Cisco Master Security Specialization Practice Areas Summary. February 2016

Transcription

1 Cisco Master Security Specialization Practice Areas Summary February 2016

2 New Master Security Model Prerequisites Advanced Security Architecture Specialization (ASAS) (1) CCIE Security (1) CCNP Security (1) Fire Jumper (1) Project Management Certification: PMI (PMP) or Prince 2 Partner Executed Proof of Values (POVs) Customer References Onsite Audit Capabilities Validation Onsite Audit Demonstration Onsite Audit Practice Areas

3 Practice Areas In order to demonstrate that partners have mature security practice capabilities, Cisco Master Security Specialization requirements now include validation of these capabilities during the onsite audit process: Demonstrated capability in at least three out of six specialty areas Demonstrated capability in specialty areas against a customer use case

4 Potential Products and Tools Description Threat Visibility Network Vulnerability Assessment Remediation and Response Threat Visibility provides awareness of network and application security posture through customer engagements. Threat Visibility reports provide customers with findings to include host and application risks, malware threats, and recommended actions. Network Vulnerability Assessments analyze customer networks with vulnerability scanning and penetration testing tools to provide insight into internal, external, and remote access threats. Assessment reports provide customers with findings to include descriptions of vulnerabilities and recommended corrective actions. Remediation and response is an organized approach to addressing and managing the aftermath of a security breach. Services include response planning, incident investigation, forensics, infection containment, countermeasure development, and risk mitigation. ThreatGrid Identity Services Engine ThreatGrid AMP for Endpoint FirePOWER Services AMP for Endpoint AMP for Network Prime Infrastructure AMP for Network AMP for Content IOS Software Checker AMP for Content ESA, WSA, and CWS FirePOWER Services Ecosystem Partners ThreatAnalytics Environment Profiling and Assessment Open Source Offerings Ecosystem Partners ThreatAnalytics FirePOWER Services Open Source Offerings Ecosystem Partners Incident Response Service ThreatAnalytics Master Security Practice Areas

5 Potential Products and Tools Description Secure Cloud Secure Data Center Secure IoT Secure Cloud provides or builds a secure environment to meet specific business outcomes including threat protection, acceptable use, data security, secure access, and flexible workloads. Secure Data Center practices address security concerns in virtualized and orchestrated data center environments leveraging Cisco Validated Designs. Cisco solutions offer maximum performance, actionable security, ease of provisioning, and threat detection and defense. Secure IoT converges an organization s existing information technology (IT) and operational technology (OT) networks. Cisco offers physical and cyber security solutions to employ consistent security solutions with centralized management across the extended network while offering differentiated security policies and actionable security intelligence. ESA, ESAv, WSA, WSAv Application Centric Infrastructure AMP for Endpoint ASA, ASAv ASA, ASAv AMP for Network FirePOWER Services FirePOWER Services AMP for Content Identity Services Engine Identity Services Engine Hardened ASA Intercloud Fabric TrustSec Physical Access Manager Open Source Offerings Advanced Threat Analytics Open Source Offerings Ecosystem Partners Open Source Offerings Ecosystem Partners Ecosystem Partners Master Security Practice Areas (Continued)

6 Audit Requirements for Practice Areas Practice Area Documentation Requirements As part of the Master Security on-site audit process, partners are required to provide documentation validating mature security practice capabilities in three of six possible concentrations: Threat Visibility Network Vulnerability Assessment Remediation and Response Secure Cloud Secure Data Center Secure IoT This document is designed to provide partners with supplemental information regarding the documents that the partner is required to submit on the day of the audit.

7 Audit Requirements for Practice Areas Data sheet with business outcomes Sample statement of work (SOW) One of the following sample deliverables Customer-facing report with recommendations Solution design with network topology and products Service Agreement with SLAs Implementation or operations guide

8 Audit Requirements for Practice Areas Data Sheet with Business Outcomes A data sheet is required for each of the three practice areas, a separate data sheet submitted for each of the three practice areas. The data sheet should be one to two pages in length and provide a high level description of the service being provided by the partner for the customer. The data sheet should provide a summary of the benefits this service provides to customers. Please refer to Cisco s security product data sheets for examples.

9 Audit Requirements for Practice Areas Statement of Work (SOW) The Statement of Work (SOW) is a formal document that specifies the criteria of a contract between a partner and customer. It documents such items as project requirements, milestones, deliverables, and materials that will be provided to the customer. This document should be comprehensive in scope as opposed to high level. Below is a sample outline of common items that typically would be included in a scope of work document. The items outlined below are provided as a guideline only. Objective Project Scope Schedule Financials Key Assumptions Acceptance The Objective section should state the business objectives of the project and a high level overview of the solution being proposed. The objective of this section is to provide clarity as to why work is being performed. The Scope section should define the work that will be performed and the process for how it will be performed. This section should include a list of deliverables to be provided to the customer. This section should include a detailed schedule including customer touch points. The pricing sections should state the price to customer including time and materials. This section should also outline how outside expenses will be handled and milestones for payment. This section should include any assumptions that need to be outlined that are not related to items covered in the Project Scope section. The Acceptance section should include signatures from the customer and any key executives working on the project.

10 Audit Requirements for Practice Areas Sample Deliverables Sample deliverables include sample customer-facing documents that are provided to the customer as part of the partner offering. Acceptable sample documentation include: Customer-facing report with recommendations Solution Design with network topology and products Service Agreement with SLAs

11 Audit Requirements for Practice Areas Implementation or Operations Guide The implementation or operations guide is a partner internal document that outlines the process a partner system engineer would follow in order to implement or deploy the service offering in a customer environment. Implementation guides are typically created by the partner to document best practices around their service offering, but the partner can also utilize Cisco Validated Design (CVD) guides to fulfill this requirement when applicable. Partners may also utilize the POV best practices documentation posted on Cisco Partner Communities to fulfill this requirement when applicable.

12