Professional Documents
Culture Documents
MSP01 Sophos MSP Connect Flex v2.0.0 FINAL
MSP01 Sophos MSP Connect Flex v2.0.0 FINAL
© 2018 Sophos Limited. All rights reserved. No part of this document may be used
or reproduced in any form or by any means without the prior written consent of
Sophos.
Sophos and the Sophos logo are registered trademarks of Sophos Limited. Other
names, logos and marks mentioned in this document may be the trademarks or
registered trademarks of Sophos Limited or their respective owners.
1
Course Objectives
• Once you complete this course, you will be able to:
Finished?
Click here to continue
This is the module hub page. It provides access to the topics in this module. Click on
a topic to show a menu of the items it contains.
Topics can be repeated if you want to review a section, and the student handout
includes the slides and notes for all topics covered.
**
3
One Security Vendor
4
Synchronized Security – The Sophos Advantage
Admin | Manage All Sophos Products Self Service | User Customizable Alerts Partner | Management of Customer Installations
Sophos Central
Wireless Mobile
Email Server
Web Encryption
Cloud Intelligence
Analytics | Analyze data across all of Sophos’ products to create simple, actionable insights and automatic resolutions
Malware Identities | URL Database | Machine Learning | Threat Intelligence | Genotypes | Reputation |
Sophos Labs | 24x7x365, multi-continent operation | Behavioral Rules | APT Rules | App Identities | Anti-Spam | DLP | SophosID | Sandboxing | API Everywhere
Sophos is a complete security company, in fact we’re the only company that is a
Leader in both the Network and Endpoint Gartner Magic Quadrants.
And because we have such vast experience, expertise and visibility into so many
layers of security across our portfolio, SOPHOS has the unique advantage to be able
to leverage all those insights and connect the layers together so that each solution is
contextually aware of what is going on with one another.
This type of context and synchronization aware technology isn’t unique per say,
however competing solutions require expensive, complex third party tools like SIEM
and expert users to manage and keep tabs on everything that is going on.
Sophos brings everything together with what we call Synchronized Security - the
heartbeat between security layers, simplified for our partners in our cloud platform
from a single pane of glass that we call Sophos Central.
5
Synchronized Security
The Ability for Products to Share Threat Intelligence
Security Heartbeat™
For example:
6
End-to-end protection from a single vendor
XG Firewall Central Endpoint Protection
Ultimate enterprise firewall Endpoint Protection, App,
performance, security, and Peripheral and Web Control
control
Intercept X Advanced
Email Advanced Next Gen Endpoint security to
Proven email security for prevent, detect, investigate and
business continuity remediate
Central Mobile Advanced
Central Wireless Secure smartphones and tablets
Super secure, super easy Wi-Fi just like any other endpoint:
MDM, Containerization, Kiosk
Secure the Servers
Phish Threat Protection optimized for server
Security Awareness Training for environment (physical or virtual):
end user customers. Application Control / CryptoGuard
Central Device Encryption
Simple-to-use encryption for a
highly effective last line of
defense against data loss
Here are the services available to you in the Sophos Central Partner Dashboard.
Secure the Perimeter XG: we first start talking about securing the perimeter, and we
do this with our XG Series Firewall.
• XG Firewall is our Next-Gen Firewall solution. It fixes the main issues seen in most
other Next-Gen Firewalls by offering you and your customers increased visibility,
protection, and response all while giving you, the MSP, a zero cost, cloud based,
central management through Cloud Firewall Manager (CFM). Whether you’re
pushing out a single rule to a single firewall or a template across multiple
firewalls, the CFM can facilitate all your management needs.
Secure the Email with Central Email Advanced. This product is created through our
acquisition of Reflection. It’s architected for inbound/outbound scanning for
malware and spam while incorporating Sophos Sandstorm – our cloud sandboxing
technology – with other great features like time-of-click protection and seamless
integration with Office 365.
