G-Cloud 11 services are suspended on Digital Marketplace

If you have an ongoing procurement on G-Cloud 11, you must complete it by 18 December 2020. Existing contracts with Frequentis AG are still valid.
Frequentis AG

Hosted 3020 LifeX: Dispatch and First Contact Solution for Critical Control Rooms

The on- or off premise hosted 3020LifeX solution provides a full web-based call centre solution including ACD, IVR, recording, and integration with Airwave and ESN (when available). Together with a host of other features tailored to safety critical control rooms it provides a reliable solution to base your operations on.

Features

  • Airwave and ESN (when available) integration
  • Call Centre functionality including Queing, ACD, IVR and recording
  • NG112/999 (when available) compliant
  • Fully web based HTML5 client, using USB headsets/footswitches
  • Integration of local telephone lines/Airwave CCI ports/Analog Radio
  • Modern GUI optimised for Mouse & Keyboard or Touch Screen
  • Rapid scalability beyond ordered limits
  • Emergency calls will not get lost due to network issues
  • always up to date with latest LifeX SW versions
  • Comprehensive reporting and dashboards available

Benefits

  • Have your control room everywhere where your network is
  • Use it on any device (PC, laptop,..) in your network
  • Access Airwave, ESN, intercom and Telephony functionality using your browser
  • your choice of on- or off-premise hosting
  • No-worries maintenance and helpdesk arrangements
  • Unmatched service availability; solution designed with reliability, resiliancy and redundancy
  • removes the need for a separate PABX and/or voice-recording-system
  • Removes the need for a separate ACD and/or IVR system

Pricing

£380 a user a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at david.king@frequentis.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 11

Service ID

4 4 0 2 4 0 1 4 6 5 2 2 6 1 0

Contact

Frequentis AG David King
Telephone: +447540841220
Email: david.king@frequentis.com

Service scope

Software add-on or extension
No
Cloud deployment model
Community cloud
Service constraints
On-premise hosting incurs additional service costs, to be determined during onboarding.
Only certain COTS headset and footswitch models are certified for use with LifeX.
System requirements
  • Certified web browsers: Chrome (>v60), Internet Explorer 11 (>11.0.9600).
  • Client to run Windows OS 8.1 or higher
  • WAN: 300-500kbit/user depending on number of audio devices
  • WAN: additional bandwidth for remoting local telephone/Airwave interfaces
  • WAN: Latency max. 50ms end-to-end
  • WAN: Jitter max. 15ms
  • WAN: Packet Loss max. 0,5%

User support

Email or online ticketing support
Yes, at extra cost
Support response times
The Helpdesk handles all service requests using the ITSM Tool (IT Service Management Tool) and is reachable via telephone, fax and email 24/7. The helpdesk can be used to report all the categories of incidents and for all other concerns regarding Frequentis responsibilities. Service impacting reports will be responded to within 4 hours, detailing the course of actions to resolve the issue.
Questions regarding usage of the solution will be forwarded to solution experts and generally be answerred within 2 working days by the cloud support engineer.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 A
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
First and Second line support arrangements are dependent on the off- or on-premise cloud hosting platform used to host the LifeX solution and are determined during the onboarding process.
Frequentis provides a third line support alligned with ITEL V3 with extensive incident and problem management, service management and support, business continuity management and software maintenance services. SLAs are determined and agreed during the oboarding process.

The cost of this third line support is included in the monthly user rate.

