Cyberfort Ltd

Managed Network Services

Cyberfort's Managed Network Services offer customisable connectivity solutions tailored to your requirements. Whether it's managed networks, firewalls, private MPLS links, DDoS protection, or load balancing, we collaborate to design and construct a secure, interconnected network, empowering your business with reliability and flexibility.

Features

• Multiple WAF provisions, including up-to-date OWASP Top 10 remediation
• DDoS protection to shield against malicious traffic
• Highly resilient Internet Transit from Cyberfort's UK Data Centres
• Managed WAN with dedicated traffic connectivity between your locations
• Global Server Load Balancing to optimise traffic performance
• Managed, highly-available firewalls, switches and load balancers
• IPSec and SSL VPN provision and management
• Monitor network performance to identify and address potential issues
• Dedicated Cloud Connect Networks to AWS and Azure platforms

Benefits

• Safeguard against disruptive attacks for uninterrupted network operations
• 24x7x365 monitoring by our ever-vigilant, UK-based Operations Team
• Work with a trusted partner to reduce infrastructure management overhead
• Customised platforms designed around your operational and security requirements
• Confidence of environment being protected with physical and digital security
• Platform will be kept secure with scheduled security patch deployment
• Dedicated hardware means no performance/security impact from other customers
• Additional hardware can be added to meet increased requirements
• Assured UK data residency and sovereignty

£0.01 an instance a month

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidmanagement@cyberfortgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

915080518414124

Contact

Cyberfort Bid Team
01635 015600
bidmanagement@cyberfortgroup.com

Service scope

• Service constraints: The service is fully customisable on request to meet the customer's requirements. There will be periodic requirements for patching and updates, but the customer can decide the schedule for any time or day 24/7/365.
• System requirements: None

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Cyberfort’s Service Desk operates 24x7x365 and is the primary point of contact, undertaking initial triaging of any service requests, incidents, or events directly with the client. ; ; A ticket number is issued with an initial response within 15-minutes of logging a query. ; ; Resolution time goals will be calculated in accordance with a priority matrix.; ; Please refer to our Service Definition, for more details on our service response times and commitments.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Cyberfort’s service management model is designed to meet ISO 9001 and ISO 27001 guidelines and has been established in alignment with ITILv3 service management processes. ; ; We recognise that to support your business operational requirements we need to have in place the right team structure, governance and engagement processes. ; ; Our Standard Operating Procedures includes:; • Cyberfort’s Service Desk operates 24 hours a day 365 days a year and is primary point of contact for any incidents, requests or escalations.; • The Cyberfort Service Desk team will proactively manage all support calls to resolution, escalating incidents and problems in line with comprehensive operational level agreements, service level agreements and any third-party underpinning contracts.; • We place significant importance on the support and service management function that is provided for each contract according to operational requirements. ; • This is integrated into contracts and built into the price.; • Ongoing support and management will be led by a dedicated Account Manager supported by Service Delivery Manager, Technical Champion, and our team of specialists and subject matter experts.; ; Please refer to our Service Definition, for more details on our service management and commitments.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Cyberfort applies the core principle of providing you with an assured and auditable approach to the design and delivery of our services. We take a “one team” approach, working with clients, engaging with stakeholders, and focusing on business objectives, to build relationships that are conducive to agile delivery of project outcomes. ; Service initiation and on-boarding are covered during project delivery to ensure customers maximise the value of their investment, and include the following elements: ; • ‘Welcome Pack’ containing details of the service, key contacts, processes and services to be aware of. ; • Project/Delivery Manager will lead a Project-Kick Off meeting with the client. ; • A ‘Delivery and Implementation Plan’, defining project specific deliverables, dependencies, resource requirements and timeframes. ; • Scheduled reporting, validation and agreement of all project deliverables at key milestones. ; • Full risk assessment conducted across all aspects of the project. ; • Operational Acceptance to ensure services are introduced consistently and efficiently. Including introductory usage of the service where applicable to ensure customers maximise the value of their investment.; ; Additional, focused training is available at an extra cost. ; Please refer to our Service Definition, for more details on our Customer Lifecycle approach.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Where customers are able to extract their data through their own methods, they are free to do so. ; Customers have the option to download vAPP's as OVA. Can be restricted by role type.; Customers are not able export their servers to a OVF format and download to their local machines.; Cyberfort can assist in bulk data extraction although this may incur additional costs if specialised hardware or software is required. ; Cyberfort will purge and destroy customer data from it's own equipment upon contract termination in accordance with it's ISO27001 policies. ; Additional data destruction measures may be pre-agreed with the client in advance and may incur additional costs.
• End-of-contract process: Clients can choose to ‘off-board’ services from Cyberfort as follows: ; • Provide three months' notice in writing (to expire on or after the Initial Term), to their account manager (directly or via the Service Desk), who will assist in arranging any required off-boarding services and the deletion of client data. ; • Once the required works are agreed and the client has exported any of their data where applicable, Cyberfort will shut down and destroy any remaining services. ; • Fees may apply for off-boarding technical work and process management.

