Arecibo Monitoring & Management
This service brings together infrastructure management capabilities into one solution presenting a unified view of the end-to-end IT estate providing:
• Device status
• Event and measurement logs
• Capacity information
• Device trend data
It delivers actionable insights, that enable IT organisations to improve service quality and predictability.
Features
- Real-time access to status information via online dashboard
- Device capacity information
- User Experience Management
- Real-time user application latency and optimisation
- Device life-cycle reporting
- EoL and EoS notifications
- Automated configuration backups
Benefits
- Enables pre-emptive actions to prevent user issues
- Highly visual presentation of devices and data flows
- Enhances capability of detecting issues and events rapidly
- Faster detection of security threats intrusions
- Maximising new and existing investment in technology
- Reduces risks associated with operating IT infrastructure
Pricing
£25 a licence a year
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
1 0 2 6 3 4 5 6 4 4 3 3 7 1 8
Contact
Whitespider
Jonny Malcolm
Telephone: 02037732380
Email: jonny.malcolm@whitespider.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Hybrid cloud
- Service constraints
- No known constraints
- System requirements
- No requirements
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Priority 1: 4 working hours
Priority 2: 8 working hours
Priority 3: 2 working days
Priority 4: 3 working days - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
Customers have different support options. These include:
1. 'In Hours' support. 8*5 Weekday support which is the base level, 9am-5pm on week days (excludes Public Holidays)
2. 'Extended' support. 15*5 Weekday support, 7pm-10pm on week days. This is additional cost, priced per customer
2. 'OOH' Support. This 24*7 support, again additional cost priced per customer.
All of these will have a Support Engineer - Support available to third parties
- No
Onboarding and offboarding
- Getting started
-
Onboarding customers is critical.
1. We will support customers by uploading all data we can directly, then giving them online demonstrations using their data (where possible)
2. We provide online video and documentation for customer training and support
3. We provide web support for customer - Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- Users have full, unrestricted access to their data so can extract it whenever they need.
- End-of-contract process
- The services is based on an annual contract. After 12 months the customer can cancel the service any time with 3 months notice. After this point no charges apply
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Chrome
- Application to install
- No
- Designed for use on mobile devices
- No
- Service interface
- No
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- API
- Yes
- What users can and can't do using the API
- Closed to public access
- API documentation
- No
- API sandbox or test environment
- No
- Customisation available
- No
Scaling
- Independence of resources
- The service is a multi-tenanted solution that is load balanced and capable of online scaling
Analytics
- Service usage metrics
- No
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- In-house
- Protecting data at rest
- Other
- Other data at rest protection approach
- Encryption at rest on DB's
- Data sanitisation process
- No
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- Users can select all, or elements of, the data to export in a CSV format
- Data export formats
- CSV
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- 99.99% uptime
- Approach to resilience
- Load balanced servers with a DR protocol
- Outage reporting
- Email alerts
Identity and authentication
- User authentication needed
- Yes
- User authentication
- Username or password
- Access restrictions in management interfaces and support channels
- RBACs
- Access restriction testing frequency
- At least once a year
- Management access authentication
- Username or password
Audit information for users
- Access to user activity audit information
- You control when users can access audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- You control when users can access audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
-
The approach to security for the service includes:
- Defining appropriate Role Based Access controls to the system
- Continually monitoring for potential cyber threats and implementing safeguards
- Maintaining secure environment and processes for handling customer data
- Ensuring software development follows appropriate standards and testing - Information security policies and processes
-
The following processes are in place to ensure appropriate security is maintained:
Documentation and Software
- Document control: Managing storage and revision of all documentation
- Approvals: Defined approval process for all documentation and software revisions
- Code Development: Processes for managing the development and release of software code
Customer Data
- Access control: Ensure that users have appropriate access for their role to customer data
- Physical Security: Employees are appropriatly checked prior to being given access. The Premises are secured, with full CCTV and visitors escorted in the premises
- Systems are maintained in a secure data centre environment
- Customer on-boarding process: Ensuring appropriate information regarding customers and their regulatory bodies is collected and understood
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- The process ensures changes are undertaken by an expert with appropriate level of expertise and experience who understands the impact. The change board consists of: a. At least one WhiteSpider individual b. At least) one customer individual. 2. The CAB will have a weekly approval meeting 3. Change requests include: a. Summary and Priority of change b. Expected impact, including risk assessment and security impact c. Time required d. Devices and people involved e. Details of changes to production environment. f. Escalation process g. Testing details Change details are stored on a shared environment for access by customer and WhiteSpider
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- We determine potential threats through subscribing to relevant organisations to receive vulnerability alerts and information. Examples include Cisco's PSIRTs and VMWare Knowledge Base Any potential threats are assessed to determine criticallity and likely impact Customer alerts are then created, along with appropriate corrective action Relevant patches are then applied, following any necessary change process. Updates are issued when the corrective action is completed.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- The service is supported by IDS and IPS at a network level with advanced firewall capabilities at the perimeter, and process monitoring at a compute level. Incidents are responded to according to the customer specific SLAs for the service
- Incident management type
- Supplier-defined controls
- Incident management approach
- Incidents are detected and reported either by WhiteSpider's monitoring service (alerts issued automatically) or by end-users who report by phone, email or web portal. Alerts are issued to the service desk, allocated a priority and impact and passed onto the relevant support teams. Depending on SLAs, allocated priority and complexity, the incident may be passed to 3rd line support. Escalation process are followed if the issue is not resolved as SLA thresholds are reached. Once resolved, tickets are closed, customer informed and - if required - detailed incident reports creat-d and either emailed to customer or presented in person.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Social Value
- Tackling economic inequality
-
Tackling economic inequality
WhiteSpider provides expert services in infrastructure and cloud. As with many organisations in our sector, we are experiencing high levels of demand for our services, and as such are growing our business rapidly.
To support this growth, and provide our customer with the high levels of expertise that they expect, we invest very heavily our employees to develop and train them to the requisite skill levels. As we recruit based on attitude and future potential more than technical capability, our team comes from all backgrounds and each educational level. As such each employee’s training is unique and customised to their capability and role. - Equal opportunity
-
Equal opportunity
The service that we provide helps our customers provide a more stable, resilient services to their users so getting better experience. To provide this, we have a growing team of highly skilled engineers. We are at the forefront of our field in terms of skills and capability.
Our approach to developing and growing the team is to employ staff with limited skills and experience from all backgrounds, and through training and on the job support, develop them into skilled engineers. These engineers can then access more highly paid roles with the industry should they seek to move in the future.
Pricing
- Price
- £25 a licence a year
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- Full access to system capabilities for a limited time period (typically 30 days)