security-1Solutions Partner for
Security Designation
solutions-designation logo-FADE-1

 

 
MODULE 1

Introduction

 
MODULE 2

Performance

 
MODULE 3

Skilling

 
MODULE 4

Customer Success

 
MODULE 5

Appendix

 
MODULE 6

What’s Next

MODULE 5

Appendix

module5

LESSON 5.2

Security Designation Overview

Consolidated Designation Overview


The Microsoft Solution Partner for Security Designation is a critical credential for IT partners, signalling their expertise and commitment to providing robust security solutions. This designation not only enhances the partner's credibility but also grants access to exclusive resources, training, and support from Microsoft, enabling them to deliver superior security services to their clients. 

Microsoft Solutions for Security Designation At a Glance:

 

Prerequisite: Microsoft Solutions for Security designation
Is there a cost for this designation? Yes, $4,730USD annual
Is this cost per designation? No, additional designations have no additional fee
Are exams required? Details Available in the Skilling Category  
Do I need to earn points for this designation: Yes, 70 (minimum)
What are the metrics: Performance (20), Skilling (20), Customer Success (30)
How do I earn points: See below
Are there specialisations available for the designation? Yes, 4 in total
Are there additional exams required for specialisations? No
Do specialisations need to be renewed? Yes, annually
Do I need to engage in an audit process? No
Do I need customer references? Yes, 3 in total

Is there a cost for specialisations? No

 

The following is a consolidated view of the information contained in Module 2: Lesson 1, Module 3: Lesson 1 and Module 4: Lesson 1. 

The latest version of this information can always be found here.

line1-2


LET'S TAKE A LOOK

Appropriate roles:  

Microsoft AI Cloud Partner Program partner admin 
To earn the designation Solutions Partner for Security, your partner capability score for security must meet the qualification requirements. The partner capability score derives from partner performance, skilling, and customer success, and results from data already recorded in Partner Centre. 

To attain a Solutions Partner for Security designation, you must earn a minimum of 70 points and must have one or more points for each of the four metrics: 

  • Performance - Net customer adds 
  • Skilling - Intermediate certifications 
  • Customer success - Usage growth 
  • Customer success - Deployments 

Security partners can target providing services and solutions on Microsoft 365 workloads or on Azure services. So, valuation requirements focus on both Microsoft 365 usage and performance, and on Azure revenue. 


Two attainment paths:

Enterprise and small and medium business 
Microsoft offers two distinct paths for achieving the Solutions Partner for Security designation: the Enterprise path and the Small and Medium Business (SMB) path, each with its own set of criteria. This dual-path approach lets partners select the path that aligns with their customer focus, whether it be SMB or Enterprise customers. 

Microsoft evaluates partners on both paths and selects the highest score from either path. Microsoft selects the highest score at the solution area level, rather than at the individual metric level, to determine qualification. This process helps to ensure that partners can use the path that best suits their business strategy. 

 
Partner capability score for Security 

The partner capability score for security has four metrics in three categories: 

  • Performance category

    • Net customer adds metric

  • Skilling category

    • Intermediate certifications metric

  • Customer success  category

    • Deployments metric

    • Usage growth metric 


Read the following sections to understand the detailed requirements for each of these metrics. Calculations for Azure and Microsoft 365 are completed individually and then totalled together for the final four metric scores. One eligible customer can contribute points to both Azure and Microsoft 365 calculations. 

line2-2

 

PERFORMANCE

 

Performance category 

The performance category measures your organization's ability to increase the customer base who uses Microsoft Security products and services. This category is made up of Net customer adds as the primary metric for Microsoft 365 and Azure Security workloads. 


Net customer adds 

Net customer adds is defined as the number of eligible customers added to your customer base during the trailing 12-month period. 

Calculation 

  • Enterprise track: Each net new customer contributes to two points for up to a maximum of 20 points, obtained from ten (10) customers. 
  • SMB Track: Each net new customer contributes to four points for up to a maximum of 20 points, obtained from five (5) customers. 

Asset 29

 

 Net customer adds = Total qualifying customers with qualifying ACR in current trailing 12 months (TTM)  Total qualifying customers with qualifying ACR in previous (TTM)

Eligible customers 

Azure: This value is the number of unique customer tenants contributing at least $600 ACR (Azure Consumed Revenue) in the last TTM from eligible Azure services associated with eligible Offers for specific Partner association types. 

