Skip to main content

Help us improve the Digital Marketplace - send your feedback

UK Allied Associates


Hypnos is a software product to perform mediation---the encapsulation of lawfully intercepted(LI) network traffic and its delivery to a Law Enforcement Agency(LEA) compliant with ETSI and other delivery standards. The software activates warranted intercepts at the authorised time, delivers intercepted traffic to LEAs, and deactivates when authorised time elapses.


  • Investigatory Powers Act 2016 / DRIPA 2014 Compliance
  • Easy to use browser-based dashboard
  • Cloud and on-premise installations available
  • Support for ETSI and CALEA delivery standards
  • Support for Cisco SII, PacketCable2.0, Juniper, and other interface types
  • Modular design allows for easy addition of interface types
  • Automatic or user-requested software updates
  • System secured with PKI and org/user auth


  • Flexibile installation options
  • Reduced or removed hardware costs
  • Users can easily provision new targets as required
  • Prevent unauthorised access to provisioning interface and data
  • Low cost to add new interface types or LEA features
  • Compliance with UK Lawful Interception standards


£1,000 an instance a year

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

3 9 0 3 4 8 0 7 2 9 0 0 0 1 6


UK Allied Associates Dan Metcalfe
Telephone: 02037144230

Service scope

Software add-on or extension
Cloud deployment model
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
Service constraints
If user chooses on-prem installation of software, we will only support recommended hardware configurations listed in our user guide.
System requirements
  • Essential: Docker 20.10 or AWS Fargate
  • Deployed on: Linux or Windows (virtual or physical), or cloud
  • 1 Gbps network connection
  • 500 GB of available storage
  • MongoDB 4.4 (containerised)

User support

Email or online ticketing support
Email or online ticketing
Support response times
Within 4 business hours, Mon-Fri 09:00-17:00
Weekend support available for additional fee
User can manage status and priority of support tickets
Online ticketing support accessibility
None or don’t know
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
We offer:
- Basic support included with yearly maintenance. Includes access to the Hypnos support portal to submit trouble tickets, review knowledge base, and check status of issues. Also included is business hours phone support.
- Premium support offers Basic support plus allows for Hypnos engineers to prioritise specific customer issues. Price: £100/hour, available up to 16 hours/month.
- Custom support packages to support specific customer requirements (such as after-hours support, major customisations, etc) can be offered for an additional fee.
Support available to third parties

Onboarding and offboarding

Getting started
Users perform self-install using our operator's manual provided at time of purchase. We are able to offer live online product training on request.
Service documentation
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
All data is stored in MongoDB, and customers are free to export data themselves on contract end.
End-of-contract process
The service will stop working at the end of the contract. Users will be warned at least 30 days before contract end to see if they want to extend the service. If user purchases a contract extension, we update our system to reflect the extended contract end date. If not, the users will be locked out of service at the contract end time.

Using the service

Web browser interface
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
Application to install
Compatible operating systems
  • Linux or Unix
  • Windows
  • Other
Designed for use on mobile devices
Service interface
User support accessibility
None or don’t know
What users can and can't do using the API
Provisioning through a RESTFul API; SNMP; SSH/DTCP; ETSI 103.221-1; other.
LEA delivery using corresponding ETSI/CALEA standards.
API documentation
API documentation formats
  • HTML
  • PDF
API sandbox or test environment
Customisation available
Description of customisation
Product can be customised to support additional IAP or network elements. Support for additional delivery standards and data processing requirements (e.g. filtering). These customisations must be made by Hypnos engineers at customer's request, and come at an additional fee.
UI can be customised through white-label branding and language selection.


Independence of resources
Users install our software in their own environments, and are not impacted by demand by other users


Service usage metrics
Metrics types
IAP, processing and delivery throughput metrics can be viewed on real-time dashboard.
Network protocol analysis for traffic type, volumes and usage.
Reporting types
  • Real-time dashboards
  • Reports on request


Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Allied Associates International (US parent company)

Staff security

Staff security clearance
Staff screening not performed
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Through interfaces provided by MongoDB, or by setting up their instance of MongoDB that they control (making data storage outside the scope of our system).
Data export formats
Other data export formats
  • JSON
  • XML
Data import formats
  • CSV
  • Other
Other data import formats
  • JSON
  • XML

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
No SLAs for availability
Approach to resilience
Container-based architecture allows for system replication
Outage reporting
Not applicable to our service

Identity and authentication

User authentication needed
User authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
PKI - client certificates.
Username and password.
Access restriction testing frequency
At least once a year
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Access to supplier activity audit information
No audit information available
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Cyber essentials
Cyber essentials plus
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance approach
Cyber Essentials.
Internally developed ISMS.
Information security policies and processes
Cyber Essentials.
Internally developed ISMS.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Use of change processes leveraging Docker, Git, and continuous integration for service component tracking.

Performance of an in-house service penetration test conducted on each software update or configuration change.
Vulnerability management type
Vulnerability management approach
In each 2-4 week development sprint, a task is added to check for security-related updates and/or known issues with all third party components used in Hypnos. If an issue is found, then it is assessed for severity. Critical issues are prioritised for immediate update, and an immediate release is made. Moderate to low priority updates are planned for the next regular release, to happen at the end of the current sprint.
Protective monitoring type
Protective monitoring approach
The Hypnos Docker service is hosted on the company's network, and uses protective monitoring measures in accordance with ISO-27001, and are working toward certification.
Incident management type
Incident management approach
Hypnos employs company incident response processes in accordance with ISO-27001 standards, and are working toward certification.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks

Social Value

Fighting climate change

Fighting climate change

UKA2 Engineers are responsible for all aspects of the sustainable production of high-quality software products for Buyers - they don't "just" write code. UKA2's roadmap for continued sustainable growth of the services we provide to public sector organisations aligns with “Responsible Consumption And Production” from UN's Sustainable Development Goal 12 in 2030 Agenda. Its 10 Year Framework, encouraging companies to adopt sustainable practices, bridges the efforts at UKA2 and our US parent company. When designing new Services for Buyers, we apply preventative measures against waste and carbon production. Our engineering teams seek to continually improve any sustainability goals of established services we are contracted to support. UKA2 on-premises servers, accessed through low-energy Thin Clients, provide both business and technical users secure, flexible tools and services. Servers automatically power off after hours, so usage and cost of energy is minimal, 100% supplied from renewable sources. Certified “CarbonNeutral” Cloud Services and Hosting (e.g. UKCloud) are recommended to Buyers at project Design stage, based on our service deployment experiences. Any services we create are assessed for energy efficiency and potential (then actual) change to carbon footprint from End Users. UKA2 provides the Buyer with an itemised carbon footprint measurement of any products or services during the tender stage, then suggests any candidate areas for improvement as part of a sustainability roadmap. Sustainable practices form the core of everyday activities; from our commitment to being paper-free, to only procuring low-energy office equipment, to proactive monthly maintenance and compliance checks. Information generated by these activities is reported quarterly to the Board.


£1,000 an instance a year
Discount for educational organisations
Free trial available
Description of free trial
1 month trial in customer sandbox or live environment. Serves as demonstration of capability.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.