Software Defined Managed Network (Fortinet)
The Claranet Software Defined Managed Network (Fortinet) consists of the following elements:
• Managed SD-WAN – Fortinet Physical and Virtual Appliances
• Managed Secure Access – Fortinet FortiClient EMS
Features
- Managed Secure SD-WAN
- Managed Secure SD-Branch, LAN & Wi-Fi
- Managed Private Networks
- Manged Remote Access & ZTNA
- Secure Access Service Edge
- Service Assurance Monitoring
- Network Consultancy & Architecture
- Underlay Connectivity - Ethernet, Broadband & Mobile
- Managed Security
- Network Monitoring
Benefits
- Centralised management simplifies network management
- Improved application visibility
- Streamlined application delivery
- Improved user experience
- Enhanced security posture
- Reduced network downtime
- Improved cost savings and faster deployment times
- Flexibility and scalability of architecture
- Operational efficiencies through automation, deep analytics, and self-healing capability.
- Secure cloud connectivity
Pricing
£3,333 to £14,969 a device a year
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
9 9 8 1 2 0 1 4 0 9 4 5 3 7 7
Contact
Claranet Limited
Claranet UK Bid Team
Telephone: 020 7685 8000
Email: UK-bidteam@claranet.com
Service scope
- Service constraints
- Maintenance windows do exist and are planned with your nominated contacts in advance. Maintenance windows exist in order for services to be upgraded to keep them secure and optimised.
- System requirements
- System requirements are solution and architecture dependent.
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Claranet operate an ITIL accredited support team that operates 24x7x365. Response times range from 1 to 4 hours, dependent on the service and criticality of the Incident. Claranet monitor customer infrastructure 24x7x365 to maintain service availability SLA's that are aligned to the service and solution that is designed and deployed for our customers. Further details can be provided on request.
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
As standard Claranet offer 24x7x365 support on connectivity services
support levels, and priorities are defined by the nature of the support ticket logged. E.G. Critical priority for loss of service through to lower priorities for general information and feature questions. Tickets are assigned to technical engineers who own the support issue through to resolution. On-site support is a chargeable service that Claranet can provide. Out of hours support is limited to critical tickets unless specified in the contract. Other SLA's, RTAs, and OLAs can be agreed at time of contract signature. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Depending on the service being delivered Claranet will provide the correct level of training to ensure a customer is able to get the maximum from the Claranet service at the point it is handed over to the customer for acceptance testing.
This can include managed installation (remote or onsite), on-site training, web based training, self learning, live video, one to one or one to many training, or documentation as part of the handover. - Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- Customer data can be extracted and handed back to the customer at the end of a contract term and upon the customer's request. Claranet will work with the customer to define a data extraction process that supports secure transfer of data.
- End-of-contract process
- This will be solution dependant and can be scaled to cover the customers overall requirements. Our services will be aligned to our service descriptions and our master services agreement. Additional costs may be incurred if the service being requested falls outside of the Claranet service description and master services agreement.
Using the service
- Web browser interface
- Yes
- Using the web interface
-
Web interfaces are accessible through any browser and the customer will be provided details on how they can access. Role based controls are in place to make sure that only the right people have access at the right level.
Depending on the level of access, users can monitor any connectivity solutions including both direct to internet, MPLS, and 4G/5G. Software defined network services such as SD-WAN and SD-Branch provide web portals and features that enable detailed actionable reports on application usage, user network behaviour, and potential security risks.
In the software defined network interface users can make direct changes to configuration to enable the best criteria for applications to traverse the network. - Web interface accessibility standard
- None or don’t know
- How the web interface is accessible
- N/A
- Web interface accessibility testing
- N/A
- API
- Yes
- What users can and can't do using the API
- All management interfaces offer API integration. The functionality offered depends on the specific solution delivered. Claranet will review with the customer if API integration is required based on the required outcome of the customer
- API automation tools
- Terraform
- API documentation
- Yes
- API documentation formats
- Other
- Command line interface
- No
Scaling
- Scaling available
- No
- Independence of resources
- Claranet capacity manage and monitor network infrastructure and applications continuously with proactive alerting and event management when service impacting issues are detected. Claranet also have protection mechanisms built into the network to ensure fair use is adhered to and service denial is protected against.
- Usage notifications
- Yes
- Usage reporting
Analytics
- Infrastructure or application metrics
- Yes
- Metrics types
-
- CPU
- Disk
- HTTP request and response status
- Memory
- Network
- Number of active instances
- Other
- Other metrics
-
- Uptime and availability
- Bandwidth
- Change logs
- Application performance
- System performance of networked appliances
- Wi-Fi metrics, signal strength, consumption, users attached and more.
