Telefonica UK Limited

Panda Security Portfolio from O2

Panda Security Portfolio:
-Panda Adaptive Defense 360 - Endpoint Detection and Response (EDR) solution.
-Panda Endpoint Protection Plus - Security Management of all the computers in your network.
-Telefonica can offer a Managed Detection and Response (EDR) service through their Enterprise Security-Operations-Center(SOC) supported by Panda Adaptive Defense 360 Endpoint Detection&Response(EDR).

Features

  • Cloud-based deployment, management and reporting
  • 100% pre-execution process attestation (Windows only)
  • Forensics and reporting to turn network data into security intelligence
  • Discover and monitor unstructured Personally Identifiable Information (PII)
  • Patch management for Windows and third-party applications
  • Threat Hunting from Panda SOC
  • Comprehensive centralized view of security, with detailed drill down capabilities/alerts
  • Minimal endpoint resource usage
  • Simple Licence model– endpoint/server/mobile device all one license
  • Works with legacy OS (including Windows XPSP3 & Server 2003)

Benefits

  • Management from any location, with groups and multiple user policies
  • OS Audit, monitor and prioritize updates for OS (Panda patch-management)
  • PandaLabs Threat Hunting team constantly monitoring for threat and indicators
  • Identifies contextual attacks utilizing legitimate tools such as RDP/PowerShell/Socat
  • Single-pane view of network security status with notifications for issues
  • Network not impacted by multiple disparate security layers
  • One-click Isolation and remediation of infected devices added to network.
  • Contributes to regulatory compliance (GDPR, HIPAA and PCI)
  • Trusted solution certified under common criteria EAL2+

Pricing

£4.00 a user a year

Service documents

Framework

G-Cloud 12

Service ID

7 4 5 7 5 9 0 8 8 4 2 5 4 1 0

Contact

Telefonica UK Limited Neil Cruden
Telephone: 07872015506
Email: g-cloud_framework@o2.com

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
Additional information available upon request.
System requirements
  • Web Console (only monitoring)
  • - Internet connection Agent
  • - Operating systems(workstations): Windows XPSP3 or later (Vista,7,8,10)
  • Additional details available upon request

User support

Email or online ticketing support
Email or online ticketing
Support response times
Email: corpsupport@uk.pandasecurity.com
Available 24x7x365. Include client details, product and the nature of the request
Product: Support can be requested at any time through the product management console, where you can raise a ticket and submit PS info diagnostic file at the click of a button.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
https://www.pandasecurity.com/uk/support/#enterprise
Web chat accessibility testing
Contact O2 for additional information.
Onsite support
No
Support levels
All support is inclusive. Panda Security use a companywide global CRM/Helpdesk system (Salesforce) as a platform to manage all support issues. This provides a hosted ticketing system used to log and track all issues raised from outset through to solution.
Support available to third parties
No

Onboarding and offboarding

Getting started
Quick Start Install and Security Settings Guide
In order to get users started with our solutions Panda Security also provide more concise documents such as the quick install guides http://partnernews.pandasecurity.com/uk/src/uploads/2019/02/AD360-or-EPP-Over-Aether-Quick-Install-Guide.pdf for each product, which will have the product up and running with optimal initial configuration in minutes.
Service documentation
Yes
Documentation formats
HTML
End-of-contract data extraction
All personal and customer's data are treated according to the GDPR.
Users of our solutions must approve the terms of our End User License Agreement (EULA) which covers data collected by products for the purpose of rendering the service: such as user account names, computer names, file names and IP address.
No company information or IP is collected and stored by the Panda Security solutions.
End-of-contract process
14 day grace period upon licence expiry, service ends afterwards.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
No
Service interface
No
API
No
Customisation available
Yes
Description of customisation
Yes - Console and Agent.

The cloud management console allows configurations of multiple profiles and groups for each device and users of the console can have read-only, certain rights or full administration depending on requirements.
Real-time Reporting & Alerts – configurable reports and alert notifications allow you to know the status of your environment in real-time.

Scaling

Independence of resources
Panda Security solutions are deployed and managed through a cloud-environment so are suitable from single devices, to multiple networks with hundreds of thousands of devices.

