Beef up your cybersecurity with our new Managed Detection and Response serviceDec 3, 2019
3 reasons why you need MDR
Traditional defense isn’t enough. Analyzing threats and coming to conclusions about root causes can help you take security to the next level.
IDC Technology Spotlight
This IDC feature introduces Managed Detection and Response (MDR) as a solution to the top concern facing Canadian SMBs and provides an overview of the TELUS offering.
In this webinar, Trevor Pakka, Sr. Security Sales Engineer at TELUS and Andrew Loschmann, President & CTO at Field Effect Software explain how organizations can improve their security posture with the TELUS MDR solution, powered by Field Effect Software’s Covalence.
Trevor and Andrew didn’t have time to answer all of the questions during the live webinar, so we asked them to answer them here on our blog.
How is this different from an MSSP?
MDR is a managed security service offering. By partnering, TELUS and Field Effect Software can both focus on their strengths to put together the best offering possible, including access to a 24x7 SOC.
What is the global reach of the TELUS MDR service?
This product is available nationwide in Canada.
Will this protect my remote users working in home offices/always on the road? How do you handle off-net devices?
Your endpoint agent will keep track of all devices on which it has been installed. The agent will keep track of your device, provide information into the backend for analytics and alerts are created for your device if anything malicious is found.
Will MDR protect from insider threat actors including automated bots?
The endpoint, network, and cloud threat surfaces are proactively being monitored for vulnerabilities and anomalous behavior with the TELUS MDR solution. It is ideal to couple MDR with an endpoint protection solution to ensure that File Integrity Monitoring (FIM) on the local endpoint is always secure.
Will it work with my IPS?
Yes, an Intrusion Prevention System (IPS) is part of the overall “protective” controls that should be part of any security ecosystem. MDR works with your existing protective technologies to better improve detect and respond capabilities.
Is MDR only a software or does include a hardware like a firewall or something else?
Our MDR service is a mix of hardware, software and people::
Network Sensor – Hardware-based, installed behind the customer firewall and inline in front of the core network switching infrastructure.
Endpoint sensor – Software to be installed on all endpoints. Supports Windows, Linux and OSX.
Cloud – Software – API-driven.
AI and Machine learning - Software driven.
Behind all the hardware, software and automated threat detection is a team of security experts who actively monitor and do threat hunting 24x7.
How would your offering perform in a financial/transactional setting? Tremendous amount of research emails from outside parties along with low latency requirements for financial transactions.
Any time you introduce hardware into inline packet streams, there will be an introduction of latency, however it is very minimal. If latency requirements are a concern, we offer flexible architectures to support this. Please contact your local sales representative to further qualify the requirements.
Is the endpoint protection tool still required?
A TELUS MDR service would compliment and enhance an endpoint protection solution that is already in place, but does not replace it.
Historically, putting in [3rd party] solutions in cooperation with our outsourced partner has been challenging - how have you seen this deployed with third party IT managed service?
TELUS MDR is a fully managed solution that is backed by our security operations center (SOC) with 24x7 monitoring and proactive communication around critical alerts. We ship hardware direct to client offices and have easy-to-install instructions for all sensors. If your organization has 3rd party IT support, we are more than happy to work with them to ensure the TELUS MDR solution is up and operational as quickly as possible.
Is the MDR service resource intensive?
No, MDR is a lightweight endpoint client which is very light on computing and CPU memory resourcing. Anytime you introduce hardware inline, there will be an introduction of latency, however it is very minimal. If latency requirements are a concern, we offer flexible architectures to support this.
Would the MDR service be deployed to all clients?
To ensure the best visibility across your threat surface, all endpoints should have the MDR sensor deployed. However, TELUS MDR offers flexible installations based on business requirements. This can be discussed with your Sales Engineer who will help you identify the key resources that should be covered.
Want to talk to a TELUS representative? Get in touch here, on the MDR solution page.