ANS Group


ANS Private Dedicated Container Platform Services can provide dedicated bare metal, virtual machines or hybrid infrastructure running one or more Kubernetes clusters managed via Rancher. This provides a secure, flexible and scalable environment with a performant and redundant platform designed for rapid automated application deployment.


  • Dedicated and secure
  • Kubernetes/Rancher based infrastructure.
  • Can be installed on bare metal or our eCloud portfolio.
  • Based on proven Open Source technology.
  • Small initial footprint that can scale effectively.
  • Interoperable with existing ANS solutions.
  • API Scriptable.
  • Consultancy process compliant with ITIL best practice.
  • Highly qualified, UK-based, certified support available 24/7/365


  • Container based application deployments promote faster development.
  • Consistent way to run code locally, in staging and production.
  • Simplifies testing and debugging by removing environmental inconsistencies.
  • Containerised applications require less resource compared to VM based deployments.
  • Server resource is dedicated to running applications giving better density.
  • Kubernetes includes functionality for rolling deployments and automated rollback.
  • Reducing risks when deploying application code to production environments.
  • UK-based, ISO-accredited data centres, owned and operated by ANS.


£165 a unit a month

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

1 0 4 0 4 4 9 3 5 9 3 2 0 7 7


ANS Group Anthony Maxwell
Telephone: +44 (0) 1612271000

Service scope

Service constraints
All planned maintenance is covered by a mandatory 5 day notice period. We reserve the right to conduct unplanned emergency maintenance where necessary, but will always make reasonable efforts to inform impacted customers before work commences. Support is limited to services, hardware and applications provided by ANS and does not extend into the customer's application stack.
System requirements
  • Proof of license ownership for customer-provided Microsoft licenses
  • Customers must adhere to fair use policy and ToS

User support

Email or online ticketing support
Email or online ticketing
Support response times
Calls are responded to within 6 rings. Service Ticket response time is dependent on the criticality: 1. Critical - Immediate Response 2. High - Response within 10 minutes 3. Medium - Response within 1 hour 4. Low - Response within 4 hours 5. Very Low - Response within 24 hours. The standard SLA response times are applicable from 09:00 to 17:00 Monday to Friday (excluding UK Bank Holidays). 365/24/7 Support is also available as a service at an additional cost.
User can manage status and priority of support tickets
Online ticketing support accessibility
None or don’t know
Phone support
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
Via an online portal
Web chat accessibility testing
Onsite support
Yes, at extra cost
Support levels
All ANS customers have access to ticket and telephone-based support, unless they choose to take an unmanaged service.

Customers have access to a named Account Manager who takes overall responsibility for the customer's commercial, technical and support relationship with ANS.

Customers are assigned a support "pod" based on the type of solution they have with ANS. This ensures customers will always be supported by the same core team of support engineers who are technical experts in their particular solution.

Enterprise and public sector customers also have access to a named Service Manager in addition to their Account Manager.
Support available to third parties

Onboarding and offboarding

Getting started
We offer services to enable seamless on-boarding and collaborate to design a bespoke solution to meet your requirements. An onboarding process would typically include - Discovery process / Timeline setting / Risk assessment / Implementation process / Quality Assurance
Service documentation
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
At the end of the contract any customer data stored will only be extracted by ANS with the prior consent of the customer.
ANS shall purge and destroy (as defined in security accreditation for different ILs) customer data from any of its own equipment after the contract ends.
End-of-contract process
A similar process to on-boarding is provided for customers wishing to leave ANS. We provide full transitional services at an additional charge (please refer to the pricing document for more details). An example phased off-boarding process is as follows:
1. Discovery: ANS meets the customer’s new provider who will lead the project
2. Timelines: Timelines are agreed where possible and alternatives offered when needed
3. Risk: ANS identifies any risks that may not be apparent to the new provider or that are inherent to the ANS solution
4. Implementation: ANS assists the new provider if needed
5. Quality Assurance: ANS offers a debrief and review meeting if the new provider requires.

