Syscomm Ltd - Strategic Network Solutions

Syscomm's Managed Firewall Service

Our Managed Firewall as a Service provides a secure solution to the complex and time-consuming subject of managing customer firewalls. It provides a full range of next-generation firewall features such as application and user visibility, Threat Prevention, URL filtering, DDoS, Sandboxing, 2-FA.


  • Configuration, monitoring and management of customer firewalls
  • Full change management processes, including Emergency Changes
  • Monitored 24 x 7
  • Service reporting and periodic Service Reviews
  • Firewall(s) may be in Syscomm data centre or customer premises
  • Intrusion Prevention/Detection System (IDS/IPS)
  • Threat Prevention: Anti-Malware & Command & Control prevention
  • URL Filtering
  • Remote Access (SSL/TLS) VPN


  • Allows customer to focus on business-related matters, not technical admin
  • Managed by security experts to provide complete peace of mind
  • Sev1 Incident management 24 x7 supports round the clock services
  • Securely connect small sites and remote users via encrypted VPNs
  • Protect against new threats not yet widely recognised
  • Partition Networks and Manage traffic policy
  • Gain deeper understanding of network security activity
  • Prevent compromised hosts from connecting to Command & Control servers
  • Tie network activity to specific users and applications


£205 to £1,500 a unit a month

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

5 5 6 6 6 9 6 6 2 8 0 9 4 8 4


Syscomm Ltd - Strategic Network Solutions Sales Team
Telephone: 0247 77 12 000

Service scope

Service constraints
No constraints subject to requirements at engagement start.
System requirements
Subject to client’s requirements - multiple deployment options available

User support

Email or online ticketing support
Email or online ticketing
Support response times
Our Customer Support Centre can be reached via email, phone or through our customer web-based portal which is provided free of charge as part of the solution.

Any request is handled through the Service Desk and we target responding within 30 minutes.
User can manage status and priority of support tickets
Online ticketing support accessibility
None or don’t know
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
Our Service Levels provide a consultative, proactive service approach, where Syscomm is responsible for deep multi-layer monitoring, patching, management and planning for the environment.

We are able to provide a tailored service which ranges from a basic self-support option up to a fully managed service.
Support available to third parties

Onboarding and offboarding

Getting started
Onboarding of this service will start with a readiness Audit which will review the customer's Firewall architecture, software and policies / services. A report of findings including recommendations and next steps. An Engineer will discuss timescales and approach during initial onboarding meetings.
Service documentation
Documentation formats
End-of-contract data extraction
If the customer requires data to be returned or presented to another service provider, it is written off at the data centre and couriered to the customer or new service provider site (additional charges apply).

The firewall configuration can also be sent to the customer at the end of the contract
End-of-contract process
The customer will be approached near the contract end to discuss the renewal of the service

Using the service

Web browser interface
Using the web interface
Users can access a web interface for analytics and reporting features. Syscomm will carry out remote moves adds and changes on agreement with The Client and providing a Change Control Notice has been completed and authorised by both The Client and Syscomm

Changes will be carried out remotely within 4 hours based on an 8x5 standard working week.
Web interface accessibility standard
None or don’t know
How the web interface is accessible
Users can raise service tickets via the Syscomm service portal
Web interface accessibility testing
Command line interface


Scaling available
Scaling type
  • Automatic
  • Manual
Independence of resources
The Firewalls will be allocated their own resources which will be dedicated to the Customer's firewall solution.
Usage notifications
Usage reporting
  • Email
  • Other


Infrastructure or application metrics
Metrics types
  • CPU
  • Disk
  • Network
  • Number of active instances
  • Other
Other metrics
  • Up/Down Status
  • Event Issues
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Hardware containing data is completely destroyed
Equipment disposal approach
A third-party destruction service

Backup and recovery

Backup and recovery
What’s backed up
  • Firewall configuration
  • Firewall software
  • Network
Backup controls
Flexible and configurable backup is available for a specific contract
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Supplier controls the whole backup schedule
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
Single firewall located in a Syscomm data centre Not less than 99.5%

Pair high availability firewalls located in a Syscomm data centre or on a customer site Not less than 100%

Single firewall installed on a customer site Not less than 99%

In calculating availability, the following shall be excluded:
• Unavailability due to tasks required to implement and test change requests

• Unavailability due to malicious activity of any kind e.g. a Denial of Service attack (DOS)

The floor service level applicable to the MFS in respect of availability shall be 85% in any given month.
Approach to resilience
Ensuring higher availability at every layer through availability zoning and redundant components.
Outage reporting
Service reporting is provided through our online support portal. In addition, the customer will have access to a Service Delivery Manager (SDM) will be assigned as a single point of contact and works to become an expert on the customers’ business and network. The SDM will conduct two scheduled service reviews per year and will include: report on End of Life and/or End of Support infrastructure; provide pro-active measures and recommendations to avoid infrastructure downtime and service outages; and report & reflect on the Syscomm Service Performance.

