A Website Application Firewall (WAF) & Intrusion Prevention System (IPS) which provides advanced Distributed Denial of Service (DDoS) protection with layer 3/4/7 network protection.
- A weekly report for each of your site(s)
- Content Delivery Network (flat rate bandwidth)
- Web Application Firewall (WAF)
- Intrusion Prevention System (IPS)
- SSL Certificate support
- PCI compliant firewall protection
- DDoS attack prevention
- Brute force attack prevention
- Protection form exploiting known software vulnerabilities
- Continuous malware & hack scanning with automatic alerting upon detection
- Free SSL certificate included for 1 domain
£660 per unit per year
Ixis IT Limited
|Email or online ticketing support||Yes, at extra cost|
|Support response times||
30 minutes for critical.
2 Hour response for non-critical problems.
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||None or don’t know|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Support available to third parties||No|
Onboarding and offboarding
We provide on-boarding support to assist with the DNS change to add the WAF to your live website.
Additional support can be provided for configuring the Drupal CMS with a dedicated module to enable automated cache clearing in the CDN.
|End-of-contract data extraction||There is no data to extract from the service.|
You must point your DNS away from the service and change it to point directly at your new CDN or the host server.
We will assist in the information needed for re-pointing DNS.
Using the service
|Web browser interface||No|
|What users can and can't do using the API||
Dashboard metrics, Scanning, and CDN all provide their own API endpoints over HTTP
Documentation for the APIs can be found from the dashboard once logged in to the service.
|API automation tools||
|API documentation formats||HTML|
|Command line interface||No|
|Independence of resources||The cloud proxy content delivery network (CDN) provides performance optimisation by caching content so that the destination server doesn't get reached.|
|Infrastructure or application metrics||Yes|
|Supplier type||Reseller providing extra support|
|Organisation whose services are being resold||Sucuri|
|Staff security clearance||Staff screening not performed|
|Government security clearance||None|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||No|
|Datacentre security standards||Supplier-defined controls|
|Penetration testing frequency||Never|
|Protecting data at rest||Other|
|Other data at rest protection approach||Only anonymous visitor data is collected.|
|Data sanitisation process||No|
|Equipment disposal approach||A third-party destruction service|
Backup and recovery
|Backup and recovery||No|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
99.5% availability with monitoring every 30 minutes 24/7/365
Threat mitigation from immediate to 4 hrs response depending on severity
|Approach to resilience||The WAF runs on a Globally Distributed Anycast Network (GDAN). The GDAN configuration allows for high availability and redundancy in the event of any failures in the network. There are currently six Points of Presence (PoP) around the globe.|
|Outage reporting||Alerts are available as email, RSS, Slack notifications, SMS or Twitter private direct messages.|
Identity and authentication
|Access restrictions in management interfaces and support channels||All services are restricted access requiring either a username and password of 2fa.|
|Access restriction testing frequency||At least once a year|
|Management access authentication||
|Devices users manage the service through||Directly from any device which may also be used for normal business (for example web browsing or viewing external email)|
Audit information for users
|Access to user activity audit information||No audit information available|
|Access to supplier activity audit information||No audit information available|
|How long system logs are stored for||Less than 1 month|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||Alcumus ISOQAR|
|ISO/IEC 27001 accreditation date||27/04/2018|
|What the ISO/IEC 27001 doesn’t cover||Working in secure areas (11.1.5)|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||Yes|
|Any other security certifications||Cyber Essentials|
|Named board-level person responsible for service security||No|
|Security governance certified||No|
|Security governance approach||.|
|Information security policies and processes||Supplier defined|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
All components of the service both CDN and WAF are tracked and updated annually or as deemed necessary to reduce security threats.
Changes are assessed for their impact and risk, and a process of continual identification, monitoring and review of the levels of IT services specified in the SLA ensure that quality is maintained. All changes are implemented through a version-controlled configuration management system and progress through a series of automated and manual testing steps before being applied to the 'live' infrastructure. This systematic approach ensures that changes to services are reviewed, tested, approved and communicated.
|Vulnerability management type||Undisclosed|
|Vulnerability management approach||Monitoring takes place 24/7 every 30 minutes with patches deployed within 4hrs of a potential threat being detected.|
|Protective monitoring type||Undisclosed|
|Protective monitoring approach||24/7/365 monitoring is provided and incidents are responded to within 30 minutes.|
|Incident management type||Undisclosed|
|Incident management approach||
We have established practices for managing and recovering from incidents, and restoring a secure service.
Users report by phone / email or raising a ticket on our partner portal.
Incident reports are provided by ticket - with root cause analysis where needed.
|Approach to secure software development best practice||Supplier-defined process|
Separation between users
|Virtualisation technology used to keep applications and users sharing the same infrastructure apart||No|
|Price||£660 per unit per year|
|Discount for educational organisations||No|
|Free trial available||No|
|Pricing document||View uploaded document|
|Terms and conditions document||View uploaded document|