Microsoft 365: This value is number of unique customer Tenants having at least one workload with paid licenses greater than 300 from eligible Microsoft 365 workloads for specific Partner association types. 

Azure: This value is the number of unique customer tenants contributing at least $600 ACR (Azure Consumed Revenue) in the last TTM from eligible Azure services associated with eligible Offers for specific Partner association types. 

Microsoft 365: This value is number of unique customer Tenants having at least one workload with paid licenses between 5-300 paid licenses in a given month from eligible Microsoft 365 workloads for specific Partner association types. 

Note: The same tenant can be counted in both Enterprise and SMB tracks. 

 

Eligible Azure services 

  • Advanced Data Security
  • Advanced Threat Protection
  • Application Gateway
  • Microsoft Entra ID B2C
  • Microsoft Entra Domain Services
  • Microsoft Entra ID for External Identities
  • Azure Bastion
  • Azure DDOS Protection
  • Azure Defender
  • Azure Firewall
  • Azure Firewall Manager
  • Azure Front Door Service
  • Azure IoT Security
  • Key Vault
  • Network Watcher
  • Security Centre
  • Microsoft Sentinel
  • Eligible Azure offers 

All offers except "Support," "Internal," "Benefit Program," and "Trial" are applicable. 

Eligible Microsoft 365 workloads 

Microsoft Entra ID P1, Microsoft Defender for Office 365, Microsoft Defender for Endpoints, Microsoft Defender for Identity, Microsoft Purview Information Protection, and Intune. 

Note: The eligible workload list is subject to change. Consult this list frequently to ensure you have current and accurate information. 

Thresholds for earning maximum points 

Net customer adds from both Azure security and Microsoft 365 are counted and given points. A total of 10 customer additions from Azure security services and Microsoft 365, fulfilling the previous criteria, are required to earn the maximum 20 points for this metric. You can achieve points from either Azure or Microsoft 365 or both. 

Eligible association types 

The association types that earn you points in this metric are: 

  • Azure : Partner Admin Link (PAL), CSP Tier1, CSP Tier2
  • Microsoft 365: Claiming Partner of Record (CPOR), CSP Tier1, CSP Tier2

lne3-2

SKILLING

 

Skilling category 

The skilling category measures the capability and skills acquired by a partner through the number of certified individuals in their organization. 

For Security, there's one metric in the Skilling category: 

  • Intermediate certifications 

Intermediate certifications metric 

STEP 1 (Required) 

  • At least 2 people must complete the Azure Security Engineer Associate (required) certification. 
  • Competing this step does not earn points, but it is mandatory before points are awarded for step 3. 


STEP 2 (Required) 

  • At least 2 people must complete the Microsoft Security Operations Analyst certification. 
  • Completing this step does not earn points, but it is mandatory before points are awarded for step 3. 


STEP 3 

Certified individuals (same as step 1 or step 2) must complete at least one of the following certifications: 

  • Microsoft Cybersecurity Architect expert 
  • Microsoft Identity and Access Administrator 
  • Microsoft Information Protection Administrator 

Each certified individual adds 6.67 points in Step 3. 


Important Considerations

Step 1 and step 2 are mandatory. You must complete step 1 and step 2 before earning any points in step 3. 

Individuals can be counted across steps. A person can count toward multiple steps, but only once per step. 

Enterprise Examples 

Enterprise Example 1 

  • 2 people complete the Azure Security Engineer Associate certification, but you will not earn any points.
  • 2 people complete Microsoft Security Operations Analyst certification, but you will not earn any points. 
  • 3 people complete Step 2, earning 20 points. 

Total points = 20. 


Enterprise Example 2 

  • Two people complete the Azure Security Engineer Associate certification, but you will not earn any points. 
  • Two people (same) complete Microsoft Security Operations Analyst certification, but you will not earn any points. 
  • Two people (same) complete Step 3, earning 13.3 points. 

Total points = 13.3. 


Enterprise Example 3 

  • Two people complete the Azure Security Engineer Associate certification, but you won't earn any points. 
  • No individual complete Microsoft Security Operations Analyst certification. 
  • Two people complete Step 3. 

Total points = 0 (Step 2 isn't complete) 


Enterprise Example 4 

  • One person completes the Azure Security Engineer Associate certification. 
  • Two people complete Microsoft Security Operations Analyst certification, but you won't earn any points. 
  • Two people complete Step 3. 

