deepwatch Network Solutions provide monitoring and management of customer’s network security devices. deepwatch currently offers one network solution; Protect Network.
deepwatch Protect Network includes the following features and capabilities:
deepwatch works with customer to ensure appropriate remote access to its centralized management consoles for the in-scope Network Security Devices.
deepwatch performs an initial review of customer’s in-scope network security devices to analyze their current configuration, including:
As a result of initial configuration reviews, deepwatch provides customer with a deliverable that focuses on recommendations for improvement.
deepwatch develops the appropriate governance rules with customer to identify the following:
deepwatch performs platform configuration and patch management on behalf of deepwatch customers for in-scope network security devices. This includes updating the platform software and firmware as well as implementing changes requested via the deepwatch portal. Customer requests are prioritized and performed during the agreed upon maintenance windows. Changes that cannot be addressed during the maintenance window are addressed at the next mutually agreed upon maintenance window.
deepwatch also reviews all requested changes and identifies any technical issues with performing any requested change prior to scheduling the proposed software update and/or configuration change during the maintenance window.
deepwatch performs rule set changes as approved by customer during the maintenance windows Customer may request up to five (5) emergency rule set changes per month outside of the mutually agreed upon maintenance window.
deepwatch also reviews all requested changes and identifies any technical issues with performing any requested change prior to scheduling the rule set change during a maintenance window.
deepwatch’s deepstack Cloud SecOps Platform utilizes ServiceNow’s Knowledge Management functionality to provide shared Knowledge Articles between deepwatch and customers. deepwatch provides a predefined set of Knowledge Articles to customer. Additionally, custom Knowledge Articles are developed by deepwatch within ServiceNow, which notifies customer for review and approval. Knowledge Articles are reviewed at least every three (3) months during pre-defined meetings and as applicable during status meetings.
deepwatch serves as the primary contact for customer personnel for support of all deepwatch deepstack Cloud SecOps Platform components. In this context, deepwatch provides the support traditionally provided directly from vendors. deepwatch maintains specific support agreements with deepstack Cloud SecOps Platform component vendors in order to address and seek to resolve support related incidents in a prompt manner. deepwatch provides customer personnel with training on the deepwatch deepstack Cloud SecOps Platform and its supporting components via in-person and video-based training, as well as ServiceNow Knowledge Articles.
The following Responsibility Assignment Matrix (“RACI Chart”), describes the participation by deepwatch and customer in delivering deepwatch’s Protect Network solution.
|Device Upgrades & Configuration||R||A|
|Network Security Device Support Cases||R||A|
|Device Provisioning & Deployment||C||R|
|Appliance Backup & Restore||C||R|
|Change Management (Tickets, Windows, Etc.)||R||A|
R = Responsible A = Accountable C = Consulted I = Informed
Customers must implement deepwatch's identity solution to access the deepstack Cloud SecOps Platform as well as any and in-scope network security devices. Customer must federate existing authentication from its identity provider or utilize deepwatch's identity solution as an identity provider in conjunction with deepwatch’s Zero-Trust remote access solution.
Customer acknowledges and agrees to provide access to in-scope network security device centralized management solutions to facilitate solutions delivery.
Customer must hold an active deepwatch Detect Analytics subscription or execute a deepwatch Detect Analytics subscription before the start date for its deepwatch Protect Network subscription.
Customer is responsible for the deployment and initial configuration of the network security devices.
Customer is responsible for ensuring network security devices are able to communicate with the centralized network security device centralized management solution.
Each in-scope network security device must be on the deepwatch Supported Network Security Devices list set forth here as may be modified by deepwatch from time to time. Additionally, customer must maintain active support contracts for all in-scope network security devices from the product device vendor and add deepwatch personnel to customer’s vendor support entitlements.
Customers acknowledge and agree to follow the deepwatch travel and expense policy provided here.
Customer must provide a virtual machine infrastructure capable of hosting Linux virtual appliance(s) managed remotely by deepwatch. Customer must also install virtual appliance(s) on its virtual machine infrastructure, configured with at least the following specifications:
Customer must allow outbound TCP/443 access from their environment(s) virtual appliance(s) via the Symantec Secure Access Cloud Zero-Trust solution. Customers are responsible for the virtual appliance infrastructure (host) and networking and deepwatch is responsible for the virtual appliance(s) (guest[s]).