WIXLIB

RSA enVision Platform Sales GuideRSA enVision Platform Sales GuideBenefits of the RSA enVision PlatformThe RSA enVision solution offers these advantages to organizations:The RSA enVision platform solution consists of these elements:HH Exceptional scalability : the open architecture and modular hardware components of theRSA enVision platform achieve a very high level of scalability, capturing thousands of dataevents per second. The scalability of the solution allows even the largest enterprises tosuccessfully capture, monitor and analyze data in a consistent, predictable way.HH RSA enVison platform appliance: Each RSA enVision platform appliance is a controlledsecure environment, featuring a locked-down and hardened version of the MicrosoftWindows operating system and the enVision software application pre-installed. Thiscontrolled environment ensures that the usual threats to system operation—including bugs,viruses, and worms—are effectively eliminated, ensuring safe, reliable performance. Severaldifferent models of the RSA enVision platform appliance allow organizations to select thelevel of equipment corresponding with the number of devices and the volume of data eventsto be captured and processed in real-time.HH Favorable Return on Investment: By avoiding the hidden costs of software-only solutions(additional hardware investments, management expenses, storage costs and so on), theRSA enVision platform delivers strong business value and a rapid Return on Investment(ROI).HH Fast deployment: The appliance-based RSA enVision platform solution can be attachedto the network and configured in a very short period of time, typically in the range of twohours. Software-based solutions set up for a similar appliance may take anywhere from aday to a week to become fully operational.HH Industry-leading reliability: The controlled, secure environments represented by the RSAenVision platform appliances, running a hardened and locked version of Microsoft Windows,deliver a very high degree of reliability. Appliances are immune to third-party driver conflicts,bugs, worms, viruses and similar threats to data integrity and consistent operation.HH Unique IP-based database advantages: To rapidly capture and analyze IP-based data andinformation, the solution relies on an innovative database approach: Internet ProtocolDatabase (IPDB). IPDB provides unique data advantages and storage benefits that unlockmany of the capabilities of this solution for real-time operations.Many RSA Security and EMC products work together effectively so that customers candeploy complete solutions that encompass all of their security, network management,information management and compliance requirements. For example, the RSA enVisionplatform complements RSA SecurID technology to give partners the opportunity to strengthencompliance and network management with the proven benefits of two-factor authentication.This solution also complements EMC’s vision for information-centric security and is integratedwith EMC Celerra, CLARiiON, Symmetrix and Centera.10HH Internet Protocol Database: The innovative, patent-pending RSA Internet Protocol Database(IPDB) is tailored to efficiently collect and protect All the Data from any IP device on thenetwork. This database lets customers construct a robust log management platform with theability to monitor and correlate high volumes of data events and extract intelligence throughsophisticated analytics. Storage requirements for data collected are minimized throughcompression techniques and performance is enhanced through a unique approach thatworks efficiently with unstructured data formats.HH Built-in tools: The built-in tools and features of the RSA enVision platform provide theflexibility to collect, analyze and view data in numerous ways and to configure behaviorsto suit the security and compliance requirements of many different types of organizations.Among the tools and features included: advanced vulnerability and asset managementfeatures, task triage and ticketing system integration, watchlist alerting and reporting, eventexplorer and extensive features for maximizing availability.RSA is a market-proven leader in transforming enterprise-wide data into compliance andsecurity information. The RSA enVision platform is built on an architecture equal to thedemands of high-traffic network operations, collecting and protecting All the Data that driveseach customer’s business.11

