
Managed Embedded Security Controls
A single solution for cloud and network protection
Get 24/7 protection with our fully managed solution.
Get in touch
A complex challenge. A simple solution.
Cloud working, a remote workforce and fixed infrastructures. A complex mix of cloud and network services pose a significant security challenge. Protect your entire estate with our Managed Embedded Security Controls, a single solution that can scale and adapt to your changing needs.
Managed Embedded Security Controls is a cloud-based solution offering Next-Generation Firewall capabilities embedded directly into our network and deployed in a multi-tenanted environment. It provides customers with a secure and flexible network, allowing them to safely embrace a hybrid workplace.
Discover the benefits of our Managed Embedded Security Controls
Full coverage and flexibility
Eliminate complexity. Secure all of your sites wherever they might be located whilst maintaining the ability to add or remove security features for individual sites.
24/7 protection
Get round the clock protection for your network with our fully managed security solution, 365 days a year.
Protection for all users
With our remote user access feature, we can protect all users, whether they are in the office or on the move.
Keep on top of your costs
There’s no need for expensive hardware or on-site equipment, with an OPEX based scalable solution, flexible to your needs. Pay a single monthly bill based on your usage requirements.
Why BT
World-leading security
We have in-depth experience of dynamic threat environments. Protecting our networks from more than 6,500 cyber attacks each day.
Solutions for all sizes
We work with customers of all sizes. And we’ll make sure they deliver for your business.
Specialist partners
We partner with best-in-class security vendors and have access to Europol and National Cyber Security Centre global intelligence.
Useful downloads
Datasheet
Managed Embedded Security Controls
You may be interested in…
FAQs
The Embedded Security Controls platform runs security policies that protect people accessing the internet from your sites. As part of the initial set-up, we’ll work with you to fine-tune these policies. The solution includes a remote access feature, which protects people using the internet when they’re away from your sites: mobile workers, home workers, and so on.
You can apply security policies at a site, which gives you flexibility when you’re setting the policies.
If you want to make tweaks to existing security policies or add new ones, you need to raise a Simple Service Request (SSR). We’ll then make the change for you.
You don’t need to do anything to add a new user. One of the benefits of Embedded Security Controls is that there’s no need to change your service for new hires or leavers - as long as your aggregated bandwidth usage stays the same, you don’t need to make any changes.
Adding a new site is different.
As part of your solution requirements you’ll have told us the number of sites that require internet breakout via the Embedded Security Controls platform. During the initial set up, we’ll have configured the IPSec tunnel on our platform to accept your internet traffic. So when you add a new site, we’ll need to setup a new IPSec tunnel for this site.
As for the initial setup, you’re responsible for configuring the IPSec tunnel on your connectivity CPE.
If you want to add a new site, you’ll need to raise a Complex Service Request (CSR) by contacting your Account Manager.
We have Embedded Security Controls platforms in London, Colindale and Guildford. Each location provides the same level of service and security.
As part of the initial set up process, we’ll provide you with the connection details to forward your internet traffic to the appropriate Embedded Security Controls platform.
When we release a new feature within the feature bundle you’ve purchased, we’ll let you know. As soon as the feature’s available, we’ll help you set it up. Sometimes there may be an installation fee to set up the new feature.
We’ll make updates to the Embedded Security Controls platform available to you at our discretion. As we’re working with a multi-tenanted platform, we may be unable to agree a rollout plan that fits with every organisations ideal. We’ll let you know of any scheduled updates and what, if any, impact you may experience.
We host our Embedded Security Controls solution in BT datacentres. We underpin the solution with award-winning Palo Alto next-generation firewalls. Palo Alto provide firewall updates, which we roll out at our discretion. We manage and deliver the configuration of tunnels and the configuration of your security policies.
As the Managed Embedded Security Controls solution is a multi-tenanted platform, we may be unable to agree a release cycle for updates and bug fixes that best suits your organisation. If we have an urgent update or bug fix to deploy, we’ll update the platform as soon as possible.
If we deem an update to not be urgent, we will release the update or bug fix at our discretion. In both scenarios, we’ll let you know before the update takes place what, if any, impact you may face.
You can select as many of the security features as you would like for each of your sites. For example, you might choose to take five features for site A, and four features for site B.
You can also select the aggregated bandwidth that you need for your organisation.
We’ll roll out a base policy security configuration for each of the security features you select. This should help reduce the amount of customisation required as part of the initial set up. We’ll agree and sign off all of the security policies with you before we apply them. You have the option to change and tailor these to your organisation’s requirements.
When the solution’s in-life, you have the option to change all of your security policies through our SSR process.
You can’t do any customisation outside of the core product functionality.
Yes. As an admin, you’ll be using two portals: BT My Account; and the Security Hub.
You access the Security Hub through My Account, which uses multi factor-authentication. Once logged in, you’ll be able to launch the Security Hub portal without needing to provide further user credentials
Yes. We’ll give you access to the Security Hub portal (accessible via the My Account portal), where you’ll be able to access a number of reports.
For further information on what reports are available, please refer to the service description.
Yes. Reports are available on the Security Hub portal in real time.
Support is available 24/7/365 via phone call, the My Account portal, and through online content for all components of your Embedded Security Controls service.
As your Embedded Security Controls solution is a cloud-based solution, there’s no equipment to maintain or repair.
If you experience any problems with your service, we’ll prioritise any incidents you report to our help desk according to their severity. We’ll aim to fix and resolve your incident within the target times for the priority level.