NVT Group

Aiir - Cloud Managed WiFi as a Service

Aiir is NVT’s all-inclusive business connectivity solution. Aiir provides wireless and wired connectivity to people, places and things, including any hard-to-reach locations. With Aiir, we provide everything you need to get connected including hardware, software and services. Aiir includes predictive analytics and reporting to ensure the highest service availability.

Features

• WiFi and connectivity as a service.
• Secure corporate, guest and other access connectivity.
• Fully managed solution.
• Fully maintained solution.
• Feature rich reporting.
• Ties into systems providing Network Access Control for integration.

Benefits

• Proactive monitoring ensuring businesses and users stay connected.
• Provided as a fixed recurring spend with no capital uplift.
• Internal IT team released from mundane tasks.
• Strong economics.

£25 to £250 a unit a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at public_sector@nvt.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

444670000532256

Contact

Dougie Weir
01698 749000
public_sector@nvt.co.uk

Service scope

• Service constraints: Users would be required to supply sufficient network ports for the provisioned access points and, if power over ethernet (POE) is unavailable, a standard BS1363 AC power socket. Service will be subject to regular maintenance which will be communicated through our Service Desk with contingencies in place.
• System requirements:
  • Sufficient network ports for access points provided.
  • BS1363 AC power socket or POE switches.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Our standard SLA response times are as follows:; ; Priority 1 (Critical) - 1 Hr Target Response Time; Priority 2 (High) - 2 Hr Target Response Time; Priority 3 (Medium) - 4 Hr Target Response Time; Priority 4 (Low) - 8 Hr Target Response Time; Service Request - 3 Days Target Response Time; Change Request - Variable
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: The service is available 9am-5pm, Monday to Friday. However, 24x7 service is also available and can be priced separately. All service agreements include a Service Level Agreement which is agreed with the client. This document outlines the service deliverables.; ; Our standard SLA response times are as follows:; ; Priority 1 (Critical) - 1 Hr Target Response Time; Priority 2 (High) - 2 Hr Target Response Time; Priority 3 (Medium) - 4 Hr Target Response Time; Priority 4 (Low) - 8 Hr Target Response Time; Service Request - 3 Days Target Response Time; Change Request - Variable
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: NVT can and will engage with customers as required and permissable prior to and during the purchasing process to better understand the breadth of requirements and complimentary technologies.; ; Aiir is a cloud hosted platform, however, as it is providing WiFi as a service there is a requirement for on-premise hardware, because of this NVT will deploy suitably experienced and qualified specialist resources as part of its transition team. NVT’s transition team will be responsible for planning the project; assessing and reporting its status; mobilising NVT resources required; maintaining a risk register, issues list and action log; and preparing the necessary change management procedures in order to implement the transition.; ; Key to the deployment is formalising either through new or existing site surveys the location and density of on-site access points and understanding the SSID's required by the purchasing party.; ; Users will be provided basic training (online or on-site) on how to view and analyse data from the ashboards and full documentation will also be made available as per our standard governance.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Aiir stores minimal data. Stored data includes information on packet inspection, SSID and access points. The only user/customer data that will be stored relates to data collected as part of the security process (logs and analysis). Any customer specific data and or policies/configurations will be provided to the customer via our internally controlled API, on their chosen media, along with comprehensive documentation before going through the appropriate and necessary deletion/destruction.
• End-of-contract process: The primary objective of our Exit Management Plan is to enable an orderly cessation and smooth migration from the Supplier to the customer and/or its Replacement Service Provider. This includes the handover of responsibilities, services, assets and any other items or information necessary, with a view to the customer and/or the Replacement Service Provider operating a replacement service for the Services, with effect from the date of termination of this Agreement in a cost effective manner. This ensures business continuity and minimal disruption to the Council’s business operations.; In the event of the partial termination of this Agreement, or of the termination of a discrete Service Tower, the provisions of this Schedule shall be applied (with the necessary changes) in relation to the terminated Services, in accordance with the provisions of our internal policies.; The Exit Management Plan will be prepared on the assumption that the Services will be transferred to the customer or a Replacement Service Provider on termination or expiry of this Agreement.

