Claranet Limited

Managed Hosted Cloud solutions

Claranet's Managed Hosted Cloud solutions (also known as Claranet Cloud) provides an infrastructure as a service (IaaS) offering for your cloud environment. This capacity is shared infrastructure, isolated per-user.

Features

• Infrastructure (CPU, memory, disk) you can shape to your requirements

Benefits

• Managed Operating Systems (SysOps) allow you to focus on business

£5,000 to £300,000 a unit a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at UK-bidteam@claranet.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

368416682963397

Contact

Claranet UK Bid Team
020 7685 8000
UK-bidteam@claranet.com

Service scope

• Service constraints: Standard shared infrastructure means that planned maintenance is shared across all customers. Customers can only use specific firewall services and hardware is standardised.
• System requirements:
  • Customers must have OS licences supplied by Claranet or self-sourced
  • Security services

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Priority 1: 15 minutes response time.; Priority 2: 1 hour response time.; Priority 3: 2 hours response time, Mon-Fri 8:00-20:00.; Priority 4: 4 hours response time, Mon-Fri 8:00-20:00.; Priority 5: 24 hours response time, Mon-Fri 8:00-20:00.; Service requests are assigned to priority 4.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: No
• Support levels: The support for the service is standard across all tiers with standard support being available from the hours of 800 to 1800 Mon-Fri. Claranet offers out-of-hours 24x7 support for resolving incidents or issues in production systems.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: User documentation is contained within the Claranet portal.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: The user has access through the provision of the service to extract their data.; ; Further assistance from professional services can be provided, at cost.
• End-of-contract process: Cancellation request; Power down environment; Decommission after a period

Using the service

• Web browser interface: Yes
• Using the web interface: Users can set up, manage, and delete virtual machines within their virtual data centre from an assigned resource pool allocated upon purchase.; ; Users can make use of a range of provided images and work either in a managed or unmanaged fashion, and can set up a in-environment network, within their existing IP address range.; ; Users cannot make use of resources not allocated to their resource pool, and will need to contact the Service Desk to adjust the size of their virtual data centre.
• Web interface accessibility standard: WCAG 2.1 A
• Web interface accessibility testing: None
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Manual
• Independence of resources: No absolute guarantee, but cluster capabilities are provisioned across all customers at a level sufficiently above allocation.
• Usage notifications: No

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • Memory
  • Number of active instances
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: VMware, Zerto, Veeam

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: Less than once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Virtual machines
  • Files
• Backup controls: Users can make use of the standard shared backup platform provided for their virtual private cloud, and can contact the backup team after onboarding to adjust their backup schedule.
• Datacentre setup:
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
  • Single datacentre
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Claranet offers 99.5% availability for each of the tenant portal, network components and hosting hardware. Scaling service credits are available upon application, depending on the level of reduced availability.
• Approach to resilience: Available on request.
• Outage reporting: Email alerts or text messages, as configured on the Claranet portal.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: 2FA restriction, VPN-only access, zero trust RBAC
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Less than 1 month
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: Less than 1 month
• How long system logs are stored for: Less than 1 month

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: DAS
• ISO/IEC 27001 accreditation date: 06/06/2023
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: 7Safe Limited
• PCI DSS accreditation date: 11/01/2019
• What the PCI DSS doesn’t cover: Our PCI-DSS only covers physical security requirements 1 to 8. 10 and 11 are not covered
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: ISO22301

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ISO27001:2013, ISO22301:2012

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Claranet have an embedded ITIL aligned configuration and change management process. All Claranet and customer specific changes are reviewed and evaluated for threats and risk before being deployed in a specific change window. Claranet use service management tools that support the ITIL process. All changes are tracked and audited. Customers are required to make all requests for change through the customer portal and only portal users with the correct privileges can request a change.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Claranet have a multi layered approach to vulnerability management. Security controls are inbuilt into our network such as DDOS and Threat Management. These threats are actively reviewed by our internal SOC and security team to look at areas of risk and remediation. Claranet customer specific solutions also have vulnerability features enabled and others that are available at an additional cost. Claranet actively review threats identified by suppliers and vendors and where deemed necessary will update and deploy patches to equipment and software. Claranet also run regular penetration testing on our network services using CREST certified testers.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Claranet provide multi-vendor network and security solutions that have active network and security monitoring. Alerts are generated through our enterprise grade monitoring system and reviewed by our network operations centre. Claranet also have additional services such as Managed Detection and Response (MDR) and email and web security to further enhance protective monitoring. Where the monitoring system identifies that a threshold is breached, alarms are triggered to alert Claranet support staff. If a threshold is breached or a service affecting event occurs, the Claranet Operations team are notified to raise a ticket and take appropriate action to resolve the issue.
• Incident management type: Supplier-defined controls
• Incident management approach: Claranet have an embedded ITIL aligned process for Incident Management with description, instruction, and visual guides on how to raise an incident. All incidents are allocated a priority between 1-5 and have associated response times. As part of our service management offering we can evaluate incidents logged with a view to looking at trends and improving time to resolve. This data is typically combined in service management reports that are issued as per an agreed schedule with the customer. Customers can report incidents to our services desk via telephone or by raising the request through our online portal.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: VMware
• How shared infrastructure is kept separate: Private vLAN isolation