Secure the Wireless: To get all of the great enterprise-level features of Sophos
Wireless Access Points, like Advanced Rogue AP Detection, we recommend
7
managing them through Sophos Central rather than directly through XG Firewall. The
latest APX series Access points include Synchronized Security aspects.
Phish Threat: As you probably know, an organizations weakest link is typically it’s
users. With Sophos Phish Threat you can educate this commonly exploited link and
increase your customer’s overall security posture by testing, educating, and
managing ongoing awareness within your customer’s organization. With this great
tool, you can simulate a phishing attack in 3 easy steps. Monthly license usage is
calculated based on when emails are sent. Users enrolled in the same campaign may
be sent emails at different times and on different dates.
Secure the Servers: Protect your virtual and physical servers without sacrificing
performance. Intercept X for Servers now has all the great feature of Intercept X plus
server specific feature like one-click Server Lockdown and Whitelisting.
• Central Device Encryption has the ability to enforce hard drive encryption on your
users hard drives/tablets/laptops by harnessing the native Windows and Mac disc
encryption for optimal performance while giving you, the MSP, central
management, recovery, and reporting for compliance.
7
Lower Vendor Management Expenses
Think about all the different security vendors currently on your roster. Each one with
their own consoles, programs, and complexities. The Sophos Central security
portfolio allows you to consolidate all of these different point products into one
easy-to-use offering and vendor. Sophos is a global leader in the industry with best of
breed solutions at every level so you’re not compromising on protection.
8
Partner Management Dashboard
9
Sophos Central
Allows Partners to manage Endpoint Protection Wireless Allows users to customize security
multiple customer installations Mobile Protection Web Gateway status and notifications
Server Protection Email Security
Encryption Anti-Phishing
As mentioned before, one of the great benefits of the Sophos MSP Connect Flex
program is the ability to work within a single management dashboard. There are a
few different levels of access within Sophos Central; the Partner Dashboard here on
the left is the multi-tenant console where you can get a birds-eye view of your
customers, all the Sophos product they’re leveraging, alerts, and more.
From the Partner Dashboard you’ll be able to seamlessly jump into each respective
customer’s Sophos Central Admin Console. This is where customer specific action is
taken, alerts are drilled into, etc…
There’s also Self Service Portal for end users to add their own devices and manage
their notification settings to reduce the number of helpdesk calls.
10
Sophos Central – Partner Dashboard
When you first log in to the Partner Dashboard you’ll see a high level overview of
your most critical alerts, plus a summary of your licensing information across your
entire estate.
Alerts are consolidated from all of your Customer’s Central Admin Accounts.
Monthly Usage is also displayed showing your consolidated usage across all MSP Flex
Customers.
11
MSP Alerting Across Managed Customers
By drilling into the alerts section you will see all alerts across the customers that you
currently manage.
From here you can see that you have a customer with Malicious Traffic Detected. You
can then dive down into that specific customer through the Central Admin
Dashboard. Select the Alert and then in the top right corner launch directly into the
Customer’s Sophos Central Admin through a Single Sign-on Connection.
12
Sophos Central Admin
Now that you are in the Sophos Central Admin Dashboard, you have gone from the
multi-tenant console to the customer-specific console where you can take customer
specific actions like create policies, modify existing policies, clear addressed alerts,
and more.
13
Account
Creation
Before any alerts can be viewed or policies can be applied, you must first
have customers!
Our approved MSP Connect Flex partners will have a button in the top right
corner of the Sophos Central Customer’s section of the Partner Dashboard
that allows for provisioning new monthly customers.
*Note that creating a free trial in the trial section is another way to create an
account in the Sophos Central Partner Dashboard, however those accounts
cannot be converted to monthly flex licensing. If you have already created a
trial account that you would like to convert to monthly licensing, please
contact your Sophos Channel Account Manager and the account will be
migrated across by Sophos.
*Note that the email address field is mandatory and care should be taken to
make sure this is correct, as this information is used as the identifier for
account creation, so therefore it must be unique for every customer.
