Fujitsu Services Limited

Fujitsu Software Defined Networking (SD–WAN) High Assurance

Fujitsu’s SD-WAN High Assurance solution offers Cloud and Sovereign deployed platforms at scale delivering solutions from OFFICIAL up to SECRET aligned to NCSC and Cloud Security Principles. Managed and operated in the UK from assured facilities. Enabling Buyers to deploy a disaggregated and cloud complaint network solutions.

Features

• Fully resilient, High Availability Platform
• Choice of Cloud or Sovereign platforms deployed in certified datacentres
• In house Management or Managed Service Options from Fujitsu
• Service support 24x7x365.
• Full catalogue service approach.
• Edge devices appliance/NFV/ Vendor choices supporting upto50Gbps
• Choice of standard or High Availability edge site deployments.
• Protective Monitoring based on defined user cases
• Standard APIs for customer tooling and service management platforms.

Benefits

• COTS designed SD-WAN
• Unlocks circa 30-40% savings from removing dependency on legacy infrastructure/services.
• Meeting Customer Information Assurance requirements with design, documentation/deployment skills.
• Low start-up and deployment costs.
• A catalogue approach to services and functionality.
• Allows customer self-management of aspects of the SDN service
• Evergreen with updates and functionality added automatically.
• Choice of Service management options.
• Cloud and Fabric supporting deployment options
• • Deployed across the for HM Government Departments

£380.00 to £1,970.00 an instance a day

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at government.frameworks@fujitsu.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

630479704076626

Contact

Sam Skinner
07867829234
government.frameworks@fujitsu.com

Service scope

• Service constraints: Planned maintenance and software updates is performed and designed to have zero impact and will be advised to the Customer in advance. Ongoing certification obligations means it may not be possible for users to remain on the previous version. In the unlikely instance downtime is required this will be advised to the Customer in advance for service continuity purposes.
• System requirements: Please refer to the Servic Definition documentation

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 30 minutes
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Customer may access web chat through standard web browser interfaces via the Fujitsu online service management portal, full functionality provided (subject to security handling requirements)
• Onsite support: Yes, at extra cost
• Support levels: Fujitsu provides help desk support via the Service Management Centre (SMC) which offers 24/7/365 support. Our SMC provides a single point of contact basis, all incident and query calls made and all are logged with the SMC operation. Technical Support Analysts (TSAs) are skilled to support all aspects of the SD-WAN Service. The TSAs are located within the SMC and it is from here that the incident or query is managed. A TSA will provide proactive or reactive updates, carry out first and second level diagnostics, assign the fault or query to technical teams, on-site engineering groups or 3rd party suppliers and manage the end-to-end flow of the incident or query during its active life until resolution. In all cases Fujitsu will call back within two contracted hours after the fault or query has been logged with hourly updates given to the Buyer until incident or query has been resolved. Escalations can be raised by email, phone call, through our self-service incident portal Engage, or via our website.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Access to Fujitsu SME is provided and to all documentation including HLD's from the Fujitsu Customer Service Portal Access is also granted to online documentation and training material / courses
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: Should the Customer wish to extract configuration data and or other information held by Fujitsu a service ticket must be raised with notification of requirements with a minimum of 60 days notice . The transfer of data will be in an agreed format with the Customer and charged for in accordance with the relevant man days charge
• End-of-contract process: At the end of the contract Fujitsu shall decommission the storage and services that have been allocated to specific customer which shall include all customer owned data and any backups. Should the data be required to be extracted prior to decommissioning this service, please contact Fujitsu to discuss your specific requirements. The cost for extracting data from the service has not been included in the price and will attract an additional charges based on the SFIA rate card.

