Skip to main content

Help us improve the Digital Marketplace - send your feedback

  1. Digital Marketplace
  2. Lot 1: Cloud hosting
  3. FourNet (4net) Fortinet Zero-Trust Network Access Control (NAC) and IoT Security
4net Technologies Ltd

FourNet (4net) Fortinet Zero-Trust Network Access Control (NAC) and IoT Security

FourNet's Service Offer leverages Network Access Control (NAC) which is a critical modern-day network component; NAC offers the ability to deploy Zero Trust Network Solutions, Secure SD Branch deployments and ensures IoT, BYOD and user devices are profiled, only allowing access to approved resources with period reviews for compliance.

Features

  • Public and private cloud support
  • Broad integration with over 150 vendors
  • Agent and agentless scanning for detection and classification
  • Event reporting to SIEM with detailed contextual data
  • Enforce dynamic network access control and enable network segmentation
  • Centralized Architecture for easier deployment and management
  • Automate polices to reduce detection and containment time
  • Integration to the Fortinet Security Fabric
  • Centralise inventory for all connected devices, including IoT
  • Extensive support for Captive-Portal Guest and BYOD deployments

Benefits

  • Centralise BYOD, IoT and User on-boarding across network infrastructure
  • Automate device checking before network access is granted
  • Deploy Zero-Trust network Architecture using a centralised model
  • Agentless Scanning support for IoT devices
  • Optional agent-based scanning for deep device-based information
  • Easy scalability through centralised and distributed architecture options
  • Utilise 17 profiling methods to identify a device
  • Flexibility to deploy on private and public cloud services
  • Reduce management overhead with automated device onboarding
  • Flexible license options for different use-cases.

Pricing

£3,100 a unit a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsector@fournet.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

2 0 8 2 8 4 6 7 5 1 7 2 0 9 0

Contact

4net Technologies Ltd Public Sector Team
Telephone: 0161 864 5130
Email: publicsector@fournet.co.uk

Service scope

Service constraints
The service is limited to Fortinet products on supported platforms, as published by Fortinet on respective datasheets.
System requirements
  • Virtual machines require a minimum resource allocation.
  • Some clouds are unsupported by some products
  • Some features are dependent on license

User support

Email or online ticketing support
Email or online ticketing
Support response times
Within 30 minutes. Response times vary based upon question type. Please see support SLAs for response times
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
FourNet provides 2nd line support to our customers for this service. 1st line support will be provided by the customer ICT helpdesk so no contact will be from end users to the FourNet Service Desk. All support will be provided remotely with onsite support available at an additional charge.

FourNet offers bespoke SLAs which are priced individually.

Please see the FourNet service definition document which outlines the support levels and associated costs with these levels.

FourNet will provide a technical Account Manager, Cloud Support Engineer and Service Delivery Manager to the customer upon request.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
FourNet provide options for onsite / remote training and user documentation to start using the service.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
FourNet provide an export of relevant user data held in the system at the end of the contract.
End-of-contract process
Should the customer require a transition manager and additional support when moving away from the service then this would be charged on a daily rate starting at £850 per day. The total cost will be agreed with the customer once they have confirmed what level of support is required from FourNet, and the time required to transition to the new provider from the FourNet service.

Using the service

Web browser interface
Yes
Using the web interface
Once the virtual machine is provisioned into the cloud environment, administrators have complete control of features and configuration for the virtual machine. All common and frequently used features are available through the web interface (GUI), along with remote access to the Command Line Interface (CLI) where lesser used or niche features can be configured.

The Web Interface allows for the configuration and on-going management of the virtual machine, along with access to remote, system events and log information.
Web interface accessibility standard
WCAG 2.1 AA or EN 301 549
Web interface accessibility testing
Not Known / Not Tracked.
API
Yes
What users can and can't do using the API
REST API is supported for the configuration & monitoring of Virtual Machines.

Most administration and configuration functions are available through REST API. Some limitation exist for certain Virtual Machines. Therefore, if the user is looking to integrate through API it is recommended they consult their Account Manager / TAC.
API automation tools
  • Ansible
  • OpenStack
  • Other
Other API automation tools
Any Automation tools that support JSON API
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • PDF
  • Other
Command line interface
Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
  • MacOS
  • Other
Using the command line interface
Configuration of the FNAC appliance should be undertaken using either REST API or the GUI as best practice. CLI access to the NAC and underlying Operating System is best served for troubleshooting and initial deployment of the FNAC VM.

