Cisilion Limited

Cisilion Cloud Managed Infrastructure ( Meraki )

Cisilion offer a cloud based infrastructure solution delivered as a service priced on a monthly model. The solution is based on the Cisco Meraki range, providing the performance of enterprise grade infrastructure with the benefits of cloud management, easy provisioning, ongoing in-life software and feature upgrades included.

Features

• Design & commissioning of Cloud Managed Meraki enterprise network
• Full UK based 24/7/365 monitoring and management of Meraki environment
• Secure and customised portal to log, view and track incidents
• Access to Cisilion’s Meraki engineers
• Access to Cisco (Meraki) Support via our escalation process
• Response Based SLA with P1 Response within 15 minutes
• Includes Change Enablement, Service requests, feature and release management
• Wi-Fi 6 certified wireless solution
• Vulnerability assessment
• Regular Service reports and service review meetings

Benefits

• Fully cloud managed network infrastructure
• Future-Proof, over-the-web upgrades of new features and fixes
• Fixed, predictable cost for wireless network deployment
• New visibility, analytics & troubleshooting tools added to the dashboard
• Simple and secure access for enhanced user experience
• No additional costs to enable roll out of new features
• Monthly service updates to analyse call numbers and common issues
• Quarterly Innovation Centre Experience Workshops
• Full Lifecycle management capability option

£376.19 a unit a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at drichardson@cisilion.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

627250495571585

Contact

Debbie Richardson
01372 201145
drichardson@cisilion.com

Service scope

• Service constraints: It is necessary to carry out essential work from time to time. These activities are carefully scheduled through the use of an internal change control process which is designed to present maximum visibility of that change and thereby ensure that planning and implementation are carried out to minimize the effect on customers and their network services.
• System requirements:
  • Hardware must connect to the internet to establish cloud connectivity
  • Customer should purchase a wireless survey to determine AP coverage.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Client will be able to track progress by phoning the service centre, e-mailing, and logging in to the Customer Portal. Phone/Portal/ interface = Response is immediately Email = Response is +30 Minutes First update on resolution progress for all methods= + 30 Minutes Max Subsequent updates or at an agreed frequency = + 60 Minutes
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: The SLA for Meraki is Next Business Day shipment. ; The support levels depend on the model of the access point as each one will carry a different £ Value.; ; Each client will be allocated a Cisilion Account Team which will be made up of highly experienced Account Director, Cloud Consultant and Service Delivery Manager
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: As part of the on boarding service Cisilion provide installation, commissioning , user adoption and training services to ensure the customer has full understanding of the provided Cloud Wireless solution. A service delivery manager is assigned to the customer as part of the on going program and continual improvement exercise. Customer employees are also invited to the Cisilion success hub where more formal classroom based training can be provided.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: As part of our Exit management strategy Cisilion is committed to run a series of workshops with the customer during the transition phase in order to define an acceptable exit strategy for the customer. Based on the results of the workshops Cisilion will provide an exit plan which will define as a minimum:;  Separate mechanisms for dealing with Ordinary and Emergency exits;;  The management structure to be deployed during both transfer and cessation of the services;;  A detailed description of both the transfer and cessation processes including timetables;;  Description of how the service to be transferred to/from an existing/replacement contractor;;  Description of the legal and financial issues;;  Termination obligations, etc.; The guiding principle of the plan is to ensure a smooth transfer of whole or part of the services as appropriate, which minimises risk to service continuity throughout the exit period.
• End-of-contract process: Cisilion would intend to develop the Exit plan with the customer to an agreed final version three months after contract start date. The plan will be reviewed at six monthly intervals thereafter to ensure it remains current to the prevailing service operations. ; Upon invocation of the handover period we would appoint a Project Manager to manage the Exit Plan through to its successful completion. This individual would also secure the required project resources and liaise with the customer and a successor service provider on all relevant aspects of the plan’s execution. This is included in the project costs.

Using the service

• Web browser interface: No
• API: Yes
• What users can and can't do using the API: Customers can have access to the Meraki dashboard API.
• API automation tools:
  • Chef
  • Puppet
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Manual
• Independence of resources: No user traffic is transported through the cloud, all data is moved out of band to the cloud management, the only data is within the cloud is the configuration, and management information which has no effect on user performance.
• Usage notifications: Yes
• Usage reporting:
  • API
  • Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • HTTP request and response status
  • Network
  • Number of active instances
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Organisations whose services are being resold at Cisco Meraki

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: No customer data is held within the cloud
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up: All config files are stored on the Meraki dashboard
• Backup controls: During the service design Cisilion will agree with the customer the backup schedule, the areas to be backed up, frequency, etc.
• Datacentre setup:
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users can recover backups themselves, for example through a web interface

