This G-Cloud 10 service is no longer available to buy.

The G-Cloud 10 framework expired on Tuesday 2 July 2019. Any existing contracts with Interoute Communications Limited are still valid.
Interoute Communications Limited

Enterprise Edge - SD-WAN

Interoute Edge Access is an SD-WAN solution which optimises access to all applications in the data centre and the cloud, an overlay network service, building private networks over IP access networks, enabling improved performance for cloud applications, lower network costs and faster service delivery.

Features

  • Improved network reliabilitySoftware
  • networkingUse of all access circuit investments (no standby)
  • Reduce latency impact
  • Reduced networking costs
  • Improved performance for cloud applications
  • Simplified network integration
  • Data encrypted inflight using AES256,via private network or internet.

Benefits

  • Defined networking
  • Hybrid
  • SaaS optimisation
  • WAN optimisation
  • Dynamic path control
  • vCPE
  • Reduced network costs
  • Application intelligent routing
  • Bring your own connections

Pricing

£21.54 to £2,429.12 a virtual machine a month

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tony.vesty@gtt.net. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 10

Service ID

3 2 9 1 3 7 9 0 7 5 2 9 8 3 5

Contact

Interoute Communications Limited Tony Vesty
Telephone: 0777 2613722
Email: tony.vesty@gtt.net

Service scope

Service constraints
Site bandwidth limited to <2Gbps
Planned maintenance schedule
System requirements
  • Minimum of one RJ45 access network connection
  • Non-filtered Internet access network
  • A public /30 subnet for access network
  • Physical hosting environment

User support

Email or online ticketing support
Email or online ticketing
Support response times
Interoute operates to CCS level 4 - 24x7x4 for all services. Our Contact Centre can be reached via email, phone or through our "My Services" web portal which is provided free of charge as part of the solution.
Any request is handled through the Contact Centre and we target responding within 30 minutes, in addition for some services we provide a "live chat" function which is available during office hours only.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
Live Chat is available to assist clients with the use of the "My Services" web portal which provides:
·        Reporting
·        Invoices and CDRs
·        User Management
·        Search and Filter
·        Incidents and Requests
·        Orders
·        Alarms
·        Performance Monitoring 
·        Secure customer Access 
·        Service Level Agreements
In addition Live Chat is available to answer user specific queries relating to the product or service purchased.
Web chat accessibility testing
Whilst Interoute does not have any record of documented testing with assisted users, we own the technology which provides our web chat facility and would therefore be in a position to develop a solution to meet the individual needs of an assisted technology user.
Onsite support
Onsite support
Support levels
Interoute provide CCS Level 4 - 24x7x4 as standard which is included in our prices.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
The service is a managed service, so therefore minimum involvement from the customer is required. A product specialist will be involved in the handover process to ensure the customer gets the maximum benefit from the service.
As part of the service assurance process, a service manager will be allocated and will be responsible for providing training on the "My Services" web portal which acts as the central repository for management information and is the primary communications method between Interoute and the client.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
There is no data to extract as it is a networking service, however, at the end of the contract, Interoute will provide clients with a last version of the CMDB and network audit which includes details of the software versions on the CPE, end of life information and software renewal dates.
End-of-contract process
Interoute understands its obligations and will be fully compliant with clause 42.5 of the Call-Off Terms and the requirements of Schedule 9 Exit Management.
Interoute will act in a professional manner to assist in transitioning services either to a new supplier or back to the customer. Details of the approach will depend upon the final solution and the incoming supplier’s network design and implementation plans. Our approach covers:
Governance
• Establishment of a governance structure defined meetings and attendees, including the Interoute Exit Manager.
• Detailed risk assessment carried out jointly to identify all risks which are likely to occur during the transition.
• Information Provision and Preparation
• Interoute will provide the following information:
o Asset information – based on data held within the CMDB
o Technical Information – based on information and documentation held within Interoute’s network diagrams and CMDB
o Sub-contracts – contract terms/cancellation requirements
o Other Information – details of open faults, problems and inflight change requests
Agreed Exit Plan
• Interoute will provide an Exit Plan, proposing a methodology for orderly transition of service.
• The incoming provider’s implementation plan will align with Interoute’s Exit Plan.
• The Exit Plan will be reviewed and updated.

