Maple Networks Limited

Maple Networks Hybrid SIEM

Maple Networks Hybrid SIEM Service is built on a NextGen remote logging security platform offered to improve Customers’ security awareness of their infrastructure and application environments. The service provides customers with remote collection and analysis of logs, using an industry-leading cloud native SIEM alongside proactive threat hunting and remediation support.

Features

• Cloud Native SIEM solution in customer own tenancy
• 24x7x365 proactive monitoring
• Integration with current SIEM platform
• Industry specific proactive threat hunting
• Rapid onboarding process
• Flexible service levels and service integration
• Integration across both infrastructure (private/public cloud) and application landscape

Benefits

• 24x7x365 proactive monitoring and management of the platform
• Cloud native solution
• Decoupled system from service - no lock in
• Flexible service levels and service integration
• Rapid onboarding process
• Industry specific proactive threat hunting
• Allows clients to use existing SIEM technology investment.
• Built in Automation and orchestration

£0 to £1 a transaction

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gtetley@maplenetworks.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

974696357928694

Contact

Graham Tetley
07595301202
gtetley@maplenetworks.co.uk

Service scope

• Service constraints: Maple Networks leverage cloud-native technologies as part of the service, as a result, all availability of the platform is constrained to those provided by the cloud hosting provider.; Additional constraints specific to each customer will be discussed during the onboarding process
• System requirements:
  • Syslog server - one virtual machine
  • Sufficient internet connectivity and bandwidth
  • Remote access - as agreed with customer

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: The response is carried out 24x7x365. The response of each incident, change and service request is dependent on the severity of each individual case. Maple Networks supply a standard response SLA which can be changed and agreed by both parties during the onboarding process
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: No
• Support levels: Maple Networks provide a service for this offering. This is provided to our customers 24x7x365. While the availability of the support does not change, there are options to decrease the level of support, for example out of hours support only. Each customer will be provided with the relevant and agreed level of support, which will be agreed and signed up to by both parties.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: All customers will be provided with the relevant training that is specific to their customised service. The training will be delivered remotely and will be delivered against the customer environment to ensure that relevance is applied.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: All data is hosted within the customer's own tenancy so there is no requirement for the data to be extracted at the end of the contract. Maple has specifically designed this as part of the service to create transparency and avoid customer "lock-in".
• End-of-contract process: Given that all data is always owned by the customer and in the customer tenancy, should a customer wish to not renew at the end of the contract, the service will simply end that day. There is no requirement for data transfer. Maple Networks will host a close-down meeting where we will review the service with the customer for continuous improvement, at no additional cost. ; ; The only additional cost would be if the customer wishes to increase the scope of the contract, there are no hidden costs or fees. ; ; Maple Networks is committed to running a reliable, straightforward, cost-effective and transparent service.

Using the service

• Web browser interface: Yes
• Using the web interface: The SIEM platform is hosted within the customer's infrastructure and tenancy, therefore while Maple Networks have access to manage, monitor and maintain the platform, including providing additional proactive services, the customer will also have access to the platform. A change process will be agreed, which will identify the process for when a change is made by either party to ensure that no unnecessary downtime or challenges are incurred.
• Web interface accessibility standard: WCAG 2.1 A
• Web interface accessibility testing: None, however, we are constantly iterating our service and this is on our roadmap
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: Each customer has their requirements deployed within their own tenancy and own environment
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • HTTP request and response status
  • Network
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: Data is held in Microsoft's Azure platform who manage all data according to ISO 27001 standards
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up: Specific to every customer, depending on requirements
• Backup controls: Specific to every customer depending on requirements
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks: IPsec or TLS VPN gateway
• Data protection within supplier network: IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: The solution that is deployed and decoupled from the service is deployed within each customer's own individual tenancy. With that in mind, the availability SLA's are provided by the public cloud provider
• Approach to resilience: The Maple Networks Hybrid SIEM platform is resilient in nature, as a Cloud-based solution everything is hosted within the UK across multiple locations within the UK
• Outage reporting: A public dashboard provided by Microsoft

Identity and authentication

• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Maple Networks use a management interface that is supported and managed internally by the support team, including identity and access management. Identity and Access Management is deployed on a role-based access control bases with users only able to see the information that is relevant to them and their organisation.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: 2-factor authentication
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Other security certifications: Yes
• Any other security certifications: CyberEssentials

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Maple Networks follow a number of different policies that are inline with ISO 27001 and Cyber Essentials

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All configuration and change management processes follow ITIL standards, with bespoke requirements on a per-customer basis identified and adhered to during the onboarding and implementation phase of the project. All processes and procedures will be shared with the customer during the onboarding phase.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: All vulnerability management processes are bespoke with requirements on a per-customer basis identified and documented during the onboarding and implementation phase of the project. All processes and procedures will be shared with the customer during the onboarding phase.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: All protective monitoring processes are bespoke to the requirements on a per-customer basis and are identified and documented during the onboarding and implementation phase of the project. All processes and procedures will be shared with the customer during the onboarding phase.
• Incident management type: Supplier-defined controls
• Incident management approach: All incident management processes follow ITIL standards, with bespoke requirements on a per-customer basis identified and adhered to during the onboarding and implementation phase of the project. All processes and procedures will be shared with the customer during the onboarding phase.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Maple Networks are leveraging public cloud hyperscalers including Microsoft, AWS and GCP all of who have datacentres that adhere to the EU Code of Conduct for effiency

Pricing

• Price: £0 to £1 a transaction
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Draft
• Link to free trial: Draft

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gtetley@maplenetworks.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.