Service Definition Document
|
|
- Rudolph French
- 8 years ago
- Views:
Transcription
1 Service Definition Document QinetiQ Secure Cloud Protective Monitoring Service (AWARE) QinetiQ Secure Cloud Protective Monitoring Service (DETER) Secure Multi-Tenant Protective Monitoring Service (AWARE) Secure Multi-Tenant Protective Monitoring Service (DETER) Specialist Cloud Services version 5.0
2 Content 1. Introduction QinetiQ Secure Cloud Protective Monitoring Service (AWARE) QinetiQ Secure Cloud Protective Monitoring Service (DETER) Secure Multi-Tenant Protective Monitoring Service (AWARE) Secure Multi-Tenant Protective Monitoring Service (DETER) QinetiQ Limited, 2014 Page 2 of 21
3 1. Introduction With the advent of Cloud technologies, it has never been more important for Government and Private companies to comply with regulatory standards and, more importantly, have a mechanism by which they are able to effectively manage and mitigate risks. To assist in meeting this challenge QinetiQ developed the UK s first GPG13 AWARE and DETER Protective Monitoring Managed Services. QinetiQ draws on a unique heritage of providing security expertise to UK and other Governments to achieve high levels of security. Through this knowledge and expertise, QinetiQ has developed the following service offerings, that can be easily adopted and tailored to meet customers specific risk management requirements: Secure Cloud Protective Monitoring Service at AWARE; a Cloud based Protective Monitoring Service for customers with deployed services within the Skyscape Cloud virtual environment, providing centralised storage of Security event data following guidance at the IS1 AWARE segment. Secure Cloud Protective Monitoring Service at DETER; a Cloud based Protective Monitoring Service for customers with deployed services within the Skyscape Cloud virtual environment, providing a fully Managed Service operating against IS1 and IS2 DETER, providing 24x7 monitoring and alerting of Security events and alerts. Secure Multi-tenanted Protective Monitoring Service at AWARE; A centralised multitenanted architecture delivering centralised storage of Security event data following guidance at the IS1 AWARE segment. Secure Multi-tenanted Protective Monitoring Service at DETER; A centralised multitenanted architecture delivering a fully Managed Service operating against IS1 and IS2 DETER, providing 24x7 monitoring and alerting of Security events and alerts. QinetiQ Limited, 2014 Page 3 of 21
4 2. QinetiQ Secure Cloud Protective Monitoring Service (AWARE) Service Overview The QinetiQ Secure Cloud Protective Monitoring Service enables customer organisations to effectively manage and mitigate risks posed to their Information Technology environments deployed upon the Skyscape Cloud Services virtual architecture. The Secure Cloud Protective Monitoring Service consists of a set of robust business processes, underpinned by technology, delivered by people and operated in line with the guidelines defined within HMG Good Practice Guide Protective Monitoring for HMG ICT Systems, Issue 1.7 (GPG13). The Secure Cloud Protective Monitoring Service provides collection and compilation of appropriate security audit event logs. This provides a solution to challenges faced by organisations where oversight of how their IT is used (or abused) is essential. This service acts as a central point within G-Cloud services for the consistent storage of Accounting or Event logs and operates in compliance with the requirements identified within the AWARE segment of GPG13. The Secure Cloud Protective Monitoring solution provides a centralised Protective Monitoring capability that can be employed to provide monitoring across a customer s cloud based virtual environments. The solution has been specifically designed to be secure, have the agility to dynamically scale, provide logically separate monitoring and reporting views and provide customers with a high value, effective monitoring capability that has a low total cost of ownership and an easy adoption process. The QinetiQ solution integrates with a customer s virtual network deployed at Skyscape. QinetiQ provides each client with a seamless and simple on-boarding process ensuring that the protective monitoring of a customer s virtual network can be initiated swiftly allowing the Customer to receive value from the Protective Monitoring Service promptly. In embracing the G-Cloud offerings and realising the benefits of efficient IT services, there can be a significant challenge to organisations in considering a risk treatment method. Protective Monitoring by QinetiQ is delivered to the customer alongside the HMG Risk Management standard, IA Standard No. 1 and 2 (IS1 & 2) process and provides a method of risk mitigation to assist with the overall security assurance process. QinetiQ is aware of the recent transition from the Government Protective Marking Scheme (GPMS) to the Government Security Classification (GSC) policy for the classification of all system security. Whether deploying Protective monitoring onto a GPMS or GSC classified system, QinetiQ ensures that compliance with the system requirements is met. The QinetiQ service operates within ISO27001 certified security policies and processes and is delivered from a List X site. Service Features Protective Monitoring is delivered alongside the HMG Risk Management standard, IA Standard No. 1 and 2 (IS1 & 2) process and provides and method of both risk mitigation and monitoring to provide assistance and risk reduction and treatment activities in support of the overall security assurance process. This service provides a centralised event storage service in support of the Customer s requirement to Protectively Monitor its ICT Systems following the guidance provided in CESG Good Practice Guide No.13 (GPG13) at the IS1 AWARE segment. QinetiQ Limited, 2014 Page 4 of 21
5 The service is designed to receive event logs from pre identified customer devices which the customer has configured to send via a secure channel to QinetiQ for processing. The output of the Aware Protective Monitoring service consists of: Security event data stored in a consistent format Secure access to security event log data. Example Use Cases The service can be used to receive and collate accounting logs from various and disparate customer owned assets (such as differing virtual machines, applications and security enforcing appliances). This will allow for the safe, centralised storage of accounting logs in a structured manner The Protective Monitoring solution provides an independent storage of normalised accounting data to provide enduring storage of security audit data for post incident and retrospective audit The Protective Monitoring Service provides an intuitive method by which management information relating to the event data can be accessed through a secure web browser based interface. Technical Features A methodical approach based on a well-established architecture Automated event normalisation and processing Standards based security architecture Out of the box list of supported COTS devices Storage and event treatment in line with the advice and guidance of GPG13. An overview of the G-Cloud Service (functional, non-functional) Customer s access to the solution, for the retrieval and review of collated accounting data will be via the secure online portal. Two factor authentication together with role based access control will ensure that data access is permitted only to authorised users. Information assurance Impact Level (IL) at which the G-Cloud Service is accredited to hold and process information Business Impact Level 2 as standard, though capable of operating at differing impact levels. The service will, as standard, cover the Protective Monitoring Controls within GPG13 associated with the InfoSec Standard No.1 Part 2 AWARE Segment. Connectivity Available Secure Connectivity between QinetiQ and the Skyscape Cloud platform is provided within the scope of this Service. Details of the level of backup/restore and disaster recovery that will be provided Storage of accounting data will be provided on resilient storage infrastructure supported by an archive to offline storage and data daily data replication activity to create a separate backup. Accounting data will be deleted from the archive once the retention period expires. QinetiQ Limited, 2014 Page 5 of 21
