Intuitive Systems & Networks

ISN - Cloud Connectivity on Demand (EoD)

ISN are a Cisco networking and security specialist that can provide cloud connectivity on demand. A 100MB internet connection can be boosted to 500MB for a month then back to 100MB. ISN would only charge for the month the additional bandwidth this is delivered using Ethernet on Demand.

Features

• High Speed, Low Latency, Internet/MPLS Connections from 100MB to 100GB
• Increase or decrease bandwidth and associated cost monthly
• Meeting the demands of organisations with infrequent high peak usage
• Wires only carrier services terminated on ISN managed equipment
• 24/7 Network Management and reporting via a dedicated NOC
• Cisco Cloudlock to secure the Cloud service to the Network
• Rapid Deployment at sites using 4G with Secure SD-WAN
• Network Anti-Malware-Protection using Cisco TALOS/AMP for Endpoints & Umbrella
• Network DDOS Protection using Cisco Firepower Threat Management & Umbrella
• Network Pentesting - External, Internal, Blind, Double Blind, Black/white Box

Benefits

• Flexibility to scale between 100MB and 1GB
• High quality low latency cloud connectivity.
• Increase bandwidth as workloads increase
• Cisco Threat defense includes advanced security to protect the network
• ISN's 24/7 Management provides assurance the network is kept operational
• Cisco's Cloudlock combats cloud data-breaches securing cloud to Network
• TALOS security the largest independent security organisation provides world-class protection
• Cisco AMP/TALOS protects the network from advanced malware intrusions
• Cisco-Threat Defense uses TALOS protection to block DDOS attacks
• ISN-Pentesting validates the security of the network providing authenticated security

£750 to £1,300 a person a day

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ian.douglas@isn.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

347929475732351

Contact

Ian Douglas
0203 239 2476
ian.douglas@isn.co.uk

Service scope

• Service constraints: ISN do not have any service constraints,
• System requirements:
  • ISN does not stipulate any minimum service requirements
  • All works will be subject to high-level and low-level design

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: ISN are able to provide SLA's up to and including 24/7 4-hour across all solutions typically with a 15 minute first response.; SLA agreed with the end users at the time the order is placed.; ISN are able to remotely monitor client infrastructure 24/7
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Yes, at an extra cost
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: ISN monitoring and control solutions are delivered via screen based web interfaces.; ISN have not done any testing with assistive technology users however ISN are confident that should this be a requirement ISN could provide an effective solution
• Onsite support: Yes, at extra cost
• Support levels: ISN provide different levels of support to suit a clients needs.; Monday to Friday 8am-6pm as standard at no extra cost.; Monday to Sunday 8am-6pm enhanced care is chargeable.; 24/7 - 365 critical care is chargeable.; Fix SLA's vary depending on the type of service being purchased and vary between 4hrs and 48hrs.; The cost for the additional care is variable depending on the solution provided.; As part of the solution discovery phase, the correct level of support for the service will be determined and agreed by both parties, forming an integral part of the quote for the service.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Depending on the service being delivered ISN would provide the correct level of training to ensure a user is able to get the maximum from the ISN service at the point it is handed over for user acceptance testing.; This can include on-site training, web based training, self learning, live video, one to one or one to many training or documentation as part of the handover.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats:
  • Word Document
  • Excel Document
  • PowerPoint
• End-of-contract data extraction: This will be defined within service take on.
• End-of-contract process: At the end of a contract all services and connections will be terminated and any equipment provided as part of the service will either be handed over in accordance with the original agreement or collected. The equipment will be returned to factory settings and either re-used on another contract by ISN, sold, traded in for different equipment or recycled in accordance with government guidelines for the recycling of IT and telecommunications equipment applicable at the time.; ; If at the end of the contract the client wishes to transfer the services to another provider, ISN will make best endeavors to facilitate the transfer. Should any associated equipment be owned by ISN which by its removal would prejudice the service, ISN will agree to sell the equipment to the new service provider at a reasonable market rate to ensure continuation of service.