14
Many partners are hesitant to put a customer email address in this field for a
variety of reasons, the good news is that this email address by default is not
going to receive emails, it is solely used for identifying the account. Many
partners will mock up an alias like “CustomerName@MyDomain.com” and
then actually create that email alias within their own email system after the
fact.*
It is also important to note that the Data Storage Location can’t be changed
later. So make sure you select the correct Data Storage Location that meets
your needs and requirements.
14
Monthly
License
Change
Sophos Central Monthly Customer Licenses can be changed from the Central
Partner Dashboard under Managed Customer Usage.
Select their one or multiple monthly accounts and then click on the Change
License button.
This will bring up the Change License Window. From here select the product
that you want to change. Either Endpoint, Server or Both and click Next.
On the Endpoint selection you choose the license that you want to move the
customer/s to. The Automatically install software box is checked by default.
Next select your Server License, Server will automatically get the correct
components installed.
Verify your changes and then click Save. Your customer’s license will now be
15
changed.
15
Deployment
Options
If this were a term licensed account, this screen would be limited to pre-
purchased products. But in the MSP Flex monthly licensing , everything is
unlocked. You have full access to download and install any Sophos Central
products directly from here. For example, if you were to download the full
windows installer, the executable would contain Central Endpoint, Intercept
X, and Device Encryption.
Those customers that do not want all three products, will select “choose
components” for Windows or MacOS
16
Post Deployment Options
From the Devices Page, you will see a list of workstations and the installed
Sophos Components listed with a check mark.
17
Partner Deployment Options – Thin Installer
To access the thin installer, go back to the Partner Dashboard and select
“Deployment” in the left navigation. The endpoint installer will work on all
Sophos Central accounts and will never expire. The single installer can install
Endpoint, Intercept X, Device Encryption, and Server Protection.
Scripting components for the Sophos thin installer are available for most
RMM platforms by request through the MSP Hub on the Partner Portal.
For a more information on the thin installer, please refer to the Thin Installer
How-To Guide found on Sophos Hub or the Sophos Partner Portal.
18
MSP License Management
Now that you have the monthly account setup, possibly a few term license accounts,
and the users/workstations/servers protected; the next logical step is to monitor
your usage for billing. The Sophos Central Partner Dashboard makes this easy in the
“Managed Customer Usage” section. Here we see, 87 customers with MSP-owned
flex licensing and 7 with customer-owned term licenses managed by you, the MSP.
19
ConnectWise Integration
It should also be noted that further integration with other PSAs like Datto AutoTask
are coming soon.
20
XG Firewall in Central Partner
At this point, we’ve covered everything from a Sophos Central perspective, so let’s
discuss how XG Firewall plays into the MSP Connect Flex program. The XG Firewall
can be licensed through the MSP Connect Flex program on a monthly basis, the XG
hardware or virtual appliance Base License must first be purchased up-front. Once
the physical or virtual appliance is purchased & registered, the serial number will
appear in the “Firewalls” section of the Sophos Central Partner Dashboard. From
there it’s as simple as clicking on the serial number and specifying the subscription
you’d like.
**XG firewalls will only show up here after they’ve been registered to a MySophos
Account.**
21
Firewall
• Click Add and then Select one of the four subscriptions. Upon hitting save
a request will be sent to the MSP Orders team.
• Second you can assign the XG Firewall to a Customer’s Central Admin Account.
This is simply done to identify the XG Firewall.
• Select a Firewall and Click Assign Firewalls, then enter the Customer
Central Admin Account or Create New Managed Customer
• You could also select the Subscription here as well.
21
XG Firewall Approvals
From the Firewall Approvals page we can Request to Manage the XG Firewall. Once
you select an XG Firewall and click Request to Manage it will move to Approval
Pending.
From here a request will be sent out to the MySophos Registered E-mail Address.
Once approved in MySophos the XG Firewall will be listed at Managed.
