CenturyLink Communications UK Limited

CenturyLink PSN Protect Cloud Connect - AWS

The PSN Protect Cloud Connect Service provides connectivity to the AWS Direct Connect aggregation site, but does not resell AWS' services. Connectivity is via CenturyLink's PSN Protect connectivity, either directly from a CenturyLink IPVPN connection or via the Government GCN using the Inter Provider Encryption Domain (IPED).

Features

  • Predictable and Reliable Performance
  • The applications are within the customers trusted perimeter
  • Dynamically create connections between clouds with bandwidth on-demand
  • CenturyLink is the only Advanced AWS Direct Connect Partner
  • Control over the end-to-end performance of public cloud based applications

Benefits

  • Access data anytime, anywhere and on any device
  • PSN approved connectivity to PSN and GCN

Pricing

£1300 to £6000 per instance per month

Service documents

G-Cloud 10

243615726596752

CenturyLink Communications UK Limited

Mike Thomas

0330 060 9328

mike.thomas@CenturyLink.com

Service scope

Service scope
Service constraints The CenturyLInk PSN Protect Cloud Connect Service provides network connectivity to the AWS Direct Connect aggregation site, but does not resell AWS' cloud-based services.
System requirements None

User support

User support
Email or online ticketing support Email or online ticketing
Support response times When a ticket is opened on the CenturyLInk Incident Management System diagnosis begins into the cause. Automated notification emails can also be set up and CenturyLInk will provide updates at key milestones during the incident within the service SLA until the incident is resolved and closed.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Onsite support
Support levels CenturyLInk could offer on-site training after a service deployment to floor walk or provide user workshops to ensure users were comfortable using any new technology, this would be a chargeable activity. CenturyLInk engineers would also attend site to assist in any incident management activity and this would come at no extra cost.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started CenturyLInk provide on-site training and user documentation
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction N/A - This service is for the connectivity
End-of-contract process At the end of the contract, the customer information is removed and the connectivity is terminated.

Using the service

Using the service
Web browser interface Yes
Using the web interface The CenturyLInk Customer Portal enables on-line ticketing support including the following;
Create, view, update, escalate or cancel trouble tickets.
View ticket history for performance trending.
Create and view Reason for Outage (RFO) requests on trouble tickets.
Receive proactive notification of trouble tickets and network maintenance activities across services via email.
Create, view, update, escalate or cancel trouble tickets.
Web interface accessibility standard None or don’t know
How the web interface is accessible The CenturyLInk Customer Portal is built on a robust platform accessible via the public Internet and is compatible with various software applications. The Portal employs three levels of authentication to ensure the protection and integrity of customer data. Each customer authorises a Delegated Administrator with customer-controlled, super-user account capabilities to create and modify user access and reset passwords on demand. Delegated Administrators can grant access in any combination of accounts and functionality to employees as business needs change. Logging into the Portal the first time can be accomplished using self-registration with basic account information listed on CenturyLInk’s invoices.

Password Policy

Passwords are encrypted leveraging a SHA-256 hash function. Each password must be at least 8 characters and requires a specified mix of letters, numbers, and special characters.

Two-Factor Authorisation for Managed Security

CenturyLInk offers a number of tools for customers to manage their Security products. Accessing the Managed Security features in the CenturyLInk portal requires the user to get a secure token from CenturyLInk and log in with two-factor authorisation.

Access Control Policy

CenturyLInk Customer Portal supports a role-based authorisation system which allows customers to administer users as well as their role definitions
Web interface accessibility testing None
API No
Command line interface No

Scaling

Scaling
Scaling available Yes
Scaling type Manual
Independence of resources CenturyLInk Clound Connect allows customers to establish a dedicated network connection between their network and one of the CenturyLInk Cloud Connect locations. Using industry standard 802.1q VLANs, this dedicated connection can be partitioned into multiple virtual interfaces. This allows customers to use the same connection to access public resources such as objects stored in Amazon S3 using public IP address space, and private resources such as Amazon EC2 instances running within an Amazon Virtual Private Cloud (VPC) using private IP space, while maintaining network separation between the public and private environments.
Usage notifications Yes
Usage reporting Email

Analytics

Analytics
Infrastructure or application metrics Yes
Metrics types Network
Reporting types Real-time dashboards

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest Other
Other data at rest protection approach This is a connectivity service only. CenturyLink is not responsible to handing customers data
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Backup and recovery

Backup and recovery
Backup and recovery No

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability The end to end availability is dependant on the network connectivity at the end user site. The PSN Protect Cloud Connect - AWS service has diverse connectivity into data centres Slough and London
Approach to resilience The service utilises diverse connectivity onto two separate Amazon data centres in Slough and London
Outage reporting The CenturyLInk Cloud Connect Service is proactively monitored at CenturyLInk Network Operation Centres.

Identity and authentication

Identity and authentication
User authentication Other
Other user authentication N/A This is connectivity only
Access restrictions in management interfaces and support channels N/A - This is connectivity only
Access restriction testing frequency Never
Management access authentication Other
Devices users manage the service through Dedicated device on a segregated network (providers own provision)

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications PSN

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards Other
Other security governance standards CESG Assurance Scheme (Telecommunications) - CAS(T)
Information security policies and processes CESG Assurance Scheme (Telecommunications) - CAS(T)

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach CenturyLInk have a strict Change management control policy in line with our ISO20k certification.
The change process workflow can be summarised as follows:
• Change creation;
• Two Stage Change Approval (Quality / Technical);
• Identification of affected customers
• Customer notification.
• Implementation (generally between 00:00 and 06:00 Local time)
Vulnerability management type Supplier-defined controls
Vulnerability management approach CenturyLInk global security team receive threat information from a number of different sources including active monitoring of CenturyLInk’s products and services and infrastructure, along with regular vendor vulnerability updates and information provided by communities of interest. CenturyLInk operate a regular patching policy and process along with a Vulnerability Management Forum for the review, risk management, prioritisation, remediation action plan and implementation planning associated with Vulnerabilities identified
Protective monitoring type Supplier-defined controls
Protective monitoring approach CenturyLInk operate an active protective monitoring process for it’s products, services and infrastructure which provides potential security event info to CenturyLInk’s multiple SOC environment for analysis. CenturyLInk’s SOC facilities are manned 24 x7x 365 providing as near as possible real-time response to security events with an escalation process to senior management as required.
Incident management type Supplier-defined controls
Incident management approach CenturyLInk maintain and operate a security incident process for management of potential security incidents which manages any potential incidents to conclusion. Anyone within CenturyLInk can raise a security breach via a dedicated portal which will then be analysed for required action. The process has defined paths of escalation and timeframes for escalation along with criteria for customer notification and response.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart No

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes

Pricing

Pricing
Price £1300 to £6000 per instance per month
Discount for educational organisations No
Free trial available No

Documents

Documents
Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