Specialist Computer Centres plc

Cisco SD WAN with SASE Managed Service by SCC

The service utilises Cisco-Catalyst SD-WAN(formerly Viptella) or Meraki SD-WAN depending on the requirement with full managed-service underpinned by SCC’s certified-managed-service-resources. SD-WAN enables convergence of security and network-connectivity technologies for enterprise users. Secure-Access-Service-Edge (SASE) is a security framework supporting convergence of networking and network security enabling business transformation, edge-computing, and workforce-mobility.

Features

• Transport-Agnostic, Software Defined Networking for WAN and LAN.
• Centralized management and automatic orchestration of routing, policies and security.
• Real- time statistics of application and network utilisation and availability
• Application Aware Routing and application optimisation
• Resilience and Fail-over between dissimilar technologies.
• Plug-and-play model can be deployed at a branch office
• SD WAN with PSN Underlay
• WAN design, deployment, initial configuration, site activation, 24x7 support.
• Centralised administration web portal.
• SD Wan Edge Device Automation

Benefits

• Ability to implement policies network wide within seconds
• Provide network flexibility and agility.
• Able to integrate SD WAN sites with traditional VPLS network
• Local internet breakout for SaaS applications
• ISO 27001 Certification
• Enable Internet and Cloud First architectures
• Extend into Datacentres and Public Cloud.
• Service and Security Management
• Consistent, resilient and highly available application performance.
• Cloud Security Principles

£3,722 a unit a month

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at frameworksales@scc.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

653548872608848

Contact

Warren Strain
01217667000
frameworksales@scc.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Customer LAN management; Customer wLAN management; SCC Sentinel Hosting; SCC Cloud+ Hosting
• Cloud deployment model: Hybrid cloud
• Service constraints: The customer would need to provide all relevant information requested to complete Service Implementation and provide access to the sites to facilitate installation of the service.
• System requirements:
  • Internet Connectivity
  • Suitable hosting space and power capability at each site

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: "Priority Response 1 - 30 mins, ; Priority Response 2 - 60 mins, ; Priority Response 3 - 4 Hrs ; Priority Response 4 - 72 Hrs; ; Support is available up to 24/7"
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Hardware Breakfix - 24 x 7 4 hours engineer to site; Hardware Breakfix - 8x5 Next business day
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: All new customer opportunities are run as a project, as part of this there is a discovery and transition phase which help identify the customer requirements and bring them into the service. Transition, Project and Service Delivery Managers are also assigned to assist customer into the service.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Data extraction will be built in to the exit plan with each customer during the contract start up phase.
• End-of-contract process: SCC will work with the Customer to create an exit plan and strategy within 3 months of the start of service. This is included in the price of the contract. The exit plan will define what happens at the end of the contract.

Using the service

• Web browser interface: No
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: No

Scaling

• Independence of resources: The use of traffic shaping and prioritisation rules based on application or location

Analytics

• Service usage metrics: Yes
• Metrics types: Device Usage statistics; Network Usage; VPN Usage; Traffic Shaping Performance; Uplink Performance; Application Usage
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Cisco Meraki

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: N/A
• Data sanitisation process: No
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: N/A
• Data export formats: Other
• Data import formats: Other

Data-in-transit protection

• Data protection between buyer and supplier networks: Other
• Other protection between networks: N/A
• Data protection within supplier network: Other
• Other protection within supplier network: A proprietary lightweight encrypted tunnel using AES256 encryption while management data is in transit leverages HTTPS

Availability and resilience

• Guaranteed availability: Circuit availability - Single DIA = 99.9%; Circuit availability - dual DIA = 99.99%; Device availability - single device = 99.5%; Device availability - dual devices = 99.9%; ; The contracted SLA will not apply to managed devices or services which are dependent on the availability of customer supplied infrastructure such as power and sufficient cooling.
• Approach to resilience: This is available on request
• Outage reporting: The service reports the outages through email alerts, the public customer portal and to our 24*7*365 managed service desk who will then call the client to inform them of the alert that they have received.

Identity and authentication

• User authentication needed: Yes
• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: Management Portal
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: LRQA (Lloyd's Register)
• ISO/IEC 27001 accreditation date: 06/07/2023
• What the ISO/IEC 27001 doesn’t cover: N/A - Our certification covers all locations and services provided by SCC.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Barclaycard Data Security Manager
• PCI DSS accreditation date: 27/06/2023
• What the PCI DSS doesn’t cover: N/A
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • ISO 22301 - Business Continuity
  • CAS (S) - Sanitisation of classified materials

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ISO9001; Cyber Essentials Plus

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All our configuration and change management processes are aligned to and certified to ISO 27001:2013
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: SCC's vulnerability scanning and penetration testing policy documents the process and how vulnerabilities are proactively detected and remediated in a timely fashion. SCC performs monthly vulnerabilities across the Sentinel platform covering approximately 20% of the platform each month, ensuring the whole platform is covered twice within a 12 month period.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Protective monitoring is carried out in accordance with GPG 13 to level B (Deter)
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: All our incident management processes are aligned to and certified to ISO 27001:2013 as defined in HMG Cloud Security Guidance: Standards and Definitions

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Public Services Network (PSN)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Sustainability is central to SCC’s operations and embedded into our business. Our defined carbon reduction targets are externally reported in our Carbon Reduction plan via the Carbon Disclosure Project.

  Covid-19 recovery

  SCC’s products, services and solutions can help facilitate and implement new ways of working for our customers. Through our propositions, additional health, wellbeing and agile working benefits can be achieved.

  Tackling economic inequality

  SCC provides employment and training opportunities, are members of the Disability Confident Scheme and supporters of the Armed Forces Covenant. Working with our supply chain we promote collaboration and diversity.

  Equal opportunity

  SCC is an inclusive employer with various initiatives to support, engage and develop our employees. We promote supply chain diversity and have mechanisms in place to manage modern slavery risks.

  Wellbeing

  SCC has a range of health and wellbeing activities available for our employees to access. Our volunteering programme and charity partnerships help facilitate and deliver a range of community benefits.

Pricing

• Price: £3,722 a unit a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at frameworksales@scc.com. Tell them what format you need. It will help if you say what assistive technology you use.