**This is a required step for managing the XG Firewall in Central Firewall Manager.
22
Sophos Licensing (MySophos)
Sophos Licensing (MySophos) is the portal where all your XG Firewalls get registered
to.
• Under Network Protection then View Devices you can see all of the Registered XG
Firewalls
• This is also where you will go to assign a customer billing name to the XG
Firewall. This name will appear on your billing report from your distributor.
23
Sophos Licensing (MySophos)
Under Network Protection then Contact Information is where the Company Name is
entered that will show up inside the XG Firewall. All XG Firewalls Registered to this
MySophos Account will have the same Company Name. As an MSP this is typically
your company name as you will either own or manage the XG Firewall on behalf of
the Customer.
24
Sophos Licensing (MySophos)
Partner Owned Firewalls Customer Owned Firewalls
• Register all Firewall to a single • Two options when registering the
Sophos Licensing E-mail Address Firewalls
• Distribution Group Recommended o Register them to the Customer’s
Primary Contact E-mail Address
XGOrders@your_domain.com
o The customer will need to setup a
Sophos Licensing Account
First is the Partner Owned Firewalls. This is the easiest method. Register all XG
Firewalls to a single MySophos Account. Typically we recommend a distribution list
such as XGOrders@yourdomain.com.
• The one thing to keep in mind here is that all XG Firewall will display your Partner
Name in the XG Firewall itself.
• If you need to have to customer’s name in the XG Firewall then use the second
option.
The second option is to either have the Customer create a MySophos Account and
then register the Firewall to that account. However the easier option for an MSP is
create an Alias off the XGOrder Distribution Group so that the customer isn’t
involved.
***Tip – Gmail Accounts allow for an alias on the fly. Meaning that you could have a
single Gmail Address and then just use the +customername to quickly create New
MySophos Accounts. No settings need to be changed or added on Gmail. Example:
Partner@gmail.com Alias: Partner+customer@gmail.com,
Partner+customer2@gmail.com
25
XG Firewall Management Options
Central Firewall Manager
Location: Central Partner Dashboard
Central Management
Location: Customer’s Central Admin Dashboard
For XG Firewall Management we have some options for you to review and consider
as a new partner.
26
CFM vs SFM
CFM (Central Firewall Manager) SFM (Sophos Firewall Manager)
CFM is a cloud based Firewall On-premise Virtual Firewall
Manager hosted inside of Sophos Manager
Central Partner Dashboard.
• Requires that Partner to host
• Nothing for the Partner to host onsite or in Azure (Nested)
• Multi-staged onboarding process • Simplified onboarding
• Better performance
Central Firewall Manager is fully hosted by Sophos. It is access from the Central
Partner Dashboard. CFM as it is commonly referred to requires a multi-staged
onboarding process. This process can be reviewed on our Sophos MSP Global
YouTube Page. The video is XG Firewall: Start to Finish.
• Offers Template options, Backup Mgmt, Configuration Management, Group
Management and more
Sophos Firewall Manager is an on-premise virtual appliance for those that don’t
want to manage in the cloud. SFM as it is commonly referred to is exactly the same
as CFM, however the onboarding process is much easier. Also because the virtual
appliance is hosted by you the partner the performance will be much better.
27
Central Firewall Manager
The Sophos Central Cloud Firewall Manager is launchable through the Partner
Dashboard in the “Manage Firewalls” section in the left navigation. Simply click the
“Manage” button.
Access to this is control by your Primary Partner Admin or Any Super Admin.
28
Central Firewall Manager
And just a quick look at what CFM and SFM Firewall Management Dashboard looks
like.
29
CM (Central Management) in Central Admin
Easy Management option Firewall Alerts sent to
built right into the Central Admin and visible in
Customer’s Central Admin Central Partner
Dashboard.
This new tool isn’t as feature rich as CFM and SFM, however it will be adding
features over time.
