3SDL

3SDL Cooperative ESM Operations (CESMO) Service

Cooperative ESM Operations (CESMO) exploit the benefits of using intercept data collected simultaneously on a target from different locations and orientations to rapidly and accurately geo-locate threats in a number of seconds. 3SDL provides CESMO Services through G-Cloud for Decision Support.

Features

  • Users can combine collected intercept data and exploit the benefits
  • Users declare own platform ESM capability and availability for tasking
  • Users declare own platform position and status, updated periodically
  • Signals of Interest (SOI) publishing for Signals Identification Authority (SIA)
  • Collector ‘Tips’ where collectors disseminate detections of a SOI
  • Collector tuning where SIA tasks a group of collectors
  • Tune reporting where collectors generate line of bearing (LOB)
  • Triangulation where geolocation is based on multiple LOBs
  • Fused reporting where SIA reports with ID, parametric, error ellipse
  • Chat messaging, to supplement fixed format messaging

Benefits

  • A more accurate location for the target
  • Location for target can be calculated in a shorter time
  • Geolocation can be calculated on a fleeting (pop-up) threat
  • STANAG 4658 compliant
  • Trialled at EX UNIFIED VISION 12 & 14
  • Actively used by Norway, Germany, Czech Republic and the Netherlands
  • Implements full CESMO AEDP-13 functionality
  • Emulator facility
  • Self-synchronisation with multiple CESMO Hub Services
  • Feature rich Graphical User Interface (GUI)

Pricing

£2000 to £30000 per instance per month

  • Free trial available

Service documents

G-Cloud 9

227094243282866

3SDL

3SDL Digital Outcomes and Specialists Team

01684 878 170

dos@3sdl.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints No.
System requirements None

User support

User support
Email or online ticketing support Email or online ticketing
Support response times E-mail, within 30 minutes during Standard UK Office Hours (09:00 - 17:00), Monday - Friday Excluding Bank Holidays. Online ticketing, within 60 minutes during Standard UK Office Hours (09:00 - 17:00), Monday - Friday Excluding Bank Holidays.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Onsite support
Support levels Our support services are coordinated through a technical account manager, assigned to specific buyers/customers. The account manager will select the support level required based upon the client requirements. The basic level of support provides telephone and e-mail support during normal business working hours as a standard part of the service, the cost being in accordance with the rate card.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started The service includes onsite training, online training and user documentation.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction The user is provided with an encrypted archive containing their data in an open, international format.
End-of-contract process At the end of the contract the user's data is archived, sent to the user and removed from the service. The service is then closed down.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install Yes
Compatible operating systems Windows
Designed for use on mobile devices No
Accessibility standards None or don’t know
Description of accessibility No accessibility standards assessment has been conducted.
Accessibility testing No assistive technology interface testing has been conducted.
API No
Customisation available No

Scaling

Scaling
Independence of resources Assessments of usage across shared resources are made prior to on-boarding of new service instances and at monthly resource assessments to avoid users being adversely affected.

Analytics

Analytics
Service usage metrics No

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach The system includes a data export function for use by users on-demand from the HMI.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability We provide a 99.9% level of availability under the standard SLA. Proportionate refunds for missed SLA can be provided in line with agreed customer KPIs. High levels of availability for mission critical requirements can be considered and implemented through the rate card.
Approach to resilience This information is available on request.
Outage reporting Email alerts

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Management interfaces and support channels are only available to management terminals in separate logical networks.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for Between 6 months and 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation No
Security governance approach We follow ISO27001 and are undergoing the process of accreditation.
Information security policies and processes We have a company-wide Information Security Management System which is mandated by our corporate Information Security Policy. A wide range of policies and procedures fall from this system, including those for protective monitoring, access control, operating procedures and vetting. Further information is available on request.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Configuration and change management is tracked using specific change management software, tied to both the cloud environment configuration and the software development lifecycle.

Changes are reviewed by the senior system architect and undergo a robust testing regime. Further information is available on request.
Vulnerability management type Supplier-defined controls
Vulnerability management approach We conduct full Cyber Vulnerability assessments using our CESG Certified Practitioners. This includes IS1/2 assessments of threat. Patches are deployed as often as required in accordance with the system's technical controls statements under the control of the accreditor. We get information on threats from CiSP and other private sources.
Protective monitoring type Supplier-defined controls
Protective monitoring approach We apply protective monitoring controls in accordance with GPG13. We identify potential compromises based on protective monitoring and regular testing of defences. We respond to compromises based on our internal set processes and customer requirements, responding to incidents immediately once they are confirmed.
Incident management type Supplier-defined controls
Incident management approach We have pre-defined incident management processes for common events and uncommon events. Users report incidents to the helpdesk and we provide information on incidents to users via routine email or immediate email/phone for critical incidents.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £2000 to £30000 per instance per month
Discount for educational organisations No
Free trial available Yes
Description of free trial Limited time trial (30 days).

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