Scaling

Scaling available
Yes
Scaling type
Manual
Independence of resources
Services are built within customer cloud ecosystem with no external dependencies on our infrastructure. Central signatures and updates may be cached to eliminate dependency on update servers.
Usage notifications
Yes
Usage reporting
  • API
  • Email
  • Other

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • Memory
  • Network
  • Number of active instances
  • Other
Other metrics
  • Authenticated users by type
  • Authenticated devices
  • Inventory, customised reports
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Fortinet

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Other
Other data at rest protection approach
All critical assets, along with data considered to be personal under GDPR or other international laws is encrypted at rest and at backup using cryptography techniques. Any transit of data is done cryptographically. Data is stored in secure datacentres with physical access control mechanisms, CCTV, badge entry systems and security guards. Furthermore, access to Fortinet global offices are controlled via physical access control mechanisms, CCTV, badge entry systems and security guards.
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
Equipment disposal approach
A third-party destruction service

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • Configuration
  • Database
Backup controls
Users can take backup copies of the configuration & database via the Web Interface through manual or scheduled tasks
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Users schedule backups through a web interface
Backup recovery
Users can recover backups themselves, for example through a web interface

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Other
Other protection between networks
Customers have the option of using Cloud based analytics or Sandboxing.in the event these options are chosen, data-in-transit is encrypted using SSL end-to-end.

Data transfer between update servers and the virtual machines is completed via SSL end-to-end.
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network
Customers have the option of using Cloud based analytics or Sandboxing.in the event these options are chosen, data-in-transit is encrypted using SSL end-to-end.

Data transfer between update servers and the virtual machines is completed via SSL end-to-end.

Availability and resilience

Guaranteed availability
FourNet provide a minimum 99.99% availability on core services.

Service Levels and Credits are based on a bespoke requirement.
Approach to resilience
The resilience of our services is available upon request.
Outage reporting
Should an outage occur within the platform notifications are automatically sent to the FourNet service desk team. Depending upon the severity of the outage then customers will be alerted appropriately via phone and/or email.

Identity and authentication

User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Adminstrators who access the Virtual Machine(s) are authenticated against Username & Password set by the customers administrator.
Access restriction testing frequency
Never
Management access authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
No audit information available
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BSi
ISO/IEC 27001 accreditation date
22/02/2021
What the ISO/IEC 27001 doesn’t cover
N/A
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
ISO 27001 information security standard, Cyber Essentials and Cyber Essentials Plus. The ISO27001 Statement of Applicability is available to G-Cloud customers on request, this document references all of FourNet's policies and procedures including our IT policy, encryption systems and access control along with many other processes. The SoA also details the reporting structure for adherence to ISO 27001. In brief this consists of our internal IT engineers who form part of our service desk team, reporting into the service desk manager. The service desk manager (for FourNet's information systems) reports to the Chief Technical Officer / Security Manager / Data Protection Manager who has ultimate responsibility for FourNet's Information Systems security, support and development.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
FourNet processes conform with ITIL processes and our ISO 9001, ISO20000 and ISO27001.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
FourNet continually assess software and firmware across the deployed services, both by assessment of vendor product and security release notes as appropriate or our Release Management Tool. Release Manager monitors firmware and software revisions at the latest release. Release Manager uses Configuration Manager’s CMDB as a source for the existing release levels, which is updated on a regular basis. FourNet assesses the release and our policy is for security breaches and updates, to deploy straightaway and for all other releases to deploy if it is to resolve a known issue or following consultation with the customer.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
FourNet will deploy service management tool(s) that proactively manages and monitors the services and platforms. When an alarm is received, the management tool will either automatically attempt a resolution by running scripts against known problems within its knowledgebase or an automated resolution is not possible, the service management tool will notify the relevant Service Desk with details of the issue. The Service Desk will then create a ticket, notify the customer’s service desk and assign the ticket to an resolution operative to triage and restore. Response will be in accordance to the designated priority of the issue and the SLA.
Incident management type
Supplier-defined controls
Incident management approach
FourNet has a documented Incident Management process which is provided with an Operational Services Manual. This will include knowledge articles’ and ‘templates’, which are updated, for common issues. All Incidents are reported and logged via the FourNet ServiceDesk. Incident logging is either via automated tools or manually by phone, email or the customer web portal. Outside of automated Incident logging, we ask that Priority 1 and 2 tickets are phoned in and Priority 3 and 4 are either emailed and logged via the portal. The Service Delivery Manager will provide Incident reports, RCAs and service reviews to an agreed schedule.

