Hello, I am Uehara of the Sales Development Department, GTM Division.
Today, I would like to introduce our service “Managed Security Service for Cisco Secure (MSS for Cisco Secure)”,
which allows you to leave the entire security operation to us.
Contents
Challenges that Security Professionals Face
The recent increase in IT security threats, the zero-trust approach, and the strengthening of supply chain security
require a wide variety of security measures.
Additionally, with the diversification of work styles, the promotion of remote working and the use of cloud services, it is no longer possible to manage information assets solely within the company. On the other hand, a leak of
information assets can cause serious damage to the company, so security measures must be tailored to the
services and environment being used.
While the number of security products that need to be operated is increasing, the number of personnel cannot be
increased, and many security professionals are suffering from daily operational fatigue.
Cisco Security Product that Protects Access Routes and Landing Points
Next, I’d like to introduce you to the Cisco security products “Umbrella” and “Secure Endpoint” that are covered by
our “Managed Security Service for Cisco Secure”.
Cisco Umbrella is a secure Internet gateway product offered in a SaaS format.
This product protects Internet access routes, regardless of whether the connection is from within the company or
from home during remote work.
Another difficult part of using various cloud services is managing various applications that are being used.
Umbrella’s CASB functionality allows you to visualize cloud applications that are in use and monitor shadow IT.
Visualized applications can be finely controlled, for example, blocking social media posts, blocking uploading of
information assets to cloud storage, and so on.
Another important feature is the information leakage prevention function.
Umbrella’s DLP functionality can be used to inspect communications to web and cloud applications to detect
sensitive data.
DLP classification can be controlled by setting custom keywords, in addition to the default 80-plus internal data.
Source:Cisco Umbrella
App Discovery and Controls (App discovery and controls)
Shadow IT visibility and cloud app control
|
Inline DLP(Inline DLP)
Cloud Native Proxy DLP
 Utilizing SWG for connectivity, routing, and SSL composite
Solid DLP Classification
Flexible DLP policies
|
Cisco Secure Endpoint is an EPP+EDR product that supports multiple platforms.
It supports Windows and Mac, as well as Linux, Android, and iOS.
With the increasing diversity of attack methods, signature-based protection against known threats alone is not
enough.
Secure Endpoint’s EPP runs malware on a virtual OS in a sandbox called Threat Grid to determine the threat.
Additionally, behavior-based threat detection in EDR can be used to counter unknown threats.
Secure Endpoint’s EDR can perform a variety of automatic actions upon incident detection, including network
quarantine of terminals according to the severity, and moving affected systems to a different policy group.
There is also a feature unique to Cisco: Cloud Recall.
This is a feature that allows you to retroactively determine and quarantine threats when the threat database is
updated.
Cisco’s world-class threat intelligence organization analyzes threats and feeds back the results in the form of
signatures and vulnerability databases.
Cisco Secure Endpoint
Next-generation endpoint security provided via cloud
|  |
Threat Grid & Security Intelligence
For suspicious files that have no information in the threat database, the malware will be run on a virtual OS in a
sandbox called Threat Grid.
 |
|
Cloud Recall
Even if malware that has not been registered in the threat database enters the database, the malware will be
automatically quarantined when it is registered on the threat database later.
 |
→Well-received by customers who are using |
Efficiently Outsource Security Operations with
MSS for Cisco Secure
MSS for Cisco Secure
MSS for Cisco Secure is our own managed security service for Cisco Umbrella and Secure Endpoint.
We provide a simple, customizable service that includes a variety of security operation functions, such as
multi-lingual (Japanese and English) services, 24/7 x 365 days security monitoring and response, and threat
analysis by security analysts.
Three main features of the service are “simple service design,” “flexible fee structure,” and “full restoration
support.”
◆Service Feature 1
Simple service system
☑ Operation Support Plan
For additional security operations resources
▶Analysts investigate and analyze security alerts, report back to the customer and take action such as remote scanning and NW quarantine.
☑ Security Advisory Plan
For additional security skills
▶Analysts investigate and analyze the detected threats and provide the customer with a description and discussion of the threats in the form of a report.
◆Service Feature 2
Flexible fee structure
- By establishing two billing systems, an ID billing model and a number-of-response model, we can provide services at optimal prices for both large and small companies.
- ID billing model: Billing based on the number of licenses
- Response volume billing model: Charges based on the number of incidents handled
※Applicable to Operation Support Plans. 
◆Service Feature 3
Support up to restoration work available
※This is an additional paid option |  |
This service has all three invaluable features of “easy-to-implement price range,” “flexible contracts for necessary
services only,” and “security with professional support in case of emergencies.”
As mentioned at the beginning of this section, it can reduce the operational and skill load of security professionals.
Following is the overview of the service.
Incident analysis is performed automatically by utilizing our original analysis engine. This allows for a quick initial
response (terminal quarantine) from the time an alert occurs (SLO 30 minutes). We also provide linked services,
such as using alerts generated by Umbrella as a starting point for investigations by Secure Endpoint.
Service Overview
This is a simple and customizable service that includes a variety of security operational functions such as
multi-lingual (English and Japanese) and 24/7 x 365 days security monitoring and response, and threat analysis by
security analysts through Cisco’s security products (Umbrella and Secure Endpoint). *Multi-lingual support is
provided on the number-of-support billing model; ID billing is available in Japanese.
Secure Endpoint Incident Response Flow
Umbrella + Secure Endpoint Incident Response Flow
※Incident response originating from Umbrella
Finally
I’d like to summarize the benefits of implementing Cisco Umbrella, Secure Endpoint and MSS for Cisco Secure.
We hope you will take full advantage of our services to address your security operation issues.
①Reduce your operational resources and costs
②Reduce costs in the event of a security incident
③Visualization of the status of security measures
At NTT Com DD, we will continue to expand our MSS services.
We can provide optimal services for diversified work styles. Please contact us for more information.