Within the service department cloud support engineers are provided.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Onboarding is a guided process where Frequentis together with the customer determine the exact needs and set-up tasks to perform. This includes identifying local network requirements, interfaces to connect to, Airwave and -when available- ESN configuration (incl. fleetmapping, Alias definitions etc.), required training, SLA definition and go-live support. These efforts are variable per customer and are charged as per the rate card.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
At the end of the contracted period, the customer will receive an dump in .CSV format from the statistical data accumulated for the service period. Also a dump of the user and role configuration will be provided. These can be used by the customer to document the configuration and usage of the service.
End-of-contract process
Included are the dump from the statistical database and configuration. Any other reports result in an additional charge as per rate card.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Chrome
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
USB footswitch, loudspeaker and headsets can be connected to desktop service. Mobile service uses mobile phone as audio device and tablet as user interface.
Service interface
Yes
Description of service interface
The Frequentis LifeX user interface has been designed based on user feedback from our wide range of customers, structured observations and adherence to established GUI guidelines like ISO9241 and ISO11064.
Accessibility standards
WCAG 2.1 A
Accessibility testing
The Frequentis LifeX user interface has been designed based on user feedback from our wide range of customers, structured observations and adherence to established GUI guidelines like ISO9241 and ISO11064. Additionally, each iteration of the LifeX user interface is tested in Frequentis' User Experience Laboratory to determine objective usability and subjected perception KPIs. The client uses standard Web technologies with associated accessibility functionality.
API
Yes
What users can and can't do using the API
The Life Interface is a standardised interface of the 3020 LifeX. It allows a third party client or system to access all functionalities of the 3020 LifeX system. It allows full access to correlating functionality and data as well as to control the 3020 LifeX clients. It is meant for integration with customer specific C&C and/or CRM systems. It is not meant as an API to "set up the service or make changes to it". Note, that integration support is an additional service that can be ordered.
API documentation
Yes
API documentation formats
HTML
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
At the basis of the 3020 LifeX is a role-based layout, routing and access right mechaism. Using the web browser based Configurator, the customer can configure for its orgnisation:
- Users and which roles each user is allowed to select
- Role: Routing rules (including ACD, IVR, escalation etc.)
- Role: Basic Layout (radio, telephony, intercom, Action pads, mapping, external web pages etc.)
- Role: Accessible talk-groups and telephone lines/trunks

Only users given admin rights by the customer's Administrator can make configuration changes.

Note that users have a personal section on the "Action Pad" panel to store personal telephony/Airwave/ESN numbers of favourites.

Scaling

Independence of resources
The hosting platform will be scaled such, that the maximum number of concurrent users and concurrent communication channels are supported. Under normal circumstances the platform will therefore be "over provisioned". With each new demand additional computing resources will be made available to maintain the guaranteed performance.

Analytics

Service usage metrics
Yes
Metrics types
A Web based operational Dashboard is available providing an overview of the current user activities (Active conversation details, ACD status overview), with summary overviews of contacts per conversation category, currently handled conversations, currently waiting, work shift and overall day performance.

Performance overview (shift and overall day) also provides a graphical indication if a (configurable) KPI has been met or not.

In Addition, several reports can be created using the Management Information System web client.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
Encryption of all physical media
Data sanitisation process
No
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
We differentiate between statistical usage data and configuration data. Statistical data cen be exported via the Management Information Systems' web interface in several formats (PDF, CSV,XML, XLS). Additionally, a full statistical database dump can be requested for an additional service charge.

An export of the configuration data from MongoDB (roles, users, talkgroups, call routing etc.) can be requested for an additional service charge.
Data export formats
CSV
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
The availability depends on the hosting platform and provider chosen by the customer. We provide the flexibility to host our cloud solution off-premise using e.g. a G-Cloud hosting provider fulfilling certain requirements, or on-premise using the customer's private cloud environment. Depending on the hosting platform set-up and network availability the final availability figure will be negotiated with the customer.
Approach to resilience
The architecture of LifeX is designed to meet the high-availability and reliability requirements for mission critical environments. The system is a software-based solution, based on Frequentis standard software products. Resilience is achieved om multiple levels.
(1) The base is provided by the high-available hardware components used in the datacentre (servers, network etc.) and -if necessary- radio interfaces gateways.
(2) The high-performing virtualisation infrastructure in the datacentres provides the secondary resilience level. The solution uses virtual servers separating it from the underlying hardware and use the available computing resources in a most efficient way.
(3) The third and major level of the resilience is provided by the sophisticated software architecture of the solution, where all business critical components run in a n+m redundancy concept. This allows us to deploy multiple instances of software components to provide customised software-resilience.
(4) On top of this resilience concept, a possible Geo-redundant deployment provides the fourth level of resilience with improved Business.
Based on these multiple levels of resilience, the proposed solution is designed to keep disruptions and risks of failure on a minimum level. In case of failures of single elements, there is no influence on the overall service availability.
Outage reporting
The service provides email alerts to designated recipients on the customer side, providing timely information about systems events impacted their service. Additionally, the customer has access to our ITSM customer access web site. This ITSM Tool allows the ITIL v3 compliant tracing and documentation of all incidents found in the System under Maintenance. The customer can log in to the ITSM Tool at any time and check the status of his incidents, provide further information to an incident and so on. The LifeX clients themselves also provide immediate feedback on position impacting issues.

