Distributed denial of service attack (DDOS) protection as a service
Distributed denial of service attack (DDOS) protection as a service
Features
- Cyber Security
- Threat and Vulnerability Management
- Security Controls and Identity Management
- Security Crisis and Incident Response
Benefits
- Integrated CIC build-up using intelligent discovery with current-state analysis
- Multi-tenancy and centralized management
- Centralized vulnerability management
- Centralized management of IT and IT security devices
- Key Benefits24x7 continuous and intelligent monitoring
Pricing
£150 to £900 a person
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at ali.rahman@coforgetech.com.
Tell them what format you need. It will help if you say what assistive technology you use.
Framework
G-Cloud 10
Service ID
7 1 0 4 5 1 7 0 7 8 6 5 0 8 1
Contact
COFORGE U.K. LIMITED
Ali Rahman
Telephone: 07801573323
Email: ali.rahman@coforgetech.com
Service scope
- Service constraints
- No constraints subject to requirements at engagement start.
- System requirements
- Subject to clients requirements - multiple deployment options available
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- We are flexible and can contract to clients' requirements.
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.0 A
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- Yes, at an extra cost
- Web chat support availability
- 24 hours, 7 days a week
- Web chat support accessibility standard
- WCAG 2.0 A
- Web chat accessibility testing
- We leverage the assisted framework from the chat provider
- Onsite support
- Yes, at extra cost
- Support levels
- Our services are standardized across three categories: Silver, Gold and Platinum. These varies based on the service level, support coverage, shared/dedicated team and accordingly vary in pricing.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- We will provide user documentation, kickoff call and on-site training, if needed.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- ODF
- Other
- Other documentation formats
-
- Microsoft Word
- Microsoft Powerpoint
- End-of-contract data extraction
- Immediately after the contract expires, all the data is handed over to the clients
- End-of-contract process
- This will be as per the contractual agreements
Using the service
- Web browser interface
- Yes
- Using the web interface
- Users can setup , configure and monitor and tabs are available to perfrom activities. Technology specific constraints may apply
- Web interface accessibility standard
- WCAG 2.0 A
- Web interface accessibility testing
- We leverage the platform providers accessibility support
- API
- Yes
- What users can and can't do using the API
- Reporting and execution subject to platform
- API automation tools
-
- Ansible
- Chef
- OpenStack
- Terraform
- Puppet
- API documentation
- Yes
- API documentation formats
-
- Open API (also known as Swagger)
- HTML
- ODF
- Other
- Command line interface
- Yes
- Command line interface compatibility
-
- Linux or Unix
- Windows
- MacOS
- Other
- Using the command line interface
- Syntax differs dependent on product used but all commands to start, stop, configure , run and monitor are available via a CLI.
Scaling
- Scaling available
- Yes
- Scaling type
-
- Automatic
- Manual
- Independence of resources
- We size technology and resources according to client requirements
- Usage notifications
- Yes
- Usage reporting
-
- API
Analytics
- Infrastructure or application metrics
- Yes
- Metrics types
-
- CPU
- Disk
- HTTP request and response status
- Memory
- Network
- Number of active instances
- Other
- Other metrics
- Additional features available subject to technology
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Reseller providing extra support
- Organisation whose services are being resold
- AWS, Microsoft, Asigra , Symantec , Other major OEM
Staff security
- Staff security clearance
- Conforms to BS7858:2012
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- Other locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- In-house
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with SSAE-16 / ISAE 3402
- Encryption of all physical media
- Scale, obfuscating techniques, or data storage sharding
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Hardware containing data is completely destroyed
- Equipment disposal approach
- A third-party destruction service
Backup and recovery
- Backup and recovery
- Yes
- What’s backed up
- Platform itself is backed up via mirror
- Backup controls
- Flexible and configurable backup is available for a specific contract
- Datacentre setup
- Multiple datacentres with disaster recovery
- Scheduling backups
- Supplier controls the whole backup schedule
- Backup recovery
-
- Users can recover backups themselves, for example through a web interface
- Users contact the support team
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Legacy SSL and TLS (under version 1.2)
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Legacy SSL and TLS (under version 1.2)
- Other
- Other protection within supplier network
- Network sub-netting and firewall policy management
Availability and resilience
- Guaranteed availability
- The availability function is dependent on the specific solution and platform
- Approach to resilience
- Ensuring higher availability at every layer through availability zoning and redundant components.
- Outage reporting
- Email alerting and dashboards via browser and API
Identity and authentication
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
- Access restrictions in management interfaces and support channels
- We have a robust identity and access management solution provide by global software vendors
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
- Devices users manage the service through
-
- Dedicated device on a segregated network (providers own provision)
- Dedicated device on a government network (for example PSN)
- Dedicated device over multiple services or networks
- Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- NIIT Technologies Ltd is certified on ISO 27001:2013
- ISO/IEC 27001 accreditation date
- 18/03/2005
- What the ISO/IEC 27001 doesn’t cover
-
The following controls are not applicable as per our latest Statement Of Applicability Ver. 3.2
1.Protecting application service transaction (A.14.1.3)- As The company does not provide any payment and ecommerce service
2.Outsourced development (A.14.2.7)- As The organization does not outsource software development. - ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
-
- CSA CCM version 3.0
- ISO/IEC 27001
- Information security policies and processes
-
NIIT Tech has well defined information security policies and procedures aligned with ISO 27001:2013 ISMS controls. The responsibility of ensuring adherence to this policy lies with all NIIT Tech employees covered within the scope of the ISMS. The CISO is responsible for coordinating the implementation, monitoring, controlling, reviewing and improving the ISMS under the directions of the MISF (Management Information Security Forum) .
The MISF is a cross-functional forum comprising of delivery, technology, practice and functional heads. All Project / Functions across the organization shall cooperate with MISF to implement and maintain the desired level of information security. The MISF meets on a half-yearly basis, and report to the Management (IT Steering Committee) represented by the CEO.
The effectiveness and efficiency of the controls implementation and adherence to the policies are being evaluated by ISMS audits conducted by internal and independent external authority on a half yearly basis.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- Change and configuration management processes are defined to ITIL V3
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
NIIT Tech follows vulnerability management process as part of the operation security policy to detect, analyse and remediate the vulnerabilities discovered.
Vulnerability assessment, penetration testing and configuration review of the network devices are being carried out by internal and independent third party on a quarterly basis.
NIIT Tech also liaise with external security agencies like CERT-IN, OWASP, ISC2, PWC etc. and gets the information of the new and upcoming threats and vulnerabilities and updates the relevant security measures on a timely basis. - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
We have a dedicated Cyber Intelligence Center equipped with tools like SIEM (Security information and Event Management) IDAM (Identity and access management) , Digital Forensic, Cyber Threat Intelligence feeds and a cyber breach response plan to detect, monitor and address the information and cyber security breach
We follow a well-defined incident management process to monitor and address information security related breaches. It defines the process for reporting, assessment and response with defined roles. Each incident, based on its severity ,has a target closure date, In case of non-closure of an incident within a timeframe, automatic reminders are triggered. - Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
- Incident management processes defined to ITIL V3 best practices
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- Yes
- Who implements virtualisation
- Supplier
- Virtualisation technologies used
- VMware
- How shared infrastructure is kept separate
- Separation of organisations is managed by network separation and security policies
Energy efficiency
- Energy-efficient datacentres
- Yes
Pricing
- Price
- £150 to £900 a person
- Discount for educational organisations
- No
- Free trial available
- No
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at ali.rahman@coforgetech.com.
Tell them what format you need. It will help if you say what assistive technology you use.