Nexus Open Systems Ltd

Nexus Hybrid Voice - SIP trunks

Nexus Hybrid Voice SIP trunks uses the UK’s leading Voice over IP (VoIP) connectivity service, delivered with superior support, reliability and value. Tested with all major PBX hardware providers and approved to work with Microsoft Teams, Skype for Business and Audiocodes Session Border Controllers (SBC's). Cost effective, flexible and resilient.

Features

• Retain existing numbers through number porting
• Tested with all major PBX hardware providers
• Compatible with Skype for Business, Microsoft Teams, Session Border Controllers
• Business continuity built-in and standard failover architecture
• Fraud management included
• Full control via own portal, provisioning and in-life management
• IP authentication as standard
• 24 x 7 x 365 Support
• Flexible CLI presentation
• Inclusive (01,02,03) and mobile minutes per channel per month

Benefits

• Significant cost savings over legacy ISDN services
• No capital outlay
• Flexibility with phone numbers
• Flexibility with number of channels and DDIs
• ISO 9001, ISO 27001, ISO 22301 and ISO 14001 accredited
• PCI compliance without significant outlay
• Utilise network divert to protect for on-site failures
• Control of outbound call presentation
• Business continuity and disaster recovery ready
• Retain your current important business numbers

£5.40 a unit a month

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at stuart.wilson@nexusos.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

618391764706078

Contact

Stuart Wilson
01392 205095
stuart.wilson@nexusos.co.uk

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: Skype for Business; Microsoft Teams; Session Border Controllers; Cloud based or hosted iPBXs
• Cloud deployment model: Hybrid cloud
• Service constraints: As a Voice over IP service, emergency calls to 999 may not be possible utilising SIP trunks. During any service outage where total connectivity with SIP is lost, a customer should use PSTN or mobile connectivity to make any emergency calls.
• System requirements:
  • Conformance with a test PABX
  • Compatible Session Border Controller (SBC)
  • IP Address Authentication
  • Sufficient PABX SIP Licenses

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Standard SLA is for 2 hours response for Critical issues; 4 hours response for Major issues and 8 hours response for Minor issues.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Users can interact with our Technical, Sales and Training teams. Raising questions which are dealt with there and then. Alternatively we will take enquiries away and respond direct to users through email.
• Web chat accessibility testing: None as yet
• Onsite support: Yes, at extra cost
• Support levels: Support Levels: Basic - Service Desk Facility; Incident & Problem Management; Dedicated Account Management; Third Party Liaison; Escalation Procedure; Remote Support; Access to Customer Portal. Standard - Service Desk Facility; Incident & Problem Management; Dedicated Account Management; Third Party Liaison; Escalation Procedure; Remote Support; Access to Customer Portal; Service Level Agreement; Remote Monitoring & Alerting. Advanced - Service Desk Facility; Incident & Problem Management; Dedicated Account Management; Third Party Liaison; Escalation Procedure; Remote Support; Access to Customer Portal; Service Level Agreement; Remote Monitoring & Alerting; Annual IT Strategy; Monthly Remote Health Checks; Proactive Monitoring & Alerting; On-site Support. Support cost: Pricing is dependant on customers infrastructure and environment A dedicated Technical Account Manager is assigned to each customer and our Service Desk team includes Cloud Support Engineers.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We follow a defined process for on-boarding new clients to ensure that they have the assurance of our help, whilst at the same time remain in control of the cloud services which are often at the core of their business. Through the on-boarding process Nexus will complete a detailed assessment of: • Client’s strategic vision • Organisational culture • Current and future objectives • Desire business outcomes • Potential improvements to existing business processes • Project and programme delivery resources • Current governance and programmes. We can provide onsite training to our clients as well as instruction at our own training centre. User documentation is provided by way of client portal guide
• Service documentation: No
• End-of-contract data extraction: Our Customer Portal is a secure online space giving customers complete visibility of the assets that we manage for them. We offer a complete view of their estate, including telephone numbers (CLIs), the product related to that number and its geographical location. All invoices are in one place and kept for 12 months for historical billing information on the services you have taken.; This information can be easily downloaded for extraction into excel.
• End-of-contract process: At the end of the contract the customer moves onto a rolling 30 day contract on our standard rates. Through our online billing and reporting portal, customer can get their asset list, including numbers that can be ported away and details of the services they currently take with us. This will be provided at no additional cost. It is up to the new provider to port the numbers away.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • MacOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: We have a bolt on App that can be added as an option to SIP Trunk Call Manager. Upon successful download from the relevant app store, the user is able to log in to access a subset of SIP Trunk Call Manager Functionality as available at: www.siptrunkcallmanager.co.uk. The user has access to edit components of call routing for numbers provisioned on this service and in accordance with their user permissions. Functionality includes ability to route calls to an alternative destination number/voicemail/divert calls/invoke pre-configured call plan. Key reporting statistics are also available including Performance graphs and call history.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Application client and web browser
• Accessibility standards: None or don’t know
• Description of accessibility: The SIP Trunk call manager service is accessible from a standard web browser.
• Accessibility testing: We have not done any testing with users of assistive technology.
• API: No
• Customisation available: Yes
• Description of customisation: The design of the SIP service can be configured and customised for various designs (Active / Standby, Loadshare, Resilient+, Enhanced). Customer confirms design option during project kick off and then built by Gamma.; The number of concurrent call channels required (subject to minimum number) can be customised subject to sufficient data bandwidth being available.; Whether existing customer DDI numbers are ported from other services. Determined by administrators.; Whether new DDI numbers are required for the service. These can be added by administrators of the service.; If individual call control is required per DDI this can be achieved through a web based customer portal using SIP Trunk Call Manager.; Where the option is taken, customer administrators can manage SIP Trunk Call Manager, a feature-rich, centralised inbound call management service via an easy-to-use web portal and App. The following are customisable:; ; Call Queuing Day; Time of Day Routing; Hunt Group; Voice Mail; Date Routing; Increased resilience; Announcement; Auto attendant; Set user access individually; Divert (on busy, on no reply, on failure); Access to full call statistics; Advanced Statistics

