Presentation is loading. Please wait.

Presentation is loading. Please wait.

Sales Play - ADP 2.0 HPE ArcSight Partner Enablement

Published byBrandon Thornton Modified over 7 years ago

Similar presentations

Presentation on theme: "Sales Play - ADP 2.0 HPE ArcSight Partner Enablement"— Presentation transcript:

1 Sales Play - ADP 2.0 HPE ArcSight Partner Enablement

2 Sales Play Strategy

3 Intelligent Security Operations
Intelligent Security Operations with ArcSight Increase Speed, Simplicity and Effectiveness Across The Entire Workflow Intelligent Security Operations Intuitive Investigation & Rapid Response Comprehensive Detection with advanced Analytics Visibility without Boundaries

4 What challenges are we addressing with ADP
The Challenge The Solution Attackers can take down the infrastructure in hours Time to detection is ~146 day and patching takes years Valuable security data in data lakes goes unused Keeping up with manageability and unexpected costs of scaling The market lacks advanced security expertise ADP’s open architecture allows you to use data with third-party applications and data lakes like Hadoop Helps you manage large scale environments better Grows with you by handling large volumes of data at high speed Applies security expertise to data and prepares it for security use for faster threat detection

5 Understanding the Sales Play target customer
Who is this play for? How do I identify an opportunity? Pain Point Key Words Companies with employees Enterprises with an established SOC Enterprises looking to expand security operations ArcSight ESM (SIEM) customers Customers of Logger G7 and older Customers that need security to scale as they grow Customers that plan to use Hadoop and/or analytics tools ArcSight ESM customers Customers on older ESM pricing model Integrating data lakes like Hadoop with security applications Unexpected costs and tedious management associated with scaling environments. Manual enrichment of raw data is time consuming and expensive

6 Reaching the Sales Play Target Customer
Purchase Triggers Buyer Personas Event Triggers ESM/ Logger renewal EOL of Logger G7 ArcSight customers on old pricing model Use analytics tools/data lakes like Hadoop Compelling Conversations What are your plans to store and analyze your third party data lakes to support security reporting and analytics? What are the challenges that you experience as you scale and add more devices? Strategic Persona Titles: VP of Security/ Director of Sec. Ops Job : Management Role : Budget Owner Functional Persona Titles: Security Operations Engineer Job : Functional Manager Role : Influencer

7 Accelerate Application Security Use Cases
Modern architecture for a mature infrastructure Data expansion for broader visibility Enrich data for security use cases Connect ArcSight into data lakes (Hadoop), analytics and other applications, in order to move data from anywhere to anywhere Easier management and cost effectiveness for scaling environments Add more appliances and ingest more data from IT, OT, IOT and physical Process data at higher speeds Easier management Focus on finding threat rather than on tedious data processing Apply security expertise to raw data to add security context Collect data from anywhere and use it for various security use cases What Customers want to do Event Broker – Open architecture Centralized management console and GB/day based pricing 1 million EPS ingestion Simplified pricing with unlimited devices and console use Centralized management console with bulk operations Event Broker makes it easier to manage hierarchal deployment of ESM for larger event set ADP Connectors – Real-time normalization, categorization and enrichment of data 350+ out-of-the-box connectors provide a faster way to add security expertise with better precision with no human error How HPE will help Why you make them heroes Leverage data across the security posture for multiple use cases with an open architecture Support large scale environments by managing a wider variety of data at higher consumption rates Add security context to data for better and faster application in security use cases

8 ArcSight architecture
Actively evolving beyond traditional SIEM to support the Intelligent SOC Now lets take a look at the ArcSight architecture and see how each component plays a key role in the overall intelligent SOC. Talk through key parts, starting at bottom, and working your way up the stack. >>>[note to presenter: Remember that this is a complete picture of how our technologies play a part. This shows the customer that we have a vision and strategy for our customers]

9 Sales Play How to Sell

10 Qualifying | Using Questions to Guide the Conversation
Qualifying Questions Qualifying | Using Questions to Guide the Conversation What third party/in-house applications or data lakes (like Hadoop) do you use? What are your plans to add new devices (IT, IOT, OT, physical) and security applications? What complexities do you face with managing multiple systems and applications? What measures have you taken to reduce the cost associated with managing security data? How much time and budget do you spend managing and filtering raw data? Customers that are not looking for any of the following use cases, do not qualify – expanding security posture, use data over Hadoop, analytics and other tools, easier management of security environment, apply security expertise to data.

