See some frequently asked questions about our SASE platform. Alternatively, if you have any questions, contact a member of our team.

SASE stands for 'Secure Access Service Edge'. It's a term coined by Gartner to describe a cloud-based, unified approach to networking and cyber security. It's a relatively new term, so expect to see many different interpretations of it in the marketplace.

SSE stands for 'Secure Service Edge'. It's a variant of a SASE without the networking aspects. An SSE approach basically focusses on a unified approach to deploying a range of security tools throughout the business.

We find SASE providers tend to fall into one of two categories. A Vendor, or a Managed Service Provider (MSP).

Vendors love to compare spec. Since SASE was coined, vendors have been competing to develop the 'most complete' set of security and network capabilities. When it comes to deployment and configuration, vendors don't often get involved. You will be responsible for the management side of things.

MSP's bring together services from a number of vendors and amalgamate them into one deal. They then provide a support wrapper on top. However, this creates a middleman between you and the companies providing your services. You may get one contract, but the experience may not be totally joined up, depending on the mish mash of solutions your MSP has put together.

Cloud Gateway is neither a vendor, nor an MSP - but we're also kind of both! Let us explain...

We provide what we call a 'SASE Platform'. The platform is built from intelligent software that orchestrates industry leading network and cyber security technologies. The platform acts as a digital foundation, allowing you to pick the services you need right now, and giving you scope to grow and expand in future. We work with you to design, build and deploy your solution. Once live, we provide a fully managed service, complete with dedicated support staff, and backed by an SLA.

The best vendor technology, a single platform experience, peace of mind from a fully managed service. That's how Cloud Gateway do SASE.

A SASE approach can be adopted by any organisation that wants to simplify their network, and secure it. We work with both the Private and Public Sectors, from Health, Central and Local Government, Police, Finance, and more. Check out some of our case studies in our knowledge centre

Connect Pillar:

Cloud Connectivity

VPN Site Connectivity

Data Centre Connectivity

Managed WAN

Remote Access

HSCN Connectivity

PSN Connectivity

Protect Pillar:

Foundation Security

Firewall-as-a-Service (FWaaS)

Secure Web Gateway (SWG)

Web Application Firewall (WAF)

Inspect Pillar:

My Cloud Gateway

Advanced Monitoring & Analytics

SIEM / SOC Integration

PSN / HSCN Model Office

We offer three core services, PRISM, Health Connect and PSN Connect.

PRISM is a service that allows you to mix and match connectivity and security products within one platform deployment. Health Connect and PSN Connect are pre-packed services that contain a set of products out of the box.

PRISM is our flagship SASE service offering. It is powered by a platform that lays a digital foundation from which you can build your network and cyber security ecosystem.

Health Connect is a bespoke solution for the health sector. It is designed to offer simple, rapid connectivity to the Health and Social Care Network (HSCN) from a range of locations.

PSN Connect is a bespoke solution for the public sector. It helps you to achieve fast, easy connectivity to the Public Services Network from a physical site, a cloud environment or your remote user base.

No - we provide a fully managed service. All changes are managed on your behalf via a simple ticketing system on the My Cloud Gateway Portal.

At the moment, we take care of the platform management as part of the service. You can make a small number of simple changes via My Cloud Gateway right now. In future, we plan to launch a range of self-management features that allow you to take control of the platform if you wish. Watch this space!

Our platforms are almost entirely cloud-native. We like to remain flexible, so we have developed the platform in such a way that it can be deployed on physical or virtual infrastructure. There may also be some physical network components to and from your private network, the internet and to the cloud fabric. A blend of cloud and physical infrastructure allows us to leverage the benefits of cloud such as elasticity, auto-scaling and improved resilience, but also maximise availability to deliver the correctly sized platform at the moment you need it.

We select best-of-breed vendor technologies that may vary depending on the exact use case or customer architecture. We are capable of using devices from some of the most recognisable names in the industry.

