Ideal Networks Ltd

Managed Cloud Wireless

Ideal offer a cloud based wireless solution delivered as a service priced on a subscription, utility based model. The solution is based on the Cisco Meraki range, providing the performance of enterprise grade infrastructure with the benefits of cloud management, easy provisioning, ongoing in-life software and feature upgrades included.

Features

  • Highly flexible system for mobility management
  • Cloud management
  • Inbuilt guest portal
  • 802.11 n/g/ac support
  • WIPS security
  • Self-tuning
  • 1.2Gbps radio rate
  • No per feature licenses or additional hardware required
  • Anywhere, Anytime Network Access to Meraki dashboard

Benefits

  • Powerful and scalable for the long term
  • No need to house controllers saving on power/rack space
  • No expensive professional service required
  • Fast data transfer for enhanced user experience
  • Browse corporate resources or internet securely
  • Easy login for corporate users
  • No additional costs to enable roll out of new features
  • Reduced management burden for IT

Pricing

£24.08 per device per month

  • Free trial available

Service documents

G-Cloud 10

500363875230761

Ideal Networks Ltd

Mike Henson

01273 957500

bids@ideal.co.uk

Service scope

Service scope
Service constraints Out of Scope
Single user/client specific connectivity issues
LAN/WAN/Internet connectivity issues (unless specified in scope)
Physical mounting of APs (PoA, subject to survey)
System requirements
  • Customer provided LAN
  • Customer provided internet with access to Meraki cloud

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Ideal provides 24/7 365 support. We maintain the same response times on weekdays and weekends. Minimum response time 15 minutes with service restoration within 4 hours (P1)
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.0 AA or EN 301 549
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels Ideal provides 24/7 365 support. Standard service levels will address response time (time for a suitably qualified engineer to make contact and acknowledge fault report, providing next steps for investigation) and target resolution time (time for restoration of services for affected site or service). This will be the same for weekends as it is weekdays, or as per specific customer SLA. Standard Incident SLA: P1 Response time within 15 minutes, Service restoration within 4 hours; P2 Response time within 30 minutes, Service restoration by next business day; P3 Response time within 2 hours, Service restoration within 2 business days. Ideal will manage the managed Cloud Wireless via a portal from our UK office and monitor all key system attributes, automatically generating trouble tickets in the event of any system failure.
We offer a Technical Account Manager as part of this service.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Ideal provide optional onboarding services such as detailed design, user and administrator training. All solutions will be validated by our technical team and signed off by the customer. End user, train the trainer and reception training can all be provided. Documentation for system overview and user details will be provided.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction No user data is stored in the cloud.
End-of-contract process At the end of the contract all services available over the wireless network will cease. The customer will be responsible for the removal and disposal of all APs

Using the service

Using the service
Web browser interface Yes
Using the web interface The Cisco Meraki dashboard gives visibility into the network users, their devices, and their applications. Armed with rich analytics, administrators can quickly create access control and application usage policies, optimizing both the end-user experience and network security.
Web interface accessibility standard WCAG 2.0 A
Web interface accessibility testing Na
API Yes
What users can and can't do using the API The Cisco Meraki Dashboard API is a modern, RESTful API using HTTPS for transport and JSON for object serialisation. It is similar to other modern web APIs such at Github’s, Stripe’s, and Trello’s.

The API delivers easy-to-digest data, captured in real-time, to 3rd party or custom-built applications. This gives customers with unique requirements a high degree of flexibility.

The data includes WiFi probe request details from individual clients such as access point MAC, client MAC, time stamps, and RSSI data.

The API allows users to create custom apps in the following categories;

Analytics
Marketing
Security
Automation
Location/Presence Services
Mobile Apps
Splash pages
Smart Cities

Support for other protocols, if required, can be provided by an adaptor on the client side. Cisco Meraki does not plan to build any such adaptors.
API automation tools
  • Chef
  • Puppet
API documentation Yes
API documentation formats
  • HTML
  • PDF
Command line interface No

Scaling

Scaling
Scaling available No
Independence of resources The wireless technology is designed to self-manage load within the network, meaning users will connect to the best possible Access Point.

