Overview

The Partner Portal is a web site provided to companies that have signed a distribution agreement with ThreatSTOP so provision accounts and access to features.

Accounts and subscriptions must be managed in accordance with the terms of the Partner agreement signed with ThreatSTOP - for example, account terminations, changes to subscription terms, upgrades and downgrades.

Concepts

Partners

A partner is an entity with an agreement to resale a set of ThreatSTOP products. Partner accounts are able to manage the services provisioned for their end-users using the ThreatSTOP partner portal.

Account and subscription settings can only be changed by user accounts associated with the Partner.

Accounts

Accounts identify users that have been provisioned with access to the ThreatSTOP product suite, typically configured using the ThreatSTOP Admin portal or the ThreatSTOP REST API.

The features available to the account are determined by the subscriptions (none, one or several) currently active for the account.

A Partner Admininistrator is an account that has been granted the permission to manage the end user accounts associated with said Partner

Subscriptions

Subscriptions grant an account with a list of SKUs for a configurable period of time.

Subscriptions also control the quantity of SKU and access to features for evaluation purposes.

SKUs

SKUs identify product features that have been defined by ThreatSTOP Product Management in collaboration with the Partner.

Example

  • Account 1 has two subscriptions:
    • Subscription 1.1 provides access to two SKUs
    • Subscription 1.2 provides access to one SKU
  • Account 2 has a single subscription which provides access to one SKU

Accessing the Partner Portal

  • The Partner Portal is accessed via https://partner-portal.threatstop.com
  • A valid Partner Administrator account is required
  • Two-Factor authentication is mandated to access the Partner Portal

Two-Factor Authentication (2FA)

Two-Factor Authentication is implemented using Google Authenticator. It requires a smart phone.

Setup

After entering their credentials during their first login, users will be prompted to setup 2FA.

  • The Partner Portal will display a QR Code, which can be scanned by the Google Authentication app on the user’s phone
  • The application will generate an access code, which must be entered on the portal to complete the process

Login

  • After entering a correct user name and password, the user will be prompted for a 2FA code.
  • The 2FA code can be retrieved using the Google Authenticator app on the smart phone used during setup
  • Users are given an option to trust the browser they used to login. If they select this option, they will not be asked to enter a 2FA code during login for 30 days.

Two-Factor Authentication Reset

  • If a user doesn’t have access to the smart phone (or removing the Partner Portal configuration), they can login by selecting the Lost Device link.
  • After entering the username and password, clicking the Lost device link will send a login link to their email address. It can be used once to complete the login.
  • The user will be prompted to reconfigure 2FA

Granting and Revoking access

  • A user with access to the Partner Portal is called a Partner Administrator.
  • A Partner can have multiple Partner Administrators. All Partners Administrators have the same level of access in the Partner Portal.
  • A Partner Administrator can grant access to any existing user in the system, and can revoke access from any current Partner Administrator.

To grant access:

  • Click on the Grant/Revoke Access menu entry
  • Enter the email address of the account in the Grant Partner Portal Access to field and click Add

To view current Partner Administrators

  • Click on the Grant/Revoke Access menu entry

To revoke access

  • Click on the Grant/Revoke Access menu entry
  • Find the user in the list
  • Click on the Revoke button and confirm

Account settings

  • Clicking on the username in the header will bring you to a page with the following options:
    • Change account password
    • Manage API Keys (Partner API Access)
    • Setting account as a point of contact. ‘OFF’ by default. (This will flag the account as a recipient of automated email reports and other important notifications in the future. See Automation sections in the Reporting section below for more information)

Partner Admin Accounts with no access to products

Partners Admin Accounts can be created accounts for the sole purpose of managing end user accounts, that is these accounts will not access to the ThreatSTOP products itself. This can be achieved by creating an account using the Partner Portal, granting access to the Partner Portal but but not creating subscriptions on this account.

