With broad customer and industry experience, the Lancope Professional Services team helps organizations optimize StealthWatch deployments to meet specific business requirements, increase productivity and reduce risk. A unique combination of network and security skills enables the team to quickly and effectively implement StealthWatch to meet the intense demands of today's advanced cyber threat environment.

Lancope's Initial Install service allows network and security teams to closely align the StealthWatch System with their overall security strategy and business objectives.  This service installs and integrates the StealthWatch system in the customer infrastructure.  It configures the system and provides for initial tuning and report generation. 

Benefits

Customers will experience fast, error-free deployment, highly effective threat detection and maximum protection from a wide range of online attacks.  They will also benefit from the unique opportunity to learn from Lancope's highly skilled technical staff. 

Details

  • Configuration of default Host Group structure
  • Alarm tuning
  • Dashboard, map and report configuration
  • Implementation of desired alerting
  • On-the-job instruction for technical staff
  • A half-day knowledge transfer session on system operation and investigative workflows

Health Check and Tuning customers with the ability to have their StealthWatch system verified for proper operation and tuned to increase the fidelity of alarms for increased operational efficiency.  

Benefits

Lancope's Health Check and Tuning enables organizations to achieve increased operational efficiency and return on investment.  Customers will benefit from high fidelity alarms, quicker response times and minimised corporate risk.  

Details

  • Upgrade the StealthWatch System as needed
  • Review network architecture and flow collection design for maximum performance
  • Review Host Group structure and recommend changes if necessary
  • Tune alarms to increase fidelity
  • Help configure dashboards, reports and maps
  • Implement desired alerting
  • Provide on-the-job instruction for technical staff
Testimonials
Testimonial

“Northern Illinois needed a secure appliance that could alert to most kinds of malicious traffic and that required no more than 30 minutes per day to manage. After tuning, StealthWatch required only 15 minutes a day to manage and did not demand signature-updates.”

 

 

Northern Illinois University

StealthWatch Host Group Automation gives customers a logical means of categorizing network assets for improved visibility and control.  Through the Host Group Automation service, Lancope enables customers to automatically synchronize Host Groups with data from their authoritative IP address management system.  

Benefits

The Host Group Automation service enables customers to optimize StealthWatch System performance and reduce operational overhead, as well as decrease false positive alarms and reduce operator errors.  Automatic Host Group updating helps keep the StealthWatch System operating at its maximum potential for increased efficiency and optimal protection from a wide range of online threats.  

Through the Proxy Integration service, customers can integrate their web proxy with the StealthWatch FlowCollector to extend network visibility into stitched flows between internal clients and outside web servers.  By achieving end-to-end network visibility that spans web proxies, customers can expand network protection and maximize return on investment for their StealthWatch System.  

Benefits

Obtaining insight into proxy sessions allows customers to improve threat detection and minimize corporate risk, while also enabling quick forensic investigations into command-and-control (C&C) communications across the proxy.  It allows for immediate alerting of corporate use policy violations.  

Details

  • Development of tailored integration strategy
  • Installation of the proxy adapter on virtual of physical hosts
  • Configuration of the adaptor and StealthWatch System components to enable ingest of NetFlow
  • Assistance with configuration of the adapter for Syslog ingest
  • Integration of up to four like proxies into the StealthWatch System
  • By achieving end-to-end network visibility that spans web proxies, customers can expand network protection and maximize return on investment for their StealthWatch System
Related Resources