Gradian Systems Ltd

Symantec's Web Isolation

Symantec Web Isolation cloud service provides an isolation layer that protects users from threats from uncategorized websites or URLs with potentially unsafe risk profiles. Web isolation eliminates web threats and solves the challenge of providing secured access to the uncategorized and potentially risky web.

Features

  • Prevents any website code from being executed on user's devices
  • Provides a transparent and seamless user experience
  • Available as a cloud service, on-premises, or a hybrid
  • Access web documents through isolation
  • Simple integration with Symantec Secure Web Gateways

Benefits

  • Isolate web browsing of privileged users
  • Provide users with a seamless web browsing experience
  • Prevent users from submitting corporate passwords

Pricing

£52.58 a user

  • Free trial available

Service documents

Framework

G-Cloud 12

Service ID

3 0 2 0 0 3 2 6 5 0 4 9 5 9 0

Contact

Gradian Systems Ltd

Ciaran O'Rourke

07770 377 936

ciaran.orourke@gradian.co.uk

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Endpoint Detection and Response (EDR) - Global Intelligence Network (GIN): - IT Management Suite - Cyber Security Services: - Web Security Service (proxy cloud) - Symantec Endpoint Protection Mobile
Cloud deployment model
Public cloud
Service constraints
No system requirements (managed cloud service).
System requirements
  • Client Workstation and Server : windows and Mac OS
  • Management Console OS Windows 2008 64 bit & R2
  • Management Console OS Windows Windows 2012 Windows 2016
  • Web Browser supported: Internet Explorer 11 Mozilla Firefox 5
  • Web Browser supported: Google Chrome 66 Microsoft Edge
  • Virtual Environments - Microsoft Azure - Amazon WorkSpaces
  • Virtual Environments VMware ESX 2.5 VMware ESXi 4.1 - 5.5
  • Virtual Environments Microsoft Virtual Server and Hyper V
  • Windows Hardware 32/64 -bit processor
  • Mac Hardware 64-bit Intel Core 2 Duo or later

User support

Email or online ticketing support
Email or online ticketing
Support response times
Please see Gradian's Support Guide attached.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
No
Support levels
Please see Gradian's Support Guide attached.
Support available to third parties
No

Onboarding and offboarding

Getting started
Gradian possess the skills and support to configure, deploy, support and run this service on your behalf. These services can be found under Gradian's Professional Service and Gradian's Managed Configuration Service. Alternatve support options can be found under Gradian's Technical Account Service Plan (T.A.S.P) and Gradian Support for Symantec Products.
Service documentation
Yes
Documentation formats
Other
Other documentation formats
PowerPoint
End-of-contract data extraction
Data can be exported via REST APIs or through the portal.
End-of-contract process
The service is terminated should the contract end and all customer data will be securely deleted after the end of the contract. The AWS security process applies for the data decommissioning.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Currently mobile support in beta stage. Full mobile browser support expected Q2FY20.
Service interface
Yes
Description of service interface
Customer can access the Service through a self-service online portal .
Accessibility standards
None or don’t know
Description of accessibility
Customer may configure and manage the Service, access reports, and view data and statistics, through the Portal, when available as part of the Service.
Accessibility testing
Unknown.
API
Yes
What users can and can't do using the API
The backend is accessible via a REST API, which allows to pull logs and the modification of policies.
API documentation
Yes
API documentation formats
HTML
API sandbox or test environment
No
Customisation available
Yes
Description of customisation
Customers get full access to the administrative portal, meaning they have complete control and can customize policies, block pages etc.

Scaling

Independence of resources
Each Web Isolation Cloud instance is a fully separate entity provisioned in AWS.

Analytics

Service usage metrics
Yes
Metrics types
Variety of metrics around user statistics, threats detected etc.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Symantec's

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Data can be exported via REST APIs or through the portal.
Data export formats
  • CSV
  • Other
Other data export formats
  • JSON via API
  • Arcsight via API
  • AWS S3 via API
Data import formats
Other
Other data import formats
N/A

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
99.9% Service Availability.
Approach to resilience
Each Web Isolation Cloud instance is provisioned within AWS in at least 2 Availability Zones and Elastic Load Balancing eanbled.
Outage reporting
Reporting for the Service is available through the Portal.

Identity and authentication

User authentication needed
Yes
User authentication
Other
Other user authentication
Users are authenticated via SAML.
Access restrictions in management interfaces and support channels
IP based access restrictions.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • Limited access network (for example PSN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
SSAE-18, SOC2 Type2, Privacy Shield and FedRAMP compliance.
Information security policies and processes
All of engineering, from the CTO downward, is highly focused on ensuring security is a part of everything we do. Security controls and checks are build into our SDLC, along with continuous monitoring and scanning.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
We follow a multi-stage process. Our DevOps process drives change management, including the development cycle, testing, quality assurance and staging, prior to deployment into production deployment.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Symantec has a formal process for handling and managing vulnerabilities. For any externally reported issues, Symantec follows the process outlined in ISO 29147, Information technology — Security techniques — Vulnerability disclosure ([ISO/IEC 29147:2014(E)]). Symantec'c Software Security Group works with the impacted team(s) to: Recreate the environment and issue within Symantec’s labs for an expedited resolution. Facilitate a prompt and accurate response. Avoid delays in new Symantec releases.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Access to all customer instances is logged and monitored centrally.
Incident management type
Supplier-defined controls
Incident management approach
Symantec’s internal Security Incident Response Plan documents repeatable, industry standard procedures for handling actual cyber threats when they arise. It also provides the necessary engagement and information-sharing processes to allow prompt coordination among all relevant stakeholders, and describes the reporting, communication, containment, investigation, and recovery mechanisms that exist to support a comprehensive end-to-end process flow from threat detection through remediation. The development and implementation of this forward-looking plan supports Symantec’s ultimate mission to its customers, partners, shareholders, and employees as a trusted leader in information security risk management.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£52.58 a user
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
Available on request.

Service documents

Return to top ↑