ACTISOFT TECHNOLOGY LIMITED

Endpoint & DNS Protection (web filtering)

Managed Endpoint Protection and Web Filtering service providing protection to your organisation against sophisticated cyberattacks. Streamline management with fast deployment and scans.
Block threats at the domain level and reduce costs due to infections. Control costs with per device per month charges and only pay for what you use.

Features

• Realtime Shield and Outbound Firewall
• Contextual threat intelligence
• Identity and Privacy Shields
• Evasion Shield protects against file-based and fileless script attacks
• Infrared Protection provides Advanced Detection of Zero-Day Malware
• Continuous Monitoring
• Advanced Traffic Filtering
• Policy enforcement of web categories
• Offline Protection
• Block Threats at the domain level

Benefits

• Lower Total Cost of Ownership & flexible monthly billing
• Fast deployment, effective, easy-to-use security with low footprint
• Protection against known and unknown threats
• No setup costs
• Fully remote endpoint management and control
• Powered by world-class real-time threat intelligence
• No on-site hardware to install for web filtering
• Accurately filter your outbound network/user traffic
• Extensive, granular, and highly accurate domain filtering categorisations
• Multi OS, virtualization, terminal server, and Citrix support

£2.18 a device a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bill.slaven@actisofttechnology.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

475231571881336

Contact

Bill Slaven
0203 931 0199
bill.slaven@actisofttechnology.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: DNS Protection (web filtering) may be constrained if the endpoint has an unsupported VPN in use.
• System requirements:
  • Windows 11 64-bit
  • Windows 10, 8.1, 8, 7 & 7 SP1
  • MacOS 10.14, 10.15, 11, 12
  • Windows Server 2019, 2016, 2012R2, 2008R2
  • VMWare vSphere 5.5, Citrix Xendesktop6.5, MS HyperV 2008,2012, 2016

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: SLA 1 business hour response for Critical, 4 business hours for Major and 7.5 business hours for Minor
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Via chatbot on website
• Web chat accessibility testing: None at present
• Onsite support: Yes, at extra cost
• Support levels: One service level is included in pricing.; Support contact provided
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: On-boarding process for new accounts. Training is provided remotely or onsite (for a fee) to administrators. User documentation is provided for administrators for the Management Console and the applications.
• Service documentation: No
• End-of-contract data extraction: Reports can be created
• End-of-contract process: Software is uninstalled remotely and deactivated. No additional costs.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • MacOS
  • Windows
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: WCAG 2.1 A
• Description of service interface: Users can see what protection they have on their endpoint
• Accessibility standards: None or don’t know
• Description of accessibility: Users can run scans on the endpoint but cannot make any changes
• Accessibility testing: Not known.
• API: Yes
• What users can and can't do using the API: The Webroot Unity API platform simplifies access to the Webroot® Global Site Manager (GSM) console using representational state transfer (REST) architectural web services to retrieve individual data sets whenever admins need them.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: No
• Customisation available: No

Scaling

• Independence of resources: Webroot has a large scaleable infrastructure

Analytics

• Service usage metrics: Yes
• Metrics types: If required we can provide usage metrics along with other reporting
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Webroot

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Data is exported through the Management Console
• Data export formats: CSV
• Data import formats: Other

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Webroot's SLA is guaranteed 99.9% availability over any calendar month
• Approach to resilience: Data is stored across a minimum of 2 data centres.
• Outage reporting: A public dashboard

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Dependent upon processes already in place at user level.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We regularly reevaluate critical IT and business functions through; Integrated risk management functions; Threat and vulnerability analysis; Data governance and threat protection; Aligning business strategy with IT strategy
• Information security policies and processes: Regular reviews to;; Categorise and mitigate risks and threats; Prepare for identifying, remediating, and recovering from a cyberattack or breach; Provide a method for executive leadership to understand our risk posture and maturity levels; Outline a risk-based approach with regards to the people, systems, and technology that are used every day

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Audit logs are available. All changes are discussed and reviewed before implementation to insure that the level of security is now lowered without being aware of the risks.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Regular reviews of threats. Patches are deployed by the software vendor directly to their service and endpoints. Webroot operates a high level of threat intelligence.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: Monitor endpoints for scans, threat alerts and other anomalous activity. Threat alerts are sent out as soon as there is a detection. Remediation action takes place as soon as a threat is detected. Incidents are responded as soon as they are detected.
• Incident management type: Supplier-defined controls
• Incident management approach: We used a pre-defined NIST framework if an incident occurs. If we are not alerted to incidents by the system a user would report an incident via support ticket or telephone call. Once an incident has been fully investigated and mitigated an incident report will follow.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Wellbeing

  Wellbeing

  Our services allow users to work from any location that they wish. This will allow remote access to organisation systems if they need to work from home or other location reducing stress from situations

Pricing

• Price: £2.18 a device a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: 30 day free trial for an agreed number of users. Support at normal service levels as a fully paid customer

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bill.slaven@actisofttechnology.com. Tell them what format you need. It will help if you say what assistive technology you use.