Using the service

• Web browser interface: Yes
• Using the web interface: Aiir is designed to be provided as a fully managed service with all key components and appropriate supported technologies supported. As a managed service NVT would anticipate users would want to take advantage of the benefits of a cloud hosted system without the management overhead of administering the platform.; ; However customers and users will still have access to their own multi-tenanted cloud access controller via a web based GUI and will be able to look at key metrics including utilisation, connected and registered user numbers and other connectivity related metrics.
• Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
• Web interface accessibility testing: NVT engages with our human resource partner and local further education institutes to test both internally and externally on the suitability of our interface for assistive technology users.
• API: No
• Command line interface: No

Scaling

• Scaling available: No
• Independence of resources: Aiir is provided as a multi-tenanted controller. The overheads on the cloud controller are minimal. Performance issues are typically centred on the customer network setup and/or availability of comms. However, where it may be required, the customer can choose to have their own tenancy/instance/controller.
• Usage notifications: No

Analytics

• Infrastructure or application metrics: Yes
• Metrics types: Other
• Other metrics:
  • Network traffic.
  • Bandwith consumed.
  • Number of connected and registered users/devices.
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Native Cloud Controller & Virtual Machine backup.
  • Packet Inspection Information.
  • SSID configurations.
• Backup controls: Fully controlled by the supplier.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Aiir runs on a dedicated instance of NVT's Private Hybrid Cloud Solution. NVT proatively monitors the platform regardless of deployment type (pending any internal or contractual data access poliies) and has built the platform on best of breed hardware running in best of breed datacentres and powered by a suite of software backed by NVT's 35 years of experience. All this means we can offer 99.9% uptime.
• Approach to resilience: Aiir, as a fully managed WiFi solution is dependent on both a hosted controller and on-premise access points.; ; The hosted part of the solution resides in Microsoft Azure datacentres and information about resilienece of the Azure environment is available on request.; ; Aiir proactively monitors access points and, through machine learning, can predict when access points may fail. NVT have access points and, with our distribution partners, will ensure speedy deliver of a replacement access point to the site.
• Outage reporting: Any service outages are reported via our Information Technology Service Management (ITSM) system which automatically alerts clients via email and client web portal.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access is stringently restricted by way of federated active directory services and two factor authentication.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Exova BM Trada
• ISO/IEC 27001 accreditation date: 06/08/2015
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: NVT Group is certified for ISO27001 and as such have a set of policies and processes in place to ensure compliance. NVT Group has an appointed Compliance officer to interface with the management on security aspects and also is the conduit to the UKAS accredited audit partner.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Our certified standards ISO9001, & ISO27001 define our configuration and change management processes and procedures are fit for purpose. Each change request is logged and tracked through our call management application, subject to approval and manged to successful implementation or conclusion.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Our Aiir core platform resides in Microsoft Azure. The Aiir platform uses Network Access Control technology. Posture assessments can be conducted before access to the corporate network is made available. The Aiir platform is kept fully up to date by way of subscription to industry recognised malicious software services to ensure a comprehensive knowledgebase of prevailing threats. Patches are applied on an ad-hoc basis depending on the threat severity.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: The Aiir platform resides in Microsoft Azure. It is continuously monitored to identify potential issues. Each issue is viewed on its own merit and treated accordingly. NVT Group decided not to have a set of standard approaches as experience tells us that there are not a standard set of potential issues that may occur. Each compromise alerted will be addressed immediately on discovery by our technical team and a resolution devised and an implementation plan agreed. If a resolution is not readily available then a work-around will be put in place whilst a permanent resolution is sought and actioned.
• Incident management type: Supplier-defined controls
• Incident management approach: NVT Group operates an ITIL aligned customer Service desk. The service desk will be the focal point for the reporting, tracking and management of all incidents. Incidents can be reported either by phone, email , portal self service or can be automatically reported via our Monitoring and Management solution. Incident reporting and escalations are in line with ISO9001 standards with a clear and defined process in place and available upon request.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Aiir is hosted on Microsoft Azure and has been 100 percent carbon neutral since 2012, meaning that it removes as much carbon as it emits, either by carbon offsetting or reducing carbon emmissions.; ; Microsoft is a participant in the EU ICT Code of Conduct for its 15 Data Centres in the EU.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Please enquire with us directly about our social value activities and commitments.

  Covid-19 recovery

  Please enquire with us directly about our social value activities and commitments.

  Tackling economic inequality

  Please enquire with us directly about our social value activities and commitments.

  Equal opportunity

  Please enquire with us directly about our social value activities and commitments.

  Wellbeing

  Please enquire with us directly about our social value activities and commitments.

Pricing

• Price: £25 to £250 a unit a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Single access point for small number of users with direct access to cloud controller.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at public_sector@nvt.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.