Using the service

• Web browser interface: Yes
• Using the web interface: The available web interface is dependent on the managed network service, for example a real-time dashboard is available with Web Application Firewall (WAF) implementations to provide analysis and monitoring of the traffic.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: N/A
• Web interface accessibility testing: N/A
• API: Yes
• What users can and can't do using the API: The available APIs are dependent on the managed network service, for example RESTful configuration API with Git support is available for Web Application Firewall (WAF) implementations.
• API automation tools:
  • Ansible
  • Chef
  • OpenStack
  • SaltStack
  • Terraform
  • Puppet
• API documentation: No
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
• Using the command line interface: Users can use the command lines to run commands for monitoring and management

Scaling

• Scaling available: No
• Independence of resources: Physical resources are reserved for the sole use of a single customer.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • HTTP request and response status
  • Network
  • Number of active instances
• Reporting types:
  • API access
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Network switch
  • Firewall
  • Config files
  • Monitoring configurations
• Backup controls: Solution is tailored to customer requirements
• Datacentre setup: Multiple datacentres
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: SSH encryption.

Availability and resilience

• Guaranteed availability: Service availability achieved within any month shall be calculated monthly as follows: (Total online hours of availability – service downtime) x 100% Total online hours of availability.; ; Power Core Service Level - A service level of 100% for power to the data centre; Connectivity Core Service Level - A service level of 99.5% for connectivity to the network port on the data centre ; ; The service availability calculation above will exclude any time which occurred as a result of events outside the control of Cyberfort. In the event the target service availability level is not achieved when measured over a monthly period, the following service credits shall apply: For each full percentage point (1%) by which the availability in any month is reduced below the target availability, a service credit shall be due which is equal to 5% of the monthly charge for the affected service line subject to a maximum of 100% of the affected service line for the month.
• Approach to resilience: Cyberfort has two data centres in geographically separate locations. This enables Cyberfort to offer solutions such as infrastructure mirroring or a warm standby environment, both available should your primary environment become unavailable for any reason. Cyberfort data centres are linked to one another and to the Internet via fully redundant diverse circuits. ; Customer Environments are deployed according to the specific requirements of the customer.; ; Datacentre infrastructure is designed in a N+1 or N+N depending on requirements or infrastructure type. ; ; Network ISP services are deployed in a N+N configuration. 5 independent Internet Service Provider (ISP) links are provided from Tier1 London data centres. ; ; Power & A/C ; 2×11,000 Volt HV Feeds. Primary feed direct from national grid sub-station ; 3 generators run as a synchronised set at N+1 with two capable of supporting the entire site load.; Various UPS systems capable of supplying dual UPS feeds ; N+1 chilled water system, with zoned hotspot directional air provision sensors; ; Communications; Carrier Neutral Facility ; Multiple Internet Service Providers; Diverse Independent Risers from highway to data floors; Choice of ISP’s/Telecommunications providers; Satellite dish and Microwave space available
• Outage reporting: Cyberfort's services continuously monitored by the Network Operations Centre with alerts responded to by the Cyberfort technical support teams. Customer notifications are managed via our ticketing system and via Email.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Other user authentication: Solution is tailored to customer requirements
• Access restrictions in management interfaces and support channels: Management interfaces are protected by TLS VPN using pre-shared keys and TLS client certificates. IP-based Access Control Lists can be implemented to control source of VPN connections.; Service Management networks are isolated from user/customer networks, with specific access rules and user-traceable accounts used throughout.; Access to management interface is controlled/restricted with combination of permission groups, roles and network segregation. Only named individuals can gain authorised access to the services management functionality.; MFA is a requirement of the service. VPN-only access can be setup.; SSO strongly recommended.; Support tickets must be raised by pre-identified individuals, and authenticated by Cyberfort
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Description of management access authentication: Solution is tailored to customer requirements.
• Devices users manage the service through:
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: Current certification accredited: 15/04/2024-17/04/2024
• What the ISO/IEC 27001 doesn’t cover: Cyberfort was first registered to ISO27001 in August 2019. At our recertification audit in 2023, there were no nonconformities or observations. 2024 Continual assessment visit resulted in no nonconformities or observations.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: 2 Sec Consulting
• PCI DSS accreditation date: Current certification accredited on: 09/10/2023
• What the PCI DSS doesn’t cover: Requirement 3 Requirement 4 Appendix A1 Appendix A2
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • NHS Data Security and Protection Toolkit
  • NCSC IT Health - CHECK Service Provider
  • CREST Cyber Incident Response, Vulnerability Assessment & Penetration Testing
  • NCSC Assured Cybersecurity Consultancy - Risk Assessment/Management, Audit & Review