Using the service

Web browser interface
Yes
Using the web interface
Interoute will provide a client with a URL which provide clients with access to the “My Services” web portal which has an extensive management reporting function. It is positioned as the first line of support and information and provides greater control in managing the relationship with Interoute services and offers:
Reporting
Invoices & CDRs
User Management
Search & Filter
Incidents & Requests
Orders
Alarms
Performance Monitoring
Secure customer Access
Service Level Agreements
Change Management

The portal speeds up communication, efficiently share key information (technical, numbers, results), and:
Increase service control;
Decrease operational management overheads;
Obtain an inside view into system management and performance.
Web interface accessibility standard
None or don’t know
How the web interface is accessible
The Graphical User Interface within "My Services" is adaptive, so that each user is presented with different menu options according to the access privileges and/or services subscribed to. The portal is a browser-based product with a series of reporting screens and fault logging options.
Ease of navigation is central to its design ensuring users can quickly locate their desired function, meeting the user’s requirements with minimal delay.
Each user is required to go through a secure logging process, once successfully logged in, the user is provided with a homepage with customisable preferences options to ensure that the tool matches their individual requirements. From here, the user can select the functions pertinent to their needs.
Web interface accessibility testing
Whilst Interoute does not have any record of documented testing with assisted users, we own the technology which provides our web chat facility and would therefore be in a position to develop a solution to meet the individual needs of an assisted technology user.
API
No
Command line interface
No

Scaling

Scaling available
No
Independence of resources
Interoute supplies equipment, configurations, security and connects everything to the 24x7 Network Management Centre. Network connections to Interoute data centres and core nodes are provided using secure links with high-capacity bandwidth over fibre connections ensuring minimum latency. The internal network infrastructure of the PoP is built upon a high-speed, fibre based network to ensure high-capacity throughput. This infrastructure uses multiple connections through highly secured network firewalls and routers to deliver full redundancy and optimal traffic delivery.
Each customer is provided with a logically separate VPN over this shared infrastructure resulting in a cost effective but highly secure and reliable network.
Usage notifications
Yes
Usage reporting
  • Email
  • SMS
  • Other

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
Data sanitisation process
No
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
No

Data-in-transit protection

Data protection between buyer and supplier networks
IPsec or TLS VPN gateway
Data protection within supplier network
IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Availability can vary from 99.99% - 97.0% depending on the options selected and can result in service credits ranging from 10% - 50% of the monthly service charge.
Please see https://www.interoute.com/uk-term and review “Edge Access Service”
Approach to resilience
All facilities are connected by Interoute’s privately owned network backbone. Interoute is an international ICT service provider and the owner operator of a global cloud platform and one of Europe’s largest networks. Our advanced fibre optic (70,000 route kilometres) network connects the business hubs of Europe, nearly 200 data centres and colocation facilities to America, Africa, Asia, the Middle East and network partners across the globe. Incorporating 15 of its own data centres and 33 colocation facilities, Interoute serves international enterprises, as well as the world’s major service providers, Internet giants and OTT providers.

All facilities have provisioning for a minimum of 8 hours uninterrupted power supply in event of a main failure. All equipment and alarm cables are fitted with tamper/sabotage warnings. A+B feeds are provided to give the customer power redundancy i.e. if the A feed fails, the B feed takes over. 8A Single feed = 8A usage- 8A A+B feed = 8A usage. This is covered in the Interoute SLA.
Outage reporting
All service management information relating to outages are presented to the customer via the "My Services" web portal which provides both statistical and graphical representation during an incident.
Interoute will provide monitoring on circuit utilisation, availability, incident updates and reporting. All information will be available to the customer via “My Services” and through the Customer Service Manager. 
My Services” enables customers to monitor core network performance, statistics for SLA measurement and application performance quickly and efficiently from one central location.
Updates to any outages will be provided via the portal, email or phone.

