Embed Size (px)
Citation preview
PARTNER SALES SUMMARY
NETWORK INTERCEPTOR™Detecting & Preventing Advanced Targeted Attacks, 24/7
Small to medium sized businesses are struggling to reduce complexity while maintaining defenses against a growing threat landscape. Many smaller organizations are increasingly the targets of cyber attacks, and operate in highly regulated industries, driving a compelling need to protect assets, client information and intellectual property.
Network Interceptor is a service that combines technology and human‐driven analysis to monitor corporate networks and detect known and unknown security threats, 24x7. It delivers real‐time detection, analysis, mitigation and incident response by experts at eSentire’s Security Operations Center, providing enterprise class protection to small to medium size businesses.
It’s deployed as a continuous managed service that leverages the architecture of a network appliance sensor to monitor client networks. Core capabilities include real‐time deep‐packet inspection, full packet capture, human assisted machine learning, behavior‐based anomaly detection, signature‐based intrusion detection and prevention, and security analyst communications.
Pricing varies by number of employees, number of locations and the throughput of the customer’s network.Pricing is available for Gold, Silver, SOHO and Virtual optionsAssistance with sizing opportunities is available through the eSentire Pricing Calculator, or through your Channel Account Manager.
Complementary solution to customer’s existing security investments
Delivers real-time protection and active resolution of security threats by proven experts
Allows customers to maintain compliance with rigorous regulations
Budget-friendly billing reduces need for expensive capital investments
Finance, Legal, BioPharma, Healthcare
Small to mid-size who are tied to regulations: SEC, HIPAA, SOX
Organizations with small IT staff or small/nonexistent security team
Companies that need to protect intellectual property
Companies who have been the victim of a breach
Companies with global presence/multi-national
SCOPING NEW OPPORTUNITIES
KEY BENEFITSReduces complexity and eliminates high costs of staffing a dedicated security team
TARGET VERTICAL INDUSTRIES
TARGET CUSTOMERS
24/7 Security Operations Center
ContainmentMitigation
Threat SignalData for Analysis
FirewallSwitch Switch
Router
Network Interceptor
eSentire
Internet
Regulatory bodies across all industries are requiring compliance to cyber security rules, becoming a key driver for small to mid-size clients to adopt a more comprehensive security posture. Protecting assets, information and preventing fines, loss of revenue and risk to reputation.
A proactive security approach gives clients, stakeholders and investors assurance that assets, personal information and intellectual property are being diligently protected, and reduces risk to business continuity.
62% of breaches in 2014 were at the SME level. Medium tier businesses are being targeted because they typically can’t match the security processes of larger companies. Most SME’s don’t have expert security resources on staff to monitor, analyze and mitigate threats. Creating a dedicated security team in-house is cost prohibitive to smaller organizations.
81% of companies attacked in 2014 were not able to identify the breach themselves and on average it took them 188 days to realize security had been compromised. Network Interceptor provides real-time threat protection, analysis and mitigation - we'll know about an attack immediately and mitigate it.
Network Interceptor analyzes and detects both known and unknown “zero-day” cyber threats in real time by using technology coupled with our security expertise, finding threats before they cause damage.
Regulatory bodies are requiring the performance of annual security audits, levying fines and sanctions against those who can’t demonstrate implementation of adequate security measures. Network Interceptor helps organizations harden defenses and document compliance.
Are you familiar with ‘zero-day’ or unknown cyber threats such as phishing, social engineering, and targeted attacks?
Are there any ongoing security audits or new audits on the horizon?
Are there regulatory concerns currently - SEC, FCA, FINRA, HIPAA?
Are your investors/clients/stakeholders inquiring as to your security posture?
Do you have a dedicated security team?
Do you know if your organization has been breached/compromised? Would you know?
QU
ALIF
YIN
G Q
UES
TIO
NS
“We’ve got security covered” Customer has purchased security technologies such as IDS, Next Generation Firewall, SIEM, etc.
