TELEFÓNICA TECH NORTHERN IRELAND LIMITED

Telefónica Tech Managed Firewall

Firewalls protect your MPLS network and traffic and data that uses it. Firewalls are not trivial infrastructure; managing and maintaining them requires expertise and ongoing effort.
The Telefónica Tech Managed Firewall service provides hosting and MPLS integration alongside monitoring, management and maintenance needed to protect your networks.

Features

• Managed Firewall
• Managed Security Service
• MPLS Firewall
• Hosted Firewall
• Monitor traffic bandwidth
• 24/7 alerting for availability
• Assigned Public IP range per customer
• Simple NAT configuration
• Firewall policy creation and updates

Benefits

• Managed by security experts to provide complete peace of mind
• Securely connect small sites and remote users via encrypted VPNs
• Protect against new threats not yet widely recognised
• Partition Networks and Manage traffic policy

£400 to £1,500 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Andrew.Knight@telefonicatech.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

346000824517361

Contact

Andrew Knight
028 90454433
Andrew.Knight@telefonicatech.uk

Service scope

• Service constraints: None
• System requirements:
  • PSN
  • N3

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response times dependent on priority level of issue logged and whether via telephone or email.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Response up to minimum 30 minutes, max 8 hours depending on priority severity of support request and service level.; *P1 calls must be logged by telephone to ensure a more immediate response
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Onboarding of the Managed Firewall service will start with a pre-sales assessment of the customer's security requirements; including policies, network architecture and risk appetite.; Telefonica Tech will, based on the requirements capture exercise, design a suitable deployment and recommendations for the Managed Firewall service.; We will assign project managers and deployment engineers to work with the customer during initial onboarding and service initiation phases of the project.; Once the service is ready it will be handed over to our networks and security operations teams for management and monitoring.; ; On termination of the service, Telefonica Tech Transition Management will co-ordinate the offboarding of the service, which will constitute of the following activities at a minimum:; •Provide final billing and reporting to customer.; •Removal of customer IP address space from the platform.; •Request to remove all Telefonica Tech and customer accounts within the platform; •Delete any sensitive customer information and all contact information held that is no longer required.; •Disable service and/or customer within ITSM systems and disable any customer accounts no longer required.
• Service documentation: Yes
• Documentation formats:
  • ODF
  • PDF
• End-of-contract data extraction: Upon receiving notification of termination, if data extract has been requested - Telefónica Tech can first provide a raw export of logs (where appropriate).; Telefónica Tech will on a mutually agreed date, simply delete the customer’s data securely from the security platform and disable the customer’s access.
• End-of-contract process: On termination of the service, Telefonica Tech Transition Management will co-ordinate the offboarding of the service, which will constitute of the following activities at a minimum:; •Provide final billing and reporting to customer.; •Request to remove all Telefonica Tech and customer accounts within the platform; •Removal of customer IP address space from the platform.; •Delete any sensitive customer information and all contact information held that is no longer required.; •Disable service and/or customer within ITSM systems and disable any customer accounts no longer required.

Using the service

• Web browser interface: No
• API: No
• Command line interface: No

Scaling

• Scaling available: No
• Independence of resources: Telefónica Tech platform services are built upon a multi tenant design and strictly capacity planned to ensure sufficient performance and capacity is always available to the services.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: No

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Telefónica Tech has SLA’s and Penalties (service credits) as standard offerings for each of our managed services.; ; Dependent on the provided service, services shall be deemed available when the customer is able to access and use the services hosted or provided by Telefónica Tech. This may include periods where the customer is unable to access applications and services, where it is demonstrated by Telefónica Tech to the customer’s satisfaction, or where any inability to access the customer’s applications and services is the result of permitted downtime.; ; Any reduced charges under this Service Level Agreement will be confirmed by credit note issued by Telefónica Tech to our customers, confirming any adjustment to be made to the following monthly charge.; ; 99.95% availability is guaranteed.
• Approach to resilience: The Telefónica Tech datacentres and the services provided from within have been architected in meticulous detail from the ground up, built upon enterprise class best of breed hardware and technology, ensuring services are provided from a fully resilient infrastructure of at least N+1 with no single points of failure, across geographically-diverse Tier 3+ datacentres.; From the power feeds from separate power grids, multiple generators and UPS's all tested weekly, to the fire suppression systems, resilient networking and WAN links, storage and compute clusters, all aspects have been carefully considered using best of breed technology with no single points of failure.
• Outage reporting: Telefónica Tech MUST follow our Corrective action of Events & Incidents policy, which is in scope of our ISO27001, ISO9001, ISO20000, ISO27018 and ISO22301 certifications, following standard ITIL conformant Major Incident Management processes.; This includes informing stakeholders immediately without delay.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Web portal access is controlled by unique credentials dependent on security service provided.; Telefónica Tech uses unique user IDs to enable users to be linked to and held responsible for their actions.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through:
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Certification Europe
• ISO/IEC 27001 accreditation date: 07/08/2023
• What the ISO/IEC 27001 doesn’t cover: There are 114 controls within ISO 27001, 111 of the controls have been adopted. The remaining 3 controls have not been adopted at this stage. A.14.1.3 (application transactions are not used). A.14.2.1 (software is not developed). A.14.2.7 (software development is not outsourced).
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • Government OFFICIAL Classification Supplier
  • ISO27018 Protection of Personally
  • Identifiable Information in the Cloud
  • Health & Social Care Network (HSCN)
  • Compliant
  • Cyber Essentials Certificate of Assurance
  • IASME Information Security Standard
  • Certificate of Assurance

