Thales Service Definition for PSN Secure Gateway Service for Cloud Services
|
|
- Jody Hancock
- 8 years ago
- Views:
Transcription
1 Thales Definition for PSN Secure Gateway Thales Definition for PSN Secure Gateway for Cloud s April 2014 Page 1 of 12
2 Thales Definition for PSN Secure Gateway CONTENT Page No. Introduction... 3 Overview of... 3 Key Features... 4 The Thales SaaS Cloud Model... 4 Protective Monitoring... 5 Information Assurance (IA)... 5 Statements of accreditation:... 5 Baseline / Bundled Gateway s... 6 Unbundled Gateway s... 6 Capabilities and Technical Performance Specification... 7 Levels... 8 Recompense model for not meeting service levels... 8 Training... 8 Ordering... 9 On boarding and Off Boarding... 9 On Boarding:... 9 Off Boarding:... 9 Customer Responsibilities Thales Commitment to Open Standards Thales support for UK Government Information Principles Principle 2 - Information is Managed Principle 5 - Information is Re-used Government ICT Strategy and Greening ICT Strategies Contact Page 2 of 12
3 Thales Definition for PSN Secure Gateway Introduction Overview of As the efficient exchange of data and information between Government departments is enabled through initiatives such as G-Cloud and PSN, with applications increasingly becoming available to support joined up government, the demand for boundary protection and Secure Gateways has mushroomed. Unlike the previous GSI model, PSN and G-Cloud services are based upon a network of networks approach. This multi vendor approach drives the need to manage and control the information flows across the security domain boundaries through the use of Secure Gateways technology. Thales Secure Gateway s are a suite of fully managed services that deliver; Web Gateway, Gateway and a range of File Transfer and other Inter domain Gateway capabilities. This Description relates to the Thales Secure Gateway. The Thales Secure Gateway securely manages the boundary between the Customer s own security domain(s) and other external networks or security domains. These domains may be at different security or Impact Levels, or may be just a separate domain at the same security level, for which the customer needs to exercise control over the flow of information and access. In all cases the Gateway will be configured and managed to execute the Customer s own security policies. The policies will define the type of s, the content rules, source and destination address restrictions and attachment rules. The Gateway will then manage information attempting to transit the boundary checking for prohibited words, URLs, protocols, or any malware including cyber attacks and applications embedded within files, attachments and text. Thales Gateway s provide many of the necessary security risk mitigations that contribute to lowering the SIRO s security risk profile mitigating risks identified in the Customer s RMADS. The enables a safe, controlled and secure access to external s, helping to facilitate joined up government, whilst protecting the Customer s secure information held at IL2, IL3, Official and Official Sensitive level. The service is delivered as SaaS running on VM Ware platforms that can be scaled by our operation centre staff in Doncaster, the application software will run on virtual servers that can be created on any compatible Infrastructure platform. The on-line customer portal making available usage data, incident status and security reports whilst allowing the customer to report incidents and raise service requests and IMAC s. Protective Monitoring services provided by the Thales CSOC (Cyber Security Operations Centre) and the ITIL service provided by the NOC (Network Operations Centre) deliver the 24 hour, 365 day per year assurance that the service is operational and secure. Thales has registered its Gateway s solution with the Public s Network Authority under the registration number SRV This service is being progressed with the Pan Government Accreditor (PGA). Page 3 of 12
4 IL3 Network IL Firewalls (HA Pair ) Server Firewalls (HA Pair ) File Repository Switches (HA Pair ) IL3 IL4 Switches (HA Pair ) Firewalls and IDS/IPS (HA Pair ) IL4Network IL File Repository Server Thales Definition for PSN Secure Gateway Key Features The Thales SaaS Cloud Model Figure 1 shows the model that has been developed by Thales which shows all the key attributes of the Secure Gateway. The Gateway policy, element management, control and filtering applications are accessible by the Thales Operations Centre largely through web browsers that enable re-configuration and management of the various Gateway elements. The web based customer portal provides a channel for customer IMAC service requests and for on-line access to incident and reporting information. Level Agreement Accreditation (Official, Official Sensitive, Secret) Protective Monitoring Operational Security Boundary ITIL s Sub CA Baseline s: Design Integration Transition Optional s Consulting Change Application software Functional Specification Functional Specification Functional Matrix Specification Matrix Matrix Figure 1 Thales Secure Gateway Model. The service is delivered on a virtualised infrastructure based on VMWare and has been developed to be operational from Thales Data Centres, Customer Data Centres or from third party IaaS Cloud providers such as Skyscape. The architecture priced provides for a 99.9% availabilty but for High Availability applications additional load balanced and active passive architectures are available. The SOC and NOC functions already have DR capability based on the Thales Doncaster and Basingstoke sites connected by a high capacity PSN Network triangulated through Bristol. The application software and architecture graphic shown at the centre of Figure 1 represents just one of a wide range of Gateway variants that provide the Information Assurance and Protection necessary to mitigate the customer s security risk profile. The pricing offered in this G-Cloud entry Gateway configuration, a typical basic but effective service that includes; Gateway policy enforcement, firewalling, virus checking, intrusion detection and protection capability. More complex, standard arrangements will add load balancing for scalability, authentication capability, more complex packet inspection techniques and further resilience options to protect the customer s secure networks and information. The Capabilities and Technical Performance section describes the configuration of the Gateway and the level of control, filtering and inspection to be performed. Page 4 of 12
