Skip to main content

Help us improve the Digital Marketplace - send your feedback

Netcraft

DMARC Processing and Visualisation

DMARC is part of a portfolio of tools recommended by the NCSC that improves email security and can prevent your domains being spoofed. Netcraft’s DMARC service will provide the information you need to confidently move to a reject policy to prevent abuse, whilst not interfering with legitimate mail delivery.

Features

  • Processing of DMARC Forensic Reports
  • Processing of DMARC Aggregate Reports
  • Web interface that visualises the DMARC reports
  • Monitoring of the SPF and DMARC status for your domains
  • Alerts when SPF and DMARC policies are invalid
  • Alerts when new trends are identified
  • Detailed view of all your email domains

Benefits

  • Web based with 24/7 access
  • Prevent spoofing of your domains
  • Detection of phishing attacks spoofing your domains
  • Detection of malware attacks spoofing your domains

Pricing

£36,000 an instance a year

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at rad@netcraft.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

8 9 0 9 3 2 0 8 7 7 3 9 4 4 7

Contact

Netcraft Robert Duncan
Telephone: 01225 447500
Email: rad@netcraft.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
All modern web browsers supported.
System requirements
Web Browser

User support

Email or online ticketing support
Email or online ticketing
Support response times
Support is available 24/7
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Support is provided by electronic mail and telephone.
Support available to third parties
No

Onboarding and offboarding

Getting started
We provide online documentation, and also can provide a video call demonstration of the portal to answer any questions.
Service documentation
Yes
Documentation formats
HTML
End-of-contract data extraction
N/A
End-of-contract process
N/A

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Responsive Design
Service interface
Yes
User support accessibility
None or don’t know
Description of service interface
Web based interface
Accessibility standards
None or don’t know
Description of accessibility
N/A
Accessibility testing
N/A
API
No
Customisation available
No

Scaling

Independence of resources
We scale our applications to account for load placed by all customers.

Analytics

Service usage metrics
No

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
No
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
Less than once a year
Penetration testing approach
In-house
Protecting data at rest
Other
Other data at rest protection approach
We physically secure access to our data centre and backup media.
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
N/A
Data export formats
Other
Other data export formats
None
Data import formats
Other
Other data import formats
Not Applicable

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
If the Service is unavailable continuously for 3 (three) days or unavailable for an aggregate of 120 (one hundred and twenty) hours within the Subscription Period the customer may terminate the Service and receive a pro-rata refund for the unused period.
Approach to resilience
Available on request
Outage reporting
Email alerts

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
User Account Authentication, Multi Factor Authentication, IP ACLs
Access restriction testing frequency
At least once a year
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
You control when users can access audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
You control when users can access audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
Risk based approach.
Information security policies and processes
Defined in our internal Policies and Procedures document

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
We have an internal change management process
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Netcraft is a PCI approved scanning provider, and tests its own infrastructure. Patches are applied as appropriate.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Netcraft has a Security Incident Detection and Remediation programme.
Incident management type
Supplier-defined controls
Incident management approach
We have an internal policy for handing incidents.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Social Value

Tackling economic inequality

Tackling economic inequality

Netcraft recognises the problem of economic inequality, and where it is possible and reasonable seeks to address it through 1) the creation of new jobs and skills and 2) by increasing its supply chain resilience and capacity:

Netcraft is proud of the employment opportunities it creates and the training it provide its employees to address the skills-gaps in the cybersecurity sector.

As an equal opportunities employer, the employment opportunities Netcraft creates are open to those who historically have faced barriers to employment, or come from deprived areas.

Netcraft supports innovation throughout their supply chain such that they can deliver higher quality goods and services.

Netcraft conducts all its business in an honest and ethical manner, and are committed to acting professionally, fairly and with integrity in all their business dealings and relationships.

Netcraft takes action to identify and manage any cyber risks that arise in the delivery of the services it provides.

Pricing

Price
£36,000 an instance a year
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
We can offer a 14 day trial of the service.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at rad@netcraft.com. Tell them what format you need. It will help if you say what assistive technology you use.