Cisco Meraki's back-end design spreads computation and storage across independent server clusters. These clusters are provisioned in a manner that provides virtually infinite scaling of back-end resources as customer demand increases. Any server or server cluster can fail without affecting customers or the rest of the system. Cisco Meraki's distributed architecture is field-proven in networks serving hundreds of thousands of clients.
Usage notifications Yes
Usage reporting Email

Analytics

Analytics
Infrastructure or application metrics Yes
Metrics types
  • Network
  • Number of active instances
  • Other
Other metrics
  • User SSID
  • User Location
  • User Operating System
  • Radio type
Reporting types Real-time dashboards

Resellers

Resellers
Supplier type Reseller providing extra support
Organisation whose services are being resold Cisco Meraki

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • Data restoration / service migration
  • All data fully available from cloud based profile
Backup controls The service does not store or use any end user data. System data is stored across multiple EU data centres:

The Meraki cloud architecture leverages a globally distributed public
cloud architecture that provides built–in reliability, security, and
redundancy.
Hosted on data centres located exclusively in the EEA,
the Meraki EU Cloud provides reliability and business redundancy
offered by a distributed architecture while ensuring that no personal
data leaves the EEA.
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Supplier controls the whole backup schedule
Backup recovery Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks IPsec or TLS VPN gateway
Data protection within supplier network Other
Other protection within supplier network 24x7 automated intrusion detection
Protected via firewalls
Remote access restricted by IP address and verified by public key (RSA)
Systems are not accessible via password access
Administrators automatically alerted on configuration changes
Out-of-Band Architecture

Only network configuration and usage statistics are stored in the cloud
End user data does not traverse the datacentre
Sensitive data (e.g. passwords) stored in encrypted format

A high security card key system and biometric readers are utilized to control facility access
All entries, exits, and cabinets are monitored by video surveillance
Security guards monitor all traffic into and out of the datacenters 24x7,

Availability and resilience

Availability and resilience
Guaranteed availability Meraki’s cloud management is backed by a 99.99% uptime SLA. See
www.meraki.com/trust for details.
Approach to resilience Meraki’s Cloud Controller runs out of five geographically distributed co-location facilities across the U.S. and Europe and customer configuration data and statistics are securely mirrored across three data centres for multi-layered redundancy. The Meraki system treats component failures such as disk, server, or switch failures as routine. Automated failure detection, redundant alert systems and rapid failover mechanisms ensure that Cloud Controller availability is maximized even in the event of hardware failure. Network management access will be restored in minutes and each top-tier co-location facility is equipped to minimize the possibility of failures. Each data centre features diesel generators for backup power, redundant high speed carrier connections, and seismic reinforcement. In the event of a catastrophic data centre failure, Meraki networks will fail over to one of the mirrored sites. This failover will happen automatically, without intervention and with minimal to no disruption to clients on the network.
Outage reporting Service reporting is available via email alerts. Monitoring would detect if an outage had occurred and an alert would be received by the Ideal Service Centre.

Identity and authentication

Identity and authentication
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Username or password
Access restrictions in management interfaces and support channels Secure account credentials including two ­factor authentication
Account security protections (strong passwords, password expiration and rotation,
Maximum number of failed attempts, IP ­based login restrictions, etc.)
Change management including change logs and change event alerting
24x7 automated intrusion detection
A high security card key system and biometric readers
Software development life cycle and change management / change control policy and processes
Product development secure coding guidelines and training policy and procedures
Access restricted to personnel based on appropriate business need and limited by function
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Devices users manage the service through Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards Other
Other security governance standards Compliant with the major EU privacy regulations
EU Data Protection Directive 95/46
US-EU and US-Swiss Safe Harbor certified
PCI DSS Level 1 certified cloud architecture