5 Thales Definition for PSN Secure Gateway Protective Monitoring The Customer s RMADS (Risk Management and Accreditation Document Set) as approved by the accreditor will include the risk mitigations that must be carried out to achieve accreditation. The accreditation and evaluation status of the Secure Gateway s is likely to form part of the possible mitigation of risks. Protective Monitoring of the Secure Gateway aligns to CESG Good Practice Guide 13 (GPG13), following best practice and policies set out in HMG Risk Management standard, IA Standard No. 1 and 2 (IS1 & 2). The Protective Monitoring provided by the Thales SOC demonstrates the necessary operational independence from the Network Operations Centre. The SOC provides risk mitigation through Accounting, Audit, Monitoring and Management Reporting. Information Assurance (IA) The protective monitoring provided by the Thales CSOC, the ITIL framework implemented by the NOC (Network Operations Centre) and the necessary PKI services provided by the PSN Sub Certificate Authority are shown at Figure 1 within the black border that indicates the operational service boundary. These are all key components of the service that provides the necessary Information Assurance. Statements of accreditation: The security components that comprise the Gateway software suite are considered by Thales as best in class and include both Cisco Iron Port and Deep Secure Gateway software which supports the need for a single vendor independent compliant solution. Thales can provide confirmation, through the appropriate channels regarding the security evaluations undertaken as part of the process for the accreditation of services at BIL 33x and above. Many of the service components are already in use on Customer networks and on the Thales Restricted networks that have achieved accreditation by the Public Network Authority (PSNA) and Ministry of Defence (accredited by DSAS MoD). The Pan Government Accreditor (PGA) has accredited both the Thales PSN IL3 connectivity and PKI services; these services are registered as PSNSP 002 and SRV0111. Thales has registered its Gateway s solution with the Public s Network Authority under the registration number SRV This service is being progressed with the Pan Government Accreditor (PGA). The protective monitoring and ITIL service management for both the accredited PSN Connectivity s and the PSN Secure Gateway s are hosted within our Tier 3 (TIA) List X Certified Doncaster Data Centre operation. In addition to the physical protection of the service, Thales, as a Certified CESG Assurance (Telecommunications) CAS(T) and ISO 27001:2005 supplier, has a mature and regularly maintained ISO ISMS. All of the documentation required is in accordance with, and compliant against HM Government IS No 1&2 and PSNA documentation sets. Page 5 of 12
6 Thales Definition for PSN Secure Gateway Baseline / Bundled Gateway s The baseline services shown in Figure 1 include Design, Integration and Transition. The final implementation of the service provided by Thales will depend upon customer agreement of the roles and responsibilities for each of the providers, third parties and of the customer themselves. Thales baseline services are designed with the need for this level of flexibility in mind. Simple definitions are shown below; Design; Ensures that the Thales preferred Web Gateway architectures are configured to meet specific customer performance and IA requirements. Integration; Based upon a common understanding of how the services will be integrated into the existing or to be infrastructure and agreed prior to order acceptance. Often delivered as part of a larger WAN or LAN refresh or deployment. Transition; Whilst integration baseline services will facilitate the definition of how the Gateways will fit within the LAN / WAN architecture, as part of this price they are bounded as activities relating directly to the operation of the Thales service transition services may also be provided to help the customer manage the journey from their As Is environment to the final To Be Gateways by definition are located at network and security domain boundaries. Thales will validate the Secure Gateway design against the existing infrastructure and work with the customer and third parties to ensure a smooth integration and transition. Typically this may include the incumbent LAN provider or data centre / hosting provider. A detailed integration and transition plan including identification of roles and responsibilities, the necessary joint assurance planning and cutover procedures, all to be agreed with the customer during the early project planning phase as part of the on boarding process. Thales has extensive experience of systems integration and can operate as the prime contractor or work with the organisation appointed by the customer. The price shown against this Description includes all baseline activities that relate directly to the successful assurance and operational readiness of the Thales service. Thales will be pleased to provide additional services to extend the scope beyond the standard service. Unbundled Gateway s Targeted at those Customers who wish to procure the same functionality as the Fully- Managed Gateway s, Unbundled Gateways s retain elements of the service either in-house or as part of a wider network operational environment. For example, this unbundled approach allows efficiencies to be realised through sharing existing customer NOC and SOC capabilities. This approach may be favoured by Customers who for security reasons are unable to disclose details of their operations or allow third parties to have access to equipment after installation. Page 6 of 12
7 Thales Definition for PSN Secure Gateway It is anticipated that this will also appeal to specialist Vendors, Systems Integrators, Outsourcers and to SMEs who can provide high quality elements of the service but are not able to offer the full set of managed services. Capabilities and Technical Performance Specification TABLE 1 CAPABILITIES AND TECHNICAL PERFORMANCE Gateway Target Security Domains Filtering Capabilities / Functions Actions on Policy Infringement Mail Gateway HIGH MED Standard Filtering/Functional Capabilities: Spam/Phishing E mail Address White list / Black list Word Searching in E mail Word Searching in Attachment File Type Malware Detection Additional/Optional Functional/Filtering Capabilities: Macro Searching Mail Holding / Release (Gateway functionality dependent). Digital Signing; certificates added to e mail traffic to authenticate senders to receivers. Detailed Word Searching; permutations, abbreviations. Security Label Filtering Standard Actions: Block Mail; blocks the e mail traffic and non delivers it. Log Transaction Attempt; logging of transaction attempts and infringements. Logging (SysLOG); provide SysLOG data for SOC. Additional/Optional Actions: Self Release; an option that can be available for customers on request. Hold Mail; holds the e mail traffic for further analysis (configured depending on policy breach). Archive Mail; provides the capability of archiving mail based on policy. Standard Alerts; SOC/NOC Operators; provide SOC and/or NOC operators will visibility of policy infringements (if configured). Additional/Optional Alerts: Sender (Non Deliver); provides the sender with an alert that their e mail has been blocked. Page 7 of 12
8 Thales Definition for PSN Secure Gateway Gateway Target Security Domains Filtering Capabilities / Functions Actions on Policy Infringement Specified E mail Addresses; provides an alert to specified e mail addresses on detection of policy infringement. Mail Digest; provides a digest of e mails that have been blocked and these can then be selected for self release (policy dependent and also requires Self Release option). Levels TABLE 2 SERVICE LEVELS Attribute Hours of operation (Network Operation Centre) Availability Help Desk Request Response IMAC Response 24hrs, 365 days per year Target Level Priced example 99.9% Higher availability based upon selection of resilience options Portal operation 24 x7 for monitoring incidents, reporting incidents and logging IMAC service requests Less than 24 hours Less than 24 hours Recompense model for not meeting service levels 1% reduction in our service price for each month we fail to hit the targets Training This is a fully managed service and requires no customer training for the operational service other than the provision of customer portal user guide and service management information including incident escalation processes, service reporting and contact details. Page 8 of 12