Are you monitoring your logs 24x7? How often are you tuning your devices? How do you know if malware has gotten through your defenses? Do you have the skilled resources in place to monitor your environment?
We are a complementary service that works with what you have in place already to ensure its value and reliability. Our security analysts watch your network traffic 24x7x365, enabling us to recognize breaches before you do. We provide the benefits of an in-house SOC for a fraction of the cost. Standing up a SOC with around the clock coverage can cost up to $2M, according to IDC estimates.
“We’re too small to be a target” Customer thinks their small footprint makes them a less attractive target to cyber criminal.
What is the value of the assets or intellectual property you have under management? Do you work with other SME’s and counterparts on a daily basis?
Around 43% of mid-sized businesses have suffered loss from cyber attack, but only around 20% have measures in place to help. Many of these breaches stem through their partner network, specifically because they are small, and might not have the capability to detect, block, and respond to incoming threat.
“We outsource our IT”Customer has IT outsourcing provider and think they are covered.
What visibility is there at the board, or executive level around the issue of security? Has your outsource IT provider created an incident response plan for you?
Security is not simply an IT issue, but a business continuity concern with board‐level visibility. It needs to be handled differently.
“We’re moving to the Cloud” Customer is using a cloud provider and thinks security is taken care of.
Does your cloud security strategy encompass end users on the network? Are you familiar with phishing attacks?
Moving to the cloud doesn’t eliminate security risks. Successful phishing attacks target internal users – taking control of an endpoint to gain access to what’s in the cloud. Comprehensive monitoring, analysis and mitigation by security experts significantly reduces the risk of a breach, and complements existing cloud strategies.
OVE
RCO
MIN
G O
BJEC
TIO
NS
SCENARIO QUESTIONS TO ASK POSITIONING WITH THE CUSTOMER
Dell SecureWorks is a primary competitor for Network Interceptor. Secondary competitors include MSSP’s, SIEM providers and security hardware vendors that have varying capabilities, architectures, service levels, cost profiles and weaknesses. Contact your Channel Account Manager for more information.
All data stays on customer network, preserving security. No data is sent to cloud-based services.
SecureWorks iSensor can provide active prevention capabilities only when placed in an inline mode, introducing latency and a single point of failure. eSentire allows “passive” monitoring – not inline – to ensure that zero network latency is introduced.
eSentire performs continuous packet capture, which aids in forensic investigations of attacks, providing much richer data sets to investigators. Dell only records packet capture if a threat has already been identified.
Our 1:8 customer to Security Analyst ratio ensures a high‐touch, personalized experience while allowing immediate access to our SOC Analysts.
Inline Architecture
Full and Continuous Packet Capture
Personalized, High Touch Service
Data Residency
Feature Comparison
Zero day threat protection with human analysis & intervention
Signature + Intelligence based threat protection
Embedded Incident Response
eSentire eSentire Network Interceptor Advantage
Threat detection and analysis is highly automated and less effective with Dell's solution. eSentire's anomaly-based analysis and human intervention approach offers superior protection.
Network Interceptor incorporates behavior-based detection in addition to signature and threat intelligence, a distinct advantage over Dell when dealing with advanced threats. eSentire continuously updates our sensors in the field as opposed to only 2x weekly updates from Dell.
eSentire embeds incident response within its service. Dell requires a separate retainer to provide it.
Dell
SELLING AGAINST THE COMPETITION
HOW TO WIN AGAINST DELL
Copyright © 2015 eSentire, Inc. All rights reserved. www.esentire.com | @esentire | [email protected]
Human vs. AutomationIncreased reliance on “automated security” has been identified as a key reason for security failure. We also provide the human element.
Compare SLAsDell promises to keep their infrastructure up, not respond to events.
Reliance Needs other security infrastructure to be effective.
DetectionHeavy reliance on signature-based detection and threat intelligence alone is not effective in dealing with targeted attacks (zero-day).
Review Quotes Carefully Compare SLAs and embedded services so customers understand what's included.
Service LevelsReinforce our high touch service model.
COM
PETI
TIVE
ED
GE
