Sandhill Consultants Ltd

Foglight (All products)

Proactively monitor the health and performance of all your database platforms with a robust database monitoring tool. With Foglight for Databases, DBAs gain unprecedented visibility across their database platforms. From one simple-to-use console, they can quickly diagnose and resolve emerging issues to prevent business interruption.

Features

• Deep diagnostics
• Query insights
• Drag and drop reporting
• Multi-dimensional SQL workload drilldowns
• Automated change tracking
• Statement-level wait-event analysis
• Alarm workflow
• Automatic instance recovery
• Easy Integration

Benefits

• Centralized database monitoring across on-premises, hosted systems and cloud databases
• Support for cloud databases
• Proactive issue resolution
• Alerts for deviations from normal metrics
• Diagnostics and alarm data viewable from any drilldown screen
• Custom views and reporting through DBA, manager and executive dashboards
• With Query Insights, allows for rapid resolutions

£122 an instance

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.carter@sandhill.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

110036956350592

Contact

Andrew Carter
01476 568708
andrew.carter@sandhill.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Can work in conjunction with cloud and traditional databases, along with products like Shareplex as a DBA's toolkit
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: Only available on Windows and Linux
• System requirements:
  • CPU - 4-way 2.4 GHz 64-bit CPUs
  • RAM 12GB
  • Storage 120 GB, 10000 RPM hard disk or better

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: https://support.quest.com/essentials/sr-severity-levels-response-times
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Quest Software has indeed been involved in evaluating user satisfaction with assistive technology. One such assessment tool they’ve used is the Quebec User Evaluation of Satisfaction with Assistive Technology (QUEST). This instrument gauges a patient’s contentment with various assistive devices, considering factors like dimensions, weight, adjustments, safety, durability, simplicity of use, comfort, and effectiveness. Additionally, it assesses service-related aspects such as delivery, repairs, professionalism, and follow-up service
• Onsite support: Yes, at extra cost
• Support levels: https://support.quest.com/essentials/sr-severity-levels-response-times
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Full education and training quick start programs
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Export data in a variety of file formats
• End-of-contract process: At the end of the contract data is to be deleted completely, you should either raise a support case or email your Quest account manager. As soon as the data is deleted, you will be notified. The customer controls all data. Data should be archived and/or deleted.; ; Cloud: To delete your data completely, you should either raise a support case or email your Quest account manager. As soon as the data is deleted, you will be notified.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: Yes
• Compatible operating systems:
  • Linux or Unix
  • Windows
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Browser Based
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Quest Software has indeed been involved in evaluating user satisfaction with assistive technology. One such assessment tool they’ve used is the Quebec User Evaluation of Satisfaction with Assistive Technology (QUEST). This instrument gauges a patient’s contentment with various assistive devices, considering factors like dimensions, weight, adjustments, safety, durability, simplicity of use, comfort, and effectiveness. Additionally, it assesses service-related aspects such as delivery, repairs, professionalism, and follow-up service
• API: Yes
• What users can and can't do using the API: Yes - https://support.quest.com/technical-documents/foglight/7.1.0/rest-api-reference-guide
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Customizable dashboards, reports, rules for alerting and integration for interoperability.

Scaling

• Independence of resources: Scaling is directly commensurate to the hardware resources allocated to Foglight components

Analytics

• Service usage metrics: Yes
• Metrics types: Some limited usage data is available in Foglight
• Reporting types: Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Quest Software

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: No
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: CSV, Excel, PDF and XML
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Excel
  • PDF
  • XML
• Data import formats: Other
• Other data import formats: Any scripting language with standard output

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Provider will make commercially reasonable efforts to make the SaaS Software available twenty-four hours a day, seven days ; a week except for scheduled maintenance, the installation of updates, those factors that are beyond the reasonable control of Provider, ; Customer’s failure to meet any minimum system requirements communicated to Customer by Provider, and any breach of this Agreement by ; Customer that impacts the availability of the SaaS Software. Provider shall provide reasonable advance notice to Customer of any scheduled ; maintenance. Provider can limit or suspend Customer’s access to the SaaS Software if it is sufficiently probable that the continued use of the ; SaaS Software may result in harm to the SaaS Software, other Provider customers, or the rights of third parties in such a way that immediate ; action is required to avoid damages or Customer is in breach of the Agreement. If circumstances allow and if reasonably practicable, Provider will give Customer notice so that Customer may seek to promptly avoid the issue and avoid suspension.
• Approach to resilience: Extensive replication error checking and handling. Multiple queues ensure that data is not lost
• Outage reporting: Email alerts. Public dashboard in roadmap.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Foglight supports user roles and groups helps achieve access restrictions
• Access restriction testing frequency: At least once a year
• Management access authentication: Other
• Description of management access authentication: Foglight supports external user authentication through either, LDAP, SAML, or Windows SSO. Multi-factor authentication can be configured in the SAML identity provider.

