Professional Documents
Culture Documents
Pci Dss Partner Ec TDM Proposal
Pci Dss Partner Ec TDM Proposal
Note to AMs: If this document will be printed and bound, please create space for hole punching or binding as follows: 1. Select File / Page Setup. 2. On the Margins tab, set Gutter to .25 and Gutter Position to Left. 3. Select Whole Document from the Apply To drop-down list. 4. Update the table of contents (select TOC and press F9). 5. Delete this text box prior to submitting or printing document.
<<clientLogo>>
<<PartnerLogo>>
Template Instructions
Fill in all information that appears in <<red>> within brackets and update font color. Instructions are given in text boxes. These should be deleted. See example below: <This is a sample instructional text box. Delete before sending to Customer.>
Insert appropriate cover graphic. Insert Partner Logo and Customer Logo in the Header. Highlight the table of contents and press F9 to update. Delete this page.
<<PartnerName>> CONFIDENTIAL
-i-
<<clientLogo>>
<<PartnerLogo>>
Legal Disclaimer
This proposal is being provided by a Cisco authorized reseller utilizing a Cisco solution. Certain technical and other information in this response may have been provided by Cisco; however, nothing herein shall be construed as a quotation or offer to contract directly with Cisco. The Cisco logos, trademarks and other information provided by Cisco appear in this response with Ciscos permission and are proprietary and confidential information of Cisco Systems, Inc. All other information, including any pricing information, is provided by the Cisco authorized reseller and not by Cisco, and any relationship resulting from this response will be directly with such reseller and not Cisco.
<<PartnerName>> CONFIDENTIAL
- ii -
<<clientLogo>>
<<PartnerLogo>>
Table of Contents
1EXECUTIVE SUMMARY.................................................................................................................................1 1.1<<CLIENT>>S CHALLENGE...........................................................................................................................1 1.2PROPOSED SOLUTION.....................................................................................................................................2 1.3CUSTOMER BENEFITS.....................................................................................................................................3 1.4WHY <<PARTNERNAME>>?..........................................................................................................................3 1.5CUSTOMER TESTIMONIALS.............................................................................................................................4 1.6CONCLUSION...................................................................................................................................................4 2SOLUTION OVERVIEW...................................................................................................................................5 1.7SOLUTION OVERVIEW.....................................................................................................................................5 1.8SOLUTION COMPONENTS................................................................................................................................5 1.8.1Cisco Routing.........................................................................................................................................6 1.8.2Cisco ISR G2 SEC and VSEC Bundles..................................................................................................6 1.8.3Cisco Switching......................................................................................................................................7 1.8.4Cisco Network Security..........................................................................................................................9 1.8.5Cisco Wireless......................................................................................................................................14 1.8.6Cisco MSE............................................................................................................................................15 1.8.7Cisco Adaptive wIPS with ELM...........................................................................................................16 1.8.8Cisco Physical Security........................................................................................................................19 1.8.9Cisco Compute Systems and Storage...................................................................................................20 1.8.10Cisco Management.............................................................................................................................21 1.8.11Cisco Voice........................................................................................................................................22 1.8.12Cisco WAN Optimization...................................................................................................................23 3SERVICES & SUPPORT OVERVIEW..........................................................................................................25 1.9SERVICES OVERVIEW....................................................................................................................................25 1.10SERVICES OPTIONS.....................................................................................................................................25 1.10.1Cisco PCI Compliance Professional Services...................................................................................25 1.10.2Cisco PCI Technical Services............................................................................................................26 1.11FINANCIAL OPTIONS...................................................................................................................................27 4CUSTOMER BENEFITS & RETURN ON INVESTMENT........................................................................28 1.12CUSTOMER BENEFITS.................................................................................................................................28 1.13GENERAL RETURN ON INVESTMENT / BUSINESS IMPACT..........................................................................28 5CUSTOMER PROOF POINTS........................................................................................................................30 6STATEMENT OF COMPLIANCE.................................................................................................................31 7PRICING............................................................................................................................................................32 8APPENDICES....................................................................................................................................................33 1.14ADDITIONAL INFORMATION........................................................................................................................33 1.15ACRONYM LIST...........................................................................................................................................33
