Can we work with your network security management platform and easily take the data from it?
Once the customer has explained the basics of the business, network and security architectures, you will need to analyze the data that will be relied upon for analysis. Gathering and aggregating the network data in an efficient manner in real time can be a challenge for many reasons, but the basic consideration will be determining the best way to aggregate data and update it continuously. If you cannot leverage the customer's management platform, you may be forced to gather raw data from their sensor devices, essentially diminishing the value of the investment in the management platform.
This activity should be collaboration. You need to understand the architecture, security posture, and alerting goals and you need to tell the customer how you plan to accept their data into your own analysis framework.