February 2016

New Master Security Model
Prerequisites •
•
•
•
•
Advanced Security Architecture Specialization (ASAS)
(1) CCIE ® Security
(1) CCNP ® Security
(1) Fire Jumper
(1) Project Management Certification: PMI (PMP) or Prince 2
Partner Executed Proof of Values (POVs)
Customer References
Onsite Audit Capabilities Validation
Onsite Audit Demonstration
Onsite Audit Practice Areas

Practice Areas
•
In order to demonstrate that partners have mature security practice capabilities, Cisco ®
Master Security Specialization requirements now include validation of these capabilities during the onsite audit process:
Demonstrated capability in at least three out of six specialty areas
• Demonstrated capability in specialty areas against a customer use case

Threat Visibility
Threat Visibility provides awareness of network and application security posture through customer engagements. Threat
Visibility reports provide customers with findings to include host and application risks, malware threats, and recommended actions.
• ThreatGrid
• AMP for Endpoint
• AMP for Network
• AMP for Content
• ESA, WSA, and CWS
• FirePOWER Services
• Ecosystem Partners
• ThreatAnalytics
Network Vulnerability
Assessment
Network Vulnerability Assessments analyze customer networks with vulnerability scanning and penetration testing tools to provide insight into internal, external, and remote access threats. Assessment reports provide customers with findings to include descriptions of vulnerabilities and recommended corrective actions.
• Identity Services Engine
• FirePOWER Services
• Prime Infrastructure
• IOS Software Checker
• Environment Profiling and
Assessment
• Open Source Offerings
• Ecosystem Partners
• ThreatAnalytics
Master Security Practice Areas
Remediation and Response
Remediation and response is an organized approach to addressing and managing the aftermath of a security breach. Services include response planning, incident investigation, forensics, infection containment, countermeasure development, and risk mitigation.
• ThreatGrid
• AMP for Endpoint
• AMP for Network
• AMP for Content
• FirePOWER Services
• Open Source Offerings
• Ecosystem Partners
• Incident Response Service
• ThreatAnalytics

Secure Cloud
Secure Cloud provides or builds a secure environment to meet specific business outcomes including threat protection, acceptable use, data security, secure access, and flexible workloads.
• ESA, ESAv, WSA, WSAv
• ASA, ASAv
• FirePOWER Services
• Identity Services Engine
• Intercloud Fabric
• Open Source Offerings
• Ecosystem Partners
Secure Data Center
Secure Data Center practices address security concerns in virtualized and orchestrated data center environments leveraging Cisco Validated Designs.
Cisco solutions offer maximum performance, actionable security, ease of provisioning, and threat detection and defense.
• Application Centric Infrastructure
• ASA, ASAv
• FirePOWER Services
• Identity Services Engine
• TrustSec
• Advanced Threat Analytics
• Open Source Offerings
• Ecosystem Partners
Secure IoT
Secure IoT converges an organization’s existing information technology (IT) and operational technology (OT) networks.
Cisco offers physical and cyber security solutions to employ consistent security solutions with centralized management across the extended network while offering differentiated security policies and actionable security intelligence.
• AMP for Endpoint
• AMP for Network
• AMP for Content
• Hardened ASA
• Physical Access Manager
• Open Source Offerings
• Ecosystem Partners
Master Security Practice Areas (Continued)

Audit Requirements for Practice Areas
As part of the Master Security on-site audit process, partners are required to provide documentation validating mature security practice capabilities in three of six possible concentrations:
• Threat Visibility
• Network Vulnerability Assessment
• Remediation and Response
• Secure Cloud
• Secure Data Center
• Secure IoT
This document is designed to provide partners with supplemental information regarding the documents that the partner is required to submit on the day of the audit.

Audit Requirements for Practice Areas
Data sheet with business outcomes
Sample statement of work (SOW)
One of the following sample deliverables
• Customer-facing report with recommendations
•
Solution design with network topology and products
• Service Agreement with SLAs
Implementation or operations guide

Audit Requirements for Practice Areas
A data sheet is required for each of the three practice areas, a separate data sheet submitted for each of the three practice areas.
The data sheet should be one to two pages in length and provide a high level description of the service being provided by the partner for the customer.
The data sheet should provide a summary of the benefits this service provides to customers.
Please refer to Cisco’s security product data sheets for examples.

Audit Requirements for Practice Areas
The Statement of Work (SOW) is a formal document that specifies the criteria of a contract between a partner and customer. It documents such items as project requirements, milestones, deliverables, and materials that will be provided to the customer. This document should be comprehensive in scope as opposed to high level.
Below is a sample outline of common items that typically would be included in a scope of work document. The items outlined below are provided as a guideline only.
Objective
Project Scope
Schedule
Financials
Key Assumptions
Acceptance
The Objective section should state the business objectives of the project and a high level overview of the solution being proposed. The objective of this section is to provide clarity as to why work is being performed.
The Scope section should define the work that will be performed and the process for how it will be performed. This section should include a list of deliverables to be provided to the customer.
This section should include a detailed schedule including customer touch points.
The pricing sections should state the price to customer including time and materials. This section should also outline how outside expenses will be handled and milestones for payment.
This section should include any assumptions that need to be outlined that are not related to items covered in the
Project Scope section.
The Acceptance section should include signatures from the customer and any key executives working on the project.

Audit Requirements for Practice Areas
Sample deliverables include sample customer-facing documents that are provided to the customer as part of the partner offering. Acceptable sample documentation include:
• Customer-facing report with recommendations
• Solution Design with network topology and products
• Service Agreement with SLAs

Audit Requirements for Practice Areas
The implementation or operations guide is a partner internal document that outlines the process a partner system engineer would follow in order to implement or deploy the service offering in a customer environment.
Implementation guides are typically created by the partner to document best practices around their service offering, but the partner can also utilize Cisco
Validated Design (CVD) guides to fulfill this requirement when applicable.
Partners may also utilize the POV best practices documentation posted on
Cisco Partner Communities to fulfill this requirement when applicable.