- Network policies and QoS
- Unified threat metrics
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Reseller providing extra features and support
- Organisation whose services are being resold
- Fortinet, BT, Virgin Media
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- No
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- ‘IT Health Check’ performed by a CHECK service provider
- Protecting data at rest
- Physical access control, complying with another standard
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Hardware containing data is completely destroyed
- Equipment disposal approach
- A third-party destruction service
Backup and recovery
- Backup and recovery
- Yes
- What’s backed up
-
- Configurations
- Logs
- Virtual Machines
- Databases
- Backup controls
- Configuration and logs are backed up by default as part of all network services. Any other backup requirements will be based on the customers’ requirements and agreed in the contract.
- Datacentre setup
- Multiple datacentres with disaster recovery
- Scheduling backups
- Supplier controls the whole backup schedule
- Backup recovery
- Users contact the support team
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- Claranet provide availability SLAs against each service, ranging from 99.5% to 100% depending on the service taken. If an SLA is missed in a given month a service credit is applied. This service credit is a percentage of the monthly value of the service, with the percentage paid being dependant on how long the service was unavailable.
- Approach to resilience
- Information available upon request.
- Outage reporting
-
Claranet actively monitor network connections for managed services and will contact an authorised customer contact. Claranet provide access to a customer dashboard, and send out email alerts when network issues have been identified.
Claranet will agree a notification plan for network issues which could include e-mail, SMS or phone call.
Identity and authentication
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
- Access restrictions in management interfaces and support channels
-
Access to management interfaces and support channels is restricted to access from either approved IP addresses or via an SSL VPN that includes 2FA authentication.
Claranet will hold a personnel list that details who has access to the online portal and the level of access they require. As part of the contract between Claranet and the end customer, this personnel list will authorise access to customer solutions. There will be no changes to the access list or the level of access without the documented authority of the parties on the access list. - Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Dedicated link (for example VPN)
- Username or password
- Devices users manage the service through
-
- Dedicated device on a segregated network (providers own provision)
- Dedicated device over multiple services or networks
- Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- Das Certification Ltd (SN Registrars Holdings)
- ISO/IEC 27001 accreditation date
- 06/06/2023
- What the ISO/IEC 27001 doesn’t cover
- All Areas of the business are in scope.
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- Yes
- Who accredited the PCI DSS certification
- 7Safe Limited, a PA Consulting Group company
- PCI DSS accreditation date
- 11/1/2019
- What the PCI DSS doesn’t cover
-
Our PCI-DSS only covers physical security requirements 1 to 8
10 and 11 are not covered. - Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- Yes
- Any other security certifications
- ISO22301
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- ISO27001:2013, ISO22301:2012
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Claranet have an embedded ITIL aligned configuration and change management process. All Claranet and customer specific changes are reviewed and evaluated for threats and risk before being deployed in a specific change window. Claranet use service management tools that support the ITIL process. All changes are tracked and audited. Customers are required to make all requests for change through the customer portal and only portal users with the correct privileges can request a change.
- Vulnerability management type
- Undisclosed
- Vulnerability management approach
- Claranet have a multi layered approach to vulnerability management. Security controls are inbuilt into our network such as DDOS and Threat Management. These threats are actively reviewed by our internal SOC and security team to look at areas of risk and remediation. Claranet customer specific solutions also have vulnerability features enabled and others that are available at an additional cost. Claranet actively review threats identified by suppliers and vendors and where deemed necessary will update and deploy patches to equipment and software. Claranet also run regular penetration testing on our network services using CREST certified testers.
- Protective monitoring type
- Undisclosed
- Protective monitoring approach
- Claranet provide multi-vendor network and security solutions that have active network and security monitoring. Alerts are generated through our enterprise grade monitoring system and reviewed by our network operations centre. Claranet also have additional services such as Managed Detection and Response (MDR) and email and web security to further enhance protective monitoring. Where the monitoring system identifies that a threshold is breached, alarms are triggered to alert Claranet support staff. If a threshold is breached or a service affecting event occurs, the Claranet Operations team are notified to raise a ticket and take appropriate action to resolve the issue.
- Incident management type
- Undisclosed
- Incident management approach
- Claranet have an embedded ITIL aligned process for Incident Management with description, instruction, and visual guides on how to raise an incident. All incidents are allocated a priority between 1-5 and have associated response times. As part of our service management offering we can evaluate incidents logged with a view to looking at trends and improving time to resolve. This data is typically combined in service management reports that are issued as per agreed schedule with the customer. Customers can report incidents to our service desk using either a telephone call or by raising the request through our online portal.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- Yes
- Who implements virtualisation
- Supplier
- Virtualisation technologies used
- VMware
- How shared infrastructure is kept separate
- Claranet utilise virtualisation services to ensure that each customers traffic and environment are kept logically separated. The technology contains but is not limited to, VMware, Cisco, Arista, and Fortinet.