9 Thales Definition for PSN Secure Gateway Ordering Thales will provide a written: Specification Document Level Agreement Deployment Plan that includes key milestone dates and any customer dependencies (part of the Order Form / Call Off Agreement) Which shall be agreed by the Customer / Thales as part of the Call Off Form / Agreement. On boarding and Off Boarding On Boarding: Coming on to the service will focus upon establishing the Customer Security Policy aspects that will be enforced by the Gateway. Thales IA staff will develop the necessary Gateway configurations and agree their operation and impact upon the users with the Customer representative before any operational handover (Assurance) is completed. The PSN Gateway manages the traffic at the network boundary and therefore will connect to PSN Connectivity, the Customer s local or third party networks, The integration with the WAN and application services will be completed as part of the service integration planning, documented by Thales through the Deployment Plan and associated customer specific configuration documentation. Points of contact are exchanged and the operational Manual reviewed with the customer to ensure Performance Reporting, Incident Management, Change Management and Security procedures are understood. The operation may go live in phases to suite the Customer requirements and to bed down changes to the existing Customer and User processes and procedures. Off Boarding: As part of the Off Boarding process the operational performance reports and incident records may be provided to the Customer on request. Security incident information stored in the SOC may be provided through the appropriate channels to maintain the security integrity and sensitivity of information. The does not archive Customer information or data that transits through the Gateway components. Operational and configuration records will be securely stored and maintained for the appropriate period in accordance with any legal and certification obligations set by the ISO standards, the PGA or the Government Department (Customer) prior to contract. A shut down schedule will be agreed so the service is terminated in orderly way to avoid disruption and facilitate and transition to an alternative provider. Page 9 of 12
10 Thales Definition for PSN Secure Gateway Customer Responsibilities Customers will need to: Provide suitably qualified employees with knowledge of the customer security policies to work with the Thales deployment team, enabling the systems to be correctly configured by Thales. Provide access to buildings if PSN Connectivity is procured from Thales at the same time. Provide contact details for an approved set of IT staff that will have access to the portal and have permissions to raise Incidents. Provide contact details for incident escalation. Ensure the customer network is compliant with relevant PSN Code of Connection requirements where appropriate Provide Security Manager contact details for reporting any notifiable security events Thales Commitment to Open Standards Thales has a commitment to adopting Open Standards during the Development process where standards exist and will continue to promote new standards where they add real customer value such as improved inter operability or lower maintenance and support costs Thales support for UK Government Information Principles Principle 2 - Information is Managed The principle requires that Information Assets are managed and protected in a manner commensurate with their value. The Thales Secure Gateway s are designed to enforce the Customer s own Security Policies to manage and protect information transiting a security boundary. This includes a range of information management best-practices delivered through the Network Operations Centre and the Thales GPG13 based Security Operations Centre- for example to ensure appropriate availability and integrity, to avoid exposure and loss. Principle 5 - Information is Re-used A joined up approach to the sharing of information across the public sector to deliver public services and to meet public task responsibilities is becoming increasingly important and expected. Page 10 of 12
11 Thales Definition for PSN Secure Gateway One of the key aspects of re-use is supported by the use of Secure Gateway s in enforcement of Security Policies that have been devised as a result of careful risk-based judgements with regard to exploiting vs. protecting UK Government information: External re-use sharing information with others across organisational boundaries, whether within the public sector, or more generally with private businesses and citizens Government ICT Strategy and Greening ICT Strategies In support of the Government Greening ICT Strategy the Thales Group has made protecting the environment one of its ethical values. The Group is committed to a proactive environmental protection policy (ISO and compliant with the European Eco- Management and Audit Scheme) and attaches importance to this principle within the framework of its activities. The design of Thales PSN s, their operational support and Data Centre selection supports both the ICT and Greening strategies through: Use of Open Standards and PSN interconnect specification to facilitate the creation of a common ICT infrastructure Developing a range of Securing the Cloud capabilities and gaining accreditation for ICT services that are an enabler for delivering government changes with the lowest IA risk Developing PSNA certified Gateway s to monitoring, managing and reporting on information transiting security boundaries in support of IA governance. In addition Thales implements an extensive quality control and management system, including organisational governance processes to manage and reduce risk, provide continuous process improvement and ensure customer satisfaction. Thales supports key principles of the Government ICT Strategy. Thales will work with UK Government to reduce unnecessary waste, ensure projects meet customer needs, timescales and budgetary constraints whilst delivering a sustainable and common ICT infrastructure. Contact To discuss or speak to Thales about our Gateway cloud services, we would be delighted to hear from you. We can be contacted on: thalesg cloud5@uk.thalesgroup.com Page 11 of 12
12
Thales Service Definition for IL3 Encrypted Overlay for Cloud Services
Thales Service Definition for UK IL3 Encrypted Overlay Thales Service Definition for IL3 Encrypted Overlay for Cloud Services April 2014 Page 1 of 11 Thales Service Definition for UK IL3 Encrypted Overlay
More informationThales Service Definition for NOC Services for Cloud
Thales Service Definition for UK NOC Services Thales Service Definition for NOC Services for Cloud April 2014 Page 1 of 13 Thales Service Definition for UK NOC Services CONTENT Page No. Introduction...
