Return to Blog

An interesting request came up this week. A customer asked about our 30-minute SLA on P1 tickets and stated that in another more expensive offering, they’d been given a 15-minute SLA guarantee.

They asked us to review this with them, so we had a look at the fine print together and the difference was clear immediately.

Within 15 minutes someone would respond to confirm that their ticket had been received and was being managed.

This person would then pass the ticket on to a second line of support who would review the ticket within a new SLA time limit, (in this instance it was 30 minutes) and react accordingly.

The second line of support would review and offer a quick fix solution, if they can do so. Or they would re-assign the ticket to a qualified engineer who should know what to do with it.

That engineer would have a new SLA time to respond within, resetting the count down again.

In this instance it was 60 minutes!

In total they promised it would take up to 1 Hour and 45 Minutes from the moment they logged the initial ticket, for a qualified engineer to react.

The customer assumed we were offering the same level of service, just with different numbers in the guaranteed response time.

It goes without saying, that this wasn’t the case.

Pentesec support is ‘Straight to Third Line’ – your ticket is answered by a CCSE certified engineer within 30 minutes.

They don’t acknowledge and then delegate, they respond by starting the resolution process, because they’ve had up to 30 minutes to consider the issue in advance.

Our aim is to resolve the issue at the point of your first call, or at least provide steps for limiting the damage caused.

If a Check Point Certified Security Engineer is on the case from the very beginning, then our statistics show that cases are closed much more efficiently.

There are times where the issue is much more complex. In those instances a Check Point Certified Security Master is brought in to manage the ticket immediately.

Our CCSEs know when that is necessary and so the same SLA applies. There is no ‘new SLA’ to delay things further. The CCSM will work on the case from the beginning.

Reviewing our support levels, we found that a very small number of cases were being escalated beyond our CCSM team to Check Point themselves.

Normally partners would be forced to escalate issues to Check Point’s front-line team as soon as their in house support was unable to resolve the issue themselves.

This escalation would lead to a whole new system of SLAs, as there are several layers involved.

Check Point found that with Pentesec, the few tickets reaching them were often ending up with their research and development team.

From there Check Point would tweak their software because our customers were experiencing a rare and previously unseen bug that our team had diagnosed for them.

This has led to a unique relationship where Pentesec CCSMs can now escalate issues directly to R&D when they feel it necessary.

That makes our support path short and simple.

A security engineer reacts and resolves the ticket, or escalates it to a security master. They resolve the issue or escalate it to Check Point’s Research and Development team, who then resolve the issue.

Fixes can take time. There is no doubt that bugs can arise which are difficult to diagnose, or unique quirks can develop that throw even the most seasoned of professionals.

But when everything is falling apart, and you’re being asked to respond, do you want a 15-minute guarantee that a novice will email you to confirm receipt of a ticket, and a 90-minute wait?

Or would you rather have an expert telling you how to react within 30 minutes because they’ve read your case and they know where to begin?