6 On-boarding and Off-boarding processes/scope etc. The on-boarding process requires an understanding of the type of data to be presented to QinetiQ and the method by which it will be received. A Protective Monitoring Controls and Compliancy Matrix (PMCCM) shall be used as the mechanism to agree with the customer the data streams that shall be configured within the QinetiQ service. Once agreed, the data streams will be integrated into the Event Storage system. Off-boarding will primarily consist of the cessation of the data stream, the handover of any data sets currently processed or stored by QinetiQ to the Customer, followed by sanitisation of the Customer event data. Service Options QinetiQ is able to provide consultancy services to Customers to assist with the identification of the appropriate log data and define the level of accounting information required on the monitored systems. QinetiQ is also able to provide support to Information Assurance and Accreditation activities. Service Management Details Access to a 24x7 Service Desk is available to enable interaction and advice on security incidents. Service Management is delivered in alignment with the ISO20000 standard. Ordering and Invoicing On receipt of a request, QinetiQ will provide a proposal for the required resources to deliver the service. Services must be purchased for a minimum term of one year. Billing for the service will be monthly in advance against the contracted consumption rate. Deviation from the contracted consumption will be retrospectively annotated and charged within the following invoice. Termination terms By consumers (i.e. consumption) By the Supplier (removal of the G-Cloud Service) Costs are payable by the consumer for termination during the annual term. These will be calculated based upon remaining committed costs. Data Restoration / Service Migration QinetiQ will provide appropriate access to Customer data for the purposes of data migration, including any Customer documentation as appropriate. Bandwidth charges for the transfer of data held by QinetiQ are provided. Consumer Responsibilities The consumer will be required to provide details of systems to be integrated into the service and access to associated subject matter experts for the purposes of supporting the initial on-boarding and baseline process. The Consumer is required to provide evidence retrospectively on a monthly basis, in support of identifying the total VM per hour usage across the monitored solution. The consumer is also responsible for ensuring they apply suitable controls to this sensitive data/application. The Consumer is responsible for any privacy impact assessment. QinetiQ Limited, 2014 Page 6 of 21
7 Technical requirements (service dependencies and detailed technical interfaces, e.g. client side requirements, bandwidth/latency requirements etc.) Data streams will need to be presented to the Protective Monitoring system via an appropriate format, ideally TCP (Transmission Control Protocol) or UDP (User Datagram Protocol) based. QinetiQ will support a customer during the on boarding process to ensure that the forwarding of device accounting data is configured correctly. It is recommended that where available, encrypted transports should be used such as SSL/TLS (Secure Sockets Layer / Transport Layer Security). QinetiQ Limited, 2014 Page 7 of 21
8 3. QinetiQ Secure Cloud Protective Monitoring Service (DETER) Service Overview The QinetiQ Secure Cloud Protective Monitoring Service enables customer organisations to effectively manage and mitigate risks posed to their Information Technology environments deployed upon the Skyscape Cloud Services virtual architecture. The Secure Cloud Protective Monitoring Service consists of a set of robust business processes, underpinned by technology, delivered by people and operated in line with the guidelines defined within HMG Good Practice Guide Protective Monitoring for HMG ICT Systems, Issue 1.7 (GPG13). The Secure Cloud Protective Monitoring Service provides aggregation, compilation, analysis, behavioural trending, correlation, and interpretation of security audit event logs. Applying to this the specialist vulnerability and comprehensive threat knowledge at QinetiQ then provides the customer with actionable intelligence of active incidents as well as recommendations for management and remediation. The service acts in full support of the Security Management of an estate providing a solution to challenges faced by organisations where oversight of how their IT is used (or abused) is essential. This service acts as a central point within G-Cloud services for receiving, processing, analysis, correlation, alerting and reporting (24x7) of security matters and the delivery of advice in support of all remediation and resolution activities. The Secure Cloud Protective Monitoring solution provides a centralised Protective Monitoring capability that can be employed to provide monitoring across a customer s cloud based virtual environments. The solution has been specifically designed to be secure, have the agility to dynamically scale, provide logically separate monitoring and reporting views and provide each customer with a high value, effective monitoring, alerting and reporting capability that has a low total cost of ownership and an easy adoption process. The QinetiQ solution integrates with a customer s Virtual network deployed at Skyscape. QinetiQ provides each client with a seamless and simple on boarding process ensuring that the protective monitoring of a customer s virtual network can be initiated swiftly allowing the Customer to receive value from the Protective Monitoring Service promptly. In embracing the G-Cloud offerings and realising the benefits of efficient IT services, there can be a significant challenge to organisations in considering a risk treatment method. Protective Monitoring by QinetiQ is delivered to the customer alongside the HMG Risk Management standard, IA Standard No. 1 and 2 (IS1 & 2) process and provides a method of risk mitigation to assist with the overall security assurance process. QinetiQ is aware of the recent transition from the Government Protective Marking Scheme (GPMS) to the Government Security Classifications (GSC) policy for the classification of all system security. Whether deploying Protective monitoring onto a GPMS or GSC classified system, QinetiQ ensures that compliance with the system requirements is met. The QinetiQ service operates within ISO27001 certified security policies and processes and is delivered from a List X site. QinetiQ Limited, 2014 Page 8 of 21
9 Service Features Protective Monitoring is delivered alongside the HMG Risk Management standard, IA Standard No. 1 and 2 (IS1 & 2) process and provides and method of both risk mitigation and monitoring to provide assistance and risk reduction and treatment activities in support of the overall security assurance process. This service provides a centralised event aggregation and analysis service in support of the Customer s requirement to Protectively Monitor its ICT Systems following the guidance provided in CESG Good Practice Guide No.13 (GPG13) at the IS1 DETER segment. The service operates 24x7 at Business Impact Level 3, baseline GPG13 DETER. QinetiQ analysts and Engineers operate under an ITIL aligned ISO20000 framework with ISO27001 certified policies and processes. The service delivers a 24 x 7 analysis function, supported by an underlying Security Incident & Event Management (SIEM) technology that receives accounting data from customer owned assets, over appropriately secured connectivity, providing real time analysis and correlation. Correlation autonomously looks for common attributes, and links events together through association, integrating data from different sources in order to turn separate accounting data feeds into an essential view of network activity. Analysis of the output of correlation and behavioural anomaly provides an assessment of internal and external behaviour within the monitored estate; triggering security alerts and recommendations for improvements in security. QinetiQ Security Analysts analyse each security alert and supporting event data, apply specialist vulnerability and threat knowledge, and then raise prioritised Incidents with the customer where appropriate. Advice for management and remediation is provided to the customer, using our knowledge of the architecture and the customer s critical business processes. Service levels and response times are managed within strict Service Level Agreements (SLAs). The output of the event monitoring correlation and analysis function consists of: Information Security Incidents notifications raised with the Customer on a 24x7 basis. These notifications will have a priority classification relating to criticality and impact Automated Weekly Reports. These will include an analysis of the Week s Events, classified according to the GPG13 Protective Monitoring Controls (PMCs) Monthly Management Reporting summarising Events classified according to the GPG13 PMCs. It will include an analysis of the month s Events by QinetiQ Analysts Aggregated accounting data stored in a consistent format Secure access, by the customer to review accounting data. Example Use Cases Identification of potential external threats to G-Cloud host applications and customers critical business processes through proactive Protective Monitoring Identification of potential insider threat from within a Customer's organisation Analysis, alerting, advice and recommendations to aid and enable mitigation of risk, management of incidents and remediation activities to improve the security of a network QinetiQ Limited, 2014 Page 9 of 21
