Skip to main content

Help us improve the Digital Marketplace - send your feedback

GTT - EMEA LTD.

Managed Firewall & SSE

GTT's Managed Firewall and SSE Services are cybersecurity solutions designed to fortify against evolving cyber threats. They combine advanced firewall technology and SSE tools including ZTNA, CASB, FWaaS and SWG, with highly trained security professionals to establish robust, proactive defences, and ensure the integrity of company assets against Internet-based threats.

Features

  • ISO, SOC2, CREST and PCI certified with SC cleared personnel
  • Expert configuration and deployment by skilled security professionals
  • Continuous monitoring and management with co-management options
  • All licensing, hardware assurance, regular updates and patch management
  • Security policy optimisation to industry best practice and compliance standards
  • Multi-environment support – on-prem, datacentres and cloud ecosystems
  • Scalability and flexibility to meet the customer threat landscape
  • Log retention and reporting offering valuable insights into network security
  • Single Stack SSE powered by Fortinet-ZTNA, CASB, FWaaS, SWG
  • Palo Alto Prisma SASE with GTT SD-WAN capabilities

Benefits

  • Secure Access–whether on-prem, the datacentre or in the cloud
  • Visibility–reporting insights into network activities, applications, websites, VPN usage
  • Control–take proactive measures to control activities and maximise productivity
  • Enhance the security posture, limit downtime, meet compliance challenges
  • Limit downtime from network outages and damaging cyber-attacks
  • Free up internal valuable resources to focus on business initiatives
  • Immediate value realisation of the security investment
  • Flexible deployment options–on-prem, datacentre or in the cloud
  • Technical Manager and Concierge on-boarding to hand hold deployment
  • Managed Firewall, SSE, SASE–all available with GTT Managed Services

Pricing

£175 to £2,000 an instance a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at fionn.coffey@gtt.net. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

9 8 8 9 1 7 0 1 7 5 4 0 6 0 2

Contact

GTT - EMEA LTD. Fionn Coffey
Telephone: 01158961812
Email: fionn.coffey@gtt.net

Service scope

Service constraints
No Constraints
System requirements
  • The service is fully managed by GTT
  • Management includes the underlying VM layer

User support

Email or online ticketing support
Email or online ticketing
Support response times
Assistance from GTT's engineers is available Monday to Friday, 09:00 to 19:00 CET, via VDC Support Chat. If there is an incident with the service whereby service degradation is observed, or SLA breached then GTT’s Customer Support Centre should be contacted to raise an Incident Ticket to track resolution of the incident. The CSC is available continuously, 24x7x365.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
Live Chat is available to assist clients with the use of the customer webbased portal which provides:
· Reporting
· Invoices and CDRs
· User Management
· Search and Filter
· Incidents and Requests
· Orders
· Alarms
· Performance Monitoring
· Secure customer Access
· Service Level Agreements
In addition Live Chat is available to answer user specific queries relating to the product or service purchased.
Web chat accessibility testing
Whilst GTT does not have any record of documented testing with assisted users, we own the technology which provides our web chat facility and would therefore be in a position to develop a solution to meet the individual needs of an assisted technology user.
Onsite support
No
Support levels
Includes remote monitoring and management for all clients, provided on a fixed cost basis.

GTT also provide our clients with both service management and technical management, the extent of which is determined on a individual customer basis.

