Cloud Managed SD-Branch Service by Nasstar
Nasstar’s Managed SD-Branch WAN Services delivers 24x7 enterprise-class systems management for a Customer SD-Branch. Nasstar proactively monitors and manage network impacting incidents on Customers SD-Branch’s, including wired LAN devices and Wireless LAN Access Points. The Service provides historical network performance insights on a dashboard and through detailed reports.
Features
- 24/7 Proactive monitoring
- Incident Management
- Software Security Patch Management
- Service & Change Requests
- Service Delivery Management
- Centralised Management
- SD-Branch Dashboard
- Self Service / Co-Management (optional)
Benefits
- Improved Security
- Increased reliability
- Reduces operational costs
- Increased network uptime
- Reduced Risk
- Empowered network decision making
- Increased cost efficiencies
Pricing
£19.00 a device a month
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
2 4 2 5 5 4 7 5 6 0 4 4 2 8 1
Contact
GCI Network Solutions Ltd
Roy Rodford
Telephone: 03450030000
Email: tenders@nasstar.com
Service scope
- Service constraints
- The customers on site equipment must be from a Nasstar support networking partner, and must be linked to the Nasstar Cloud Managed SD-WAN Service
- System requirements
- Connectivity into Nasstar's ICC Core Network
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- 30 minute response time
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- Service is included according to the products purchased per site. Where business critical systems/sites/services (defined by those where resiliency type is High Availability LAN is purchased) is completely unavailable (Critical business impact) a P1 ticket will be declared and a response given within 30 minutes (24x7), with a 6 hour fix SLA. Where system/site/service is severely degraded for all users, but a workaround is possible, or system/site/service is not business critical, a P2 ticket will get a response within 60 minutes (24x7), with a 8 hour fix SLA. Additional levels of support that include Service Delivery Management are available
- Support available to third parties
- No
Onboarding and offboarding
- Getting started
- This service is a managed network service so no network configuration training requirements is required. However, Nasstar provides a Dashboard User Guide Documentation for the SD-Branch web portal Dashboard for customers to view and analysis the SD-Branch network logs and reports.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- ODF
- End-of-contract data extraction
- The Service provides Data Transit only, therefore no Data is stored that would require extraction at the end of contract. For the SD-WAN Service the customers can request for final reports of the network logs and reports to be provided at a final additional data extraction charge
- End-of-contract process
- Off-boarding is carried out by our Service Delivery Management team and transition, termination and service closure process and charges can be determined upon request.
Using the service
- Web browser interface
- No
- API
- No
- Command line interface
- No
Scaling
- Scaling available
- No
- Independence of resources
- The Managed SD-Branch service is a Customer LAN and Wireless LAN Service managed through the cloud but delivered on the customer local sites and therefore physically separated from all others customer LANs
- Usage notifications
- No
Analytics
- Infrastructure or application metrics
- No
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
- Encryption of all physical media
- Data sanitisation process
- No
- Equipment disposal approach
- A third-party destruction service
Backup and recovery
- Backup and recovery
- Yes
- What’s backed up
- Network equipment configuration
- Backup controls
- Backups are controlled by Nasstar as part of the Managed WAN Service
- Datacentre setup
- Multiple datacentres with disaster recovery
- Scheduling backups
- Supplier controls the whole backup schedule
- Backup recovery
- Users contact the support team
Data-in-transit protection
- Data protection between buyer and supplier networks
- Private network or public sector network
- Data protection within supplier network
-
- IPsec or TLS VPN gateway
- Other
- Other protection within supplier network
- ICC is a private network and customer data is not stored within the network
Availability and resilience
- Guaranteed availability
- The Managed SD-Branch Service does not provide Service Availability targets for the service, as the network is on the customers sites which Nasstar cannot put governance and control measures in place that would be used to back off any guarantees. However, any Faults on the network have got Time To Resolve SLAs, where these service levels are not met, the customer is able to claim service credits.