Scaling

• Independence of resources: We undertake a monthly Capacity Planning Forum whereby the utilisation of every network component is reviewed against planning rules and sales forecast to ensure that we have sufficient capacity and overhead to manage our customer's requirements. Additionally there is weekly planning review on capacity management adjustments.; Each SIP customer's resource requirements are taken into account and sufficient network is allocated to them. We also manage our network to spread traffic during very busy periods.

Analytics

• Service usage metrics: Yes
• Metrics types: Gamma SIP Trunk Call Manager service provides a range of on line call reporting on a per number basis. Full summary reports are provided; how many calls are getting through, where are my customers located, what are my call trends, when are my busy times. Detailed call analysis is available via the advanced statistics package.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Our Web Portal allows users access to their associated number ranges. Typically users will extract their applicable data in Excel or CVS format.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Excel
  • PDF
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks: Private network or public sector network
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: SIP trunk service availability is calculated as:; Total number of minutes in the measurement period – Unplanned Downtime x 100 / Total number of minutes in the measurement period; Note: If a Service is partially available then the Unplanned Downtime shall be calculated in equal proportion i.e. if a service is 50% available then the unplanned downtime will be calculated as 50% x elapsed period of the incident.; Availability Measurement Period: 1 Calendar month; Target availability for SIP Trunk Endpoint Resilient Build:; Core service: 99.99%; Non-Core Services: 99.50%; Not included:; - Outages which are deemed by us to be the result of matters outside of its direct control; - Planned or emergency maintenance works; - User error; Notes:; (1) Core functions are defined as Gamma Switching infrastructure, transmission equipment and; core network, the service that supports call routing and termination.; (2) Non-Core functions include Gamma Support Systems, access to any relevant portals and feature based services such as Call Plans, Call diverts, Auto Attendant, Call Recording, and Unified Messaging; (3) A Resilient build SIP Trunking means a Gamma approved; configuration such as dual Session Border Controllers offering geographic diversity.; PESQ score target for G711 is 4.1 and G729 is 3.7
• Approach to resilience: Gamma hold ISO 22301:2012 Business Continuity Management accreditation. As this information is sensitive, further specific information is available on request.
• Outage reporting: A public network status dashboard; Email alerts; Portal alerts; Text messages to opted in mobile numbers; Service desk verbal communication