10 A service to provide Protective Monitoring of elements within a customer's IaaS Virtual Data Centre container and of their applications The service can be used to collate the accounting logs from various and disparate sources. This will allow for the safe, centralised storage of the accounting logs Through the centralisation of Accounting Logs in a common structure, analysis of adherence to GPG13 can be derived, along with contextual based reporting and alerting to agreed service levels Provides for the independent storage of event data from Cloud service providers, to provide enduring storage of security audit data for post incident and retrospective audit Provides an intuitive method by which management information relating to the event data can be accessed through a secure web browser based interface. Technical Features Established architecture patterns providing scale and flexibility driving a methodical approach Automated event normalisation and processing Validation of outputs by expert Protective Monitoring analysts Accredited, standards based security architecture Out of the Box list of supported COTS devices Storage and event treatment in line with the advice and guidance of GPG13. An Overview of the G-Cloud Service (functional, non-functional) Customer s access to the solution, for a display of the level of adherence to GPG13, and to the weekly and monthly reports, including details on any incidents alerted to the Customer, and the retrieval and review of collated accounting data will be via the secure online portal. Two factor authentications together with role based access will ensure that data access is permitted only to authorised users. Information Assurance Impact Level (IL) at which the G-Cloud Service is accredited to hold and process information Business Impact Level 3 as standard, though capable of operating at differing impact levels to meet the requirements of the monitored system. The service will as standard cover the InfoSec Standard No.1 Part 2 DETER Segment. Connectivity Available Secure Connectivity between QinetiQ and the Skyscape Cloud platform is provided within the scope of this Service. Details of the level of backup/restore and disaster recovery that will be provided Storage of accounting data will be provided on resilient storage infrastructure supported by an archive to offline storage and data daily data replication activity to create a separate backup. Accounting data will be deleted from the archive once the retention period expires. On-boarding and Off-boarding processes/scope etc The on-boarding process requires an understanding of the type of data to be presented to QinetiQ and the method by which it will be received. The Protective Monitoring Controls and Compliancy Matrix (PMCCM) shall be used as the mechanism to agree with the QinetiQ Limited, 2014 Page 10 of 21
11 customer the data streams that shall be configured within the QinetiQ service. Once agreed, the data streams will be baseline tuned to remove normal and accepted activity or other background processes, leaving the events which require analysis to demonstrate adherence to GPG13 and to be able to detect anomalous behaviour within the data stream. Off-boarding will primarily consist of the cessation of the data stream and the handover of any data sets currently processed or stored by QinetiQ to the Customer, followed by sanitisation of the Customer event data. Service Options QinetiQ is able to provide consultancy services to Customers to assist with the identification of the appropriate log data and define the level of accounting information required on the monitored systems. Through assessment of the risk and threat profile a more tailored and cost effective solution can be delivered. QinetiQ is also able to provide support to Information Assurance and Accreditation activities. Service Management Details Access to a 24x7 Service Desk is available to enable interaction and advice on security incidents. Service Management is delivered in alignment with the ISO20000 standard. Ordering and Invoicing On receipt of a request, QinetiQ will provide a proposal for the required resources to deliver the service. Services must be purchased for a minimum term of one year on an annual basis. Billing for the service will be monthly in advance against the contracted consumption rate. Deviation from the contracted consumption will be retrospectively annotated and charged within the following invoice. Termination terms By consumers (i.e. consumption) By the Supplier (removal of the G-Cloud Service) Costs are payable by the consumer for termination during the annual term. These will be calculated based upon remaining committed costs. Data Restoration / Service Migration QinetiQ will provide appropriate access to Customer data for the purposes of data migration, including any Customer documentation as appropriate. Bandwidth charges for the transfer of data held by QinetiQ are provided. Consumer Responsibilities The consumer will be required to provide details of systems to be integrated into the service and access to associated subject matter experts for the purposes of supporting the initial baseline process. The Consumer is required to provide evidence retrospectively on a monthly basis, in support of identifying the total VM per hour usage across the monitored solution. The consumer is also responsible for ensuring they apply suitable controls to this sensitive data/application. The Consumer is responsible for any privacy impact assessment. QinetiQ Limited, 2014 Page 11 of 21
12 Technical requirements (service dependencies and detailed technical interfaces, e.g. client side requirements, bandwidth/latency requirements etc.) Data streams will need to be presented to the Protective Monitoring system via an appropriate format, ideally TCP (Transmission Control Protocol) or UDP (User Datagram Protocol) based. QinetiQ will support a customer during the on boarding process to ensure that the forwarding of device accounting data is configured correctly. It is recommended that where available, encrypted transports should be used such as SSL/TLS (Secure Sockets Layer / Transport Layer Security). QinetiQ Limited, 2014 Page 12 of 21
13 4. Secure Multi-Tenant Protective Monitoring Service (AWARE) Service Overview The QinetiQ Secure Multi-tenant Protective Monitoring Service enables customer organisations to effectively manage and mitigate risks posed to their Information Technology environments. The Protective Monitoring Service, provided by QinetiQ, consists of a set of robust business processes, underpinned by technology, delivered by people and operated in line with the guidelines defined within HMG Good Practice Guide Protective Monitoring for HMG ICT Systems, Issue 1.7 (GPG13). The Secure Multi-tenant Protective Monitoring Service provides collection and compilation of appropriate security audit event logs. This provides a solution to challenges faced by organisations where oversight of how their IT is used (or abused) is essential. This service acts as a central point within G-Cloud services for the consistent storage of Accounting or Event logs and operates in compliance with the requirements identified within the AWARE segment of GPG13. The Secure Multi-tenant Protective Monitoring Service provides a centralised Protective Monitoring capability that can be employed to provide monitoring across a customer s network(/s). The solution is purpose- designed to be secure, have the agility to dynamically scale, provide logically separate monitoring and reporting views and provide customers with a high value, effective monitoring capability that has a low total cost of ownership and an easy adoption process. The QinetiQ solution integrates with a customer s network, be it a Virtual container within a multi- tenanted virtual environment or a distinct installation within one or many data centres. QinetiQ Support, implement and manage a number of secure connectivity options, subject to application, from IPSEC VPN through CPA foundation encryption to dedicated least line. Should a customer wish to extend their secure communications to provide connectivity, this can be accommodated also. No matter which option is selected, the monitoring of a system can be initiated swiftly allowing the Customer to receive value from the Protective Monitoring Service promptly. In embracing the G-Cloud offerings and realising the benefits of efficient IT services, there can be a significant challenge to organisations in considering a risk treatment method. Protective Monitoring by QinetiQ is delivered to the customer alongside the HMG Risk Management standard, IA Standard No. 1 and 2 (IS1 & 2) process and provides a method of risk mitigation to assist with the overall security assurance process. QinetiQ is aware of the recent transition from the Government Protective Marking Scheme (GPMS) to the Government Security Classification (GSC) policy for the classification of all system security. Whether deploying Protective monitoring onto a GPMS or GSC classified system, QinetiQ ensures that compliance with the system requirements is met. The QinetiQ service operates within ISO27001 certified security policies and processes and is delivered from a List X site. Service Features Protective Monitoring is delivered alongside the HMG Risk Management standard, IA Standard No. 1 and 2 (IS1 & 2) process and provides and method of both risk mitigation and monitoring to provide assistance and risk reduction and treatment activities in support of the overall security assurance process. QinetiQ Limited, 2014 Page 13 of 21