Using the service

• Web browser interface: Yes
• Using the web interface: Network availability and performance can be monitored and tickets raised through a web interface for standard internet connections.; ; With the SD-WAN service, network performance, configuration, setup, fail-over and detailed application management and application bandwidth settings can be controlled by the user via a cloud based web interface.; ; A user can determine the criteria for an application to traverse a particular network connection or fail-over to a backup connection.; ; The SD-WAN control of the network is cloud based enabling the user to control the network from anywhere.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: Users can monitor network availability and performance and raise tickets through a web interface for standard internet and MPLS connections. Users cannot make any alterations to the network or configuration.; ; With SD-WAN users can monitor network performance, if they have the correct level of access they can change the configuration, setup, fail-over and application bandwidth control settings via a cloud based web interface.; ; A user can control the criteria for an application to traverse a particular network connection or fail-over to a backup connection.
• Web interface accessibility testing: ISN monitoring and control solutions are delivered via screen based web interfaces.; ISN have not done any testing with assistive technology users however ISN are confident that should this be a requirement ISN could provide an effective solution
• API: Yes
• What users can and can't do using the API: Both the ISN management tools as well as the vendor cloud tools will both allow API integration.; Typically an ISN engagement will review the suitability and benefits of such integrations on a case by case basis.
• API automation tools: Other
• API documentation: Yes
• API documentation formats: Other
• Command line interface: Yes
• Command line interface compatibility: Other
• Using the command line interface: Typically Cisco command line would be available.

Scaling

• Scaling available: No
• Independence of resources: When ISN provide network connectivity, ISN complete a detailed discovery of the end user requirements and future growth. As a result the solution is rightsized for the service required. ISN can provide solutions that include dormant additional bandwidth which is capable of being used as and when required without the need to contact ISN. The additional bandwidth enables the end user to respond to unplanned events and only pay for the additional bandwidth when it is needed.
• Usage notifications: Yes
• Usage reporting:
  • API
  • Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
  • Other
• Other metrics:
  • Cisco Firepower Network Threat Detection, Cisco AMP Anti Malware Protection
  • Cisco AMP for Endpoint reporting
  • Cisco Cloudlock reporting
  • Cisco Umbrella network edge reporting
  • Cisco Viptella network management control and reporting
  • Cisco Meraki network management control and reporting
  • Full Solarwinds suite of infrastructure analytics
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Cisco, BT-Openreach, Talk-Talk, Virtual-1, Vodafone

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Configurations
  • Rules
• Backup controls: Backup will be dictated by client DR strategy and how this translates to the solution architecture.
• Datacentre setup: Multiple datacentres
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
  • Other
• Other protection between networks: This can be by various means to be defined within the high level design phase
• Data protection within supplier network:
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
  • Other
• Other protection within supplier network: ISN will adhere to customers individual codes of connection.

