Convergence Group

Convergence Group LAN & Wi-Fi Managed Services

Convergence Group's LAN & Wi-Fi Managed services free up IT teams for strategic projects, ensuring peak efficiency in network management. We provide standardised configurations, accurate asset information, and real-time visibility through Tiviti, our self-service portal, streamlining operations for faster issue resolution and enhanced control.

Features

• Access to 24x7x365 UK Network Operations Centre
• Replacement parts / hardware delivered to site
• On-site technician (hardware SLA dependent)
• Tiviti platform (access to self-service and direct engineering interface)
• Inventory and asset management live database
• Device real-time monitoring and alerting, live status topology map
• Annual health reports
• Software patch management
• Automated moves, adds and changes
• Configuration management and capacity planning

Benefits

• Free-up your internal IT team
• Make more informed decisions about network infrastructure changes
• See and solve network security vulnerabilities more easily
• Secure a stronger compliance position with better audit-related information
• Take care of vendor management and supply chain headaches
• Analyse trends easily, identify potential issues before they happen
• For any network issues, you will be alerted within minutes
• Reduce downtime thanks to faster fault resolution and part replacement
• Eliminate excessive costs of wasted call-outs and unresolved issues
• Guaranteed Service Level Agreements on response and resolution times

£28.84 a device a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@convergencegroup.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

457057277842614

Contact

Sales Team
0845 270 2709
sales@convergencegroup.co.uk

Service scope

• Service constraints: Customers must possess or acquire supported LAN or Wi-Fi products from vendors such as Cisco, Cisco Meraki, or Extreme Networks. If Convergence did not implement the LAN solution, an initial network assessment is required to ensure compatibility with our service. Sole administrative control of managed LAN assets and network devices is necessary to maintain standardised configuration, inventory, automation, and Tiviti workflow. Vendor (stable) updates, including firmware, are included and conducted outside regular business hours with prior notification. Emergency patches and security fixes are also handled outside regular hours whenever possible. Please note, this service excludes support for data cabling infrastructure.
• System requirements:
  • Supported vendors: Cisco, Meraki, Extreme, and Fortinet.
  • Vendor licenses needed for all active managed devices.
  • Secure network access (IPSec VPN) is mandatory.
  • Ensure live internet connection and power at premises.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Telephone calls are answered within 30 Seconds.; Response times on tickets created via telephone, email or the Tiviti self-service portal:; P1 – Critical Impact - 15 Minutes; P2 – Major Impact - 30 Minutes; P3 – Minor Impact - 1 Hour; P4 – Normal - 4 Hours
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: This is a fully managed service, please refer to our Service Definition Document for further information regarding the level of support included.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Upon completion of the initial network assessment, we'll create a service document detailing the agreed scope. A dedicated service delivery manager will oversee the onboarding process. This involves thorough information auditing as we map and document the infrastructure, establish secure access, and configure monitoring. Implementation timelines depend on network size and geographical distribution. Device reconfiguration may be necessary to align with current LAN networking best practices. ; Users will receive an onboarding email to set up their account within the self-service customer interface.
• Service documentation: Yes
• Documentation formats:
  • ODF
  • PDF
  • Other
• Other documentation formats: .docx
• End-of-contract data extraction: Data can be provided on request . Following the offboarding for a customer at the end of contract, data may remain non operational within our system and is retained in accordance with our data retention and disposal processes.
• End-of-contract process: At the end of the contract CG will arrange to cease the service and remove remote access, monitoring and services from your systems. Any hardware you will own (unless subscription rented) along with any user data collected via the portal.

Using the service

• Web browser interface: Yes
• Using the web interface: Tiviti is a simple-to-use, real-time customer portal that makes life so much easier. There’s no need to be a highly trained technical network engineer to use our platform. A quick introduction ... and you’re away. ; With Tiviti, you can:; • View your asset inventory; • Check service details and status; • Raise support requests; • View network performance (Managed and Monitored only); • Manage changes with automated workflows (Managed service only); ; In short, Tiviti takes all the complexity out of managing a LAN and Wi-Fi network, so your team can focus on bigger and better projects. As part of our service, you’ll also have access to a complete network inventory featuring data on every component in your network – all contained in your own Configuration Management Database (CMDB). And don’t forget, with Tiviti you’ll be able to view that inventory quickly and easily in real time.
• Web interface accessibility standard: WCAG 2.1 A
• Web interface accessibility testing: None.
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: This is a managed networking service, each customer has their own tenancy within a cloud platform that scales indefinitely. We provide an API driven self-service front-end to these tenants as part of our service.
• Usage notifications: No

Analytics

• Infrastructure or application metrics: Yes
• Metrics types: Other
• Other metrics: Availability (uptime)
• Reporting types: Regular reports

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Vendor hardware replacement services (Cisco, Cisco Meraki, Extreme & Fortinet)