Total points = 0 (Step 1 isn't complete)

STEP 1 (Required) 

  • At least one person must complete the Azure Security Engineer Associate certification. 
  • Completing this step earns four points (even if more than one person completes it). 


STEP 2 (Required) 

  • At least one person must complete the Microsoft Security Operations Analyst certification. 
  • Completing this step earns four points (even if more than one person completes it). 


STEP 3 

Certified individuals (the same or different people as in Step 1 or Step 2) must complete at least one of the following certifications: 

  • Microsoft Cybersecurity Architect Expert 
  • Microsoft Identity and Access Administrator 
  • Microsoft Information Protection Administrator 

Each certified individual adds eight points in Step 3. 


Important Considerations 

  • Step 1 and step 2 are mandatory. You must complete step 1 and step 2 before earning any points in step 3. 
  • Cap on points for step 1: No matter how many people complete step 1, you earn a maximum of four points. 
  • Cap on points for step 2: No matter how many people complete step 2, you earn a maximum of four points. 
  • Individuals can be counted across steps: A person can count toward multiple steps, but only once per step. 

SMB Examples 

SMB Example 1 

  • Two people complete the Azure Security Engineer Associate certification, but you earn four points due to the cap. 
  • Two people complete Microsoft Security Operations Analyst certification, but you earn four points due to the cap. 
  • Three people complete step 2, earning 24 points. 

Total points = 32. 


SMB Example 2 

  • Two people complete the Azure Security Engineer Associate certification, but you earn four points due to the cap. 
  • Two people (same) complete Microsoft Security Operations Analyst certification, but you earn four points due to the cap. 
  • Two people (same) complete step 3, earning eight points. 
Total points = 24. 


SMB Example 3 
  • Two people complete the Azure Security Engineer Associate certification, but you earn four points due to the cap. 
  • No individual complete Microsoft Security Operations Analyst certification. 
  • Two people complete step 3. 
Total points = 4 (only from step 1, no points from step 3 as step 2 isn't complete). 


SMB Example 4 
  • No individual completes the Azure Security Engineer Associate certification. 
  • No individual complete Microsoft Security Operations Analyst certification. 
  • Two people complete step 3. 
Total points = 0 (step 1 or step 2 isn't complete).

line4-2

 

CUSTOMER SUCCESS 

 

Customer Success category 

The customer success category measures your ability to enable growth in the use of Microsoft products or in the expansion of Microsoft's services and workloads utilized by the customers. 

There are two metrics in the customer success category: 

  • Deployments 

  • Usage growth 

Deployments 

For this metric, your organization earns points based on growth in the number of customer deployments as specified by the following qualifying criteria and definitions. 


Both Enterprise and SMB tracks calculation

Each net new customer contributes 3.3 points for up to a maximum of 20 points, obtained from six deployments. 

Asset 29

 

 Net new deployments = Eligible deployments last month  Eligible deployments same month last year 

Eligible deployments 

Azure: The number of unique customer tenants contributing a total Azure Consumed Revenue (ACR) greater than $12,000 in the past 12 months from eligible Azure services associated with eligible Offers for specific partner association types. 

Microsoft 365: The number of unique eligible customer tenants having at least 15% of these paid licenses should be active from eligible Microsoft 365 workloads for specific partner association types. 

Each customer tenant having at least one workload with paid licenses greater than 300 is counted to be an eligible Tenant for Enterprise track. 

Azure: The number of unique customer Tenants contributing a total ACR (Azure Consumed Revenue) between $750 and $12,000 in trailing 12 months from eligible Azure services associated with eligible Offers for specific Partner association types. 

Microsoft 365: The number of unique Eligible Customer Tenants having at least 15% of these paid licenses should be active from eligible Microsoft 365 workloads for specific Partner association types. 

Each customer tenant having at least 1 workload with paid licenses between 5 to 300 is counted to be an eligible Tenant for SMB track. 

Note: Same tenant can participate in both SMB and Enterprise track. 

Eligible Azure services 

Advanced Data Security, Advanced Threat Protection, Application Gateway, Microsoft Entra ID B2C, Microsoft Entra Domain Services, Microsoft Entra ID for External Identities, Azure Bastion, Azure DDOS Protection, Azure Defender, Azure Firewall, Azure Firewall Manager, Azure Front Door Service, Azure IoT Security, Key Vault, Network Watcher, Security Centre, and Microsoft Sentinel. 

Eligible Azure offers 

All offers except "Support," "Internal," "Benefit Program," and "Trial" are applicable. 