More informationA. Reference information. A0. G-Cloud Programme unique ID number for the service and version number of this scoping template
G-Cloud Service Pan Government Security Accreditation Scope This form is intended for Suppliers of services on the G-Cloud to complete. Upon receipt, the G-Cloud Programme will check Section A, Reference
More informationService Definition Document
Service Definition Document QinetiQ Secure Cloud Protective Monitoring Service (AWARE) QinetiQ Secure Cloud Protective Monitoring Service (DETER) Secure Multi-Tenant Protective Monitoring Service (AWARE)
More informationAccessing and sending data securely across security domains
In this White Paper Connectivity is good. Secure connectivity is essential. This white paper by Thales UK explains how Thales Gateway Services protect the exchange of data across security domains. It discusses
More informationSCC Information Assurance Practice, CLAS Consulting, Check Testing and Accreditation Services
SCC Information Assurance Practice, CLAS Consulting, Check Testing and Accreditation Services Contents 1 Introduction...2 2 IA, CLAS Consulting and CHECK Testing...3 3 Information Assurance...4 4 Accreditation...5
More informationService description RFL Virtual Data Centre
Service description RFL Virtual Data Centre IaaS G-Cloud 6 1 Contents Overview... 3 Highlights... 3 Description... 3 Use cases... 3 Use cases... 5 Use cases... 5 Pricing... 5 Information assurance... 5
More informationGet Better Protected... Secure data sharing made possible with Updata s Encryption Overlay Service.
i Compliant Fully managed Encryption Overlay service enabling data sharing across secure networks. Provides operational efficiencies and cost savings through simplified procurement Get Better Protected...
More informationRemote Access Service (RAS)
Remote Access Service (RAS) Contents 1 Introduction to Remote Access Service...2 2 Service Definition...3 2.1 Functionality & Features... 3 2.2 Access Methods... 3 3 Differentiators...4 4 Commercials...5
More informationGPG13 Protective Monitoring. Service Definition
GPG13 Protective Monitoring Service Definition Issue Number V1.3 Document Date 27 November 2014 Author: D.M.Woodcock Classification UNCLASSIFIED Version G-Cloud 6 2014 Copyright Assuria Limited. All rights
More informationProtective Monitoring as a Service. Lot 4 - Specialist Cloud Services. Version: 1.0, Issue Date: 05/02/201405/02/2014. Classification: Open
Protective Monitoring as a Service Version: 1.0, Issue Date: 05/02/201405/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 2014. Other than for the sole purpose of evaluating this
More informationProtective Monitoring as a Service. Lot 4 - Specialist Cloud Services. Version: 2.1, Issue Date: 05/02/201405/02/2014. Classification: Open
Protective Monitoring as a Service Version: 2.1, Issue Date: 05/02/201405/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 201416/12/2014. Other than for the sole purpose of evaluating
More informationUK Government IA Recent Changes and Update
UK Government IA Recent Changes and Update INTRODUCTION Agenda Part 1 Government IA and Cyber Security Background Quick Threat Update UK Government Cyber Security Initiative Government Asset Control in
More informationCASSIDIAN CYBERSECURITY SECURITY OPERATIONS CENTRE SERVICES
CASSIDIAN CYBERSECURITY SECURITY OPERATIONS CENTRE SERVICES PROTECTIVE MONITORING SERVICE In a world where cyber threats are emerging daily, often from unknown sources, information security is something
More informationPrepared by: CACI Digital Services Date issued: March 2014. CACI Managed Cloud Hosting Overview
Prepared by: CACI Digital Services Date issued: March 2014 Overview Document Control This section details document control in terms of its distribution, configuration management, amendment history and
More informationHosted Desktop as a Service
Hosted Desktop as a Service Contents 1 Introduction to Hosted Desktop Service...2 2 Service Definition...3 2.1 Functionality & Features... 3 2.2 Administration... 4 2.3 Access Methods... 4 2.4 Service
More informationLot 1 Service Specification MANAGED SECURITY SERVICES
Lot 1 Service Specification MANAGED SECURITY SERVICES Fujitsu Services Limited, 2013 OVERVIEW OF FUJITSU MANAGED SECURITY SERVICES Fujitsu delivers a comprehensive range of information security services
More informationHow To Secure Cloud Compute At Eduserv
Implementing the CESG Cloud Security Principles February 2015 Eduserv Public www.eduserv.org.uk Contents Introduction... 4 The principles... 4 About our claims... 5 1 Data in transit protection... 6 2
More informationPSN Protective Monitoring. Service Definition
PSN Protective Monitoring Service Definition Issue Number V3.0 Document Date 29 September 2015 Author: R.N. Connor Classification UNCLASSIFIED Version G-Cloud 7 2015 Copyright Tenian Limited. All rights
More informationEmbrace the G-Cloud. Ultra Secure Colocation Services for the Public Sector. thebunker.net Phone: 01304 814800 Fax: 01304 814899 info@thebunker.
