Forum Discussion
General MSSP Inquiry
Hello Azure Security!
Overview:
Currently, I’ve been waiting weeks to get my questions answered from Microsoft Support, and to be approved by the OneVet team - so I am bringing my questions to the forums, where the experts are.
Questions:
If I was to offer an MDR solution to clients, what is needed, and why? I am projecting it would look something like this:
- Azure Sentinel
- Log analytics
- Defender/or ATP? (Differences?)
Is there anything missing in this stack that you would consider essential?
What are the current CSP pricing models for these services, (keep in mind, I do not have access to the CSP portal yet, and I’ve been waiting weeks)
NETFLOW data, I understand I can ingest this data into Azure Sentinel, but for a small-business operating without a switch or with a switch, with defender deployed on all endpoints... is NetFlow data needed?
Question on Capacity - I am trying to understand the average usage of a 10-endpoint office/business, and what the costs associated would be to deploy Microsoft Security Solutions as described above.
What is the typical usage for a small size business and medium size business?