Data Security Bundle Installation Service
Dell SKU: AD154078. Superna Product Code: eyeglass-P028-INS
Overview
This service is designed for customers who have purchased the Security Bundle and need installation and configuration assistance deploying Ransomware Defender, Easy Auditor and Security Integrations.
- Service Delivery: Remote sessions for audio, video and screen sharing via Zoom, VPN or alternate remote access to customers' PowerScale equipment. Estimated three (3) hours over a span of 1-2 days with dedicated customer technical resources.
- Service scope covers a single clustered ECA agent installation and configuration, with up to 2 collocated PowerScale Clusters.
- Operating Hours: Monday to Friday 9 am - 4 pm in your local time zone excluding major holidays.
- Terms and Conditions:
- Exclusions:
- Superna resources are not authorized to provide design recommendations for Disaster Recovery features. This would require a purchase of the DR Design and Implementation Service
- Hands-on changes to external IT components, for example DNS, Active Directory, PowerScale or other non Superna supplied products.
- Service delivery requires customers to have hands-on knowledge of all external IT components.
Prerequisites
Complete these steps prior to scheduled installation and configuration:
- Complete a Pre-Installation Questionnaire Form located here
- Send a schedule installation request to services@superna.net
- Core Agent Appliance is installed
- Run an event rate script to determine a number of VMs
- On the day of installation confirm availability of the DNS administrator to make changes if the above steps require debugging or were misconfigured.
- Firewall ports opened as per documentation for ECA clusters
Service Methodology Flow
Initial Setup and ECA (Extended Cluster Agent) Installation and Configuration Service
ECA Agent Installation Phase - Remote installation with customer to accomplish the following:
- Prerequisite - Gather and review site installation data submitted from the questionnaire
Configuration Phase - Remote
- Apply License
- Edit configuration file on agent startup
- Startup clustered agent code
- Configure PowerScale to audit files for testing phase
- Verify audit messages are being processed
- Completed
Ransomware Defender Configuration Phase
Configuration and Testing:
- Configure Security Guard feature
- Validate successful execution
- Configure schedule
- Knowledge transfer on log file validation for Security guard
- Enable monitor mode to baseline user behavior
- Review Security assessment on enforcement section in the admin guide
- Schedule follow on Health Check and Knowledge Transfer sessions two-three weeks from phase completion
Knowledge Transfer:
- How to enable production mode
- Operational cluster management section
- How to process security incidents work flow from the admin guide: How to respond to Security Events for Warning, Major or Critical Events
- How and when to make white list changes when introducing new server applications that write data to PowerScale
- UI walk through
Easy Auditor Configuration Phase
Configuration and Testing:
- Verify audit data is being stored in the analytics database with query interface
- Run test user query report
- Run test path based report
- Test Where did my folder go?
- Review test wiretap functionality on a path with a test user mounting and accessing files
Knowledge Transfer Phase
- How to build a query and filter on user, path, file extension, file action
- How to run query reports
- Where to read documentation on Easy Auditor Operations.
- Cluster Operations
Service complete - Review and deliver final ECA Installation Report.