GTT are able to provide a variety of service levels up to and including 99.99% availability. As standard GTT operate a 24x7x365 maintenance and management service.
GTT operate to IS020000 and within the ITIL framework ensuring consistency of service to all customers.
Other KPI's include proactive spot rates, telephony response times, accuracy of reporting and overall customer experience.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
GTT provides a flexible approach allowing customers to purchase some or all services covered by our solution, the level of support therefore varies depending on the solution taken.
Options for clients include on-line and on-site training and extensive user documentation /guides. In addition all clients are provided with a service manual which contains details on both how to use the service, report incidents and access statistical data including management reporting.
GTT also provides a forum for clients across our entire base to share information and experiences and provide and feedback.
Service documentation
Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction
GTT provides assistance for clients when exiting the service. This can include providing the physical infrastructure where the data resides and/or providing temporary connectivity links designed to allow the customer to electronically transfer the data to the new service.
GTT will work with the customer to develop and agree an exit plan which will detail the resources required and the assistance provided to ensure a smooth transition to the new service provider.
Our typical approach is to provide customers with a rate card for Professional Services ensuring the financial implications of exit can be fully understood.
End-of-contract process
GTT can assist by providing professional services including project management, service management, implementation, storage configuration, migration, application assistance, network assistance and technical management.
GTT will provide a service catalogue listing day rates for these services.
GTT will act in a professional and co-operative manner in order to assist customers in transitioning services either to a new supplier or back in house at the end of the contract term. The details of the approach will depend upon GTT’s final solution and the incoming supplier’s design and implementation plans. IGTT recommends the following are considered, as appropriate, to ensure minimal disruption to normal business operations:
Governance
- Agreement and establishment of a governance structure between the customer, GTT and the incoming supplier, as necessary, with defined meetings and attendees, including the assigned GTT Exit Manager.
- Detailed risk assessment carried out jointly with the customer to identify all risks which are likely to occur during the transition and with agreed mitigation approach and regular review and tracking of these risks and other issues.
- GTT adherence to its contractual obligations whilst maintaining flexibility where required to ensure the smooth transition to a new provider.

Using the service

Web browser interface
Yes
Using the web interface
GTT will provide a client with access to GTT's web-based, client portal, called EtherVision. EtherVision has an extensive management reporting function. It is positioned as the first line of support and information and provides greater control in managing the relationship with GTT's services and offers:
Reporting
Invoices & CDRs
User Management
Search & Filter
Incidents & Requests
Orders
Alarms
Performance Monitoring
Secure customer Access
Service Level Agreements
Change Management
The portal speeds up communication, efficiently shares key information(technical, numbers, results), and:
Increase service control;
Decrease operational management overheads;
Obtain an inside view into system management and performance.
Web interface accessibility standard
None or don’t know
How the web interface is accessible
The Graphical User Interface is adaptive, so that each user is presented with different menu options according to the access privileges and/or services subscribed to. The portal is a browser-based product with a series of reporting screens and fault logging options.
Ease of navigation is central to its design ensuring users can quickly locate their desired function, meeting the user’s requirements with minimal delay.
Each user is required to go through a secure logging process (2FA), once successfully logged in, the user is provided with a homepage with customisable preferences options to ensure that the tool matches their individual requirements. From here, the user can select the functions pertinent to their needs.
Web interface accessibility testing
Whilst GTT does not have any record of documented testing with assisted users, we own the technology which provides our web chat facility and would therefore be in a position to develop a solution to meet the individual needs of an assisted technology user.
API
No
Command line interface
No

Scaling

Scaling available
Yes
Scaling type
Automatic
Independence of resources
GTT runs multiple VDC zones and dedicated versions. Stringent monitoring and controls are applied ensuring performance provided is not affected by other users on the platform.
Our standard compute service applies a 2Ghz vCPU speed and a standard contention ratio of 2:1.
GTT's fully SSD storage service means that with over 10 times the IO of a spinning disk solution and the ability to allocate QoS for critical volumes, GTT can eliminate storage bottleneck issues commonly encountered on other shared service platforms.
Therefore, whether other customers are on the platform create ‘noisyneighbours’, GTT can supply an efficient and performant service.
Usage notifications
Yes
Usage reporting
  • Email
  • SMS
  • Other
Other usage reporting
Potentially via a telephone call, dependent on service design.