14 This service provides a centralised event storage service in support of the Customer s requirement to Protectively Monitor its ICT Systems following the guidance provided in CESG Good Practice Guide No.13 (GPG13) at the IS1 AWARE segment. The service is designed to receive event logs from pre identified customer devices which the customer has configured to send via a secure channel to QinetiQ for processing. The output of the Aware Protective Monitoring service consists of: Security event data stored in a consistent format Access to security event log data. Example Use Cases The service can be used to receive and collate accounting logs from various and disparate customer owned assets (such as differing virtual machines, applications and security enforcing appliances). This will allow for the safe, centralised storage of accounting logs in a structured manner. The Protective Monitoring solution provides an independent storage of normalised accounting data to provide enduring storage of security audit data for post incident and retrospective audit. The Protective Monitoring Service provides an intuitive method by which management information relating to the event data can be accessed through a secure web browser based interface. Technical Features A methodical approach based on a well-established architecture Automated event normalisation and processing Standards based security architecture Out of the box list of supported COTS devices Storage and event treatment in line with the advice and guidance of GPG13. An overview of the G-Cloud Service (functional, non-functional) Customer s access to the solution, for the retrieval and review of collated accounting data will be via the secure online portal. Two factor authentication together with role based access control will ensure that data access is permitted only to authorised users. Information assurance Impact Level (IL) at which the G-Cloud Service is accredited to hold and process information Business Impact Level 2 as standard, though capable of operating at differing impact levels. The service will, as standard, cover the Protective Monitoring Controls within GPG13 associated with the InfoSec Standard No.1 Part 2 AWARE Segment. Connectivity Available Accessible over either Internet following establishment of secure communications or UK Government community networks. Utilising appropriately secure communication capabilities such as IPSEC or CPA Foundation cryptographic encryption techniques. QinetiQ Limited, 2014 Page 14 of 21
15 Details of the level of backup/restore and disaster recovery that will be provided Storage of accounting data will be provided on resilient storage infrastructure supported by an archive to offline storage and data daily data replication activity to create a separate backup. Accounting data will be deleted from the archive once the retention period expires. On-boarding and Off-boarding processes/scope etc. The on-boarding process requires an understanding of the type of data to be presented to QinetiQ and the method by which it will be received. A Protective Monitoring Controls and Compliancy Matrix (PMCCM) shall be used as the mechanism to agree with the customer the data streams that shall be configured within the QinetiQ service. Once agreed, the data streams will be integrated into the Event Storage system. Off-boarding will primarily consist of the cessation of the data stream, the handover of any data sets currently processed or stored by QinetiQ to the Customer, followed by sanitisation of the Customer event data. Service Options QinetiQ is able to provide consultancy services to Customers to assist with the identification of the appropriate log data and define the level of accounting information required on the monitored systems. QinetiQ is also able to provide support to Information Assurance and Accreditation activities. Service Management Details Access to a 24x7 Service Desk is available to enable interaction and advice on security incidents. Service Management is delivered in alignment with the ISO20000 standard. Ordering and Invoicing On receipt of a request, QinetiQ will provide a proposal for the required resources to deliver the service. Services must be purchased for a minimum of one year. Billing for the service will be monthly in advance against the contracted consumption rate. Deviation from the contracted consumption will be retrospectively annotated and charged within the following invoice. Termination terms By consumers (i.e. consumption) By the Supplier (removal of the G-Cloud Service) Costs are payable by the consumer for termination during the annual term. These will be calculated based upon remaining committed costs. Data Restoration / Service Migration QinetiQ will provide appropriate access to Customer data for the purposes of data migration, including any Customer documentation as appropriate. Bandwidth charges for the transfer of data held by QinetiQ are provided. Consumer Responsibilities The consumer will be required to provide details of systems to be integrated into the service and access to associated subject matter experts for the purposes of supporting QinetiQ Limited, 2014 Page 15 of 21
16 the initial on-boarding and baseline process. The consumer is also responsible for ensuring they apply suitable controls to this sensitive data/application. The Consumer is responsible for any privacy impact assessment. Technical requirements (service dependencies and detailed technical interfaces, e.g. client side requirements, bandwidth/latency requirements etc.) Data streams will need to be presented to QinetiQ in an appropriate format, ideally TCP (Transmission Control Protocol) or UDP (User Datagram Protocol) based. It is recommended that where available, encrypted transports should be used such as SSL/TLS (Secure Sockets Layer / Transport Layer Security) QinetiQ Limited, 2014 Page 16 of 21
17 5. Secure Multi-Tenant Protective Monitoring Service (DETER) Service Overview The QinetiQ Secure Multi-tenant Protective Monitoring Service enables customer organisations to effectively manage and mitigate risks posed to their Information Technology environments. The Protective Monitoring Service, provided by QinetiQ, consists of a set of robust business processes, underpinned by technology, delivered by people and operated in line with the guidelines defined within HMG Good Practice Guide Protective Monitoring for HMG ICT Systems, Issue 1.7 (GPG13). The Secure Multi-tenant Protective Monitoring Service provides aggregation, compilation, analysis, behavioural trending, correlation, and interpretation of security audit event logs. Applying to this the specialist vulnerability and comprehensive threat knowledge at QinetiQ provides the customer with actionable intelligence of active incidents as well as recommendations for management and remediation. The service acts in full support of the Security Management of an estate providing a solution to challenges faced by organisations where oversight of how their IT is used (or abused) is essential. This Service acts as a central point within G-Cloud services for the processing, analysis, correlation, alerting and reporting (24x7) on security matters and the delivery of advice in support of all remediation and resolution activities. The Secure Multi-tenant Protective Monitoring Service provides a centralised capability that can be employed to provide monitoring across a customer s network(s). The solution is purpose-designed to be secure, have the agility to dynamically scale, provide logically separate monitoring and reporting views and provide customers with a high value, effective monitoring capability that has a low total cost of ownership and an easy adoption process. The QinetiQ solution integrates with a customer s network, be it a Virtual container within a multi-tenanted virtual environment or a distinct installation within one or many data centres. QinetiQ support, implement and manage a number of secure connectivity options, subject to application, from IPSEC VPN through CPA foundation encryption. Should a customer wish to extend their secure communications to provide connectivity, this can be accommodated also. No matter which connectivity option is requested, the monitoring of a system can be initiated swiftly allowing the Customer to receive value from the Protective Monitoring Service promptly. In embracing the G-Cloud offerings and realising the benefits of efficient IT services, there can be a significant challenge to organisations in considering a risk treatment method. Protective Monitoring by QinetiQ is delivered to the customer alongside the HMG Risk Management standard, IA Standard No. 1 and 2 (IS1 & 2) process and provides a method of risk mitigation to assist with the overall security assurance process. QinetiQ is aware of the recent transition from the Government protective Marking Scheme (GPMS) to the Government Security Classification (GSC) Policy for the classification of all system security. Whether deploying Protective Monitoring onto a GPMS or GSC classified system, QinetiQ ensures that compliance with the system requirements is met. The service operates within ISO27001 certified security policies and processes and is delivered from a List X site. QinetiQ Limited, 2014 Page 17 of 21
18 Service Features Protective Monitoring is delivered alongside the HMG Risk Management standard, IA Standard No. 1 and 2 (IS1 & 2) process and provides and method of both risk mitigation and monitoring to provide assistance and risk reduction and treatment activities in support of the overall security assurance process. This service provides a centralised event aggregation and analysis service in support of the Customer s requirement to Protectively Monitor its ICT Systems following the guidance provided in CESG Good Practice Guide No.13 (GPG13) at the IS1 DETER segment. The service operates 24x7 at Business Impact Level 3, baseline GPG13 DETER. QinetiQ analysts and Engineers operate under an ITIL aligned ISO20000 framework with ISO27001 certified policies and processes. The service delivers a 24 x 7 analysis function, supported by an underlying Security Incident & Event Management (SIEM) technology that receives accounting data from customer owned assets, over appropriately secured connectivity, providing real time analysis and correlation. Correlation autonomously looks for common attributes, and links events together into meaningful bundles, integrating data from different sources in order to turn separate accounting data feeds into an essential view of network activity. Analysis of the output of correlation and behavioural anomaly provides an assessment of internal and external behaviour within the monitored estate; triggering security alerts and recommendations