RSA enVision Platform Sales GuideRSA enVision Platform Sales GuideIdentifying CustomersThe RSA enVision platform solution suits deployments in mid-size to large organizations, aswell as global enterprises where extremely high data traffic on the network is typical. Primaryindustries include:HH Financial servicesHH Outsourcers and managed service providersHH Retail and hospitality servicesHH Healthcare industryKey indicators that an organization can effectively take advantage of the RSA enVision platformare:HH No unified system in place for monitoring and analyzing network events: Organizationsthat lack a centralized, unified means for collecting and analyzing network data events riskpotential security breaches—internal as well as external—and often devote excessive timeto trying to interpret and make decisions on uncorrelated data collected by non-intelligentlogging tools. Streamlining data collection and extracting key intelligence from it can greatlysimply business operations, strengthen security and reduce IT costs.Organizations that are concerned with security and information management—for improvedprotection of data resources, regulatory compliance, and enhanced business operations—generally respond favorably to the features and capabilities of the RSA enVision platform.HH Existing network logging tools do not adequately meet regulatory mandates: Morestringent regulations involving accountability, authentication and auditing of networkactivities have emerged in recent months, creating a need for companies to reassess theeffectiveness of their existing piecemeal or less comprehensive solutions to logging andmonitoring. Raw information may be collected, but often the intelligence component islacking, making it difficult to view or evaluate the data, or to present it in a way that meetsmandatory requirements.Strongly regulated industries—such as finance, government, pharmaceutical, andhealthcare—face substantial regulatory mandates and compliance requirements, which can bemet with a properly deployed RSA enVision platform solution.HH Costs of IT administration: Inefficient, non-centralized approaches to security informationand event management (SIEM) can drive up the costs of IT administration, requiring manualintervention for many processes that should be automated.HH Energy and utility industryHH Public sector and non-governmental organizationsTypical prospects for the RSA enVision platform have these characteristics:HH A wide range of computing device types accessing network resourcesHH Large volumes of critical applications and sensitive data in useHH Complex network infrastructures requiring substantial IT managementHH Stringent compliance requirements at state, federal and international levelsIncreasingly, organizations are recognizing the importance of managing compliance andsecurity event log data more effectively—from the time the event data are generated to thetime it no longer needs to be retained (according to regulatory guidelines).1213

RSA enVision Platform Sales GuideRSA enVision Platform Sales GuideDiscovery QuestionsThe RSA enVision platform is well suited to organizations of all sizes, but it is ideal for amedium to large enterprise sale. You can effectively focus a sales engagement by addressingthe security and compliance functions and asking basic qualifying questions. Inquiring abouta customer’s current environment and existing security and compliance strategies is oftena good place to start the discussion. Ideally, you can lead the discussion toward the goal ofselling a combined solution that addresses the security and compliance needs of multiplestakeholders in the organization and that includes development and implementation services,the core product and an appropriate EMC storage platform.The following questions focus on concerns of the typical manager:Given your current capacity and existing configuration for storing security information,for how long a period can you retain the data?What do you estimate it costs your IT group each year to log and manage data events?What systems are in place to monitor access control, privileged users and configurationcontrols?Potential decision makers for the RSA enVision solution typically fit into three categories:HH Executives: Have considerable influence; concerned with shareholder values, revenueissues and regulatory compliance.HH Managers: Have influence over budget and project implementations; concerned withcustomer relationships, cost controls and business objectives.HH Operations personnel: Focused primarily on implementation strategies, resources andtechnology issues.Do you feel that your company’s critical applications and data are sufficiently protectedagainst external threats?Can you analyze all of the data logged in real-time and apply it to forensic situations?For operations personnel, these questions may help determine a fit:How will your organization create a compliance program in a cost-effective manner?Selling effectively to these three categories of buyers requires asking questions to highlightthe individual’s concerns and offering solutions in terms that address the challenges faced bythe organization. Focus the discussion on the key motivations identified for each buyer.Are their multiple departments or groups collecting security audit information? Doadditional groups have a need to collect this information?Effective questioning strategies target each individual’s most important concerns. For example,when talking with an executive, the following questions can help lead the sales discussion:When a security threat is identified, are you able to cross-reference it with the rest ofthe network?Have you found a satisfactory way to monitor and track network data events acrossyour infrastructure for compliance and security?How do you keep up with real-time monitoring, threat detection and malicious codedetection without being overwhelmed by false positives?Are your network data resources protected against emerging security threatsAre you able to add proprietary applications to extend the collection of source devicesin use on the network?Are your security investments working? Can you easily prove it?Do you need to make your compliance reporting more effective while consuming fewerresources?Do you have a compliance initiative in effect that mandates improved accountabilityand data retention?14Do you need to produce frequent compliance reports or reports for many differentaudiences?Using these sample questions to stimulate discussions with potential buyers—based on theirdemonstrated concerns—helps discover the underlying business needs and buyer motivations.This, in turn, can suggest the most compelling points to focus the sales presentation.15