Using the service

Web browser interface
Using the web interface
Glass is the customer's web interface where they can manager all aspects of their solution - for example creating/managing/deleting/scaling virtual machines, managing reports and monitoring alerts, firewall configuration and more.
Web interface accessibility standard
None or don’t know
How the web interface is accessible
Glass is in the process of being rebuilt from the ground up. This will deliver a fully-accessible web interface.
Web interface accessibility testing
Testing against WCAG has been performed to understand requirements for Glass rebuild.
What users can and can't do using the API
Manage Servers
Manage firewalls
API automation tools
  • Ansible
  • Chef
  • SaltStack
  • Puppet
  • Other
Other API automation tools
Any appropriate tool can be used
API documentation
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • PDF
  • Other
Command line interface


Scaling available
Scaling type
Independence of resources
Service designed to scale within the capabilities outlined by the platform the containers are hosted upon.
Usage notifications


Infrastructure or application metrics
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
  • Other
Other metrics
Application Services
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
Other data at rest protection approach
Option to encrypt data at rest using additional applications.
Data sanitisation process
Data sanitisation type
Hardware containing data is completely destroyed
Equipment disposal approach
In-house destruction process

Backup and recovery

Backup and recovery
What’s backed up
  • Files
  • Folders
  • Virtual Machines
  • Databases
  • Operating Systems (Linux and Windows)
  • Microsoft Exchange Servers
  • Active Directory
  • Container State Files
Backup controls
ANS will agree and implement a robust and granular backup schedule on the customer's behalf
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Users contact the support team to schedule backups
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network
Via Private Network or Public Sector Network

Availability and resilience

Guaranteed availability
Infrastructure availability - 99.95%
Availability is based on the total number of operating hours of a given calendar month and excludes planned and emergency maintenance.
Service credits of up to 10% of the standard monthly support fee are payable for any month where the availability SLA is not met.
Approach to resilience
ANS owns and operates a 5.52MW tier 3 1,000 rack data centre estate. This contains multiple physically separate buildings, connected by dedicated fibre. High voltage power connections are provided from separate primary sub-stations. All mission-critical services including Standby Generation, Cooling systems and UPS (uninterruptible power system) are provided at N+1 or greater across the whole facility. The complex has a power density of over 6KW per square foot, providing diverse A & B power to each data rack, and all eCloud service platforms are supported from quadruple power feeds. The data centre complex is supported by 9MW of standby generation with over 100,000 litres of fuel storage and eight hour fuel supply SLA. All critical services are supported by 4.6MW of UPS power and 4.9MW of data centre cooling. The public sector hosting suite has fully resilient networking, switches, carrier-redundant leased lines, power and backup generators, all separated from the rest of the ANS network and data centre complex.
Outage reporting
A public status page is available on the ANS website, which shows live status of our core network and infrastructure along with details of any incidents. Customer notifications are managed via our ticketing system accessible via Glass.

Identity and authentication

User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Separate accounts are required for Administrative Access, with authentication and authorisation controls applied to all Administrative functions. SSH access to the Virtual machines command line, and RDP sessions requires key-based authentication from a specified source location into a bastion host, which then requires further authentication and account escalation at each onward connection to the specific administrative services.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Other
Description of management access authentication
Management access is typically from dedicated OOB Management networks, external access is restricted by source address and requires key based auth to a bastion host server from which secondary logins and privilege escalation is required.
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

Access to user activity audit information
Users receive audit information on a regular basis
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users receive audit information on a regular basis
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
Any specific processes or procedures agreed with Accreditors or regulatory bodies where required to meet specific organisational requirements for protectively marked data.
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Who accredited the PCI DSS certification
URM Consultancy Services Ltd
PCI DSS accreditation date
What the PCI DSS doesn’t cover
Cyber essentials
Cyber essentials plus
Other security certifications
Any other security certifications
  • Advanced Security Architecture Account Manager Representative (CQS-ASAAMR - 1)
  • Advanced Security Architecture Field Engineer Representative CQS-ASAFER – 1)
  • Advanced Security Architecture System Engineer Representative CQS-ASASER -1)
  • Content Security Systems Engineer Representative (CH-CSSER – 1)
  • Cisco Certified Networking Associate Security (CCNA-Sec- 10)
  • Cisco Certified Network Professional Security Specialised ( CCNP-SEC -1)
  • Cisco Certified Internetwork Expert Security (CCIE-Security – 2)
  • ISO 27017:2015 - Information security controls for cloud services
  • ISO 27018:2019 - Protection of PII in public clouds
  • ISO 22301:2020 - Business continuity management systems

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
Formal Accreditation from CyDR, Cyber Essentials, IASME Governance

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Internal ANS Change is managed through the application of standard project management process with all projects progressing through approval, CAB review and sign off by stage. All ANS Business Change includes the following managed stages (whether these are deployed on a formal or informal basis is determined by the size of the project, by cost, resource application and risk):

