1 EMEA Partner Led Consulting Service Offerings EMEA Partner Led Consulting.

1

EMEA Partner Led ConsultingService Offerings

EMEA Partner Led Consulting

2

EMEA Symantec Partner Led Consultingengagement model


Impl

emen

tatio

n Ty

peSt

rate

gic/

Co

mpl

exM

ediu

mSt

raig

htfor

war

d

EMEA Partner Led Consulting 3

Advisory Services

Information Management

Storage and Availability

Security and Compliance

Assessment Service Catalogue

4

DLP Risk Assessment

De-duplication Assessment

Archiving Assessment

Security Architecture Review

Malicious Activity Assessment

Vulnerability Ass. & Pen Test

Mobile Security Assessment

ITDR ProgramNext Gen. Data Prot. Ass.

SOC Assessment and Design

Cloud Readiness AssessmentINFORM Risk Assessment

Future State Architecture

Storage Supply Chain Analysis

Baseline IT Continuity Ass.

Information Storage Assessment


5

Gap analysis of the customers Security Operations Center VS our best practice guidelines

Define the posture of the actual SOC’s Security Services levels, evaluating the technological and the organizational aspects

Evaluating the actual requirements/controls, in order to measure the current level of security according to the CMM (Capability Maturity Model)

Execute a Gap Analysis against Symantec SOC MS model

Define a Security Roadmap to improve the SOC Services and to prioritize the security Investments

Provide a executive summary representation useful for Top Management

Security Operations Center Assessment and Design

-

0.50

1.00

1.50

2.00

2.50

3.00

3.50

4.00

Real Time Device Monitoring

Vulnerability Assessment

Penetration Test

Security Audit

Security Intelligence

Technology Watch

Alerting & WarningTechnical reporting

Security Device Configuration

Security Device Maintenance

Policy Management

Policy Enforcement

Patch Management

Events Data Retention

Endpoint Security

Hardening

Proactive Security Services Maturity Level

Self AssessmentFuture State


CMM Level Description

Not Available (A) (D) (M)(I) (O)(A) (D) (M)(I) (O)

The service is not implemented

Initial (I) (A) (O)(D) (M)(I) (A) (O)(D) (M)

The service is inadeguate to be

delivered from the SOC

Aware (A) (O)(D) (M)(I) (A) (O)(D) (M)(I)

The service has an poor maturità

level. Automation and processes

are just sufficient

Defined (A) (O)(D) (M)(I) (A) (O)(D) (M)(I)

The service has an average

maturity level with automation

and processes to improve

Managed (A) (O)(D) (M)(I) (A) (O)(D) (M)(I)

The service has an high level of

maturity, using well define

processes and adeguate

technologies

Optimized (A) (O)(D) (M)(I) (A) (O)(D) (M)(I)

The service is excellent and

continuously improved

6

The assessment measures the maturity of the current service in terms of quality of delivery, technical architecture, best practice configuration and on-going management and support. It will identify areas for improvement and potential cost savings.

The review is conducted using a combination of key stakeholder workshops and data gathering tools, resulting in a final presentation of findings and recommendations.

Next Gen Data Protection Assessment


The assessment provides a clear insight into the effectiveness of an existing backup and recovery service. Being based on qualitative and quantitative information, it delivers a broad and balanced view, from both process and technology perspectives.

7

Gap analysis of the customers understanding of IT changes to meet IT continuity requirements

High-level designs for each IT recovery class, high-level recommendations on IT process/IT organization improvements

Selection from three alternative strategies

High-level quantified business case for every strategy to justify selecting the right strategy

Roadmap for IT transformation for selected strategy

ITDR Program

Дорожная карта "максимальной" стратегии

Мера Активность/Проект Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4CM1. Распределение КТС по разным площадкам Проектирование ЦОД 25 25 25

Проведение строительных работ (включая разработку ИРД и ПСД), ввод в эксплуатацию

75 75 75

Организация аренды каналов 75 75

Закупка и установка серверного и прочего оборудования

75 75 75

CM2. Кластеризация между площадкамиРазработка (уточнение) требований, закупка и внедрение ПО