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up: All network device configuration & the configuration databases themselves
• Backup controls: This is a fully managed service, the customer does not perform any backup.
• Datacentre setup: Multiple datacentres
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: Device hardening / Vulnerability management

Availability and resilience

• Guaranteed availability: 99.999% uptime for the Tiviti platform.; Service credits shall be awarded where we fail to meet SLA.
• Approach to resilience: Critical systems have either local or site redundancy depending on criticality of service, for example no critical systems are hosted within our head office (rather, they are hosted in key data centers or cloud) reducing our reliance on our head office and mitigating any risks associated with loss of our office due to power failure, fire or otherwise. With regards to those services hosted within data centers, we utilize multiple data centers for geographical resiliency, which mitigates against any risks that could impact an entire data center/local area (power outage, fire etc.). The data centers have resilient paths provided by resilient carriers. Our network design is based on Design principles specifying full mesh as the optimal design i.e. a triangle formed by three data centers as most optimal.
• Outage reporting: Outages are detected and reported automatically via Solarwinds and ServiceNow. Any outages and associated tickets/incidents shall be available via the Tiviti platform for users.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Role based access controls (RBAC)
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Username or password
  • Other
• Description of management access authentication: All devices are configured with and locked down to the TACACS+ server details and relevant security information. TACACS+ resides inside a Management MPLS VPN and with sophisticated overlapping MPLS VPN technologies, the equipment is exposed to the TACACS+ server at a routing level. Any management access to a device hands the authentication, authorisation and accounting off to the TACACS+ system.
• Devices users manage the service through: Dedicated device on a segregated network (providers own provision)

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 28/08/2022
• What the ISO/IEC 27001 doesn’t cover: N/A. The scope of our ISO27001 Certifications covers The provision of integrated and fully managed IT, network and communication solutions, including design, installation, management, configuration, testing and in-life support, maintenance and management.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essentials
• Information security policies and processes: With regards to reporting structure, our organisation consists of employees who report into an operational manager, whom report into a representative of the Senior Management Team (who form our 'Board') that report into the Executive Chairman.; ; The framework of our ISMS currently consists of the following key information security policies aligned with the requirements of ISO27001 which all employees are required to follow where applicable: ; SS01 - Information Security Policy Statement; SP01 - Information Security Management Policy; SP02 - ISMS Internal Organisation Policy; SP03 - Risk Management Policy; SP04 - HR Security Policy; SP05 - Asset Management Policy; SP06 - Access Control Policy; SP07 - Physical and Environmental Security Policy; SP08 - Cryptography Policy; SP09 - Operations Security Policy; SP10 - Communications Security Policy; SP11- Systems Acquisition Development and Maintenance Policy; SP12 - Supplier Management Policy; SP13 - Information Security Incident Management Policy; SP14 - Business Continuity Policy; SP15 - Compliance Policy; SP16 - Change Management Policy; SP17 - Capacity Management Policy; SP18 - Acceptable Use Policy; SP19 - Information Classification Policy; SP21 - Availability Policy; SP22 - Password Policy; SP23 - Network Security Policy; PL101 - Network Device Configuration Policy; PL125 - Vulnerability Management Policy

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The lifecycle of service components is tracked and managed via our CMDB and also provides visibility of the relationship between service components. We maintain and adhere to our Change (Emergency / Normal / Standard) Processes. In case of Normal and Standard changes our Change Form shall always be completed and approved by our Change Approval Board (CAB) before the change is carried out. Our change form contains a risk assessment to ensure we understand the potential implications of the change. In accordance with our change template, testing is conducted prior to the change and a back-out/roll-back plan established.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We maintain a vulnerabilities mailbox which key stakeholders have access to. Here we receive notifications of vulnerabilities direct from vendors, via relevant third party security authorities, and results from our internal vulnerability scans. These vulnerabilities are then logged in our 'vulnerability tracker' where we assess the impact of the vulnerability based on its CVSS score and where the affected devices are located within our or our customers networks. Patches are deployed in accordance with our Vulnerability Management Policy. In summary this is within 14-30 days for vulnerabilities with a CVSS >6.9, and within 90 days where the CVSS <6.9.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We are able to identify potential compromises through our event logs. All critical systems generate logs and are sent to a central location (Azure Sentinel) which is monitored by our IT department. Monitoring and alerting processes have been established to highlight suspicious activity that may need investigation. Additionally, we have Anti-Virus installed on all client and server endpoints which may also flag potential compromises requiring investigation. Any identified or suspected security weaknesses or incidents shall be managed per our security incident management policy. Incidents shall be assessed for their severity/risk and managed accordingly.
• Incident management type: Supplier-defined controls
• Incident management approach: In alignment with our Incident Management Policy, we have established a Security Incident Reporting Process (PRS201) which requires employees to raise any security incidents via our CMDB. Our IT team are responsible for initial investigations, liaising with our Compliance Team where appropriate. All employees are trained on this process as part our new starter induction. All investigation notes/findings are raised within the incident ticket. Where relevant, third parties (impacted parties/authorities) shall be notified. Where necessary, the details logged within the incident ticket can be exported to form an incident report.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Compliance with the EU Code of Conduct is detailed on these third-party websites.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Convergence Group has been ISO14001 certified since 2017 and we are continually working to minimise the environmental impacts of our organisations activities. This is demonstrated through our ongoing ISO14001 certification as well as our Carbon Reduction Plan and objective to achieve NetZero by 2050.; ; Our ISO9001 certified QMS and associated business processes are designed to drive quality and conforming products and services which are ‘right first time’, thus minimising our environmental impacts by ensuring we do not have to repeat activities resulting in duplicate emissions as a result of doing things twice. Additionally, being a ‘menu-driven’ business helps us to standardise our service offerings and drive efficiencies which provides a more sustainable way of working.; ; Our engineering workforce is spread across the UK and engineers are assigned work based on location to ensure the impacts of travelling to site are minimised as much as possible. We also maintain strong relationships with our vendors and utilise them for support for contracts based in remote parts of the country which are harder for our engineers to reach. ; ; We also utilise strategically placed storage units so that we can deliver hardware to where our engineers are based, or alternatively nearer customer sites which also helps us to mitigate the amount of travel required. We have closed a number of remote offices, and engineers have switched to homebased contracts which eliminates the impact of their commute to a single place of work. We also provide employees with the flexibility to work from home (on average two days/week). ; ; We perform due-diligence on our supply chain and where possible seek to work with organisations that share similar environmental commitments and are on a NetZero journey of their own. ; ; For further information on how we minimise our energy/resource consumption and promote sustainability, please refer to our CRP

