Cisilion Limited

Cloud Managed Infrastructure (Cisco)

Cisilion offer a cloud based management and monitoring solution for on-premise infrastructure delivered as a service priced on a monthly model.

The solution is based on the primarily on Cisco solutions but other vendors are available.

Features

• Design & commissioning of Cloud Managed Meraki enterprise network
• Full UK based 24/7/365 monitoring and management of Cisco environment
• Secure and customised portal to log, view and track incidents
• Access to Cisilion’s Cisco engineers
• Access to Cisco Support via our escalation process
• Response Based SLA with P1 Response within 15 minutes
• Includes Change Enablement, Service requests, feature and release management
• Configuration management
• Regular Service reports and service review meetings
• Monthly service updates to analyse call numbers and common issues

Benefits

• Full 24 by 7 monitoring and management of your on-premise
• network estate through our cloud management platform.
• Reduction of operation burden on internal IT teams
• Automation of event correlation and incident management activities reduces MTTF
• Improved visibility, analytics, and troubleshooting tools
• Full lifecycle management
• Quarterly Innovation Centre Experience Workshops

£15.65 a unit a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at drichardson@cisilion.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

387967101520172

Contact

Debbie Richardson
01372 201145
drichardson@cisilion.com

Service scope

• Service constraints: It is necessary to carry out essential work from time to time. These activities are carefully scheduled through the use of an internal change control process which is designed to present maximum visibility of that change and thereby ensure that planning and implementation are carried out to minimize the effect on customers and their network services.
• System requirements:
  • Hardware must connect to the internet to establish cloud connectivity
  • Customer should purchase a wireless survey to determine AP coverage.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Client will be able to track progress by phoning the service centre, e-mailing, and logging in to the Customer Portal. Phone/Portal/ interface = Response is immediately Email = Response is +30 Minutes First update on resolution progress for all methods= + 30 Minutes Max Subsequent updates or at an agreed frequency = + 60 Minutes
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: The SLA Next Business Day shipment. ; The support levels depend on the model of the access point as each one will carry a different £ Value.; ; Each client will be allocated a Cisilion Account Team which will be made up of highly experienced Account Director, Cloud Consultant and Service Delivery Manager
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: As part of the on boarding service Cisilion provide installation, commissioning , user adoption and training services to ensure the customer has full understanding of the provided Cloud Wireless solution. A service delivery manager is assigned to the customer as part of the on going program and continual improvement exercise. Customer employees are also invited to the Cisilion success hub where more formal classroom based training can be provided.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: As part of our Exit management strategy Cisilion is committed to run a series of workshops with the customer during the transition phase in order to define an acceptable exit strategy for the customer. Based on the results of the workshops Cisilion will provide an exit plan which will define as a minimum:;  Separate mechanisms for dealing with Ordinary and Emergency exits;;  The management structure to be deployed during both transfer and cessation of the services;;  A detailed description of both the transfer and cessation processes including timetables;;  Description of how the service to be transferred to/from an existing/replacement contractor;;  Description of the legal and financial issues;;  Termination obligations, etc.; The guiding principle of the plan is to ensure a smooth transfer of whole or part of the services as appropriate, which minimises risk to service continuity throughout the exit period.
• End-of-contract process: Cisilion would intend to develop the Exit plan with the customer to an agreed final version three months after contract start date. The plan will be reviewed at six monthly intervals thereafter to ensure it remains current to the prevailing service operations. ; Upon invocation of the handover period we would appoint a Project Manager to manage the Exit Plan through to its successful completion. This individual would also secure the required project resources and liaise with the customer and a successor service provider on all relevant aspects of the plan’s execution. This is included in the project costs.