11 What is the Use Case driven compelling conversation?
Security analysts today, struggle to detect and respond to threats using all available data connected to the network. ADP 2.0 enriches data in real time and makes it possible to move data from anywhere to anywhere for better detection, investigation and response to threats. We lay the foundation for intelligent security operations that large environments demand. Open architecture to maximize usage Scalability through variety and velocity Real-time security context Use existing Data Lakes for security reporting and analytics Scale to support all types of data at higher consumption rates Collect and enrich data from any source to support real-time threat detection

12 Addressing Customer Objections and Concerns
3_85 26_85 32_85 33_85 34_85 Addressing Customer Objections and Concerns Objection Underlying Concern Response ADP is difficult to use and manage Managing connectors and complex environments requires expertise Q. Are you looking for a new, easy to use interface that lets you manage your security posture end-to-end from one place? A. New graphical central management console makes it simple to install, manage and administer with dynamic visualization We don’t need connectors Don’t see the disadvantage of using raw data Q: How much time and money do you spend manually parsing and categorizing data to use within a SIEM deployment? A: Device-ready connectors automate log parsing and data enrichment reducing analyst time and effort I am a Splunk user Splunk is easier to use Splunk markets a roadmap for analytics Q. How much do you spend on data collection and distribution with Splunk? A. The new licensing and in-lab data enrichment makes ADP cost effective. ADP has a more efficient footprint and allows you to distribute data with ease. to key applications and systems. It does not lock up licensing. ArcSight Logger search is too slow and limited Speed is not sufficient for security investigation use cases Q. Does your security data management solution support both short term high performance and long term compliance search? A. ADP 2.0 supports a mutli-data store approach allowing for historical compliance search and 10x faster than competitors high performance security analytics search -– coming up in March with the Hercules release.

13 Lay the Foundation Land and Expand Sales Scenarios
Targets Sell ADP 2.0 Customer Need Services Accelerator Portfolio Cross and Upsell ESM Customers leveraging event data for 3rd Party Hadoop reporting and analytics. ADP Quick Start Time to Value MSSP cross sell for customers lacking the security resources. Supplemental SOC Resources ESM Customers leveraging connector infrastructure SOC Tuning SOC Maturity Assessment and SIEM tuning UBA Upsell for customers dealing with significant false positive. Gen 7 appliance Logger customers requiring an appliance refresh Advanced Analytics Alerting

14 What do I get from the move to ADP license?
ADP 2.0 Entitlements One single SKU for Logger + Event Broker + ArcMC + Connectors Rights for unlimited Devices, Consoles, Web users, Scanned assets on ESM Unlimited centralized management function for the whole environment - centralized user management, archives, nodes of logger and/or connectors, devices monitoring Rights for Flex toolkit & Quick Flex wizard Only path to get the new modern collection architecture with Event Broker Gb/d ingestion based pricing to be used on any destination, no double counting of capacity for non-production and high availability systems Rights to feed into 3rd party data lake from the ArcSight CEF connectors

15 Thank you

Download ppt "Sales Play - ADP 2.0 HPE ArcSight Partner Enablement"

Similar presentations

Security Administration Tools and Practices Amit Bhan Usable Privacy and Security.

Security Administration Tools and Practices Amit Bhan Usable Privacy and Security.
© 2012 IBM Corporation 1 IBM Cognos 10 family Analytics in the hands of everyone Address all your analytic needs Report, Analyze, Model, Plan and Collaborate.

© 2012 IBM Corporation 1 IBM Cognos 10 family Analytics in the hands of everyone Address all your analytic needs Report, Analyze, Model, Plan and Collaborate.
11© 2011 Hitachi Data Systems. All rights reserved. HITACHI DATA DISCOVERY FOR MICROSOFT® SHAREPOINT ® SOLUTION SCALING YOUR SHAREPOINT ENVIRONMENT PRESENTER.

