Barrier Networks

Claroty xDome OT/IT Security

Claroty xDome spans the entire cybersecurity journey, from empowering organisations with comprehensive OT (operational techncology) / ICS (Industrial Control Systems) asset visibility, identifying, measuring, and prioritising risk, to deploying Zero Trust-based protective controls, to optimising threat detection through a vast network of integrations. xDome is a modular SaaS platform.

Features

• Asset Discovery
• Vulnerability & Risk Management
• Network Protection
• Threat Detection
• Asset Management
• Change Management

Benefits

• Extends cybersecurity across industrial-XIoT: PLCs, RTUs, actuators, smart HVAC, lighting.
• Supports your industrial cybersecurity journey: automate asset-discovery, combat zero-day attacks
• Designed for scalability, flexibility, and ease-of-use
• SaaS solution with a flexible UI
• Built to adapt to all OT, security, and executive needs

£20.24 a device a year

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@barriernetworks.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

545186432966824

Contact

Iain Slater
0141 356 0101
info@barriernetworks.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: N/a
• System requirements: N/a

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Claroty’s response times will be prioritised based on the Severity Levels - https://claroty.com/support-policy
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Severity Levels dictate the need for a TAM or CSE; Severity 1 - Critical: Product is entirely inaccessible < 4 hours; Severity 2 - High: Operational but missing features are impacting operation < 8 hours; Severity 3 - Medium: Operational but degraded < 1 business day; Severity 4 - Low: Questions and/or defects noted but minimal disruption < 2 business day
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: PDF's and online training provided.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Delete instance of xDome
• End-of-contract process: End of contract process included in the terms of the contract. No additional costs involved.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: We use an open API standard
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • ODF
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Admin users can customise system preferences such as login times, password rules, logon messages.

Scaling

• Independence of resources: Multi tenant designed to isolate user querys and guarantee performance.

Analytics

• Service usage metrics: Yes
• Metrics types: Usage metrics
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Claroty

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: CSV
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: SaaS Service Level: Claroty’s Medigate and xDome service will be available 99.5% of the time except during Weekly scheduled upgrades (between Sunday 08:00 AM GMT - Sunday 9:00 PM GMT)
• Approach to resilience: Available on request
• Outage reporting: Updates on app and email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: ...
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: ICQ Institute of Quality and Control
• ISO/IEC 27001 accreditation date: 25/02/2016
• What the ISO/IEC 27001 doesn’t cover: N/a
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • SOC2
  • ISO/IEC 27017
  • ISO/IEC 27018

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We follow the full suite of ISO 27001:2013 policies and corresponding procedures.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Our configuration and change mangement policy contains the foillowing elements:; Scope/Impact; Roles and responsibilities; Change control process; Configuration management; Version Control; Testing And Validation; Backout Procedures; Documentation
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We have continuous scanning in place which directly automates with tickets for our IT and devops teams to patch vulnerabilities based on SLA. ; Our SLA's are: Critical within 7 business days, Highs 30 days, Medium 90 days, Low/Informational - depending on risk; We also perform annual third party penetration tests on our developed applications by an accredited third party
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Claroty has a defense in depth approach to security threat management. Security and system logs are sent to a Secrity Information Event Management (SIEM) system to correately, analyze, and alert on potential security events/incidents. Alerts from the SIEM are handled by a dedicated 24x7x365 security operations center (SOC).
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We have a formal process which will focuses on the below phases/steps of incident; management and response:; - Identification; - Logging/Categorization; - Initial triage/response; - Investigation; - Resolution; - Communication; - Documentation ; - Post incident response review

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Equal opportunity
  • Wellbeing

  Equal opportunity

  • To create an environment in which individual differences and the contributions of all our staff are recognised and valued.; • Every employee is entitled to a working environment that promotes dignity and respect to all. No form of intimidation, bullying or harassment will be tolerated.; • Training, development and progression opportunities are available to all staff.; • To promote equality in the workplace which we believe is good management practice and makes sound business sense.; • We will review all our employment practices and procedures to ensure fairness.; • Breaches of our Equality Policy will be regarded as misconduct and could lead to disciplinary proceedings.; • This policy is fully supported by Senior Management.; • The policy will be monitored and reviewed regularly.

  Wellbeing

  • We promote an open, supportive company culture where employees look out for one another and feel comfortable discussing any difficulties. Mental health is valued equally to physical health.; • Employees have access to confidential counselling, therapy, and other mental health resources through our employee assistance program.; • We encourage taking time off when needed for mental health days in addition to sick days. Employees are trusted to manage their time off responsibly.; • Training is provided to managers on recognizing signs of burnout, ; work overload, and other mental health concerns. Managers work to ; proactively address issues and reduce employee stress.; • Employee workloads and schedules are designed to be reasonable ; and sustainable. ; • Wellness initiatives like meditation breaks, stress management ; workshops, mindfulness programs, and social events are offered ; throughout the year.

Pricing

• Price: £20.24 a device a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Proof of Value (PoV) available. Time limited as agreed with end user client.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@barriernetworks.com. Tell them what format you need. It will help if you say what assistive technology you use.