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Relevant only to SIP Trunk call manager services. Customer administrators can set permissions for other users to give them access to certain areas of the portal. They are able to restrict access to certain areas of the management and support interfaces.
• Access restriction testing frequency: At least once a year
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: NQA
• ISO/IEC 27001 accreditation date: 29/04/2021
• What the ISO/IEC 27001 doesn’t cover: Our ISO 27001 certification relates to the information security management system and not to the products or services of our organisation. The certificate reference number, the mark of the Certification Body and/or the accreditation mark may not be shown on products or stated in documents regarding products or services.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essentials
• Information security policies and processes: Nexus hold and maintain an Information Security Policy. We have an Information Security Office (ISO) who is responsible for the development, management and enforcement of the policy across our organisation.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Nexus have a configuration management process for tracking changes in the specification of our services and products, this is managed centrally. Nexus also implement a full change management process for assessing and if appropriate executing any changes to services and products.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We use failure mode effects analysis process, conducting regular, systematic assessments of vulnerabilities to determine the necessity of safeguards, countermeasures and controls, monitoring for changes to maintain an acceptable level of risk. Includes identifying key information assets and subjecting them to specific risk assessments, assessing exposure to a list of common threats and vulnerabilities, maintaining risk registers, implementing technical, policy, business continuity and management initiatives;; Each patch is assessed and deployed accordingly:; High - Urgently.; Medium - ASAP.; Low - as time permits.; Gamma utilise many Vendor sources and industry RSS feeds, CERT, Ubuntu and Debian. Member of CiSP.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Gamma utilise GPG 13 guidance. Gamma have built a Security Information & Event Management Solution (SIEM) to identify potential compromises. If a compromise is found it is investigated. A Security Incident is raised to track the investigation, root cause and solutions if required to rectify or improve the situation. We respond to incidents as close to real time as practicable.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: All Incident tickets will be recorded in the Nexus Service Desk system under the Incident Management workflow. All new Incident tickets will undergo an initial impact assessment. Nexus will further look to determine the number of users/systems affected and establish the commercial impact to the customer’s environment. We have a knowledge base to be able to check for common events. Users can report incidents by phone, email or through their client portal. Incidents are included in any appropriate service monthly ticket summary reports.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • Joint Academic Network (JANET)
  • Scottish Wide Area Network (SWAN)

Social Value

• Fighting climate change:

  Fighting climate change

  The environmental benefits of our G-Cloud Service provision are substantiated by Microsoft’s own studies and commitments towards climate change.; A 2018 study found that using the Microsoft Azure and 365 cloud platforms can be up to 93% more energy efficient and up to 98% more carbon efficient than on-premises solutions.; Microsoft has committed to focus on four key areas of environmental impact to local communities; carbon, water, waste, and ecosystems by way of; using 100% renewable energy by 2025 by partnering with renewable energy projects, replenishing more water than they consume by 2030, achieving zero-waste certification by 2030 and achieving net-zero deforestation from new construction and re-forestation initiatives by greening communities with native woodlands.; Real sustainability requires solutions that address wastefulness at every level of a business. Hosting on the cloud is more environmentally friendly and results in less of a carbon footprint.; Cloud infrastructures support environmental proactivity, powering virtual services rather than physical products and hardware, and cutting down on paper waste, improving energy efficiency, and (given that it allows employees access from anywhere with an internet connection) reducing commuter-related emissions. Reports predict that data centre energy consumption would drop by 31% from based on the adoption of cloud computing and other virtual data options.
• Covid-19 recovery:

  Covid-19 recovery

  As a member of the COVID-19 High Performance Computing Consortium, Microsoft is helping researchers accelerate their understanding of the virus and the development of treatments and vaccines through two major initiatives; HPC Consortium and AI for Health.; The COVID-19 HPC Consortium encompasses computing capabilities from some of the most powerful and advanced computers in the world. Microsoft hope to empower researchers around the world to accelerate understanding of the COVID-19 virus and the development of treatments and vaccines to help address infections. Consortium members manage a range of computing capabilities that span from small clusters to some of the very largest supercomputers in the world.; AI for Health is a new $60 million, five-year philanthropic program from Microsoft, created to empower non-profits, researchers, and organizations tackling some of the toughest challenges in global health. Microsoft are providing access to AI and expertise in these areas; Accelerating medical research to advance the prevention, diagnoses, and treatment of diseases, increasing our shared understanding of health and longevity to protect against global health crises, reducing health inequity and improving access to care for underserved populations and supporting fundamental research capabilities, including data collaboratives and differential privacy.
• Wellbeing:

  Wellbeing

  The primary benefits of Microsoft's cloud services are the transfer of ownership of compliance and maintenance of cloud infrastructure and its security and that IT Managers and business owners no longer need to be concerned about those elements of their IT systems once in a Microsoft cloud platform. This has a massive positive impact on wellbeing of employees within organisations across the world.

Pricing

• Price: £5.40 a unit a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at stuart.wilson@nexusos.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.