for improvements in security. QinetiQ Security Analysts analyse each security alert and supporting event data, apply specialist vulnerability and threat knowledge, then raise prioritised Incidents with the customer where appropriate. Advice for management and remediation is provided to the customer, using our knowledge of the architecture and the customer s critical business processes. Service levels and response times are managed within strict Service Level Agreements (SLAs) The output of the event monitoring correlation and analysis function consists of: Information Security Incidents notifications raised with the Customer on a 24x7 basis. These notifications will have a priority classification relating to criticality and impact Automated Weekly Reports. These will include an analysis of the Week s Events, classified according to the GPG13 Protective Monitoring Controls (PMCs) Monthly Management Reporting summarising Events classified according to the GPG13 PMCs. It will include an analysis of the month s Events by QinetiQ Analysts Aggregated accounting data stored in a consistent format Secure access, by the customer to review accounting data. Example Use Cases Identification of potential external threats to G-Cloud host applications and customers critical business processes through proactive Protective Monitoring Identification of potential insider threat from within a Customer s organisation Analysis, alerting, advice and recommendations to aid and enable mitigation of risk, management of incidents and remediation activities to improve the security of their network A service to provide Protective Monitoring of elements within a customer s IaaS Virtual Data Centre container and of their applications QinetiQ Limited, 2014 Page 18 of 21
19 The service can be used to collate the accounting logs from various and disparate sources (such as differing virtual machines or applications potentially provided at differing G-Cloud providers). This will allow for the safe, centralised storage of the accounting logs Through the centralisation of Accounting Logs in a common structure, analysis of adherence to GPG13 can be derived, along with contextual based reporting and alerting to agreed service levels Provides for the independent storage of event data from Cloud service providers, to provide enduring storage of security audit data for post incident and retrospective audit Provides an intuitive method by which management information relating to the event data can be accessed through a secure web browser based interface. Technical Features Established architecture patterns providing scale and flexibility driving a methodical approach Automated event normalisation and processing Validation of outputs by expert Protective Monitoring analysts Accredited, standards based security architecture Out of the Box list of supported COTS devices Storage and event treatment in line with the advice and guidance of GPG13. An overview of the G-Cloud Service (functional, non-functional) Customer s access to the solution, for a display of the level of adherence to GPG13, and to the weekly and monthly reports including details on any incidents alerted to the Customer, and the retrieval and review of collated accounting data will be via the secure online portal. Two factor authentications together with role based access will ensure that data access is permitted only to authorised users. Information assurance Impact Level (IL) at which the G-Cloud Service is accredited to hold and process information Business Impact Level 3 as standard, though capable of operating at differing impact levels to meet the requirements of the monitored system. The service will as standard cover the InfoSec Standard No.1 Part 2 DETER Segment. Connectivity Available Accessible over either Internet following establishment of secure communications or UK Government community networks. Utilising appropriately secure communication capabilities such as IPSEC or CPA Foundation cryptographic encryption techniques. Details of the level of backup/restore and disaster recovery that will be provided Storage of accounting data will be provided on resilient storage infrastructure supported by an archive to offline storage and daily data replication activity to create a separate backup. Accounting data will be deleted from the archive once the retention period expires. On-boarding and Off-boarding processes/scope etc. The on-boarding process requires an understanding of the type of data to be presented to QinetiQ and the method by which it will be received. The Protective Monitoring Controls and Compliancy Matrix (PMCCM) shall be used as the mechanism to agree with the QinetiQ Limited, 2014 Page 19 of 21
20 customer the data streams that shall be configured within the QinetiQ service. Once agreed, the data streams will be baseline tuned to remove normal and accepted activity or other background processes, leaving the events which require analysis to demonstrate adherence to GPG13 and to be able to detect anomalous behaviour within the data stream. Off-boarding will primarily consist of the cessation of the data stream and the handover of any data sets currently processed or stored by QinetiQ to the Customer, followed by sanitisation of the Customer event data. Service Options QinetiQ is able to provide consultancy services to Customers to assist with the identification of the appropriate log data and define the level of accounting information required on the monitored systems. Through assessment of the risk and threat profile a more tailored and cost effective solution can be delivered. QinetiQ is also able to provide support to Information Assurance and Accreditation activities. Service Management Details Access to a 24x7 Service Desk is available to enable interaction and advice on security incidents. Service Management is delivered in alignment with the ISO20000 standard. Ordering and Invoicing On receipt of a request, QinetiQ will provide a proposal for the required resources to deliver the service. Services must be purchased for a minimum term of one year. Billing for the service will be monthly in advance against the contracted consumption rate. Deviation from the contracted consumption will be retrospectively annotated and charged within the following invoice. Termination terms By consumers (i.e. consumption)by the Supplier (removal of the G-Cloud Service) Costs are payable by the consumer for termination during the annual term. These will be calculated based upon remaining committed costs. Data restoration / service migration QinetiQ will provide appropriate access to Customer data for the purposes of data migration, including any Customer documentation as appropriate. Bandwidth charges for the transfer of data held by QinetiQ are provided. Consumer Responsibilities The consumer will be required to provide details of systems to be integrated into the service and access to associated subject matter experts for the purposes of supporting the initial baseline process. The consumer is also responsible for ensuring they apply suitable controls to this sensitive data/application. The Consumer is responsible for any privacy impact assessment. QinetiQ Limited, 2014 Page 20 of 21
21 Technical requirements (service dependencies and detailed technical interfaces, e.g. client side requirements, bandwidth/latency requirements etc.) Data streams will need to be presented to QinetiQ in an appropriate format, ideally TCP (Transmission Control Protocol) or UDP (User Datagram Protocol) based. It is recommended that where available, encrypted transports should be used such as SSL/TLS (Secure Sockets Layer / Transport Layer Security). QinetiQ Limited, 2014 Page 21 of 21
GPG13 Protective Monitoring. Service Definition
GPG13 Protective Monitoring Service Definition Issue Number V1.3 Document Date 27 November 2014 Author: D.M.Woodcock Classification UNCLASSIFIED Version G-Cloud 6 2014 Copyright Assuria Limited. All rights
More informationProtective Monitoring as a Service. Lot 4 - Specialist Cloud Services. Version: 1.0, Issue Date: 05/02/201405/02/2014. Classification: Open
Protective Monitoring as a Service Version: 1.0, Issue Date: 05/02/201405/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 2014. Other than for the sole purpose of evaluating this
More informationProtective Monitoring as a Service. Lot 4 - Specialist Cloud Services. Version: 2.1, Issue Date: 05/02/201405/02/2014. Classification: Open
Protective Monitoring as a Service Version: 2.1, Issue Date: 05/02/201405/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 201416/12/2014. Other than for the sole purpose of evaluating
More informationPSN Protective Monitoring. Service Definition
PSN Protective Monitoring Service Definition Issue Number V3.0 Document Date 29 September 2015 Author: R.N. Connor Classification UNCLASSIFIED Version G-Cloud 7 2015 Copyright Tenian Limited. All rights
More informationOpen Source Sales Force Automation (SFA) in the Cloud SaaS
Open Source Sales Force Automation (SFA) in the Cloud SaaS Service Overview Our open source Sales Force Automation (SFA) in the cloud service allows customers to perform marketing automation through multi
More informationLot 1 Service Specification MANAGED SECURITY SERVICES
Lot 1 Service Specification MANAGED SECURITY SERVICES Fujitsu Services Limited, 2013 OVERVIEW OF FUJITSU MANAGED SECURITY SERVICES Fujitsu delivers a comprehensive range of information security services
More informationDocumentum Document Management in the Cloud Service Definition