Secure development

Approach to secure software development best practice
Supplier-defined process

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
No

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
FourNet’s use Tier 4 Data Centres. These sites were chosen to be Geo-Resilient, and more than 50 miles apart.

All Datacentres are assessed to meet the following certifications as standard. Individual DC centres may have further certifications:

● SOC 1 Type II
● SOC 2 Type II
● ISO 27001
● PCI DSS
● OHSAS 18001
● ISO 9001:2015
● ISO 22301
● ISO 14001:1015
● ISO 50001
The data centres are certified to meet rigorous environmental and energy-management standards.

Social Value

Fighting climate change

Fighting climate change

Environmental, Social and Governance (ESG):

At FourNet, we are committed to effective stewardship of the environment and tackling climate change and have several activities and initiatives underway. In June 2021, Palatine Private Equity became a majority shareholder in the business and their commitment to ESG has further driven this agenda. Palatine is one of the private equity leaders in Environmental, Social and Governance (ESG) and is a pioneer in the responsible investment space.

We take ESG seriously and have an appointed ESG lead in the business and an ESG working group, including two Board members, meets once a month to discuss our priorities as outlined in our action plan. ESG is a standing agenda item at Board and Senior Leadership Team (SLT) meetings as well as at every management meeting.

In early 2022, we will produce our first baseline carbon footprint report for the calendar year 2021 which will state our scope 1 and 2 impact. We have undertaken an initial review based on 2020, which indicates that our footprint is relatively low (in the region of 18.5 tCO2e) but believe that 2020 was an extraordinary year and the data available is incomplete and so we believe that 2021 is more reflective of our true impact. Whilst we anticipate that our impact is relatively low, we are nonetheless committed to putting in place a 10-year carbon reduction strategy that will see us reduce emissions year on year in line with science-based targets, with the goal of reaching carbon neutral status in the next couple of years and working towards net zero carbon in line with UK governments targets.

At the end of 2021, we undertook our final ISO14001 (Environmental Management) audit and are delighted to report that we have achieved certification.
Covid-19 recovery

Covid-19 recovery

Employment:

FourNet is proud to have helped sustain “business continuity” for important central government, local government, healthcare, housing and financial institutions during the COVID-19 pandemic and recovery phase, by enabling efficient flexible-working for all those customers, their employees and many more. As an award-winning SME, we were instrumental in enabling officials and employees in key businesses to seamlessly work from home, when movement restrictions were introduced in 2019. We are continuing to do so, continuously innovating while developing new services and employment opportunities which benefit those organisations and local communities. Our employees are classified as “key workers” which meant we were able to provide crucial support, additional services and training as well as improved access to services for citizens, despite the pandemic.

Return to work:

Given the shift to home-working, our solutions have helped to deliver an efficient working environment for remote workers during and since COVID-19 struck. This means increased employment opportunities in local communities remote from the headquarters of those departments and agencies, and similarly for our nationwide enterprise customers who offer flexible employment. For instance, Connecting Wales allows Welsh-speaking local government employees to work, remotely, for councils in non-Welsh speaking communities. This enhances employment opportunities in less affluent regions, while boosting local economies and assisting with the levelling up agenda. As a technology business, in a high growth sector, through our non-location specific, cloud-based, solutions we are enabling a broader range of recruitment opportunities not only for our own business, but for those departments and agencies moving to Government Hub working. FourNet is helping to support inclusion and diversity in the virtual workplace, allowing individuals to consider roles for a whole range of local and national employers, for whom they might have been considered ill-suited because of childcare commitments, commuting time or distance, disability or illness.
Tackling economic inequality

Tackling economic inequality

Smarter Working:

FourNet has remote working at its heart, not just as a business but for our customers. We were enabling our clients to implement work-from-home solutions prior to the pandemic and were instrumental in ramping up those capabilities at the height of the pandemic. Our secure communications services are at the core of our capabilities to facilitate remote working. By delivering future-proofed, inclusive, communications technologies and tools to encourage greater collaboration, we have brought greater efficiencies and cost savings for clients while allowing people to remain in their own local areas, spending money which otherwise would have been spent in cities and urban environments. We are fully aligned, in thought, strategy and process with Smarter Working Programmes as a means to tackling economic inequality, creating a sustainable future and assisting with the levelling up agenda.

