Exponential-e Ltd


Exponential-e's SD-WAN architecture is a fully managed, hybrid, low-latency private WAN / Internet service with any-to-any connectivity to a number of services - be it public or private Cloud, branch sites, SaaS or more.

SD-WAN provides the flexibility to utilise multiple access technologies, enabling business agility in today’s ever-changing world.


  • Provides enterprise class Software-Defined Networking (SD-WAN)
  • Centralized management and automatic orchestration of routing, policies and security
  • Provides real- time statistics of the network utilisation and availibility
  • Provides real- time statistics of network utilisation per application
  • Zero-touch implementation reducing the requirement for skilled staff
  • Connects all sites without the need for bespoke connectivity
  • SD WAN / SDWAN/ SDN/ SD N / SD Network


  • Ability to implement policies network wide within seconds
  • Provide network flexibility and agility
  • Able to integrate SD-WAN sites with traditional VPLS network
  • Integrates with Palo Alto Global Protect service
  • Local internet breakout for SaaS applications


£155.52 per instance per month

  • Free trial available

Service documents

G-Cloud 11


Exponential-e Ltd

Kay Sugg



Service scope

Service scope
Service constraints There are maintenance windows that are planned in advance for software upgrades. These maintenance windows are communicated to all of the clients well in advance.
System requirements N/A

User support

User support
Email or online ticketing support Email or online ticketing
Support response times The response times depend on the severity of the support request. The response times range from 30 minutes for a critical requests to 4 hours for information requests. More details can be provided on request.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels 24x7x365, including Bank Holidays. This is included as standard
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started During the on-boarding process, training will be provided to the designated users of the service. The training can be provided onsite or online depending on requirement.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction All customer data that is held, would be handed back at the end of the contract on request.
End-of-contract process There will be extra charges where additional resources are required for changes during the migration period.

Using the service

Using the service
Web browser interface Yes
Using the web interface Configuration, reporting and logging (providing access has been granted by Exponential-e, on request by the Buyer).
Web interface accessibility standard None or don’t know
How the web interface is accessible Not applicable
Web interface accessibility testing None
Command line interface No


Scaling available Yes
Scaling type Automatic
Independence of resources The SD-WAN controllers, which are hosted within Tier3 Data Centres, are federated between and can therefore be augmented to scale for any number of users or companies.
Usage notifications Yes
Usage reporting
  • Email
  • Other


Infrastructure or application metrics Yes
Metrics types
  • Network
  • Number of active instances
  • Other
Other metrics
  • Traffic Statistics
  • Application Statistics
Reporting types
  • Real-time dashboards
  • Reports on request


Supplier type Reseller providing extra support
Organisation whose services are being resold Nuage

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up The configuration database
Backup controls Users cannot control the backups as the full configuration is backed up
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Supplier controls the whole backup schedule
Backup recovery Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • IPsec or TLS VPN gateway
Data protection within supplier network IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability Smart Wires Resilient Advanced & Smart Wires Resilient Advanced Secondary 99.995%
Smart Wires EoF & Smart Wires Resilient 99.990%
Smart Wires EoF/EoC Cross Connects & Smart Wires Resilient (Data Centre) 99.900%
Single Smart Wires EoF 99.900%
Smart Wires Broadband N/A

Service Level Calculations

Service Credits are calculated as a percentage of the monthly charge for all the affected services delivered over the unavailable service.
Approach to resilience This is available on request
Outage reporting The service reports the outages through email alerts, the public customer portal and to our 24*7*365 managed service desk who will then call the client to inform them of the alert that they have received.

Identity and authentication

Identity and authentication
User authentication 2-factor authentication
Access restrictions in management interfaces and support channels There is role based authentication that is setup for the service to ensure that users are only able to access the resources that they require access to.
Access restriction testing frequency At least every 6 months
Management access authentication 2-factor authentication
Devices users manage the service through Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for Between 6 months and 12 months
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for Between 6 months and 12 months
How long system logs are stored for Between 6 months and 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 BSI
ISO/IEC 27001 accreditation date 13/04/2018
What the ISO/IEC 27001 doesn’t cover N/A
ISO 28000:2007 certification Yes
Who accredited the ISO 28000:2007 BSI
ISO 28000:2007 accreditation date 13/04/2018
What the ISO 28000:2007 doesn’t cover N/A
CSA STAR certification Yes
CSA STAR accreditation date 13/04/2018
CSA STAR certification level Level 3: CSA STAR Certification
What the CSA STAR doesn’t cover N/A
PCI certification Yes
Who accredited the PCI DSS certification Blackmores UK
PCI DSS accreditation date 19/03/2019
What the PCI DSS doesn’t cover Hosting Provider – Applications, Storage, Security Services, shared hosting, Online Hosting, Managed Services – System Security, IT Support, Backup, Cloud Services Payment Processes – All payment services
Other security certifications Yes
Any other security certifications CAS(T) NCSC-264868406-1689

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes The security of our Network is fundamental to our business and have implemented a wide range of security measures. Our network has undergone rigorous security assessments - undertaken by BSI - and has achieved ISO 27001 (tested every six months) and PCI-DSS (tested annually) certifications to ensure security standards. Most recently we became accredited to CAS-Telecommunications by the National Cyber Security Centre (NCC). This certifies our Connectivity (Smartwires - WAN, VPLS, Internet) and augments our HSCN status for Public Sector contracts. Exponential-e were the first HSCN Stage 2 supplier to also have attained CAS-T, and are actively progressing to Stage 3 accreditation. To become accredited, NCC had to conduct an IT Health Check across our Network and all Engineers were “CHECK” approved. The test took 25 days.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Details are available on request
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Details are available on request
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Details are available on request
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Details are available on request

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Third-party
Third-party virtualisation provider Nuage
How shared infrastructure is kept separate Each of the services that are configured for a client, are configured with a unique identifier that is used to ensure that each client is kept separate.

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes
Description of energy efficient datacentres • All our Data Centres are ISO14001 accredited organisations with robust environmental management systems • Procuring consumed energy from sustainable energy sources wherever possible • Ensuring the use of hot/cold aisle cooling design in our Data Centres, which reduces energy consumption as the cooling is more efficient and helps our customers to reduce their carbon footprint


Price £155.52 per instance per month
Discount for educational organisations No
Free trial available Yes
Description of free trial Where a trial is agreed to, we will include the hardware and the implementation support, we will not include the onsite installation. The trial will be for a maximum of 1 month.

Service documents

pdf document: Pricing document pdf document: Skills Framework for the Information Age rate card pdf document: Service definition document pdf document: Terms and conditions pdf document: Modern Slavery statement
Service documents
Return to top ↑