<<PartnerName>> CONFIDENTIAL
- iii -
<<clientLogo>>
<<PartnerLogo>>
Executive Summary
<Please note that this is a sample document that you will need to customize to fit the customers objectives and challenges. This proposal is provided as is and may not be appropriate for all situations. Please note that the reseller shall be responsible for the contents of this proposal.>
1.1
<<client>>s Challenge
According to the American Bankers Association, an estimated 10,000 payment card transactions are made every second around the world. Founded by the card brands (AmEx, MC, Visa, and Discover/JCB), the PCI DSS is designed to protect cardholder data. However, retailers still need to create a network architecture that works for their business and also meets the PCI DSS compliance standards that are required by all major credit card brands for any organization that processes payment cards or transfers and stores payment card data. But, as organizations begin to take advantage of wireless technology to improve operations and gain a competitive advantage, PCI DSS requires retailers to extend the same level of security from the wired network to the wireless network and provides specific guidelines as to how to protect point-of-sale data over the wireless network. For todays retailer, any solution that deals with PCI DSS compliance must be able to:
Build and maintain a secure network: A secure network means fulfilling PCI DSS requirements one and two about network firewalls, default settings, and other security parameters. Protect cardholder data: Protecting data requires the solution to protect stored data as well as encrypting a variety of other data as set forth in
<<PartnerName>> CONFIDENTIAL
-1-
<<clientLogo>>
<<PartnerLogo>>
Maintain a vulnerability management program: This requirement from PCI DSS means that networks must regularly update antivirus software and develop secure systems and applications per guidelines five and six. Implement strong access control measures: The requirement also includes restricting physical access to cardholder data as well as assigning a unique computer ID to each person in the company and restricting computer access to sensitive data as per PCI DSS guidelines seven, eight, and nine. Regularly monitor and test networks: A solution that regularly tested the security systems and tracked all access to end-user data would be in accordance with PCI DSS requirements 10 and 11. Maintain an information security policy: Finally, a solution that maintained a policy that addresses every aspect of information security would meet guideline 12 of the PCI DSS.
Clearly, retailers require a solution that can meet the needs of their stores while also meeting the guidelines of the PCI DSS. Being in compliance with those guidelines will save retailers a great deal of money, time, and effort.
1.2
Proposed Solution
The Cisco PCI Solution for Retail 2.0, proposed by <<PartnerName>>, was developed to help retailers simplify and maintain PCI compliance. The solution consists of strategic guidance as well as tactical implementation. A critical element of <<PartnerName>>s proposed Cisco PCI DSS Solution is Cisco network architecture and validated network designs. More than just printed diagrams, these designs, used and recommended by <<PartnerName>>, were deployed and tested in Cisco Labs. Because of this, <<PartnerName>>s proposed Cisco solution applies its enterprise-wide architecture experience to the requirements of PCI. Most industry experts agree that the best way to achieve and maintain PCI compliance is to adopt a strategic, holistic approach to network security risk, management, and compliance that includes the network infrastructure, policies, and procedures. The ability to centrally manage systems, network services, and security is essential to a holistic solution. In addition to simplifying retailers approach to PCI requirements, central management improves operational efficiency and can accelerate delivery of future retail applications that will travel the network infrastructure. <<PartnerName>>s proposed solution offers a network foundation that is an important step for retailers to achieve regulatory compliance requirements and implement data security best practices.
<<PartnerName>> CONFIDENTIAL
-2-
<<clientLogo>>
<<PartnerLogo>>
<<PartnerName>>s proposed solution was built and tested using a holistic enterprise perspective including the following:
Cisco network architectures, used and recommended by <<PartnerName>>, have been designed for stores, enterprise data centers, and the Internet edge to support e-Commerce operations, store employees, customers, and teleworkers. <<PartnerName>>s proposed Cisco PCI Solution for Retail 2.0 also supports wireless 3G technology deployments and multiple store formats, including pop-up stores and convenience stores, in addition to typical small, medium, and large stores. Verizon Business reviewed the products and network designs and issued an assessment report.
The result is a set of architectures and designs that simplify the process of a retailer becoming PCI compliant, maintaining that posture and providing the capability of awareness when under attack.
1.3
Customer Benefits
The Cisco PCI Solution for Retail 2.0, proposed by <<PartnerName>>, addresses many of the 12 PCI DSS requirements and helps retailers simplify their compliance strategies. It goes beyond just the requirements to provide comprehensive best practices for securing sensitive information. In addition, <<PartnerName>>s proposed Cisco PCI Solution for Retail 2.0 helps protect mobile applications and data. It helps to: build a foundation for ongoing compliance; enhance your companys physical security and risk management; strengthen shopping security; and, enable new business initiatives. Because <<PartnerName>>s proposed Cisco solutions use an architectural approach, you can reap benefits not found in a single-box approach. These benefits include:
Increased end-to-end compliance Increased investment protection Improved efficiency in deploying PCI DSS updates
1.4
Why <<PartnerName>>?