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: ISO22301 (Business Continuity Management System); ISO20000 (ITIL Service Management); ISO9001 (Quality); ISO27018 (Protection of Personally Identifiable Information in the Cloud); Government OFFICIAL; Health & Social Care Network (HSCN) Compliant
• Information security policies and processes: A full-time compliance team is employed to manage and maintain our certifications and accreditations. Staff are fully trained and competent to work within our management systems, which are mature and continually improved, as proven in regular internal and external audits.; ; An overview of the diverse set of the externally assessed ISO standards and best practice accreditations Telefónica Tech adheres to are as follows; ISO27001 (Information Security); ISO22301 (Business Continuity Management System); ISO20000 (ITIL Service Management); ISO9001 (Quality); ISO27018 Code of Practise (Protection of Personally Identifiable Information in the Cloud); Government OFFICIAL Classification Supplier; Approved G Cloud Supplier; Approved Commercial N3 Aggregator transitioning to a HSCN Supplier; Health & Social Care Network (HSCN) Compliant; Cyber Essentials Certificate of Assurance; IASME Information Security Standard Certificate of Assurance

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Our methodology minimises the impact of change-related incidents on service quality and improves the day-to-day operations of the organisation. The procedures are designed to ensure that all changes are correctly planned, interested parties are notified and any service interruption is controlled. Changes can be initiated by the client or internally within Telefónica Tech. A robust Change Control process minimises the risk associated with changes. It enables all parties to keep track of changes made to systems, ensures implications of changes are assessed and that interdependencies are explored. A back-out process is also considered before any change is implemented.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Annual IT Health Checks are completed by a CHECK accredited independent organisation under the CHECK Scheme. The CHECK scheme enables penetration testing by CESG approved companies, employing penetration testing personnel, qualified to assess HMG and other public and private sector bodies. The testing personnel are CHECK Team Leaders who have proven their technical competency through lab examinations and written exams, they are skilled in application and infrastructure testing. They have also undergone thorough background checking. This technical compliance review is an extensive internal and external examination of operational systems to ensure that hardware and software controls have been correctly implemented.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: User activities, exceptions, and information security events are recorded and kept for an agreed period to assist in future investigations and access control monitoring.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: The Telefónica Tech Service Desk enables our team to co-ordinate the work of restoring supported systems as soon as possible and within agreed SLAs. The Service Desk determines the nature of incidents so they can be sent to appropriately skilled engineers for resolution. An IMS is incorporated within the Service Desk. When logging calls via the telephone Service Desk, the call operative uses the same call logging software that the customer will have access to via our secure web portal. Integrated with this functionality is our knowledge base, which is used to capture information and provide accurate incident reports.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Telefónica Tech is fully aware of its responsibility to the planet and strives to be a leader within our sector in our approach to contributing to the fight against climate change.; ; We are contributing to a more decarbonised and sustainable world by reducing our own carbon emissions and promoting digital solutions to support our customers in their journey to tackle climate change.; ; Telefónica Tech is part of the larger Telefónica Group, which has been recognised in the Supplier Engagement Ranking 2021 as a leading global company for its action against climate change by incorporating its value chain into its commitments to have zero net emissions.; ; The Supplier Engagement Ranking (SER) Leader board, made up of 520 companies, provides a rating of how effectively companies engage their supply chains on climate change to ensure a 1.5°C future.; ; Telefónica Tech focuses on reducing its environmental impact by decoupling its growth from the emissions generated, reducing the consumption of natural resources and aiming to become a zero-waste company by increasing our already exemplary levels of recycling.; ; We also develop green technology solutions so that our customers can minimise their environmental footprint and works to reduce emissions associated with the use of equipment in the customer’s environment.

