data on Behalf of SITA SITA Information Security SITA Security Requirements for Third-Party Service Providers that Access, Process, Store or Transmit Data on Behalf of SITA September, 2012 Contents 1. Introduction... 3 1.1 Overview...

More information

REQUEST FOR PROPOSAL-INFORMATION TECHNOLOGY SUPPORT SERVICES

REQUEST FOR PROPOSAL-INFORMATION TECHNOLOGY SUPPORT SERVICES Isothermal Planning & Development Commission (IPDC) REQUEST FOR PROPOSAL-INFORMATION TECHNOLOGY SUPPORT SERVICES Proposals will be received by the IPDC for Information Technology Support Services. Interested

More information

Enterprise IT is complex. Today, IT infrastructure spans the physical, the virtual and applications, and crosses public, private and hybrid clouds.

Enterprise IT is complex. Today, IT infrastructure spans the physical, the virtual and applications, and crosses public, private and hybrid clouds. ENTERPRISE MONITORING & LIFECYCLE MANAGEMENT Unify IT Operations Enterprise IT is complex. Today, IT infrastructure spans the physical, the virtual and applications, and crosses public, private and hybrid

More information

Vistara Lifecycle Management

Vistara Lifecycle Management Vistara Lifecycle Management Solution Brief Unify IT Operations Enterprise IT is complex. Today, IT infrastructure spans the physical, the virtual and applications, and crosses public, private and hybrid

More information

IBM Security. 2013 IBM Corporation. 2013 IBM Corporation

IBM Security. 2013 IBM Corporation. 2013 IBM Corporation IBM Security Security Intelligence What is Security Intelligence? Security Intelligence --noun 1.the real-time collection, normalization and analytics of the data generated by users, applications and infrastructure

More information

IBM. Vulnerability scanning and best practices

IBM. Vulnerability scanning and best practices IBM Vulnerability scanning and best practices ii Vulnerability scanning and best practices Contents Vulnerability scanning strategy and best practices.............. 1 Scan types............... 2 Scan duration

More information

VMware Performance and Capacity Management Accelerator Service

VMware Performance and Capacity Management Accelerator Service AT A GLANCE The VMware Performance and Capacity Management Accelerator Service rapidly deploys a performance management, capacity optimization, and log management solution focused on a limited predefined

More information

IBM Security Intelligence Strategy

IBM Security Intelligence Strategy IBM Security Intelligence Strategy Delivering Insight with Agility October 17, 2014 Victor Margina Security Solutions Accent Electronic 12013 IBM Corporation We are in an era of continuous breaches Operational

More information

Statement of Service Enterprise Services - MANAGE AppTone Server Management for SharePoint

Statement of Service Enterprise Services - MANAGE AppTone Server Management for SharePoint Statement of Service Enterprise Services - MANAGE AppTone Server Management for SharePoint CUSTOMER Proprietary Rights The information in this document is confidential to Arrow Managed Services, Inc. and

More information

IBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer

IBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer IBM Security QRadar SIEM & Fortinet / FortiAnalyzer Introducing new functionality for IBM QRadar Security Intelligence Platform: integration with Fortinet s firewalls and logs forwarded by FortiAnalyzer.

More information

Managed Security Services for Data

Managed Security Services for Data A v a y a G l o b a l S e r v i c e s Managed Security Services for Data P r o a c t i v e l y M a n a g i n g Y o u r N e t w o r k S e c u r i t y 2 4 x 7 x 3 6 5 IP Telephony Contact Centers Unified

More information

IBM Implementation Services for Power Systems IBM Systems Director

IBM Implementation Services for Power Systems IBM Systems Director Sample Statement of Work for Services This an example and your Statement of Work may vary given your specific requirements and the related IBM engagement. IBM Implementation Services for Power Systems

More information

Fully Managed IT Support. Proactive Maintenance. Disaster Recovery. Remote Support. Service Desk. Call Centre. Fully Managed Services Guide July 2007

Fully Managed IT Support. Proactive Maintenance. Disaster Recovery. Remote Support. Service Desk. Call Centre. Fully Managed Services Guide July 2007 Fully Managed IT Support Proactive Maintenance Disaster Recovery Remote Support Service Desk Call Centre London Office ITVET Limited 2 nd Floor 145 157 St John Street London EC1V 4PY t: +44(0)8704 232

More information

Supplier Security Assessment Questionnaire

Supplier Security Assessment Questionnaire HALKYN CONSULTING LTD Supplier Security Assessment Questionnaire Security Self-Assessment and Reporting This questionnaire is provided to assist organisations in conducting supplier security assessments.

