I am new to the Security world and specially to carry out a Proof of Concept. It would be highly appreciated if someone can share an example/sample PoC report which may list all steps which should be completed to carry out a successful PoC. Sorry, it is a very generic question but I need a starting point.
I have to start with the installation of vNSP/NSM integration first followed by AV, ATD etc.
Thanks in advance
Ok... You got me there.. I never thought I would see this sort of question on the forum - it is usually more focused around the NSP technology itself, whilst your question is pre-sales/process/consultancy type. But hey!...- we are all here and there are lots of people around (P!) with experience on PoCs - so we should be able to help you (a bit at least)....
Going back to your question...
First of all... it scares me that you are *new to security* and you are in front of this challenge. This PoC is definitely not for *security newbies*
Second... your question is *extremely* generic, and by the way you have formulated it, makes me first of all give you the following advise:
By the way you have formulated the question, I will assume you have to run the PoC, and in this case, you are a winner!!
Or in other words....
Basically, your NSP/ATD/DxL PoC is the mother of all PoCs! You are trying to demonstrate how multiple McAfee solutions can work together to provide a better/faster/more reliable security control than what the customer currently has (or does not have). I would even add the McAfee SIEM on top, so you can create some nice dashboards for the execs to show off what a good investment that was
Said this, let me try to help you a bit more:
So.. After we've done the pre-sales/consultancy work... Let''s move to the technology:
NSP (Network Security Platform): is the McAfee IPS solution, which includes:
So basically, there is no integration between vIPS and NSM - you must install the IPS sensors on a manager if you want to use them.
NSP integration points:
Ok... So now we have the customer requirements, and we understand what technology we can use to resolve their problem. These are the *very* generic guidelines for a successful PoC.
Of course on top of getting the customer requirements and sizing the solution for a successful PoC, you will need experience in deploying/installing the different solutions involved on this PoC (NSP, ATD, TIE, ePO, AV, etc), have a good understanding of networking and network protocols to troubleshoot the *usual* problems on any network, and understand what security features/configuration will be required on each solution (network, endpoint and sandboxing) to *WOW* the customer - and hopefully, get your sales bonus
As I said before, this is one of the most complex proof of concepts you can run - not because of the technology itself (things go wrong anyway, we all know...), but because of the broader IT/ITSEC knowledge required to understand what is that needs to be demonstrated to resolve the customer's problems and the easiest and quickest way to get there.
Based on my experience (having done that), if you aren't 100% clear on all the above and you have not integrated these solutions in your home lab, I would strongly suggest you reach out for some *more* help - you have obviously reached out to this forum, but I believe you will need to engage the vendor directly for this support for this PoC.
I hope this helps.