• Executive or Higher Management sponsor
• Business Case and Success Criteria
• Scope definition
• Documentation
• Risk & Opportunity assessment
• Milestone or stage review
• Stage sign off
• Final Review
• Testing
• Deployment
• Lessons Learned
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
ANS monitor threat sources, including CERT to gain information about potential threats. Vulnerabilities and Remediation activities are assessed to determine the priority, with patches being applied within the hour for critical security issues through to monthly patching for routine updates.
Though these are developed in line with ISO27001 and Cyber Essentials, the vulnerability management approach is dictated by the specific requirements of the Service and customer requirements.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
ANS employ protective monitoring services in compliance with Protective Monitoring for HMG ICT systems (formerly GPG-13).
Incident management type
Supplier-defined controls
Incident management approach
In addition to our ITIL based in-house incdient management processes, ANS provide compliance incident manaement for Government departments and their suppliers , providing communication, alerts, reporting and shared monitoring with customer security and assurance teams. Users should report incidents to the first line Service Desk team, either by phone, email or via the web-portal. Incident reports are provided as part of the reporting cycle, with exceptional RCA and incident reports provided for security incidents.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Who implements virtualisation
Virtualisation technologies used
Other virtualisation technology used
VLAN Separation
How shared infrastructure is kept separate
Customers are offered their own dedicated hardware which is separated out at the Vmware layer. Independent network VLANs are offered to each customer and all virtual machines are housed behind their own dedicated firewalls. Finally, customers are offered their own storage partitions from either a dedicated or shared SAN implementation.

Energy efficiency

Energy-efficient datacentres
Description of energy efficient datacentres
As part of ANS's continual improvement programme, ANS will develop and implement an environmental management system which is in line with ISO 14001:2004 standard and contains only those initiatives which can be objectively audited.

In addition ANS will continually monitor and measure its Carbon Footprint as directed by the ISO 14064-1:2006(E) standard and guidance issued by both the DECC and Defra. Further, ANS will ensure that all ANS Business Operations may be demonstrated to be Carbon Neutral by adherence to the PAS 2060:2010 specification.

Through the ANS environmental programme, ANS will strive to:

Achieve 100% carbon neutrality for business operations.
To reduce business operation CO2e by 2%, year on year.
Achieve the award of a Carbon Trust Stamp for the ANS EMS and carbon offset actions.
Achieve 100% carbon neutrality for client solutions.
Continue to achieve independent, third party PAS 2060 certification in respect to demonstrating carbon neutrality.

Social Value

Fighting climate change

Fighting climate change

As a company built on our culture and values, we are committed to protecting the natural world and being socially responsible. From sourcing 100% of our electricity from renewable sources, to reducing the waste arising from commercial activities and increasing the percentage of waste recycled each year, we have instilled eco-friendly practices into everything we do. In the past few years ANS has:
- Sent over 10 tons of old servers for recycling with all profits going to charity
- Going 100% LED for our lighting in 2022, saving 50% in energy use
- We’re relocating data centre cooling equipment in 2022 to reduce the solar gains and save energy
- The majority of staff PCs are now laptops and we’ve removed old, inefficient computers
- We report our data centre energy use to TechUK and through our efficiency receive reductions in the climate change levy part of our electric bill
- We are ISO 14001 certified for environmental management and audited twice a year.

It doesn’t stop there. We encourage our employees to be environmentally conscious through our environmental training, cycle to work and electric car schemes, providing video conferencing tools and work from home programs to avoid unnecessary travel, targeted digital messaging and eco-friendly campaigns.
Equal opportunity

Equal opportunity

ANS recognises equity and fairness throughout the business and that discrimination in any form is unacceptable. Equal opportunities has long been a feature of our employment practices and procedure, that’s why we have an equal opportunities policy in place. Breaches of the policy will lead to disciplinary proceedings and, if appropriate, disciplinary action.

The aim of the policy is to ensure no job applicant, employee or worker is discriminated against either directly or indirectly on the grounds of race, colour, ethnic or national origin, religious belief, political opinion or affiliation, sex, marital status, sexual orientation, gender reassignment, age or disability. We ensure the policy is circulated to any agencies responsible for our recruitment and a copy of the policy will be made available for all employees and made known to all applicants for employment.

ANS are proud to be a Disability Confident Employer. The scheme, set up by the Department for Work and Pensions, is designed to help employers recruit and retain disabled people and people with health conditions for their skills and talent. As a Disability Confident committed employer, ANS is providing inclusive and flexible recruitment processes such as offering video interviews and supporting flexible working patterns where possible. We also ensure our workplace is suitable to support any employee that may have a disability.


£165 a unit a month
Discount for educational organisations
Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.