Account Management

Account attributes

Creating an account requires the following attributes:

  • Organization: the name of the organization which will be using the product; this is the end-user. The name can be edited but the ThreatSTOP system will generate a unique, immutable Account Number derived from the organization name used during Account creation.
  • Email address: this is administrator login for the new account in the ThreatSTOP Portal. It must be unique in the ThreatSTOP system.
  • Country: the country where the organization is located
  • External System ID: this field can be set to any value. It allows partners to tie the account to the identifier in the their own provisioning system. Typically this is the customer ID in the Partner’s provisioning system.
  • First name and Last name: name of the administrator

Account Status

An account can be in one of three states. The state can be changed after account creation.

  • Active: Features are enabled according to the subscription configuration. This is the initial state.
  • Suspended: Access to features is turned off.
    • Users can login but will be presented with an error message. All account data (configuration, logs…) is retained.
    • Account can be suspended because of disputes or payment problems.
    • Suspended accounts can be re-enabled by setting the state to Active
  • Closed: The account is terminated permanently.
    • Account data (configuration, logs) is subject to removal at any time but the history of the account and its subscriptions will remain available in the Partner Portal.
    • Closing an account can not be reverted.
    • If a organization decides to purchase new service after their account was closed, a new account must be created.

Creating a new customer account

  • Accounts are created with the Organization Accounts ⇒ Add link in the Partner Portal navigation
  • Upon creation, an account has no subscription. A subscription must be created and active before the account can use the ThreatSTOP products.
  • To gain access to the ThreatSTOP system, the user must first set a password.
    • If the Notification checkbox is checked, ThreatSTOP will send an email to the new account inviting the user to complete the account creation process and choose a password.
    • If the Notification checkbox is not checked, the Partner Administrator can generate the password reset link directly and provide it to the customer (manually or through their automated provisioning process). The links are generated with the PW Reset’ button on the *Account Management page and are for valid for 7 days.
  • If the end-user didn’t receive the password reset link (e.g. email issues, or link expired):
    • the user can perform a password directly from the product login page, as long as their have the username (email address)
    • or a new password reset link can be generated from the Account Management page, using the *PW Reset” button

Third-party Access

  • Partners often pre-configure accounts on behalf of their customers.
  • This can be done using the Product REST API or using the ThreatSTOP Admin Portal.
  • To gain access to the user account and configure it, Partner Administrators can add enable access into the accounts that they manage, for an existing ThreatSTOP product account.
    • In the Account creation/edit page, scroll down to the Third Party Access section
    • Select the email address of the existing user and click add
    • The user will be able to login to the Admin Portal, and use the Switch Account feature of the Accounts Settings page to access and configure the account.
  • If access to the end-user account is not needed anymore, the permission can be revoked by selecting the account in the Third-Party Access section and clicking Delete. Access can be re-enabled as well.

List of accounts

  • The list of accounts managed by the Partner is accessed using the Organization Accounts ⇒ Manage link.
  • The list can be filtered based on Account Number, Partner Identifier, Organization Name and Account status.
  • By default, the list only show Active Accounts. Use the Account Status Filter to show disabled or closed accounts.

Actions

  • The Edit action will show a form to view and edit accounts details.
  • The SKUs action displays a list of all SKUs currently enabled for this account, across all subscriptions. This is a quick way of seeing what features are enabled without scanning through each subscriptions attached to the account.
  • The Extend action applies to Trial subscription and triggers a workflow for your ThreatSTOP Account Manager to approve extending the subscription beyond its normal end date. Provide the number of days you want to request and a message for the ThreatSTOP Account Manager.

