QNETIX LTD

Bare Metal as a Service - in partnership with Scale Computing

The Qnetix Cloud Bare Metal (Scale) offers computing platforms from Scale Computing As A Service. Scale Computing is a leader in virtualisation and hyper-converged platforms at a fraction of the cost of VMWare and Public Cloud solutions. Available in UK government-certified data centres.

Features

• Leading hardware platforms
• AI ready platforms available
• Options available for on-premises platforms
• Direct connect using our neutral air-gap isolated network
• ITIL based service delivery management and reporting
• 24x7x365 availability, service desk, support, and monitoring
• Options available for direct connections to your public cloud
• Aligned with NCSC Cloud Security Principles
• Secure UK data centres. Data never leaves the UK.

Benefits

• UK Service Provider
• Dedicated (and isolated) compute, AI and storage solutions
• Enables rapid deploy and scale of servers and storage resource
• Enables automated deployment and installation of applications
• Ideal for both test & development and production environments
• Move your workloads to the cloud to reduce cost
• You are in control of capacity, security and performance
• Supports UK data sovereignty

£1,112 a unit a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@Qnetix.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

154862399498258

Contact

Qnetix - Your Trusted Technology Solutions Partner
+443333355673
gcloud@Qnetix.co.uk

Service scope

• Service constraints: Qnetix are responsible for managing and maintaining all platform components. Customer is responsibility operating systems and applications.
• System requirements: NA

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Request for Information – 4 hour response. Request for support – 2 hour response. Critical incident support – 1 hour response
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Qnetix provides full support services as standard through the Qnetix Service Desk. We operate 24/7 for P1 and P2 incidents. P3 issues are handled during business hours. Our Service Desk is staffed by 1st line support engineers with direct escalation to the operations team for full 2/3rd line support. Additional support services are available - including operating system and application monitoring, patch and security management, managed backup, and managed disaster recovery. Each customer is assigned a service delivery manager responsible for ensuring smooth service delivery, acting as an escalation point for incidents, and providing monthly service reports.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We pride ourselves on the fact that our services are easy to consume and simple to use. New customers provide a list of authorized contacts and their permission levels. We engage with those contacts, supply documentation, and offer training if needed on contacting support, accessing portals, and using our services. We do not charge for standard onboarding/offboarding. If extra onboarding support like project management or technical design is required, we may charge a pre-agreed rate.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: We will work with you to create a plan for closing your account and provide assistance with exporting and downloading your data. Users can also directly download their data and applications.
• End-of-contract process: We do not charge for standard off-boarding, allowing organizations to exit our service without penalty. We will provide reasonable support for customer service exit, data exporting, and resource decommissioning. If extensive project management or large-scale support is necessary, We reserve the right to charge the client, contingent on advance agreement before termination.

Using the service

• Web browser interface: No
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Manual
• Independence of resources: This service offering is for dedicated, customer specific hardware and therefore by its nature is isolated and not affected by the demand of other customers and users.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
  • Other
• Other metrics:
  • SNMP Data
  • API Data
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Backup and recovery