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ISO/IEC 9001; ISO/IEC 14001; ISO/IEC 45001; Cyber Essentials Plus; PCI DSS

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Cyberfort's change management policy is documented and audited as part of our ISO27001 accreditation and ensures all changes are auditable and subject to the correct level of scrutiny based on the potential risk and impact.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Cyberfort use continual vulnerability monitoring to alert us to threats in realtime and in the face of constant changes to our services. An annual infrastructure assessment is commissioned to perform more detailed analysis. Vulnerabilities rated critical or high are patched or mitigated within 14 days, and those rated medium and low are patched or mitigated within 30 days
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Cyberfort deploy next generation endpoint security agents which constantly assess the behaviour of the servers and endpoints for malicious or threatening activity. Threats are notified to out 24x7x365 Service Desk for remediation.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Cyberfort operate ISO27001 and ITIL process for Incident Management, with defined paths for escalation which are dependant on Impact and Urgency. Users can report Incidents by Email, Telephone or Self Service Portal. Incident Reports are provided via Email.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Cyberfort support and act on fighting climate change through our Environmental Management System (EMS) which meets the requirements of our ISO:14001 certification. We have initiated programs designed to increase the energy efficiency of our operations, reduce waste, and protect the environment in communities where we work. Our environmental goals and achievements are published in our Carbon Reduction Plan (CRP), which is aligned to the requirements of CCS PPN 06/21. ; Our social value strategy addresses MAC 4.1 & 4.2 with the following commitments: ; Effective stewardship of the environment; We are committed to become a net-zero and environmentally conscious company by conserving energy, minimising consumption, reducing, and preferring low pollution materials, maximising environmental efficiency, whilst ensuring waste is managed and controlled. ; We support our environmental targets with the following initiatives: ; • Continue to reduce our carbon emissions, including 100% renewable energy, power saving modes, light replacement programmes, hybrid/remote working and cycle to work incentives. ; • Reduce water consumption, including water filter systems off the mains instead of using water providers, consider Water Butts around site as an alternative for gardening, and detection of increased water consumption to identify any leaks in facilities. ; • Adopt strategies to promote, reuse, recycle, recover energy and disposal of waste sent to landfill, including initiatives to reduce our plastic waste and targets for recycling of waste. ; • Deliver initiatives to support our environments, ensuring that we are protecting and encouraging native plants and wildlife. We’ve already introduced a small flock of sheep to our Ash site to help make our site more environmentally friendly, and at our Newbury site we limit operations to specific times to ensure protection of nightjars which is a protected wildlife species. ; • Consider who we purchase goods and services from ensuring providers are targeting net-zero initiatives and offer sustainable product and services