  Covid-19 recovery

  Although not directly related to a specific contract, we have implemented various intiaitives that support the social value models first theme of Covid-19 recovery. As mentioned in our response to tackling economic inequality, our CG Academy provides opportunity to those out of work with little experience which could include people left unemployed by COVID-19. We provide fair pay to our employees (and are a certified Living Wage Employer), and invest heavily in our people with access to various learning and development resources (Go1, CBT Nuggets, INE), encouragement to drive their own Personal Development Plans (PDP's) which can help us to identify any additional training needs / qualifications that can support them in their role. We offer our workforce (where possible) flexibility around working conditions (remote-working) and seek to support their physical and mental health by maintaining an ISO45001 certified H&S management system and checking in with our employees,. We are looking to complete an employee NPS to gain feedback direct from our employees and further understand how we can improve workplace conditions and employee satisfaction and wellbeing. Furthermore we intend to sign up to the Mental Health at Work Commitment.

  Tackling economic inequality

  Although not directly related to a specific contract, we have implemented various initiatives that support the social value models second theme of tackling economic inequality. In the past we have run what we call our CG Academy which provides individuals of all ages, backgrounds and experience an opportunity to join our business with little or no experience. These individuals undergo an in-depth induction into each area of our business over a 12-week placement. Following this, successful candidates are placed into a role best suited to their interests and strengths. Here they will be given all the training needed to develop their career and we have had several success stories over the years. This is something we are looking to replicate in the future. In addition to this, we have more recently partnered with a local secondary school which provides placements to students for whom mainstream education is simply not working (for a range of reasons). We are offering them the chance to partake in an 'apprentice' style process whereby they can win a £5k investment in their business idea. This will consist of an 8 week process which involves various team building exercises which will help to improve and develop their skillsets ready for the world of work. They will also receive 1:1 support and coaching from a number of our employees who will work with them throughout this process.

  Equal opportunity

  As an equal opportunities employer, we seek to promote diversity and inclusion in all aspects of our business. We maintain an Equal Opportunities Policy which can be shared on request. Our Policy is available on our intranet for all employees to access and the principles of which are embedded within our business processes, from recruitment and throughout the employee journey. We are a living wage employer and have established succession plans for each department/role within our business which contains clear salary bandings and requirements for progression. This provides transparency of pay to our workforce, and these bandings are also benchmarked regularly by our People Team.

  Wellbeing

  We have implemented various initiatives that support the social value models fifth theme, Wellbeing that enable us to support health and wellbeing in the workforce. We are looking to run an employee NPS to gain feedback directly from our employees to better understand what actions we can take to improve the workplace environment and promote positive mental wellbeing; this is something we can measure over time to identify whether actions taken are effective. In addition to this, and in accordance with our ISO45001 certified OH&SMS, we maintain a H&S training matrix to ensure employees hold the necessary training/knowledge to conduct their work safely but we also track wider business qualifications including first aiders and mental health first aiders. We provide all employees with private healthcare and access to an Employee Assistance Programme (EAP) which is available 24/7 and can help to reduce reliance of public resources. In the next 12months we also plan to formalise a Social Value Policy and associated objectives including signing up to the Mental Health at Work Commitment.

Pricing

• Price: £28.84 a device a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@convergencegroup.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.