• Backup and recovery: Yes
• What’s backed up: Available as add on option
• Backup controls: Qnetix will work with you to define a data protection strategy and catalogue. This will be used to govern the backup strategy. There is huge flexibility on what can be backed up, when and how.
• Datacentre setup:
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
  • Single datacentre with multiple copies
  • Single datacentre
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: SLA driven availability guarantee based on services selected. 99.9% uptime SLA available.
• Approach to resilience: All components have been built in fully resilience and availability in mind. Availability is dependant on services selected. More information is available on request.
• Outage reporting: All infrastructure is monitored. Outage monitoring alerts are sent directly to customer main points of contact or pre-agreed operational points of contact via e-mail. Additional methods of escalation and alerting can be agreed as part of onboarding.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Only authorised contacts are granted access rights / access. All critical management and security systems are isolated, have multi-factor authentication enabled and confirm to the principle of least access and just in time access.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Less than 1 month
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Qnetix operate a rolling internal audit and assurance programme to ensure continuity and compliance to any agreed standards and customer certification required. This includes internal technical auditing of our systems. NOTE: We are open to developing or implementing any additional standards and processes required.
• Information security policies and processes: Qnetix actively embraces industry standards and guidance (for example ISO 27001). Our internal auditing process and annual audits ensure that the policies are being followed. Any breach of our information security policy is logged and escalated to the information security officer for a full and thorough review. Where needed, remediation action plans are put in place and process changed, including staff training. NOTE: We are open to developing or implementing any additional standards and processes required.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All non-standard changes are reviewed and must be pre-authorised by going through a peer, senior and change board approval process. Standard changes are created in template form and are reviewed and approved as a standard prior to implementation. Where feasible, all changes are tested in lab / development environments prior to production implementation. NOTE: We are open to developing or implementing any additional standards and processes required.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Qnetix conduct regular vulnerability testing and scanning and all key systems are regularly monitored for vulnerabilities. All vulnerabilities found are recorded, categorised into priority depending on the severity and remediated. NOTE: We are open to developing or implementing any additional standards and processes required.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Qnetix proactively monitors key systems - this includes logging all key security and access information to a centralised location. Logs and systems are checked daily for potential security breaches using several key search filters. Alerts are sent out for high risk activity and are pro-actively responded to by the Qnetix Operations Team. NOTE: We are open to developing or implementing any additional standards and processes required.
• Incident management type: Supplier-defined controls
• Incident management approach: Qnetix operate an ITIL centric incident management process with associated procedures for security related incidents. The process has a clearly defined governance framework, including roles & responsibilities, clear policies and associated KPIs. NOTE: We are open to developing or implementing any additional standards and processes required.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Qnetix use the ARK datacentres for this service. ARK are participants of the EU Code of Conduct for Data Centre Energy Efficiency for SQ17, P1, and A9.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity

  Fighting climate change

  While Qnetix is not a manufacturer of hardware or software, we are committed to minimizing any activities that could harm the environment. To achieve this goal, we will: /1/ Assess and seek to reduce the environmental impact of our current and future operations. /2/ Continuously improve our environmental performance and reduce waste by promoting recycling and reuse. /3 / Purchase environmentally responsible goods and services whenever possible. /4/ Train employees on environmental matters and make information available as needed. /5/ Expect similar environmental standards from our suppliers and contractors. /6 / Assist customers in using our products and services in environmentally sensitive ways. /7/ Participate in discussions about environmental issues as necessary. /8/ Comply with all legal and regulatory environmental requirements. /9/ Review this policy annually and update as needed. We share the industry's concern about the environmental impact of obsolete IT equipment that is not recycled. We believe no computer should go to waste. We work with suppliers to enable materials to be reused or recycled, helping conserve natural resources. We have a strong commitment to keeping environmentally sensitive IT materials out of landfills.

  Covid-19 recovery

  Qnetix remain committed to supporting our teams and community in the recovery of the affects of Covid 19. To achieve this goal, we will: /1/ Continue to offer training and education support for ; those left unemployed by COVID-19. /2 / Support people and communities to manage and recover from the impacts ; of COVID-19. /3/ Support organisations and businesses to manage and recover from the impacts of COVID-19. /4/ Support the physical and mental health of people affected by COVID-19. /5/ Improve workplace conditions that support the COVID-19 recovery effort ; including effective social distancing, remote working, and sustainable travel solutions.

  Tackling economic inequality

  Qnetix is committed to addressing economic inequality at its core by creating new businesses and employment opportunities, as well as improving education and training. Our overriding vision is to help reduce the unequal distribution of income and opportunity between different groups in society.

  Equal opportunity

  Qnetix aims to promote equal opportunities and fair management practices beyond legal requirements. Qnetix provides a work environment free from unlawful discrimination, harassment, bullying, or victimization based on sex, marital status, sexuality, disability, age, race, color, ethnicity, nationality, religion, or political beliefs. This principle applies equally to recruitment, training, promotion, dismissal, transfer, benefits, and all terms and conditions of employment. Qnetix does not tolerate breaches of this policy. All such instances will be thoroughly investigated and proven cases subject to disciplinary procedures. Policies for recruitment, selection, training, development, and promotion ensure individuals are treated solely based on relevant aptitudes, skills, and abilities.

Pricing

• Price: £1,112 a unit a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Free trials are available. Resource limits and timeframe are agreed on a case basis.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@Qnetix.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.