Analytics

Service usage metrics
Yes
Metrics types
Panda Security offers many analytics on user traffic, all documentation is available at https://www.pandasecurity.com/en/support/#enterprise
Reporting types
Real-time dashboards

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Panda Security

Staff security

Staff security clearance
Staff screening not performed
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
European Economic Area (EEA)
User control over data storage and processing locations
No
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
Less than once a year
Penetration testing approach
In-house
Protecting data at rest
Other
Other data at rest protection approach
All sensitive data sent to the Azure Cloud is encrypted in transit. All managing communication between endpoints and services is encrypted in transit. The logs sent to the collective intelligent platform are anonymized. Encryption is required for accessing sensitive data from anything with a web interface, also from mobile devices (HTTPS to encrypt sensitive data). Depending on the storage service used, we also encrypt data at rest. We have a procedure in place to manage encryption keys and SSL certificates private keys.
(Additional information available upon request).
Data sanitisation process
No
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Reports can be exported in PDF and CSV formats. Security forensic logs collected by the Panda Advanced Reporting Tool can be exported as CSV, LEEF and CEF formats. Panda SIEM Feeder allows custom exports and field matching for importing to company existing SIEM.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
  • LEEF
  • CEF
Data import formats
Other
Other data import formats
Not aplicable

Data-in-transit protection

Data protection between buyer and supplier networks
Other
Other protection between networks
All sensitive data sent to the Azure Cloud is encrypted in transit. All managing communication between endpoints and services is encrypted in transit. The logs sent to the collective intelligent platform are anonymized. Encryption is required for accessing sensitive data from anything with a web interface, also from mobile devices (HTTPS to encrypt sensitive data). Depending on the storage service used, we also encrypt data at rest. We have a procedure in place to manage encryption keys and SSL certificates private keys.
(Additional information available upon request).
Data protection within supplier network
Other
Other protection within supplier network
Access to the Panda endpoint agent has 2FA enabled by default, access to the cloud-based management portal has multi-level access rights and 2FA available.

Availability and resilience

Guaranteed availability
Panda Security guarantees that the service will be available at least 99.5% of the time, covering the infrastructure used by our solutions, specifically, the following systems:
Administration console.
Package downloads for installing the agent as well as the protection for mobile devices, endpoints and Windows servers.
(Additional information available upon request).
Approach to resilience
Additional information available upon request.
Outage reporting
Any availability or service degradation incidents are publicly reported at https://trust.zscaler.com. Support system also notifies all customers and issues a Root Cause Analysis of the incident to the affected clients.

Identity and authentication

User authentication needed
Yes
User authentication
2-factor authentication
Access restrictions in management interfaces and support channels
All personal and customer's data are treated following the GDPR. Users are only provided with access to the network and network services that they have been specifically authorized to use . Only the required access permissions needed for business activities are granted to each user.
A NAC solution is used to assign and manage user assignment to the appropriate network segment.
In addition it is not allowed to export personal data or/and any sensitive or confidential data from corporate applications, unless the DPO or Management expressly grants it, following the applicable regulations. (Additional information available upon reuest).
Access restriction testing frequency
Never
Management access authentication
Other
Description of management access authentication
Panda Cloud service is managed via a single web based (HTTPS) management UI. Authorised users can be created on the hosted DB or it can be integrated with a customer SAML solution for IDP initiated SSO authentication. SAML solutions can in turn support strong authentication, certificate based authentication etc. Admin access logs are available in the admin UI. Configuration audit logs can be exported to CSV format.

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Between 6 months and 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
Between 6 months and 12 months
How long system logs are stored for
Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Additional information available upon request.
ISO/IEC 27001 accreditation date
Additional information available upon request.
What the ISO/IEC 27001 doesn’t cover
Additional information available upon request.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
Panda Adaptive Defense 360 has achieved EAL2+ certification

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Additional information available upon request.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Panda Security regularly provide updates to our solutions, the majority of these require no intervention from the client or require devices to restart.
Typically we provide Major Releases, up to a maximum of three per year, and Minor Releases, up to a maximum of three per year.
Any stoppages required for updates and maintenance the client shall be notified at least 48h in advance via email, and shown in the management console. Such notification shall indicate the approximate start and finish times of the maintenance.
Clients are able to allow these updates when available or schedule for a convenient time.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Additional information available upon request.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Additional information available upon request.
Incident management type
Supplier-defined controls
Incident management approach
The Security Incident Management Procedure initiates when an incident related to data security is detected or notified. This notification may originate from the alerts sent by our products to the console, from the platform's monitoring features, from direct observation of a technician or user, from a ticket sent to CIT Support, or by any other means.
There follows a meeting of the Security Management Committee to formally start the internal Security Incident Management Procedure. This meeting will be attended by the Data Protection Officer and the heads of all other involved areas.
(Additional information available upon request).

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£4.00 a user a year
Discount for educational organisations
No
Free trial available
No

Service documents