OCF LIMITED

OCF - RONIN

RONIN lives inside the Buyer's own AWS account and takes care of all of the cloud's tricky bits. RONIN turns complex actions into simple button clicks so that users of all skill levels can easily create, manage, connect to, and monitor their AWS cloud resources.

Features

• Budget controls for cloud usage and full cost visibility.
• Launch and manage virtual machines and HPC on demand.
• Deployed in a multi-tenancy methodology down to the networking config
• Create and manage your own software and HPC service catalogue.
• Users can manage all secrets with our key management solution.
• Everything is tagged against a project code security requirements
• Configured to securely reach almost any data set.
• Can configure access rules based on geolocation, IP range etc.
• Safely connect your machines to on-prem services such as licence-server
• Single or distributed billing

Benefits

• Self Service
• Scalability at your finger tips
• Cost management and Visibility
• Save and share compute environments
• Simple and secure data management
• Connect seamlessly with RONIN link
• Provide flexibility and functionality
• Installed in your AWS account so you have full ownership
• Custom branding
• Unlimited projects

£50,000 a licence

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tenders@ocf.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

210123033507019

Contact

Megan Stroud
0114 257 2200
Tenders@ocf.co.uk

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: Amazon Web Services
• Cloud deployment model: Public cloud
• Service constraints: We only currently support AWS cloud
• System requirements:
  • Must have a new AWS account number
  • Must enable certain cost allocation tags

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Next business day response. RONIN has staff globally which cover a 24 hour timezone.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Our webchat is Slack, so we inherit the testing that they do.
• Onsite support: Onsite support
• Support levels: RONIN provide Level 0 support and software maintenance/patching support included in licence. Higher levels of support, from research guidance, cloud support and onsite support available for purchase separately.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: RONIN provide Administration and research training. This can be done in person or via Zoom. Users will get access to our RONIN blog which has articles and guides on how to use RONIN as well as instructional videos.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The customer have full ownership and access to their data. Once the contract ends and they wish not to continue, RONIN will uninstall the orchestration engine. All customer data will still be accessible via the AWS console.
• End-of-contract process: If the customer choose not to extend the contract, RONIN will uninstall their orchestration engine in their AWS account. All instances and data will still be accessible from AWS console. This uninstallation is provided at no extra costs. Any other services required will be an additional cost.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: RONIN's UI layout on mobile service has been optimised for smaller screens
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: No

Scaling

• Independence of resources: Each customer receives their own independent RONIN webserver in their AWS account. The webserver interacts with Amazon's RDS service to store and query RONIN data. RONIN ensure both the webserver and RDS are of a sufficient size to handle concurrent requests based on the number of users allowed as per the purchased license tier.

Analytics

• Service usage metrics: Yes
• Metrics types: RONIN provide AWS expenditure metrics to the user via the RONIN UI. Detailed cost reports containing monthly costs per project across the AWS account are provided to users under their cloud credits scheme.
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: AWS

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
• Other data at rest protection approach: RONIN is not a SaaS. It is installed within the buyer's AWS account and therefore inherits the security posture of that account.
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data from the RONIN UI (e.g. user data, project data) can be exported as a csv file via the RONIN UI. User cloud data can be exported using the AWS CLI or via sftp and applications such as Cyberduck.
• Data export formats:
  • CSV
  • Other
• Other data export formats: All data formats supported by AWS
• Data import formats:
  • CSV
  • Other
• Other data import formats: All data formats supported by AWS

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection between networks: RONIN is not a SaaS. It is installed within the buyer's AWS account and therefore inherits the security posture of that account, including custom security configurations.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: RONIN is not a SaaS. It is installed within the buyer's AWS account and therefore inherits the security posture of that account

Availability and resilience

• Guaranteed availability: RONIN is not a SaaS. It is installed within the buyer's AWS account and therefore inherits the SLA of that account previously negotiated with AWS.
• Approach to resilience: RONIN is not a SaaS. It is installed within the buyer's AWS account and therefore inherits the properties of that account previously negotiated with AWS.
• Outage reporting: RONIN is not a SaaS. It is installed within the buyer's AWS account and therefore inherits the properties of that account previously negotiated with AWS. This includes AWS cloud alerts. In addition, RONIN engage with all customers via several channels, including email and Slack.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
  • Other
• Other user authentication: RONIN supports any SAML-based (e.g ADFS, OKTA, Azure AD, Shibboleth, Amazon SSO) or OpenID identity provider
• Access restrictions in management interfaces and support channels: Access in management interfaces is restricted via Cognito permissions and RONIN UI user permissions. Support channels are restricted via administrator approvals upon access request.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: No
• Security governance certified: No
• Security governance approach: RONIN is not a SaaS. It is installed within the buyer's AWS account and therefore inherits the certification levels of that account.
• Information security policies and processes: RONIN is not a SaaS. It is installed within the buyer's AWS account and therefore inherits the security posture of that account. However, RONIN's internal security policies are audited regularly as a requirement for membership to Australia's Defence Industry Security Program. These artefacts are for internal use only, but can be made available on request to Buyers during the procurement stages.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: As per AWS best practice, however RONIN's internal processes are aligned with ISO 27001 (certification pending)
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: As per AWS best practice, however RONIN's internal processes are aligned with ISO 27001 (certification pending). In addition, RONIN are a member of Australia's Defence Industry Security Program (similar to UK Security Vetting) and the ASIO Outreach Program for proactive security management.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: As per AWS best practice, however RONIN's internal processes are aligned with ISO 27001 (certification pending). In addition, RONIN are a member of Australia's Defence Industry Security Program (similar to UK Security Vetting) and the ASIO Outreach Program for proactive security management.
• Incident management type: Supplier-defined controls
• Incident management approach: As per AWS best practice, however RONIN's internal processes are aligned with ISO 27001 (certification pending). In addition, RONIN are a member of Australia's Defence Industry Security Program (similar to UK Security Vetting) and the ASIO Outreach Program for proactive security management.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Covid-19 recovery

  Covid-19 recovery

  RONIN have a large number of researchers from across the world who utilise our platform in order to obtain the required computational resources they need to perform Covid-19 research. For example genomic screening of mutations in Covid-19 to identify potential targets for vaccines.

Pricing

• Price: £50,000 a licence
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tenders@ocf.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.