Information relating to Networking Equipment: FOI release

Information requested

Networking equipment.

See questions and answers below.

Response

EOS / EOL Networking Equipment

1a. What EOS (end of support) or EOL (end of life) networking equipment do you have in your IT estate?

While our aim is to provide information whenever possible, in this instance an exemption under section 30(c) of FOISA (prejudice to effective conduct of public affairs) applies to your request. Disclosing this information would substantially prejudice our ability to carry out the effective conduct of public affairs. Providing details about the information you have requested into the public domain could subsequently be used by attackers, taking into consideration both the external and insider threat, to evade any protective monitoring we might or might not have in place. This could therefore enable them to target specific types of attack or data exfiltration methods and would constitute substantial prejudice to the effective conduct of public affairs.

Network Lifecycle

2a. Have you conducted a network refresh in the past 36 months?

Yes

2b. If so with which area? (eg Data Centre, Enterprise Networking, Wi-Fi, Security, Collaboration)

Data Centre, Wi-Fi and Collaboration

2c. Which vendor/technology solution was chosen?

Data Centre and Wifi

While our aim is to provide information whenever possible, in this instance an exemption under section 30(c) of FOISA (prejudice to effective conduct of public affairs) applies to your request. Disclosing this information would substantially prejudice our ability to carry out the effective conduct of public affairs. Providing details about the information you have requested into the public domain could subsequently be used by attackers, taking into consideration both the external and insider threat, to evade any protective monitoring we might or might not have in place. This could therefore enable them to target specific types of attack or data exfiltration methods and would constitute substantial prejudice to the effective conduct of public affairs.
Collaboration - Microsoft Teams

2d. Which reseller/partner delivered the solution?

Data Centre and WiFi – Computacenter

Microsoft Teams – We worked with Microsoft to deliver the solution.

2e. Who maintains the solution?

Data Centre and WiFi – Computacenter

Collaboration - The SG IT division ‘iTECS’ maintains Microsoft Teams.

2f. When does the maintenance contract expire/renewal date?

Data Centre and WiFi January 2025

Collaboration - There is no maintenance contract for Microsoft Teams.

Have you conducted a POC (proof of concept) in the last 12 months for any of the below technology areas?

3a. Data centre (yes/no)

No

3b. Enterprise networking (yes/no)

No

3c. Wi-Fi (yes/no)

No

3d. Security (yes/no)

While our aim is to provide information whenever possible, in this instance an exemption under section 30(c) of FOISA (prejudice to effective conduct of public affairs) applies to your request. Disclosing this information would substantially prejudice our ability to carry out the effective conduct of public affairs. Providing details about the information you have requested into the public domain could subsequently be used by attackers, taking into consideration both the external and insider threat, to evade any protective monitoring we might or might not have in place. This could therefore enable them to target specific types of attack or data exfiltration methods and would constitute substantial prejudice to the effective conduct of public affairs.

3e. Collaboration/Microsoft Telephony (calling plan/operator connect/direct routing (yes/no)

No

3f. Network monitoring (yes/no)

No

3g. Which vendor and what equipment was tested?

N/A

3h. Which partner/reseller provided the POC?

N/A

3i. Was the POC successful?

N/A

3j. Do you intend to use the solution in a live environment?

N/A

Do you plan to refresh your network in the next 24 months for any of the below technology areas:-

3a. Data centre (yes/no)

No

3b. Enterprise networking (yes/no)

No

3c. Wi-Fi (yes/no)

No

3d. Security (yes/no)

While our aim is to provide information whenever possible, in this instance an exemption under section 30(c) of FOISA (prejudice to effective conduct of public affairs) applies to your request. Disclosing this information would substantially prejudice our ability to carry out the effective conduct of public affairs. Providing details about the information you have requested into the public domain could subsequently be used by attackers, taking into consideration both the external and insider threat, to evade any protective monitoring we might or might not have in place. This could therefore enable them to target specific types of attack or data exfiltration methods and would constitute substantial prejudice to the effective conduct of public affairs

3e. Collaboration/Microsoft Telephony (yes/no)

Yes

3f. Network monitoring (yes/no)

No

3g. When do you plan to have the new solution implemented? (Specify date)

Collaboration/Microsoft Telephony

Our Microsoft Telephony solution is implemented, and we will be working with our customers in the coming months on migration to the solution where required.