25 25 75 75

CM3. Репликация данных между площадкамиРазработка (уточнение) требований, закупка и внедрение оборудования и/или ПО

25 75 75

CM4. Резервное копирование данныхМодернизация и развитие существующей системы резервного копирования

25 25 75 75

CM5. Архивное хранение данныхРазработка регламента и заключение контракта с поставщиком

75

CM6. План по восстановлениюРазработка и внедрение плана обеспечения непрерывности и восстановления деятельности

25 25 25 25 25 25 75 75 75 75 75 75 75

PM1. Включение в систему мониторинга 25 25 25 75 75 75 75 75 75 75

PM4. Процесс управления ИТ-рисками 25 25 75 75 75 75

PM5. Объединённый процесс управления инцидентами

Разработка и внедрение объединённого процесса управления инцидентами

25 25 25 75 75 75

Модернизация и упрощение процедуры эскалациии инцидентов

25

Интеграция со справочниками CMDB 25 25 75

Ежегодный пересмотр процесса управления инцидентами и процедур эскалации

75 75 75 75 75

PM6. Процесс управления непрерывностьюРазработка и внедрение процесса управления непрерывностью

25 25 75 75 75 75

Проведение семинаров и обучение 75 75 75 75

Дополнение каталога ИТ-сервисов стоимостью простоя

25 25 75 75

PM7. Процесс управления мощностямиПроектирование системы и внедрение ПО управления мощностями

25 25 75 75 75

Разработка спецификации процесса и вндрение процесса управления мощностями

25 25 75 75

Проведение семинаров по обучению 75 75 75

PM8. Документирование (процесса или конфигурации)

Разработка системы и внедрение ПО моделирования уровня предприятия

25 25 75

Создание группы технологического аудита 25 75

Актуализация плана конфигураций 25 25

Обучение, постановка методологии (ITSM, ИБ, аудит)

75 75 75 75

Проведение повторных аудитов 75 75 75 75

Разработка методики документирования процессов

25 25 75 75

Разработка базы знаний по процессам 25 25 75 75 75 75 75 75 75 75 75 75 75 75 75 75 75 75

PM9. Дублирование резервных копий на другой площадке или в удалённом хранилище

Внедрение ПО создания дубликатов резервных копий

25 75

Промежуточные итоги 0% 0% 2% 0% 1% 5% 28% 8% 17% 18% 0% 1% 10% 10% 0% 0% 0% 0% 0% 0%0% 0% 2% 2% 3% 8% 36% 44% 61% 79% 79% 80% 90% 100% 100% 100% 100% 100% 100% 100%

Уровень готовности по годам

2012 2013 2014 2015 2016

100%2% 44% 80% 100%

0%

10%

20%

30%

40%

50%

60%

70%

80%

90%

100%

Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4

2012 2013 2014 2015 2016

Оглавление

Легенда

Проектирование или разработкаВнедрениеРеализация выгод от внедрения


8

Gap analysis of the customer’s enterprise security deployment VS our best practice guidelines

The Enterprise Security Architecture Review (ESAR) has been designed as a service engagement that will rapidly enable clients to determine whether their current Security Architecture, Risk Management, product portfolio, Security team make-up and supporting processes

It will also determine whether clients have correctly provisioned their security infrastructure with the clients existing solutions and to highlight any weaknesses or gaps in the client’s infrastructure.

The Symantec consultant will assist with providing qualitative data to determine how effective the products are from the Vendor, while mitigating the risks of unplanned downtime

Security Architecture Review


9

Assess volume of malicious activity in the network and the impact to the organization. Provides the data needed to assess risk exposure and identify areas for improved protection

Provides detection capabilities that give you early warnings and details on emerging and potential threats including target and attacker IPs.

Gives you the ability to inspect for botnets—both dormant and active—and take rapid remediation action on infected clients that may be participating in botnet activities.

Allows you to detect compromised endpoints on your network with behavioral modeling and fingerprinting.

Provides detailed reports giving you the data needed to assess risk exposure and identify areas for improved protection.

