Infrastructure information
Dear Cranfield University,
Under the Freedom of Information Act 2000 may I kindly request the following information about the Universities IT Infrastructure. The information needed is as follows:
IT Compliant Route to purchase
What Frameworks are used for IT Procurement? (ie. SSSNA, NEUPC, Janet, CCS, CPC)?
Is IT purchasing devolved or all controlled by Central IT Services?
Network
Network vendor?
Do you use Smart Collector?
How many switches?
How many routers?
How many wireless controllers / AP’s?
Network speed?
Network contract start date?
Date Network Support ends / is refreshed?
Value of existing Network support contract?
Network virtualisation?
Security
IT Security vendors used?
IT Security Support renewal date?
Do you use 2FA?
What web and email filtering is used?
What DLP is in place?
What SIEM solution is used?
What intrusion prevention is used?
What endpoint security is used?
Data Destruction
Given the new GDPR Laws taking effect next year………
Is there a Data Destruction Policy in place?
Do you destroy HDD onsite or outsource the service?
Current Supplier of HDD destruction services?
Are they CESG / ADISA approved and to what level?
Is the HDD wiped / degaussed before leaving your datacentre?
Approx Number of drives destroyed/wiped per annum?
Thanking You
Yours faithfully,
Francois Charles
Dear Mr Charles,
Thank you for your request made under the freedom of information Act 2000.
I confirm that this is being considered and we will respond as soon as possible and in any case within 20 working days.
Yours sincerely
Mary Betts-Gray, MA (Hons), MCLIP, FHEA, PC.foi
Freedom of Information Officer
Cranfield University
Cranfield
Bedford
MK43 0AL
Tel: +44 (0)1234 754331
Fax: +44 (0)1234 751806
E-mail: [Cranfield University request email]
http://www.cranfield.ac.uk/legal/foi/ind...
This email and any attachments to it may be confidential and are intended only for the named addressee. If you are not the named addressee, please accept our apology, notify the sender immediately and then delete the email. We request that you do not disclose, use, copy or distribute any information within it.
Any opinions expressed are not necessarily the corporate view of Cranfield University. This email is not intended to be contractually binding unless specifically stated and the sender is an authorised University signatory.
Whilst we have taken steps to ensure that this email and all attachments are free from any virus, we advise that, in keeping with good computing practice, the recipient should ensure they are actually virus free.
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Dear Mr Charles,
Thank you for your request, dated 29 August, made under the Freedom of Information Act 2000.
You requested information about
"IT infrastructure"
Cranfield University has now completed its search for the information requested and can confirm that we do hold information. Please see our responses below.
IT Compliant Route to purchase
What Frameworks are used for IT Procurement? (ie. SSSNA, NEUPC, Janet, CCS, CPC)? The HE/Government frameworks quoted will be our first consideration for procurement. However we will also use our own procurement framework when we believe we can obtain a better outcome.
Is IT purchasing devolved or all controlled by Central IT Services? The vast majority of IT purchasing is via the central IT team supported by our Procurement team.
Network
Network vendor? We operate a mixed vendor network, including products from HPE/Aruba, Extreme Networks, Fortinet and Juniper
Do you use Smart Collector? No
How many switches? Approximately 600
How many routers? 15
How many wireless controllers / AP’s? 8 wireless controllers, approximately 950 APs
Network speed? Edge network is 1Gbps, Core interlinks 40Gbps
Network contract start date? February 2012
Date Network Support ends / is refreshed? Annual renewal every February
Value of existing Network support contract? £23,000 per annum
Network virtualisation? No
Security
IT Security vendors used? Becrypt, Fortinet, Rapid7, Symantec and Trend
IT Security Support renewal date? Becrypt (January 2018), Clam (Not applicable), Fortinet (February 2020), Rapid7 (September 2019), Symantec (June 2018) and Trend (May 2018)
Do you use 2FA? No
What web and email filtering is used? Web – None. Email – SpamAssassin, Clam and Symantec
What DLP is in place? None
What SIEM solution is used? None
What intrusion prevention is used? Fortinet, Suricata
What endpoint security is used? Symantec
Data Destruction
Given the new GDPR Laws taking effect next year……… Is there a Data Destruction Policy in place? No - There are both a Personal Data Retention Schedule and a Secure IT Disposal Policy in place
Do you destroy HDD onsite or outsource the service? Outsource the service
Current Supplier of HDD destruction services? Secure I.T. Disposals Ltd
Are they CESG / ADISA approved and to what level? Yes: CESG - TOP SECRET and below against Sanitisation Version 2.0 ADISA - Pass with Distinction
Is the HDD wiped / degaussed before leaving your datacentre? No - Secure transport to destruction site
Approx Number of drives destroyed/wiped per annum? 350
Should you have any queries with regard to the information provided please do not hesitate to contact me.
If you are unhappy with the way in which your request has been dealt with please refer to our internal appeals procedure http://www.cranfield.ac.uk/about/governa...
If you remain dissatisfied with the handling of your request or complaint you have a right to appeal to the Information Commissioner at:
The Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
Telephone: 08456 306060 or 01625 545745.
Website: www.ico.gov.uk
Yours sincerely
Mary Betts-Gray, MA (Hons), MCLIP, FHEA, PC.foi Freedom of Information Officer Cranfield University Cranfield Bedford
MK43 0AL
Tel: +44 (0)1234 754331
Fax: +44 (0)1234 751806
E-mail: [Cranfield University request email]
http://www.cranfield.ac.uk/legal/foi/ind...
This email and any attachments to it may be confidential and are intended only for the named addressee. If you are not the named addressee, please accept our apology, notify the sender immediately and then delete the email. We request that you do not disclose, use, copy or distribute any information within it.
Any opinions expressed are not necessarily the corporate view of Cranfield University. This email is not intended to be contractually binding unless specifically stated and the sender is an authorised University signatory.
Whilst we have taken steps to ensure that this email and all attachments are free from any virus, we advise that, in keeping with good computing practice, the recipient should ensure they are actually virus free.
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
We work to defend the right to FOI for everyone
Help us protect your right to hold public authorities to account. Donate and support our work.
Donate Now