SIP
Arrow partner with Gamma, the UK's leading IP telephony/VoIP service, utilising SIP protocol. This provides quality inbound and outbound voice calls. Gamma SIP, compatible with the majority of iPABX/SBCs (including Microsoft Teams/Skype and Cisco), delivers enhanced cloud features including; automatic fail-over, flexible SIP channels and inbound call control.
Features
- Keep your existing telephone numbers
- Built-in Business Continuity as standard
- Protect yourself from Fraud with in-built tools
- Work's with existing IP Telephony Systems
- Inclusive call bundles
- Optional inbound call control on your telephone numbers
- Carrier-grade core network
- Ability to increase call capacity quickly and easily
- Optional PCI compliant payment handling service
- Business Continuity as standard– Active/Standby, Loadshare or Resilient mesh
Benefits
- Full control of outbound call presentation regardless of location
- Keep numbers important to your business regardless of any relocation
- Protect from on-site failures with network divert on DDI basis
- Guard against fraudulent calls
- Vast choice of compatible IP Telephony systems
- Value for money and reduce bill shock
- Improved resilience across the entire estate
- Simplified architecture using data infrastructure
- Pay for channels you need, when you need them
- Achieve PCI compliance cost effectively
Pricing
£6.00 a user a month
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
1 0 6 5 5 5 6 8 7 5 6 0 9 3 9
Contact
Arrow Business Communications Limited
John Loftus
Telephone: 07545 929225
Email: gcloud@aro.tech
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- Gamma's Inbound Service, Cloud Based or Hosted PBXs, Session Border Controllers
- Cloud deployment model
-
- Public cloud
- Private cloud
- Hybrid cloud
- Service constraints
-
As a VoIP service, calls to 999 via SIP trunks may not be possible, during a service outage where the customer loses total connectivity for example, owing to a power outage or the failure of all data access.
In such circumstances the customer should use their PSTN line or mobile to make the emergency call. - System requirements
-
- Conformance tested PABX (Confirm with Arrow)
- Compatible Session Border Controller (Confirm with Arrow)
- Appropriately sized data access
- IP Address Authentication
- Sufficient SIP Licences on PABX
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Our standard response time is four working hours Monday-Friday 8-6pm. We can supply bespoke SLA agreements.
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- Web chat
- Web chat support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support accessibility standard
- None or don’t know
- How the web chat support is accessible
- There is a web-chat icon on each page of the support section in our web-site. Tawk.to supports WCAG 2.0 guidelines
- Web chat accessibility testing
- None Completed to Date
- Onsite support
- Yes, at extra cost
- Support levels
- Arrow provides a core level of support which in included with the contract. Additional bespoke support levels are available upon request at an additional monthly service fee. Any incident (an unplanned interruption to a service) can be logged by the customer with Arrow’s Service Desk. Arrow will respond to and resolve remotely any incident or issue that is impacting the customer’s supported scope using our cloud support engineers. A service change (something which represents a minor change to the supported scope where there is a risk of impact on the service) may be subject to additional charges depending on the scope of the change and will also be managed by our cloud support engineers.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
An Account Manager and pre-sales consultant will work with you to identify the correct service specification and configuration. If required we will attend site to conduct site surveys, demonstrations and audits. Once our proposal has been accepted and our Cloud Telephony service contract signed, the project is added to our internal task system. Each new customer project is allocated to a Prince 2 qualified Project Manager who assumes overall responsibility for the project. The Project Manager will communicate with the customer by phone, e-mail, video or in person. A Project Initiation Document is issued once we have gathered all required information. A meeting to discuss all aspects of the phone service configuration is held with
the customer. The service configuration agreement is written up and issued to the customer. The Project Manager will liaise with the Cloud IP Engineering team to
manage the necessary technical resources. The PM will also manage the process of porting numbers in to the Arrow network. The assigned Cloud IP Engineer will configure the service and attend
site to carry out the deployment. Where the customer specifies on-site training, a qualified trainer will attend site to provide the necessary instruction. - Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- The customer via the relevant service portals can extract all historical call detail and call recording information held.
- End-of-contract process
- Once terminated, Arrow technical staff will de-commission the customer’s service ensuring all database information, call recording and analytics data are permanently deleted. Services included in the price of the contract will be monthly rental charges and any hardware or professional services which were agreed at the beginning of the contract period. Additional costs may be for incremental licences.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Application to install
- Yes
- Compatible operating systems
-
- Android
- IOS
- MacOS
- Windows
- Windows Phone
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
-
There is a bolt on App that can be added as an option to SIP Trunk Call Manager. Upon successful download from the relevant app store, the user is able to log in to access a subset of SIP Trunk Call Manager Functionality as available at: www.siptrunkcallmanager.co.uk. The user has access to edit
components of call routing for numbers provisioned on this service and in accordance with their user permissions.