Documentum Document Management in the Cloud Service Definition Service Overview Working together with its Cloud Services Partner, Skyscape, SynApps Solutions (SynApps) has developed its Documentum Document
More informationService Description Archive Storage in the Cloud
Service Description Archive Storage in the Cloud Product Overview Archive Storage in the Cloud enables an organisation to migrate their valuable but seldom used data to a cost efficient, reliable and secure
More informationManaged Backup. Lot 4 - Specialist Cloud Services. Version: 3.0, Issue Date: 05/02/2014. Classification: Open
Managed Backup Version: 3.0, Issue Date: 05/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 201415/12/2014. Other than for the sole purpose of evaluating this Response, no part
More informationIntegrated windows authentication for customers based on Probation GSI network
Product Overview Victims Tracker (VT) is a software application, which was developed by London Probation Trust (LPT) to effectively manage the engagement / contact with victims of crime and the management
More informationBackup to the Cloud Service Definition
Backup to the Cloud Service Definition Service Overview Working together with its Cloud Services Partner, Skyscape, SynApps Solutions (SynApps) has developed its Backup to the Cloud service to enable organisations
More informationSERVICE DEFINITION G-CLOUD 7 SECURE FILE TRANSFER DIODE. Classification: Open
SERVICE DEFINITION G-CLOUD 7 SECURE FILE TRANSFER DIODE Classification: Open Classification: Open ii MDS Technologies Ltd 2015. Other than for the sole purpose of evaluating this Response, no part of this
More informationApplication Management. Lot 4 - Specialist Cloud Services. Version: 3.0, Issue Date: 05/02/2014. Classification: Open
Application Management Version: 3.0, Issue Date: 05/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 2014. Other than for the sole purpose of evaluating this Response, no part
More informationSecure Remote Backup (IL3) G-Cloud Lot3 IaaS
Secure Remote Backup (IL3) G-Cloud Lot3 IaaS Contents Service Definition... 3 An overview of the Remote Backup as a Service... 3 Key Service Attributes... 4 Information assurance... 5 Details of the level
More informationConnecting to the Cloud. Lot 4 - Specialist Cloud Services. Version: 3.0, Issue Date: 01/12/2014. Classification: Open
Connecting to the Cloud Version: 3.0, Issue Date: 01/12/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 201415/12/2014. Other than for the sole purpose of evaluating this Response,
More informationService description RFL Virtual Data Centre
Service description RFL Virtual Data Centre IaaS G-Cloud 6 1 Contents Overview... 3 Highlights... 3 Description... 3 Use cases... 3 Use cases... 5 Use cases... 5 Pricing... 5 Information assurance... 5
More informationCaretower s SIEM Managed Security Services
Caretower s SIEM Managed Security Services Enterprise Security Manager MSS -TRUE 24/7 Service I.T. Security Specialists Caretower s SIEM Managed Security Services 1 Challenges & Solution Challenges During
More informationService Description. Communications Data WorkFlow Management Software from Cyclops Cloud. Product Overview
Service Description Communications Data WorkFlow Management Software from Cyclops Cloud Product Overview Cyclops Cloud Communications Data WorkFlow Management Software provides a comprehensive Cloud based
More informationDIGITAL MARKETPLACE (G-CLOUD 7) OFFERING. Sopra Steria OneMobile SaaS Service. Introduction. Service Definition. Sopra Steria in the public sector
DIGITAL MARKETPLACE (G-CLOUD 7) OFFERING Sopra Steria OneMobile SaaS Service Sopra Steria in the public sector Organisations across the public sector choose Sopra Steria to deliver transformation programmes
More informationCloud-based Infrastructure and Application Support Service Definition
+44 (0) 20 3603 7830 hello@equalexperts.com www.equalexperts.com 30 Brock Street London, NW1 3FG Cloud-based Infrastructure and Application Support Service Definition Overview We provide 24/7 support to
More informationRemote Access Service (RAS)
Remote Access Service (RAS) Contents 1 Introduction to Remote Access Service...2 2 Service Definition...3 2.1 Functionality & Features... 3 2.2 Access Methods... 3 3 Differentiators...4 4 Commercials...5
More informationHosted Desktop as a Service
Hosted Desktop as a Service Contents 1 Introduction to Hosted Desktop Service...2 2 Service Definition...3 2.1 Functionality & Features... 3 2.2 Administration... 4 2.3 Access Methods... 4 2.4 Service
More informationCASSIDIAN CYBERSECURITY SECURITY OPERATIONS CENTRE SERVICES
CASSIDIAN CYBERSECURITY SECURITY OPERATIONS CENTRE SERVICES PROTECTIVE MONITORING SERVICE In a world where cyber threats are emerging daily, often from unknown sources, information security is something
More informationService Management and ICT Monitoring and Reporting Advisory and Implementation Services
Service Management and ICT Monitoring and Reporting Advisory and Implementation Services G-Cloud Service 1 1. An overview of the G-Cloud Service Arcus can assist you with a review and advice on the effectiveness
More informationIBM G-Cloud Microsoft Windows Active Directory as a Service
IBM G-Cloud Microsoft Windows Active Directory as a Service Service Definition IBM G-Cloud Windows AD as a Service 1 1. Summary 1.1 Service Description This offering is provided by IBM Global Business
More informationThales Service Definition for PSN Secure Email Gateway Service for Cloud Services
Thales Definition for PSN Secure Email Gateway Thales Definition for PSN Secure Email Gateway for Cloud s April 2014 Page 1 of 12 Thales Definition for PSN Secure Email Gateway CONTENT Page No. Introduction...
More informationSecurity Consultants / Security Managed Services
Security Consultants / Security Managed Services Service Definition Document for G-Cloudv7 Services October 2015 Table of Contents Service Overview...3 Our Approach... 3 Features... 3 Benefits... 4 ON-BOARDING
More informationPROTECTIVE MONITORING SERVICE G-CLOUD SERVICE DEFINITION
PROTECTIVE MONITORING SERVICE G-CLOUD SERVICE DEFINITION 15 Table of contents 1 Introduction...2 2 Service Overview...3 2.1 Protective Monitoring...3 2.2 Service Description...4 2.3 Scenario: Basis for
More informationUbertas Cloud Services: Service Definition
Ubertas Cloud Services: Service Definition February 2013 Innovation. Power. Trust. Contents 1. About Ubertas... 2 Our Company... 2 Our Approach to Service Delivery... 2 Our Partner Network & the UK Cloud
More informationSoftware as a Service (SaaS) Online HR
Software as a Service (SaaS) Online HR Contents Service Definition... 3 An overview of the G-Cloud Service... 3 Key Service Attributes... 4 Information assurance... 4 Details of the level of backup/restore
More informationHow To Secure Cloud Compute At Eduserv
Implementing the CESG Cloud Security Principles February 2015 Eduserv Public www.eduserv.org.uk Contents Introduction... 4 The principles... 4 About our claims... 5 1 Data in transit protection... 6 2
More informationPlatform as a Service
Platform as a Service Service Definition Version: 1.0 Version date: October 2015 Classification: Public Backup-as-a-Service Systems Monitoring DR-as-a-Service Storage-as-a-Service Hosted Exchange Colocation
More informationVirtual Desktop Infrastructure Platform as a Service
www.steria.com/uk Virtual Desktop Infrastructure Platform as a Service creativity simplicity independence respect openness contents 1 Overview... 4 1.1 Benefits of Virtual Desktop Infrastructure... 5 2
More informationDedicated Compute Cloud. Lot 1 - Infrastructure as a Service. Version: 1.0, Issue Date: 09/12/2014. Classification: Open
Dedicated Compute Cloud Version: 1.0, Issue Date: 09/12/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 201416/12/2014. Other than for the sole purpose of evaluating this Response,
More informationBackup as a Service. Service Definition. G-Cloud VI. Information Security Management System
Backup as a Service Service Definition Version: 1.0 Version date: October 2015 Classification: Public Backup-as-a-Service Systems Monitoring DR-as-a-Service Storage-as-a-Service Hosted Exchange Colocation
More informationSpecialist Cloud Services. Acumin Cloud Security Resourcing
Specialist Cloud Services Acumin Cloud Security Resourcing DOCUMENT: FRAMEWORK: STATUS Cloud Security Resourcing Service Definition G-Cloud Released VERSION: 1.0 CLASSIFICATION: CloudStore Acumin Consulting
More informationSERVICE DEFINITION DOCUMENT MANAGEMENT IN THE CLOUD
Commercial in Confidence 1 G-CLOUD III FRAMEWORK SERVICE DEFINITION DOCUMENT MANAGEMENT IN THE CLOUD Capita Division / Supplier: Capita Business Services Ltd powered by SkyScape Service Name: Document
More informationPAAS Public Sector Managed Services
Meritec Limited Meritec House, Acorn Business Park, Skipton, North Yorkshire, BD23 2UE 0845 3451155 servicepoint@meritec.co.uk www.meritec.co.uk Registered In England & Wales No. 3224622 Table of Contents
More informationThe IaaS Server On Boarding Process
SERVICE DEFINITION G-Cloud 7 MANAGED SERVER Classification: Open Classification: Open ii MDS Technologies Ltd 2015. Other than for the sole purpose of evaluating this Response, no part of this material
More informationservice description Document Management in the Cloud Software as a Service
easy to adopt, easy to use, easy to leave service description Document Management in the Cloud Software as a Service version 4.0 Contents Overview... 3 Example use cases... 3 Pricing... 4 Trial service...
More informationSolution Overview. Our Solution employs two tiers of storage aligning costs of storage with the changing value of data over time.