Malicious Activity Assessment


10

Gap analysis of the customers existing VA processes and tools VS our best practice guidelines

The Vulnerability Assessment Service (VA) has been designed as an entry level, low cost service engagement that will rapidly enable clients to determine whether their current VA methodology and threat modeling support processes correctly determine the relevance (using CVVS or NVD scoring), criticality and deployment capability of vendor released security patches.

Vulnerability Assessment and Penetration Testing


11

• Holistic approach covering 3 perspectives• Governance

• Intelligence

• Infrastructure

• Across 15 core elements

• Provides a 360o view of your mobile security capabilities

Identify security issues within application source code through automated and manual review

Focused on identifying issues with authentication and authorization, data validation, session management, encryption, auditing and logging, and business logic

Can be performed in conjunction with a penetration assessment to provide a deeper view of potential vulnerabilities

Usually conducted during the development or testing phases of the software lifecycle

Mobile Security Assessment


12

Risk Assessment that allows organizations to quantify and qualify their risk of data loss

The Symantec Data Loss Prevention Risk Assessment identifies areas of Very High, High, Medium, and Low risk of data across endpoint, network, and storage systems by data type, based on your evaluation of potential severity and your actual frequency of data loss. It will also determine whether clients have correctly provisioned their security infrastructure with the clients existing solutions and to highlight any weaknesses or gaps in the client’s infrastructure.

Our consultants team helps to create and implement data security policies to discover, monitor, and protect confidential data wherever it is stored or used

DLP Risk Assessment


13

Reviews an existing backup environment to assess the potential impact of introducing deduplication technology.

De-duplication Assessment


Staring from an initial review of the hardware and software infrastructure along with the customer data profile, a value based assessment of deduplication will be performed.

This will include:

• Assessing all solution options (client, media server and target based deduplication)

•Defining a preliminary deduplication based solution.

•Quantifying potential cost savings .

•Assessing impact on existing Server, Storage, LAN, SAN and WAN infrastructures.

•Defining a potential migration plan.

•Final Presentation of Recommendations and Findings.

14

Determines the projected benefits of introducing archiving and eDiscovery as part of the information lifecycle management

• The assessment utilizes a field-proven methodology developed by Symantec to uncover gaps relating to information lifecycle management, including (but not limited to):

– demonstrating and quantifying the benefits & costs of the Symantec solutions for archiving, eDiscovery & retention management

– reviewing litigation and compliance risk around email, and comparing current practices to industry best practices.

– discussing the data lifecycle and policy enforcement, followed by eDiscovery preparation, and finally by costs of unrestricted data growth.

– assessing your business needs, and helping you get your archiving and eDiscovery project up and running.

• The assessment is conducted using tools to collect specific data inputs from Customer environment, including (but not limited to) Exchange Mailbox Analyzer, File System Analyzer, Sharepoint Analyzer, etc.

Archiving & eDiscoveryAssessment


Without a tool to control the lifecycle of your

data, you end up with perpetual data growth

and no control. Regardless of your corporate

culture, this always equates cost. Symantec

IIG product suite is at it’s heart a policy engine.

Use it to enforce your safe harbor and data

control policies. Reduce costs and clean up

the environment.

15

Which servers are consuming data from which arrays?

Which users are creating and using which files?

– A comprehensive assessment service covering block-based and file-based data stores.

– Enables better-informed information lifecycle policy decisions

– Facilitates implementation of chargeback models

– Makes users accountable for the storage they consume

Information Storage Assessment

File Servers Clients

Collectors

Indexers

Active DirectoryManagement Console

Over-provisioned

Misused

EffectivelyUtilized

Un-provisioned

Overhead

Physical

Un-claimed

Logical

Un-consumed

Claimed

Host Usage App

Usage

Consumed

Storage Team

Storage Team

ServerTeam

DB / App Admins

End Users

ServerTeam


16

Baseline IT Continuity Assessment Leverages the standard DRA

POC combined with Operational Risk assessment workshop to determine technical and operational risks to successful DR .

Rapid workshop/ interview and tool-based review of the current IT Continuity (ITC) Capabilities.

Will rapidly enable clients to determine whether their current HA and DR technology and supporting processes will operate as designed in the event of a failure. It will also determine whether clients have over provisioned recovery infrastructure and provide quantitative and qualitative data to determine how cost and effort may be taken out of the existing HA and DR infrastructure while still mitigating the risks of unplanned downtime.