PRISM is sold on a subscription basis, usually for 1, 3 or 5 years. Pricing is based on the bandwidth of the platform. Some costs (like Remote Access) are based on the number of users.

Cloud Connectivity lets you connect quickly and securely to any Cloud Service Provider (CSP) of your choice, or multiple providers. Cloud Connectivity can be deployed in two ways:

- A private connection via a dedicated on-ramp through our UK data centre presence

- A public connection via IPSec VPN deployed over the internet

By using Cloud Connectivity, you can link your cloud environments to other network endpoints

Via our cloud on-ramp we can connect to hundreds of CSPs. This includes major providers like Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP) and Oracle.

If we have all of the necessary information to make the connection, it can take a matter of minutes.

VPN Site Connectivity Connectivity uses IPSec VPN to connect your sites to the wider network, using your own existing internet circuits and hardware.

Data Centre Connectivity enables you to connect your SASE Platform to your own data centre presence, or an existing MPLS network provider. If you (or your MPLS provider) is present in the same carrier-neutral data centres as us, we can establish a connection.

Managed WAN enables you to employ Cloud Gateway to be your WAN (Wide Area Network) provider. Managed WAN involves delivery of physical circuit(s) to site, installation/configuration of a network device, and Customer Premises Equipment (CPE).

Remote Access gives you a scalable, secure way for remote workers to access information and applications on the network - from anywhere. A SSL-VPN client is installed on each end user device and uses the internet to connect back to Cloud Gateway.

PSN Connectivity enables customers to connect quickly and securely to the Public Services Network. PSN Connectivity provides a resilient IP connection to the PSN network in line with PSN compliance.

HSCN Connectivity enables customers to connect quickly and securely to The Health and Social Care Network. The HSCN is an essential network for both public and private health organisations.

We work closely with cyber security partners and have relationships with the National Cyber Security Centre (NCSC), to ensure we are always improving the security of our own infrastructure. The security services we provide are constantly updating dynamically in accordance with the latest emerging threats.

Foundation Security is the base level security we offer as part of the platform. It provides configurable firewall capabilities to manage and control the traffic passing through the platform from any/all connected endpoints.

Foundation Security consists of Layer 3 / Layer 4 Firewall capabilities.

FWaaS provides advanced security through configurable firewall and UTM (Unified Threat Management) capabilities to manage and control traffic passing through the platform.

FWaaS includes:

Layer 3 / Layer 4 Firewall

Geo-IP Blocking & IP Reputation configurations

Anti Virus & Anti Malware

IPS / IDS (Intrusion Protection / Detection System)

Deep Packet Inspection (DPI)

Secure Web Gateway provides centralised, controlled access to the internet. Secure Web Gateway includes:

URL Filtering

DNS Inspection

Application Control

Proxy Services

Deep Packet Inspection (DPI)

WAF is a highly sophisticated, configurable firewall that protects your web applications from malicious attacks. Equipped with a comprehensive suite of protective features, WAF sits between external consumers and the web applications, safeguarding critical business data from a host of potential threats.

Yes. As part of the service you'll receive logins to the My Cloud Gateway Portal. My Cloud Gateway gives you a window into the traffic and security logs generated by our SASE Platform.

It contains:

Connectivity and Security Dashboards

Licence utilisation data and bandwidth usage

Firewall policy information

Support / ticket management

Advanced Monitoring & Analytics gives you access to an additional separate web portal environment. It is offered in addition to the default metrics that are provided with the My Cloud Gateway Portal. In here, you can create your own filters, searches and view log activity in more granular detail.

Yes. A wealth of data is generated by the platform. We can push this data to your SIEM / SOC tooling to get even greater value out of your platform.

SIEM/SOC Integration enables customers to receive logs from our security components, to their chosen SIEM solution for further analysis.

Got a question for us?

If you haven't found the answer to your question. Get in touch we'd be delighted to help.

Contact us