Embrace the G-Cloud Ultra Secure Colocation Services for the Public Sector 1 Phone: 01304 814800 Fax: 01304 814899 info@ Contents Introduction What is G-Cloud? Types of accreditation: Business Impact Levels
More informationHOW TO BUY FROM G-CLOUD AND CLOUDSTORE A GUIDE FOR BUYING ORGANISATIONS
white paper HOW TO BUY FROM G-CLOUD AND CLOUDSTORE A GUIDE FOR BUYING ORGANISATIONS EXECUTIVE SUMMARY There has been much talk of cloud services, G-Cloud and Cloud First in recent months, but what does
More informationHow to gain accreditation for a G-Cloud Service
www.ascentor.co.uk How to gain accreditation for a G-Cloud Service Demystify the process As a registered supplier of G-Cloud services you will be keenly aware that getting onto the G-Cloud framework does
More informationSecure LAMP Application Server Service
Service Definition Document GCloud 7 : Product : G7 3.LAMP.008 Summary Secure LAMP Application Server Service Secure managed Web Software service, deliverying a LAMP application Service. Supports a wide
More informationAssurance in the Cloud: Outsourcing Risk in a Shifting Landscape
by SCC We make IT work Assurance in the Cloud: Outsourcing Risk in a Shifting Landscape 02 CONTENTS You hold sensitive public sector data Sentinel protects it. Sentinel by SCC not only provides faster
More informationIntegrated windows authentication for customers based on Probation GSI network
Product Overview Victims Tracker (VT) is a software application, which was developed by London Probation Trust (LPT) to effectively manage the engagement / contact with victims of crime and the management
More informationIT Heath Check Scoping guidance ALPHA DRAFT
IT Heath Check Scoping guidance ALPHA DRAFT Version 0.1 November 2014 Document Information Project Name: ITHC Guidance Prepared By: Mark Brett CLAS Consultant Document Version No: 0.1 Title: ITHC Guidance
More informationSERVICE DEFINITION G-CLOUD 7 SECURE FILE TRANSFER DIODE. Classification: Open
SERVICE DEFINITION G-CLOUD 7 SECURE FILE TRANSFER DIODE Classification: Open Classification: Open ii MDS Technologies Ltd 2015. Other than for the sole purpose of evaluating this Response, no part of this
More informationGOVERNMENT HOSTING. Cloud Service Security Principles Memset Statement. www.memset.com
GOVERNMENT HOSTING Cloud Service Security Principles Memset Statement Summary - March 2014 The Cabinet Office has produced a set of fourteen Cloud Service Security Principles to be considered when purchasers
More informationWeb Conferencing and Collaboration as a Service
Service Definition Document GCloud 7 : Product : G7 3.LAMP.008 Summary Web Conferencing and Collaboration as a Service Web Conferencing and project collaboration service designed for mobile and desktop
More informationProcurement Policy Note Use of Cyber Essentials Scheme certification
Procurement Policy Note Use of Cyber Essentials Scheme certification Action Note 09/14 25 September 2014 Issue 1. Government is taking steps to further reduce the levels of cyber security risk in its supply
More informationIBM G-Cloud Microsoft Windows Active Directory as a Service
IBM G-Cloud Microsoft Windows Active Directory as a Service Service Definition IBM G-Cloud Windows AD as a Service 1 1. Summary 1.1 Service Description This offering is provided by IBM Global Business
More informationOpen Source Sales Force Automation (SFA) in the Cloud SaaS
Open Source Sales Force Automation (SFA) in the Cloud SaaS Service Overview Our open source Sales Force Automation (SFA) in the cloud service allows customers to perform marketing automation through multi
More informationHOSTING. Managed Security Solutions. Managed Security. ECSC Solutions
Managed Security Managed Security MANAGED SECURITY SOLUTIONS I would highly recommend for your company s network review... were by far the best company IT Manager, Credit Management Agency Presenting IT
More informationCaretower s SIEM Managed Security Services
Caretower s SIEM Managed Security Services Enterprise Security Manager MSS -TRUE 24/7 Service I.T. Security Specialists Caretower s SIEM Managed Security Services 1 Challenges & Solution Challenges During
More informationCloud Enablement. Lot 4 - Specialist Cloud Services. Version: 2.0, Issue Date: 05/02/2014. Classification: Open
Cloud Enablement Version: 2.0, Issue Date: 05/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 2014. Other than for the sole purpose of evaluating this Response, no part of this
More informationblueprint IL3 CONNECTIVITY FROM SECURE END-USER DEVICES
blueprint IL3 CONNECTIVITY FROM SECURE END-USER DEVICES INTRODUCTION Skyscape is one of very few cloud providers that has achieved Pan Government Accreditation (PGA) and PSN Accreditation for our IL3 Compute,
More informationDocumentum Document Management in the Cloud Service Definition
Documentum Document Management in the Cloud Service Definition Service Overview Working together with its Cloud Services Partner, Skyscape, SynApps Solutions (SynApps) has developed its Documentum Document
More informationeasy to adopt, easy to use, easy to leave service description API accessible Cloud Storage IaaS version 5.1
easy to adopt, easy to use, easy to leave service description API accessible Cloud Storage IaaS version 5.1 Contents Highlights... 3 Overview... 3 Example use cases... 4 Trial service... 4 Information
More informationGuardian365. Managed IT Support Services Suite
Guardian365 Managed IT Support Services Suite What will you get from us? Award Winning Team Deloitte Best Managed Company in 2015. Ranked in the Top 3 globally for Best Managed Service Desk by the Service
More information1 Introduction to Skype For Business...2 2 Service Definition...3. 2.1 Functionality & Features... 3 2.2 Administration... 5 2.3 Access Methods...