Levelling-up:

This strategy applies not just to FourNet’s employees – many of whom work from home at least part of the week, but to our nationwide enterprise customers whom we have assisted in implementing remote working solutions over the past 18 months. Each of those businesses are helping to create and maintain employment in deprived, less affluent and rural communities where opportunities were previously few and far between.

While the high cost of living makes the big-city jobs market inaccessible for many young people and key workers, hybrid working provides new employment opportunities. This, in turn distributes wealth to local communities, tackling economic inequality in areas that traditionally relied on income from sectors hit hardest by the pandemic, such as tourism and hospitality. New businesses are emerging in rural and less affluent area thanks to the move away from big city living caused by the pandemic and facilitated in part by remote working solutions which we provide as an employer and a business.
Equal opportunity

Equal opportunity

Like many organisations, FourNet is striving to build as diverse and inclusive a community as possible. This means sticking resolutely to a top-down, bottom-up strategy which creates and nurtures equal opportunities policies, culture, workforce and physical environment across our company which is fair, non-discriminatory, and accessible.

As a business, which is helping other organisations to implement successful and efficient remote working practices, we believe that hybrid working can help support inclusion and diversity in the virtual workplace, allowing individuals to consider roles which they might have thought previously ill-suited because of childcare commitments, commuting time or distance, disability or illness.

Remote-working provides employers, like FourNet, with an opportunity to create a more diverse workforce, with staff from different geographies and backgrounds and across all job levels, functions and teams. It can also help to close the gender gap by offering greater flexibility and opportunities for women, including single mothers with children, and particularly in male-dominated industries like the fast growing technology sector.

Recruitment:

FourNet abides by the law in that we have a policy to provide equal opportunities in employment and to avoid unlawful discrimination, but we go much further, helping to create a diverse workforce that is respectful of each other’s differences.
The purpose of our policy, which covers recruitment and selection and promotion and training, is to provide guidance to employees on relevant legislation and best practice and therefore reduce the risk of possible discriminatory attitudes affecting decision making.

Training and Working Conditions:

To support our policy, all employees also take part in mandatory annual training on Equality, Diversity and Inclusion provided by an external training partner. All those in management positions also attend additional developmental training which covers unconscious bias. We provide those in management positions with a ‘management framework’.
Wellbeing

Wellbeing

Community Wellbeing:

As a result of enforced COVID pandemic home-working for many employees, FourNet focused attention on our employees’ working conditions at home and their mental health and, like many organisations, that has even meant creating virtual social events to keep up team spirit and morale, out of the office.

As a business, we deliver workforce management (WFM) solutions which allow businesses in the community and their employees to create a better work-life balance, permitting flexible and holiday scheduling, shift-swapping with colleagues, and engagement tools which reduce mundane and repetitive tasks.

It’s not just employees but citizens in the community who benefit. For example, sentiment analysis can be used to understand and track agent morale and motivation. This has been particularly relevant with the increase in remote working during the pandemic. For citizens, artificial intelligence can be used by businesses to detect an upset customer, alerting an employee with a suggested means to assist the customer’s wellbeing.

Workforce Wellbeing:

FourNet has a wellbeing programme, delivered by a recognised specialist, which is available to all employees. The external programme includes 24/7 access to a GP and an advice and counselling line (including legal and financial advice) as well as a video physiotherapy service. It includes up to six face-to-face counselling sessions with a trained therapist.

FourNet also has trained Mental Health First Aiders (MHFA), who are available to employees as and when requested. We have invested in training for MHFAs, via our preferred training partner. They are tasked with providing campaigns to engage our employees to understand the causes and effects of stress and mental health conditions and tips to improve resilience and mental health. We have taken part in Mental Health Awareness Week and created a Mental Health First Aid Handbook which provides details of the support available.

Pricing

Price
£3,100 a unit a year
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
FortiGate is available as a free trial in Amazon AWS, Microsoft Azure, (30 days) through their respective market places and in private cloud version (60 days) via the Fortinet account team
Link to free trial
https://aws.amazon.com/marketplace/pp/prodview-wory773oau6wq https://azuremarketplace.microsoft.com/en-us/marketplace/apps/fortinet.fortinet-fortigate?ocid=FortiGate_202105_landingpage_en-us

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsector@fournet.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.