Nuvolo’s OT Security Inventory & Workflow module is designed to keep up-to-date asset information by correlating your Connected Workplace assets with information from your real-time network monitoring solution. Combined with OT Security Monitoring & Response, keep up-to-date asset information correlated with security relevant information to help secure the fleet.
Nuvolo and Customer will collaborate for the activation of the Nuvolo application. This marks the start of the engagement. The activation will begin with a kickoff meeting for the teams to meet and review the implementation process.
- Schedule remote project kickoff meeting for introductions.
- Create implementation kickoff agenda.
- Schedule and conduct implementation kickoff:
- Review project roles and responsibilities.
- Review of Customer’s organizational constraints.
- Review of project approval processes to avoid unnecessary delays.
- Agree on sprint cycle plan with Customer.
- Understand Customer’s network security requirements and approvals.
- Review Customer’s and Nuvolo’s escalation processes.
- Review Customer’s business requirements.
- Define scrum call schedule.
- Review UAT training requirements and level of effort.
- Receive list of subject matter experts (SMEs) from Customer’s business units.
Customer will provide:
- Appropriate and knowledgeable staff to complete self-paced learning at the appropriate times and participate in the implementation.
- One or more Nuvolo application administrator for each Nuvolo application as appropriate.
- Customer deliverables as identified for the implementation as scheduled.
Inventory & Workflow Installation Activities and Tasks
- Perform the initial application installation in lower instances (Dev, Stage/Test)
Matched Assets Workflow Activities and Tasks
- Discuss the process that will occur with incoming data from the Network Security Monitoring Solution
- Configure appropriate key/field mappings
- Configure appropriate identifications
- Provide sample payload information surrounding the Network Security Monitoring solution
- Decide which data elements from the payload to be used for updating asset information
- Define which data elements from the payload will be used for identification purposes
Unmatched Assets Workflow Activities and Tasks
- Configure workflow surrounding unmatched assets
- Configure work order auto-generation
- Decide whether unmatched assets should create work orders for validation
- Decide whether unmatched assets should automatically create new assets
Low Confidence Matching Activities and Tasks
- Configure identifications to be used for low confidence matches
- Configure work order auto-generation
- Decide which data elements from the payload to be used for low confidence matching
- Decide whether low-confidence matches should create device re-validation work orders
Vulnerability Data Imports
- Import Vulnerability Definitions, CPEs, and CWEs into lower-level instances
- Enable automatic updates of Vulnerability Definitions
Security Alerts and Vulnerability Remediation Work Orders
- Discuss work orders that will be generated as part of the workflow, and configure work order generation according to customer’s decision
- Decide whether automatic work order generation should occur for Security Alerts and Vulnerability Remediation
Environment Cleanup and Integration Enablement
- Remove unused network security monitoring data sources
- Remove unused network security monitoring key/field mappings
- Remove unused network security monitoring identifications
- Remove unused network security monitoring action scripts
- Provide data source sys_id for use with Network Security Monitoring integration
- Associate web only user account with data source for authorization
- Decide which Network Security Monitoring solution is used for integration purposes
- Create a web-only user account for use with Network Security Monitoring Solution integration
- Engage the Network Security Monitoring team for any coding that may be required on the NSM side for the integration (e.x., filter updates), and ensure it is completed within the implementation timeline
Dashboards and Reporting Activities and Tasks
Nuvolo’s OT Security Inventory & Workflow and Monitoring & Response contains out of the box dashboards and reports to be used to gain visibility into the successful correlation of asset information between systems. Nuvolo will review out of the box reports during this engagement
Nuvolo’s OT Security Inventory & Workflow and Monitoring & Response contains multiple components to match and map assets between Nuvolo’s Connected Workplace and your Network Monitoring Solution.
- Nuvolo will review and demonstrate the following:
- An overview of the workflow and associated queues
- Key Field mappings
- Action Scripts
- Work Orders
- Security Events
- Promote all data records from stage (STAGE) environment to Nuvolo OT Security (PROD) environment
- Coordinate transition to Nuvolo’s Customer Success team
Nuvolo is not responsible for the following activities and tasks for production go-live:
- Determination of which data elements should or should not be updated
- Ensuring that existing assets contain unique asset identifiers shared between Network Security Monitoring Solution and Connected Workplace
- Determination of Identifiers to be used in correlating assets between systems
If there is a change in scope, assumptions, capability discovered during the implementation kickoff then Nuvolo will require a Change Request. Any Change Request signed by both parties shall be effective as of the date set forth therein (each, a “Change Order”). Instances in which a Change Order shall be required include: (1) Customer’s requests for out-of-scope Services; (2) discovery of new information that requires an increase in the scope of Services; or (3) Customer’s failure to fulfill any of its responsibilities if such failure delays the Services or requires Nuvolo to incur additional time or costs in performing Services.
If the parties do not agree on a Change Order, the Engagement shall proceed as originally set forth. If, however, the existing Engagement or any specific Services cannot proceed without an executed Change Order, Nuvolo may suspend Services until the Change Order is executed.
The duration for the setup of the services outlined in this document is up to fourteen (14) weeks.
Inventory & Workflow and Monitoring & Response High-Level Project Schedule
The duration of this deployment is up to fourteen (14) weeks. Any additional effort required related to complexity, scope or project duration will be subject to the change request process.
Any activities or tasks not specifically outlined in this Service Description are out of scope.