Ve3 Global Ltd

CheckPoint - Quantum Smart-1 Cloud

VE3's Check Point Smart-1 Cloud offers cloud-delivered security management, providing policy management for on-premises and IaaS security gateways, along with security event analytics and reporting via a user-friendly web-based SmartConsole.

Features

• VE3's Smart-1 Cloud: Premium management solution
• Policy management, log analysis, and event reporting
• Web-based SmartConsole for easy access
• Cloud management extension for seamless integration
• AD integration and REST API automation
• Manage on-premises or CloudGuard gateways
• Zero touch deployment for hassle-free setup

Benefits

• Scalable capacity and zero maintenance
• Automatic updates for latest features
• Single pane of glass management
• Improved operational efficiency and speedy deployment
• Simplified troubleshooting and HA management

£175 to £850 a unit

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at prime@ve3.global. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

819607045840165

Contact

Nikhil Alex
02045520840
prime@ve3.global

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: There are scheduled maintenance windows, detailed herehttps://sc1.checkpoint.com/documents/Infinity_Portal/WebAdminGuides/EN/Check-Point-SmartCloud-Admin-Guide/Topics-Smart-1-Cloud/FAQ.htm?tocpath=_____; ; The environment undergoes proactive monitoring for ongoing service health. Updates with no impact won't be communicated, while those causing impact will provide advanced warning. The cloud management service is compatible with most gateway types, except for VSX and Maestro, which are on the roadmap. See known limitations at this link https://sc1.checkpoint.com/documents/Infinity_Portal/WebAdminGuides/EN/Check-Point-SmartCloud-Admin-Guide/Topics-Smart-1-Cloud/Expected-Behavior-and-Known-Limitations.htm?tocpath=Expected%20Behavior%20and%20Known%20Limitations%7C_____0#Expected_Behavior_and_Known_Limitations
• System requirements:
  • Infinity portal tennancy and valid Smart-1 cloud licencing
  • Supported Check Point gateways

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Severity 1: Respond within 30 minutes. Check Point and customer allocate 24/7 resources for resolution, workaround, or severity reduction.; Severity 2: Respond within 2 hours. Check Point and customer allocate full-time resources during regular business hours and alternative resources outside standard hours for resolution, workaround, or severity reduction.; Severity 3: Respond within 4 hours. Check Point and customer allocate full-time resources during regular business hours for resolution, workaround, or severity reduction.; Severity 4: Respond within 4 hours. Check Point and customer allocate resources during regular business hours for resolution.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Our service is B2B and currently is not tested according to EN 301 549 accessibility standards.
• Onsite support: No
• Support levels: Support Options:; Collaborative Enterprise Support: Local partner experts, endorsed by Check Point, provide assistance.; Direct Enterprise Support: Direct support from Check Point's experts.; ; Support Levels:; Standard - Available 5 days a week during business hours, with a 30-minute response time for level one severity issues and access to a comprehensive knowledge base.; Premium – Access to 24/7 global support in addition to the benefits of Standard Collaborative Support.; Elite – Receive comprehensive support with the option of on-site engineer assistance for critical software issues, available 24/7.; Diamond – Extend Premium/Elite Support with personalized assistance, deep resources, and consulting, available 24/7.; ; Optional Add-On:; PRO Support: In the event of severe issues, Check Point PRO experts proactively reach out to resolve the issue, preventing service downtime. Additionally, PRO provides a detailed report on security, diagnostics, and actionable insights.; ; Contact your selected partner to tailor your support package to meet your organization's specific needs.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: A straightforward and well-documented onboarding process is provided for all services through the Check Point Infinity Portal. Individual Admin guides are also available for each service, offering detailed instructions on initiation and configuration. Furthermore, Check Point offers various educational resources to familiarize users with their solutions, including an online knowledge base, on-demand webinars, product videos, and online training sessions.; ; For an additional fee, Professional Services experts are available to assist with planning, design, implementation, optimization, and service handover.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The service does not store customer data; it solely retains security configuration and log data to generate reports on service functionality. Report information can be exported from the service web interface for archival purposes.
• End-of-contract process: If the contract is not renewed, service functionality, as described in the service features section, will cease on the expiration date. The service will remain accessible temporarily, but if not renewed within 90 days of expiration, it will be terminated, and all configurations will be deleted.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The Check Point Infinity Portal serves as the gateway to the service. This online platform encompasses the entire spectrum of security functionalities offered by the Check Point Infinity architecture. Through a single account, organizations gain control over their entire IT infrastructure, including networks, cloud, IoT, endpoints, and mobile devices, all from a unified console tailored to their subscribed services. The Portal ensures consistent security measures, providing centralized management and comprehensive visibility into threat landscapes.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Our service is B2B and currently is not tested according to EN 301 549 accessibility standards.
• API: Yes
• What users can and can't do using the API: The API is automatically activated within the environment, requiring users to generate a new API key for each desired service. While there are no published limitations, comprehensive feature lists and usage guides are available at the following URLs: https://sc1.checkpoint.com/documents/latest/api_reference/index.html & https://sc1.checkpoint.com/documents/latest/APIs/index.html. The Smart-1 Cloud API facilitates various operations, such as registering a gateway and accessing service information. For configuring and viewing security policies and objects in the Security Management, utilize the Management APIs.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: No
• Customisation available: No