RSA enVision Platform Sales GuideRSA enVision Platform Sales GuidePositioning StatementAttaching and Follow-up OpportunitiesFaced with increasingly complex network environments, emerging data security threatsand stringent compliance requirements, many organizations are turning to comprehensiveinformation lifecycle management solutions, looking for tools that support best practicesfor security information and event management. Given the complexities of planning andimplementing solutions in this area, appliance-based solutions designed around an openarchitecture model have significant advantages in terms of cost, reliability, scalability andinstallation.Properly trained partners and RSA can offer customers additional services to accompany theproduct sale of RSA enVision platform components, including:HH The RSA enVision platform offers clear advantages in a number of areas, providing SIEMcapabilities that directly address key customer requirements. Presented as part of a solutionsales approach, this platform:HH Provides a scalable log management platform that enables compliance and security, anddelivers business intelligence to enhance operationsHH Offers a comprehensive, open-architecture approach to SIEM that integrates effectively withexisting network equipment and supports high-volume data environmentsHH Expands the value of data on the network, analyzing All the Data to support a rich,information-centric security strategyIn this context, the RSA enVision platform helps customers eliminate redundant silos ofinformation and create a unified framework that spans the enterprise, turning raw data intoactionable intelligence.HH Universal Device DevelopmentHH Sure StartHH Report and Alert DeveloperHH Compliance Assessment and EnablementHH Security Assessment and EnablementAs part of an overall network security strategy, and to strengthen the compliance and securityaspects of network access and use, other complementary products offering some opportunityfor the additional sales include:HH Addition of RSA SecurID: Authentication is a prime aspect of compliance regulations, aswell as a best-practice approach to network security. RSA SecurID provides industry-leadingtwo-factor authentication for compliance and improved security.HH Addition of Use of a Certificate Authority: Customers using certificate authorities, such asRSA Digital Certificate Solutions, have an ongoing need for the protection of certificates andkeys. RSA Smart Cards and RSA USB Authenticators ensure protection of each user’s privatekeys.HH RSA SecurID Tokens: Customers looking for tighter security than passwords can provide willbe interested in using multi-factor authentication. For new customers this will lead to salesof RSA SecurID tokens and software licenses. For existing RSA customers, it may mean anexpansion of the number of tokens in use.This RSA enVision solution provides a proven framework for strengthening enterprise securityand ensuring compliance. Your customers can also leverage existing RSA Security investments,such as RSA SecurID tokens or RSA Keon digital certificates, combining a comprehensiverange of security tools within an framework.1617