Identity and authentication

User authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Cyber essentials
Cyber essentials plus
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance approach
Cyber Essentials
Data-Centre is ISO27001 compliant
Information security policies and processes
Syscomm operate a regular review of our business and systems and exposure. We limit the number of administrators on important systems and have access policies and processing of data policies for all customer data/networks. Separate internal policies are in place for internal corporate IT.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Upon customer request, Syscomm engineers can carry out changes to the network. The changes range from a simple configuration changes to redesign of the network or rollout of a new software release.

Syscomm will need to assess the amount of time a change will require, prior to any change this is discussed with the customer. Syscomm uses our change management process to execute change
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Syscomm proactively monitors network nodes using secure management protocols such as SNMPv3 and will alert the end user upon an event being detected.

Security management includes monitoring vendor security vulnerabilities and ensuring management and customer devices are always patch to the latest security updates.

We will implement security updates as part of the change control process where the flaw, security risk and the patch will be reviewed.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
All service impacting events and/or incidents are to be raised with the Customer Support Team and will be handled according ITIL processes. Syscomm uses the incident management process to restore normal service operation as quickly as possible and minimise the adverse service impact on business operations. Incident management includes any event that disrupts, or which could disrupt, a service. This includes events directly communicated by customers or detected by the managed services team through event management tooling.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Who implements virtualisation
Virtualisation technologies used
How shared infrastructure is kept separate
Separation of organisations is managed by network separation and security policies.

Energy efficiency

Energy-efficient datacentres
Description of energy efficient datacentres
The datacentres that Syscomm use for our hosted services have an established and documented global EOH&S management system compliant with the principles of ISO 14001:2004 and ISO 45001:2016/OHSAS 18001:2007.

Within this framework, they are committed to achieving full compliance, reducing impact on the environment and preventing pollution, promoting a positive EOH&S culture, encouraging continual improvement, and striving to ensure the adoption and implementation of best-in-class EOH&S practices by:

1) Meeting or Exceeding All Applicable Legislation, Regulations and Rules

2) Adopting Significant EOH&S Aspects, Objectives and Targets and making continual and effective improvement of their performance through the identification of significant EOH&S aspects, and the setting and review of EOH&S objectives and targets.

3) Preventing Environmentally Damaging Incidents: They strive to eliminate the potential for the occurrence of polluting events.

4) They adopt EOH&S stewardship as a core value of the company by holding management and employees accountable.

5) EOH&S awareness is developed through communication, training, motivation, cooperation, and participation of every datacentre employee.

6) Create a knowledgeable awareness of EOH&S issues and alternatives with their clients and other stakeholders where possible and place more emphasis on a strong EOH&S culture to strengthen this commitment.

7) Continual Improvement and Commitment

Social Value

Equal opportunity

Equal opportunity

Syscomm Ltd is committed to the principal of equal recruitment, training and treatment of all employees irrespective of age, race, ethnic origin, nationality, sex or sexual orientation, religious convictions or disability.

It is the company’s policy to give full and fair consideration to applicants for employment from disabled persons and to provide appropriate training, development and promotion prospects and equivalent to those available to other employees.
The company will continue to commit to its obligations under relevant legislation and where appropriate, anticipate future legal requirements. This will be informed by:

• The Equality Act (2010) and associated secondary legislation.
• Criminal Justice and Immigration Act (2008).
• The Racial and Religious Hatred Act (2006).
• The Civil Partnership Act (2004).
• The Gender Recognition Act (2004).
• Criminal Justice Act (2003).
• The Human Rights Act (1998).
• The Protection from Harassment Act (1997).
• Special Education Needs and Disability Act (2001)

Syscomm Ltd is committed to encouraging equality and diversity among our workforce and eliminating unlawful discrimination. The aim is for our workforce to be truly representative of all sections of society, and for each employee to feel respected and able to give of their best.


£205 to £1,500 a unit a month
Discount for educational organisations
Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.