Maple Networks Limited

Maple Networks Hybrid SIEM

Maple Networks Hybrid SIEM Service is built on a NextGen remote logging security platform offered to improve Customers’ security awareness of their infrastructure and application environments. The service provides customers with remote collection and analysis of logs, using an industry-leading cloud native SIEM alongside proactive threat hunting and remediation support.

Features

  • Cloud Native SIEM solution in customer own tenancy
  • 24x7x365 proactive monitoring
  • Integration with current SIEM platform
  • Industry specific proactive threat hunting
  • Rapid onboarding process
  • Flexible service levels and service integration
  • Integration across both infrastructure (private/public cloud) and application landscape

Benefits

  • 24x7x365 proactive monitoring and management of the platform
  • Cloud native solution
  • Decoupled system from service - no lock in
  • Flexible service levels and service integration
  • Rapid onboarding process
  • Industry specific proactive threat hunting
  • Allows clients to use existing SIEM technology investment.
  • Built in Automation and orchestration

Pricing

£0 to £1 a transaction

  • Education pricing available
  • Free trial available

Service documents

Framework

G-Cloud 12

Service ID

9 7 4 6 9 6 3 5 7 9 2 8 6 9 4

Contact

Maple Networks Limited Graham Tetley
Telephone: 07595301202
Email: gtetley@maplenetworks.co.uk

Service scope

Service constraints
Maple Networks leverage cloud-native technologies as part of the service, as a result, all availability of the platform is constrained to those provided by the cloud hosting provider.
Additional constraints specific to each customer will be discussed during the onboarding process
System requirements
  • Syslog server - one virtual machine
  • Sufficient internet connectivity and bandwidth
  • Remote access - as agreed with customer

User support

Email or online ticketing support
Email or online ticketing
Support response times
The response is carried out 24x7x365. The response of each incident, change and service request is dependent on the severity of each individual case. Maple Networks supply a standard response SLA which can be changed and agreed by both parties during the onboarding process
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
No
Support levels
Maple Networks provide a service for this offering. This is provided to our customers 24x7x365. While the availability of the support does not change, there are options to decrease the level of support, for example out of hours support only. Each customer will be provided with the relevant and agreed level of support, which will be agreed and signed up to by both parties.
Support available to third parties
No

Onboarding and offboarding

Getting started
All customers will be provided with the relevant training that is specific to their customised service. The training will be delivered remotely and will be delivered against the customer environment to ensure that relevance is applied.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
All data is hosted within the customer's own tenancy so there is no requirement for the data to be extracted at the end of the contract. Maple has specifically designed this as part of the service to create transparency and avoid customer "lock-in".
End-of-contract process
Given that all data is always owned by the customer and in the customer tenancy, should a customer wish to not renew at the end of the contract, the service will simply end that day. There is no requirement for data transfer. Maple Networks will host a close-down meeting where we will review the service with the customer for continuous improvement, at no additional cost.

The only additional cost would be if the customer wishes to increase the scope of the contract, there are no hidden costs or fees.

Maple Networks is committed to running a reliable, straightforward, cost-effective and transparent service.

Using the service

Web browser interface
Yes
Using the web interface
The SIEM platform is hosted within the customer's infrastructure and tenancy, therefore while Maple Networks have access to manage, monitor and maintain the platform, including providing additional proactive services, the customer will also have access to the platform. A change process will be agreed, which will identify the process for when a change is made by either party to ensure that no unnecessary downtime or challenges are incurred.
Web interface accessibility standard
WCAG 2.1 A
Web interface accessibility testing
None, however, we are constantly iterating our service and this is on our roadmap
API
No
Command line interface
No

Scaling

Scaling available
Yes
Scaling type
Automatic
Independence of resources
Each customer has their requirements deployed within their own tenancy and own environment
Usage notifications
Yes
Usage reporting
Email

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • HTTP request and response status
  • Network
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Microsoft

Staff security

Staff security clearance
Staff screening not performed
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Other
Other data at rest protection approach
Data is held in Microsoft's Azure platform who manage all data according to ISO 27001 standards
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Backup and recovery

Backup and recovery
Yes
What’s backed up
Specific to every customer, depending on requirements
Backup controls
Specific to every customer depending on requirements
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Users contact the support team to schedule backups
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
IPsec or TLS VPN gateway
Data protection within supplier network
IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
The solution that is deployed and decoupled from the service is deployed within each customer's own individual tenancy. With that in mind, the availability SLA's are provided by the public cloud provider
Approach to resilience
The Maple Networks Hybrid SIEM platform is resilient in nature, as a Cloud-based solution everything is hosted within the UK across multiple locations within the UK
Outage reporting
A public dashboard provided by Microsoft

Identity and authentication

User authentication
Username or password
Access restrictions in management interfaces and support channels
Maple Networks use a management interface that is supported and managed internally by the support team, including identity and access management. Identity and Access Management is deployed on a role-based access control bases with users only able to see the information that is relevant to them and their organisation.
Access restriction testing frequency
At least every 6 months
Management access authentication
2-factor authentication
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
CyberEssentials

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Maple Networks follow a number of different policies that are inline with ISO 27001 and Cyber Essentials

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All configuration and change management processes follow ITIL standards, with bespoke requirements on a per-customer basis identified and adhered to during the onboarding and implementation phase of the project. All processes and procedures will be shared with the customer during the onboarding phase.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
All vulnerability management processes are bespoke with requirements on a per-customer basis identified and documented during the onboarding and implementation phase of the project. All processes and procedures will be shared with the customer during the onboarding phase.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
All protective monitoring processes are bespoke to the requirements on a per-customer basis and are identified and documented during the onboarding and implementation phase of the project. All processes and procedures will be shared with the customer during the onboarding phase.
Incident management type
Supplier-defined controls
Incident management approach
All incident management processes follow ITIL standards, with bespoke requirements on a per-customer basis identified and adhered to during the onboarding and implementation phase of the project. All processes and procedures will be shared with the customer during the onboarding phase.

Secure development

Approach to secure software development best practice
Supplier-defined process

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
No

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
Maple Networks are leveraging public cloud hyperscalers including Microsoft, AWS and GCP all of who have datacentres that adhere to the EU Code of Conduct for effiency

Pricing

Price
£0 to £1 a transaction
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Draft
Link to free trial
Draft

Service documents