Using the service

• Web browser interface: Yes
• Using the web interface: Full access is provided based on agreed roles based access control (RBAC) to the service orchestration platform. The limit in functionality is agreed between the Customer and Fujitsu and is set against RBAC profiles. Functionality is limited to first and second line capability.
• Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
• Web interface accessibility testing: Web interface will access the Service Orchestration platform (or other service management platform such as Service Now, Remedy or Broadcom CA Service Desk) where upon the Authorised User (role based access control) may perform moves adds changes and activation of the Customer users based on the access levels agreed. Note; access granted will be limited to the Customer database and not the full platform.
• API: Yes
• What users can and can't do using the API: Fujitsu provides off the shelf API software supporting for example but not limited too ServiceNow, Remedy and CA Service Desk. ; There are no limitations; Fujitsu provides via configured portals access to the SD-WAN orchestrator to perform full system administration and service management, in addition to the support provided by Fujitsu's NOC
• API automation tools:
  • OpenStack
  • Other
• Other API automation tools:
  • Restful API
  • Fujitsu provides off the shelf API software supporting:
  • -ServiceNow Remedy and CA Service Desk (Broadcom)
• API documentation: Yes
• API documentation formats:
  • HTML
  • ODF
  • PDF
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: The SDN solution has inbuilt capacity to support a 50% increase in traffic. Capacity is continuously monitored by Fujitsu and added as and when required.
• Usage notifications: Yes
• Usage reporting:
  • API
  • Email
  • SMS
  • Other
• Other usage reporting: • Bandwidth used per-location top users and; • History file of all traffic statics

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • Network
  • Number of active instances
  • Other
• Other metrics:
  • Bandwidth used per-location top users and
  • History file of all traffic statics
  • Network Analytics from SD-WAN Manager
  • Or via LiveNX Manager provided with the service.
  • Visibility across on-premises, SD-WAN, cloud, and hybrid networks;
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Multivendor based

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Scale, obfuscating techniques, or data storage sharding
  • Other
• Other data at rest protection approach: Fujitsu deploys "Fujitsu Enterprise data Encryption service", which is based on proven KMS platform, available as a physical or virtual appliance, which are cloud agnostic. The Customer has full ownership of the encryption keys and broad portfolio of third-party integrations including and beyond the cloud environment. It is fully compliant with FIPS 140-2 for a centralised solution for detail logging, audit tracking of al key state changes, administration access and policy changes.
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Server OS used in the service for recovery
  • Configuration for servers and appliances
  • Database used in the service
  • Network Configuration
• Backup controls: Back up policies are defined by Fujitsu and published in accordance with the service management responsibilities. The user has no control over the content of the backup performed.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Other
• Other protection between networks: ISO/IEC 27001:2013 certified ISMS and using inherent security features of an MPLS WAN such as Virtual Routing and Forwarding Tables (VRFs) and VLAN separation. Or SDN and SD-WAN based connectivity as an option by use of Foundation or PRIME based encryption as an overlay meeting NSCS guidelines.; ; Encrypts all customer-data in transit by default.; Configures data in transit encryption, and defaults to the latest industry standards.; Adopts understood algorithms and protocols (such as TLS and IPsec) to protect data.; Supports Customers to implement good data in transit protections in your application.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
  • Other
• Other protection within supplier network: ISO/IEC 27001:2013 certified ISMS and using inherent security features of an MPLS WAN such as Virtual Routing and Forwarding Tables (VRFs) and VLAN separation. Or SDN and SD-WAN based connectivity as an option by use of Foundation or PRIME based encryption as an overlay meeting NSCS guidelines.

Availability and resilience

• Guaranteed availability: 99.99%
• Approach to resilience: Availability and Resilience built in as standard mapping to IA or security requirements of customer. Availability targets defined in each Service Pack. SLA supports 99.99% availability for core service a range of availability targets for edge device as standard Note solution orchestration is active active across two data centres / cloud nodes.
• Outage reporting: In the event of event of an outage of the SDN service, the Customer shall be notified via an email alert and other service management tooling as provided. In addition the Customer may register or view our on-line portal where they will be able to monitor their services in real time. All monitoring is performed by the Fujitsu Service Desk. The Service Desk provides a single point of contact which operates 24x7x365 and provides; Availability proactively monitor all managed services and report on availability against contracted service levels. Incident resolution – the operation of real-time automated traffic light reporting indicators, enabling jeopardy management of incidents. Quality – real time dashboard monitoring of queue status and time to answer. Reporting on the quality requirements against contracted service levels.

