Sentinel & Security Center - 4Wk Implementation

Azure Sentinel delivers intelligent security analytics and threat intelligence, providing alert detection, threat visibility, proactive hunting, and threat response. Azure Security Center enables companies to gain insight into their security state across hybrid cloud workloads, reduce possible exposure to cyberattacks, and respond to detected threats quickly.
If you have Azure Security Center enabled in your subscription, then you can start ingesting the security alerts generated by ASC. Alerts can then be filtered and debugged with Synergy's E-Visor tool on their way to Azure Sentinel for long-term storage, providing a richer set of threat detections.

Deployment Scope & Activities

1Wk - Azure Sentinel - Configure 1 production environment (Single Log Analytics Workspace) • Workloads • Data Connectors • Review & initial setup for up to 2 data connectors
• Azure Security Center Connector • Syslog Connector

2Wk - Analytics • Analysis & review of available Analytics Rules (enable) with customization of up to 4 rules • Creation of up to 2 playbook notifications • Validate and generate up to 2 hunting queries • Validate and activate up to 4 workbooks for data displaying

Azure Security Center - Configuration of 1 production environment (Single tenant)

3Wk - Deployment • Analysis of the deployment model for Azure Security Center and on-premises servers, including connectivity and testing before full deployment into production • Onboarding for up to 10 server agents • A minimum of 5 Windows servers and 5 Linux Servers, with the Operating System versions supported by the agent • Validate and activate a dashboard to visualize patch management • Onboarding of up to 4 Azure Cloud Services/Apps Services

4Wk - Security Policies • Definition of a security policy for a maximum of 1 subscription • Resource Security Hygiene • 2 working sessions to analyze ASC findings and recommendations • Up to 2 transfer knowledge and architectural sessions