Prolinx Ltd

Prolinx Hosted Platform (PHP) - Security Incident and Event Management (SIEM) as a Service

SIEM as a Service from Prolinx provides 24/7 proactive management for your operational business. Reducing risks associated with today’s complex Cyber threat landscape. This service is tailored to meet your organisational requirements, available across all security classifications, Prolinx use an approved product with highly experienced security cleared staff.

Features

  • ISO9001, ISO20000, ISO27001 certified organisation and ITIL service management framework
  • Security Incident Management, reporting and protection against advanced threats
  • Visibility throughout the entire service infrastructure
  • Securely operated in the UK by SC/DV cleared personnel
  • Enable behavioural analytics, distinguishes real threats from false positives
  • Capable of user defined policies to match bespoke organisational requirements
  • Detailed data access and user activity reports for compliance management
  • Optional Vulnerability Management can be deployed 24/7 across security domains
  • Situational awareness (proactive and reactive)

Benefits

  • Reduces cost and complexity of managing SIEM solution
  • Commensurate security controls in place
  • Enable compliance with regulatory / standards requirements
  • Enable customer security stakeholders to focus on the business
  • Improves risk management by providing threat assessments and expert analysis
  • Increases operational efficiency through provision of Prolinx expertise
  • Provides near real-time visibility for threat detection and prioritisation
  • Rapid deployment and pre-built configurations

Pricing

£31 per unit per month

Service documents

G-Cloud 10

122619887247692

Prolinx Ltd

Claire Aston

01844 279199

claire.aston@prolinx.co.uk

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints A constraint is each individual new service cannot operate without DAIS accreditation. We agree to represent the proposed services to the accreditors addressing the approach and risk control.
System requirements Modern Browser

User support

User support
Email or online ticketing support Email or online ticketing
Support response times We operate 24/7
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels Prolinx will offer 1st line service support for initial diagnosis. Beyond 1st line support Prolinx can call upon the specialist product support which delivers IT-level assisted support options that help you get the most out of your technology investment.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started Prolinx can provide on-line supporting material (User Guides) to assist customers to maximise the benefits of the SIEM solution tool. On-site training can be provided and our Service Desk can be available to provide assistance and guidance to customers as required. More formal classroom training can be provided by the product supplier such as IBM which Prolinx would be happy to facilitate.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction SIEM solution does not store users' data. Report outputs may be saved in the SIEM Content Store, and if this has been done, users may save copies of the PDF outputs to their local machines.
End-of-contract process Six months’ notice of termination must be provided in writing. In the event of termination, all/any remaining service charges will still apply and will be payable on or before the termination date. Termination or expiry of the contractual agreement will initiate the Exit Project Plan as set out in the off-boarding section of this document.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install Yes
Compatible operating systems
  • Android
  • IOS
  • MacOS
  • Windows
Designed for use on mobile devices Yes
Differences between the mobile and desktop service SIEM cuts across both Mobile and Desktop devices and is device agnostic as it provides its relevant security function.
Accessibility standards None or don’t know
Description of accessibility Prolinx solution includes the following major accessibility features: Keyboard-only operation. Operations that use a screen reader Industry-standard devices for ports and connectors.
Accessibility testing Prolinx have worked with IBM eliminating barriers to information. Creating more personalized interactions. Inventing technology that is more human, empathetic and adaptive to everyone’s age and ability.
Information about the commitment that IBM has to accessibility, see IBM Accessibility at this page http://www-03.ibm.com/able/
API Yes
What users can and can't do using the API Prolinx can provide APIs and GUIs to permit the user to set up and make changes.
API documentation Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Prolinx will work with the customer to gather usage statistics and information about effectiveness of this SIEM service to ensure the relevant security is provided.

Scaling

Scaling
Independence of resources Virtualisation technology used to keep applications and users sharing the same infrastructure apart.