Whether you have two stores across town or 2,000 around the globe, <<PartnerName>>s proposed Cisco solution offers solutions, experience, and expertise to help improve your effectiveness and operational capacity. The Cisco PCI Solution for Retail 2.0, proposed by <<PartnerName>>, can help pull everything together to effectively address the PCI DSS with:
A comprehensive wired and wireless solution: <<PartnerName>>s proposed solution provides a comprehensive wired and wireless solution, enabling complete end-to-end PCI DSS compliance. Specifically for wireless, <<PartnerName>>s proposed Cisco solution provides best-inclass solutions to meet PCI DSS compliance, and also provides
<<PartnerName>> CONFIDENTIAL
-3-
<<clientLogo>>
<<PartnerLogo>>
incremental solutions that extend security beyond PCI DSS compliance to meet the objective of truly securing cardholder data.
Dedicated compliance resources: In addition to developing technology and solutions for achieving PCI DSS compliance, <<PartnerName>>s proposed Cisco solution has dedicated resources to truly understand the nature of PCI DSS compliance and to provide valuable insight into PCI updates and revisions. Dedicated personnel actively participate as members of the Worldwide PCI Council Board of Advisors in order to represent Cisco expertise, adopted by <<PartnerName>>, in network security, and represent our customers concerns with regard to PCI compliance. Designs that meet or exceed requirements: <<PartnerName>>, through Cisco, offers collaboration with a third-party QSA to help ensure that the designs meet and/or exceed PCI DSS requirements. This process allows customers to deploy <<PartnerName>>s proposed solution architectures with the utmost confidence that they will achieve PCI DSS compliance.
1.5
Customer Testimonials
1.6
Conclusion
Because cyber-criminals never sleep, many retailers are concerned about moving their cardholder information over a wireless network. They have good reason to be concerned because a number of large corporations have been hacked and thousands of credit card numbers have been compromised. However, with an architectural approach to network security, such as the solution proposed by <<PartnerName>>, retailers can create a system that provides compliance with PCI DSS as well as improves the productivity and speed of the network itself. This kind of network is constantly looking for intruders while also securing data behind firewalls and adhering to strict permissions access. <<AMName>> would be pleased to discuss <<PartnerName>>s proposed Cisco solution to grow in difficult environments with you. <<AMFirstName>> can be reached at <<AMEmail>> or <<AMPhone>>.
<<PartnerName>> CONFIDENTIAL
-4-
<<clientLogo>>
<<PartnerLogo>>
Solution Overview
1.7
Solution Overview
<<PartnerName>>s proposed solution has extensive experience working with wired and wireless networking technologies. Using accumulated best practices, <<PartnerName>> offers a set of architectures in a lab environment with PCI requirements in mind. PCI auditor, Verizon Business, was invited to evaluate these architectures. When deployed and configured as designated in the Cisco PCI Design and Implementation Guide available through <<PartnerName>>, retailers can be confident in their compliance posture as well as security best practices. <<PartnerName>>s proposed Cisco PCI Solution for Retail 2.0 network architectures support secure transport for POS traffic, such as credit card data, cardholder information, transaction logs, and database records. A critical element of the Cisco PCI Solution for Retail 2.0 is Cisco network architecture and validated network designs, available through <<PartnerName>>. Cisco network architectures have been designed for stores, enterprise data centers, and the Internet edge to support e-Commerce operations, store employees, customers, and teleworkers. <<PartnerName>>s proposed Cisco PCI Solution for Retail 2.0 also supports wireless 3G technology deployments and multiple store formats, including pop-up stores and convenience stores, in addition to typical small, medium, and large stores. Cisco network architectures include solutions for virtualized, wired, and wireless deployments, all available through <<PartnerName>>. Retailers can use these network architectures as a guideline for deploying their own network installations as they work toward PCI compliance. These architectures can be used throughout the range of retail environments, from small stores to large retail footprints. To access the PCI Compliance Advisor Tool, please contact your <<PartnerName>> representative.
1.8
Solution Components
<<PartnerName>>s proposed Cisco PCI Solution designed for your particular store or group of stores will be unique. To view Cisco Validated Designs for PCI, please contact your <<PartnerName>> representative. Many Cisco products already include features and the specific intelligence needed to help meet PCI
<<PartnerName>> CONFIDENTIAL
-5-
<<clientLogo>>
<<PartnerLogo>>
requirements. These products, all available through <<PartnerName>>, include: Cisco ISR and ISR G2 Routers; Cisco ASR; Cisco Catalyst compact, access, and data center switches; Cisco Nexus 1000V Series Switches; Cisco Nexus 5000 and 7000 Series Switches; Cisco ACE; Cisco MDS Switch; Cisco ASA; Cisco IronPort Email Security Appliance; Cisco NAC Appliance; Cisco AnyConnect VPN; Cisco FWSM; Cisco IDSM; Cisco IPS Appliances; Cisco Nexus VSG; Cisco IOS Firewall; Cisco IO SIPS; Cisco Secure ACS; Cisco Aironet Access Points; Cisco Wireless LAN Controllers; Cisco MSE; Cisco Adaptive wIPS; Cisco VSOM; Cisco Video Surveillance IP Cameras; Cisco Physical Security MSP; Cisco Physical Access Manager; Cisco Physical Access Gateways; Cisco UCS and UCS Express; Cisco Security Manager; Cisco WCS; CiscoWorks LMS; Cisco Unified Communications Manager; Cisco Unified IP Phones; Cisco WAE; and Cisco WAAS.
