Defend Against Threats with SIEM Plus XDR: 4-Week Implementation

RSM will partner with your organization to implement and pilot Microsoft Defender for Endpoint and Microsoft Sentinel. RSM will set up, configure, onboard, and provide knowledge in your environment. We will also provide several baseline configurations related to Endpoint Detection and Response.

Defender for Endpoint:

Phase 1: Discovery & Planning

• Determine in-scope devices/users
• Document the names of the devices/users to be piloted
• Review policy best practices
• Gather list of potential exceptions or exclusions
• Provide up to two (2) one-hour design workshops
• Discuss/review endpoint DLP options

• Configure up to one (1) antivirus policy
• Configure up to one (1) security experience policy
• Configure up to three (3) dynamic security groups
• Configure up to two (2) Defender for Endpoint onboarding policies
• Configure Real-Time Protection
• Configure Cloud-Delivered Protection
• Configure Attack Surface Reduction rules in Audit mode
• Configure Network Protection in Audit mode
• Configure Controlled Folder Access in Audit mode
• Configure Attack Surface Reduction rules for up to five (5) devices in Enforced mode
• Configure Network Protection for up to five (5) devices in Enforced mode
• Configure Controlled Folder Access for up to five (5) devices in Enforced mode
• Configure integrations with other capable Microsoft 365 E5 Security products
• Provide up to four (4) hours of Defender for Endpoint dashboard knowledge transfer

Microsoft Sentinel:

Phase 1: Implementation

• Establish an Azure Subscription
• Create a log analytics workspace for Sentinel
• Provide list of free connectors to Client
• Configure free connectors in Sentinel
• Configure retention for 90 days
• Configure up to five (5) individual Workbooks
• Configure up to two (2) analytics rules
• Configure one (1) Playbook to send Incident alerts

Agenda:

• Define Strategy – Understand motivations, business needs and executive sponsorship
• Plan – Discovery and assessment
• Ready – Operating model, implementation options
• Adopt – Migrate execution
• Govern – Business risks, policy & compliance
• Manage – Operations maturity

RSM’s insights and portfolio of services reflect more than 30 years of technology consulting, implementation and monitoring experience. We work hard to understand your specific technology needs and provide the services to help you develop a customized, cost-effective solution.

*Pricing will vary based on implementation scope and available Microsoft funding.

*Duration will vary based on implementation scope.