1. Is there an incumbent supplier.
There is no incumbent supplier.
2. Does this role sit inside or outside of IR35.
We envisage that this service is provide by a company, possibly a lead contractor and would be outside of IR35.
3. Will government help the specialist to acquire baseline minimum security clearance.
No, The contractor involved should have the requisite clearance. Baseline clearance is through a DBS check.
4. Questions regarding External and external infrastructure (combined)
• Number of active Internet facing IP addresses? We have 4 external facing IP’s
• Types of publicly accessible services (e.g. FTP, SFTP, SMTP)? Just SMTP
• Number of workstations? We have 350 workstations on the network
• Number of servers? We have 7 Physical server and a number of VM’s
• Which operating systems are in use? Windows 10, Windows Server 2008, 2012, 2016
• Is the network segmented or flat? It is Segmented
o Can all networks/VLANs in scope be accessed from one network point? Yes this is possible
5. Further information regarding Internal infrastructure - 2;
o Number of networks/VLANs in scope? We have 10
• Is there any Wireless capability? Yes there is
o Number of Access Points? There are around 30 AP’s
o Number of SSIDs broadcasted? There are 4 available
o What types of authentication are in use, if any? WPA2, Captive Webportal back to Radius server
• Where is geographical location of the internal environment? Around the UK
o If there are multiple sites, where are the locations for each? London, Manchester, Birmingham, York, Bristol, York
o Can all locations be accessed from one main site? Yes they can be accesses
6. Information on firewalls etc (from question).
Firewall Review/Rulebase Review
• Number of Firewalls including brands? There are 9 firewalls in total
• Is the requirement for a full firewall configuration review and/or a rulebase review? It is for both
• Number of rules per rulebase/firewall? 30
7. Answers to questions around external architecture - Azure
• Number of Virtual Networks There are 2
• Number of Network Security Groups (Azure FWs) There are 5
• Number of User Security Groups 0
• Network Diagrams Not at this stage
• Can this network be access from an on-premise environment? Yes it Can be accessed
8. Questions about external architecture - Azure and Networking.
• Number of VMs within the Azure Tenancy around 40 VM’s
o Are they custom built or deployed from within the Azure VM Pool (eg Palo Alto VMs etc) Mostly customer built
• Number of VPCs Not applicable
• Number of Security Groups Not applicable
• Number of Network ACLS Not applicable
• Network Diagrams Not applicable
• Can this network be access from an on-premise environment? Not applicable
• Number of EC2/Lightsail servers Not applicable
9. You mention that 'ORR HQ is in London but we also have 5 other locations'. Could you please advise where the other 5 locations are? Are they all UK based?
We have offices in the City centres of the following locations in addition to our London HQ
These are all between 15 and 25 people. No non-UK offices.