Shafagh.com Shafagh Zandi Official Blog

Cisco Advanced Security Specialization

Lifecycle Services Advanced Security – LCSAS

Prepare Phase:

Analyze and Evaluate Requirements

Identify solutions to meet Requirements

1. Gather high-level solution req.
2. Understand customer’s business needs.
3. Identify key-players, issues & timelines
4. Identify the scope of opportunity.

1. Account team roles and responsibilities.
2. Match solution to the needs.
3. Compare against competitors.
4. Create account strategy.
5. Research challenges.

1. Identify stakeholders.
2. Capture group requirements.

1. Technical requirement of solutions.
2. Analyze business & service requirements.
3. Document the requirements.
1. Preliminary technical discovery.
2. Technology strategy meeting.
3. Develop technology strategy.
4. Present technology strategy.

1. Demonstration of proposed solution.
2. Whitepapers.
3. Question and Answers.

1. Logical & system level topology map.
2. Staffing plan for design and implement phase.
3. Strategies for operate and optimize  phase.
4. Create a design that addresses business and technical needs.

1. Review service requirements.
2. ROI
3. Create business case.
4. Financial justifications.

1. Develop a written proposal.
2. Draft a proposal aligned with customer needs.

1. Review proposal with the customer.
2. Obtain sign off on SOW (statement of work)

Plan Phase:

Analyze the customer physical and network infrastructure

Introduce recommendations for integration

1. Project manager:
1. Defines milestones.
2. Creates project plan.
3. Conducts the project kickoff.
4. Ensures the project is executed.
5. Provides resources.

1. Gather and analyze facilities information.
2. Compare information to solution requirements.
3. Gap analysis.
4. Create site readiness assessment.
1. Assess infrastructure req.
2. Facility site survey.
3. Site readiness gap analysis

1. Define account team roles and responsibilities.
2. Match solution to business needs.
3. Compare solution with competitors.
4. Create account strategy.
5. Determine if gaps exists in current security policies.
1. Assess existing infrastructure.
2. Assess existing software operating procedure.
3. Assess current security management procedures.
4. Create the readiness assessment report.
5. Present system readiness report.

Design Phase:

Draft a security solution

Establish implementation and operational guidelines

1. Current security posture, requirements, high-level design recommendations.
2. Stakeholders recommendations.
3. Design workshop with customer.
4. Confirm all planning information be available and complete.
5. Discuss and document the progress for the remediation plan.

1. Define security policies.
2. Create low-level design.
3. Leverage security leading practices.
4. Provide comprehensive, implementation-ready design
1. Perform & develop design for CSA (Cisco Security Agent)
2. Perform & develop design for IPS.
3. Perform & develop design for MARS.

1. Define ongoing processes.
2. Identify who will perform these processes.
3. Provide implementation-ready design.
1. Review documentation.
2. Operational design development.

1. Customer signs letter of understanding.
2. Project team begins pre-implementation activities.

1. Create implementation plan.
2. Determine equipment and staffing.
3. Site specific system
1. Activities
2. Configurations
3. Commissioning test plans

1. Develop and present system implementation plan.

1. Material requirement for staging plan.
2. Instructions for setup.
3. Staging test plan.
4. Installation and service commission requirement tasks
1. Write staging plan.
2. Staging plan development.
3. Present final staging plan.

1. Plan to execute a final system acceptance test.
2. Require input of multiple stakeholders.
3. Allows to identify issues before putting solution in production.
4. Helps develop an acceptance test to verify security solution.

1. Knowledge transfer for support staff.
2. Training different stakeholders.
3. Assess skills and knowledge transfer requirement.

1. Deliver design documentation and SOW to customer
2. Obtain signed implementation plan.
3. Order the equipments.

Implement Phase:

Installation

Testing

Delivery

1. Internal kickoff meeting.
2. Finalize plans, scope and the budget.
3. Identify risks.
4. Develop the project management, escalation and communication plans.

1. Review project escalation, communication and training plans.
2. Obtain approval from key stakeholders.

1. Staging in non-production environment.
2. Install and test CSA in lab.
3. Install soft wares and achieve connectivity.
4. Implement policies and groups.
5. Execute staging test and acceptance test.
6. Customer acceptance for production deployment.

1. Implementation at various customer sites.
2. Project team manages implementation and logistics.

1. Knowledge transfer to key IT contacts.
2. Preparing end user training

1. The Test cases which approved in design phase, are implemented.
2. Issues are resolved using escalation process.
3. The customer signs off results.
4. You will verify security system meets solution requirements.

1. Implement and test operational process and procedures.

1. Documentation that reflects design requirements and configurations.

1. System operators.
2. System administrators.
3. Executive administrators.
4. End users.

1. Project team transfer the solution to customer.
2. Support options are discussed.
3. Customer signs a letter of understanding of detailing support.
1. SMARTnet benefits and limitations.

1. Customer’s feedback.
2. Document any lessons learned in a knowledge management system.
3. Update leading practices.
1. Obtain customer satisfaction.
2. Lessons learned meeting to avoid in future.
3. Update leading practices.

Operate Phase

Transfer administration of security solution to NOC

Day to day administration occurs

1. Establish network connectivity and device discovery.
2. Documentation.
3. Service Level requirement, recovery plan and serial numbers.
4. Create customized reports.
5. Manage systems like scheduled backups and so on.

1. Monitor event logs.
2. Service level metrics.
3. Abnormal events or trends.

1. Apply process involved in identify an incident.

1. Implement changes and standardizes methods and procedures.

1. Backup configuration databases.
2. Execute the moves, adds and changes (MAC)
3. Update documentation, network configurations and inventory.
4. Current information and check records to be correct.

1. Manage access control lists.
2. Monitor intrusion.
3. Manage threats.
4. On going process to protect the CIA triad.

Optimize Phase

Evaluate the solution against success criteria and new threats.

Make recommendations and make changes to network

Achieve operational excellence through ongoing improvement

1. Deliver recommendation for change to customer.
2. Realization of ROI.
3. Conduct an optimization workshop.

1. Determines what changes are required.
2. Assess the security system.
1. Optimizing device configurations.
2. Capacity planning.
3. Traffic analysis.
4. Security assessment.
5. Resolving quality issues.

1. Deliver recommendations for change.
2. Assess state of operations: People, processes and tools.