Cohesive Networks

VNS3 Cloud Network Manager

VNS3:ms Cloud Network Manager is a single dashboard to manage and monitor your VNS3 networks, VPN connections and underlying cloud VLAN network components (CIDR, subnets, route tables, ACLs, security groups, etc.) A central view of the network status and logs, backup, keys, users, passwords and licencing management.

Features

  • Single console for monitoring and managing your virtual overlay networks
  • Single console for monitoring and managing your VPN connections
  • ingle console for monitoring and managing the underlying cloud networks
  • Central view of network status
  • Central view of network logs
  • Central place for backing up your network configuration for recovery.
  • Central place for multi-cloud credentials management
  • Central place for user authentication and role management
  • Central place for password management
  • Compatible with VNS3:vpn, VNS3:net and VNS3:turret

Benefits

  • Monitor and manage your VNS3 overlay network and VPN connections
  • Monitor and manage the underlying cloud VLAN network components
  • Manage your network configuration backups
  • Manage your credentials for multiple clouds
  • Manage your passwords
  • User authentication and role management
  • Manage your network encryption keys
  • Compatible with VNS3:vpn, VNS3:net and VNS3:turret

Pricing

£1200 per unit per month

Service documents

G-Cloud 9

432551543666520

Cohesive Networks

Chris Purrington

+44 7962452661

chris.purrington@cohesive.net

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints Available for all major IaaS public and private clouds for use with VNS3 networks
System requirements
  • Available for Public Clouds: AWS, Azure, CenturyLink, Google, IBM, Others
  • Available for Private Clouds: Openstack, Eucalyptus, Abiquo, and more
  • Available for Virtual Infrastructure: VMware, Citrix, Xen, KVM, and more
  • VNS3 supports most IPsec data center solutions: IKE1, IKE2, AES256
  • AES128 or 3DES, SHA1 or MD5, NAT-Traversal standards
  • Client Packs for remote devices: Windows, MacOS, Android, iOS

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Standard Support is included in the license subscription without additional charge. This included email/ticketing support during UK and USA Central Time business hours 5 days a week, excluding weekends, and US public holidays. Cohesive Networks will acknowledge and log each Technical Support email inquiry on a best efforts basis (usually within 4 business hours), and will engage staff during Standard Support hours to address the issue until a resolution is achieved or a suitable work-around has been documented via email.

Optional paid for 24/7 Quick Response support has as 1 hour response time.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels Standard Support.
Hours: 2am to 5pm US Central time excluding public holidays and weekends. SLA: Best efforts (typically less than 4 hours) initial confirmation of email requests. Continued working to resolution during business hours. Cost: Zero, included in license fee.

Enhanced Quick Response Support.
Hours: 24/7 365 days a year SLA: 24/7 On Call. High Priority Service 1 hour response with the option to continue working on resolution 24/7 Cost: £4,000 pa Subscription to Quick Response Plan plus 2 Support Unit Packs Purchase Required £2,500 pa. For services outside of Standard Support terms enhance Support units will be charged one unit per hour or part hour. Limited to three named contact, additional contacts can be added a additional cost.

Onsite Support subject to prior arrangement.
Cost £2,000 per 8 hour day or part there of plus travel and subsistence recharged at a cost.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started A supported POC or trial of VNS3:ms Cloud Networking Manager is available. This includes initial design consultation to establish POC goals and licensing requirements. Online training and full technical support throughout the POC.

To test VNS3:ms with a basic VNS3 network the Free Edition of VNS3 is available in the major cloud providers marketplaces. Images for other clouds available on request. Plug-ins upgrade can be applied to the base Free Edition licence at any time.

Configuration and Admin guides available online.

Free technical support and concierge service available for Free Edition users.

Upgrading from the Free Edition to larger paid for licences is easy, layering additional licences on top of the current licences without interrupting the service.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction N/A we do not store data.
End-of-contract process VNS3 is licensed on a subscription pay as you go basis. Customer simply stops paying when they stop using the software.