Scaling

• Independence of resources: The service is constructed on public cloud infrastructure, seamlessly scaling to accommodate new users. Each service account is provisioned as a distinct tenancy, ensuring no interaction between tenancies.

Analytics

• Service usage metrics: Yes
• Metrics types: Check Point offers a public webpage displaying the operational status of all cloud-hosted services. Within the Smart-1 console, users gain comprehensive visibility into gateways, license status, errors, throughputs, patch levels, enabled security features, and real-time activity and VPN status and traffic monitoring. The logging view provides insights into security events through security policy rule logging, while Smart Event enhances this with rich insights. Moreover, users can create customized and automated reports for user activity, threat levels, bandwidth utilization, and more.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller (no extras)
• Organisation whose services are being resold: Check Point Software Technologies Ltd

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: The service does not hold customer data only security configuration and log data to generate reports on the service functionality. Report information can be exported from the service web interface in order to archive the information.
• Data export formats: Other
• Other data export formats: PDF
• Data import formats: Other
• Other data import formats: None. The service does not hold data.

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Information on availability and its calculation is outlined in the Terms of Service – Cloud Services; Infinity Portal Cloud End-user License Agreement. If the Monthly Service Availability or Monthly Service Latency falls below specified thresholds during a calendar month, users may request Service Credits to extend their current Service Term at no additional cost, as per the agreement. Detailed information on Service Availability, Service Latency, and Service Credits is available in section "4. Service Level" of the Terms of Service – Cloud Services; Infinity Portal Cloud End-user License Agreement, accessible at https://www.checkpoint.com/about-us/cloud-terms/.
• Approach to resilience: Service Availability Controls include redundant systems and networks across servicing components, load balancing for availability in case of component failure, and automatic failover to an alternate data center in case of data center failure. Customer account data such as policy, users, logs, and configurations are stored redundantly. Check Point enforces internal policies for backup data retention, with all data backed up at each data center on a rotating schedule of incremental and full backups.
• Outage reporting: The current and historical status of all Check Point services is available at https://status.checkpoint.com/. Users can access this page directly or from within the service portal. It provides information on status, uptime, historical data, incidents, and relevant post-incident reports. Users can subscribe to receive updates via email, SMS text message, Slack message, or RSS feed.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Role-based administration is employed to control access for authorized administrators within the service. Two types of admin roles exist: Global roles, which pertain to the entire Infinity Portal platform and all services within it, and Specific Service roles, which are specific to particular services. These service-specific roles complement global roles and do not supersede them.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: EGAC
• ISO/IEC 27001 accreditation date: 06/01/2024
• What the ISO/IEC 27001 doesn’t cover: NA
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • ISO 22301
  • ISO 20000-1
  • ISO 14000-1
  • ISO 9000-1