Editing accounts

The properties of an account can be edited by Partner Administrators using the Accounts ⇒ Manage page as follows:

  • Status: suspend, re-enable or close an account
  • Email address: the email address for the administrator of an end-user account can not be changed using the Partner Portal. It is possible to set a new administrator email using the Admin Portal.
  • Accout Number: this can’t be changed and is used to identify the account accross all of ThreatSTOP’s systems.
  • Organization Name: the organization name can be edited. If it is, note that the Organization ID will not changed - it is immutable.
  • Identifier: it is possible to change the identifier for this account in the Partner’s system but this should be done with caution, as to not lose the ability to link the account between the Partner Portal and the Partner’s own provisioning system.
  • Country can be edited.

Subscription Management

Attributes

A subscription has the following attributes:

There are two types of subscriptions:

  • Standard subscriptions
    • Standard subscriptions are billed according to the terms of the Partner Agreement.
    • They can be created with a standard duration set of 12, 24 or 36 months, a custom end date, or co-termed with an existing subscription.
    • The allowed range of duration for standard subscription is 30 days - 7 years. The duration must be selected according to the Partner Agreement.
  • Trial subscriptions
    • Trial subscriptions are not billed but are limited in duration. The duration is set in the terms of the Partner Agreement.
    • A SKU can be added to a Trial subscription once only.
    • Trial subscriptions can be used for new customers wanting to evaluate the product, or for existing customers wanting to evaluate add-on features, such as API Access or ThreatList.

The subscription can be in one of four states

  • Pending: Subscription has been created with a start date set in the future.
  • Active: Subscription start date is in the past and its expiration date is in the future. Subscriptions become active automatically at midnight (GMT+9).
  • Expired: Subscription has an end date in the past. Subscriptions expire at midnight (GMT-14).
  • Terminated: Subscription was ended early by the Partner Administrator. See the Subscription terminations section of this document.

A subscription has the following attributes:

  • Start Date: the date the subscription will become active. Subscriptions can be edited until their start date only.
  • Duration: either a standard duration (12, 24 or 36 months), a custom end date, or the end of date of any active or pending subscription attached to the account (Subscription co-terming).
  • SKUs and Quantities: the list of SKUs that this subscription will enable. See the SKUs section below.
  • Auto-renewal: If the subscription is set to auto-renew, a new identical subscription (SKUs, quantities) will be attached to the account on the day it expires. The setting can be changed at any time until the expiration date of the subscription. The duration of an automatic renewal is set 1 year increments. If the original subscription lasts between 30 days and 365 days, it will renew for one year. If it lasts between 366 days and 2 years, it will renew for 2 years, and so forth.

Suscriptions are active according to their start date and end date, regardless of timezones - i.e. they become active in the earliest timezone possible and expire in the latest timezone possible.

Creating subscriptions

Subscriptions are added via the Subscription ⇒ Add menu entry.

  • All fields except External System ID are required
  • The end user account is identified by the organization Name or ThreatSTOP Organization ID.
  • Multiple SKUs can be added to the same subscription
  • SKU providing access to Devices (IP Defense, DNS Defense, or Roaming Defense) are cumulative.

An account can have multiple subscriptions active, thus granting access to different feature sets. They can be co-termed (same end-date) or have a different end date.

There is no software-imposed limit to the number of subscriptions. In practice, most account will have a couple of active subscriptions: one for the main feature set, and additional subscriptions for trial or add-on features).

Viewing subscriptions

The list of subscriptions is available via the Subscription ⇒ Manage menu entry. It is possible to filter subscriptions based on the subscription type, status, organization and duration.

Editing subscriptions

With a couple of exceptions listed below, the configuration of a subscription can only be changed until its start date. Once the subscription starts, its duration and SKU configuration is set.

  • The auto-renew setting can be changed at any time up to the renewal date.
  • Grace periods can be granted while a renewal is underway, but requires an approval from your ThreatSTOP Account Manager. This approval process is automated via email.
  • An active subscription can be terminated early, provided that it’s performed in accordance with the terms of the Partner Agreement.

You can also add notes to a subscription.

Examples of common subscription changes

Upgrading - Adding new features (no co-terming)

  • Simply add a new subscription with the new SKU(s) and set its duration to a standard duration (12, 24 or 36 months) or custom end date.
  • Each subscription will expire and renew independently.