Using the service

Using the service
Web browser interface No
Application to install No
Designed for use on mobile devices No
Accessibility standards None or don’t know
Description of accessibility VNS3:ms Cloud Network Manager is a virtual appliance deployed in your cloud account to allow you to monitor and mange your VNS3 cloud networks. The VNS3:ms services is accessed via a single console UI for managing all your VNS3 networks.
Accessibility testing None
API Yes
What users can and can't do using the API Every feature available through the UI is available in the API.
API documentation Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment Yes
Customisation available No

Scaling

Scaling
Independence of resources Each customer has their own clustered encrypted VNS3 virtual network, typically one network per application, depending on the specific use case requirements these networks can be scaled vertically adding more resource to the cloud instance the VNS3 Controllers run on, or horizontally by adding more Controllers.
VNS3:ms allows customers to monitor and manage the performance and availability of the virtual network.

Analytics

Analytics
Service usage metrics Yes
Metrics types We provide license registration and instance system status information, other usage metrics are provided by underlying cloud
Reporting types
  • API access
  • Real-time dashboards
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations Other locations
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Physical access control, complying with CSA CCM v3.0
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach N/A we do not store data
Data export formats Other
Other data export formats NA
Data import formats Other
Other data import formats NA

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability VNS3 is a virtual appliance that runs in your cloud account, availability is determined by the cloud service provider you use. VNS3 can be configured for HA.
Approach to resilience VNS3 can be deployed in a mesh across multiple cloud Availability Zones, Cloud Regions or even Cloud Service Providers. If the hardware under one VNS3 controller fails the connected servers will automatically failover to the next Controller even if in a different Cloud. Assuming the IPSec devices support multi-peer list or similar the IPSec connections can be configured to failover. If not VNS3:ha stand-by Controllers can be deployed, these will maintain synchronisation with the production controllers and step in if the production Controller fails.
Outage reporting We provide customers with an optional dashboard, VNS3:ms, for monitoring and managing their virtual networks. We also allow the use SNMP traps and the APIs allows customer to output status and logs to third party monitoring tools

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels Restricting access in management interfaces is done through segmentation, policy-based filtering, and end-to-end encryption using uniquely generated cryptographic keys. Segmentation is achieved by using separate subnets or VLANs to isolate the mangement interfaces from the production interfaces. IP filtering is used to further restrict any cross over between the interfaces. All packets moving through the management network is encrypted using the VNS3 peering mesh.
Access restriction testing frequency At least every 6 months
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations Yes
Any other security accreditations
  • VNS3 is a building block for secure systems or processes
  • VNS3 itself is not accredited
  • PCI & HIPAA systems use VNS3 to achieve compliance

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation No
Security governance approach Management; responsibility of the COO/CFO who is a member of the USSS's Electronic Crimes Task Force, and Treasurer of the FBI's Infragard. COO/CFO sets and audits policies and procedures.

Customer vetting; sales is responsible for reporting clients of interest to the COO/CFO, who in turn requests review by the Secret Service.

ALM; 3rd party certification company on retainer for vetting ALM and cryptography.

Key Management: one-time process for clients to achieve private dedicated control of the software.

Support Access; requests require one time key for administrators. An independent vetted service provides clearance documentation to clients upon request.
Information security policies and processes VNS3 does not store data so does not have any information to protect. For internal data use accredited and audited SaaS services.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach VNS3 is a virtual appliance you run in your cloud account. Configuration and change management processes are provided by and managed by the cloud service provider.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach VNS3 is a virtual appliance you run in your cloud account. Vulnerability management processes are provided by and managed by the cloud service provider.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach VNS3 is a virtual appliance you run in your cloud account. Protective monitoring processes are provided by and managed by the cloud service provider.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach VNS3 is a virtual appliance you run in your cloud account. Incident Management processes are provided by and managed by the cloud service provider.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £1200 per unit per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial A license limited edition of VNS3:net. License restricts the number of VNS3 Controllers (1), IPSec endpoint connections (1), tunnels(1) and SSL/TLS client pack connections (5). Includes forum support. Can be used in production without time restriction, but limited to one per organisation.
VNS3:ms POC licence available on request
Link to free trial https://cohesive.net/products/vns3vpn

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