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Check Point implements a stringent information security process to safeguard customer confidential data from accidental loss or misuse, adhering to relevant laws and industry standards. Our security framework is based on rigorous internal security policies and standards covering critical business areas such as application development, data center services, cloud security, physical security, and change management processes. All employees undergo training in information security policies, standards, procedures, security requirements, business controls, and IT facility usage. Regular self-audits are conducted, and corrective measures are implemented as needed. Additionally, our security policies and standards undergo regular review, with 2-4 independent evaluations conducted on specific areas like source code review and SOX audits.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: For SOC 2 Compliance:; Change requests are logged in the Change Management tool and undergo review and approval by the Director of Operations. Emergency changes, part of hot fixes, follow a similar process albeit with potential expedited timelines and post-change approvals. Key personnel are promptly informed of any test failures, documented within the change management tool, and forwarded to the relevant personnel, including the Project Manager.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Check Point conducts monthly vulnerability scans and utilizes a centrally managed configuration system, enforcing predefined configurations and desired patch levels on servers. A defined Patch Management process exists, with employees trained in corporate security policies. Security monitoring encompasses internal research, external sources, and anonymous notifications.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Monitoring the production environment involves tools like Grafana and Sumo Logic, emphasizing a continuous monitoring approach. Check Point aims to mandate ongoing security control assessments aligned with the FedRAMP continuous monitoring strategy. Response to security vulnerabilities and issues involves fixing, remediating, or implementing mitigating controls to reduce risk. The Check Point CISO team leverages continuous monitoring and assessments for FedRAMP reports.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: In case of a security incident, Check Point's security team leads investigation and response efforts. Clear risk and damage assessment procedures define the required SLA to resolve any security incident. The Information Security Manager and other relevant managers coordinate security response activities, including containment, investigation, infrastructure securing, reporting, closure, and follow-up. Check Point adheres to applicable laws and industry standards, including mandatory notifications.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Our G-Cloud service provision is deeply committed to fighting climate change, recognizing the urgent need for collective action to address environmental challenges. Here's how our services deliver against this social value theme: ; ; Environmental Sustainability in Operations: ; ; We prioritize running efficient operations to reduce emissions and minimize environmental impacts. This includes implementing energy-efficient practices, optimizing resource usage, and adopting renewable energy sources wherever possible within our data centers and infrastructure. ; ; Promoting Sustainable Practices: ; ; VE3 actively engages with our suppliers and clients to promote sustainable business practices. Through our services, we advocate for the adoption of environmentally friendly technologies, responsible sourcing, and waste reduction strategies, thereby reducing carbon footprints across the supply chain. ; ; Responsible by Design Framework: ; ; Our G-Cloud services adhere to a 'Responsible by Design' framework, ensuring that environmental considerations are integrated into the development and deployment of digital solutions. By prioritizing environmental protection and minimizing negative impacts, we strive to deliver sustainable outcomes for our clients. ; ; Training and Education: ; ; VE3 invests in training and education programs focused on environmental sustainability. Through initiatives like the Sustainability Quotient (SQ) training, we equip our teams with the knowledge and skills to adopt climate-smart behaviors and implement environmentally conscious practices in their work. ; ; Community Engagement: ; ; We actively engage with communities to support environmental objectives and promote climate action. By partnering with local organizations and stakeholders, we contribute to initiatives aimed at addressing climate change, such as tree planting programs, clean energy projects, and environmental education campaigns.

  Covid-19 recovery

  Our G-Cloud service provision plays a crucial role in supporting the COVID-19 recovery effort by facilitating resilience, adaptation, and innovation in the face of unprecedented challenges. Here's how our services contribute to the recovery process: ; ; Remote Work Enablement: ; ; VE3's digital solutions empower organizations to transition to remote work seamlessly. By providing secure and reliable cloud-based infrastructure, collaboration tools, and remote access solutions, we enable businesses to maintain productivity while ensuring the safety and well-being of their employees. ; ; Business Continuity Planning: ; ; We assist organizations in developing and implementing robust business continuity plans to mitigate disruptions caused by the pandemic. Our services include data backup and recovery solutions, disaster recovery planning, and resilience testing to ensure operational continuity in the face of unforeseen events. ; ; Digital Transformation Acceleration: ; ; VE3 accelerates digital transformation initiatives to help organizations adapt to the new normal. By modernizing legacy systems, implementing cloud-based technologies, and digitizing processes, we enable businesses to optimize efficiency, improve agility, and remain competitive in a rapidly evolving landscape. ; ; Healthcare Support Solutions: ; ; We provide specialized healthcare support solutions to assist frontline workers and healthcare organizations in responding to the COVID-19 crisis. This includes telemedicine platforms, patient management systems, and data analytics tools to enhance patient care, streamline operations, and support decision-making processes. ; ; Economic Stimulus through Innovation: ; ; VE3 fosters innovation and entrepreneurship to stimulate economic recovery in the aftermath of the pandemic. Through our G-Cloud services, we support startups, small businesses, and enterprises in developing and deploying innovative solutions that address emerging challenges, create new opportunities, and drive economic growth.