Using the service

• Web browser interface: No
• API: Yes
• What users can and can't do using the API: Customers can have access to the Meraki dashboard API.
• API automation tools:
  • Chef
  • Puppet
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Manual
• Independence of resources: No user traffic is transported through the cloud, all data is moved out of band to the cloud management, the only data is within the cloud is the configuration, and management information which has no effect on user performance.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • HTTP request and response status
  • Network
  • Number of active instances
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Organisations whose services are being resold at Cisco

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: No customer data is held within the cloud
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up: All config files are stored on the Meraki dashboard
• Backup controls: During the service design Cisilion will agree with the customer the backup schedule, the areas to be backed up, frequency, etc.
• Datacentre setup:
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users can recover backups themselves, for example through a web interface

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: The Cisilion dashboard is cloud based which is replicated across multiple data centers around the world providing a high level of uptime. Should the Cisilion cloud become unavailable it will not effect the working of the wireless network.
• Approach to resilience: The Cisco cloud infrastructure is distributed across multiple datacentres around the world. Each customer's data, including network configuration and historical statistics, is replicated across at least three independent datacentre. Customer data is replicated between datacentre in near real time. If an entire datacentre was to be rendered unavailable due to a natural disaster or other major disruption, customers' networks would simply migrate to another datacentre, with all user data available and up to date. This redundancy and failover is entirely transparent to the network administrator, and all networks, big and small, achieve ultra-high levels of reliability out of the box.
• Outage reporting: All service outages will be notified via e-mail, and on the Cisilion Dashboard portal, all outages are reported in the local time of the effected devices.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access is restricted by the use of individual privilage levels required by login.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device over multiple services or networks

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: The British Assessment Bureau
• ISO/IEC 27001 accreditation date: 19/08/2016
• What the ISO/IEC 27001 doesn’t cover: We are covered under the IT ISO Certification
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: ISO9001

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ISO 27001

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All our services are aligned to the best practices set out in ITILv3 for key activities such as Change management for resolution of incidents, problems, service requests and changes. Where a change is identified, the change must documented with the reason , any known implications including security impacts, and any proposed times for the change . Changes are reviewed prior to implementation to ensure their awareness of the potential change. The potential change is then approved and the change can be made. Cisilion will work with the customer to determine the optimal time for change, scheduled maintenance and support operations.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Cisilion invest heavily in tools, processes, and technologies to keep users and their networks safe and ensure any vulnerability is highlighted and remediated against, these include; • third party audits; • two factor authentication; • out of band cloud management architecture; • 24x7 automated intrusion detection; • Protected via IP and port-based firewalls; • Remote access restricted by IP address and verified by public key (RSA); ; Meraki also offers a vulnerability rewards program that is an important component of our security strategy, encouraging external researchers to collaborate with our security team to help keep networks safe.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Cisilion follow vendor and industry best practices for reviewing and managing vulnerabilities for devices that are supported by Cisilion. All devices are monitoring by our internal management toolset based on Sciencelogic.On a daily basis, we review vendor security vulnerability and security advisory listings to learn about new vulnerabilities as they become known and take action on any identified.Cisilion use the NIST database to identify Critical vulnerabilities
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: All incidents can be reported either by opening a case via the Cloud Dashboard, or via the telephone. If it is a security issue then the case can be marked as a high priority as will be dealt with accordingly. If there is a critical incident that has been discovered in the cloud or has been reported exteranally the actions and updates are communicated via email and via the Cloud Dashboard.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Cisco datacentre adhere to this code of conduct

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We continually strive to reduce our carbon impact year on year, initiating additional projects and activities that will further reduce our impact locally and globally, and contribute towards global UN carbon offsetting initiatives. Our commitment to the environment extends to our customers, our communities, our employees, our suppliers and other countries in which we operate. Our Carbon Reduction Plan is based upon the following principles: 1. Comply with, and exceed where practicable, all applicable legislation, regulations and codes of practice; 2. Integrate environmental and sustainability considerations into all our business decisions; 3. Endeavor to reduce our environmental impact year on year; 4. Ensure that all employees are fully aware of our Environmental and Sustainability Policy; 5. Ensure all employees are committed to implementing and improving our policy; 6. Ensure clients and suppliers are aware of our Environmental and Sustainability Policy, and encourage them to adopt sound sustainable management practices; 7. To review, annually report, and to continually strive to improve our environmental and sustainability performance. 2. Commitment • Cisilion are committed to reducing our impact on the environment and to achieving our goal of becoming net zero by 2050. • We will partner with Ecologi, a Carbon Avoidance organization. • We will plant 7,500 trees throughout Financial Year 2024 (“FY24”).