1.8.1
Cisco Routing
Up to 45 Mbps WAN performance with services Service module performance and capacity of 1x and up to 160 GB Fast Ethernet with PoE User-based privileges
1.8.2
The Cisco ISR G2s, available through <<PartnerName>>, are part of the Cisco Borderless Network Architecture that enables business innovation and growth across all remote sites. The nextgeneration architecture delivers a new workspace experience by meeting the performance requirements for the next generation of WAN and network services, enabling the cost-effective delivery of high-definition collaboration at the branch office and providing the secure transition to the next generation of cloud and virtualized network services. Features, available through <<PartnerName>>, include:
Feature-rich security capabilities including video imaging and PCI DSS requirements Media engines that enable business-grade video applications based on high-density videoready DSPs that deliver the medianet high-definition experience Bandwidth-optimized and scalable video services, including media-rich video conferencing, video surveillance, video streaming, and digital signage High-performance (up to 8x), nonstop branch office experience to meet your future WAN and services requirements Investment protection with support for most of the prior generation of integrated services router interfaces
<<PartnerName>> CONFIDENTIAL
-6-
<<clientLogo>>
<<PartnerLogo>>
Superior application availability at the WAN edge Multiservice, scalable, and secure headend Embedded high-speed firewall
1.8.3
Cisco Switching
Timed session terminations Restricted and logged access Security services Flow management
<<PartnerName>> CONFIDENTIAL
-7-
<<clientLogo>>
<<PartnerLogo>>
<<PartnerName>> CONFIDENTIAL
-8-
<<clientLogo>>
<<PartnerLogo>>
powerful system. It provides full server load-balancing and application switching functions with granular traffic control based on customizable Layer 4 through 7 rules. Extensive application health checking directs connections past out-of-service and overburdened servers, reestablishing connections as conditions permit. The Cisco ACE Family, available through <<PartnerName>>, provides state-of-the-art redundancy and failover and is integrated with the Cisco ACE GSS disaster recovery and multiple-data-center failover system, offered by <<PartnerName>>. For more information, please see: http://www.cisco.com/en/US/prod/collateral/modules/ps2706/ps6906/product_data_sheet0900aecd80 45861b.html
1.8.4
<<PartnerName>> CONFIDENTIAL
-9-
<<clientLogo>>
<<PartnerLogo>>
URL filtering
Prevents unauthorized network access to protect your information assets Helps proactively mitigate network threats such as viruses, worms, and spyware Addresses vulnerabilities on user machines through periodic evaluation and remediation Recognizes and categorizes users and their devices before malicious code can cause damage
<<PartnerName>> CONFIDENTIAL
- 10 -
<<clientLogo>>
<<PartnerLogo>>
Multi-gigabit scalability Hot swap modules WAN interoperability support Accurant prevention technologies
<<PartnerName>> CONFIDENTIAL
- 11 -
<<clientLogo>>
<<PartnerLogo>>
Software solution, offered by <<PartnerName>>, or separately, depending upon the needs of your company, branch office, or retail store. You can determine the differences between the appliance and the software by reading the data sheet comparison chart. For more information, please see: http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6634/product_data_sheet0900 aecd806a1b7e.pdf
Enhanced compliance with industry regulations Simplified audit processes in virtualized environments Reduced costs by enabling security in a broader set of virtualized workloads
<<PartnerName>> CONFIDENTIAL
- 12 -
<<clientLogo>>
<<PartnerLogo>>
A powerful, attribute-driven rules-based policy model that addresses complex policy needs in a flexible manner A lightweight, web-based GUI with intuitive navigation and workflow Integrated advanced monitoring, reporting, and troubleshooting capabilities for maximum control and visibility A distributed deployment model that enables large-scale deployments and provides a highly available solution
<<PartnerName>> CONFIDENTIAL
- 13 -
<<clientLogo>>
<<PartnerLogo>>
1.8.5
Cisco Wireless
The 802.11n standard provides the bandwidth and reliability to support interactive multimedia applications with up to nine times the performance of 802.11a/g networks. In addition, <<PartnerName>>s proposed Cisco technology has true enterprise-class RF technology designed to maximize 802.11n performance. <<PartnerName>>s proposed Cisco technologies, such as CleanAir, ClientLink, and VideoStream, plus optimized access point radios and antennas, improve performance regardless of where client devices are located. A limited lifetime hardware warranty 5 or 10-unit Eco-Pack bundles with a single, easy-to-open carton that streamlines the staging and installation process and reduces packaging waste by 50 percent Mounting brackets that can be easily retrofitted to existing Cisco legacy access points, available through <<PartnerName>>, to minimize migration cost and time
Flexibility to configure wireless policy, management, or security settings at any time through centralized provisioning and management Faster response to business needs by centrally managing wireless networks Standardized access point configuration for software versioning