Identity and authentication

User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Interoute provide management services via a secure VPN access service which has firewalls at each end ensuring a seperate connection for each client managed.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Lloyds Register LRQA
ISO/IEC 27001 accreditation date
09/10/2006
What the ISO/IEC 27001 doesn’t cover
The following controls are not applicable: Access control to program source code Protecting application services transactions
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
Yes
Who accredited the PCI DSS certification
QCC Information Security Ltd
PCI DSS accreditation date
February 2018
What the PCI DSS doesn’t cover
The following controls are not applicable: Access control to program source code Protecting application services transactions
Other security certifications
Yes
Any other security certifications
  • ISAe 3402
  • HMG BPSS
  • DBS
  • GPG13
  • CPNI
  • CESG
  • SANS Institute
  • DPA
  • PSN
  • ISO 27001, ISO 7799, PCI DSS

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
ISO 270001
ISO 90001
ISAE 3402

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Through the set of integrated management tools used by Interoute, we generate and maintain the CMDB which includes information regarding access, general logs, and application logs. Interoute provides a CMDB to identify, control and record an accurate inventory of CIs.The CMDB will provide an audit trail of all changes and can be downloaded to a .csv file for further manipulation.
Interoute defines changes into three categories, soft, hard and complex. All changes will be agreed with the customer and are assessed for both risk and the potential security implication.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Interoute conducts a comprehensive risk assessment of all critical business and operations risks to our critical operations components, inclusive of risk scenarios based on industry best practice security and continuity threats, vulnerabilities and risks. This risk assessment is maintained by our Security & Governance Group audited annual by internal security professionals and external 3rd parties. The fundamental objective is to define the necessary continuity mitigation controls required to maintain operations and quality with integration into our ITIL and ISO 27001 security controls with defined performance metrics.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Security controls are applied to protect Interoute and the customer;
• Customers accessing our Data Centres must comply with site access procedures and codes of conduct.
• Use of facilities and operations must comply with stated contractual obligation to adhere to Acceptable Use Policy.
• Exchange of information and data will be controlled by contracted confidentiality clauses.
• ISO 27001 security management system protects Confidentiality, Integrity and Availability of internal and customer data.
• Security Incident Management processes report, log, respond and resolve security incidents.
Controls in place protecting security of our internal network and systems includes FW, IDS/IPS, DDOS.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Customers are able to report incidents via phone, email or through the "My Services" web portal. The severity of the incident will be determined by the data captured in the service manual. Real time updates are provided during the lifetime of the ticket and can be accessed via the portal.
Management reports are provided via the portal and can be downloaded by the customer. In addtion the service manager will provide a comprehensive report at the regular service review meetings.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Supplier
Virtualisation technologies used
Red Hat Virtualisation
How shared infrastructure is kept separate
Interoute runs multiple VDC zones and also multiple dedicated versions for a variety of large customers. In each case stringent monitoring and controls are applied to ensure the performance provided is not affected by other users on the platform.
Our standard compute service applies a 2Ghz vCPU speed and a standard l contention ratio of just 2:1.
The Interoute fully SSD storage service means that with over 10 times the IO of a spinning disk solution and the ability allocate QoS for critical volumes, Interoute can eliminate storage bottleneck issues commonly encountered on other shared service platforms.

Energy efficiency

Energy-efficient datacentres
Yes

Pricing

Price
£21.54 to £2,429.12 a virtual machine a month
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
Three months free trial is available.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tony.vesty@gtt.net. Tell them what format you need. It will help if you say what assistive technology you use.