ROSSI NETWORKS LIMITED

Continuous Network Assessment

CNA is the monitoring solution for all your digital services.
It unifies monitoring across the multiple stacks of your digital environments, from applications to infrastructure, and user experience.
Capable to monitor office connectivity, end-user computing, servers/VM, cloud services (AWS,Azure, GPC), and 3rd party service performance.

Features

• 24/7 availability and performance monitoring of IT service
• Fast integration with no change required to existing infrastructure
• Fully managed solution with no burden to your team
• Up and running in no time with pre-built dashboards
• Flexible deployment in private or public cloud

Benefits

• A single holistic view of cloud infrastructure and business-critical services
• Maximise your IT investment with continuous-assessment of the consumed resources
• Service management: provide “2nd-opinion” for third-party service review
• Service Improvement: identify deficiencies before they become incidents
• Fault escalation: ease identification of faults with holistic view
• Retention of results for historical reference and trend analysis

£33.60 a unit a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@rossinetworks.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

609839844845314

Contact

Walter Rossi
07551124464
sales@rossinetworks.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: No constrains - the service aims to report online user experience,which requires sensors to be positioned at the user locations and/or agent to be installed on end-user devices, servers/virtual-machines.
• System requirements:
  • CloudUnit Virtual-Machines(Private or Public), unless consumed as cloud-service
  • Sensors require connection WiFi or LAN, and power socket
  • CNA agent installation for End-user computing
  • Sensor and agent need to communicate with the Cloud Unit
  • Details of IT services to be monitor

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 8h response time.; 9am to 6pm Mon-Fri
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Standard support will include:; - Service review per quarter.; - Performance and availability dashboard.; - Graphic representation of IT services network performances (e.g. response time and packet loss).; - Alerting with emailnotification.; - Data retention for 3 months.; Premium support is modelled aroundclients needs - example of premium can include:; - Sensors onsite installation.; -Monthly/Weekly service review.; - Development of specific use case probing.; -Dashboard customisation, complex graphical visualisation, tuning of thresholds and alerting.; - Alerts analysis and triaged with our support.; - Consultancy for planning and implementing architecture changes to rectify and/or evolve the ITenvironment (Network, Cloud, Application).
• Support available to third parties: No

Onboarding and offboarding

• Getting started: The onboarding process is provided with online training and demo.Documentation and reference manual are also provided. Service is delivered to cater for your needs, pre-configured dashboards will be used for the initial set-up and will be further customised to fit the service monitored.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Data is collected on backend systems. Its extraction will via a support request.
• End-of-contract process: The customer access to the service will be terminate. The customer can return the sensors no longer active for free of charge disposal.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Linux or Unix
  • MacOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The portal is accessible on mobile devices and graphic will scale to thereduced screen size. This is offered with limited support.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: CNA portal visualises the data collected from the sensors. Graphs are arranged in dashboards that can be customised to best fit the service monitored.; The graphs represent the performance of your IT services. A threshold can be configured on a graph to alert you when a certain value is exceeded.; Alerts can be configured to trigger notifications.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Self-evaluation: the content was evaluated by the developer of the portal.Manual testing is being performed regularly for all major browser and operating systems, plus the following screen readers:; Voice Over on MacO Swith Safari, Chrome, and Edge NVDA on Windows with Chrome and Firefox Orca on Linux Automated evaluation
• API: Yes
• What users can and can't do using the API: The portal backend exposes an HTTP API, which is the same API that is used by the frontend to do everything from saving dashboards, creating users, and updating data sources.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Uses can change their profile theme, homepage and language.

Scaling

• Independence of resources: Sizing of the Cloud Unit is based on the number of sensors and agents deployed and probing configured. Resources consumption is reviewed every quarter.