11© 2011 Hitachi Data Systems. All rights reserved. HITACHI DATA DISCOVERY FOR MICROSOFT® SHAREPOINT ® SOLUTION SCALING YOUR SHAREPOINT ENVIRONMENT PRESENTER.
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
Amadeus Travel Intelligence ‘Monetising’ big data sets

Amadeus Travel Intelligence ‘Monetising’ big data sets
BMC Software confidential. BMC Performance Manager Will Brown.

BMC Software confidential. BMC Performance Manager Will Brown.
.. Skytap Better Software Faster Visual Studio Industry Partner Skytap NEXT STEPS Contact us at: Insert your company description here.

.. Skytap Better Software Faster Visual Studio Industry Partner Skytap NEXT STEPS Contact us at: Insert your company description here.
Net Optics Confidential and Proprietary Net Optics appTap Intelligent Access and Monitoring Architecture Solutions.

Net Optics Confidential and Proprietary Net Optics appTap Intelligent Access and Monitoring Architecture Solutions.
Product Manager, Windows Client Robert Geller. Need to differentiate from competitors Customer complexity driving cost Need new growth strategies Difficult.

Product Manager, Windows Client Robert Geller. Need to differentiate from competitors Customer complexity driving cost Need new growth strategies Difficult.
Highlights Builds on Splunk implementations – extending enterprise value to include mission-critical IBM mainframe data. Unified mainframe data source.

Highlights Builds on Splunk implementations – extending enterprise value to include mission-critical IBM mainframe data. Unified mainframe data source.
APPLICATION Provisioning & Management made EASY EASY to ManageEASY to Manage EASY to MarketEASY to Market.

APPLICATION Provisioning & Management made EASY EASY to ManageEASY to Manage EASY to MarketEASY to Market.
1 © 2001, Cisco Systems, Inc. All rights reserved. Cisco Info Center for Security Monitoring.

1 © 2001, Cisco Systems, Inc. All rights reserved. Cisco Info Center for Security Monitoring.
Performance Point Overview Shivani Inderjee Business Intelligence Specialist Microsoft.

Performance Point Overview Shivani Inderjee Business Intelligence Specialist Microsoft.
COPYRIGHT © 2008, BUSINESS OBJECTS S.A. GROWING AN ON-DEMAND BUSINESS, SIIA EUROPE 08 Mani Gill, VP of OnDemand.

COPYRIGHT © 2008, BUSINESS OBJECTS S.A. GROWING AN ON-DEMAND BUSINESS, SIIA EUROPE 08 Mani Gill, VP of OnDemand.
Copyright © 2014 Juniper Networks, Inc. 1 Juniper Unite Cloud-Enabled Enterprise Juniper’s Innovation in Enterprise Networks.

Copyright © 2014 Juniper Networks, Inc. 1 Juniper Unite Cloud-Enabled Enterprise Juniper’s Innovation in Enterprise Networks.
Cisco Consulting Services for Application-Centric Cloud Your Company Needs Fast IT Cisco Application-Centric Cloud Can Help.

Cisco Consulting Services for Application-Centric Cloud Your Company Needs Fast IT Cisco Application-Centric Cloud Can Help.
Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Juniper Security Threat Response Manager (STRM)

Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Juniper Security Threat Response Manager (STRM)
IXIA + FIREEYE SECURITY BATTLECARD

IXIA + FIREEYE SECURITY BATTLECARD
How Sage ERP X3 Systems Can Benefit Businesses.  Sage X3 is an affordable and flexible ERP solution designed to help mid-sized companies manage business.

How Sage ERP X3 Systems Can Benefit Businesses.  Sage X3 is an affordable and flexible ERP solution designed to help mid-sized companies manage business.
1 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Cisco Defense Orchestrator Effective security policy management made simple.

1 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Cisco Defense Orchestrator Effective security policy management made simple.

Similar presentations

Ads by Google