Service Solution Overview Online Backup per TB model Databarracks fully managed online backup solution uses the Asigra software to back up and protect both physical and virtual environments. Housed in
More informationIBM Smartcloud Managed Backup
IBM Smartcloud Managed Backup Service Definition 1 1. Summary 1.1 Service Description The IBM SmartCloud Managed Backup service provides public, private and hybrid cloudbased data protection solutions
More informationIBM QRadar as a Service
Government Efficiency through Innovative Reform IBM QRadar as a Service Service Definition Copyright IBM Corporation 2014 Table of Contents IBM Cloud Overview... 2 IBM/Sentinel PaaS... 2 QRadar... 2 Major
More informationSERVICE DEFINITION. TLS i-sat Remote/Secure Cloud Printing (SaaS)
SERVICE DEFINITION TLS i-sat Remote/Secure Cloud Printing (SaaS) Contents Introduction..3 Highlights.3 Overview. 4 Example Use Cases...5 Trial Service.6 Information Assurance 6 Product Features...7 Technical
More informationDesktop Services (Production) Lot 2 - Platform as a Service. Version: 2.0, Issue Date: 05/02/2014. Classification: Open
Desktop Services (Production) Lot 2 - Platform as a Service Version: 2.0, Issue Date: 05/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 2014. Other than for the sole purpose
More informationService Description for Hosted Server
Service Overview tolomy has created its Hosted Server environment using VMware ESXi which provides the foundation for building and managing a virtualised IT infrastructure. These market leading, production-proven
More informationeasy to adopt, easy to use, easy to leave service description API accessible Cloud Storage IaaS version 5.1
easy to adopt, easy to use, easy to leave service description API accessible Cloud Storage IaaS version 5.1 Contents Highlights... 3 Overview... 3 Example use cases... 4 Trial service... 4 Information
More informationIntroduction to Centerprise International Limited
RM1557vi Introduction to Centerprise International Limited Centerprise International Limited was established in 1983 as an engineering and manufacturing company, specialising in designing and building
More informationThales Service Definition for IL3 Encrypted Overlay for Cloud Services
Thales Service Definition for UK IL3 Encrypted Overlay Thales Service Definition for IL3 Encrypted Overlay for Cloud Services April 2014 Page 1 of 11 Thales Service Definition for UK IL3 Encrypted Overlay
More informationGraphical Applications in the Cloud. Lot 2 - Platform as a Service. Version: 4.0, Issue Date: 05/02/2014. Classification: Open
Graphical Applications in the Cloud Version: 4.0, Issue Date: 05/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 201415/12/2014. Other than for the sole purpose of evaluating
More informationSERVICE DEFINITION G-CLOUD 7 CLOUD BACKUP. Classification: Open
SERVICE DEFINITION G-CLOUD 7 CLOUD BACKUP Classification: Open Classification: Open ii MDS Technologies Ltd 2015. Other than for the sole purpose of evaluating this Response, no part of this material may
More informationBig Data Analytics Service Definition G-Cloud 7
Big Data Analytics Service Definition G-Cloud 7 Big Data Analytics Service Service Overview ThinkingSafe s Big Data Analytics Service allows information to be collected from multiple locations, consolidated
More informationPrimary Storage in the Cloud. Lot 1 - Infrastructure as a Service. Version: 5.0, Issue Date: 07/12/2014. Classification: Open
Primary Storage in the Cloud Version: 5.0, Issue Date: 07/12/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 2014. Other than for the sole purpose of evaluating this Response, no
More informationGrowth Through Excellence
Growth Through Excellence Public/Private Cloud Services Service Definition Document G- Cloud 5 REFERENCE NUMBER RM1557v Table of Contents Table of Contents... 3 Executive Summary... 4 About the Company...
More informationTactical Cost Reduction
Tactical Cost Reduction G-Cloud Service 1 An overview of the G-Cloud Service Information assurance Backup/restore and disaster recovery On-boarding and Off-boarding processes/scope etc. Pricing Service
More informationG-Cloud Service Definition. Atos Infrastructure as a Service (IL3) for Cloud IaaS
G-Cloud Service Definition Atos Infrastructure as a Service (IL3) for Cloud IaaS Atos Accredited Secure Cloud Infrastructure as a Service (IL3) Robust, secure, scalable Cloud computing and consumption-based
More informationNeocol E-Discovery Consulting Services
Neocol E-Discovery Consulting Services Service Definition Neocol Reference: 1.0 Version: 1.0 Date: 1 March 2013 1. Service Definition 1.1. Service Overview The E-Discovery Consulting Services address needs
More informationCloud Enablement. Lot 4 - Specialist Cloud Services. Version: 2.0, Issue Date: 05/02/2014. Classification: Open
Cloud Enablement Version: 2.0, Issue Date: 05/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 2014. Other than for the sole purpose of evaluating this Response, no part of this
More informationVodafone Private Cloud
Vodafone Private Cloud Overview Vodafone Private Cloud is our dedicated public sector cloud service that connects you to your own private IL2/IL3 network and / or core government networks, including the
More informationG Cloud 6. Service Definition: Platform as a Service (PaaS)
G Cloud 6 Service Definition: Platform as a Service (PaaS) Introduction to Centerprise International Limited Centerprise International Limited was established in 1983 as an engineering and manufacturing
More informationCloud Enablement. Lot 4 - Specialist Cloud Services. Version: 3.0, Issue Date: 05/02/2014. Classification: Open
Cloud Enablement Version: 3.0, Issue Date: 05/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 201415/12/2014. Other than for the sole purpose of evaluating this Response, no part
More informationDIGITAL MARKETPLACE (G CLOUD 7) OFFERING. Sopra Steria Integration Platform Support as a Service. Service Overview. Sopra Steria in the public sector
DIGITAL MARKETPLACE (G CLOUD 7) OFFERING Sopra Steria Integration Platform Support as a Service Sopra Steria in the public sector Organisations across the public sector choose Sopra Steria to deliver transformation
More informationG Cloud III Framework Lot 4 (SCS) Project Management
G Cloud III Framework Lot 4 (SCS) Project Management Contents Executive Summary 3 Project Management 4 Why Deloitte? 6 SFIA Rate Card 7 Contact 8 Service Definition (a) to (p) 9 Executive Summary PROJECT
More informationAmazon Relational Database Service (RDS)
Amazon Relational Database Service (RDS) G-Cloud Service 1 1.An overview of the G-Cloud Service Arcus Global are approved to sell to the UK Public Sector as official Amazon Web Services resellers. Amazon
More informationGCloud Application Development Service Definition. Application Development
GCloud Service Definition GCloud Service Definition Contents 1.... 3 1.1. Overview... 3 1.2. Information Assurance... 6 1.3. Backup / Restore / Disaster Recovery... 6 1.4. On-boarding and Off-boarding
More informationGet Better Protected... Secure data sharing made possible with Updata s Encryption Overlay Service.
i Compliant Fully managed Encryption Overlay service enabling data sharing across secure networks. Provides operational efficiencies and cost savings through simplified procurement Get Better Protected...
More informationdxw s WordPress Platform
dxw s WordPress Platform G-Cloud lot 2 (PaaS) service definition Version 2 4th July 2012 Page 1 of 12 Overview dxw s WordPress Platform is a highly managed Platform as a Service for hosting WordPress websites.
More informationManaged Server. Lot 2 - Platform as a Service. Version: 3.0, Issue Date: 05/02/2014. Classification: Open
Managed Server Version: 3.0, Issue Date: 05/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 201415/12/2014. Other than for the sole purpose of evaluating this Response, no part
More informationservice description Email, SharePoint and File Archive in the Cloud Software as a Service
easy to adopt, easy to use, easy to leave service description Email, SharePoint and File Archive in the Cloud Software as a Service version 4.0 Contents Overview... 3 Example use cases... 3 Pricing...
More informationSCC Information Assurance Practice, CLAS Consulting, Check Testing and Accreditation Services
SCC Information Assurance Practice, CLAS Consulting, Check Testing and Accreditation Services Contents 1 Introduction...2 2 IA, CLAS Consulting and CHECK Testing...3 3 Information Assurance...4 4 Accreditation...5
More informationSecuring business data. CNS White Paper. Cloud for Enterprise. Effective Management of Data Security
Securing business data CNS White Paper Cloud for Enterprise Effective Management of Data Security Jeff Finch, Head of Business Development, CNS Mosaic 2nd July 2015 Contents 1 Non-Disclosure Statement...
More informationG-Cloud Framework Service Definition. Information Distribution Service
G-Cloud Framework Service Definition Version: 1.2 Copyright: Acuma Solutions Ltd Acuma Solutions Ltd Waterside Court 1 Crewe Road Manchester M23 9BE Tel: 0870 789 4321 Fax: 0870 789 4250 E-mail: information@acuma.co.uk
More informationARCHITECTURE SERVICES. G-CLOUD SERVICE DEFINITION.