RSA enVision Platform Sales GuideRSA enVision Platform Sales GuidePresentation of SolutionThe RSA enVision platform is built around a solid framework of information managementcapabilities—recognizing that transforming event data into actionable compliance and securityintelligence is a fundamental necessity for modern businesses and large-scale organizations.With proven performance, exceptional scalability, an innovative database tuned for handlingIP-generated data and best-in-class analytical tools, the RSA enVision platform equipscompanies for success in compliance and security operations. The RSA enVision platformresponds to the need for security and compliance intelligence at a system level and providesgreater overall return on investment. For these reasons, RSA enVision platform technologyleads the industry in effective, proven SIEM solutions and has been successfully deployedin hundreds of organizations worldwide. Figure 1 illustrates the platform capabilities for thissolution.Solution: RSA enVisionAn Information Management Platform for Compliance & Security Operations4FSWFS&OHJOFFSJOH#VTJOFTT 0QT-PH .BOBHFNFOU PNQMJBODF "VEJU"TTFU *EFOUJGJDBUJPO3JTL .BOBHFNFOU#BTFMJOF3FQPSU PNQMJBODF 0QFSBUJPOT4FDVSJUZ 0QT"MFSU PSSFMBUJPO%FTLUPQ 0QT/FUXPSL 0QT'PSFOTJDTAs a full-featured, scalable, enterprise-class solution, the business value of RSA enVision isrealized in large-scale deployments—where data event logging typically reaches thousands totens of thousand of events per second. However, with the selection of the appropriate enVisionappliance, this solution can be cost effective in much smaller deployments where eventoccurrences range from the tens to the hundreds of instances per second.Industries that have particularly strict regulatory compliance concerns—such as the insurance,financial, and government sectors—can rely on integration with RSA SecurID to ensure aneven more comprehensive security solution. Complete solutions in the security realm shouldencompass access and transaction control throughout the organization’s infrastructure, as wellas ensuring a clear audit trail and definitive logging of all event activity.The RSA enVision platform fits well in environments where customers have a strong need tocentralize and unify logging and information management activities in response to a desirefor improved security, more efficient operations through greater data visibility, and enhancedregulatory compliance."QQMJDBUJPO %BUBCBTF*ODJEFOU .BOBHFNFOU4FDVSJUZ 0QFSBUJPOT"DDFTT POUSPM POGJHVSBUJPO POUSPM.BMJDJPVT 4PGUXBSF1PMJDZ &OGPSDFNFOUT6TFS .POJUPSJOH .BOBHFNFOU&OWJSPONFOUBM 5SBOTNJTTJPO 4FDVSJUZ"DDFTT POUSPM &OGPSDFNFOU4-" PNQMJBODF .POJUPSJOH'BMTF 1PTJUJWF 3FEVDUJPO3FBM UJNF .POJUPSJOH6OBVUIPSJ[FE /FUXPSL 4FSWJDF %FUFDUJPO.PSF "-- 5)& %"5"-PH .BOBHFNFOU"OZ FOUFSQSJTF *1 EFWJDF 6OJWFSTBM %FWJDF 4VQQPSU 6%4/P GJMUFSJOH OPSNBMJ[JOH PS EBUB SFEVDUJPO4FDVSJUZ FWFOUT PQFSBUJPOBM JOGPSNBUJPO/P BHFOUT SFRVJSFE1819

RSA enVision Platform Sales GuideRSA enVision Platform Sales GuideObjection HandlingFAQsThe following are typical objections you might encounter while attempting to sell the RSAenVision platform. Responses to these objections are included to help you keep the prospectin your sales pipeline and close the deal.Does the RSA enVision platform integrate easily with storage systems from other vendors?We have dedicated teams in place that perform monitoring, reporting, and similaranalytical activities.The RSA enVision platform is a robust enterprise system that can make these activities moreefficient, more responsive, and less resource-intensive. Better configuration management canalso enhance your ability to meet regulatory compliance mandates.We don’t need a system like this.Changing regulatory frameworks and increased incidents of data security breaches andnetwork intrusions make it essential for every enterprise to have a security strategy thatincludes comprehensive real-time monitoring, intelligent logging and verifiable compliancemanagement.We already have a system that collects and correlates events from our network devices.Event management and real-time alerting are basic features of many similar solutions, but theRSA enVision platform puts greater emphasis on compliance reporting capabilities, as well asproviding sophisticated real-time and forensic tools for analyzing and responding to loggedevent data.A platform like this will be too expensive for our organization.20The solution provides integration with NAS systems from Network Appliance (NetApp), as wellas full integration with DAS- and NAS-based EMC storage systems, such as CLARiiON, Celerra,Symmetrix (with the Celerra Gateway) and Centera. EMC offers the Design and Implementationfor Security Information Management service to help organizations configure the RSA enVisionplatform with EMC storage systems.Do agents have to be installed for use with enVision?The unique architecture and data collection techniques e

The RSA enVision platform addresses primary business needs in the following ways: H Centralizes and streamlines data logging and management: The demands on IT departments and requisite budgets can be significantly reduced through the capabilities of the RSA enVision platform, providing greater visibility into business operations, compliant-