17

Leverages CCS combined with operational assessment workshops to identify opportunities to optimize clients storage and data protection infrastructure.

Symantec helps clients to transform storage processes and operations in to a more efficient and cost effective service.

To understand the client's storage service requirements, Symantec consultants start by reviewing the organization's current storage architecture, software tools, and operational model.

With this information, they can help identify any gaps between the current capability and best practices, and thus help define a strategy that will more closely align storage services with business and IT requirements, while optimizing the delivery of those services.

Using Symantec storage management solutions as tools, (Command Cental Storage, VOM Advanced, Data Insight for Storage), this assessment service provides an insight view into the storage in SAN, NAS, and DAS storage and provides to the IT organization with the information about what applications are connected to what storage arrays and how much of the storage the application is using so organizations can make informed decisions about how their existing storage assets are being utilized.

Storage Supply Chain Analysis


18

Gap analysis of the customers current architectures VS the customers strategic vision

Structured services engagement that determines a Clients Data Centre “Future State” requirements and vision

Reviews and analyses the clients current (tactical) and future (strategic) business requirements

Captures the current state Data Centre architecture and delivers a future state vision

Delivers a supporting roadmap to achieve the vision.

Based on a proven Company I methodology

Two service offerings – FSA Lite and full FSAA

Future State Architecture

"Максимальная" стратегия - общая стоимость

Капитальные расходы, включая установку

"День 1"2012

2013

2014

2015

2016Всего, за 5 лет

Распределение по годам (2012 - 1)

CM1. Распределение КТС по разным площадкам

48 000$

682 463

$

1 001 826

$

397 660

$

-

$

-

$

2 081 949

$ *

CM2. Кластеризация между площадками

-$

-

$ 524 480

$

-

$

-

$

-

$

524 480

$ *

CM3. Репликация данных между площадками

-$

-

$

-

$

-

$

-

$

-

$

-

$ o

CM4. Резервное копирование данных

-$

-

$ 395 344

$

-

$

-

$

-

$

395 344

$ *

CM5. Архивное хранение данных

-$

-

$

-

$

-

$

-

$

-

$

-

$ *

CM6. План по восстановлению

-$

63 500

$

-

$

-

$

-

$

-

$

63 500

$ *

CM7. Контракты с поставщиками (аутсорсинг, ship-in)

-$

-

$

-

$

-

$

-

$

-

$

-

$ o

CM8. Запас мощности оборудования на каждой из площадок

-$

-

$

-

$

-

$

-

$

-

$

-

$ o

CM9. Наличие комплекта ЗиП

-$

-

$

-

$

-

$

-

$

-

$

-

$ o

PM1. Включение в систему мониторинга

-$

894 450

$

80 000

$

40 000

$

-

$

-

$

1 014 450

$ *

PM2. Отказоустойчивая конфигурация оборудования

-$

-

$

-

$

-

$

-

$

-

$

-

$ o

PM3. Кластеризация в рамках одной площадки

-$

-

$

-

$

-

$

-

$

-

$

-

$ o

PM4. Процесс управления ИТ-рисками

-$

-

$

-

$

-

$

-

$

-

$

-

$ *


-$

-

$

-

$

-

$

-

$

-

$

-

$ *

PM6. Процесс управления непрерывностью

-$

-

$

-

$

-

$

-

$

-

$

-

$ *

PM7. Процесс управления мощностями

-$

-

$ 50 668

$

-

$

-

$

-

$

50 668

$ *


21 000$

27 500

$

56 500

$

10 000

$

-

$

-

$

94 000

$ *

PM9. Дублирование резервных копий на другой площадке или в

удалённом хранилище

-$

-

$ 20 000

$

-

$

-

$

-

$

20 000

$ *

Итого

69 000$

1 667 913

$

2 128 818

$

447 660

$

-

$

-

$

4 244 391

$

Операционные расходы

"День 1"2012

2013

2014

2015


Итоговое распределение (по итогам 5 лет)