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Claranet work with compliant datacentre providers.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Sustainability is a core element of our CSR strategy. At Claranet, we recognise the significance of our environmental footprint, even if it’s small, and are dedicated to perpetual improvements in energy conservation and waste minimisation throughout our operations. Our Senior Management Team has defined environmental and energy policies with a structure for setting and revising environmental objectives and goals.; • Our approach to environmental management includes:; • Committing to lessen our environmental impact.; • Integrating environmental performance and management into our business practice.; • Encouraging recycling and eco-awareness across our workforce, clientele, and suppliers.; • Reducing eco-toxic emissions from company vehicles.; • Reducing our energy use.; • Aligning with stakeholders to meet or excel in environmental standards.; • Adhering to applicable environmental laws and regulations.; • Conducting regular audits to measure and report on environmental metrics and establish goals.; Our energy management is focused on:; • Complying with legal standards for energy use.; • Implementing and, where possible, exceeding best practices for energy management.; • Allocating resources to meet our energy objectives and improve our management system continuously.; • Procuring energy-efficient solutions and services when feasible.; • Using data to monitor significant energy use and set targets for reducing consumption across the enterprise.; Our commitment to sustainability is reinforced by certifications such as ISO14001 for Environmental Management, ISO50001 for Energy Management, and the Cisco Environmental Sustainability Specialisation.; Aiming for net zero by 2050, we are proactively seeking ways to achieve this sooner. Our efforts are transparent, with an external Carbon Reduction Plan available upon request.

  Equal opportunity

  Offering the opportunity to advance our people’s professional development is one thing, however, ensuring that everyone, no matter who they are, has that opportunity is something that we pride ourselves on. Diversity and Inclusion is a highly regarded topic at Claranet and one that we strive to work towards. We are committed to driving diversity and inclusion in a measurable way. ; Our HR and Management teams are working closely on diversity and inclusion initiatives to support the reduction in the gap in pay between men and women. We have a group of employees who have volunteered themselves to work together the ensure some of the most meaningful diversity and inclusion dates throughout the calendar year are acknowledged and/or celebrated with the goal of ensuring all of our employees feel a sense of belonging at Claranet. We are a signatory with the Tech Talent Charter (TTC) who pride themselves on bringing organisations together to drive greater diversity and inclusion within the Technology sector. Not only does this support women getting into technology, but those from multi-ethnic and lower socio-economic backgrounds as well. We are excited to be a part of this movement and hope to contribute to making the UK technology sector truly inclusive. We are also one of the founding members of the Technology Community for Racial Equality (T4CRE). We are proud to support this organisation that is focused on promoting diversity, equity, and inclusion in the technology industry (https://tc4re.org/who-we-are/). ; Our recruitment strategy and policy also heavily supports this. The makeup of our Senior Management Team further evidences our commitment to inclusivity, as it continues to represent an equal split between men and women, which is essential to leading a diverse workforce and promoting equality.

  Wellbeing

  Claranet are passionate about people and fostering a healthy and nurturing work environment.; Our dedicated Wellbeing and Engagement team, work in partnership with external providers to deliver our health and wellbeing scheme: Health is Wealth. The scheme is comprised of talks led by professionals, access to exercise classes, discounted gym memberships and access to a fully trained Mental Health First Aiders team. Some of our notable events include, a Stress Awareness seminar, Disability Awareness talk delivered by Lee Spencer, Employee led activity to celebrate Neurodiversity Week, Women in technology celebrations, Happiness in the Workplace celebration week and Imposters Syndrome webinar. Our in-house team plan employee activity based on employee feedback and suggestions, enabling us to deliver a very diverse programme and support network within the workplace.; In conjunction with this we also provide all employees with access to the Employee Assistance Program (EAP). This facility provides an independent, confidential, and unlimited service available 24 hours a day, 365 days a year. It provides access to specialist professionals who offer advice on stress and anxiety as well as a range of other issues such as bereavement support, legal guidance, and health related issues.; Our employees also benefit from core and voluntary benefits including dental cover and private medical that covers pre-existing conditions with a range of options to cover partners or families. Voluntary Critical Illness Cover of up to £150,000 also gives our employees and their families financial and practical support at times of need.

Pricing

• Price: £5,000 to £300,000 a unit a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at UK-bidteam@claranet.com. Tell them what format you need. It will help if you say what assistive technology you use.