  Covid-19 recovery

  Organisations will recover from COVID-19 disruptions at different rates and may need to be prepared for ongoing disruption, either due to legislation, changing workforce attitudes, or access to skilled resources in a more mobile workforce.; ; Organisations that had well-grounded digital infrastructures were best placed to pivot and adapt to the changing ways of working imposed by COVID-19. However, those with high levels of technical debt struggled to adapt. Therefore, organisations must focus on investing in technical enablers rather than continuing to invest in maintaining legacy solutions that limit their ability to adapt to a changing world.; ; Digital strategy and business strategy need to be aligned. This will prevent new systems from being added to old ones and increasing the existing management and maintenance burden. Organisations also need to avoid automating processes that are fundamentally flawed or inefficient.; ; After long periods of home working, social distancing, and the introduction of new collaboration tools, employees expect higher levels of collaboration and digital technology to enable them to work from any location and enjoy the same quality of experience as being based in their central offices.; ; The enabling infrastructure, tools, processes, and policies must be integrated to make business information readily accessible in a secure manner without adding additional friction to the user experience.; ; Telefónica Tech provides Cloud-oriented consulting services and solutions that address these fundamental business enablers that help develop firm foundations for future digital infrastructure to support business growth post-COVID-19.

  Tackling economic inequality

  Digital skills are essential in virtually every industry sector. Therefore, it is incumbent on organisations to provide the necessary skills and training to enter the workforce and provide an environment that fosters ongoing learning so that all employees can maximise their economic potential fairly and equitably.; ; One of the barriers to economic equality is digital exclusion. This was highlighted during the pandemic when so many lacked the economic resources to learn or work from home effectively. Against a backdrop of over 80% of working-age adults agreeing that digital skills will become more important in the workplace, this highlights the importance of tackling economic inequality.; ; Telefónica Tech has worked to tackle this problem with students and veterans who may lack the digital skills to enter the workforce through a platform of investment in learning and development for all staff regardless of their role within the organisation. Once in the workforce, we also continue to invest in ongoing training and personal development. It is recognised that the value of skills already obtained has a diminishing lifespan. Therefore, to stay relevant and productive, employees need to be encouraged to adopt a mindset of continual learning. Telefónica Tech supports this by providing the time, resources, and structure to enable staff to upskill or re-skill through internal and externally provided courses covering a broad range of operational, administrative, technical, and personal development subjects.

  Equal opportunity

  At Telefónica Tech, we are convinced that the diversity of our teams, combined with an inclusive leadership style, helps us to achieve better business results. That is why diversity management and inclusion are part of our strategic agenda.; ; We see diversity as an essential source of talent. We believe this because we start from the principle that only by working to guarantee an inclusive working environment, where equal opportunities are a reality, will we promote an attractive working environment conducive to all people’s growth, regardless of their personal characteristics.; ; We are strongly committed to developing an organisational culture and identity of equality, pluralism and inclusion, in which the uniqueness of our employees’ skills, capabilities and ways of thinking help us make the best decisions.; ; For this to work, it is important to emphasise inclusion. We do not want to reinforce the pigeon-holing of people into closed groups but instead seek what unites us and create an inclusive company discourse that embraces all our employees equally. We are convinced that we will succeed in breaking down the inequalities associated with labels by managing diversity from a crossover perspective of inclusion and integration.

  Wellbeing

  The pandemic has highlighted the need for organisations to rethink well-being in the workplace. Well-being should be seen as something that is brought about through a business-wide change of attitude. This includes using a mixture of personal approaches to human interactions and technology to create an environment and workplace that provides a sense of purpose, belonging, flexibility, support, and recognition.; ; A workforce with a strong sense of well-being will exhibit the characteristics of being happy, healthy, and resilient. We aim to develop a culture that invites and retains our colleagues to develop their careers at Telefónica Tech. As part of this desire, we are committed to creating a healthy work-life balance by:; • Providing a range of benefits and initiatives to all of our employees.; • Promoting a healthy lifestyle at work and home.; • Protecting our people’s health through access to a range of medical and complimentary benefits.; • Promoting a culture of personal development.; • Creating an environment where well-being is the responsibility of all to promote.

Pricing

• Price: £400 to £1,500 a unit a day
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Andrew.Knight@telefonicatech.uk. Tell them what format you need. It will help if you say what assistive technology you use.