The choice is completely up to you as a Partner on which route you go. You can
always start with CFM or SFM and transition to CM as the features become available
to meet your needs.
30
CM (Central Management) in Central Admin
Again the New CM Firewall Management is location in the Customer’s Central Admin
Dashboard. Along the left you’ll find the Firewall Management. Once you click into
this section you’ll get to a Dashboard and Firewalls list.
31
Dedicated MSP Support
32
Co-Branded Marketing Assets and Training
You can access co-branded marketing assets and training which are linked from the
partner portal directly in the partner dashboard as shown here.
33
Secure the Perimeter XG: we first start talking about securing the perimeter, and we
do this with our XG Series Firewall.
• XG Firewall is our Next-Gen Firewall solution. It fixes the main issues seen in most
other Next-Gen Firewalls by offering you and your customers increased visibility,
protection, and response all while giving you as the MSP, a zero cost, cloud based,
central management through Cloud Firewall Manager (CFM). Whether you’re
pushing out a single rule to a single firewall or a template across multiple
firewalls, the CFM can facilitate all your management needs.
For XG Firewall you must first procure the bare-bones hardware through your
distributor. Once the firewall is registered, the serial number of that firewall will
appear in the firewall section of the Sophos Central Partner Dashboard, at which
point you can license it with either EnterpriseGuard, EnterpriseGuard Plus,
FullGuard, or FullGuard Plus via the MSP Connect Flex Program.
If you’d like a full explanation of the EnterpriseGuard and FullGuard options, please
follow the link to check out the licensing guide: https://www.sophos.com/en-
us/medialibrary/PDFs/factsheets/sophosxgfirewallflna.pdf
34
Central Email Advanced
• Protect against
fraudulent email
addresses
• Block phishing
attacks
• Sophos Sandstorm
• Time-of-click
protection
• Office 365 integration
35
Secure the Email with Central Email Advanced. This product is created through our
acquisition of Reflection. It’s architected for inbound/outbound scanning for
malware and spam, while also incorporating Sophos Sandstorm – our cloud
sandboxing technology – with other great features like time-of-click protection and
seamless integration with Office 365.
35
APX – Next Generation Access Points - 802.11ac Wave 2.0
• APX 740: Flagship 4x4:4 access point
with high-density, high-capacity for the
mid-market enterprise
36
Secure the Wireless: To get all of the great enterprise-level features of Sophos
Wireless Access Points, like Advanced Rogue AP Detection, we recommend
managing the AP devices through Sophos Central rather than directly through XG
Firewall.
The latest APX series Access points allow you to use Sophos Synchronized Security
when managed via Sophos Central along with other Sophos products.
36
Sophos Phish Threat
37
Phish Threat: As you probably know, an organizations weakest link is typically it’s
users. With Sophos Phish Threat you can educate this commonly exploited link and
increase your customer’s overall security posture by testing, educating, and
managing ongoing awareness within your customer’s organization. With this great
tool, you can simulate a phishing attack in 3 easy steps. Monthly license usage is
calculated based on what emails are sent.
Users enrolled in the same campaign may be sent emails at different times and on
different dates.
37
38
Above and beyond all the great technology and security protection that Sophos
provides, Sophos MSP Connect Flex partners equally enjoy the ease of account
creation and administration on the fly.
38
Secure the Mobile Device: Mobile Device Management
39
Secure the Servers: Protect your virtual and physical servers without sacrificing
performance. Intercept X for Servers now has all the great features of Intercept X
plus server specific feature like one-click Server Lockdown and Whitelisting.
40
Sophos Central Device Encryption
41
• Central Device Encryption has the ability to enforce hard drive encryption on your
users hard drives/tablets/laptops by harnessing the native Windows and Mac disc
encryption for optimal performance while giving you, the MSP, central
management, recovery, and reporting for compliance.
41
Sophos MSP Connect Program
Simplifies customer management of industry-leading security solutions while
streamlining key tools integration, and offering flexible pricing and billing
• We recognize providing you with an MSP partner program that works in the way that you
do business and go to market is what you need to be successful. And for that reason we
rolled up our sleeves and rebuilt our MSP program.