<<PartnerName>> CONFIDENTIAL
- 14 -
<<clientLogo>>
<<PartnerLogo>>
wIPS capabilities Networkwide QoS for voice and video across wired and wireless networks Networkwide centralized security policies across wired and wireless networks
1.8.6
Cisco MSE
Cisco Mobility Services, offered by <<PartnerName>>, are a set of value-added network services that consolidate intelligence from various points in the network to enable and optimize the delivery of business mobility applications. This intelligence has typically been highly distributed throughout the network, resulting in complex service provisioning and management. When services, control, and data planes are combined into a single platform, the added complexity limits the networks ability to scale and adapt to new services while maintaining consistent performance (see Figure: The MSE Architecture). The answer lies in centralized services architecture. While still critical to the ability of networks to provide the intelligence for the optimal performance of mobile applications, mobility services should be abstracted from the control and data planes in order to be centralized into the services engine. This centralization of services offers several benefits, including scalability and improved provisioning and management. In addition, centralized service architecture removes the direct linkage between service and network, allowing services to extend across wired and wireless networks. Features, available through <<PartnerName>>, include:
Extensible platform for rapid delivery of services and applications Common framework for hosting multiple mobility services Open API to support third-party and partner application development. Ecosystem of application partners
<<PartnerName>> CONFIDENTIAL
- 15 -
<<clientLogo>>
<<PartnerLogo>>
1.8.7
The Cisco Adaptive wIPS is integrated in the Cisco Unified Wireless Network infrastructure, available through <<PartnerName>>, and provides wireless-specific network threat detection and mitigation against malicious attacks, security vulnerabilities, and sources of performance disruption. Cisco Adaptive wIPS, offered by <<PartnerName>>, (see Figure: Cisco Adaptive wIPS System Overview) provides the ability to detect, analyze, and identify wireless threats, and centrally manages mitigation and resolution of security and performance issues. Cisco Adaptive wIPS, provided by <<PartnerName>>, also delivers proactive threat prevention capabilities for a hardened wireless network core that is impenetrable by most wireless attacks, allowing customers to maintain constant awareness of their RF environment to minimize legal liability, protect brand reputation, and assure regulatory compliance-including PCI 2.0 standards. The Cisco Adaptive wIPS solution, offered by <<PartnerName>>, adds the ELM feature, allowing administrators to use their deployed APs to provide comprehensive protection without the need for a separate overlay network. Prior to ELM and in the traditional Adaptive wIPS deployment, dedicated monitor mode APs are required to provide PCI compliance needs or protection from unauthorized security access, penetration, and attacks. ELM effectively provides a comparable offering that eases wireless security implementation while lowering CapEx and OpEx costs. For more information, please see: http://www.cisco.com/en/US/prod/collateral/wireless/ps9733/ps9817/data_sheet_c78-501388.html
<<PartnerName>> CONFIDENTIAL
- 16 -
<<clientLogo>>
<<PartnerLogo>>
Visibility and control of sensitive data protects against loss from both user actions and targeted malware Zero Update Protection reduces emergency patching in response to vulnerability announcements Always Vigilant Security protecting even when users are not connected to the corporate network or lack the latest patch Predefined compliance and acceptable use policies allow for efficient management, reporting, and auditing of activities
<<PartnerName>> CONFIDENTIAL
- 17 -
<<clientLogo>>
<<PartnerLogo>>
Supports two distinct protocols for AAA: RADIUS and TACACS+ Multiple databases can be used concurrently for maximum flexibility in enforcing access policy Allows the configuration of complex network access policies that may include authentication protocol requirements, device restrictions, time of day restrictions, posture validation, and other access requirements Centralized configuration management Logs are viewable and exportable for use in other systems and support troubleshooting and diagnostics, compliance and auditing, and other reporting and billing activities
The VPN Wizard provides easy configuration of site-to-site, hub-and-spoke, full-mesh, and extranet VPNs Firewall configuration Content Filtering support for IOS-based device platform allows traffic filtering based on deep content inspection Bulk operation feature Cisco IPS Update Wizard allows efficient automatic IPS updates, scheduling, and distribution of policies with status and details notification
<<PartnerName>> CONFIDENTIAL
- 18 -
<<clientLogo>>
<<PartnerLogo>>