ARCHITECTURE SERVICES. G-CLOUD SERVICE DEFINITION. Table of contents 1 Introduction...3 2 Architecture Services...4 2.1 Enterprise Architecture Services...5 2.2 Solution Architecture Services...6 2.3 Service
More informationG-Cloud Service Definition. Atos Data Quality Audit SCS
G-Cloud Service Definition Atos Data Quality Audit SCS Atos Data Quality Audit SCS As organisations increasingly utilise a hybrid of Legacy and Cloud based technology platforms, it becomes increasingly
More informationKeyfort Cloud Services (KCS)
Keyfort Cloud Services (KCS) Data Location, Security & Privacy 1. Executive Summary The purposes of this document is to provide a common understanding of the data location, security, privacy, resiliency
More informationBramble.cc Konetic - Applicant Tracking/eRecruitment
www.bramble.cc www.konetic.com Service 9 Bramble.cc Konetic - Applicant Tracking/eRecruitment Delivery partner name Konetic Limited An overview of the G-Cloud Service (functional, non functional) Konetic
More informationInvolve Cloud Video Conferencing Service. VC:me (Video Conferencing: made easy) Service Definition
Involve Cloud Video Conferencing Service VC:me (Video Conferencing: made easy) Service Definition Contents 1. Service Overview... 3 Reservations Service... 4 Endpoint Management... 4 Reporting... 4 Testing...
More informationHIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT
HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT A Review List This paper was put together with Security in mind, ISO, and HIPAA, for guidance as you move into a cloud deployment Dr.
More informationMarval Software Limited. G Cloud iii Framework Service Definition
1 Marval Software Limited G Cloud iii Framework Service Definition Page 1 of 9 2 Contents An overview of the Marval Service Management (MSM) Software Solution... 3 Information assurance Impact Level (IL)
More informationLot 4 Service Specification BUSINESS PROCESS MANAGEMENT (BPM) PROFESSIONAL SERVICES
Lot 4 Service Specification BUSINESS PROCESS MANAGEMENT (BPM) PROFESSIONAL SERVICES Fujitsu Services Limited, 2013 OVERVIEW OF BUSINESS PROCESS MANAGEMENT (BPM) PROFESSIONAL SERVICES Business Process Management
More informationA. Reference information. A0. G-Cloud Programme unique ID number for the service and version number of this scoping template
G-Cloud Service Pan Government Security Accreditation Scope This form is intended for Suppliers of services on the G-Cloud to complete. Upon receipt, the G-Cloud Programme will check Section A, Reference
More informationCloud Infrastructure Security Management
www.netconsulting.co.uk Cloud Infrastructure Security Management Visualise your cloud network, identify security gaps and reduce the risks of cyber attacks. Being able to see, understand and control your
More informationG-Cloud Service Definition. Atos SharePoint Development Service
G-Cloud Service Definition Atos SharePoint Development Service SharePoint Development Services SCS A comprehensive electronic document and records management, collaboration or web content management solution
More informationSECURE CLOUD SOLUTIONS FOR YOUR BUSINESS.
SECURE CLOUD SOLUTIONS FOR YOUR BUSINESS. 2015 Learning Possibilities Ltd, 506 Centennial Park, Centennial Avenue, Elstree, Herts, WD6 3FG Email: info@cloudpossibilities.com Telephone: +44 (0) 20 8236
More informationG-CLOUD 7 - VIRTUAL ASSET MANAGER (VAM) SPECIALIST CLOUD SERVICES (SCS)
G-CLOUD 7 - VIRTUAL ASSET MANAGER (VAM) SPECIALIST CLOUD SERVICES (SCS) Service Definition 6th October 2015 TABLE OF CONTENTS VIRTUAL ASSET MANAGER (VAM) SPECIALIST CLOUD SERVICES (SCS) 3 SERVICE SUMMARY
More informationEmail Router and Vetting G-Cloud Service Definition
Email Router and Vetting G-Cloud Service Definition 2013 General Dynamics Information Technology. All rights reserved 1 In partnership with Government and industry-leading technology partners, General
More informationMapping and Geographic Information Systems Professional Services
Mapping and Geographic Information Systems Professional Services G-Cloud Services RM 1557 Service Definition Esri UK GCloud 5 Lot 4 Specialist Services Government Procurement Service Acknowledgement Esri
More informationG-Cloud Service Definition. Atos Information Security Wireless Scanning Service
G-Cloud Service Definition Atos Information Security Wireless Scanning Service Keeping your wireless networks secure Atos Information Security Wireless Scanning Service The Atos Wireless Scanning Service
More informationG-CLOUD IIII FRAMEWORK SERVICE DEFINITION: SCHOOLS HOSTED SERVICE FOR SIMS
G-CLOUD IIII FRAMEWORK SERVICE DEFINITION: SCHOOLS HOSTED SERVICE FOR SIMS Capita Division / Supplier: Service Name: Capita Business Services Ltd SIMS OVERVIEW OF THE SERVICE The hosted service for SIMS
More informationMaster Data Management
1 3 Master Data Management Support Services Service Definition MASTER DATA MANAGEMENT SUPPORT SERVICES Service Description The Master Data Management Support Services are part of the Cognizant Information
More informationG-Cloud 6 Service Definition DCG Cloud Disaster Recovery Service
G-Cloud 6 Service Definition DCG Cloud Disaster Recovery Service 1 of 19 CONTACT INFORMATION Guy Silver T: 07733 008799 E: guy.silver@dcggroup.com W: www.dcggroup.com Data Continuity Group Limited, Bridge
More informationG-Cloud Service Description. Atos: Cloud Professional Services: Requirements Specification
G-Cloud Service Description Atos: Cloud Professional Services: Requirements Specification Atos, the Atos logo, Atos Consulting, Atos Worldline, Atos Sphere, Atos Cloud, Atos Healthcare (in the UK) and
More informationVividApps Limited Service Definition Document
VividApps Limited Service Definition Document Page 1 of 10 Overview Reap the Benefits of multiple services from a single application, keeping you proactively connected with your clients. Assurity is a
More informationIBM Web Server as a Service
IBM Web Server as a Service Service Definition IBM G-Cloud Web Server as a Service 1 1. Summary 1.1 Service Description This offering is provided by IBM Global Business Services and provides a Web Server
More informationSQL Server Database as a Service (DBaaS)
SQL Server Database as a Service (DBaaS) Contents 1 SQL Server Database as a Service...2 2 Service Definition...3 2.1 Customer On-Boarding... 4 2.2 Event & Incident Management... 4 2.3 Request Fulfilment...
More informationDeloitte Service Code: D-G6-L4-543 December 2014
Managed Cyber Security Cyber Intelligence Centre Deloitte LLP Service Deloitte Service Code: D-G6-L4-543 December 2014 Contents 1 Service Overview 1 2 Detailed Service Definition 2 3 Pricing 6 4 Ordering
More informationG-Cloud Service Description. Atos Microsoft Dynamics CRM on Demand
G-Cloud Service Description Atos Microsoft Dynamics CRM on Demand February 2013 Atos, the Atos logo, Atos Consulting, Atos Worldline, Atos Sphere, Atos Cloud, Atos Healthcare (in the UK) and Atos WorldGrid
More informationGOVERNMENT HOSTING. Cloud Service Security Principles Memset Statement. www.memset.com
GOVERNMENT HOSTING Cloud Service Security Principles Memset Statement Summary - March 2014 The Cabinet Office has produced a set of fourteen Cloud Service Security Principles to be considered when purchasers
More informatione2e Managed Customer Private Cloud Infrastructure Service Definition Document
e2e Managed Customer Private Cloud Infrastructure Service Definition Document Overview A range of Private Cloud infrastructure managed services where the customer buys or already owns the physical equipment
More informationG Cloud 4 Service Definition Document: CDG Common Digital Platform
G Cloud 4 Service Definition Document: CDG Common Digital Platform Table of Contents 1.0 Document Introduction... 3 2.0 Service Definition: CDG Common Digital Platform... 3 2.1 Benefits of the Common Digital
More information