• It is designed to meet the needs of an MSP, providing structure and support for you to
manage your solutions and your customers as efficiently as possible.
42
The Journey to MSP Connect
Distributor
approval for
Flex Training: monthly billing
MSP Sales
Prerequisite Consultancy
Training: Training
MSP Connect Sales
application Fundamentals
Proven approval (SC01)
managed
services
business
43
End-to-end protection from a single vendor
Secure the Perimeter XG Central Endpoint Protection
D Ultimate enterprise firewall Endpoint Protection, App, U
performance, security, and Peripheral and Web Control
control
Secure the Servers Intercept X Advanced
Protection optimized for server Next Gen Endpoint security to
S environment (physical or virtual): prevent, detect, investigate and U
Application Control / CrypoGuard remediate
Secure the Mobile Device
Secure the Wireless Secure smartphones and tablets
W Super secure, super easy Wi-Fi U
just like any other endpoint:
MDM, Containerization, Kiosk
Protect the Data
Phish Threat
U Simple-to-use encryption for a U
Security Awareness Training for highly effective last line of
end user customers. defense against data loss
When it comes to Licencing and how it applies to monthly pricing this is how it it
works in the Flex Program.
If we go back to our product wheel, and look at the various services, we categorize
them as so:
D: Devices
W: Wireless
S: Servers
U: User based licensing (installed to a human being)
The number of users you have across your customer base, and across product makes
up your license aggregation (your total number of assets)!
This dictates your pricing per product per month.
44
Aggregate License Calculation
User Licenses: Endpoint, Intercept X Adv, Mobile, Encryption, Phish Threat Device: XG Firewall
1 -99 user licenses 1-24 devices
100-499 user licenses 25-99 devices
500-999 user licenses 100-199 devices
1,000-4,999 user licenses 200 -499 devices
5,000-9,999 user licenses 500-999 devices
10,000+ user licenses 1,000 + devices
The MSP Connect Flex program has a tiered licensing structure. There are 4 product
categories each of which contain 6 pricing tiers based on license number.
This is a significant advantage in the user category, because so many products fall
into this category. For example:
45
Licensing Example
80 Intercept X Advanced
80 Mobile
5 Wireless
Customer A 25 Servers 2 Devices
5 Wireless
2 XG FullGuard
Customer A is using all of the supported products, which when tallied gives 180
licenses, 25 servers, 5 APs and 2 devices.
46
Licensing Example
180 User
120 Intercept X Advanced w/EDR
25 Server
5 Wireless
Customer A 2 Devices
10 Mobile
20 Encryption
150 User licenses
Customer B 5 Servers
= 5 Server licenses
2 Wireless
2 Wireless
0 XG
The next customer, B, is slightly smaller, and so doesn’t need so many licenses, or
even a firewall. Hopefully they have another solution in place!
47
Licensing Example
180 User
100 Central Endpoint Protection
25 Server
5 Wireless
Customer A 2 Devices
100 Mobile
150 User
5 Server 300 User licenses
=
2 Wireless 100 Encryption
Customer B 10 Server licenses
Customer C
5 Devices
10 Servers
0 Wireless
5 XG EnterpriseGuard
Customer C is a larger company, with lots of devices, servers and firewalls, but no
need for Wi-Fi at the moment. In total, they use 300 user licenses, 10 servers and 5
devices.
48
Licensing Example
180 User
230 Intercept X Advanced
25 Server
5 Wireless
Customer A 2 Devices
0 Mobile
150 User
5 Server 230 User licenses
=
2 Wireless 0 Encryption
Customer B 5 Server licenses
Customer D
4 Devices
300 User 5 Servers
10 Server
5 Devices
Customer C
0 Wireless
4 XG FullGuard
The final customer, D, has a lot of endpoint devices, but no need for mobile or
encryption. They consume 230 licenses, 5 servers and 4 devices.