  Tackling economic inequality

  We recognize the importance of tackling economic inequality and are committed to leveraging our G-Cloud service provision to address this pressing social issue. Here's how our services contribute to tackling economic inequality: ; ; Access to Affordable Technology: ; ; We strive to make cutting-edge technology accessible and affordable to all, regardless of economic status. By offering scalable and cost-effective cloud-based solutions, we enable organizations, including small and medium-sized enterprises (SMEs) and underserved communities, to access the tools and resources they need to compete in the digital economy. ; ; Skills Development and Training: ; ; VE3 invests in skills development and training programs to empower individuals with the knowledge and expertise needed to thrive in the digital age. Through initiatives like online courses, certifications, and workshops, we equip people from diverse backgrounds with the skills required for high-demand roles in technology and innovation, thereby enhancing their employability and economic prospects. ; ; Support for Minority-Owned Businesses: ; ; We actively support minority-owned businesses and entrepreneurs by providing access to mentorship, networking opportunities, and resources to help them grow and succeed. Through initiatives like supplier diversity programs and partnerships with minority business organizations, we promote inclusion and diversity in the technology sector and contribute to creating more equitable economic opportunities. ; ; Digital Inclusion Initiatives: ; ; VE3 is committed to promoting digital inclusion and bridging the digital divide by ensuring that everyone has access to essential digital services and technologies. We collaborate with governments, nonprofits, and community organizations to implement initiatives such as digital literacy programs, affordable internet access schemes, and community technology centers, thereby empowering underserved populations and promoting economic equity. ; ; Fair and Transparent Procurement Practices: ; ; We adhere to fair and transparent procurement practices to create opportunities for businesses of all sizes and backgrounds to participate in government contracts and procurement processes.

  Equal opportunity

  We recognize the importance of tackling economic inequality and are committed to leveraging our G-Cloud service provision to address this pressing social issue. Here's how our services contribute to tackling economic inequality: ; ; Access to Affordable Technology: ; ; We strive to make cutting-edge technology accessible and affordable to all, regardless of economic status. By offering scalable and cost-effective cloud-based solutions, we enable organizations, including small and medium-sized enterprises (SMEs) and underserved communities, to access the tools and resources they need to compete in the digital economy. ; ; Skills Development and Training: ; ; VE3 invests in skills development and training programs to empower individuals with the knowledge and expertise needed to thrive in the digital age. Through initiatives like online courses, certifications, and workshops, we equip people from diverse backgrounds with the skills required for high-demand roles in technology and innovation, thereby enhancing their employability and economic prospects. ; ; Support for Minority-Owned Businesses: ; ; We actively support minority-owned businesses and entrepreneurs by providing access to mentorship, networking opportunities, and resources to help them grow and succeed. Through initiatives like supplier diversity programs and partnerships with minority business organizations, we promote inclusion and diversity in the technology sector and contribute to creating more equitable economic opportunities. ; ; Digital Inclusion Initiatives: ; ; VE3 is committed to promoting digital inclusion and bridging the digital divide by ensuring that everyone has access to essential digital services and technologies. We collaborate with governments, nonprofits, and community organizations to implement initiatives such as digital literacy programs, affordable internet access schemes, and community technology centers, thereby empowering underserved populations and promoting economic equity. ; ; Fair and Transparent Procurement Practices: ; ; We adhere to fair and transparent procurement practices to create opportunities for businesses of all sizes and backgrounds to participate in government contracts and procurement processes.

  Wellbeing

  Environmental Sustainability: ; ; We are committed to environmental sustainability as a core component of wellbeing. By prioritizing eco-friendly practices, resource conservation, and carbon reduction efforts in our operations and services, we contribute to creating a healthier and more sustainable environment. We prioritize the wellbeing of individuals and communities in all aspects of our G-Cloud service provision. Here's how our services contribute to enhancing wellbeing: ; ; User-Centric Design: ; ; VE3 designs our G-Cloud services with a user-centric approach, prioritizing usability, accessibility, and intuitive design. By focusing on the needs and preferences of users, we create digital experiences that enhance overall wellbeing by reducing frustration, stress, and cognitive load. ; ; Health and Safety Protocols: ; ; We implement robust health and safety protocols to protect the wellbeing of employees, clients, and partners. This includes adherence to strict security standards, data privacy regulations, and compliance with industry best practices to ensure the safety and integrity of our digital infrastructure and services. ; ; Promotion of Work-Life Balance: ; ; VE3 recognizes the importance of work-life balance in maintaining overall wellbeing. Through our G-Cloud services, we enable remote work, flexible scheduling, and collaboration tools that empower individuals to achieve a healthy balance between their professional and personal lives, leading to greater job satisfaction and wellbeing. ; ; Mental Health Support: ; ; We prioritize mental health support for our employees and clients by offering resources, programs, and initiatives aimed at promoting mental wellbeing. This includes access to counseling services, mindfulness training, stress management workshops, and employee assistance programs designed to support individuals in times of need. ; ; Community Engagement and Social Impact: ; ; VE3 actively engages with communities to address social determinants of health and promote holistic wellbeing. Through partnerships, philanthropic initiatives, and volunteer efforts, we support local organizations and projects focused on improving access to healthcare, education, housing, and other essential services that contribute to overall community wellbeing.

Pricing

• Price: £175 to £850 a unit
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at prime@ve3.global. Tell them what format you need. It will help if you say what assistive technology you use.