Tivarri Ltd

YellowDog Platform

YellowDog is a compute workload management platform that can schedule and provision workloads whether they are on-premises or across a public or private cloud. Using YellowDog customers can build HPC scale clusters in the cloud, in any and multiple locations around the world.

Features

• Cloud Native Scheduling
• Meta Scheduling
• Intelligent Provisioning
• Flexible Data Management
• FinOps – Real-time usage and proactive quotas
• Secure Identity / Access Management

Benefits

• Seamless bursting workloads from on-prem to cloud
• Lower cloud server costs
• Improve performance and business outcomes
• Minimise capacity risk
• Ultimate flexibility
• Always having access to the right machines

£800.00 a user a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@tivarri.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

379951202464602

Contact

Simon Ponsford
01225 428879
sales@tivarri.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: No.
• System requirements: Chrome or Edge web browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: SLA is 4 hours, but average response time is 12 minutes
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Our support is a 4-hour response as per SLA. We can also offer training and on-premise support.; All customers are allocated a Technical Account Manager
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: There are online guides, a tour in the GUI and we offer getting started training which typically takes 2 hours.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Data is stored on customer servers or in their cloud accounts. There is no data to extract from the YellowDog Platform at contract end.
• End-of-contract process: Customer account is disabled, then deleted at 12 months or earlier if requested by the customer.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Chrome
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: WCAG 2.1 AAA
• Description of service interface: A ticketing system.
• Accessibility standards: WCAG 2.1 AAA
• Accessibility testing: Tested to comply with WCAG 2.1 AAA standard.
• API: Yes
• What users can and can't do using the API: Max users 10M.; User access is role based. With the correct role, any aspect of the service can be added and updated through the API.; Limitations are based on role.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Most customers create their own front end interface, but all API calls are available so any aspect can be customised.

Scaling

• Independence of resources: Platform is on a autoscaling platform which expands and contracts based on usage.

Analytics

• Service usage metrics: Yes
• Metrics types: Accessed through FinOps style portal.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: YellowDog Limited

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: No
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: They don't, their data remains on premise or in their cloud provider account.
• Data export formats: Other
• Other data export formats: Not applicable
• Data import formats: Other
• Other data import formats: Not applicable

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 99.99%; Service credits if not met.
• Approach to resilience: Runs on a Kubernetes backend. All services are resilient with the ability for the Platform to be restored to other cloud providers.; There is also an option for a self-hosted platform.
• Outage reporting: Email alerts and customer dashboard.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Access to management interfaces is via a VPN.; Support channels are restricted to specific customers.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Citation
• ISO/IEC 27001 accreditation date: 11/07/2023
• What the ISO/IEC 27001 doesn’t cover: Nothing.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: Milkfloat

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: As defined in our ISO 27001 processes.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All changes are managed and tracked. There is always a procedure to revert back changes if required.; Every software release goes through an detailed automated testing procedure.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We use SYNK to check each component and a 3rd party for weekly penetration testing.; Software updated multiple times a day allowing for fast adoption of patches where required.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Suspicious activity is detected within the Platform using in-house tools.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We have a ticketing, email and support line to report incidents.; There are pre-defined procedures for common events.; Incident reports are created following an event, one with initial details and then a full write-up once details are understood.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Fighting climate change

  Fighting climate change

  The ability to reduce the carbon impact of scheduled jobs and to minimise the impact.

Pricing

• Price: £800.00 a user a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: All services, but limited to 30-days.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@tivarri.com. Tell them what format you need. It will help if you say what assistive technology you use.