your security and network organizations to identify, manage, and counter security threats. It works with your existing network and security investments to identify, isolate, and recommend precise removal of offending elements. The Cisco Security MARS, provided by <<PartnerName>>, also helps maintain internal policy compliance and can be an integral part of your overall regulatory compliance solution Features, available through <<PartnerName>>, include:
Comprehensive built-in and user-defined rules SSH Protocol, SNMP, Telnet, and device-specific communications Automated and user-tuned false positive analysis Graphical attack path visualization with detailed investigation GUI that supports numerous default queries and customized queries
1.8.8
<<PartnerName>> CONFIDENTIAL
- 19 -
<<clientLogo>>
<<PartnerLogo>>
468316.pdf
1.8.9
Reduced TCO at the platform, site, and organizational levels Increased IT staff productivity and business agility through just-in-time provisioning and mobility support for both virtualized and non-virtualized environments A cohesive, integrated system that is managed, serviced, and tested as a whole Scalability through a design for hundreds of discrete servers and thousands of virtual machines, and the capability to scale I/O bandwidth to match demand Industry standards supported by a partner ecosystem of industry leaders
<<PartnerName>> CONFIDENTIAL
- 20 -
<<clientLogo>>
<<PartnerLogo>>
<<PartnerName>> CONFIDENTIAL
- 21 -
<<clientLogo>>
<<PartnerLogo>>
all from a centralized location requiring minimal IT staffing. Features, available through <<PartnerName>>, include:
Fast secure scalable roaming in 802.11i environments A built-in client troubleshooting tool allows network administrators to quickly and easily troubleshoot problems with a client Real-time capacity management with load balancing Support for deployment of several, hundreds, or thousands of central or remotely located access points
<<PartnerName>> CONFIDENTIAL
- 22 -
<<clientLogo>>
<<PartnerLogo>>
processes based on IT Infrastructure Library concepts. The crucial feature of Cisco UCS Manager, offered by <<PartnerName>>, is its use of service profiles to provision Cisco UCS resources. The service profile concept improves IT productivity and business agility. Now infrastructure can be provisioned in minutes instead of days, shifting ITs focus from maintenance to strategic initiatives. For more information, please see: http://www.cisco.com/en/US/prod/collateral/ps10265/ps10281/data_sheet_c78-520522.pdf
Single- and multiline endpoints, supporting a range of communication needs from low to moderate to the most active environments A range of endpoints from basic to fully featured, enabling your organization to take advantage of robust Cisco Collaboration Solutions to meet your corporate objectives while remaining within your budget Support for video communications, on selected models, to reduce your travel costs and accelerate the speed of decision making in your organization Endpoints that support value-added services such as HD voice, high-resolution color display presentation, USB peripherals, Bluetooth, and a wide array of productivity-building applications PC-based multimedia applications that make it possible to obtain up to two hours of more productive work from every employee every day by bringing advanced unified communications capabilities to the desktop
<<PartnerName>> CONFIDENTIAL
- 23 -
<<clientLogo>>
<<PartnerLogo>>
Cisco WAE appliances, available through <<PartnerName>>, provide a unified platform for hosting Cisco application acceleration and WAN optimization solutions, including Cisco WAAS Software, available through <<PartnerName>>. Features, available through <<PartnerName>>, include:
Improve employee productivity by enhancing the user experience for important business applications delivered over the WAN Reduce the cost of branch-office operations by centralizing IT resources in the data center and lowering the cost of WAN bandwidth Increase IT agility by reducing the time and resources required to deliver new IT services to the branch office Simplify branch-office data protection for regulatory compliance purposes
Deliver centralized applications with LAN-like speed to remote users, while preserving visibility and branch security Consolidate costly branch-office servers, storage, and backup infrastructure in data centers while optimizing WAN bandwidth utilization Maximize regulatory compliance and data protection through consolidation of branch storage and acceleration of branch-office backup applications
<<PartnerName>> CONFIDENTIAL
- 24 -
<<clientLogo>>
<<PartnerLogo>>
3
1.9 Services Overview
<Provide additional information of your specific services portfolio.> Using a Lifecycle Services approach, Cisco PCI Professional Services, offered by <<PartnerName>>, provide planning, design, and optimization services to help increase business value and return on investment. Several of <<PartnerName>>s proposed services can also help you address PCI compliance concerns. In addition, Cisco Technical Services, offered by <<PartnerName>>, can cost-effectively maintain secure payment systems for customer-sensitive information while also improving operational efficiency. Based on best practices, Cisco Technical Services, offered by <<PartnerName>>, are designed to help accelerate the transition to an advanced payment architecture that optimizes performance, reliability, and security, and scales easily with growth.