Functionality includes ability to route calls to an alternative destination number/voicemail/divert calls/invoke
pre-configured call plan. Key reporting statistics are also available including Performance graphs and call history. - Service interface
- Yes
- User support accessibility
- None or don’t know
- Description of service interface
-
There is an optional bolt on - SIP Trunk Call Manager. Portal-based, the user is able to log in and has access to edit components of call routing for numbers provisioned on this service and in accordance with their user permissions.
Functionality includes ability to route calls to an alternative destination number/voicemail/divert calls/invoke
pre-configured call plan. Key reporting statistics are also available including Performance graphs and call history. - Accessibility standards
- None or don’t know
- Description of accessibility
- Standard web-browser access with standard accessibility options associated with those web-browsers
- Accessibility testing
- None Completed to Date
- API
- No
- Customisation available
- Yes
- Description of customisation
-
The design of the SIP service can be configured and customised for various designs (Active / Standby, Loadshare, Resilient+, Enhanced). Customer confirms design option during project kick-off and then built by Arrow.
The number of concurrent call channels required (subject to minimum number) can be customised subject to sufficient data bandwidth being available.
Whether existing customer DDI numbers are ported from other services. Determined by administrators.
Whether new DDI numbers are required for the service. These can be added by administrators of the service.
If individual call control is required per DDI this can be achieved through a web based customer portal using SIP Trunk Call Manager.
Where the option is taken, customer administrators can manage SIP Trunk Call Manager, a feature-rich, centralised inbound call management service via an easy-to-use web portal and App. The following are customisable:
Call Queuing Day
Time of Day Routing
Hunt Group
Voice Mail
Date Routing
Increased resilience
Announcement
Auto attendant
Set user access individually
Divert (on busy, on no reply, on failure)
Access to full call statistics
Advanced Statistics
Scaling
- Independence of resources
-
Gamma undertake a monthly Capacity Planning Forum whereby the utilisation of every network component is reviewed against planning rules and sales forecast to ensure that there is sufficient capacity and overhead to manage customer's requirements. Additionally there is weekly planning review on capacity management adjustments.
Each SIP customer's resource requirements are taken into account and sufficient network is allocated to them. Gamma also manage their network to spread traffic during very busy periods.
Analytics
- Service usage metrics
- Yes
- Metrics types
- SIP Trunk Call Manager service provides a range of on line call reporting on a per number basis. Full summary reports are provided; how many calls are getting through, where are my customers located, what are my call trends, when are my busy times. Detailed call analysis is available via the advanced statistics package.
- Reporting types
-
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Reseller providing extra support
- Organisation whose services are being resold
- Gamma Telecom
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a CHECK service provider
- Protecting data at rest
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- If using SIP Trunk Call Manager via a secure web-portal. Portal address to be provided by engineering upon commencement of the service. If not data can be exported via the Arrow Billing Portal or provided by Arrow upon request.
- Data export formats
-
- CSV
- Other
- Other data export formats
- Excel
- Data import formats
-
- CSV
- Other
- Other data import formats
- Excel
Data-in-transit protection
- Data protection between buyer and supplier networks
- Private network or public sector network
- Data protection within supplier network
- Legacy SSL and TLS (under version 1.2)
Availability and resilience
- Guaranteed availability
-
SIP trunk service availability is calculated as:
Total number of minutes in the measurement period – Unplanned Downtime x 100 / Total number of minutes in the measurement period
Note: If a Service is partially available then the Unplanned Downtime shall be calculated in equal proportion i.e. if a service is 50% available then the unplanned downtime will be calculated as 50% x elapsed period of the incident.
Availability Measurement Period: 1 Calendar month
Target availability for SIP Trunk Endpoint Resilient Build:
Core service: 99.99%
Non-Core Services: 99.50%
Not included:
- Outages which are deemed to be the result of matters outside of Arrow's direct control
- Planned or emergency maintenance works
- User error
Notes:
(1) Core functions are defined as Gamma Switching infrastructure, transmission equipment and
core network, the service that supports call routing and termination.
(2) Non-Core functions include Gamma Support Systems, access to any relevant portals and feature based services such as Call Plans, Call diverts, Auto Attendant, Call Recording, and Unified Messaging
(3) A Resilient build SIP Trunking means a Gamma approved
configuration such as dual Session Border Controllers offering geographic diversity.
PESQ score target for G711 is 4.1 and G729 is 3.7 - Approach to resilience
- Gamma hold ISO 22301:2012 Business Continuity Management accreditation. As this information is sensitive, further specific information is available on request
- Outage reporting
- We have a process to communicate with customers in the event of a major service outage and provide a Reason for Outage report. This is based through emails from the support team. Once an outage is noted then regular hourly emails are sent detailing progress to resolution.