3h. Have you/do you intend to go to RFx for this?

All necessary contracts are already in place for Microsoft Teams Phone.

3i. When do you plan to go to RFx for this?

All necessary contracts are already in place for Microsoft Teams Phone.

Do you have a Cisco estate for any of the below architecture, and what technology/equipment has been implemented?:-

4a. Data centre

4b. Enterprise networking

4c. Wi-Fi

4d. Security

4e. Collaboration 4f.  Network monitoring

While our aim is to provide information whenever possible, in this instance an exemption under section 30(c) of FOISA (prejudice to effective conduct of public affairs) applies to your request. Disclosing this information would substantially prejudice our ability to carry out the effective conduct of public affairs. Providing details about the information you have requested into the public domain could subsequently be used by attackers, taking into consideration both the external and insider threat, to evade any protective monitoring we might or might not have in place. This could therefore enable them to target specific types of attack or data exfiltration methods and would constitute substantial prejudice to the effective conduct of public affairs.

Cisco Support

5a How are you currently supporting your Cisco estate?

5b. Which company sells/provides you with support?

5c. If you outsource support, for which aspects?

5d. How do you keep your equipment/software up to date?

While our aim is to provide information whenever possible, in this instance an exemption under section 30(c) of FOISA (prejudice to effective conduct of public affairs) applies to your request. Disclosing this information would substantially prejudice our ability to carry out the effective conduct of public affairs. Providing details about the information you have requested into the public domain could subsequently be used by attackers, taking into consideration both the external and insider threat, to evade any protective monitoring we might or might not have in place. This could therefore enable them to target specific types of attack or data exfiltration methods and would constitute substantial prejudice to the effective conduct of public affairs.

Cisco Partner/Reseller

6a. Who is the supplier/reseller for Cisco hardware/software?

6b. Do you have a preferred supplier agreement for Cisco hardware/software?

6c. When do these supplier agreements expire?

6d. How long has the current supplier relationship existed?

While our aim is to provide information whenever possible, in this instance an exemption under section 30(c) of FOISA (prejudice to effective conduct of public affairs) applies to your request. Disclosing this information would substantially prejudice our ability to carry out the effective conduct of public affairs. Providing details about the information you have requested into the public domain could subsequently be used by attackers, taking into consideration both the external and insider threat, to evade any protective monitoring we might or might not have in place. This could therefore enable them to target specific types of attack or data exfiltration methods and would constitute substantial prejudice to the effective conduct of public affairs

Cisco Enterprise Agreement (EA)

7a. Do you have a Cisco (EA)?

7b. When is your (EA) contract expiry/renewal date?

7c. Who provides/resells your Cisco (EA)?

While our aim is to provide information whenever possible, in this instance an exemption under section 30(c) of FOISA (prejudice to effective conduct of public affairs) applies to your request. Disclosing this information would substantially prejudice our ability to carry out the effective conduct of public affairs. Providing details about the information you have requested into the public domain could subsequently be used by attackers, taking into consideration both the external and insider threat, to evade any protective monitoring we might or might not have in place. This could therefore enable them to target specific types of attack or data exfiltration methods and would constitute substantial prejudice to the effective conduct of public affairs

Do you have an HP/Aruba estate for any of the below architectures, and what technology/equipment has been implemented?:-

8a. Data centre

8b. Enterprise networking

8c. Wi-Fi

8d. Security

8e. Collaboration

8f. Network monitoring

While our aim is to provide information whenever possible, in this instance an exemption under section 30(c) of FOISA (prejudice to effective conduct of public affairs) applies to your request. Disclosing this information would substantially prejudice our ability to carry out the effective conduct of public affairs. Providing details about the information you have requested into the public domain could subsequently be used by attackers, taking into consideration both the external and insider threat, to evade any protective monitoring we might or might not have in place. This could therefore enable them to target specific types of attack or data exfiltration methods and would constitute substantial prejudice to the effective conduct of public affairs

HP/Aruba Support

9a How are you currently supporting your HP/Aruba estate?

9b. Which company sells/provides you with support?

9c. If you outsource support, for which aspects?

9d. How do you keep your equipment/software up to date?

