Skip to main content

Help us improve the Digital Marketplace - send your feedback

Claranet Limited

Software Defined Managed Network (Fortinet)

The Claranet Software Defined Managed Network (Fortinet) consists of the following elements:

• Managed SD-WAN – Fortinet Physical and Virtual Appliances
• Managed Secure Access – Fortinet FortiClient EMS

Features

  • Managed Secure SD-WAN
  • Managed Secure SD-Branch, LAN & Wi-Fi
  • Managed Private Networks
  • Manged Remote Access & ZTNA
  • Secure Access Service Edge
  • Service Assurance Monitoring
  • Network Consultancy & Architecture
  • Underlay Connectivity - Ethernet, Broadband & Mobile
  • Managed Security
  • Network Monitoring

Benefits

  • Centralised management simplifies network management
  • Improved application visibility
  • Streamlined application delivery
  • Improved user experience
  • Enhanced security posture
  • Reduced network downtime
  • Improved cost savings and faster deployment times
  • Flexibility and scalability of architecture
  • Operational efficiencies through automation, deep analytics, and self-healing capability.
  • Secure cloud connectivity

Pricing

£3,333 to £14,969 a device a year

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at UK-bidteam@claranet.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

9 9 8 1 2 0 1 4 0 9 4 5 3 7 7

Contact

Claranet Limited Claranet UK Bid Team
Telephone: 020 7685 8000
Email: UK-bidteam@claranet.com

Service scope

Service constraints
Maintenance windows do exist and are planned with your nominated contacts in advance. Maintenance windows exist in order for services to be upgraded to keep them secure and optimised.
System requirements
System requirements are solution and architecture dependent.

User support

Email or online ticketing support
Email or online ticketing
Support response times
Claranet operate an ITIL accredited support team that operates 24x7x365. Response times range from 1 to 4 hours, dependent on the service and criticality of the Incident. Claranet monitor customer infrastructure 24x7x365 to maintain service availability SLA's that are aligned to the service and solution that is designed and deployed for our customers. Further details can be provided on request.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
As standard Claranet offer 24x7x365 support on connectivity services
support levels, and priorities are defined by the nature of the support ticket logged. E.G. Critical priority for loss of service through to lower priorities for general information and feature questions. Tickets are assigned to technical engineers who own the support issue through to resolution. On-site support is a chargeable service that Claranet can provide. Out of hours support is limited to critical tickets unless specified in the contract. Other SLA's, RTAs, and OLAs can be agreed at time of contract signature.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Depending on the service being delivered Claranet will provide the correct level of training to ensure a customer is able to get the maximum from the Claranet service at the point it is handed over to the customer for acceptance testing.
This can include managed installation (remote or onsite), on-site training, web based training, self learning, live video, one to one or one to many training, or documentation as part of the handover.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Customer data can be extracted and handed back to the customer at the end of a contract term and upon the customer's request. Claranet will work with the customer to define a data extraction process that supports secure transfer of data.
End-of-contract process
This will be solution dependant and can be scaled to cover the customers overall requirements. Our services will be aligned to our service descriptions and our master services agreement. Additional costs may be incurred if the service being requested falls outside of the Claranet service description and master services agreement.

Using the service

Web browser interface
Yes
Using the web interface
Web interfaces are accessible through any browser and the customer will be provided details on how they can access. Role based controls are in place to make sure that only the right people have access at the right level.
Depending on the level of access, users can monitor any connectivity solutions including both direct to internet, MPLS, and 4G/5G. Software defined network services such as SD-WAN and SD-Branch provide web portals and features that enable detailed actionable reports on application usage, user network behaviour, and potential security risks.
In the software defined network interface users can make direct changes to configuration to enable the best criteria for applications to traverse the network.
Web interface accessibility standard
None or don’t know
How the web interface is accessible
N/A
Web interface accessibility testing
N/A
API
Yes
What users can and can't do using the API
All management interfaces offer API integration. The functionality offered depends on the specific solution delivered. Claranet will review with the customer if API integration is required based on the required outcome of the customer
API automation tools
Terraform
API documentation
Yes
API documentation formats
Other
Command line interface
No

Scaling

Scaling available
No
Independence of resources
Claranet capacity manage and monitor network infrastructure and applications continuously with proactive alerting and event management when service impacting issues are detected. Claranet also have protection mechanisms built into the network to ensure fair use is adhered to and service denial is protected against.
Usage notifications
Yes
Usage reporting
Email

