G DATA 365 | Managed EDR

Product launch and onboarding process

The G DATA 365 | Managed EDR product is not an "off-the-shelf" product. It is a customized security solution for your IT environment. Therefore, this product cannot be purchased, installed and used like traditional antivirus solutions. Rather, it requires

  • an analysis of the current status of your security concept,

  • Creation of a suitable concept with clear agreements (kick-off and review)

  • and a smooth changeover (onboarding).

Interested parties initially have the opportunity to check whether the concept of a managed EDR solution suits their company as part of a proof of concept (POC) test phase.

The proof of concept license includes the monitoring of up to 25 devices with the service level silver.

Kick-off

The kick-off is the first meeting of our G DATA Security Operations Team with the responsible project participants in their company.

  • In this meeting you will receive

    • explanations of standard configurations and answers to all open questions,

    • all information on the minimum system requirements,

    • a risk disclosure.

  • Our G DATA Security Operations Team discusses

    • potential risks of exceptions,

    • non-automated reactions to malicious code

    • or the exclusion of response services on certain systems.

  • We explain what effect these points can have on reaction times and the resulting potential damage.

  • A 14-day learning mode of the G DATA Agent is set up. For two weeks, no automated reaction to malicious code will be performed. After this period, you will receive information about processed sensor messages, the end of the learning period and that automated reactions to detected malicious code will be carried out from this point onwards. Response services take place during the learning mode of course.

  • A reporting chain is defined in the event of future incidents.

Onboarding

Onboarding initially involves setting up your tenant in our backend system.

You will receive the G DATA Agent setup file and access to the G DATA Web Portal (including a comprehensive introduction), as well as your Setup-ID.

Holders of an already purchased license receive FULL onboarding.

Kick-off

The kick-off is the first meeting of our G DATA Security Operations Team with the responsible project participants in their company. The following issues are discussed at this meeting:

  • You will receive explanations on necessary or desired configurations, answers to all open questions and information on the minimum system requirements.

  • The kick-off includes a risk assessment. During this meeting, our G DATA Security Operations Team will explain to you

    • potential risks of exceptions,

    • non-automated reactions to malicious code

    • or the exclusion of response services on certain systems.

  • We explain what effect these points can have on reaction times and the resulting potential damage.

  • A 14-day learning mode of the G DATA Agent is set up. For two weeks, no automated reaction to malicious code will be performed. After this period, you will receive information about processed sensor messages, the end of the learning period and that automated reactions to detected malicious code will be carried out from this point onwards. Response services take place during the learning mode of course.

  • You can specify whether devices should be excluded from access by the G DATA Security Analysts.

  • A reporting chain is defined in the event of future incidents.

In the kick-off, our G DATA Security Operations Team discusses with you, which of your endpoints we monitor, how we should respond to attacks and where manual analysis may be appropriate instead of automated reactions. Together we will weigh up the advantages and disadvantages in your specific case. The function of systems with particular relevance (especially the servers) is considered. These can be the management’s devices (due to their specific relevance to trust) or domain controllers, HyperV systems, mail or database servers.

A protocol is drawn up after the kick-off. If all points have been clarified, the individual target concept can already be defined and onboarding can begin.

Otherwise a review will be carried out.

Review

The review is a second appointment at which all open questions are clarified and recorded. The final, individual target concept is then defined here.

Onboarding

Onboarding initially involves setting up your tenant in accordance with the agreements from the kick-off/review (target concept) in our G DATA Cloud Backend.

You will receive from us (depending on the service level)) on request a Deployment-Consulting.

You will receive the G DATA Agent setup file and access to the G DATA Web Portal (including a comprehensive introduction), as well as your Setup-ID.