Alert Logic Threat Manager Deployment on vCloud Air

High-level Overview

Alert Logic Threat Manager Overview

CONFIDENTIAL 2

• Alert Logic Threat Manager is an IDS that monitors network traffic from physical and virtual devices in on-premises, cloud, or hybrid environments.

• All data is sent from the Threat Manager appliance in the customer environment to an Alert Logic datacenter where it is processed by the Expert System.

• The Expert System identifies any malicious traffic and generates incidents that are escalated to the customer by an analyst in the Security Operations Center

• Virtual Appliances are deployed in cloud environments. There are physical appliances available for on-premises environments. They work together to give an all encompassing, single pane of glass view of the entire environment.

• A Threat Manager deployment in a virtual environment consists of an Alert Logic Threat Manager virtual appliance deployed in the customer network and an agent installed on every server to protect.

Alert Logic Threat Manager Deployment

CONFIDENTIAL 3

Installation/Configuration Process

Activity Action Responsibility

Onboarding call Collect customer information Alert Logic

Onboarding call Create customer and user accounts Alert Logic

Onboarding call Provision Alert Logic

Installation Configure firewalls Customer

Installation Install agents/appliance Customer

Verification Validate installation Alert Logic

The customer will have access to the Alert Logic user interface where they can view the state of all deployed resources as well as their event data.

The table lists the roles and responsibilities in the deployment of Threat Manager in a customer environment. The initial onboarding through agent installation can typically be accomplished in under one hour for the first agent and the customer can deploy the remaining agents at their convenience.

Additional Documentation and Support

CONFIDENTIAL 4

Alert Logic documentation is available online:

http://docs.alertlogic.com

Specific requirements for Threat Manager:

http://docs.alertlogic.com/#docs/system_requirements/tm_system_requirements.htm%3FTocPath%3DSystem%2520and%2520network%2520requirements%7C_____3

 

All Alert Logic products come with basic support and training included.

Send an email to support@alertlogic.com or call 877.375.9951.

 

An Active Watch service is also available to provide tuning, threat analysis, and remediation assistance.

Thank You