1.10
Services Options
<List and provide links for each of your specific service components.>
<<PartnerName>> CONFIDENTIAL
- 25 -
<<clientLogo>>
<<PartnerLogo>>
programs against industry standards and best practices. They also identify organizational inefficiencies, misalignments, and redundancies that may be undermining success. For more information, please see: http://www.cisco.com/en/US/services/ps2961/ps2952/ps10372/grc_general.pdf
<<PartnerName>> CONFIDENTIAL
- 26 -
<<clientLogo>>
<<PartnerLogo>>
1.11
Financial Options
<Provide the overview of any financing offers available for products mentioned in the solution section.>
<<PartnerName>> CONFIDENTIAL
- 27 -
<<clientLogo>>
<<PartnerLogo>>
4
1.12
The Cisco PCI Solution for Retail 2.0, proposed by <<PartnerName>>, addresses many of the 12 PCI DSS requirements and helps retailers simplify their compliance strategies. It goes beyond just the requirements to provide comprehensive best practices for securing sensitive information. In addition, <<PartnerName>>s proposed Cisco PCI Solution for Retail 2.0 helps protect mobile applications and data. It also helps build a foundation for ongoing compliance, enhance your companys physical security and risk management, strengthen shopping security, and enable new business initiatives. Because <<PartnerName>>s proposed Cisco solution uses an architectural approach, you can reap benefits not found in a single-box approach. These benefits include:
Increased end-to-end compliance: <<PartnerName>>, through Cisco, has partnered with third-party PCI experts to help design and validate end-to-end solutions deployed across wired and wireless infrastructure to achieve PCI compliance. In contrast to wireless-only solutions that are not tested in parallel with the wired infrastructure, <<PartnerName>>s proposed Cisco solutions deliver seamlessly across the network to better protect cardholder data. As an important additional benefit, you have a single support model that minimizes the need to manage multiple vendors. Increased investment protection: The same <<PartnerName>> proposed solution that provides PCI compliance is also the solution that provides rich mobility solutions. Because <<PartnerName>>s proposed solution offers an architectural approach, when you want to move from a wired-only to wired and wireless operational model, you can do so simply by adding a few new components to your existing PCI solution. Because there is no need to design and implement a new solution, the investment you make today will continue to add value as the business model changes and adapts. This will increase the productivity of your employees and the applications they use. Improved efficiency in deploying PCI DSS updates: PCI compliance is updated on a three-year cycle, and new requirements are added or adjusted based on each cycle. Because <<PartnerName>>s proposed solution uses an architectural approach, you can be confident that when new standards are released, you can easily and cost-effectively maintain compliance by upgrading or updating only the solution components impacted by the new standards.
1.13
By combining industry-leading security features with an innovative network architecture approach, <<PartnerName>>s Cisco PCI DSS solution promotes greater IT efficiency, while reducing TCO. In addition, <<PartnerName>>s Cisco PCI DSS solution provides powerful security capabilities that effectively protect your mission-critical applications, servers, and end-user information.
<<PartnerName>> CONFIDENTIAL
- 28 -
<<clientLogo>>
<<PartnerLogo>>
The Cisco PCI DSS solution, proposed by <<PartnerName>>, can help <<client>> meet compliance standards as well as save money by offering:
Lower TCO: <<PartnerName>>s proposed Cisco solution uses an architectural approach to the network because we want you to be able to scale up efficiently. <<PartnerName>>s proposed solution provides both PCI compliance and rich mobility capabilities. This way, you can move to a wired and wireless operational mode more quickly because you only need to add a few new components to your existing system. Since you do not have to create a new design or implement a new system to move to wireless, <<PartnerName>>s proposed solution offers you a lower TCO for your PCI solution. Improved ROI: Because <<PartnerName>>s proposed Cisco technology is developed by third-party PCI experts in the industry, you can feel comfortable that your PCI DSS solution was designed and validated as an end-to-end solution. <<PartnerName>>s proposed solutions were tested in parallel with the wired infrastructure. In addition, <<PartnerName>>s proposed solution provides a single support model, so that you can minimize the time it take to manage multiple vendors. Both of these considerations add to improved ROI of <<PartnerName>>s proposed solution. Increased investment protection: The investment you make today will continue to add value as your business model changes. For example, when new PCI requirements are mandated in three years, you can cost-effectively maintain your compliance by updating only the components that have been impacted by the new standards. You will not need to design or implement a whole new network to deal with the changes. In addition, <<PartnerName>>s proposed PCI DSS solution offers capabilities to move your company from wired-only to wired and wireless with the purchase of a few additional components. Again, your investment is protected because <<PartnerName>>s proposed solution uses an architectural approach for network design including the PCI DSS solution.