More information

Achieving PCI-Compliance through Cyberoam

Achieving PCI-Compliance through Cyberoam White paper Achieving PCI-Compliance through Cyberoam The Payment Card Industry (PCI) Data Security Standard (DSS) aims to assure cardholders that their card details are safe and secure when their debit

More information

Nessus Enterprise Cloud User Guide. October 2, 2014 (Revision 9)

Nessus Enterprise Cloud User Guide. October 2, 2014 (Revision 9) Nessus Enterprise Cloud User Guide October 2, 2014 (Revision 9) Table of Contents Introduction... 3 Nessus Enterprise Cloud... 3 Subscription and Activation... 3 Multi Scanner Support... 4 Customer Scanning

More information

Nessus Perimeter Service User Guide (HTML5 Interface) March 18, 2014 (Revision 9)

Nessus Perimeter Service User Guide (HTML5 Interface) March 18, 2014 (Revision 9) Nessus Perimeter Service User Guide (HTML5 Interface) March 18, 2014 (Revision 9) Table of Contents Introduction... 3 Nessus Perimeter Service... 3 Subscription and Activation... 3 Multi Scanner Support...

More information

CNS Security and Network Monitoring. Managed Services Description

CNS Security and Network Monitoring. Managed Services Description Page 1 of 20 CNS Security and Network Monitoring Managed Services Description Author(s) Martin.Dipper@cnsuk.co.uk Date 16 th January,2012 Version V1.00 Page 2 of 20 INDEX 1 DOCUMENT CONTROL...3 1.1 ISSUER

More information

QRadar SIEM 7.2 Windows Event Collection Overview

QRadar SIEM 7.2 Windows Event Collection Overview QRadar Open Mic Webcast #3 August 26, 2014 QRadar SIEM 7.2 Windows Event Collection Overview Panelists Aaron Breen QRadar World-wide Support Leader Adam Frank Principal Solutions Architect Jonathan Pechta

More information

Symantec Security Information Manager 4.8 Release Notes

Symantec Security Information Manager 4.8 Release Notes Symantec Security Information Manager 4.8 Release Notes Symantec Security Information Manager 4.8 Release Notes The software described in this book is furnished under a license agreement and may be used

More information

Retention & Destruction

Retention & Destruction Last Updated: March 28, 2014 This document sets forth the security policies and procedures for WealthEngine, Inc. ( WealthEngine or the Company ). A. Retention & Destruction Retention & Destruction of

More information

REQUEST FOR PROPOSALS INFORMATION TECHNOLOGY SUPPORT SERVICES. Bid Packets are Due:

REQUEST FOR PROPOSALS INFORMATION TECHNOLOGY SUPPORT SERVICES. Bid Packets are Due: REQUEST FOR PROPOSALS INFORMATION TECHNOLOGY SUPPORT SERVICES Issue Date: Friday, March 15 th, 2013 Closing Date: Monday, April 15 th, 2013 University City District is requesting proposals from qualified,

More information

How To Use Adobe Software For A Business

How To Use Adobe Software For A Business EXHIBIT FOR MANAGED SERVICES (2013V3) This Exhibit for Managed Services, in addition to the General Terms, the OnDemand Exhibit, and any applicable PDM, applies to any Managed Services offering licensed

More information

QRadar SIEM and Zscaler Nanolog Streaming Service

QRadar SIEM and Zscaler Nanolog Streaming Service QRadar SIEM and Zscaler Nanolog Streaming Service February 2014 1 QRadar SIEM: Security Intelligence Platform QRadar SIEM provides full visibility and actionable insight to protect networks and IT assets