Analytics

• Service usage metrics: Yes
• Metrics types: The service provide insight into availability and performance of IT services consumed by your organisation. Metrics are relative to the service monitored (e.g. cpu, memory, disk, response time, successful resolution, signal strength, etc.)
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: Less than once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: No user data collected.; Dashboards and graphs can be saved as snapshots. Export is in JSONformat.
• Data export formats: Other
• Other data export formats:
  • Json
  • Snaphost
  • Screenshot
• Data import formats: Other
• Other data import formats: Json

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: IP source white-listing.; Optional (at extra cost): Firewall, static/dynamic VPN, micro-segmentation
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: Firewall, IP source White-listing, micro-segmentation

Availability and resilience

• Guaranteed availability: Cloud Unit Target Availability/Month (during service hours): 99.50%; Sensors availability is Best Endeavour.
• Approach to resilience: CNA service is delivered by a fleet of sensors and with CNA agent installed on end-user computing and servers/VMs. The monitored target (Wifi scan frequency, URLs, IP destinations, etc.) are orchestrated by the CloudUnit (CU). Resilience for sensors is achieved by duplication (e.g. multiple sensors to monitor the wifi service in a specific area).; The CU is formed by a back-end collecting the sensor and agent feeds, a management station, and a front-end for the portal. CU can run on public and private clouds. Resilience is achieved using cloud-native constructs (availability zones, autoscaling, kubernetes etc.)
• Outage reporting: Alert notifications via the selected channel (email, Slack, MS teams, IM, etc.) and dashboard.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: IP Source whitelisting, security-group. The solution can be complemented with additional services such as NGFW, ZTNA, micro-segmentation which will be quoted separately.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: IASME IoT CYBER ASSURANCE -Level 1

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Security industry standards NCSC guidance Risk assessment Frameworks to design IT and security infrastructure up-to-date cyber security skill.
• Information security policies and processes: NCSC guidance Cyber Essentials

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Changes are introduced with 6 steps process: ; 1. planned with details on the specific part modified and risk associated ; 2. tested in the development environment ; 3. documented with findings and any deviation from the plan ; 4. scheduled with each deployed environment separately ; 5. implemented according to agreed schedule using blue/green approach; 6. observed and accepted or reverted
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Potential threats are assessed from design through implementation and operational support for each element of the solution. The deployment is built with minimal exposure resulting in strong security posture - for example, sensors have no inbound connectivity. ; SLA Sensors/CU ; Patching Routine: Monthly outside Service Hours Critical Security Patches: Next working day
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Sensors are managed and monitored 24/7. Central Unit Cloud service is hosted in AWS Virtual Private Cloud (unless privately cloud is required) where instances and traffic are monitored for performance, availability,and threat detection. The response is activated by the alerting mechanism and customer informed.
• Incident management type: Supplier-defined controls
• Incident management approach: Incident escalation is via the support team. Incidents are managed by classification: Application or Infrastructure. Application: service not available, data issue, application bug, Report not coming up.Infrastructure: system-down (CU server issue), Sensor not responding. Report will be provided on request.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Rossi Networks is committed to social responsibility with both its employees employees and its partners. We fight against all forms of discrimination, promoting diversity and equality, supporting career growth within the company, workplace well-being, and reducing the company's environmental impact.; We provide transformational software which can help companies to address issues with climate change.

  Covid-19 recovery

  Rossi Networks is committed to social responsibility with both its employees employees and its partners. We fight against all forms of discrimination, promoting diversity and equality, supporting career growth within the company, workplace well-being, and reducing the company's environmental impact.; We provide transformational software which can help companies to address issues with Covid-19 recovery.

  Tackling economic inequality

  Rossi Networks is committed to social responsibility with both its employees employees and its partners. We fight against all forms of discrimination, promoting diversity and equality, supporting career growth within the company, workplace well-being, and reducing the company's environmental impact.; We provide transformational software which can help companies to address issues with economic inequality.

  Equal opportunity

  Rossi Networks is committed to social responsibility with both its employees employees and its partners. We fight against all forms of discrimination, promoting diversity and equality, supporting career growth within the company, workplace well-being, and reducing the company's environmental impact.; We provide transformational software which can help companies to address issues with equal opportunity,

  Wellbeing

  Rossi Networks is committed to social responsibility with both its employees employees and its partners. We fight against all forms of discrimination, promoting diversity and equality, supporting career growth within the company, workplace well-being, and reducing the company's environmental impact.; We provide transformational software which can help companies to address issues with wellbeing.

Pricing

• Price: £33.60 a unit a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Demo equipment is available for trial at no cost.; This include a pair of sensors and access to demo portal with all features.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@rossinetworks.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.