PARTNER SALES SUMMARY
NETWORK INTERCEPTOR™ Detecting & Preventing Advanced Targeted Attacks, 24/7
Small to medium sized businesses are struggling to reduce complexity while maintaining defenses against a growing threat landscape. Many smaller organizations are increasingly the targets of cyber attacks, and operate in highly regulated industries, driving a compelling need to protect assets, client information and intellectual property. Network Interceptor is a service that combines technology and human‐driven analysis to monitor corporate networks and detect known and unknown security threats, 24x7. It delivers real‐time detection, analysis, mitigation and incident response by experts at eSentire’s Security Operations Center, providing enterprise class protection to small to medium size businesses. It’s deployed as a continuous managed service that leverages the architecture of a network appliance sensor to monitor client networks. Core capabilities include real‐time deep‐packet inspection, full packet capture, human assisted machine learning, behavior‐based anomaly detection, signature‐based intrusion detection and prevention, and security analyst communications.
TARGET VERTICAL INDUSTRIES Finance, Legal, BioPharma, Healthcare
TARGET CUSTOMERS Small to mid-size who are tied to regulations: SEC, HIPAA, SOX Organizations with small IT staff or small/nonexistent security team Companies that need to protect intellectual property Companies who have been the victim of a breach Companies with global presence/multi-national
KEY BENEFITS
eSentire Threat Signal Data for Analysis
24/7 Security Operations Center
Network Interceptor
Internet
Containment Mitigation
Switch
Reduces complexity and eliminates high costs of staffing a dedicated security team
Allows customers to maintain compliance with rigorous regulations
Complementary solution to customer’s existing security investments
Budget-friendly billing reduces need for expensive capital investments
Firewall
Switch
Router
Delivers real-time protection and active resolution of security threats by proven experts
SCOPING NEW OPPORTUNITIES Pricing varies by number of employees, number of locations and the throughput of the customer’s network. Pricing is available for Gold, Silver, SOHO and Virtual options Assistance with sizing opportunities is available through the eSentire Pricing Calculator, or through your Channel Account Manager.
QUALIFYING QUESTIONS
Are there regulatory concerns currently SEC, FCA, FINRA, HIPAA?
Regulatory bodies across all industries are requiring compliance to cyber security rules, becoming a key driver for small to mid-size clients to adopt a more comprehensive security posture. Protecting assets, information and preventing fines, loss of revenue and risk to reputation.
Are your investors/clients/stakeholders inquiring as to your security posture?
A proactive security approach gives clients, stakeholders and investors assurance that assets, personal information and intellectual property are being diligently protected, and reduces risk to business continuity.
Do you have a dedicated security team?
62% of breaches in 2014 were at the SME level. Medium tier businesses are being targeted because they typically can’t match the security processes of larger companies. Most SME’s don’t have expert security resources on staff to monitor, analyze and mitigate threats. Creating a dedicated security team in-house is cost prohibitive to smaller organizations.
Do you know if your organization has been breached/compromised? Would you know?
81% of companies attacked in 2014 were not able to identify the breach themselves and on average it took them 188 days to realize security had been compromised. Network Interceptor provides real-time threat protection, analysis and mitigation - we'll know about an attack immediately and mitigate it.
Are you familiar with ‘zero-day’ or unknown cyber threats such as phishing, social engineering, and targeted attacks?
Network Interceptor analyzes and detects both known and unknown “zero-day” cyber threats in real time by using technology coupled with our security expertise, finding threats before they cause damage.
Are there any ongoing security audits or new audits on the horizon?
Regulatory bodies are requiring the performance of annual security audits, levying fines and sanctions against those who can’t demonstrate implementation of adequate security measures. Network Interceptor helps organizations harden defenses and document compliance.
OVERCOMING OBJECTIONS
SCENARIO
QUESTIONS TO ASK
POSITIONING WITH THE CUSTOMER
“We’ve got security covered” Customer has purchased security technologies such as IDS, Next Generation Firewall, SIEM, etc.