- Approach to resilience
-
The Customer LAN design choice determines the level of resilience and redundancy. The Customer can select the resiliency type through their network design choice as either a High Availability LAN OR non-High Availability LAN as defined below:
Customer LAN (HA) - High Availability LAN
- a LAN network designed with multiple LAN CE devices interconnected with multiple passive cabling interconnections to critical components of the Customer LAN ie. the LAN core, servers, data storage appliances, controllers, or other network services. A High Availability LAN design is one that in the event of a single LAN CE device or single interconnecting interface failure the entire network does not becomes unavailable to Customer end devices
Customer LAN (Non-HA) - Non-High Availability LAN
- a LAN network designed with single LAN CE devices interconnected with single passive cabling interconnections to critical components of the Customer LAN, ie the LAN Core, servers, data storage appliances, or other network services. A non-High Availability LAN design is one that in the event of a failure of a single LAN CE device or interconnecting interface the entire network becomes unavailable to Customer end devices - Outage reporting
- Email alerts from our Network Operations Centre (NOC)
Identity and authentication
- User authentication
-
- 2-factor authentication
- Username or password
- Access restrictions in management interfaces and support channels
- The measures implemented in order to manage and restrict access can be divided into six sub-categories: 1) Physical Access Control; 2) Logical Access Control; 3) Access Administration; 4) Authentication and Authorisation; 5) Data Access Control; 6) Data Transfer.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Username or password
- Devices users manage the service through
-
- Dedicated device on a segregated network (providers own provision)
- Dedicated device over multiple services or networks
- Directly from any device which may also be used for normal business (for example web browsing or viewing external email)
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- Between 6 months and 12 months
- Access to supplier activity audit information
- No audit information available
- How long system logs are stored for
- Between 6 months and 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- United Registrar of Systems
- ISO/IEC 27001 accreditation date
- 14/06/2021
- What the ISO/IEC 27001 doesn’t cover
- The Registered Scope is as follows: Information security management system for the delivery of communications and associated technologies, products and services provided by the Group.
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- Yes
- Who accredited the PCI DSS certification
- SAQ-D self assessment
- PCI DSS accreditation date
- 12/05/2023
- What the PCI DSS doesn’t cover
- Nasstar’s PCI self-assessment covers all aspects of its Live Agent & IVR payment solution used by our customer to transit card payments from their customer to their merchant banks / payment service providers in a PCI compliant manner.
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- Yes
- Any other security certifications
-
- ISO27018
- PSN
- ISO20000
- ISO27017
- CISPE Code of Conduct Certification
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- Nasstar's approach to Security forms part of our overall Integrated Business Systems Management scheme. The Company Secretary is responsible at Board level for Information Security and ensuring that our ISO/IEC 27001 accreditation is maintained and enforced.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- Conforms to ISO20000-1, ISO27001 and SSAE-18.
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
- Conforms to SSAE18 and ISO27001.
- Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- Conforms to ISO27001.
- Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
- Conforms to SSAE18, ISO20000-1 & ISO27001
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- Yes
- Who implements virtualisation
- Supplier
- Virtualisation technologies used
- Other
- Other virtualisation technology used
- Security Administration Domains, accessed through MFA
- How shared infrastructure is kept separate
- The SD-Branch networks are physical separate. The networking and application performance data logged is separated through Security Administration Domains, accessed through MFA
Energy efficiency
- Energy-efficient datacentres
- Yes
- Description of energy efficient datacentres
- We have invested heavily in implementing best practices that reduce energy consumption without compromising critical functions. Focus is on reducing to near-zero the number of our own datacentres by transforming our own services and infrastructure to Cloud deployment, and on key issues such as efficient cooling, power supply and IT equipment efficiency.