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: The Meraki dashboard is cloud based which is replicated across multiple data centers around the world providing a high level of uptime. Should the Meraki cloud become unavailable it will not effect the working of the wireless network.
• Approach to resilience: The Cisco Meraki cloud infrastructure is distributed across multiple datacentres around the world. Each customer's data, including network configuration and historical statistics, is replicated across at least three independent datacentre. Customer data is replicated between datacentre in near real time. If an entire datacentre was to be rendered unavailable due to a natural disaster or other major disruption, customers' networks would simply migrate to another datacentre, with all user data available and up to date. This redundancy and failover is entirely transparent to the network administrator, and all networks, big and small, achieve ultra-high levels of reliability out of the box.
• Outage reporting: All service outages will be notified via e-mail, and on the Meraki Dashboard portal, all outages are reported in the local time of the effected devices.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access is restricted by the use of individual privilage levels required by login.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device over multiple services or networks

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: The British Assessment Bureau
• ISO/IEC 27001 accreditation date: 19/08/2016
• What the ISO/IEC 27001 doesn’t cover: We are covered under the IT ISO Certification
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: ISO9001

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ISO 27001

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All our services are aligned to the best practices set out in ITILv3 for key activities such as Change management for resolution of incidents, problems, service requests and changes. Where a change is identified, the change must documented with the reason , any known implications including security impacts, and any proposed times for the change . Changes are reviewed prior to implementation to ensure their awareness of the potential change. The potential change is then approved and the change can be made. Cisilion will work with the customer to determine the optimal time for change, scheduled maintenance and support operations.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Meraki invest heavily in tools, processes, and technologies to keep users and their networks safe and ensure any vulnerability is highlighted and remediated against, these include; • third party audits; • two factor authentication; • out of band cloud management architecture; • 24x7 automated intrusion detection; • Protected via IP and port-based firewalls; • Remote access restricted by IP address and verified by public key (RSA); ; Meraki also offers a vulnerability rewards program that is an important component of our security strategy, encouraging external researchers to collaborate with our security team to help keep networks safe.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Cisco Meraki is committed to data protection, privacy, security, and compliance with applicable regulatory frameworks in the US and abroad. The Meraki cloud-based architecture is designed from the ground up with data protection, privacy, and security in mind.; The Cisco Meraki technical architecture and its internal administrative and procedural safeguards assist customers with the design and deployment of cloud-based networking solutions that comply with EU data privacy regulations. The cornerstones of Meraki’s compliant-by-design architecture are:; • Out-of-band Control Plane; • EU Cloud; • Data Processing Addendum .; • Privacy Shield; • GDPR
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: All incidents can be reported either by opening a case via the Cloud Dashboard, or via the telephone. If it is a security issue then the case can be marked as a high priority as will be dealt with accordingly. If there is a critical incident that has been discovered in the cloud or has been reported exteranally the actions and updates are communicated via email and via the Cloud Dashboard.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Cisco datacentre adhere to this code of conduct

Social Value

• Fighting climate change:

  Fighting climate change

  Cisilion are committed to reducing our impact on the environment. We continually strive to reduce our carbon impact year on year, initiating additional projects and activities that will further reduce our impact locally and globally, and contribute towards global UN carbon offsetting initiatives. Our commitment to the environment extends to our customers, our communities, our employees, our suppliers and other countries in which we operate. Offering a sustainable working balance of office and remote working for all staff members, especially prevalent in the last few years, has also helped towards environmental benefits including lower gas emissions, reducing air pollution and lowering our per employee carbon footprint contribution. As a cloud-first organisation, we support digital transformation and innovation for our clients through the migration to and adoption of cloud services. The COVID-19 pandemic has changed workplace culture for good, accelerating hybrid and remote working. This has seen the biggest ever shift and up-take of cloud-based services, further helping to reduce the consumption of energy through the reduced use of traditional data centres across our customer base. We are currently reviewing 3 suppliers to assist us in calculating our emissions and thus enabling us to identify the areas to focus upon, to become Carbon Net Zero by 2050.
• Covid-19 recovery:

  Covid-19 recovery

  Cisilion recognise the long lasting mental health impact upon individuals who have been directly or indirectly affected by Covid-19 both personally and professionally.; Cisilion will ensure all workers on the G Cloud 13 framework will have access to our full and comprehensive mental and physical wellbeing support. In addition, Cisilion have already engaged with and will continue to engage with the ; Kickstart scheme to assist in employing 16 – 24 year olds on Universal Credit through our apprenticeship and graduate programmes covered below.; ; Our Graduate, Apprenticeship and Emerging Talent Programmes aim to attract individuals regardless of their knowledge, experience, or age, who are looking to achieve a degree (or other professional level skills) while working at the same time. Since 2020 we have leveraged digital technology in our field and successfully hired apprentices that have joined Cisilion remotely through the COVID-19 pandemic
• Tackling economic inequality:

  Tackling economic inequality

  Cisilion recognise their responsibility in tackling economic inequality through the creation of new skills, jobs and entrepreneurship. Cisilion have been running apprenticeship and graduate schemes for the past 5 years and partner with 3 specialist recruitment and training providers who are experts in finding work for and training unemployed young people. Cisilion are a Microsoft and Cisco gold partner, who are keen supporters of assisting young people into work.Cisilion are also aware of and understand the current Kick Start government scheme of which we will be able to provide details and guidance to unemployed individuals. Cisilion will contribute a total of 16 hours per month towards improving employability of young people in the local vicinity through each bid. This will consist of a mixture of the HR, People and Recruitment team members alongside the Cisilion management team, will provide a mixture of 2-hour workshops and 1 hour long one to one sessions per month. Workshops will be run by our Recruitment team, covering topics such as interview best practice, CV formatting and job-hunting tools available. Individuals will be able to register for one-to-one advice with a member of our management team as a coaching session and more personal advice related to the unemployed persons experience so far. 35% of Cisilion workforce to be part of our apprenticeship, graduate or emerging talent programmes by 2025. Digital Skills: Help the UK prepare for the challenges of the Fourth Industrial Revolution Digital Skills programme. Review requirements in our selection criteria for early-in-career-roles or emerging-talent roles
• Equal opportunity:

  Equal opportunity

  In 2022, Cisilion became a Disability Confident employer and attained Level 1 status. Cisilion recognise this is the first step in the journey and will ensure all activities across the business enable and support initiatives towards the next levels required. Cisilion conduct all learning and development via LearnAmp, our online Learning Management System. As part of our induction process, we include Diversity and Inclusion Training, along with enhanced Grievance procedure outlines and Anti-Harassment training. Employees are then required to complete refresher training every 6 months. This equates to 378 hours annually. The recruitment team form part of our People function at Cisilion and therefore liaise continuously to ensure proactive recruitment identifies a diverse set of candidates and supports those throughout the interview processes. While we understand that not all individuals feel comfortable in disclosing their identity, we continue to monitor and track our performance against self-created targets for LGBTQIA+, disability, gender and ethnicity within the recruitment processes and within our workforce, where at all possible. Cisilion have identified an inclusion council to go further in identifying diversity and inclusion objectives and practices across the organisation. Our current projects include diversity amongst our Service Centre graduate scheme, improving our benefits package to ensure our private medical insurance is trans-inclusive and developing our grievance procedure to explicitly support individuals from underrepresented groups. We ensure a member of the Leadership team sponsors such initiatives, as Diversity and Inclusion is a key topic at each quarterly Executive Leadership meeting. Cisilion engage with current employees from underrepresented groups, who feel comfortable in doing so, to address any other areas of suggested improvement, and to include their voice in future initiatives.
• Wellbeing:

  Wellbeing

  Cisilion operate a robust health and wellbeing programme, partnering with Vitality Health and Medicash. On an annual basis, all 90 employees on our scheme conduct an Online Health Review, giving employees an understanding of specific areas of health that they need to improve upon, i.e. cholesterol, blood pressure, alcohol intake, physical activity levels and blood glucose level. If employees do not know the figures for these key areas, they have the ability to take a free health assessment to provide them with this data. Vitality Health offer their Member Zone to all members, giving access to videos, tips and our monthly Vitality calendar covering a range of topics from women’s health to mental health and nutrition. Cisilion work with Vitality on a monthly basis, and run programmes based on the outcomes of our health reviews. For example, at the beginning of the year, we ran a Nutrition workshop based on a high number of employees whose reviews flagged a poor diet. Physical health is incredibly important to the whole team and company to boost proactivity levels. For this reason, we have discounted membership rates at many gyms. In addition, on an annual basis, we run a Health and Wellbeing Week, giving the Company access to free cycle and running classes, as well as running yoga and meditation workshops. Cisilion have adopted a hybrid working model, requiring employees to balance their working weeks between their home or remote office and the Cisilion office. This has proven extremely successful in supporting employees work life balance. Many of our employees are parents who need to take time to spend with their children, either by extending their working day to reduce the number of days worked per week or to adjust their working hours.

Pricing

• Price: £376.19 a unit a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Free Access Point with 3 Years Licensing and support.; Installation and Configuration is not included ; 3 Years
• Link to free trial: Www.meraki.com/ap/free-demo

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at drichardson@cisilion.com. Tell them what format you need. It will help if you say what assistive technology you use.