Upgrading - Adding new features (co-terming)

  • Add a new subscription with the new SKU(s) and sets its duration to co-term with an existing subscription.

Upgrading - Adding new features (extend existing subscriptions)

  • Given an active subscription (ID 1), add a new subscription (ID 2) matching the SKUs for the subscription 1. Select the appropriate duration - 12, 24 or 36 months.
  • Either add the new SKU(s) to subscription 2, or create a new subscription (ID 3) with the new SKU(s) that is co-termed with subscription 2.
  • Terminate subscription 1

Creating a trial subscription

  • Simply create a subscription with the SKU(s) for the product features to be evaluated and set the type to Trial. The trial duration is automatically set based on the Partner Agreement.

Requesting a trial extension

  • In the subscription list, identify to subscription and click Extend. An email will be dispatched to your ThreatSTOP Account Manager for approval.

Renewing a subscription

  • Manual renewal: Create a new subscription with a start date identical to the end date of the current subscription and select a duration to match the extension (12, 24 or 36 months).

  • Automatic renewal: Subscription with the auto-renew flag set to true will be renewed on the day that the current subscription expires. The duration of an automatic renewal is set 1 year increments. If the original subscription lasts between 30 days and 365 days, it will renew for one year. If it lasts between 366 days and 2 years, it will renew for 2 years, and so forth.

Terminating

  • Terminate the existing subscription using the End Subscription button on the Subscription list provided that it’s performed in accordance with the terms of the Partner Agreement.

SKUs

SKUs enable access to product features. A single SKU can enable a single feature or a group of features (“Bundle SKU”).

SKUs are created by ThreatSTOP product managers in collaboration with Partner Administrators, and can be tailored to each Partner. Please contact ThreatSTOP if you would like to make changes to the SKU Catalog.

You can retrieve the list of SKUs available using the SKU ⇒ Catalog menu entry

SKU can enable one or several of the following ThreatSTOP features:

  • Number of IP Firewall devices (must be at least 1 to enable the service)
  • Number of DNS Firewall devices (must be at least 1 to enable the service)
  • Number of Roaming Groups (must be at least 1 to enable the service)
  • Ability to customize policies
  • Ability to manage user-defined lists
  • API service for user-defined lists
  • Ability to create alerts based on custom filter of log events
  • Access to add-ons and premium targets
  • Access to API configuration services
  • Access to Extend CheckIOC services (extended and premium metadata)
  • Access to SIEM / ThreatList services
  • Access to SIEM / STIX services

Reports

The Partner Portal offers the following reports for view/download. All reports are calculated using UTC dates.

Audit Log

All operations made through the Partner Portal are logged for security and audit purposes, including:

  • Creating and editing accounts
  • Creating and editing subscriptions
  • Granting and revoking access to the Partner Portal

Every change include the time, user and IP address. Changes can be reviewed with the Audit Log page.

An option to download audit log data in CSV format is available at the top of the Audit Log page. Supply a start date, end date, then click Download Summary Report. Audit log reports are limited to a 35 day range.

Subscription Summary Report

A subscription summary report provides a log of subscriptions created/modified for a given date range. The report data includes:

  • Partner Name
  • Account Name
  • Account Number
  • Account External System ID
  • Account Status
  • Account Created Date
  • Account Last Updated Date
  • Subscription ID
  • Subscription Type
  • Subscription Start Date
  • Subscription End Date
  • Subscription Auto Renew
  • Subscription Created Date
  • Subscription Last Updated Date
  • SKU List (SKUs assigned to the subscription. Each SKU is comma separated, with its External System ID, Name, and Quantity pipe separated. ie EXT_ID:|SKU:|QTY:1)

Preset Subscription Summary Reports

Subscription summary reports are available for download under Reports -> Subscription Reports -> Summary Report with the following preset date ranges:

  • Daily - Summary for current day. (Click Download Daily Summary Report)
  • Weekly - Summary for current week to date. (Click Download Weekly Summary Report)
  • Monthly - Summary for current month to date. (Click Download Monthly Summary Report)

Custom Subscription Summary Reports

Subscription summary reports may be generated using a custom date range under Reports -> Subscription Reports -> Summary Report. Custom date ranges are limited to 35 days. Select a start date, end date, and click Download Summary Report to generate the report.