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
  • Other
Other metrics
  • Uptime and availability
  • Bandwidth
  • Change logs
  • Application performance
  • System performance of networked appliances
  • Wi-Fi metrics, signal strength, consumption, users attached and more.
  • Network policies and QoS
  • Unified threat metrics
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Fortinet, BT, Virgin Media

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
Equipment disposal approach
A third-party destruction service

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • Configurations
  • Logs
  • Virtual Machines
  • Databases
Backup controls
Configuration and logs are backed up by default as part of all network services. Any other backup requirements will be based on the customers’ requirements and agreed in the contract.
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Supplier controls the whole backup schedule
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Claranet provide availability SLAs against each service, ranging from 99.5% to 100% depending on the service taken. If an SLA is missed in a given month a service credit is applied. This service credit is a percentage of the monthly value of the service, with the percentage paid being dependant on how long the service was unavailable.
Approach to resilience
Information available upon request.
Outage reporting
Claranet actively monitor network connections for managed services and will contact an authorised customer contact. Claranet provide access to a customer dashboard, and send out email alerts when network issues have been identified.

Claranet will agree a notification plan for network issues which could include e-mail, SMS or phone call.

Identity and authentication

User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Access to management interfaces and support channels is restricted to access from either approved IP addresses or via an SSL VPN that includes 2FA authentication.
Claranet will hold a personnel list that details who has access to the online portal and the level of access they require. As part of the contract between Claranet and the end customer, this personnel list will authorise access to customer solutions. There will be no changes to the access list or the level of access without the documented authority of the parties on the access list.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Das Certification Ltd (SN Registrars Holdings)
ISO/IEC 27001 accreditation date
06/06/2023
What the ISO/IEC 27001 doesn’t cover
All Areas of the business are in scope.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
Yes
Who accredited the PCI DSS certification
7Safe Limited, a PA Consulting Group company
PCI DSS accreditation date
11/1/2019
What the PCI DSS doesn’t cover
Our PCI-DSS only covers physical security requirements 1 to 8
10 and 11 are not covered.
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
Yes
Any other security certifications
ISO22301

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
ISO27001:2013, ISO22301:2012

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Claranet have an embedded ITIL aligned configuration and change management process. All Claranet and customer specific changes are reviewed and evaluated for threats and risk before being deployed in a specific change window. Claranet use service management tools that support the ITIL process. All changes are tracked and audited. Customers are required to make all requests for change through the customer portal and only portal users with the correct privileges can request a change.
Vulnerability management type
Undisclosed
Vulnerability management approach
Claranet have a multi layered approach to vulnerability management. Security controls are inbuilt into our network such as DDOS and Threat Management. These threats are actively reviewed by our internal SOC and security team to look at areas of risk and remediation. Claranet customer specific solutions also have vulnerability features enabled and others that are available at an additional cost. Claranet actively review threats identified by suppliers and vendors and where deemed necessary will update and deploy patches to equipment and software. Claranet also run regular penetration testing on our network services using CREST certified testers.
Protective monitoring type
Undisclosed
Protective monitoring approach
Claranet provide multi-vendor network and security solutions that have active network and security monitoring. Alerts are generated through our enterprise grade monitoring system and reviewed by our network operations centre. Claranet also have additional services such as Managed Detection and Response (MDR) and email and web security to further enhance protective monitoring. Where the monitoring system identifies that a threshold is breached, alarms are triggered to alert Claranet support staff. If a threshold is breached or a service affecting event occurs, the Claranet Operations team are notified to raise a ticket and take appropriate action to resolve the issue.
Incident management type
Undisclosed
Incident management approach
Claranet have an embedded ITIL aligned process for Incident Management with description, instruction, and visual guides on how to raise an incident. All incidents are allocated a priority between 1-5 and have associated response times. As part of our service management offering we can evaluate incidents logged with a view to looking at trends and improving time to resolve. This data is typically combined in service management reports that are issued as per agreed schedule with the customer. Customers can report incidents to our service desk using either a telephone call or by raising the request through our online portal.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Supplier
Virtualisation technologies used
VMware
How shared infrastructure is kept separate
Claranet utilise virtualisation services to ensure that each customers traffic and environment are kept logically separated. The technology contains but is not limited to, VMware, Cisco, Arista, and Fortinet.

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
Claranet work with compliant datacentre providers.