CM1. Распределение КТС по разным площадкам

-$

62 100

$

670 468

$

842 529

$

873 218

$

905 441

$

3 353 755

$ *

CM2. Кластеризация между площадками

-$

-

$ 179 417

$

163 193

$

144 057

$

146 016

$

632 682

$ *

CM3. Репликация данных между площадками

-$

-

$

-

$

-

$

-

$

-

$

-

$ o

CM4. Резервное копирование данных

-$

-

$ 163 830

$

141 248

$

128 787

$

131 453

$

565 318

$ *

CM5. Архивное хранение данных

-$

-

$ 20 845

$

21 887

$

22 982

$

24 131

$

89 845

$ *

CM6. План по восстановлению

24 000$

88 539

$

126 052

$

106 520

$

111 211

$

116 136

$

548 458

$ *

CM7. Контракты с поставщиками (аутсорсинг, ship-in)

-$

-

$

-

$

-

$

-

$

-

$

-

$ o

CM8. Запас мощности оборудования на каждой из площадок

-$

-

$

-

$

-

$

-

$

-

$

-

$ o

CM9. Наличие комплекта ЗиП

-$

-

$

-

$

-

$

-

$

-

$

-

$ o

PM1. Включение в систему мониторинга

-$

162 890

$

207 890

$

162 890

$

162 890

$

162 890

$

859 450

$ *

PM2. Отказоустойчивая конфигурация оборудования

-$

-

$

-

$

-

$

-

$

-

$

-

$ o

PM3. Кластеризация в рамках одной площадки

-$

-

$

-

$

-

$

-

$

-

$

-

$ o

PM4. Процесс управления ИТ-рисками

20 000$

54 967

$

56 215

$

37 526

$

28 903

$

30 348

$

207 959

$ *


-$

43 597

$

59 103

$

42 530

$

41 703

$

43 789

$

230 722

$ *

PM6. Процесс управления непрерывностью

-$

40 891

$

65 865

$

43 959

$

40 631

$

42 388

$

233 734

$ *

PM7. Процесс управления мощностями

-$

18 750

$

90 055

$

58 928

$

65 568

$

63 930

$

297 231

$ *


51 000$

114 590

$

133 683

$

113 768

$

103 404

$

108 034

$

573 479

$ *

PM9. Дублирование резервных копий на другой площадке или в

удалённом хранилище

-$

-

$ 10 045

$

10 347

$

10 665

$

10 998

$

42 055

$ *

Итого

95 000$

586 324

$

1 783 468

$

1 745 325

$

1 734 019

$

1 785 553

$

7 634 689

$

Распределение по статьям расходов

"День 1"2012

2013

2014

2015


Оборудование и техническое обеспечение (ОиТО)

22 500

$

696 808

$

558 004

$

-

$

-

$

1 277 312

$

Лицензии (Л)

867 950

$

685 980

$

217 000

$

-

$

-

$

1 770 930

$

Работы внешнего подряда (РВП)

602 837

$

361 950

$

189 713

$

53 470

$

35 709

$

1 243 678

$

Фонд оплаты труда (ФОТ)

148 030

$

543 789

$

618 960

$

644 896

$

677 141

$

2 632 816

$

Сервисное и гарантийное обслуживание (СиГО)

177 290

$

454 648

$

609 648

$

609 648

$

609 648

$

2 460 883

$

Прочие расходы

383 530

$

255 686

$

-

$

-

$

-

$

639 216

$

Телекоммуникации и Инфраструктура (ТиИ)

62 100

$

333 407

$

416 544

$

437 372

$

459 240

$

1 708 663

$

Затраты на проект

$2 254 237$3 912 287

$2 192 985$1 734 019

$1 785 553

Условная выгода от реализации проекта

$116 144$2 555 167

$5 807 197$5 807 197

$5 807 197

Условный ежегодный денежный поток

($2 138 093)($1 357 120)

$3 614 212$4 073 178

$4 021 644

Условный денежный поток за весь период

($2 138 093)($3 495 213)

$118 999$4 192 177

$8 213 821

Условный дисконтированный денежный поток

($2 138 093)($3 243 817)

$102 496$3 351 103

$6 093 631

Условный дисконтированный накопленный за период денежный

поток

($2 138 093)($5 381 910)