Industry-certified Datacenters
• SSAE 16/SAS 70 Type II
• ISO 27001:2013
Information security policies and processes Meraki takes a systematic approach to data protection, privacy, and security. The Meraki team has established formal policies and supporting procedures concerning the privacy, security, review, and management of Meraki products and services. The Meraki Chief Information Security Officer and our Privacy Counsel maintain overall responsibility of the program, which is evaluated on a regular basis to ensure it is up to date and follows modern security standards and best practices as well as compliance with applicable privacy regulations.
The Meraki information security and data privacy program includes technical and organisational measures designed to ensure physical security, data integrity and privacy, and transparency. Internally, our program emphasises controls and processes that affect members of the organisation who have a business need to create, modify, upgrade, or support the products and systems that make up the Meraki solution and the products themselves (Meraki engineers who develop and support Meraki hardware, software, and backend systems).
The Meraki cloud architecture, itself, is designed for top­tier security and data privacy, and follows industry ­leading best practices for security and privacy. Meraki datacenters are certified by industry ­recognised standards including ISO 9001:2008, ISO 27001, PCI DSS, SSAE16, and ISAE 3402 (SAS­70) including Type II.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach All devices that make up the service are maintained on our Configuration Management Database (CMDB) and periodically checked against End of Life notifications.
Software updates are automatically provisioned and can be scheduled up to one month in advance. all changes are subject to full change management process including peer review.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Meraki's vulnerability management process follows good practice inline with our industry standard accreditations. We invest heavily in tools, processes, and technologies to keep our users and their networks safe, including third party audits, features like two factor authentication, and our out of band cloud management architecture. The Cisco Meraki vulnerability rewards program is an important component of our security strategy, encouraging external researchers to collaborate with our security team to help keep networks safe. The Meraki information security and data privacy program includes technical and organisational measures designed to ensure physical security, data integrity and privacy, and transparency).
Protective monitoring type Undisclosed
Protective monitoring approach Meraki's protective monitoring approach follows good practice inline with our industry standard accreditations. We invest heavily in tools, processes, and technologies to keep our users and their networks safe, including third party audits, features like two factor authentication, and our out of band cloud management architecture. The Cisco Meraki vulnerability rewards program is an important component of our security strategy, encouraging external researchers to collaborate with our security team to help keep networks safe. The Meraki information security and data privacy program includes technical and organisational measures designed to ensure physical security, data integrity and privacy, and transparency).
Incident management type Supplier-defined controls
Incident management approach The Ideal Service Centre acts as a single point of contact for managing incidents, problems and service requests. The Service Centre can be contacted by telephone, email and online portal. ITIL aligned procedures are used to coordinate all service work. Ideal can create read-only accounts that allow customers to see for themselves monitoring, traffic analytics, and Presence location analytics and engagement information. Alternatively, Ideal can provide monthly reporting of network traffic, clients and application usage.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Supplier
Virtualisation technologies used Other
Other virtualisation technology used Meraki's own patented technology
How shared infrastructure is kept separate Every Meraki device connects over the Internet to Cisco Meraki’s datacenters, which run Cisco Meraki’s cloud management platform. These connections, secured via an encrypted link, utilize a patented protocol that uses minimal bandwidth overhead (typically 1 kbps or less).Cisco Meraki’s out-of-band control plane separates network management data from user data. Management data (e.g., configuration, statistics, monitoring, etc.) flows from Meraki APs to Meraki’s cloud over a secure Internet connection. User data (web browsing, internal applications, etc.) does not flow through the cloud, instead flowing directly to its destination on the LAN or across the WAN.

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes

Pricing

Pricing
Price £24.08 per device per month
Discount for educational organisations No
Free trial available Yes
Description of free trial A single AP with cloud management can be made available with 30 day licence. Ideal will provide telephone base user support to set up the service.

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Terms and conditions document View uploaded document
Return to top ↑