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Covid-19 recovery
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
Nasstar is committed to creating innovative Technology with a positive impact by working with your organisation to ensure that opportunities under the contract deliver agreed Policy Outcomes and Model Award Criteria. Nasstar is committed to becoming Net Zero by 2050. Nasstar commits to working with your organisation to ensure that opportunities under the contract deliver agreed Policy Outcomes and Model Award Criteria. Nasstar understand our buyers have commitments in this area and will work with them at implementation stage. We routinely work to ensure delivery of meaningful positive input in this important area. Our initial discovery workshop will include a clear method statement stating how we will achieve Policy outcomes and how our commitment meets the Award Criteria, a timed project plan and process (detailing how we will implement agreed commitments and by when), and how we will monitor, measure and report on our commitments/the impact of our proposals. Related to ‘Fighting climate change’ we will focus on implementing effective measures to deliver any/all of the following benefits through the contract: • MAC 4.1 Deliver additional environmental benefits in the performance of the contract including working towards net-zero greenhouse gas emissions. • MAC 4.2 Influence staff, suppliers, customers, and communities through the delivery of the contract to support environmental protection and improvement which as part of our Social Value Commitment, this product offering will also be integrated into the company's Continuous Improvement Plan and will be scrutinised to identify, monitor, measure and achieve the MAC 4.2 measures. Example reporting metrics of benefits delivered under the contract may include: People-hours spent protecting/improving the environment under the contract, Number of green spaces created under the contract, reduction in emissions of greenhouse gases, reduction in water use, and reduction in waste to landfill.Covid-19 recovery
Nasstar commits to working with your organisation to ensure that opportunities under the contract deliver agreed Policy Outcomes and Model Award Criteria. Nasstar understand our buyers have commitments in this area and will work with them at implementation stage. We routinely work to ensure delivery of meaningful positive input in this important area. Our initial discovery workshop will include a clear method statement stating how we will achieve Policy outcomes and how our commitment meets the Award Criteria, a timed project plan and process (detailing how we will implement agreed commitments and by when), and how we will monitor, measure and report on our commitments/the impact of our proposals. Related to ‘Covid-19 recovery’ we will focus on implementing effective measures to deliver any/all of the following benefits through the contract: • MAC 1.1: Creation of employment, re-training, and other return to work opportunities for those left unemployed by COVID-19, particularly new opportunities in high-growth sectors. • MAC 1.2: Support for people and communities to manage and recover from the impacts of COVID-19, including those worst affected or who are shielding. • MAC 1.3: Support for organisations and businesses to manage/recover from the impacts of COVID-19, including where new ways of working are needed to deliver services. • MAC 1.4: Support for the physical and mental health of people affected by COVID-19, including reducing the demand on health and care services. • MAC 1.5: Improvements to workplace conditions that support the COVID-19 recovery effort including effective social distancing, remote working, and sustainable travel solutions Example reporting metrics of benefits delivered under the contract may include: Number of FTE employment for those made redundant due to COVID-19, people-hours supporting local community integration related to COVID-19, and percentage/number of the supply chain to have implemented the 6 standards in the Mental-Health-at-Work commitment.Tackling economic inequality
Nasstar commits to working with your organisation to ensure that opportunities under the contract deliver agreed Policy Outcomes and Model Award Criteria. Nasstar understand our buyers have commitments in this area and will work with them at implementation stage. We routinely work to ensure delivery of meaningful positive input in this important area. Our initial discovery workshop will include a clear method statement stating how we will achieve Policy outcomes and how our commitment meets the Award Criteria, a timed project plan and process (detailing how we will implement agreed commitments and by when), and how we will monitor, measure and report on our commitments/the impact of our proposals. Related to ‘Tackling Economic Inequality’ we will focus on implementing effective measures to deliver any/all of the following benefits through the contract: • MAC2.1: Create opportunities for entrepreneurship and help new organisations grow. • MAC2.2: Create employment/training opportunities for people who face barriers to employment, are located in deprived areas, and in industries with known skills