Energy efficiency
- Energy-efficient datacentres
- Yes
- Description of energy efficient datacentres
- Claranet work with compliant datacentre providers.
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Equal opportunity
- Wellbeing
Fighting climate change
Sustainability is a core element of our CSR strategy. At Claranet, we recognise the significance of our environmental footprint, even if it’s small, and are dedicated to perpetual improvements in energy conservation and waste minimisation throughout our operations. Our Senior Management Team has defined environmental and energy policies with a structure for setting and revising environmental objectives and goals.
• Our approach to environmental management includes:
• Committing to lessen our environmental impact.
• Integrating environmental performance and management into our business practice.
• Encouraging recycling and eco-awareness across our workforce, clientele, and suppliers.
• Reducing eco-toxic emissions from company vehicles.
• Reducing our energy use.
• Aligning with stakeholders to meet or excel in environmental standards.
• Adhering to applicable environmental laws and regulations.
• Conducting regular audits to measure and report on environmental metrics and establish goals.
Our energy management is focused on:
• Complying with legal standards for energy use.
• Implementing and, where possible, exceeding best practices for energy management.
• Allocating resources to meet our energy objectives and improve our management system continuously.
• Procuring energy-efficient solutions and services when feasible.
• Using data to monitor significant energy use and set targets for reducing consumption across the enterprise.
Our commitment to sustainability is reinforced by certifications such as ISO14001 for Environmental Management, ISO50001 for Energy Management, and the Cisco Environmental Sustainability Specialisation.
Aiming for net zero by 2050, we are proactively seeking ways to achieve this sooner. Our efforts are transparent, with an external Carbon Reduction Plan available upon request.Equal opportunity
Offering the opportunity to advance our people’s professional development is one thing, however, ensuring that everyone, no matter who they are, has that opportunity is something that we pride ourselves on. Diversity and Inclusion is a highly regarded topic at Claranet and one that we strive to work towards. We are committed to driving diversity and inclusion in a measurable way.
Our HR and Management teams are working closely on diversity and inclusion initiatives to support the reduction in the gap in pay between men and women. We have a group of employees who have volunteered themselves to work together the ensure some of the most meaningful diversity and inclusion dates throughout the calendar year are acknowledged and/or celebrated with the goal of ensuring all of our employees feel a sense of belonging at Claranet. We are a signatory with the Tech Talent Charter (TTC) who pride themselves on bringing organisations together to drive greater diversity and inclusion within the Technology sector. Not only does this support women getting into technology, but those from multi-ethnic and lower socio-economic backgrounds as well. We are excited to be a part of this movement and hope to contribute to making the UK technology sector truly inclusive. We are also one of the founding members of the Technology Community for Racial Equality (T4CRE). We are proud to support this organisation that is focused on promoting diversity, equity, and inclusion in the technology industry (https://tc4re.org/who-we-are/).
Our recruitment strategy and policy also heavily supports this. The makeup of our Senior Management Team further evidences our commitment to inclusivity, as it continues to represent an equal split between men and women, which is essential to leading a diverse workforce and promoting equality.Wellbeing
Claranet are passionate about people and fostering a healthy and nurturing work environment.
Our dedicated Wellbeing and Engagement team, work in partnership with external providers to deliver our health and wellbeing scheme: Health is Wealth. The scheme is comprised of talks led by professionals, access to exercise classes, discounted gym memberships and access to a fully trained Mental Health First Aiders team. Some of our notable events include, a Stress Awareness seminar, Disability Awareness talk delivered by Lee Spencer, Employee led activity to celebrate Neurodiversity Week, Women in technology celebrations, Happiness in the Workplace celebration week and Imposters Syndrome webinar. Our in-house team plan employee activity based on employee feedback and suggestions, enabling us to deliver a very diverse programme and support network within the workplace.
In conjunction with this we also provide all employees with access to the Employee Assistance Program (EAP). This facility provides an independent, confidential, and unlimited service available 24 hours a day, 365 days a year. It provides access to specialist professionals who offer advice on stress and anxiety as well as a range of other issues such as bereavement support, legal guidance, and health related issues.
Our employees also benefit from core and voluntary benefits including dental cover and private medical that covers pre-existing conditions with a range of options to cover partners or families. Voluntary Critical Illness Cover of up to £150,000 also gives our employees and their families financial and practical support at times of need.
Pricing
- Price
- £3,333 to £14,969 a device a year
- Discount for educational organisations
- No
- Free trial available
- Yes
- Description of free trial
- As a managed service provider some services are available on a Proof of Value (POV) or Concept (POC) basis. This can include equipment and mobile and cloud connectivity. Certain feature licensing may also be made available as part of a trial. All POV and POC's are size and time limited.