Availability and resilience

• Guaranteed availability: ISN will provide a detailed table of SLA's and rebates and service management will regularly report on these and pass any rebates against these through to the end user.; ; The SLA is dependent on the type of service being delivered, as an example an ADSL service with ISDN backup has a 97% SLA. An Ethernet connection with dual diverse tails has a 99.999% SLA.; ; Network resilience can be improved for even low cost connections by the use of a secure 4G failover which is becoming increasingly common and is built into a number of the services ISN provide.; ; ISN can provide all types of connection with resilience configured to suit the service being delivered.
• Approach to resilience: ISN provide network connectivity and security, all services are configured to function in the event that ISN's network management center has an outage.; ; The network providers that deliver the service have fully resilient core networks, the final mile delivery is always the biggest risk to an end user service. Low cost solutions are available from ISN to mitigate the risks of final mile delivery.; ; ISN can provide solutions and services that provide the highest level of resilience available in the UK.; ; Third party cloud providers to ISN such as Cisco will be inherently resilient in their nature.
• Outage reporting: ISN actively monitor network connections for managed services and will contact an end user in the event of a network outage. This is often before an end user knows an outage has occured and long before a network provider has notified ISN of the problem.; ; If an end user has an API into our network management center they would automatically be notified. An end user can have access to an instance of our Solarwinds network management platform to monitor the network and create alerts based on network failures or a reduction in performance.; ; ISN will agree a notification plan for network issues which could include e-mail, txt or phone call.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Other user authentication: This can be by various means to be defined within the HLD process
• Access restrictions in management interfaces and support channels: Access to management interfaces and support channels is restricted to an authorised personnel register. The register details who has access to online systems, and the level of access.; ; As part of the contract agreement between ISN and the end user, a whitelist of people allowed to authorise access to online systems is agreed. No change of access will be allowed without the documented authority of the parties on the whitelist.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Description of management access authentication: This can be defined within the HLD process.
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS International
• ISO/IEC 27001 accreditation date: 11/05/2017
• What the ISO/IEC 27001 doesn’t cover: Design and development of software; A.6.2. Teleworking; A.14.3. Test data.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ISN are ISO 27001 : 2013 accredited; ; Certificate Number : 14122678 | Approval Date : 02/03/2015 | Expiry Date : 01/03/2025 ; ; ISO are audited annually by QMS International.; ; Mr Richard Titheradge is a director of ISN and is the Information Security Management Representative.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All applications, systems, hardware and software that exist in the live/production environment, test environment or development environment are considered to be under the change management control process.; Change management is controlled using ISN's Cherwell ticketing platform. ; A Standard RFC includes:- ; Change Title; Change Description; Change Reason; Security Implications; DR Implications; Critical Success Factor; RFC Category, 1 – Major, 2 – Significant, 3 – Minor; Start Date/Time; End Date/Time; Business Owner; Approval; Configuration Items (CIs) affected-by-change; System Downtime; Implementation Plan; Plan Tested; Regression Plan; Backup Details; Software Licensing; Additional Resources Required; Team Names; Documentation Activity; Additional Notes / Audit Trail
• Vulnerability management type: Undisclosed
• Vulnerability management approach: ISN will be providing network and security services to end user clients. The core of the ISN security approach is to deploy Cisco devices linked to the Cisco TALOS security management architecture, this includes Cisco firewalls, anti-malware protection for networks, devices and content filtering.; ISN regularly run penetration testing on ISN's network using CREST certified testers.; ISN recommend that all networks are actively checked for security weaknesses at least once a year.; As part of a network deployment ISN can co-ordinate an independent penetration test as part of user acceptance testing and then annually recurring by different pentesters.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: ISN will be providing network and security services to end user clients. ISN rely on Cisco to provide the security monitoring threat defense. By using the Cisco security solutions the end user is notified immediately a threat is detected and can use Cisco tools to re-mediate the threat. ISN can provide 24/7 cover which includes threat support, should an element of the network be identified as compromised, ISN can isolate it within 2 hours of being notified. ISN also offer a Cisco defense support package which includes access to Cisco specialists to help block/re-mediate cyber attacks.
• Incident management type: Undisclosed
• Incident management approach: ISN have a fully documented incident management process with highly detailed flowcharts covering all aspects of how to log an incident and the responses and timescales involved.; As part of the support process ISN provide a monthly report with any incidents logged and a detailed description of the response and the timescales to resolve.; ISN actively monitor end user networks using the Solarwinds management platform and regularly report issues to end-users before they know one exists. End-users can have access to the Solarwinds view of there network.; End users can report issues via e-mail, phone, or via the Solarwinds support-portal.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Third-party
• Third-party virtualisation provider: Various dependent on high level design
• How shared infrastructure is kept separate: Best practice design and security would be implemented where appropriate from a budgetary and compliance standpoint.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: ISN will aim to work with compliant third parties wherever possible.

Social Value

• Social Value:

  Social Value

  Fighting climate change

  Fighting climate change

  ISN’s Sustainability goals represent our commitment to a better, greener environment, creating a more sustainable future for our industry. ; ; We are committed to: ; Implementing environmentally sustainable practices within our operations and services ; ; Develop and deliver sustainable, energy-efficient solutions for our customers, supporting them to achieve their sustainability goals. ; ; Promote awareness and education on environmental sustainability within our organisation and among our customers. ; ; Helping our customers reduce their carbon impact by reusing, recycling, or refurbishing end-of-life products instead of simply disposing of them. ; ; We are collaborating with our partners to explore avenues for backing the circular economy, and our Cisco Refresh partnership serves as a notable illustration. ; ; At ISN we strive to lower the impact we have on the environment while increasing the value we offer to our customers. ; ; Supply Chain ; ISN collaborates with partners, suppliers, and vendors to align with ISN's values and actively contributes to enabling, delivering, and supporting a sustainable supply chain. ; ; Solutions ; ISN assesses all services and solutions provided to both new and existing customers. Empowering its employees, ISN facilitates the creation and delivery of sustainable services and products to support customers on their individual sustainability journeys. ; ; Why? ; At ISN, we hold the belief that achieving business success is not only compatible but inseparable from our commitment to safeguarding our people and the planet, ensuring a sustainable legacy for future generations. ; ; We are motivated to drive change within our organisation whilst working with our partners, our supply chain and supporting our customers on their sustainability journey through the technology we provide, the solutions we design and the way we deliver.

Pricing

• Price: £750 to £1,300 a person a day
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: As a Cisco service provider some services are available on a Proof Of Value basis (POV). This includes:- ; AMP Anti Malware Protetcion for networks both public and private; AMP for endpoints secures PC's-Tablets-Phones; Umbrella secures web access; Trials are size and time limited; Equipment can sometimes be offered for trial

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ian.douglas@isn.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.