While our aim is to provide information whenever possible, in this instance an exemption under section 30(c) of FOISA (prejudice to effective conduct of public affairs) applies to your request. Disclosing this information would substantially prejudice our ability to carry out the effective conduct of public affairs. Providing details about the information you have requested into the public domain could subsequently be used by attackers, taking into consideration both the external and insider threat, to evade any protective monitoring we might or might not have in place. This could therefore enable them to target specific types of attack or data exfiltration methods and would constitute substantial prejudice to the effective conduct of public affairs

HP/Aruba Partner/Reseller

10a. Who is the supplier/reseller for HP/Aruba hardware/software?

10b. Do you have a preferred supplier agreement for HP/Aruba hardware/software?

10c. When do these supplier agreements expire?

10d. How long has the current supplier relationship existed?

While our aim is to provide information whenever possible, in this instance an exemption under section 30(c) of FOISA (prejudice to effective conduct of public affairs) applies to your request. Disclosing this information would substantially prejudice our ability to carry out the effective conduct of public affairs. Providing details about the information you have requested into the public domain could subsequently be used by attackers, taking into consideration both the external and insider threat, to evade any protective monitoring we might or might not have in place. This could therefore enable them to target specific types of attack or data exfiltration methods and would constitute substantial prejudice to the effective conduct of public affairs

HP/Aruba Enterprise Agreement (EA)

11a. Do you have an HP/Aruba (EA)?

11b. When is your (EA) contract expiry/renewal date?

11c. Who provides/resells your HP/Aruba (EA)?

While our aim is to provide information whenever possible, in this instance an exemption under section 30(c) of FOISA (prejudice to effective conduct of public affairs) applies to your request. Disclosing this information would substantially prejudice our ability to carry out the effective conduct of public affairs. Providing details about the information you have requested into the public domain could subsequently be used by attackers, taking into consideration both the external and insider threat, to evade any protective monitoring we might or might not have in place. This could therefore enable them to target specific types of attack or data exfiltration methods and would constitute substantial prejudice to the effective conduct of public affairs

Telephony

12a. Do you have ISDN Lines?– Supplier, quantity (lines), contractual position

Supplier	Quantity (lines)	Contractual position
Gamma	1	36 months October 2022 – October 2025 with optional 12-month extension
BT	6	No central contract is currently held with the provider. Individual lines have individual rolling contracts and are not co-termed.
Vodafone	13	No central contract is currently held with the provider. Individual lines have individual rolling contracts and are not co-termed.

12b. Do you have PSTN Lines? – Supplier, quantity (lines), contractual position.

Supplier	Quantity (lines)	Contractual position
Gamma	57	36 months October 2022 – October 2025 with optional 12-month extension
BT	145	No central contract is currently held with the provider. Individual lines have individual rolling contracts and are not co-termed.
Vodafone	212	No central contract is currently held with the provider. Individual lines have individual rolling contracts and are not co-termed.

12c. Do you have SIP Channels? - Supplier, quantity (channels), contractual position.

Supplier	Quantity (channels)	Contractual position
Gamma	800 split 400-400 across 2 datacentres	36 months October 2022 – October 2025 with optional 12-month extension

12d. Have you started/completed projects to prepare for the PSTN switch-off?

Yes, we have began a project to look at connectivity that will be impacted by the PSTN switch-off.

12e. Which technology partner assisted in your PSTN switch-off readiness project?

We have not used a partner to assist in a PSTN switch-off readiness project.

12f. Would you describe your organisation as entirely ready for the PSTN switch-off?

We are currently in a discovery phase and working through the data and with business areas to establish the impact of the PSTN switch-off and the necessary actions required.

12g. PBX (phone system) Make & Model (eg Avaya, Cisco, Mitel), contractual position 12h. Who maintains your PBX (phone system) 12i. How long has the relationship with the maintainer been in place?

We have a Mitel MiVoice Business phone system. The Support and Software Assurance contract ends on 31 March 2024.

12h. Who maintains your PBX (phone system)

Capita Business Services Ltd via Scottish Wide Area Network

12i. How long has the relationship with the maintainer been in place?

The call-off contract with Capita Business Services Ltd for Mitel has been in place since October 2020.

12j. Are you considering or interested in Microsoft Telephony (eg Calling Plans, Direct Routing, Operator connect)?

Yes, we already have contracts in place to deliver an Operator Connect based Microsoft Teams Phone service.

About FOI

The Scottish Government is committed to publishing all information released in response to Freedom of Information requests. View all FOI responses at http://www.gov.scot/foi-responses.