MONTVIEUX LIMITED

Montvieux ASAIR Range Service

The Montvieux ASAIR Service consists of ranges able to blueprint behaviour and interactions, then faithfully recreate these networks using Artificial Intelligence techniques within an emulated environment. It is delivered as a fully managed service, accessible to end users via secure web connection.

Features

• Off-line recreation of complex and realistic environment
• Fully Managed Service, including on-site support during exercise
• Can blueprint and realistically replicate actors within emulated environment
• Multiple emulations can be run in parallel
• Emulations can be run at faster than real-time, and replayed
• Multiple parallel agent groupings are supported in each emulation
• Analytics provided, can be integrated with 3rd party services
• Web service with no client-side installation needed
• EXCON tool for user control, including network structures
• Historical view of activity / performance through custom dashboards

Benefits

• Highly realistic and safe environment for training and exercise
• Emulates the scale and noise of the real world
• Provides a platform for measurement of information effect
• AI-based synthetic agents with realistic behaviours and reactions
• Not subject to 3rd party terms of service limitations
• Can be accessed from Client’s own Internet infrastructure
• Training is provided
• Delivered as a fully managed, end-to-end service
• On-site support during exercise available
• Cloud hosted – eliminating client install requirements

£25,000.00 a unit a month

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at frameworks@montvieux.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

830962565827502

Contact

John McQueen
01684273832
frameworks@montvieux.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: N/A
• System requirements: N/A

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Normal Business Hours cover Monday to Friday over the hours of 09:00 - 17:00; ; Between 2 hrs and 7 hrs depending upon the Fault level
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Normal Business Hours Monday to Friday over the hours of 09:00 - 17:00
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Introductory onsite training and user guides.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: No customer data will be held after the end of contract unless otherwise agreed via the contract to meet legal, regulatory or statutory requirements.
• End-of-contract process: End of contract process is agreed with the customer to meet all Legal, Regulatory, Statutory, and Corporate requirements. Where Corporate requirements exceed those identified to meet all Legal, Regulatory and Statutory requirements and those in place by Montvieux Limited, additional costs will be identified as part of the contracting process and through life management of the contract.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: Fully customisable service which can be tailored to meet specific deployment requirements.

Scaling

• Independence of resources: The service can be elastically scaled dependent upon User requirements.

Analytics

• Service usage metrics: Yes
• Metrics types: This service offering includes the provision of service refinement, reference infrastructure, updates/upgrade to maintain the core service. Help Desk, Fault Resolution, monitoring of services, usage statistics and service review meetings.
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: An intuitive data export process is provided.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats: Various dependent upon content
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats: Various depending upon content

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Monthly Uptime Percentage of at least 99% during Normal Business hours. See Service Definition Document for further information.
• Approach to resilience: Available upon request.
• Outage reporting: Email Alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: All management interfaces are only accessible via username and password protected IPSEC VPN's
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users receive audit information on a regular basis
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Available upon request.
• Information security policies and processes: Available upon request.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Version control is applied to all software components, documentation and processes.; ; All changes are assessed against design documentation and threat intelligence to identify potential security impacts.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Potential threats are identified from a range of threat intelligence sources including CVE advisories and other leading sources.; ; Patches are automatically applied to services.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Automated monitoring tools are used to provide a high availability and high performance. Proactive monitoring is used to alert when key metrics exceed defined threshold. Audit logging and intrusion detection is provided for the core service.; ; Potential compromises are assessed for criticality and resolved in line with fault resolution procedures.; ; Incidents are resolved in line with the Fault Resolution levels detailed within the Service Definition Document.
• Incident management type: Supplier-defined controls
• Incident management approach: Incident management processes follow industry standard best practice for capturing and managing events.; ; Users are able to report incidents via the service Helpdesk.; ; Incident reports are provided via monthly service reports and service tickets for individual items.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Montvieux has a carbon reduction policy based on 2019 baseline figures, with a plan underway to achieve net zero by 2040, 10 years ahead of the government's target. The plan has created a difference of 7tCO2e between 2019 and 2022, a 20% reduction. Below are examples of benefits we could deliver through the framework:; ; Build workforce awareness of the impact of their decisions - add carbon reduction to our mandatory company training days.; Procure increasing amounts of renewable energy for our sites.; Procure/rent goods and services from companies that have a carbon footprint reduction plan e.g. Amazon Web Services or company laptops are made by Apple® (Apple® intends for all products to be carbon neutral by 2030).; Monitor and reduce business travel through effective management/policies.; ; We will look at ways we can reduce energy consumption per head. We have recently been through a large growth spell, which has made this less manageable but moving forward this is something we can focus on.

  Equal opportunity

  Montvieux has an equal opportunities policy that is updated yearly and shared with all employees who are required to formally acknowledge that they understand their responsibility. We offer inclusive and accessible recruitment practices and we provide the ability to work from anywhere through remote and hybrid roles with completely flexible working hours. Our roles all come with a pay grade, based on skills alone, so there is equal pay within the same roles. We have a skills matrix and all employees are invited to request training they want to complete, managing their own development with support. We hold training days and guild days which are accessible for everyone involved and we train up tech leads internally - our youngest trainee is a 23 year old female.

  Wellbeing

  Montvieux has created constellation groups, a home/group of employees to connect to, that can share information and look after each other. We have an employee wellbeing owner and have recently increased our benefits to ensure that everyone has access to a health cash plan that includes a helpline and 8 free counselling sessions should they be needed.; ; We hold company training days where employees showcase the work they are doing, learn about activities within the company and have fun. (i.e. colouring competitions, quizzes.) We hold multiple socials and run social channels at work to make it easy for like-minded people to connect. We arrange physical activities after a training day and then all get together for bonding/dinner in the evening. We run Guild days, allowing employees with interests in portfolio areas (i.e reinforcement learning), to get together, learn and train within company time and we have mental health first aiders within the company and hold a mental health talk every year.

Pricing

• Price: £25,000.00 a unit a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: A limited trial service may be offered for a reduced fee.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at frameworks@montvieux.com. Tell them what format you need. It will help if you say what assistive technology you use.