Analytics

Analytics
Service usage metrics Yes
Metrics types The Cloud Service is hosted in a Prolinx highly secure facilities which is host up to Official including caveats (BIL3) government classification. Prolinx staff can tailor software which can develop dashboards, interactive reports, custom analysis, ad-hoc queries, create new reports, view scheduled reports and consume active reports via specialist tools.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach When a report is executed, the output type may be specified as one of HTML (the normal default), PDF, Excel (xlsx, includes formatting), Excel Data (xls, data only), or CSV.
Data export formats
  • CSV
  • Other
Other data export formats
  • PDF
  • XLS
  • XLSX
Data import formats
  • CSV
  • Other
Other data import formats
  • XLS
  • XLSX

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability The service shall be operational and available to customers for 99.95% of the time during each calendar month. This shall not include any scheduled maintenance periods, but customers shall be given one calendar months’ notice of any intended maintenance periods.
Approach to resilience Prolinx also utilises a secondary Data Centre facility to provide full resilience and Disaster Recovery (DR) capability.
Outage reporting For a complete or partial service outage the GOSC will be advised so they can cascade the information to all MoDNet or DII F users. Prolinx can offer other Government Departments the ability of an API or email alert system.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Prolinx make use of trusted roles and have separation of duty and limits on each transactional privilege set. All these measures combine to an accepted standard practise which has satisfied already provisioned MoD and other Government contracts.
Access restriction testing frequency At least once a year
Management access authentication 2-factor authentication

Audit information for users

Audit information for users
Access to user activity audit information Users receive audit information on a regular basis
How long user audit data is stored for Between 1 month and 6 months
Access to supplier activity audit information Users receive audit information on a regular basis
How long supplier audit data is stored for Between 6 months and 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 BSI
ISO/IEC 27001 accreditation date 05/09/2015
What the ISO/IEC 27001 doesn’t cover There are no exceptions and our certificate covers the following: The provision of IT infrastructure solutions and IT managed services, which includes consultancy, design and implementation services. This in accordance with the ISMS statement of applicability v9.0 dated 11/07/2015.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Cyber Essentials

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes The ISO 27001:2013 certification specifies requirements for the implementation of security controls customised to the needs of an organisation's Information Security Management System. Prolinx adhere and implement adequate and appropriate security controls to protect company information assets.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Prolinx have a number of methods already in use with our Compliance Department to support and safeguard information. Prolinx have robust method for vulnerability management that is used with all vulnerabilities and risks which is minimised with proven effective risk analysis and mitigation strategies by experienced Prolinx staff. All vulnerabilities and reporting is compliant with NCSC 14 cloud principles.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach All vulnerabilities and reporting is compliant with NCSC 14 cloud principles. The monitor and report aspects of Access Control, Perimeter Defences, Resource Integrity, Intrusion Detection and Malware Defence are all part of our standard offering. The exception to this intrusion detection whereby we respond and also report findings to the JCU at MoD Corsham. An update and patch policy IAW JSP440.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach The Prolinx monitoring platform can provide real-time views of availability statistics, as well as detailed monitoring and analysis of data from virtual switches, routers, servers and any other SNMP-enabled devices. The Prolinx monitoring platform which includes availability, security and integrity monitoring of the applications and VMware horizon environment. Prolinx also use Fortigate firewalls and Fortigate wireless hardware for its architectures. These products are best of breed within the market and can be fully managed, supported and monitoring by Prolinx service desk. Every incident that requires escalation we engage the relevant parties taking any necessary action reporting directly to the GOSCC.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach The Service Desk manages incidents using a dedicated service management tool suite these can be raised by a telephone call, email or from an automated alerting system. Incidents are classified and prioritised in accordance with the agreed SLAs. There are multiple types of classification and several levels of prioritisation that can have different response and resolution characteristics ranging from 30 minute responses with 4 hour resolutions to 4 hour responses with 48 hour resolutions with several levels in between. Incidents are managed to ensure that any impact is minimised and the situation is dealt with appropriately.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks
  • Public Services Network (PSN)
  • Police National Network (PNN)
  • Joint Academic Network (JANET)
  • Other

Pricing

Pricing
Price £31 per unit per month
Discount for educational organisations No
Free trial available No

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