Implementation packages

We will guide you through the development and implementation of Elastic.

Endpoint Implementation

Consultative and deployment services focused on your Elastic Endpoint Security solution, including installation, protection policy design, sensor deployment, integration assistance (SSO, SIEM, LDAP), MITRE ATT&CK™ mapping, and knowledge transfer. Best practices for deploying endpoint security products usually require multiple soak periods, therefore we highly recommend remote delivery to maximize efficiency.

Duration

4 consulting days

Customer profile

Can be applied to the Elastic Security solution using the Elastic Stack or Elastic Cloud with Endpoint Security

Common tasks

  • Setup
    • Installation
    • SAML SSO integration
    • LDAP/Active Directory integration
    • Elastic Stack integration
    • SIEM integration
  • Sensor deployment
    • Deployment best practice guidance to avoid operational impact
    • Protection policy design tailored to applications in your environment
    • Assistance deploying sensors using your existing deployment tools
    • Alert triage and whitelisting guidance
    • Assistance with custom detections
  • Knowledge transfer/engagement report

Recommended time allocation

  • ½ consulting day for project kickoff and discovery sessions
  • ½ consulting day for initial installation and configuration
  • 2 hours of customer application review and baseline policy design
  • 2½ consulting days application review, baseline policy design, alert triage, and whitelisting, and knowledge transfer
  • ½ consulting day for document preparation

Note: Consulting days within the engagement may be allocated to allow consulting services within this scope according to customer need.


Security Implementation

Consultative and deployment services for Elastic Security. Includes design recommendations, data ingest and monitoring, patterns and the Elastic Common Schema ("ECS"), MITRE ATT&CK™ mapping, alerts, and visualizations for identifying security risks and cyber threat monitoring. May include all Elastic Stack or Elastic Cloud components including SIEM, machine learning, Beats, Logstash, and Elastic Endpoint Security, and may also include data mapping from third-party security, network, and cloud products and services.

Duration

8 consulting days

Customer profile

Can be applied to the Elastic Security solution using the Elastic Stack or Elastic Cloud with Endpoint Security

Common tasks

  • Discovery and understanding of security objectives and requirements
  • Review of existing security monitoring, infrastructure, and tools
  • Recommendations on security strategy and implementation
  • Guidance on security techniques with the Elastic Stack or Elastic Cloud
  • Implementation assistance with data feeds, threat feeds, enrichment, and visualization

Recommended time allocation

  • 1 consulting day for discovery and sessions with customer and Elastic
  • 1 consulting day for security implementation planning and prioritization
  • 5 consulting days for implementation services
  • 1 consulting day for document preparation

Development

Consultative and advisory services for your development project. This can include development areas such as client support using Elasticsearch APIs and Query DSL, Elastic Stack plugins, Logstash plugins, Beats, Elastic Enterprise Search, or Elasticsearch client libraries.

Duration

8 consulting days

Customer profile

  • Can be applied to any solution: Enterprise Search, Observability, Security, or other use cases on the Elastic Stack or Elastic Cloud
  • Applicable to new or existing Elastic Stack or Elastic Cloud environments where the customer requires general best practices and guidance

Common tasks

  • Discovery and understanding of business objectives and development needs
  • Review of requirements: functionality, results, development language and dependencies, testing, integration
  • Recommendations on development methods and implementation
  • Assistance with development APIs and coding, if time remaining within the engagement

Recommended time allocation

  • 2 consulting days for project kickoff and discovery sessions with customer
  • 5 consulting days for detailed assistance on API use or coding recommendations with the customer development team
  • 1 consulting day for document preparation

Note: Consulting days within the engagement may be allocated to allow consulting services within this scope according to customer need.


Flex Services

Flex Services let you focus on the tasks within a package that are most important to you. Note that no custom deliverables are allowed with Flex consulting.

Duration

Flex Services require a minimum of 4 consulting days


Custom Services

Not seeing the package that's right for you? Tailored Elasticsearch and Elastic Stack solutions are available upon request. This option requires a custom scope of work to be evaluated for your use case.

Duration

Custom Services require a minimum of 20 consulting days


Contact Elastic Consulting

Contact us with your questions about our services or to initiate an engagement with Elastic Consulting.