($5 279 413)($1 928 310)

$4 165 320

NPV за 5 лет (считая с первого года)

$4 165 320

Срок окупаемости, лет

4,32

Распределение затрат по процессамПроцесс

2012

2013

2014

2015


ИТ-пр.: упр. непрерывностью (DS4)

116 730

$

179 217

$

137 778

$

139 142

$

145 824

$

718 692

$

ИТ-пр.: упр. ИТ-рисками (PO9)

38 265

$

39 178

$

20 137

$

21 144

$

22 201

$

140 923

$

ИТ-пр.: упр. инцидентами (DS8)

27 000

$

44 250

$

5 934

$

3 278

$

3 441

$

83 903

$

ИТ-пр.: упр. мощностями (DS3)

98 750

$

159 921

$

88 795

$

55 435

$

53 796

$

456 697

$

ИТ-пр.: упр. конфигурациями (DS9)

217 890

$

216 772

$

151 802

$

91 380

$

95 949

$

773 794

$

$-

$100 000

$200 000

$300 000

$400 000

$500 000

$600 000

$700 000

$800 000

$900 000

$1 000 000

12

34

5

Оборудование и техническое

обеспечение (ОиТО)Лицензии (Л)

Работы внешнего подряда (РВП)Фонд оплаты труда (ФОТ)Сервисное и гарантийное

обслуживание (СиГО)Прочие расходыТелекоммуникации и

Инфраструктура (ТиИ)

Оборудование и техническое обеспечение (ОиТО)11%

Лицензии (Л)15%

Работы внешнего подряда (РВП)11%

Фонд оплаты труда (ФОТ)22%

Сервисное и гарантийное обслуживание (СиГО)21%

Прочие расходы5%

Телекоммуникации и Инфраструктура (ТиИ)

15%

($8 000 000)

($6 000 000)

($4 000 000)

($2 000 000)

$0

$2 000 000

$4 000 000

$6 000 000

20122013

20142015

2016Затраты на проект

Условный дисконтированный

накопленный за период денежный поток

ИТ-пр.: упр. непрерывностью (DS4);

$718 692 ; 33%

ИТ-пр.: упр. ИТ-рисками (PO9); $140 923 ; 6%ИТ-пр.: упр. инцидентами

(DS8); $83 903 ; 4%

ИТ-пр.: упр. мощностями (DS3); $456 697 ; 21%

ИТ-пр.: упр. конфигурациями (DS9);

$773 794 ; 36%

Оглавление


19

Gap analysis of the customers current architectures VS the customers cloud based strategic vision

The current state of cloud-relevant technology, as well as lack of definition or standardization in the areas of IT operations and IT governance, suggest that cloud computing is not an enterprise-grade choice for all workloads or use cases. It is therefore critical to segment or tier workloads based on their requirements.

Cloud Readiness Assessment


20

INFORM is an information assurance cost/risk planning program that can assist customers in their business planning process

An intelligent application based on• 1,272 Surveys from Fortune 1000

organizations• Primary and third party research• Expert logic

Analyzes your unique Business Drivers and IT Risks

Develops a Solution Roadmap to best meet your needs

Relates the results to currently accepted IT Management and Security Standards

INFORM Risk Assessment



Residency Services


Consulting Residency ServicesResidency Types

•Manage the technology stack

•Demonstrate domain expertise

Technology Resident•Take

unique Symantec Intelligence and provide to client

•Out-task area of expertise

Expert Resident

•Ensure value realization of Symantec Investment

•Lead the full deployment of portfolio wide solutions

Strategic Resident

23

CustomerRequirements

CTAPResponse

Access to cyber intelligence

Subject Matter Expertise

Comprehensive Toolset

Access to Symantec’s Infrastructure

Threat identification

Intelligence gathering and validation

Assess nature of the threat

Create and implement action

CTAP

Residency ExampleCyber Threat Analysis Program (CTAP)


1 EMEA Partner Led Consulting Service Offerings EMEA Partner Led Consulting.

Documents

Transcript of 1 EMEA Partner Led Consulting Service Offerings EMEA Partner Led Consulting.