ITHQ LTD

Nutanix Cloud Clusters (NC2)

Nutanix Cloud Clusters (NC2) delivers a hybrid multicloud platform with the flexibility, simplicity, and cost-efficiency needed to run applications in private or public clouds. NC2 runs the core Nutanix HCI stack on bare metal instances in public clouds allowing customers to migrate or extend from on-premises to public cloud providers.

Features

• Nutanix NC2 procured and managed on your behalf
• Billing management
• Unified cloud monitoring & alerting
• Change management review service
• Change execution service
• Backup and data protection
• Advanced networking nolutions

Benefits

• Consolidation and monitoring of monthly invoicing
• Continuous review of security measures
• Realtime monitoring of services with automated alerting and response
• ITHQ participation in change requests to ensure best practice
• ITHQ implementation of change requests
• Automated backups of workloads
• Support for advanced networking configurations

£0.00 to £30.00 an instance an hour

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@ithq.pro. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

339293800524959

Contact

Dale Nursten
02039977979
bidteam@ithq.pro

Service scope

• Service constraints: None
• System requirements: None

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Dependent on SLA purchased, we have three; 8x5xNDB, 8x5x4 and 24x7x4
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Three levels of support are offered: 8x5x4, 8x5xNBD and 24x7x4. Support costs are based on size and complexity of the deployment.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide a fully managed on boarding process.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: There are a number of built-in and 3rd party data export functions/solutions available.
• End-of-contract process: If the service is terminated at the end of the contracted term, ITHQ will terminate any accounts, access controls and resources. ; ; Off-boarding of instances and data is the customer’s responsibility and should be completed prior to termination. ; ; ITHQ can provide migration services at additional cost.

Using the service

• Web browser interface: Yes
• Using the web interface: Users can manage all aspects of the service using the NC2 management portal.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: Accessibility of the management portal is maintained by Nutanix.
• Web interface accessibility testing: Accessibility of the management portal is maintained by Nutanix.
• API: Yes
• What users can and can't do using the API: All aspects of the NC2 service can be managed using APIs.
• API automation tools:
  • Ansible
  • Chef
  • OpenStack
  • SaltStack
  • Terraform
  • Puppet
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
  • MacOS
• Using the command line interface: All aspects of the NC2 service can be managed using the CLI.

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: Managed and guaranteed by Nutanix on the bare metal infrastructure from the public cloud provider.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Nutanix

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest:
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: As we operate a cloud first policy we ensure that all our service providers conform to our protection standards by encrypting all data at rest by default.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Virtual machines
  • Databases
  • Files
• Backup controls: Managed through policies, which are agreed during the on boarding process.
• Datacentre setup:
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
  • Single datacentre with multiple copies
  • Single datacentre
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Service levels can be adjusted to meet customer needs.
• Approach to resilience: Nutanix NC2 operates on top of bare metal hardware operated by the public cloud providers. Layering the Nutanix HCI stack with replication technologies on top of the multi-data centre and multi-region facilities offered by the public cloud providers enables a highly resilient service to be built to meet customer demands.
• Outage reporting: Public status portal/dashboard and email alerts.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Only authorised users or groups are able to access the management and support portals.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS International Ltd
• ISO/IEC 27001 accreditation date: 15/03/2022
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We are ISO27001 accredited and able to supply our Information Security Policies subject to a non-disclosure agreement being put in place with the receiving party.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Will be provided by ITHQ upon request.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Policies will be provided by ITHQ upon request.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Policies will be provided by ITHQ upon request.
• Incident management type: Supplier-defined controls
• Incident management approach: Policies will be provided by ITHQ upon request.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Third-party
• Third-party virtualisation provider: Nutanix
• How shared infrastructure is kept separate: The environment is a virtualised, multi-tenant environment which prevents any direct interface between services. Any inter-VM communication must be routed through the appropriate network segment and be configured and permitted by the networking rules in place for that tenant.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Each public cloud operator provides their own details on how they adhere to the EU Code of Conduct for Energy Efficient datacentres

Social Value

• Social Value:

  Social Value

  • Tackling economic inequality
  • Equal opportunity

  Tackling economic inequality

  ITHQ runs a corporate social responsibility programme called; Life In IT in South East England. ; ; Life In IT allows us to recondition tech devices donated from; businesses headed for disposal and pass them on to local non-; profit organisations that put them to great use. Schools in; particular are now benefitting from free technology that creates; fresh learning opportunities through increased access to education; platforms for more students.

  Equal opportunity

  ITHQ runs a corporate social responsibility programme called; Life In IT in South East England. ; ; Life In IT allows us to recondition tech devices donated from; businesses headed for disposal and pass them on to local non-; profit organisations that put them to great use. Schools in; particular are now benefitting from free technology that creates; fresh learning opportunities through increased access to education; platforms for more students.

Pricing

• Price: £0.00 to £30.00 an instance an hour
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@ithq.pro. Tell them what format you need. It will help if you say what assistive technology you use.