Social Value

Social Value

Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

Fighting climate change

Sustainability is a core element of our CSR strategy. At Claranet, we recognise the significance of our environmental footprint, even if it’s small, and are dedicated to perpetual improvements in energy conservation and waste minimisation throughout our operations. Our Senior Management Team has defined environmental and energy policies with a structure for setting and revising environmental objectives and goals.
• Our approach to environmental management includes:
• Committing to lessen our environmental impact.
• Integrating environmental performance and management into our business practice.
• Encouraging recycling and eco-awareness across our workforce, clientele, and suppliers.
• Reducing eco-toxic emissions from company vehicles.
• Reducing our energy use.
• Aligning with stakeholders to meet or excel in environmental standards.
• Adhering to applicable environmental laws and regulations.
• Conducting regular audits to measure and report on environmental metrics and establish goals.
Our energy management is focused on:
• Complying with legal standards for energy use.
• Implementing and, where possible, exceeding best practices for energy management.
• Allocating resources to meet our energy objectives and improve our management system continuously.
• Procuring energy-efficient solutions and services when feasible.
• Using data to monitor significant energy use and set targets for reducing consumption across the enterprise.
Our commitment to sustainability is reinforced by certifications such as ISO14001 for Environmental Management, ISO50001 for Energy Management, and the Cisco Environmental Sustainability Specialisation.
Aiming for net zero by 2050, we are proactively seeking ways to achieve this sooner. Our efforts are transparent, with an external Carbon Reduction Plan available upon request.

Equal opportunity

Offering the opportunity to advance our people’s professional development is one thing, however, ensuring that everyone, no matter who they are, has that opportunity is something that we pride ourselves on. Diversity and Inclusion is a highly regarded topic at Claranet and one that we strive to work towards. We are committed to driving diversity and inclusion in a measurable way.
Our HR and Management teams are working closely on diversity and inclusion initiatives to support the reduction in the gap in pay between men and women. We have a group of employees who have volunteered themselves to work together the ensure some of the most meaningful diversity and inclusion dates throughout the calendar year are acknowledged and/or celebrated with the goal of ensuring all of our employees feel a sense of belonging at Claranet. We are a signatory with the Tech Talent Charter (TTC) who pride themselves on bringing organisations together to drive greater diversity and inclusion within the Technology sector. Not only does this support women getting into technology, but those from multi-ethnic and lower socio-economic backgrounds as well. We are excited to be a part of this movement and hope to contribute to making the UK technology sector truly inclusive. We are also one of the founding members of the Technology Community for Racial Equality (T4CRE). We are proud to support this organisation that is focused on promoting diversity, equity, and inclusion in the technology industry (https://tc4re.org/who-we-are/).
Our recruitment strategy and policy also heavily supports this. The makeup of our Senior Management Team further evidences our commitment to inclusivity, as it continues to represent an equal split between men and women, which is essential to leading a diverse workforce and promoting equality.

Wellbeing

Claranet are passionate about people and fostering a healthy and nurturing work environment.
Our dedicated Wellbeing and Engagement team, work in partnership with external providers to deliver our health and wellbeing scheme: Health is Wealth. The scheme is comprised of talks led by professionals, access to exercise classes, discounted gym memberships and access to a fully trained Mental Health First Aiders team. Some of our notable events include, a Stress Awareness seminar, Disability Awareness talk delivered by Lee Spencer, Employee led activity to celebrate Neurodiversity Week, Women in technology celebrations, Happiness in the Workplace celebration week and Imposters Syndrome webinar. Our in-house team plan employee activity based on employee feedback and suggestions, enabling us to deliver a very diverse programme and support network within the workplace.
In conjunction with this we also provide all employees with access to the Employee Assistance Program (EAP). This facility provides an independent, confidential, and unlimited service available 24 hours a day, 365 days a year. It provides access to specialist professionals who offer advice on stress and anxiety as well as a range of other issues such as bereavement support, legal guidance, and health related issues.
Our employees also benefit from core and voluntary benefits including dental cover and private medical that covers pre-existing conditions with a range of options to cover partners or families. Voluntary Critical Illness Cover of up to £150,000 also gives our employees and their families financial and practical support at times of need.

Pricing

Price
£3,333 to £14,969 a device a year
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
As a managed service provider some services are available on a Proof of Value (POV) or Concept (POC) basis. This can include equipment and mobile and cloud connectivity. Certain feature licensing may also be made available as part of a trial. All POV and POC's are size and time limited.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at UK-bidteam@claranet.com. Tell them what format you need. It will help if you say what assistive technology you use.