  Covid-19 recovery

  Cyberfort support and act on Covid-19 recovery by encompassing initiatives that force for positive change. We have aligned the activities of our business by considering sustainability through the decisions we make as a business, including the way we operate, employ staff, engage with communities, and procure products and services, allowing us to cultivate a more sustainable, resilient, and inclusive society.; Our social value strategy addresses MAC 1.1, 1.3, 1.4 & 1.5 with the following commitments: ; Help local communities to manage and recover from the impact of COVID-19; We support Covid-19 recovery with the following initiatives: ; • Throughout the pandemic and to date we’ve maintained a recruitment drive, often offering positions to individuals affected by the impacts of Covid-19 in the industry.; • We upskill people new to Cyber via supporting Apprenticeship schemes.; • We remove any barriers for disadvantaged groups by adjusting our recruitment and selection processes and excluding bias.

  Tackling economic inequality

  Cyberfort support and act on tackle economic inequality, through supporting new businesses, new employment opportunities and development of new skills. ; Our social value strategy addresses MAC 2.2 & 2.3 with the following commitments: ; Create new businesses, new jobs and new skills; We are committed to ensuring that everyone is given the opportunity to develop in accordance with their ability, ambition and opportunities available, providing recruitment, training, development and progression opportunities to encourage everyone to reach their fullest potential.; We support tackling economic inequality with the following initiatives: ; • Attract, recruit, develop and retain the very best people at all levels.; • Upskill people new to Cyber via supporting Apprenticeship schemes.; • Actively support educational attainment across our workforce, including training to address skills gaps resulting in recognised qualifications.; • Support young people in the development of their passion for technology, introducing them to cybersecurity, and providing initiatives that support schools

  Equal opportunity

  Cyberfort support and act on equal opportunities, fostering an inclusive culture that values people as individuals with diverse opinions, cultures, lifestyles and circumstances. All employees are covered by our Equality, Diversity & Inclusion Policy, which applies to all areas of employment including recruitment, selection, training, deployment, career development, and promotion. ; Our social value strategy addresses MAC 5.1 & 5.2 with the following commitments: ; Reduce the disability employment gap; We support the disability employment gap with the following initiatives: ; • We are signatories of the Armed Forces Covenant.; • We are a Disability Confident Employer and founding members of Neurodiversity in Business. ; • Our recruitment practices ensure we are disarming any barriers people with disabilities may face in the hiring process.; • Developing and supporting people with disabilities in gaining the skills they need to succeed.

  Wellbeing

  Cyberfort support and act on health and wellbeing through our Occupational Health and Safety (OH&S) policy in alignment with our ISO:45001 certification. We actively work on initiatives to promote health and wellbeing in the workplace, ensuring all our people have healthy lifestyles, thrive, and that they feel supported with the tools they need from us to be at their best. ; Our social value strategy addresses MAC 7.1 & 7.2 with the following commitments: ; Ensuring positive physical and mental health in the workforce, ensuring our people have healthy lifestyles.; We support our workforce with the following initiatives: ; • Mental Health First Aiders – We have 9 fully trained Mental Health First Aiders within our workforce. ; • Wellbeing Benefits – we provide confidential, and free-of-charge, support and benefits to all, including confidential counselling and support service available 24/7, 365 days a year and Private Medical Insurance with extra to cover employees for Mental Health support.; • Our Wellbeing Hub (on the Cyberfort SharePoint) provides various resources, self-help tools and guides to help individuals stay well and includes any

Pricing

• Price: £0.01 an instance a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidmanagement@cyberfortgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.