More information

IBM Security QRadar SIEM Version 7.1.0 (MR1) Tuning Guide

IBM Security QRadar SIEM Version 7.1.0 (MR1) Tuning Guide IBM Security QRadar SIEM Version 7.1.0 (MR1) Tuning Guide Note: Before using this information and the product that it supports, read the information in Notices and Trademarks on page 35. Copyright IBM

More information

QRadar SIEM and FireEye MPS Integration

QRadar SIEM and FireEye MPS Integration QRadar SIEM and FireEye MPS Integration March 2014 1 IBM QRadar Security Intelligence Platform Providing actionable intelligence INTELLIGENT Correlation, analysis and massive data reduction AUTOMATED Driving

More information

LANDesk Professional Services

LANDesk Professional Services LANDesk Professional Services Service Description For G-Cloud Background Drawing upon 25 years of experience, LANDesk today is recognized as a leading provider of systems and endpoint security management,

More information

Dell Advanced Network Monitoring Services Service Description

Dell Advanced Network Monitoring Services Service Description Dell Service Description 1. INTRODUCTION TO YOUR SERVICE AGREEMENT Advanced Network Monitoring: Network outages or network performance problems can cause significant economic impacts to your day to day

More information

RSA Authentication Manager 7.1 to 8.1 Migration Guide: Upgrading RSA SecurID Appliance 3.0 On Existing Hardware

RSA Authentication Manager 7.1 to 8.1 Migration Guide: Upgrading RSA SecurID Appliance 3.0 On Existing Hardware RSA Authentication Manager 7.1 to 8.1 Migration Guide: Upgrading RSA SecurID Appliance 3.0 On Existing Hardware Contact Information Go to the RSA corporate website for regional Customer Support telephone

More information

Ecom Infotech. Page 1 of 6

Ecom Infotech. Page 1 of 6 Ecom Infotech Page 1 of 6 Page 2 of 6 IBM Q Radar SIEM Intelligence 1. Security Intelligence and Compliance Analytics Organizations are exposed to a greater volume and variety of threats and compliance

More information

NMS300 Network Management System

NMS300 Network Management System NMS300 Network Management System User Manual June 2013 202-11289-01 350 East Plumeria Drive San Jose, CA 95134 USA Support Thank you for purchasing this NETGEAR product. After installing your device, locate

More information

Managed Service Plans

Managed Service Plans Managed Service Plans www.linkedtech.com 989.837.3060 989.832.2802 fax Managed Information Technology Services System downtime, viruses, spy ware, losses of productivity Are the computer systems you rely

More information

Spyders Managed Security Services

Spyders Managed Security Services Spyders Managed Security Services To deliver world-class Managed Security Services, Spyders must maintain and invest in a strong Security Operations Centre (SOC) capability. Spyders SOC capability is built

More information

Managing Qualys Scanners

Managing Qualys Scanners Q1 Labs Help Build 7.0 Maintenance Release 3 documentation@q1labs.com Managing Qualys Scanners Managing Qualys Scanners A QualysGuard vulnerability scanner runs on a remote web server. QRadar must access

More information

SANS Top 20 Critical Controls for Effective Cyber Defense

SANS Top 20 Critical Controls for Effective Cyber Defense WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a

More information

Statement of Service Enterprise Services - AID Microsoft IIS

Statement of Service Enterprise Services - AID Microsoft IIS Statement of Service Enterprise Services - AID Microsoft IIS Customer Proprietary Rights The information in this document is confidential to Arrow Managed Services, Inc. and is legally privileged. The

More information

SIEM Optimization 101. ReliaQuest E-Book Fully Integrated and Optimized IT Security

SIEM Optimization 101. ReliaQuest E-Book Fully Integrated and Optimized IT Security SIEM Optimization 101 ReliaQuest E-Book Fully Integrated and Optimized IT Security Introduction SIEM solutions are effective security measures that mitigate security breaches and increase the awareness

More information

RSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief

RSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief RSA Solution Brief RSA envision Platform Real-time Actionable Information, Streamlined Incident Handling, Effective Measures RSA Solution Brief The job of Operations, whether a large organization with

More information

Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0

Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0 Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0 Unless otherwise stated, these Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies

More information

Appendix E to DIR Contract Number DIR-TSO-2736 CLOUD SERVICES CONTENT (ENTERPRISE CLOUD & PRIVATE CLOUD)

Appendix E to DIR Contract Number DIR-TSO-2736 CLOUD SERVICES CONTENT (ENTERPRISE CLOUD & PRIVATE CLOUD) Appendix E to DIR Contract Number DIR-TSO-2736 CLOUD SERVICES CONTENT (ENTERPRISE CLOUD & PRIVATE CLOUD) Enterprise Cloud Resource Pool Services Features Sungard AS will provide the following in connection

More information

Extreme Networks Security Vulnerability Manager User Guide

Extreme Networks Security Vulnerability Manager User Guide Extreme Networks Security Vulnerability Manager User Guide 9034870 Published September 2015 Copyright 2015 All rights reserved. Legal Notice Extreme Networks, Inc. reserves the right to make changes in

More information

IBM Security QRadar Risk Manager

IBM Security QRadar Risk Manager IBM Security QRadar Risk Manager Proactively manage vulnerabilities and network device configuration to reduce risk, improve compliance Highlights Collect network security device configuration data to

More information

Ovation Security Center Data Sheet

Ovation Security Center Data Sheet Features Scans for vulnerabilities Discovers assets Deploys security patches transparently Allows only white-listed applications to run in workstations Provides virus protection for Ovation Windows workstations

More information

Using WhatsUp IP Address Manager 1.0

Using WhatsUp IP Address Manager 1.0 Using WhatsUp IP Address Manager 1.0 Contents Table of Contents Welcome to WhatsUp IP Address Manager Finding more information and updates... 1 Sending feedback... 2 Installing and Licensing IP Address

More information

IBM Managed Security Services for Security Event and Log Management

IBM Managed Security Services for Security Event and Log Management Service Description IBM Ireland Limited Registered in Dublin: No. 16226 Registered Office: Oldbrook House 24-32 Pembroke Road Ballsbridge, Dublin 4. IBM Managed Security Services for Security Event and

More information

Statement of Service. Enterprise Services - WATCH MySQL Database. Customer. MANAGE Services for MySQL

Statement of Service. Enterprise Services - WATCH MySQL Database. Customer. MANAGE Services for MySQL Statement of Service Enterprise Services - WATCH MySQL Database Customer 1 TABLE OF CONTENTS 1.0 Introduction... 5 2.0 Engagement overview & scope... 5 3.0 Detailed Scope... 6 3.1 24/7 Monitoring and Alerting...

More information

How to Define SIEM Strategy, Management and Success in the Enterprise

How to Define SIEM Strategy, Management and Success in the Enterprise How to Define SIEM Strategy, Management and Success in the Enterprise Security information and event management (SIEM) projects continue to challenge enterprises. The editors at SearchSecurity.com have

More information

White Paper: Meeting and Exceeding GSI/GCSx Information Security Monitoring Requirements

White Paper: Meeting and Exceeding GSI/GCSx Information Security Monitoring Requirements White Paper: Meeting and Exceeding GSI/GCSx Information Security Monitoring Requirements The benefits of QRadar for protective monitoring of government systems as required by the UK Government Connect

More information

The webinar will begin shortly

The webinar will begin shortly The webinar will begin shortly An Introduction to Security Intelligence Presented by IBM Security Chris Ross Senior Security Specialist, IBM Security Agenda The Security Landscape An Introduction to Security

More information

Barracuda Link Balancer Administrator s Guide

Barracuda Link Balancer Administrator s Guide Barracuda Link Balancer Administrator s Guide Version 1.0 Barracuda Networks Inc. 3175 S. Winchester Blvd. Campbell, CA 95008 http://www.barracuda.com Copyright Notice Copyright 2008, Barracuda Networks

More information

IBM Security SiteProtector System Configuration Guide

IBM Security SiteProtector System Configuration Guide IBM Security IBM Security SiteProtector System Configuration Guide Version 2.9 Note Before using this information and the product it supports, read the information in Notices on page 209. This edition