49
Licensing Example
180 User
25 Server
5 Wireless
MSP Aggregate Usage
Customer A 2 Devices
150 User
5 Server
2 Wireless 860 User
= 45 Server
Customer B
230 User
5 Server
4 Devices
Customer D
To calculate the overall usage for the MSP, all of the customer usage is added up,
which gives the figures shown. This is the MSP’s total monthly usage.
Click Next to continue, and we’ll look at what this means for licensing tiers.
50
Aggregate License Calculation
User Licenses: Endpoint, Intercept X Adv, Mobile, Encryption, Phish Threat Device: XG Firewall
1 -99 user licenses 1-24 devices
100-499 user licenses 25-99 devices
500-999 user licenses 100-199 devices
1,000-4,999 user licenses 200 -499 devices
860 User
5,000-9,999 user licenses 500-999 devices
10,000+ user licenses 1,000 + devices
45 Server
Server Licenses: Standard and Advanced 7 Wireless Wireless: AP15, AP55, AP100
1 -24 server licenses 11 Devices 1-24 access points
25-99 server licenses 25-99 access points
100-249 server licenses 100-199 access points
250-499 server licenses 200 -499 access points
500-999 server licenses 500-999 access points
1,000 + server licenses 1,000 + access points
51
Sophos MSP FLEX Advantage
Increased Revenue
o Upsell and cross-sell security services
o Add additional products to MSP menu of offerings
o Increase profitability through aggregate billing
Lower Costs
o Reduce vendor management time and resources
o Improve security posture with Synchronized Security
o Convert from Capex to Opex
52
The Sophos MSP program has 3 main advantages: Increased revenue, lower costs,
and improved operational efficiency.
You’ll be able to more effectively upsell and cross-sell security offerings to your
customers – creating longer lasting and more effective relationships. Beyond that
you’ll have a wider range of products to wrap around your own service offerings and
will benefit from increased profitability through aggregate billing.
As an MSP, you’ll lower costs by reducing vendor management time and resources.
Your security posture will be improved with Synchronized Security. And you’ll be able
to convert capital expenditure to operational expenditure to be more in line with
your revenue stream.
Lastly, you’ll improve your operational efficiency by integrating into Sophos’ MSP
vendor ecosystem giving you on-demand configuration to add customers at your
leisure and a single dashboard to better manage endpoint and network security.
The same factors will allow you to look at lowering your costs, and increase your
operational efficiency; you’ll be dealing with one provider, Sophos, for multiple
products, meaning that you’re spending less time managing this type of relationship,
52
and more time on offering services to your customers.
When you reach a certain level of user licenses, your per-license cost drops, and
you’ll be spending less while delivering more.
With monthly billing, you get one, consolidated bill, even further reducing the
amount of time you have to spend on administration.
And last but not least, everything is managed through Sophos Central. One place for
you to visit to oversee and administer all of your customers and licenses to give you
more time for you to focus on growing your business!
52
Who Does What?
Sophos
• Legal relationship with MSPs
Distribution • MSP training and certification
• Synchronized Security
• Level 2 Support to MSP
Distributor
• Handles hardware logistics
MSP • Provides MSP terms
• Invoices MSPs
• Pays Sophos
MSP
• Level 1 Support to customer
• Provisioning and configuration
CUSTOMER CUSTOMER CUSTOMER • Invoices customers
• Buys via distribution
We’ve already covered how to get set up with Sophos, how you roll out solutions,
and how you license. The final step in this process is your relationship with the
distributor.
Your distributor provides hardware logistics, can provide credit terms, and ultimately
invoices you for your monthly aggregate license usage.
53
In Summary
• You should now be able to:
54
GlobalTraining@Sophos.com
Please checkout the other Sophos Server Protection course material. And as always –
your feedback is greatly appreciated – please drop us a line at
GlobalTraining@Sophos.com
55