Skype For Business Contents 1 Introduction to Skype For Business...2 2 Service Definition...3 2.1 Functionality & Features... 3 2.2 Administration... 5 2.3 Access Methods... 5 3 Differentiators...6 4 Commercials...7
More informationSIEM Implementation Approach Discussion. April 2012
SIEM Implementation Approach Discussion April 2012 Agenda What are we trying to solve? Summary Observations from the Security Assessments related to Logging & Monitoring Problem Statement Solution Conceptual
More informationservice description Document Management in the Cloud Software as a Service
easy to adopt, easy to use, easy to leave service description Document Management in the Cloud Software as a Service version 4.0 Contents Overview... 3 Example use cases... 3 Pricing... 4 Trial service...
More informationIBM Web Server as a Service
IBM Web Server as a Service Service Definition IBM G-Cloud Web Server as a Service 1 1. Summary 1.1 Service Description This offering is provided by IBM Global Business Services and provides a Web Server
More informationwhite paper CLOUD SERVICES AND THE GOVERNMENT SECURITY CLASSIFICATIONS POLICY
white paper CLOUD SERVICES AND THE GOVERNMENT SECURITY CLASSIFICATIONS POLICY SECURITY EXECUTIVE SUMMARY The UK government has increasingly been encouraging the use of cloud services instead of traditional
More informationPROTECTIVE MONITORING SERVICE G-CLOUD SERVICE DEFINITION
PROTECTIVE MONITORING SERVICE G-CLOUD SERVICE DEFINITION 15 Table of contents 1 Introduction...2 2 Service Overview...3 2.1 Protective Monitoring...3 2.2 Service Description...4 2.3 Scenario: Basis for
More informationWHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY?
WHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY? Contents Introduction.... 3 What Types of Network Security Services are Available?... 4 Penetration Testing and Vulnerability Assessment... 4 Cyber
More informationCyber Essentials Scheme
Cyber Essentials Scheme Assurance Framework January 2015 December 2013 Contents Introduction... 3 Change from June 2014 version... 3 Overview... 4 Stage Definitions... 5 Stage 1 Cyber Essentials: verified
More informationCloud Enablement. Lot 4 - Specialist Cloud Services. Version: 3.0, Issue Date: 05/02/2014. Classification: Open
Cloud Enablement Version: 3.0, Issue Date: 05/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 201415/12/2014. Other than for the sole purpose of evaluating this Response, no part
More informationPrimary Storage in the Cloud. Lot 1 - Infrastructure as a Service. Version: 5.0, Issue Date: 07/12/2014. Classification: Open
Primary Storage in the Cloud Version: 5.0, Issue Date: 07/12/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 2014. Other than for the sole purpose of evaluating this Response, no
More informationTactical Cost Reduction
Tactical Cost Reduction G-Cloud Service 1 An overview of the G-Cloud Service Information assurance Backup/restore and disaster recovery On-boarding and Off-boarding processes/scope etc. Pricing Service
More informationIT Enterprise Services
IT Enterprise Services Capita Private Cloud Agile Infrastructure-as-a-Service (IaaS) Cloud potential unleashed Cloud computing at its best Cloud is now an integral part of every IT strategy. It reduces
More informationesecure Enterprise Service Bus
esecure Enterprise Service Bus Contents 1 Intro to esecure Enterprise Service Bus...2 2 Service Definition...3 2.1 Functionality & Features... 3 2.2 Service Backup/Restore... 5 3 Differentiators...6 4
More informationXerox Remote Infrastructure Monitoring (XRIM)
Xerox Remote Infrastructure Monitoring (XRIM) Service Description G-Cloud : Lot 3 : Software as a Service (SaaS) April 2014 Version 1.0 2014 Xerox Corporation. All rights reserved. Xerox and Xerox and
More informationDedicated Compute Cloud. Lot 1 - Infrastructure as a Service. Version: 1.0, Issue Date: 09/12/2014. Classification: Open
Dedicated Compute Cloud Version: 1.0, Issue Date: 09/12/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 201416/12/2014. Other than for the sole purpose of evaluating this Response,
More informationJoint ICT Service ICT Strategy 2014-17
Document History Document Location This document is only valid on the day it was printed. The source of the document will be found in (see footer) Revision History Date of this revision: 19 th May 2014
More informationSCOTTISH CENSUS INDEPENDENT SECURITY REVIEW REPORT
SCOTTISH CENSUS INDEPENDENT SECURITY REVIEW REPORT Issue 1.0 Date 24/03/2011 Logica is a business and technology service company, employing 39,000 people. It provides business consulting, systems integration
More informationG-Cloud Service Definition. Atos Infrastructure as a Service (IL3) for Cloud IaaS
G-Cloud Service Definition Atos Infrastructure as a Service (IL3) for Cloud IaaS Atos Accredited Secure Cloud Infrastructure as a Service (IL3) Robust, secure, scalable Cloud computing and consumption-based
More informationGrowth Through Excellence
Growth Through Excellence Public/Private Cloud Services Service Definition Document G- Cloud 5 REFERENCE NUMBER RM1557v Table of Contents Table of Contents... 3 Executive Summary... 4 About the Company...
More informationSecurity April 2015. Solving the data security challenge with our enhanced private and hybrid cloud services
Security April 2015 Secure cloud solutions with guaranteed UK data sovereignty. Solving the data security challenge with our enhanced private and hybrid cloud services This paper enables discussion around
More informationitg CloudBase is a suite of fully managed Hybrid & Private Cloud Services ready to support your business onwards and upwards into the future.
