MLL Telecom Ltd.

MLL SD-WAN Overlay

ML's SD-WAN overlay provides full software defined networking for customer who have already got an underlay wide area network. Optionally customer can also buy underlay services to either augment or replace existing services. The service is fully managed with options for co-management.

Features

• Transport Agnostic, Software Defined Networking for WAN and LAN.
• Centralized management and automatic orchestration.
• Resilient connections between Cloud services and SaaS providers.
• Real- time views of application and network utilisation and performance.
• Application Aware Routing and application optimisation.
• Option for Unified Threat Management (UTM).
• Integration with 3rd party tools.

Benefits

• Secure aggregation of public and private connectivity into single network.
• Centralised application policy control.
• Effective optimised load sharing across multiple links.
• Traffic and security segregation without needing separate VRFs reducing costs.
• Minimise bandwidth to key sites by utilising multiple links.
• Instantly divert traffic around failures or issues on individual links.
• Agility to change configurations quickly.

£2,041.00 a unit

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@mlltelecom.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

595818437247359

Contact

Public Sector Sales Team
01628 495 400
gcloud@mlltelecom.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: None
• System requirements:
  • IP enabled PBX telephony platform
  • Local SBC is required for the telephony platform

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 1 hour.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: MLL's support for this service is 24x7x365 and includes on-site support where required. The service includes access to MLL technical and commercial support.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: MLLL and Buyer agree service outcomes and post support sales support. This will include user acceptance testing, training, provision of support documentation and access to MLL's support services.
• Service documentation: Yes
• Documentation formats:
  • ODF
  • PDF
  • Other
• Other documentation formats: Microsoft Word
• End-of-contract data extraction: No data is stored by MLL as part of this service. At the end of the service MLL will provide the customer with IP addresses, assets information and other service metrics as part of an agreed exit plan.
• End-of-contract process: MLL will provide all information including assets as part of an agreed exit plan.

Using the service

• Web browser interface: No
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: FortiPortal provides access to agreed co-management services and reporting based on the underlying FortiManager and FortiAnalyzer platforms.
• Accessibility standards: None or don’t know
• Description of accessibility: IT administrators can access the service through an instance of the MLL service portal using a web browser.
• Accessibility testing: None.
• API: No
• Customisation available: Yes
• Description of customisation: The service can be tailored to meet individual customer requirements.; MLL is responsible for making such agreed changes.

Scaling

• Independence of resources: Guaranteed logical separation which allows customers to grow their capacity incrementally. MLL monitors and manages the service 24x7x365 including capacity to ensure thresholds are not exceeded.

Analytics

• Service usage metrics: Yes
• Metrics types: MLL will provide availability and performance metrics for those components under MLL's management.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Through a service request to MLL.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 99.99%
• Approach to resilience: Available on request.
• Outage reporting: Email alerts and, optionally, by telephone.

Identity and authentication

• User authentication needed: No
• Access restrictions in management interfaces and support channels: Role Based Access Controls, Secure passwords and 2FA.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: URS, a UKAS accredited audit body.
• ISO/IEC 27001 accreditation date: 11/05/2022
• What the ISO/IEC 27001 doesn’t cover: Not applicable, all business activities are in scope.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essentials Plus
• Information security policies and processes: MLL maintains an information security management system (ISMS) that is certified to meet the requirements of the ISO 27001:2013 standard, as well as, PSN Service Provider (PSNSP) certification and Cyber Essentials Plus certification. A risk management process based on ISO27005:2011/BS7799-3:2017 underpins the MLL ISMS. ; Security incidents are managed through to resolution using a Major Incident Management procedure, regular hourly updates, escalation and a major incident report on resolution.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: MLL has a change management policy within its ISO27001 certified ISMS. All changes are change-controlled. A change advisory board is run weekly. All changes require approval. Customer approval is sought for any changes that may impact customer services. Testing and rollback plans are required for changes.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: MLL has a patch management policy within its ISO27001 certified ISMS.; The target for the application of critical patches is 14 days and 30 for all other.; Vendor notifications are subscribed to and are triaged for service relevance by MLL technical teams. The application of patches is managed via the change management process.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: MLL has an audit logging policy within its ISO27001 certified ISMS.; The underlying platform is monitored by MLL support staff. Security incidents are managed as incidents in the MLL IT service management platform.
• Incident management type: Supplier-defined controls
• Incident management approach: MLL has a security incident management policy within its ISO27001 certified ISMS.; Incident leads are nominated to manage any security incidents. A record is kept of all actions and incidents are reviewed for trends by MLL's management review process. Security Incidents are reported through the nominated service delivery manager to a cadence agreed with the Buyer during service establishment. ; Buyers can log incidents by telephone, email or the MLL service portal.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • Public Services Network (PSN)
  • Joint Academic Network (JANET)
  • Health and Social Care Network (HSCN)
  • Other
• Other public sector networks:
  • Microsoft Office 365
  • AWS
  • Google Cloud

Social Value

• Fighting climate change:

  Fighting climate change

  MLL operates an ISO 14001 certified environmental management system, recycles waste throughout or offices and uses a WEEE contractor for the recycling of used electronic equipment. We work with customers to support their environmental initiatives including funding tree planting for carbon, offset, staff volunteering for environmental initiatives and have recently invested in our first electronic fleet vehicle. MLL is implementing a Carbon Reduction Plan to achieve Carbon Net Zero. ; ; The services proposed in this offer are based centralised systems located in energy efficient datacentres. Services are hosted on a multi-tenanted platform removing the need for separate physical installation on the customer premise reducing overall energy consumption. Adoption of this services supports customer environmental agendas through replacement of aged, less energy efficient solutions.

Pricing

• Price: £2,041.00 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@mlltelecom.com. Tell them what format you need. It will help if you say what assistive technology you use.