Identity and authentication

User authentication needed
Yes
User authentication
2-factor authentication
Access restrictions in management interfaces and support channels
Users authenticate using their specific user credentials (username / password) to get access to the system. Authentication is performed using 2-factor authentication (client side certificate and password).
Users get access to the appropriate facilities using their specific user account and selected role, based on the configuration of each user’s access rights. For instance, only administrators will have access to facilities that relate to any technical configuration, to make sure that no operator etc. can change administrative configurations. Supervisors or Control Room Managers will have access to the appropriate configuration tool sections and additional functionality at the working position.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
CIS - Certification & Information Security Services GmbH
ISO/IEC 27001 accreditation date
16.05.2011
What the ISO/IEC 27001 doesn’t cover
Not applicable
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
FREQUENTIS develops and produces communication systems for safety-critical applications and for the defence market. FREQUENTIS runs a certified information security management system according ISO 27001:2013 focussed on risk management and continuous improvement. Information security regards in particular Availability, Integrity, Confidentiality and Authenticity.

The System Security Policy Guidelines provides practical work instruction for the implementation. The policy further refers to other accompanied documents that address extensive topics e.g. Incident Response Plan or Software Implementation Guidelines.
The policy is signed by the management. It is implementation independent and comprises the whole Frequentis product portfolio. The policy requirements are enforced through the security process.
The policy addresses the security requirements for system design and implementation within product or project development. Policy content is based on industry well known best practices that applies to Frequentis systems. On top of this, a Security Assessment methodology complements the requirements in cases that the security requirements cannot be fulfilled by the best practices only.
Security process is incorporated in the Frequentis development process. Engineering policy addresses the security requirements for system installation, configuration and integration. Similar to the development process, the requirements are followed and checked in the particular project milestones referring to the delivery process

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
FREQUENTIS Uses the PRODIS tool which is for product managers, technical product managers and development project managers to plan and administrate deliverables. Deliverables are tracked starting with the first announcement until they delivered to the customer including phasing out and service discontinuation. It gives information about the software that has been sold to the customer, when and in which exact version it has been delivered.
Every alteration of the system or its configuration is subject to the change control procedure. As a consequence, every workaround or patch has to pass the impact assessment including evaluation of possible security implications.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Frequentis Computer SECURITY & INCIDENT RESPONSE TEAM (CSIRT) focuses on the identification of emerging security incidents. Common vulnerabilities issued in the security community are collected, assessed and pre-filtered in terms of applicability to Frequentis systems by company-wide communication via security notifications in different notification categories. The category is defined based on the nature of the exploit, the attack vector and involvement of classified data.
Cooperation with customer concerning vulnerability classification and notification shall be agreed in SLA.
CSIRT follows CERT.at, all major hardware/software vendors, online Cyber Awareness Systems (e.g. US-CERT, NVD, CVE) and other online sources (heise.de, The Register, etc.)
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Members of the CSIRT monitor the emerging exploits/vulnerabilities and identify the incidents related to Frequentis systems for the achievement of satisfactory security and safety. Monitoring is done on behalf of various sources (see 53).
One of the 4 security categories is assigned to the identified warning and respective reaction (Security Notification of Security Information) is issued to the concerned parties. Project organisations evaluate the notification applicability in their system environment and configurations and provide proper response to the concerned customers. The vulnerability level, the response times and the scope shall be defined in service agreement between Frequentis and the customer.
Incident management type
Supplier-defined controls
Incident management approach
Incident management process is carried out by the internal CSIRT (see point 53) based on the Incident Response Plan that describes the ongoing incident management activities including security notification and the event triggered activities concerning security event response.
Employees are using the organization’s information systems and services required to note and report any observed or suspected information security weaknesses in systems or services.
Security Warning triggers Security Notifications or Security Information. In case of safety relevance, the internal Hazard Process is triggered. A Security Event triggers the Security Event Response that is documented in the Security Event List.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
Yes
Connected networks
Other
Other public sector networks
  • Airwave
  • ESN-DNSP

Pricing

Price
£380 a user a month
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at david.king@frequentis.com. Tell them what format you need. It will help if you say what assistive technology you use.