How do you plan to leverage our MSP services for monitoring and alerting?
The customer has deployed IDS sensors, a variety of firewalls and antivirus systems throughout their network. They have implemented a management platform to aggregate and centrally analyze event data that is continuously analyzed by the MSSP. Now comes the harder question; how will the customer's security monitoring and response processes rely on the alerting that is provided by the MSSP? All MSSPs provide essential alerting capabilities for suspected incidents and also some level of centralized reporting and analysis capabilities that may be valuable when monitoring resources. Security staff may find it helpful to leverage the custom reporting and analysis capabilities provided by the MSSP to supplement their own security management platform.
At a high level you will need to describe the basics concerning the way the customer will need to rely on the architecture including the network security management platform and the data from the MSSP.
This was first published in July 2008