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Schellman Compliance, LLC
• ISO/IEC 27001 accreditation date: 15/08/2023
• What the ISO/IEC 27001 doesn’t cover: Scope of certification is the provision of SaaS and Hosting Services
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: https://www.quest.com/docs/information-security-policy-legal-131273.pdf

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All changes are raised via the support ticketing system, Zendesk, and will be added into the development tracking system. Code changes are implemented with build script - we do use automated deployment tools for code movement and roll-backs from our beta, staging and live environments. Changes are approved by Development and Product Manager before being pushed.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Vulnerability scanning tool generates reports, tested against a known database of issues. Rule sets use common vulnerabilities and exposures (CVE), center for internet security (CIS) Operating System configuration benchmarks, and security best practices. High and Medium issues resolved as quickly as possible. Low and Informational issues worked into the normal sprint plans. Security pack covers whole platform of solutions: - Intrusion Detection/Prevention and hosting of agents and manager within remote environment - Security Information and Event Monitoring (SIEM – Manage Engine EventLog Analyzer) - and the hosting of the agents and manager within the remote environment - Quarterly vulnerability testing.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: If the advanced security pack is chosen (on single tenant environments), we utilise an IDS/IPS tooling and all events are sent to a central management console, managed by DevOps team. The IPS software will remediate and block issues where they are found. Any alerts will quickly be responded to and remediated by the DevOps team, depending on criticality.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Incident record is created in the Quality Log Incident Manager assigned to co-ordinate resolution and communications . Incident manager will work with the account manager to keep the customer informed. Issues will be escalated to Product Management and Development Management. Escalation beyond this is to the senior management team Customer is notified of the issue/incident and the plans to resolve it by the account manager. Development Manager will review the issue, any knock-on effects and devise the best fix method Change management process follows attempts at resolving the issue. Incident Report completed afterwards detailing the cause, lessons learned.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality

  Fighting climate change

  As a company Sandhill identify and implement activities to reduce emissions in the performance of contracts, such as improving energy efficiency, switching to renewable energy sources, reducing waste, water consumption, promoting low-carbon transport, and offsetting unavoidable emissions. ; ; We'll seek external verification and certification of our carbon reporting, where possible. ; ; Sandhill have committed to the following as part of their efforts toward fighting climate change. ; ; Environmental Awareness - POLICY STATEMENT ; It is the policy of Sandhill Consultants Limited (Sandhill) to minimise the potentially significant impacts of our operations and services on the environment. We will promote sustainability and environmental awareness at all levels of decision making. ; ; In defining our program of improved environmental performance and pollution reduction, Sandhill will: ; ; • Comply with the letter and spirit of all relevant environmental legislation. ; ; • Adopt a purchasing program that takes into account the environmental impact of products and services in areas of key concern. ; ; • Implement waste management strategies that promote waste minimisation, re-use, recovery and recycling where appropriate. Where these options are not available we will ensure that our waste is disposed of in a way that minimises its impact on the environment. ; ; • Promote efficient energy use in all areas of business activity. ; ; • Seek to manage and reduce internal and client-facing travel. ; ; • Ensure that our staff are aware of the environmental impacts of their work activities and encourage them through awareness raising and training to minimise those impacts. ; ; • Pursue a program of continuous improvement of our policies and practice. ; ; • Ensure that our policy is available for public review on request. ; ; This policy will be reviewed on a regular basis to evaluate continued relevance and to monitor compliance and in turn look to conform with ISO 14001. ; ; The Sandhill Policy Statement is signed off by Simon Carter, CEO.

  Tackling economic inequality

  Fostering wider diffusion of new technologies and building complementary capabilities in the workforce can deliver both stronger and more inclusive economic growth. Technology offers opportunities for people to acquire new skills, engage in varied livelihoods, and participate in shaping cultural norms and democracy. Ensuring marginalized communities have the necessary skills, access, and tools is essential for inclusive growth. The Introduction of new software will offer potential opportunities for training and retraining and with the use of Foglight should result in more efficient use of IT and information management.

Pricing

• Price: £122 an instance
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Foglight for Cross Platform Databases and Infrastructure - 30 days trial available
• Link to free trial: https://www.quest.com/register/55612/ and https://www.quest.com/register/55511/

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.carter@sandhill.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.