Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
1 Overview
Managed Service Providers (MSPs) can use Network Detective to build or grow a managed services
practice. Discover how thousands of MSPs are already using Network Detective to capture more
business.
One-time security assessments are typically used to audit security or support a larger compliance
initiative.
As opposed to one-time assessments, which are typically driven by customer demand, an ongoing
security offering is positioned to streghen the security position for your client by:
In this sense, an ongoing offering provides more long-term benefit than an individual assessment
because vulnerabilities and threats are routinely neutralized before they can harm your client’s
environments.
3 One-time Assessments
For one-time assessments, we propose a 3-tiered approach. The tiers are named SILVER, GOLD, and
PLATINUM. Silver can be provided to a vast majority of the customer base and incurs the least cost
to the client and service provider, while the Platinum level consists of concierge-level services.
Day 1
1. Initiate External Vulnerability Scan (can be performed remotely)
2. Run the Network and Security Data Collector selecting the Network Scan option
(can be performed remotely)
3. Run the Local Push Data Collector selecting Network and Security
(can be performed remotely)
Day 2
4. In-person site visit and interview with CEO/CTO (after initial automated assessment):
a. Physical security walk-through
b. Administrator Review – present list of administrators and domain administrators of
the environment and assure the list is accurate and as minimal as possible.
c. Share Permission Review
5. Prepare deliverables for final review
Day 3
6. Final review with stakeholders
Labor Requirement:
This plan level addresses the major weaknesses faced by small business:
Day 1
1. Plug in and configure Inspector appliance on-site
2. Initiate External Vulnerability Scan, Network and Security Data Collectors, and the Internal
Vulnerability Scan from the Inspector
3. Run the Local Push Data Collector selecting Network and Security
4. Physical Security walk-through during data collection
Day 2
5. In-person site visit and interview with CEO/CTO and IT Administrator:
a. Administrator Review – present list of administrators and domain administrators of
the environment and assure the list is accurate and as minimal as possible.
b. Share Permission Review
c. IT Administrator Review
6. Prepare deliverables for final review
Day 3
7. Final review with stakeholders
Labor Requirement:
This plan level addresses the major weaknesses faced by small and medium sized businesses:
Day 1
1. Plug in and configure Inspector appliance on-site
2. Initiate External Vulnerability Scan, Network and Security Data Collectors, as well the Internal
Vulnerability Scan from the Inspector
3. Run the Local Push Data Collector selecting Network and Security
4. Physical security walk-through during data collection using the PCI or HIPAA On-site Survey
Day 2-3
5. Complete various identification worksheets with stakeholders
6. Initiate secondary scans if needed
Day 4
7. In-person site visit and interview with CEO/CTO and IT Administrator:
a. Administrator Review – present list of administrators and domain administrators of
the environment and assure the list is accurate and as minimal as possible.
b. Share Permission Review
c. IT Administrator Review
8. Prepare deliverables for final review
Day 5
9. Final review with stakeholders
* Note that compliance assessments vary greatly with the size of the organization in terms of
complexity and the timeframes given.
Labor Requirement:
This plan level addresses the major weaknesses faced by larger entities and those with compliance
needs:
Through the DAILY alerts, your customer will be able equipped with the knowledge to:
Investigate and Report – As part of your NOC/SOC services, you will evaluate the threat level
and determine if the issue is valid and report back to the customer.
False Positive – Either you will ignore the issue or add proper tagging to avoid the alert from
being sent in the future.
Address Issue – At the SILVER level, remediation is not included but can be done as a Project
or Time and Materials arrangement.
Therefore, the customer incurs extra costs only if they want you to fix a legitimate issue found in
their environment.
Your cost:
Through the DAILY alerts, your customer will be able equipped with the knowledge to:
Investigate and Report – As part of your NOC/SOC services, you will evaluate the threat level
and determine if the issue is valid and report back to the customer.
False Positive – Either you will ignore the issue or add proper tagging to avoid the alert from
being sent in the future.
Address Issue – At the GOLD level, some level of remediation can be included, but additional
and out of scope issues can be done as a Project or Time and Materials arrangement.
Therefore, the customer incurs extra costs only if they want you to fix a legitimate issue found in
their environment.
Your cost:
Investigate and Report – As part of your NOC/SOC services, you will evaluate the threat level
and determine if the issue is valid and report back to the customer.
False Positive – Either you will ignore the issue or add proper tagging to avoid the alert from
being sent in the future.
Address Issue – Most basic security-issue remediation can be included as part of the
agreement. More complex arrangements involving multi-day efforts could always be scoped
as additional projects.
Perform an annual security risk assessment.
Your cost:
$1,500+ /month
6 Next Steps
This document is intended to be a guide to help you define your own Managed Security offering.
Combined with the ability to incorporate your own practices, conduct interviews using our InForm
technology, and receive low, fixed per-site pricing for Detector, the possibilities are endless for
forming a service offering at all levels, to a variety of customers, using trusted technology.
Additionally, the Detector alerting provides a systematic and methodical approach to security rather
than error-prone human review of logs and settings.
The next step is to contact your RapidFire Tools Account Manager and Solutions Engineer to help
formulate a model that works for you.
sales@rapidfiretools.com
678-323-1300, ext. 2