Identity and authentication
- User authentication needed
- Yes
- User authentication
- Username or password
- Access restrictions in management interfaces and support channels
- Relevant only to SIP Trunk Call Manager services. Customer administrators can set permissions for other users to give them access to certain areas of the portal. They are able to restrict access to certain areas of the management and support interfaces
- Access restriction testing frequency
- At least once a year
- Management access authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- DNV Business Assurance UK Limited
- ISO/IEC 27001 accreditation date
- 01 December 2023
- What the ISO/IEC 27001 doesn’t cover
-
This certificate is valid for the following scope:
Provision of IT and Telecommunications Services (AV and Video Conferencing, Business Mobile, Cloud Telephony, Contact Centre, Cyber Security, Data Centre Services, Data services, IT, Software Development, Mobile Data) in accordance with the Statement of Applicability, version 1.0, plus Code of Practice ISO 27017:2015 on information security controls for cloud services and Code of Practice ISO 27018:2019 for protection of personally identifiable information (PII) in public clouds. - ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- Yes
- Any other security certifications
- NHS Data Security and Protection Toolkit. ODS Code: 8J121
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- Other
- Other security governance standards
-
NHS Information governance toolkit level 2
Cyber Essentials. Registration number QGCE2305. - Information security policies and processes
- The Chief Executive Officer, along with the board, in partnership with the Head of IT is responsible for the approval of all of the IT policies and ensuring that they are discharged to the relevant managers. Arrow's Information Security Policy outlines our approach to information security as well as being a method to establish a set of tools to outline the responsibilities necessary to safeguard the security of the Company’s information systems with supporting policies, codes of practice, procedures and guidelines. The policy applies to all employees - current and new - of the Company as well as all other authorised users. The policy relates to the use of all Company-owned information system assets, to all privately owned systems when connected directly or indirectly to the Company’s network and to all Company-owned and or licensed software/data. Authorised members of the IT Department will from time to time monitor the information systems under their control to ensure compliance. This is supported by training during the Induction process for new employees and updates to existing staff as appropriate.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
-
Change Control Process covers changes made to operational systems, to mitigate the risks and impacts that any change has and ensures good communication at all stages.
Change Management ensures changes to core infrastructure and services are performed and implemented correctly.
Best practice guidance, aligned to ITIL (OGC), recommends that the starting point for any change should be a review of generic questions or the ‘seven Rs’.
A risk and impact assessment is carried out for each change this involves detailing the assets under change.
The Change Advisory Board (CAB) has a representative from each impacted business area. - Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
-
We use failure mode effects analysis process, conducting regular, systematic assessments of vulnerabilities to determine the necessity of safeguards, countermeasures and controls, monitoring for changes to maintain an acceptable level of risk. Includes identifying key information assets and subjecting them to specific risk assessments, assessing exposure to a list of common threats and vulnerabilities, maintaining risk registers, implementing technical, policy, business continuity and management initiatives;
Each patch is assessed and deployed accordingly:
High - Urgently.
Medium - ASAP.
Low - as time permits.
Gamma utilise many Vendor sources and industry RSS feeds, CERT, Ubuntu and Debian. Member of CiSP. - Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- Gamma utilises GPG 13 guidance. Gamma has built a Security Information & Event Management Solution (SIEM) to identify potential compromises. If a compromise is found it is investigated. A Security Incident is raised to track the investigation, root cause and solutions if required to rectify or improve the situation. We respond to incidents as close to real time as practicable.
- Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
- Gamma has an Incident Management process which has numerous pre-defined sub groups of staff designated for particular products or scenarios. It can be initiated by any member of staff and is managed by the 24/7 Network Operations Centre (NOC). Any incident is reported by the customer to the Service Desk, it is recorded in a customer relationship management tool (CRM) and an Incident report is produced after root cause analysis has taken place. Any Incident reports are made available to end users via pdf.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- Yes
- Connected networks
- Joint Academic Network (JANET)
Social Value
- Social Value
-
Social Value
WellbeingWellbeing
To help us drive wellbeing and engagement throughout Arrow, we have dedicated Wellness Champions at each of our key sites – these are voluntary roles and act as a central point of contact for advice and guidance around the mental health and wellbeing of our people. They also help to drive the promotion and organisation of various corporate social responsibility initiatives across Arrow further driving engagement. A dedicated Teams channel is used to communicate, share, and promote these activities. Each Champion has completed Mental Health First Aider training so that they are equipped with the necessary skills to fulfil this role. These courses run through MHFA England have also been attended by other members of the wider team. The engagement of our people is paramount at Arrow, and we track this closely, currently sitting at 89% this places us in the upper quartile of all benchmarked organisations. In addition to our 2 main annual surveys, we also track the wellbeing and resilience of our people as well as our eNPS score monthly to ensure we keep a close temperature check on how they are feeling. Our current eNPS score is 52% which places us in the top 25% of organisations in our industry.
Pricing
- Price
- £6.00 a user a month
- Discount for educational organisations
- No
- Free trial available
- Yes
- Description of free trial
- Arrow can set up a test endpoint for a two week period in order to test the quality and useability.
- Link to free trial
- N/A