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process
Yes
Data sanitisation type
Hardware containing data is completely destroyed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • Virtual Machines
  • Applications
  • Databases
  • Files
Backup controls
GTT work with customers to tailor the template replication, snapshot mirroring and backup replication services to meet the DR objectives for each application and data set.
Customers can maintain applications deployed in an “always on” configuration across datacentres so that replicated services are not required for these applications in the event of DR.
For applications not deployed in “always on”, customers can deploy servers from templates and snapshots and mount both data and storage from snapshots and backups.
The backup service is automatically available for restorations as the client will be configured to automatically connect to the second backup repository.
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Users schedule backups through a web interface
Backup recovery
Users can recover backups themselves, for example through a web interface

Data-in-transit protection

Data protection between buyer and supplier networks
Private network or public sector network
Data protection within supplier network
IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
GTT will design the solution to meet the availability required by the customer up to 99.999%.
The GTT service is provided across multiple zones and data centres, connected via our privately owned network ensuring resilience.
GTT standard availability target is 99.99%, in the event that the service falls below the overall availability GTT will pay service credits based on the availability of individual resources, e.g. VCPU, storage etc.
Approach to resilience
GTT use multiple data centres and zones connected via our privately owned network ensuring guaranteed resilience.
GTT’s service is operated and managed by our ISO 27001 accredited Operations Centre monitoring services 24x7 with a CSIRT function to ensure appropriate operations security response. This includes immediate escalation to the Chief Security & Risk Officer if any data security incident is detected on GTT platforms, systems or services. GTT’s core equipment is physically located in secure data centres with resilient power, resilient cooling, and fire detection and suppression controls. This includes industry standard physical security controls with all access logged and appropriate physical perimeter security controls (ACS and CCTV). All core equipment is configured for high availability, deployed in an N+1 architecture ensuring full resiliency of critical components.
At the logical layer GTT’s core network connects resiliently and is secured by GTT’s MPLS core. Each customer is provided with a separate VRF ensuring logical separation of customer traffic across network.
Outage reporting
Outages can be reported via phone, email or through the customer webportal. GTT will notify clients of any planned or emergency outages via the same communication methods which will be captured as part of an operations service manual.
Outages can be reported via phone, email or through the customer webportal. GTT will notify clients of any planned or emergency outages via the same communication methods which will be captured as part of an operations service manual.
Incident and Request Tickets can be raised using the Tickets feature in the Web Portal enabling the user to:
• Raise a new incident
• Update a ticket/incident
• View incidents and their feedback.
When raising a new incident, the web portal will take the user through four pages; incident details, technical questions, contact information and a summary page. The drop down menu options and compulsory data entry fields allow easy entry of information whilst capturing the core information to resolve the incident efficiently.

Identity and authentication

User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Interfaces and support channels: GTT provide management services via a secure VPN access service which has firewalls at each end ensuring a separate connection for each client managed.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Lloyds Register
ISO/IEC 27001 accreditation date
17/05/2024
What the ISO/IEC 27001 doesn’t cover
The following controls are not applicable: Access control to program source code Protecting application services transactions
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
Yes
Who accredited the PCI DSS certification
Razor Thorn Security
PCI DSS accreditation date
28/12/2023
What the PCI DSS doesn’t cover
GTT has achieved Level 1 PCI DSS certification for controls 9 (Physical Security) and 12 (Security Policy) for our Virtual Data Centre's and provide professional services to help our customers attain PCI DSS certification for their e-commerce solutions.
Our Hosting and Security Product Portfolio provides the building blocks and compliance mechanisms necessary to achieve and maintain PCI DSS certification for critical business technology and online commerce requirements.
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
Yes
Any other security certifications
  • ISO27001
  • PCI DSS
  • Cyber Essentials