Identity and authentication

• User authentication: Dedicated link (for example VPN)
• Access restrictions in management interfaces and support channels: By use of a dedicated management network operations centre.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Bureau Veritas
• ISO/IEC 27001 accreditation date: Recertification cycle start date: 06/01/2022 Certification expiry date: 04/12/2024
• What the ISO/IEC 27001 doesn’t cover: Our certificate covers:; The information security management, security governance and security risk management of Fujitsu in ; Europe, including the provision of corporate functions and infrastructure to enable activities in scope: ; A. Design, delivery, support and management of:-; - Outsourcing and managed services for customers; including hosting operations virtualization ; and end user support including service desk;; - IT solutions including applications development, hosting and database maintenance and, ; where appropriate sales, leasing and consulting.; B. Design, delivery, operation, support and management of telecommunication and network solutions, ; including repair and refurbishment of equipment; ; C. Cloud Hosting services/Service Hub; ; D. Managed Security Services from Security Operations Centres/Advanced Threat Centres; ; E. Product, sales, installation and maintenance; ; F. Digitization services - document scanning and digitization of sensitive personal data and personal ; medical data; ; G. Provision of ICT services related to Workplace services/managed office and Multi-vendor support ; services/managed maintenance;; H. Productivity Center Services; Mobile and Internet Services; Logistics and Installation Services ; I. The management and operation of the secure network environment provided by the Defense and National Security Business
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • CSA CCM version 3.0
  • ISO/IEC 27001
• Information security policies and processes: ISO/IEC 27001

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: We follow an ITIL - based formal change request process. Customers can raise MACs using either over the telephone or through the portal. Once raised, these requests are scheduled, managed and executed.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Fujitsu subscribe and is involved in a number of external services to obtain information about potential threats; Industry bodies (ITSPA, Ofcom), Security forums (CNR by CiSP/NCSC), and Penetration testing (External, Network, Website). Potential new threats are logged as Incidents and an assessment of the threat is immediately performed based on a Risk Assessment Methodology and Operational IT Security defined within our ISO27001. High/Critical patches will be applied immediately. Patches to the system to remediate threats are subject to the change management process.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Fujitsu employ systems to identify and automatically block attempted compromises and unauthorised access , and to provide systems for audit logging. These include IDS, Two-Factor authentication, and Firewall Policy. When a compromise or attack is detected it alerts IT operational staff and either automated action or immediate manual intervention is taken to block the occurrence. Incidents are managed in accordance with the Incident Management Procedure.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Knowledge based articles and FAQs are created for support teams for common incidents. This ensures incidents are dealt with as quickly and as efficiently as possible. Incidents can be logged via the Portal, email and telephone. Incident reports are generated by Service Management Team. Our portal also provides a standard set of reports which authorised customers can use to look at incidents raised.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: The Strategic Fujitsu Datacentres are registered “participants” in the EU Code of Conduct for datacentres, complying with their energy efficiency guidelines conforming to ISO50001 Energy Management. The Supplier’s infrastructure planners have used optimal layouts, as determined by the EU Code of Conduct to build the service within these datacentres.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Fujitsu operates a Dual Delivery approach to Social Value (SV). Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake both local and national initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.

  Covid-19 recovery

  Fujitsu operates a Dual Delivery approach to Social Value (SV). Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake both local and national initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.

  Tackling economic inequality

  Fujitsu operates a Dual Delivery approach to Social Value (SV). Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake both local and national initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.

  Equal opportunity

  Fujitsu operates a Dual Delivery approach to Social Value (SV). Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake both local and national initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.

  Wellbeing

  Fujitsu operates a Dual Delivery approach to Social Value (SV). Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake both local and national initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.

Pricing

• Price: £380.00 to £1,970.00 an instance a day
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Please refer to the Service Definition document
• Link to free trial: Not applicable

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at government.frameworks@fujitsu.com. Tell them what format you need. It will help if you say what assistive technology you use.