  Covid-19 recovery

  Cisilion External Statement Cisilion are closely monitoring the developments both at home, and around the globe with respect to the COVID-19 outbreak. In addition to our commitments to supporting our customers, Cisilion views as one of its highest priorities the health and wellbeing of its employees. Because of this, we have a clear business continuity plan and sickness procedure which the Company will continue to adopt in the pandemic situation, following the World Health Organisation (WHO) pandemic level definitions for triggering our response. In accordance with government guidelines issued on the 23 of March, and previously as the situation developed, we have initiated a program where our employees are able to continue to work from home in isolation. The measures that we have taken are designed to ensure that there is the minimum of disruption to services to our customers as well as minimising the risk to our staff at this difficult time. We ask our customers to understand that despite this, there is an increase in demand on parts of our services. We are prioritising the support of our customers with services which are vital to the efforts to contain the pandemic. This may mean that there could be some minor delays in responding to issues and project work, although we are working to keep this to a minimum. Due to the current situation with enforced social distancing, project and engineering work requiring site visits, is having to be risk assessed on a case by case basis. Our own infrastructure which is used to support our clients continues to operate as normal. As a flexible organisation, all internal systems are accessible to our employees from remote locations. We have facilities in place already to ensure all employees have the equipment needed, to work from alternative locations seamlessly.

  Tackling economic inequality

  Learning and development plays a huge part in Cisilion’s culture. This includes our induction and awareness training, as well as creating platforms for unlearning and unconscious bias. Cisilion conduct all learning and development via LearnAmp, our online Learning Management System. As part of our induction process, we include Diversity and Inclusion Training, along with enhanced Grievance procedure outlines and Anti-Harassment training. Employees are then required to complete refresher training every 6 months. Diversity and inclusion play a key role in Cisilion’s core business objectives and values. Cisilion recognise that as a Company, more can be done to improve our diversity and inclusion practices and this will continue to be a working directive through the organisation, to support underrepresented groups. The recruitment teamwork within our People function at Cisilion and therefore liaise continuously to ensure proactive recruitment identifies a diverse set of candidates and supports those throughout the interview processes. While we understand that not all individuals feel comfortable in disclosing their identity, we continue to monitor and track our performance against self-created targets for LGBTQIA+, gender and ethnicity within the recruitment processes and within our workforce, where at all possible. Cisilion engage with current employees from underrepresented groups, who feel comfortable in doing so, to address any other areas of suggested improvement, and to include their voice in future initiatives.

  Equal opportunity

  Invest in our economy to provide equal opportunities for employment, innovation and growth. Each month, a mixture of the HR, People and Recruitment team members alongside the Cisilion management team, will provide a mixture of 2 hour workshops and 1 hour long one to one sessions. The workshops will be run by our Recruitment team, covering topics such as interview best practice, CV formatting and job hunting tools available. Individuals will also be able to register for one to one advice with a member of our management team as a coaching session and more personal advice related to the unemployed persons experience so far. Cisilion have been running apprenticeship and graduate schemes for the past 5 years and partner with 3 specialist recruitment and training providers who are experts in finding work for and training unemployed young people. Cisilion are a Microsoft and Cisco gold partner, who are keen supporters of assisting young people into work. Cisilion often engage with Cisco and Microsoft for support with apprenticeship programmes and are familiar with other employment initiatives that we will be able to share with the unemployed people during the workshop sessions. Cisilion are also aware of and understand the current Quick Start government scheme of which we will be able to provide details and guidance to unemployed individuals

  Wellbeing

  Cisilion operate a robust health and wellbeing programme, partnering with Vitality Health and Medicash. On an annual basis, all 160 employees on our scheme conduct an Online Health Review, giving employees an understanding of specific areas of health that they need to improve upon, i.e. cholesterol, blood pressure, alcohol intake, physical activity levels and blood glucose level. If employees do not know the figures for these key areas, they can take a free health assessment to provide them with this data. Vitality Health offer their Member Zone to all members, giving access to videos, tips and our monthly Vitality calendar covering a range of topics from women’s health to mental health and nutrition.

Pricing

• Price: £15.65 a unit a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at drichardson@cisilion.com. Tell them what format you need. It will help if you say what assistive technology you use.