Data Security Bundle Installation Service

Overview

This service is designed for customers who have purchased the Security Bundle and need installation and configuration assistance deploying Ransomware Defender, Easy Auditor and Security Integrations.

Dell SKU: AD154078. Superna Product Code: eyeglass-P028-INS

• Service Delivery: Remote sessions for audio, video and screen sharing via Zoom, VPN or alternate remote access to customers' PowerScale equipment. Estimated three (3) hours over a span of 1-2 days with dedicated customer technical resources.
• Service scope covers a single clustered ECA agent installation and configuration, with up to 2 collocated PowerScale Clusters.
• Operating Hours: Monday to Friday 9 am - 4 pm in your local time zone excluding major holidays.
• Terms and Conditions:
  • Legacy EULA: https://manuals.supernaeyeglass.com/project-eula-and-support-agreement/HTML/supernaeyeglasseulaandsupportservicesagreemen.html
  • Subscription EULA: https://manuals.supernaeyeglass.com/project-eula-and-support-agreement/HTML/superna-subscription-terms-and-conditions.html

Exclusions

• Superna resources are not authorized to provide design recommendations for Disaster Recovery features. This would require a purchase of the DR Design and Implementation Service
• Hands-on changes to external IT components, for example DNS, Active Directory, PowerScale or other non Superna supplied products.
• Service delivery requires customers to have hands-on knowledge of all external IT components.

Prerequisites

Complete these steps prior to scheduled installation and configuration:

• Complete a Pre-Installation Questionnaire Form located here
• Send a schedule installation request to services@superna.net
• Core Agent Appliance is installed
• Run an event rate script to determine a number of VMs
• On the day of installation confirm availability of the DNS administrator to make changes if the above steps require debugging or were misconfigured.
• Firewall ports opened as per documentation for ECA clusters

Service Methodology Flow

Initial Setup and ECA (Extended Cluster Agent) Installation and Configuration Service

ECA Agent Installation Phase - Remote installation with customer to accomplish the following:

• Prerequisite - Gather and review site installation data submitted from the questionnaire

Configuration Phase - Remote

• Apply License
• Edit configuration file on agent startup
• Startup clustered agent code
• Configure PowerScale to audit files for testing phase
• Verify audit messages are being processed
• Completed

Ransomware Defender Configuration Phase

Configuration and Testing:

• Configure Security Guard feature
  • Validate successful execution
  • Configure schedule
  • Knowledge transfer on log file validation for Security guard
• Enable monitor mode to baseline user behavior
• Review Security assessment on enforcement section in the admin guide
• Schedule follow on Health Check and Knowledge Transfer sessions two-three weeks from phase completion

Knowledge Transfer:

• How to enable production mode
• Operational cluster management section
• How to process security incidents work flow from the admin guide: How to respond to Security Events for Warning, Major or Critical Events
• How and when to make white list changes when introducing new server applications that write data to PowerScale
• UI walk through

Easy Auditor Configuration Phase

Configuration and Testing:

• Verify audit data is being stored in the analytics database with query interface
• Run test user query report
• Run test path based report
• Test Where did my folder go?
• Review test wiretap functionality on a path with a test user mounting and accessing files

Knowledge Transfer Phase

• How to build a query and filter on user, path, file extension, file action
• How to run query reports
• Where to read documentation on Easy Auditor Operations.
• Cluster Operations

Service complete - Review and deliver final ECA Installation Report.