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
The Security Practice reporting to the Executive Vice President General Council is responsible for maintaining the Enterprise Security Management System to ensure the protection of GTT operations and services. These responsibilities include the maintenance of ISO 27001, ISO 20000, ISO22301, BSI IT-Grundschutz, Payment Card Industry Data Security Standard(PCI DSS), ISAE 3402/SSAE 16 and ITIL service management controls across the organisation. To support these strategic objectives, the Security Practice is authorised to conduct internal audits and coordinate external accreditations and audits, to confirm compliance with security policies and controls, as well as being granted independent authority to continuously improve the security and quality of operations. These activities are supervised and managed through the GTT Security Committee, with a minimum of quarterly ISO 27001 Security Forums for GTT Operations and Data Centres to manage security control objectives, ensure their maintenance and maintain appropriate resources for the Security Incident Management and Business Continuity Management covering all critical operations.
All GTT solutions comply with the Cloud Security Principles and conform to CESG standards.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Through the set of integrated management tools used by GTT, we generate and maintain the CMDB which includes information regarding access, general logs, and application logs. GTT provides a CMDB to identify, control and record an accurate inventory of CIs. The CMDB will provide an audit trail of all changes and can be downloaded to a .csv file for further manipulation.
GTT defines changes into three categories, soft, hard and complex. All changes will be agreed with the customer and are assessed for both risk and the potential security implication.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
GTT conducts a comprehensive risk assessment of all critical business and operations risks to our critical operations components, inclusive of risk scenarios based on industry best practice security and continuity threats, vulnerabilities and risks. This risk assessment is maintained by our Security & Governance Group audited annual by internal security professionals and external 3rd parties. The fundamental objective is to define the necessary continuity mitigation controls required to maintain operations and quality with integration into our ITIL and ISO 27001 security controls with defined performance metrics.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Security controls are applied to protect GTT and the customer;
• Customers accessing our Data Centres must comply with site access procedures and codes of conduct.
• Use of facilities and operations must comply with stated contractual obligation to adhere to Acceptable Use Policy.
• Exchange of information and data will be controlled by contracted confidentiality clauses.
• ISO 27001 security management system protects Confidentiality, Integrity and Availability of internal and customer data.
• Security Incident Management processes report, log, respond and resolve security incidents.
Controls in place protecting security of our internal network and systems includes FW, IDS/IPS, DDOS.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Customers can report incidents via phone, email or through the customer web portal. The severity of the incident will be determined by the data captured in the service manual. Real time updates are provided during the lifetime of the ticket and can be accessed via the portal.
Management reports are provided via the portal and can be downloaded by the customer.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
No

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
GTT recognises the significant impact our data centres have on the environment and climate change and is driving forward with energy efficiency initiatives to reduce Power Usage Effectiveness (PUE) and Carbon Usage Effectiveness (CUE) statistics for all our data centre facilities. Via Climate Change Agreements (CCA’s) we have reduced our Climate Change Levy(CCL’s) to not just lower energy emissions but also reduce costs.
We adhere to the EU Code of Conduct Best Practice Guide for Data Centres to ensure our carbon emissions are always kept as low as possible. This guide develop and promote solutions aimed at enabling data centre owners and operators to meet the accepted expectations, whilst minimising the impact on the environment.
Other initiatives GTT drives to reduce our carbon footprint and reduce costs in our data centres include the use of Electronically Commutated (EC) fans & variable speed pumps; optimum use of free cooling solutions; Passive Infrared Sensor (PIR) controlled lighting and LED lamps. Hot/Cold aisle containment solutions are also implemented in our data centres. We optimise data centre environments to ASHREA TC 9.9 which is concerned with all aspects of mission critical facilities, technology spaces, and electronic equipment/systems.

Social Value

Social Value

Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

Fighting Climate Change:
GTT's solutions act as a client enabler to assist in environmental consideration backed up by GTT's ESG Report

Tackling economic inequality

Tackling economic inequality:
GTT is an equal opportunities employer, publicly declared in GTT's annual ESG report

Equal opportunity

Equal opportunity:
GTT is an equal opportunities employer, publicly declared in GTT's annual ESG report

Wellbeing

Wellbeing:
GTT has staff wellbeing centric to employment and offers various tools and support for those in need

Pricing

Price
£175 to £2,000 an instance a month
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at fionn.coffey@gtt.net. Tell them what format you need. It will help if you say what assistive technology you use.