shortages or high growth sectors. • MAC2.3: Support educational attainment including training schemes • MAC 3.1: Create a diverse supply chain including new businesses/entrepreneurs/start-ups/SMEs/VCSEs/mutuals. • MAC 3.2: Support innovation and disruptive technologies throughout the supply chain to deliver lower cost, higher quality goods/services. • MAC 3.3: Support the development of scalable and future-proofed new methods to modernise delivery and increase productivity. • MAC 3.4: Demonstrate collaboration and a fair/responsible approach to working with supply chain partners. • MAC 3.5: Demonstrate action to identify/manage cyber security risks in the delivery including in the supply chain. Example reporting metrics of benefits delivered under the contract may include: Number of FTE employment/apprenticeship/training opportunities created, learning interventions delivered, start-up/SME/VCSE/mutuals opportunities awarded, and relevant supply chain metrics e.g. Cyber Essentials certification and adoption of NCSC 10 steps.Equal opportunity
Nasstar commits to working with your organisation to ensure that opportunities under the contract deliver agreed Policy Outcomes and Model Award Criteria. Nasstar understand our buyers have commitments in this area and will work with them at implementation stage. We routinely work to ensure delivery of meaningful positive input in this important area. Our initial discovery workshop will include a clear method statement stating how we will achieve Policy outcomes and how our commitment meets the Award Criteria, a timed project plan and process (detailing how we will implement agreed commitments and by when), and how we will monitor, measure and report on our commitments/the impact of our proposals. Related to ‘Equal opportunity’ we will focus on implementing effective measures to deliver any/all of the following benefits through the contract: • MAC 5.1: Demonstrate action to increase the representation of disabled people in the contract workforce. • MAC 5.2: Support disabled people in developing new skills relevant to the contract, including through training schemes resulting in recognised qualifications • MAC 6.1: Demonstrate action to identify/tackle inequality in employment, skills, and pay in the contract workforce. • MAC 6.2: Support in-work progression to help people, including those from disadvantaged/minority groups, to move into higher-paid work by developing new skills relevant to the contract. • MAC 6.3 Demonstrate action to identify/manage the risks of modern slavery in the delivery of the contract, including in the supply chain. Example reporting metrics of benefits delivered under the contract may include: Percentage/number of FTE disabled/under-represented people employed as a proportion of the total FTE including apprenticeships/training schemes, percentage/number of companies in the supply chain to have committed to the five foundational principles of good work, percentage of supply chain mapping completed, and people-hours devoted to supporting victims of modern slavery.Wellbeing
Nasstar commits to working with your organisation to ensure that opportunities under the contract deliver agreed Policy Outcomes and Model Award Criteria. Nasstar’s Wellbeing policies are aligned to the UK Government’s Good Work Plan (satisfaction, fair pay, participation and progression, well-being, safety and security, voice and autonomy). Nasstar understand our buyers have commitments in this area and will work with them at implementation stage. We routinely work to ensure delivery of meaningful positive input in this important area. Our initial discovery workshop will include a clear method statement stating how we will achieve Policy outcomes and how our commitment meets the Award Criteria, a timed project plan and process (detailing how we will implement agreed commitments and by when), and how we will monitor, measure and report on our commitments/the impact of our proposals. Related to ‘Wellbeing’ we will focus on implementing effective measures to deliver any/all of the following benefits through the contract: • MAC 7.1: Demonstrate action to support health and wellbeing, including physical/mental health, in the contract workforce. • MAC 7.2: Influence staff, suppliers, customers, and communities through the delivery of the contract to support health and wellbeing, including physical and mental health. • MAC 8.1: Demonstrate collaboration with users and communities in the co-design and delivery of the contract to support strong integrated communities. • MAC 8.2: Influence staff, suppliers, customers, and communities through the delivery of the contract to support strong, integrated communities. Example reporting metrics may include: Percentage/number of the supply chain to have implemented measures to improve the physical and mental health and wellbeing of employees including the 6 standards in the Mental Health at Work commitment and mental health enhanced standards in ‘Thriving at Work’, and people-hours supporting local community integration e.g. volunteering/community-led initiatives and Mental Health First Aiders.
Pricing
- Price
- £19.00 a device a month
- Discount for educational organisations
- No
- Free trial available
- No