Web Filtering Email Filtering Mail Archiving Cloud Backup Disaster Recovery Virtual Machines Private Cloud itg CloudBase is a suite of fully managed Hybrid & Private Cloud Services ready to support your
More informationservice description Email, SharePoint and File Archive in the Cloud Software as a Service
easy to adopt, easy to use, easy to leave service description Email, SharePoint and File Archive in the Cloud Software as a Service version 4.0 Contents Overview... 3 Example use cases... 3 Pricing...
More informationPAAS Public Sector Managed Services
Meritec Limited Meritec House, Acorn Business Park, Skipton, North Yorkshire, BD23 2UE 0845 3451155 servicepoint@meritec.co.uk www.meritec.co.uk Registered In England & Wales No. 3224622 Table of Contents
More informationINFRASTRUCTURE ARCHITECTURE BLUEPRINT
INFRASTRUCTURE ARCHITECTURE BLUEPRINT MESYUARAT PENGURUS-PENGURUS ICT SEKTOR AWAM BIL.3 TAHUN 2010 26 Oktober 2010 BERSAMA MELAKSANA TRANSFORMASI Table of Content Introduction Current Environment Overview
More informationCommittees Date: Subject: Public Report of: For Information Summary
Committees Audit & Risk Management Committee Finance Committee Subject: Cyber Security Risks Report of: Chamberlain Date: 17 September 2015 22 September 2015 Public For Information Summary Cyber security
More informationIT Services. We re the IT in OrganIsaTion. Large Organisations
IT Services. We re the IT in OrganIsaTion Large Organisations IT for Large Organisations. As the world of business technology has changed, so have we. From designing, building and optimising tailored
More informationService Definition MMaaS Mobile Device Management. G- Cloud VII. Service Definition Nine23 MMaaS Mobile Device Management
Service Definition MMaaS Mobile Device Management G- Cloud VII 1 Table of Contents 1 SERVICE MMAAS MOBILE DEVICE MANAGEMENT... 3 1.1 OVERVIEW NINE23... 3 1.2 SERVICE SUMMARY MMAAS MOBILE DEVICE MANAGEMENT...
More informationVodafone Private Cloud
Vodafone Private Cloud Overview Vodafone Private Cloud is our dedicated public sector cloud service that connects you to your own private IL2/IL3 network and / or core government networks, including the
More informationSQL Server Database as a Service (DBaaS)
SQL Server Database as a Service (DBaaS) Contents 1 SQL Server Database as a Service...2 2 Service Definition...3 2.1 Customer On-Boarding... 4 2.2 Event & Incident Management... 4 2.3 Request Fulfilment...
More informationDELTATECH G-Cloud SaaS Services
DELTATECH G-Cloud SaaS Services 1.1.1.1.1.1 SecureOps Service Service Definition A DeltaTech G-Cloud SaaS service DeltaTech SaaS Services SecureOps Tactical Operations Management System Managing secure
More informationG-Cloud Service Definition. Atos Call Centre Services SCS
G-Cloud Service Definition Atos Call Centre Services SCS Atos Call Centre Services SCS Summary Atos SIAM Service Desk is designed to provide a core part of the SIAM Tower model for ICT delivery. This service
More informationCloudDesk - Security in the Cloud INFORMATION
CloudDesk - Security in the Cloud INFORMATION INFORMATION CloudDesk SECURITY IN THE CLOUD 3 GOVERNANCE AND INFORMATION SECURITY 3 DATA CENTRES 3 DATA RESILIENCE 3 DATA BACKUP 4 ELECTRONIC ACCESS TO SERVICES
More informationIBM G-Cloud Application Systems Management as a Service
IBM G-Cloud Application Systems Management as a Service Service Definition 1 1. Summary 1.1 Service Description This offering is provided by IBM Global Business Services and provides a Systems Management
More informationCESG Certification of Cyber Security Training Courses
CESG Certification of Cyber Security Training Courses Supporting Assessment Criteria for the CESG Certified Training (CCT) Scheme Portions of this work are copyright The Institute of Information Security
More informationThe Cadence Partnership Service Definition
The Cadence Partnership Service Definition About Cadence The Cadence Partnership is an independent management consultancy, specialising in working with a wide range of organisations, solving complex issues
More informationSecure Remote Backup (IL3) G-Cloud Lot3 IaaS
Secure Remote Backup (IL3) G-Cloud Lot3 IaaS Contents Service Definition... 3 An overview of the Remote Backup as a Service... 3 Key Service Attributes... 4 Information assurance... 5 Details of the level
More informationSecurity Consultants / Security Managed Services
Security Consultants / Security Managed Services Service Definition Document for G-Cloudv7 Services October 2015 Table of Contents Service Overview...3 Our Approach... 3 Features... 3 Benefits... 4 ON-BOARDING
More informationFISMA / NIST 800-53 REVISION 3 COMPLIANCE
Mandated by the Federal Information Security Management Act (FISMA) of 2002, the National Institute of Standards and Technology (NIST) created special publication 800-53 to provide guidelines on security
More informationAssessment of Software for Government
Version 1.0, April 2012 Aim 1. This document presents an assessment model for selecting software, including open source software, for use across Government, and the wider UK public sector. 2. It is presented
More informationDOBUS And SBL Cloud Services Brochure
01347 812100 www.softbox.co.uk DOBUS And SBL Cloud Services Brochure enquiries@softbox.co.uk DOBUS Overview The traditional DOBUS service is a non-internet reliant, resilient, high availability trusted
More informationVodafone Total Managed Mobility
Vodafone Total Managed Mobility More productivity, less complexity Vodafone Power to you What s inside? What you get see how your business benefits 4 In detail find out how it all works 5 Service lifecycle
