Scribd Logo
Upload

Welcome to Scribd!

  • MINT Multicloud Defense Mentored Install Scope Guide

    Uploaded by

    Amar Singh Rajpoot
    4 views2 pages

    Original Title

    MINT-Multicloud-Defense-Mentored-Install-Scope-Guide

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    4 views2 pages

    MINT Multicloud Defense Mentored Install Scope Guide

    Uploaded by

    Amar Singh Rajpoot

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    Mentored Install Service Deliverables – Channel Partner

    Cisco Partner Confidential

    MINT Service Deliverables – Cisco Multicloud Defense


    Cisco Multicloud Defense Starter Pack Service Offering
    This overview of service deliverables and scope is intended to give you an understanding of what to expect
    from a limited migration to and implementation of Cisco Multicloud Defense. The specific deliverables and
    quantities are flexible and can be adjusted based on your needs. In order to develop an accurate scope of
    work and quote, you will need to schedule a scoping session with a MINT service partner to thoroughly review
    your requirements.

    Multicloud Defense Migration Design and Implementation Starter Pack


    This Multicloud Defense migration and implementation starter pack service offering is designed to help a
    customer migrate a limited portion of their cloud environment to utilize Multicloud Defense. The migration will
    be limited to a subset of the customer’s cloud environment and serve as a template for future migrations.

    Estimated Price
    The Cisco Multicloud Defense mentored sample scope below is estimated to require the use of MINT-
    SECURITY. Each MINT SK U is equivalent to one mentoring unit from a MINT service partner and costs $1,250
    list price. Prices may vary based on geography.

    Multicloud Defense Migration Design and Implementation Starter Pack Scope


    Multicloud Defense Migration Design and Implementation Starter Pack
    Cloud Service Provider Scope Flow Use Cases Included
    • Up to 2 CSP account • Ingress (2 application sub domain)
    • Up to 2 total regions with 3 Data VPCs/VNets per • Egress & East/west (VPC/VNet to VPC/VNet)
    region
    Migration Policies Options
    • Analysis of existing CSP network and security • 1 Egress & East/West policy per region
    architecture • 1 Ingress policy per region
    • Migration of existing cloud firewall rules to Multicloud • Layer 3/4 filtering, basic DNS & URL egress filtering,
    Defense default inspection policy
    • Migration of Security Group Rules and Network ACL • Maximum of 100 total SG, network ACL, and FW rules
    rules to Multicloud Defense where applicable entries to be migrated per Multicloud Defense policy
    Multicloud Defense Architecture Options Network Changes
    • Distributed AND/OR Centralized • Work with the customer to implement any network
    changes required to support migration to Multicloud
    Defense
    • These changes will be limited to the VPCs/VNets, and
    application domains included in the scope of this
    engagement

    Multicloud Defense Migration Design and Implementation Starter Pack Overview


    Multicloud Defense Migration
    Service Description
    Starter Pack Services
     Team introduction & scope of work review
     Conduct technical workshop to gather customer requirements to build CRD (Customer
    requirement document)
    Project Kickoff & Onboarding  Review existing cloud networking and security architecture to understand the intent of
    the existing design
     Share relevant prerequisite information such as CSP account numbers
     Enable / onboard CDO and Multicloud Defense tenant for customer

    ©2024 Cisco and its affiliates. All rights reserved. This document is Cisco Confidential. For Channel Partner use only. Not for public distribution. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco
    and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use
    of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
    Mentored Install Service Deliverables – Channel Partner
    Cisco Partner Confidential
     AS-IS study - understand customer requirements for Multicloud Defense
     Integrate CSP account and start discovery to get the existing cloud Inventory
    AS-IS study / Discovery  Enable flow logs through Multicloud Defense to get traffic summary of VPCs/VNets
    (existing Cloud infrastructure)  Review flow logs collected by Multicloud Defense
     Review existing security/firewall configuration. Including existing security groups,
    network ACLs, and firewall rules
     Determine the level of network changes required to migrate to Multicloud Defense
    Solution Design Document
     Plan FW rule migration strategy.
     Create a migration plan which limits downtime in the network.
     Propose and review solution design with customer
     Build Multicloud Defense Solution Design Document
     Investigate flow logs to build src/dest address sets, & application mapping for rules.
     Service VPC/VNet Deployment (for Centralized Architectures)
     Deploy gateway (centralized or distributed) – ingress/east-west & egress OR both.
     Define ingress/egress/east-west gateway security policies – Max 100 entries migrated
    Implementation (Deploy and from existing SG, ACLS, and FW rules.
    Defend)  Secure VPCs/VNETs – Migrate VPCs/VNets from existing network configuration to
    utilize the Multicloud Defense gateways
     Test/validate traffic flows after securing VPCs/VNETs
     Implement default NGFW feature profiles relevant to migration – Decryption, IDS/IPS,
    URL, Malware
     Explain to the customer/partner how to configure/manage the deployed solution
     Review migration procedure and explain how this procedure can be used to migrate
    Knowledge Transfer
    the rest of the customer CSP accounts
     Walkthrough of design document

    Next Steps
    Schedule a scoping session with a MINT service partner today to get an accurate quote based on your specific
    requirements. Review the MINT Field Guide to learn more about mentored installs for Cisco Multicloud Defense
    and additional use cases.

    Questions?

    Email your questions to mail to: minthelp@cisco.com

    ©2024 Cisco and its affiliates. All rights reserved. This document is Cisco Confidential. For Channel Partner use only. Not for public distribution. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco
    and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use
    of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)

    You might also like