Are you monitoring your logs 24x7? How often are you tuning your devices? How do you know if malware has gotten through your defenses? Do you have the skilled resources in place to monitor your environment?
We are a complementary service that works with what you have in place already to ensure its value and reliability. Our security analysts watch your network traffic 24x7x365, enabling us to recognize breaches before you do. We provide the benefits of an in-house SOC for a fraction of the cost. Standing up a SOC with around the clock coverage can cost up to $2M, according to IDC estimates.
“We’re too small to be a target” Customer thinks their small footprint makes them a less attractive target to cyber criminal.
What is the value of the assets or intellectual property you have under management? Do you work with other SME’s and counterparts on a daily basis?
Around 43% of mid-sized businesses have suffered loss from cyber attack, but only around 20% have measures in place to help. Many of these breaches stem through their partner network, specifically because they are small, and might not have the capability to detect, block, and respond to incoming threat.
“We outsource our IT” Customer has IT outsourcing provider and think they are covered.
What visibility is there at the board, or executive level around the issue of security? Has your outsource IT provider created an incident response plan for you?
Security is not simply an IT issue, but a business continuity concern with board‐level visibility. It needs to be handled differently.
“We’re moving to the Cloud” Customer is using a cloud provider and thinks security is taken care of.
Does your cloud security strategy encompass end users on the network? Are you familiar with phishing attacks?
Moving to the cloud doesn’t eliminate security risks. Successful phishing attacks target internal users – taking control of an endpoint to gain access to what’s in the cloud. Comprehensive monitoring, analysis and mitigation by security experts significantly reduces the risk of a breach, and complements existing cloud strategies.
SELLING AGAINST THE COMPETITION Dell SecureWorks is a primary competitor for Network Interceptor. Secondary competitors include MSSP’s, SIEM providers and security hardware vendors that have varying capabilities, architectures, service levels, cost profiles and weaknesses. Contact your Channel Account Manager for more information. eSentire
Feature Comparison
Dell
eSentire Network Interceptor Advantage
COMPETITIVE EDGE
Zero day threat protection with human analysis & intervention
Threat detection and analysis is highly automated and less effective with Dell's solution. eSentire's anomaly-based analysis and human intervention approach offers superior protection.
Signature + Intelligence based threat protection
Network Interceptor incorporates behavior-based detection in addition to signature and threat intelligence, a distinct advantage over Dell when dealing with advanced threats. eSentire continuously updates our sensors in the field as opposed to only 2x weekly updates from Dell. eSentire embeds incident response within its service. Dell requires a separate retainer to provide it.
Embedded Incident Response Data Residency
All data stays on customer network, preserving security. No data is sent to cloud-based services.
Inline Architecture
SecureWorks iSensor can provide active prevention capabilities only when placed in an inline mode, introducing latency and a single point of failure. eSentire allows “passive” monitoring – not inline – to ensure that zero network latency is introduced.
Full and Continuous Packet Capture
eSentire performs continuous packet capture, which aids in forensic investigations of attacks, providing much richer data sets to investigators. Dell only records packet capture if a threat has already been identified.
Personalized, High Touch Service
Our 1:8 customer to Security Analyst ratio ensures a high‐touch, personalized experience while allowing immediate access to our SOC Analysts.
HOW TO WIN AGAINST DELL Review Quotes Carefully Compare SLAs and embedded services so customers understand what's included.
Detection Heavy reliance on signature-based detection and threat intelligence alone is not effective in dealing with targeted attacks (zero-day).
Human vs. Automation Increased reliance on “automated security” has been identified as a key reason for security failure. We also provide the human element.
Service Levels Reinforce our high touch service model.
Reliance Needs other security infrastructure to be effective.
Compare SLAs Dell promises to keep their infrastructure up, not respond to events.
Copyright © 2015 eSentire, Inc. All rights reserved. www.esentire.com | @esentire | partners@esentire.com