More informatione2e Secure Cloud Connect Service - Service Definition Document
e2e Secure Cloud Connect Service - Service Definition Document Overview A cloud connectivity service that connects users, devices, offices and clouds together over the Internet. Organisations can choose
More informationGMS NETWORK ADVANCED WIRELESS SERVICE PRODUCT SPECIFICATION
GMS NETWORK ADVANCED WIRELESS SERVICE PRODUCT SPECIFICATION 1. INTRODUCTION This document contains product information for the GMS Network Service. If you require more detailed technical information, please
More informationNetwork Services Internet VPN
Contents 1. 2. Network Services Customer Responsibilities 3. Network Services General 4. Service Management Boundary 5. Defined Terms Network Services Where the Customer selects as detailed in the Order
More informationEmail and Collaboration as a Service. Lot 3 - Software as a Service. Version: 2.0, Issue Date: 05/02/2014. Classification: Open
Email and Collaboration as a Service Version: 2.0, Issue Date: 05/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 2014. Other than for the sole purpose of evaluating this Response,
More informationSecurity Accreditation: Not Just a Tick in a Box
www.thalescyberassurance.com In this white paper Security accreditation is too often approached as a box ticking exercise. There is an opportunity cost here little acknowledged. This white paper from Thales
More informationDIGITAL MARKETPLACE (G-CLOUD 7) OFFERING. Sopra Steria OneMobile SaaS Service. Introduction. Service Definition. Sopra Steria in the public sector
DIGITAL MARKETPLACE (G-CLOUD 7) OFFERING Sopra Steria OneMobile SaaS Service Sopra Steria in the public sector Organisations across the public sector choose Sopra Steria to deliver transformation programmes
More informationSBL Integration, Capabilities, and Enablement in Defence Justice@softbox.co.uk. 01347 812148 www.softbox.co.uk
SBL Integration, Capabilities, and Enablement in Defence Justice@softbox.co.uk 01347 812148 www.softbox.co.uk Contents Page 3 SBL Company Overview 4 SBL in Justice 5 SBL Apple Authorised Reseller 5 SBL
More informationHMG Security Policy Framework
HMG Security Policy Framework Security Policy Framework 3 Foreword Sir Jeremy Heywood, Cabinet Secretary Chair of the Official Committee on Security (SO) As Cabinet Secretary, I have a good overview of
More informationBackup to the Cloud Service Definition
Backup to the Cloud Service Definition Service Overview Working together with its Cloud Services Partner, Skyscape, SynApps Solutions (SynApps) has developed its Backup to the Cloud service to enable organisations
More informationExternal Supplier Control Requirements
External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must
More informationGCloud 7 Hybrid Cloud Management Service- Service Description Issue 1
Overview of the Hybrid Cloud Management Ideal recognise that enterprises wishing to leverage hybrid (private and public) cloud infrastructure face a number of key technical and organisational challenges:
More informationUSER EXPERIENCE MONITORING Service Definition
About Littlefish Established in Nottingham in 2003, Littlefish (UK) Ltd has an innovative, stable and successful history in Managed IT Services and has grown continuously over the last ten years. Through
More informationCustomer Relationship Management Software Package G-Cloud Service Definition
Customer Relationship Management Software Package G-Cloud Service Definition 2014 General Dynamics Information Technology. All rights reserved 1 Delivering consistent multi-channel (telephony, e-mail,
More informationDVLA ELISE GSi Closed User Group Code of Connection
DVLA ELISE GSi Closed User Group Code of Connection Security Warning Notice The following handling instructions apply to this document: - Handle, use and transmit with care - Take basic precautions against
More informationThe Power of BMC Remedy, the Simplicity of SaaS WHITE PAPER
The Power of BMC Remedy, the Simplicity of SaaS WHITE PAPER TABLE OF CONTENTS EXECUTIVE SUMMARY............................................... 1 BUSINESS CHALLENGE: MANAGING CHANGE.................................
More informationG-CLOUD 7 - VIRTUAL ASSET MANAGER (VAM) SPECIALIST CLOUD SERVICES (SCS)
G-CLOUD 7 - VIRTUAL ASSET MANAGER (VAM) SPECIALIST CLOUD SERVICES (SCS) Service Definition 6th October 2015 TABLE OF CONTENTS VIRTUAL ASSET MANAGER (VAM) SPECIALIST CLOUD SERVICES (SCS) 3 SERVICE SUMMARY
More informationHow To Help Your Business Succeed
G Cloud III Framework Lot 4 (SCS) CHECK Accredited Penetration Testing Services Contents Executive Summary 3 CHECK Accredited Penetration Testing Services 4 Why Deloitte? 5 Package Cost 7 Contact 9 Service
More informationMANAGED SECURITY SERVICES
MANAGED SECURITY SERVICES Security first Safety first! Security is becoming increasingly important for companies, especially for the extension of networking to mission-critical environments, with new intranet
More informationINFRASTRUCTURE AS A SERVICE BUYER S CHECKLIST
INFRASTRUCTURE AS A SERVICE BUYER S CHECKLIST 2 CONTENTS SERVICE LEVELS 3 SERVICE AND SUPPORT 4 CERTIFICATIONS 4 MANAGED HOSTING 7 BILLING 8 SERVICE MANAGEMENT 8 TECHNOLOGY 9 GLOBAL, REGIONAL, LOCAL 10
More informationCyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things
Cyber security Digital Customer Experience Digital Employee Experience Digital Insight Internet of Things Payments IP Solutions Cyber Security Cloud 2015 CGI IT UK Ltd Contents... Securing organisations
More information