Whitespider

Managed Secure Access Server Edge

Secure access service edge (SASE) is a network architecture that combines VPN and SD-WAN capabilities with cloud-native security functions.

WhiteSpider's service gives organisations access to benefits of SASE, delivering transformational impact by turning IT departments into agile, responsive service delivery organisations.

Features

  • Cisco Digital Network Architecture (DNA)
  • Automated end-to-end segmentation, quality of service, and analytics
  • Segmentation of applications and traffic to enhance security
  • User and device policy for applications, automated across the network
  • Simplifies network delivery and managment

Benefits

  • Reduced cost of operations through centralised control of all devices
  • Greater agility through automated deployment of services
  • Visibility and Control: Detailed realtime insights into applications and traffic
  • On-hand Expertise: Gain access to WhiteSpider's industry leading experts
  • Secure your organisation with end-to-end segmentation
  • Facilitate a consistent user experience anywhere

Pricing

£60 to £240 a device a month

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jonny.malcolm@whitespider.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

1 8 5 1 4 1 9 1 7 5 2 5 1 7 0

Contact

Whitespider Jonny Malcolm
Telephone: 02037732380
Email: jonny.malcolm@whitespider.com

Service scope

Service constraints
No known constraints
System requirements
None

User support

Email or online ticketing support
Email or online ticketing
Support response times
Priority 1: 4 working hours
Priority 2: 8 working hours
Priority 3: 2 working days
Priority 4: 3 working days
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Customers have different support options. These include:
1. 'In Hours' support. 8*5 Weekday support which is the base level, 9am-5pm on week days (excludes Public Holidays)
2. 'Extended' support. 15*5 Weekday support, 7pm-10pm on week days. This is additional cost, priced per customer
2. 'OOH' Support. This 24*7 support, again additional cost priced per customer.
All of these will have a Support Engineer
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We provide full on-boarding including user and administration training on all applications and services available.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Once the contract comes to an end, all data collated will be returned in a pre-agreed format.
End-of-contract process
The customer will agree a set of services for a set period of time with costs based on a number of devices. The services will be provided for the duration of the contract at the price agreed. Prior to the end of the contract we will contact the customer to discuss contract extensions. If this is not needed, the service terminates at the end of the contract and all data is returned to the customer in a pre-agreed format.
Additional costs will only be incurred for work outside of the agreed contract scope.

Using the service

Web browser interface
No
API
No
Command line interface
No

Scaling

Scaling available
No
Independence of resources
All hosted services are load balanced across all tiers in a multi-tenanted environment.
Usage notifications
No

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • HTTP request and response status
  • Network
  • Number of active instances
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
No
Equipment disposal approach
A third-party destruction service

Backup and recovery

Backup and recovery
Yes
What’s backed up
Network configuration data
Backup controls
Backups are automated daily, and also once changes have been made on a device. The schedule and triggers for backups can be configured as required.
Datacentre setup
Single datacentre with multiple copies
Scheduling backups
Users contact the support team to schedule backups
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Availability will be based on the solution and service provided to the customer.
Approach to resilience
Resiliency is dependant on the scope of the service contract agreed.
Outage reporting
Any failures or outages are reported on a dashboard.
Email alerts will be issued to users

Identity and authentication

User authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
The service utilised standard Role Based Access Control
Access restriction testing frequency
At least once a year
Management access authentication
Username or password
Devices users manage the service through
Dedicated device over multiple services or networks

Audit information for users

Access to user activity audit information
You control when users can access audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
You control when users can access audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
The approach to security for the service includes:
- Defining appropriate Role Based Access controls to the system
- Continually monitoring for potential cyber threats and implementing safeguards
- Maintaining secure environment and processes for handling customer data
- Ensuring software development follows appropriate standards and testing
Information security policies and processes
The following processes are in place to ensure appropriate security is maintained:
Documentation and Software
- Document control: Managing storage and revision of all documentation
- Approvals: Defined approval process for all documentation and software revisions
- Code Development: Processes for managing the development and release of software code
Customer Data
- Access control: Ensure that users have appropriate access for their role to customer data
- Physical Security: Employees are appropriately checked prior to being given access. The Premises are secured, with full CCTV and visitors escorted in the premises

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
The process ensures changes are undertaken by an engineer with appropriate level of expertise and experience who understands the impact.

Change process is:
a. Change request created with all necessary details, including roll-back plans
b. Change reviewed by approval board
c. Change planned and implemented
d. Change tested, and rolled back if necessary
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
We determine potential threats through subscribing to relevant organisations to receive vulnerability alerts and information. Examples include Cisco's PSIRTs and VMWare Knowledge Base

An automated process gathers all vendor vulnerability alerts on a daily basis and compares this to the infrastructure components within the service. The results of this are:
1. Automatically posted on a dashboard
2. New critical and relevant vulnerabilities automatically generate alerts to the Customer and WhiteSpider, along with appropriate corrective actions
3. Vulnerabilities are assessed and reported on monthly basis
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
A custom developed monitoring and management solution uses a range of diagnostic and analysis tools to identify potential compromises. Device events, traffic anomalies, performance issues or security events detected will be reported on a dashboard. Once an alert is determined, either by automated analysis or manual interpretation, the customer is notified and and incident raised. respond accordingly to inform ten customer where required and or resolve/prevent the compromise. Incidents raised are classified within P1-P4 categorisation and responded to as per our defined SLAs.
Incident management type
Supplier-defined controls
Incident management approach
Incidents are detected and reported either by WhiteSpider's monitoring service (alerts issued automatically) or by end-users who report by phone, email or web portal.
Alerts are issued to the service desk, allocated a priority and impact and passed onto the relevant support teams.
Depending on SLAs, allocated priority and complexity, the incident may be passed to 3rd line support. Escalation process are followed if the issue is not resolved as SLA thresholds are reached.
Once resolved, tickets are closed, customer informed and - if required - detailed incident reports creat-d and either emailed to customer or presented in person.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
No

Energy efficiency

Energy-efficient datacentres
No

Social Value

Tackling economic inequality

Tackling economic inequality

WhiteSpider provides expert services in infrastructure and cloud. As with many organisations in our sector, we are experiencing high levels of demand for our services, and as such are growing our business rapidly.
To support this growth, and provide our customer with the high levels of expertise that they expect, we invest very heavily our employees to develop and train them to the requisite skill levels. As we recruit based on attitude and future potential more than technical capability, our team comes from all backgrounds and each educational level. As such each employee’s training is unique and customised to their capability and role.
Equal opportunity

Equal opportunity

The service that we provide helps our customers provide a more stable, resilient services to their users so getting better experience. To provide this, we have a growing team of highly skilled engineers. We are at the forefront of our field in terms of skills and capability.

Our approach to developing and growing the team is to employ staff with limited skills and experience from all backgrounds, and through training and on the job support, develop them into skilled engineers. These engineers can then access more highly paid roles with the industry should they seek to move in the future.

Pricing

Price
£60 to £240 a device a month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Users have full access to all services for a limited time period on a limited number of devices.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jonny.malcolm@whitespider.com. Tell them what format you need. It will help if you say what assistive technology you use.