More information

IBM QRadar Security Intelligence April 2013

IBM QRadar Security Intelligence April 2013 IBM QRadar Security Intelligence April 2013 1 2012 IBM Corporation Today s Challenges 2 Organizations Need an Intelligent View into Their Security Posture 3 What is Security Intelligence? Security Intelligence

More information

Data Center Colocation - SLA

Data Center Colocation - SLA 1 General Overview This is a Service Level Agreement ( SLA ) between and Data Center Colocation to document: The technology services Data Center Colocation provides to the customer The targets for response

More information

FIRN Secure Internet Bundled Services:

FIRN Secure Internet Bundled Services: FIRN INTERNET SECURITY BUNDLE SERVICES AND NEW ADVANCED SECURITY OPTIONAL SERVICES (New Services and Prices Available July 1, 2014. CSAB Orders can be placed as early as March 1, 2014) Ethernet Bandwidth

More information

Kevin Hayes, CISSP, CISM MULTIPLY SECURITY EFFECTIVENESS WITH SIEM

Kevin Hayes, CISSP, CISM MULTIPLY SECURITY EFFECTIVENESS WITH SIEM Kevin Hayes, CISSP, CISM MULTIPLY SECURITY EFFECTIVENESS WITH SIEM TODAY S AGENDA Describe the need for SIEM Explore different options available for SIEM Demonstrate a few Use Cases Cover some caveats

More information

SolarWinds Log & Event Manager

SolarWinds Log & Event Manager Corona Technical Services SolarWinds Log & Event Manager Training Project/Implementation Outline James Kluza 14 Table of Contents Overview... 3 Example Project Schedule... 3 Pre-engagement Checklist...

More information

What is Security Intelligence?

What is Security Intelligence? 2 What is Security Intelligence? Security Intelligence --noun 1. the real-time collection, normalization, and analytics of the data generated by users, applications and infrastructure that impacts the

More information

Statement of Service Enterprise Services - WATCH Storage: Block-based, SAN-Attached File-based, Network-Attached

Statement of Service Enterprise Services - WATCH Storage: Block-based, SAN-Attached File-based, Network-Attached Statement of Service Enterprise Services - WATCH Storage: Block-based, SAN-Attached File-based, Network-Attached Customer Proprietary Rights The information in this document is confidential to Arrow Managed

More information

LOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE

LOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE PRODUCT BRIEF LOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE As part of the Tripwire VIA platform, Tripwire Log Center offers out-of-the-box integration with Tripwire Enterprise to offer visibility

More information

PCI DSS Top 10 Reports March 2011

PCI DSS Top 10 Reports March 2011 PCI DSS Top 10 Reports March 2011 The Payment Card Industry Data Security Standard (PCI DSS) Requirements 6, 10 and 11 can be the most costly and resource intensive to meet as they require log management,

More information

Citrix EdgeSight Administrator s Guide. Citrix EdgeSight for Endpoints 5.3 Citrix EdgeSight for XenApp 5.3

Citrix EdgeSight Administrator s Guide. Citrix EdgeSight for Endpoints 5.3 Citrix EdgeSight for XenApp 5.3 Citrix EdgeSight Administrator s Guide Citrix EdgeSight for Endpoints 5.3 Citrix EdgeSight for enapp 5.3 Copyright and Trademark Notice Use of the product documented in this guide is subject to your prior

More information

74% 96 Action Items. Compliance

74% 96 Action Items. Compliance Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on July 02, 2013 11:12 AM 1 74% Compliance 96 Action Items Upcoming 0 items About PCI DSS 2.0 PCI-DSS is a legal obligation mandated

More information

Certification Report

Certification Report Certification Report EAL 3+ Evaluation of RSA envision platform v4.0 SP 1 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification

More information

Support and Service Management Service Description

Support and Service Management Service Description Support and Service Management Service Description Business Productivity Online Suite - Standard Microsoft Exchange Online Standard Microsoft SharePoint Online Standard Microsoft Office Communications

More information

Secondary DMZ: DMZ (2)

Secondary DMZ: DMZ (2) Secondary DMZ: DMZ (2) Demilitarized zone (DMZ): From a computer security perspective DMZ is a physical and/ or logical sub-network that resides on the perimeter network, facing an un-trusted network or

More information