Automation

The following subscription reports are sent via e-mail to all partner points of contact (See Account Settings above for more information on becoming a point of contact):

  • Subscription Summary Report - Sent every Monday at midnight (UTC) as a CSV file attachment. See above for data contained in the Subscription Summary Report.
  • Subscription Expiration Report - Sent every Monday at midnight (UTC) as a CSV file attachment. This report contains a list of subscriptions expiring within 90 days at the time the report is generated. Data points:
    • Account Name
    • Account External System ID
    • Subscription ID
    • Expiration Date

SKU Summary Report

A SKU summary report provides a list of SKUs available for subscription assignment. The report is available via Reports -> Subscription Reports -> SKU Summary Report. The report data includes:

  • Partner Name
  • SKU Name
  • SKU Description
  • SKU Type
  • SKU Enabled (A disabled SKU is not available for SKU assignment. SKUs may be deprecated over time and may be disabled by ThreatSTOP.)

Typical account lifecycle

A typical account lifecycle entails the steps described below.

Add the new account

  • Login into the partner portal
  • Click Add Account
  • Enter the organization details
  • Enable notification
  • Create Account

An email will be sent to the selected Admin Email address to let the user select a password and login into the account.

Assign a trial subscription

  • Click Add Subscription
  • Select the account name as created above
  • Select type as Trial
  • Select the start date for the trial, typically today’s date
  • Add the SKU(s) enabling the product that the customer will try. Select a quantity of 1.
  • Click Add Subscription

Converting customers

If the customer decides to purchase the product during, at the end of, or after the trial period, a new subscription must be created.

  • The subscription type should be Standard
  • Select the start date and duration (or custom end date)
  • Set the auto-renewal flag
  • Select the SKU or list of SKUs
  • Click Add Subscription

Subscription renewal

  • If the customer decides to renew the subscription, it will automatically renew with the same terms (SKUs and duration) as long as the auto renewal flag is set. On the last day of the subscription, a new identical subscription will be attached to the account.
  • If the new subscription requires different SKUs or duration, turn off auto-renewal for the existing subscriptions and create a subscription that starts on the day after the end date of the existing subscription.
  • If the customer decides to not renew the subscription, ensure that the auto-renewal flag is not set. It can be changed at any time until the end of the subscription.

Adding new services to an existing account

If a customer decides to add additional services before the end of the subscription, create a new subscription with the desired SKU and set its duration to be co-termed with the existing duration (pro-rated subscription) or for a new term (using the standard duration of 12, 24 or 36 months, or a custom end date).

Sign up codes

The Partner Portal also supports sign up codes, which can be provided to the customers. They allow a customer to create a account using the self sign up page (https://admin.threatstop.com/register) and have the account automatically assign to a partner with a configurable default subscription.

  • Codes are listed on the sign-up codes page of the Partner Portal
  • They are created and enabled/disabled by ThreatSTOP on behalf of the partner
  • Codes can be entered in the field provided on the sign up page or automatically set using a URL parameter (https://admin.threatstop.com/register?code=<code>)

Contact information

If you need assistance:

  • Please contact support@threatstop.com for questions about using the Partner Portal or technical issues
  • Please contact your ThreatSTOP Partner Account Manager for questions about accounts, billing, configuration and SKUs

Version history

Release Date Notes
May 2018 Initial release
Sep 2018 UI and UX enhancements to subscription management
Nov 2018 Support for custom subscription duration