<<PartnerName>> CONFIDENTIAL
- 29 -
<<clientLogo>>
<<PartnerLogo>>
<Insert the latest customer case studies including challenges, solution, and business impact/benefit.>
<<PartnerName>> CONFIDENTIAL
- 30 -
<<clientLogo>>
<<PartnerLogo>>
Statement of Compliance
<Insert summary of compliance matrices or requirements response or remove this section as appropriate.>
<<PartnerName>> CONFIDENTIAL
- 31 -
<<clientLogo>>
<<PartnerLogo>>
Pricing
<<PartnerName>> CONFIDENTIAL
- 32 -
<<clientLogo>>
<<PartnerLogo>>
8
1.14 Additional Information
Appendices
1.15
Acronym List
3G: third generation AAA: Authentication, Authorization, and Accounting ACE: Application Control Engine ACS: Access Control Server AES: Advanced Standard Encryption AmEx: American Express credit card AP: Access Point API: Application Programming Interface ASA: Adaptive Security Appliance ASR: Aggregation Services Router CapEx: Capital Expenditures CLI: Command-Line Interface CPS: Connections Per Second DCBA: Data Center Business Advantage DLP: Data Loss Prevention DSP: Digital Signal Processor DSS: Data Security Standard ELM: Enhanced Local Mode FIPS: Federal Information Processing Standard FWSM: Firewall Services Module Gbps: Gigabits per second GB: Gigabytes
<<PartnerName>> CONFIDENTIAL
- 33 -
<<clientLogo>>
<<PartnerLogo>>
GRC: Governance, Risk Management, and Compliance GSS: Global Site Selector GUI: Graphical User Interface HD: High Definition HIPAA: Health Insurance Portability and Accountability Act I/O: Input/Output ID: Identification IDS: Intrusion Detection System IDSM: Intrusion Detection System Services Modules IEEE: Institute of Electrical and Electronics Engineers IOS: Internetwork Operating System IP: Internet Protocol IPS: Intrusion Protection System ISR: Integrated Services Router ISR G2: Integrated Services Router Generation 2 ISSU: In-Service Software Upgrade IT: Information Technology JCB: Japans largest credit card retailer, a joint partner with Discover card LAN: Local Area Network LMS: LAN Management System MARS: Monitoring, Analysis, and Response System Mbps: Megabits per second MC: MasterCard MDS: Multilayer Director Switch MMS: Multiservice Multilayer Switch MPEG: Motion Picture Experts Group MSE: Mobility Services Engine MSM: Multiservice Module
<<PartnerName>> CONFIDENTIAL
- 34 -
<<clientLogo>>
<<PartnerLogo>>
MSP: Multiservices Platform NAC: Network Admission Control NBAR: Network-based Application Recognition OpEx: Operating Expenses PC: Personal Computer PCI: Payment Card Industry PIX: Private Internet eXchange PoE: Power over Ethernet POS: Point Of Sale QoS: Quality of Service QSA: Quality Security Assessors RADIUS: Remote Authentication Dial In User Service RF: Radio Frequency RMS: Remote Management Services ROI: Return on Investment RU: Rack Unit SAN: Storage Area Network SEC: Security SME: Storage Media Encryption SNMP: Simple Network Management Protocol SSH: Secure Shell TACACS+: Terminal Access Controller Access Control System Plus Tbps: Terabits per second TCO: Total Cost of Ownership TCP: Transmission Control Protocol Telnet: Terminal over network UCS: Unified Computing System URL: Uniform Resource Locator, address of a web page
<<PartnerName>> CONFIDENTIAL
- 35 -
<<clientLogo>>
<<PartnerLogo>>
USB: Universal Serial Bus VoIP: Voice over IP VPN: Virtual Private Network VSEC: Virtual Security VSG: Virtual Security Gateway VSOM: Video Surveillance Operations Manager WAAS: Wide Area Application Services WAE: Wide Area Application Engine WAN: Wide Area Network WCS: Wireless Control System wIPS: Wireless Intrusion Prevention Systems WLAN: Wireless LAN XML: Extensible Markup Language
<<PartnerName>> CONFIDENTIAL
- 36 -