Eligible Microsoft 365 workloads 

Microsoft Entra ID P1, Microsoft Defender for Office 365, Microsoft Defender for Endpoints, Microsoft Defender for Identity, information protection, and Intune. 

Eligible association types 

The association types that earn you points in this metric are: 

  • Azure: Partner Admin Link (PAL), CSP Tier1, CSP Tier2 
  • Microsoft 365: Claiming Partner of Record (CPOR), CSP Tier1, CSP Tier2 

Thresholds for earning maximum points 

Net new deployments from both Azure security and Microsoft 365 are counted and given points. A total of six new deployments from Azure security services and Microsoft 365, that fulfill the previous criteria, are required to earn the maximum of 20 points for this metric. You can achieve points from either Azure or Microsoft 365 or both. 

 

Usage growth 

For this metric, your organization earns points based on growth in the usage of security workloads across your associated customer deployments, as specified by the following qualifying criteria and definitions. 

Calculation 

Azure: 

  • Enterprise track: Every Security Azure consumed revenue (ACR) growth of USD 1,250 gets you one point (maximum of 20 points).
  • SMB track: Every Security Azure consumed revenue (ACR) growth of USD 750 gets you one point (maximum of 20 points). 


Asset 29

 

 Security ACR growth = Eligible Security ACR last month  Eligible Security ACR same month last year.

Microsoft 365: 

  • Enterprise track: Every Microsoft 365 protected users’ growth of 125 gets you one point (maximum of 20 points).
  • SMB Track: Every Microsoft 365 protected users’ growth of 50 gets you one point (maximum of 20 points). 


Asset 29

 

 Microsoft 365 Protected users’ growth = Eligible Microsoft 365 protected users last month  Eligible Microsoft 365 protected users same month last year

 

Security ACR 

The Azure Consumed Revenue (ACR) total over the trailing 12 months from eligible customer tenants from eligible Azure services associated with eligible Offers for specific Partner association types. 

  • Enterprise: Each customer tenant having ACR greater than $12,000 in the trailing 12 months is counted as an eligible customer tenant.
  • SMB: Each customer tenant having ACR more than zero and less than or equal to $12,000 in the trailing 12 months as an Eligible customer Tenant. 

The ACR total over trailing 12 months fromEligible Customer Tenantsacross entire customer base from eligibleAzure servicesassociated with eligibleOffersfor specificPartner associationtypes. 

Microsoft 365 protected users 

The number of active paid licenses across alleligible customer tenantsfrom eligibleMicrosoft 365 workloadsfor specificpartner associationtypes. 

  • Enterprise: Each customer tenant having at least 1 workload with paid licenses greater than 300 is counted to be an eligible Tenant for Enterprise track. 
  • SMB: Each customer tenant having at least 1 workload with paid licenses between 5 to 300 is counted to be an eligible Tenant for SMB track. 


Eligible Azure services 

  • Advanced Data Security
  • Advanced Threat Protection
  • Application Gateway
  • Azure Active Directory B2C
  • Microsoft Entra Domain Services
  • Microsoft Entra ID for External Identities
  • Azure Bastion
  • Azure DDOS Protection
  • Azure Defender
  • Azure Firewall
  • Azure Firewall Manager
  • Azure Front Door Service
  • Azure IoT Security
  • Key Vault
  • Network Watcher
  • Security Centre
  • Microsoft Sentinel
  • Eligible Azure offers 

All offers except "Support," "Internal," "Benefit Program," and "Trial" are applicable. 

Eligible Microsoft 365 workloads 

  • Microsoft Entra ID P1, Microsoft Defender for Office 365, Microsoft Defender for Endpoints, Microsoft Defender for Identity, information protection, and Intune. 

Eligible Association Types 

The association types that earn you points in this metric are: 

  • Azure: Partner Admin Link (PAL), CSP Tier1, CSP Tier2
  • Microsoft 365: Claiming Partner of Record (CPOR), CSP Tier1, CSP Tier2 

Thresholds for earning maximum points 

Usage growth from both Azure security and Microsoft 365 are counted and given points. You can achieve points from either Azure or Microsoft 365 or both, up to a maximum of 20 points. 

line5b-1

 

Data freshness 

Performance and Customer Success subcategories typically refresh by the 20th of every month. But there can be other minor data refreshes throughout the month. Skilling subcategories typically refresh within 10 days after certification completes. 

Progress
  Module 5 0%