Tekwurx Limited

BMC Helix Discovery

BMC Helix Discovery automates the discovery of IT assets in the data centre, hybrid and multi-cloud environments. It uses the discovered assets to build application maps that provide a holistic view of your assets and their relationships, supporting service management, cloud migration and security initiatives. Tekwurx is a BMC Partner.

Features

• Automated, continuous discovery of data centre assets
• Automated mapping of business applications
• Continuous content updates
• Over 4,000 data centre assets covered
• Open and secure
• Multi Cloud discovery and relationship mapping

Benefits

• 5-year average ROI of 470%
• 57% reduction in unplanned downtime
• 15% more efficient IT infrastructure teams
• Lower risk
• Reduced number of vulnerabilities

£34.80 to £138.60 a server a year

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at keith@tekwurx.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

481315658845649

Contact

Keith Pound
+44 208 148 3717
keith@tekwurx.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: BMC Helix Discovery is a stand-alone service but can add value when used with other BMC Software and Tekwurx products, including:; ; - Tekwurx uControl; - BMC Helix ITSM; - BMC Helix Cloud Cost; - BMC Helix Cloud Security
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: You can customise BMC Helix services to suit your needs. BMC recommends that you review best practices recommendations for your applications before designing customisations to ensure the best experience for supportability and upgrades.
• System requirements: Supported browser is required

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response times for requests are based on severity: P1 — 15 mins, P2 — 30 mins, P3 — 4 business hours, P4 — 16 business hours. Tekwurx provides annual support to suit a customer's requirements.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: BMC provides Support via Web, Email and Phone. Initial Response goals are relative to the impact of the reported problem on the customer environment.; S1: 15 clock minutes; S2: 30 business minutes; S3: 4 business hours; S4: 16 business hours; ; Tekwurx can provide additional support as costed options
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Tekwurx has extensive experience in architecting and deploying BMC Helix Discovery solutions, from single installations covering a few hundred devices through to 50+ Discovery appliances discovering in excess of 150,000 devices. We focus on delivering the highest quality project for each and every client. ; ; A typical engagement consists of:; ; - Initial discussion to understand the basic requirements; - Review the “as-is”; - Follow-up discussion to clarify details and agree on the scope and estimated project fees; - Deliver an in-depth workshop to better understand the details, develop the design and agree on all major elements of the project deliverables; - Produce the architecture design; - Deploy agreed design; - Undertake UAT testing and production deployment; - Create build and configuration documentation; - Provide knowledge transfer and training sessions; - Work with the customer on initial BAU remediation activities; - Provide on-going support
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats: We will conform to the customer's preferred format
• End-of-contract data extraction: Upon written request by Customer made within 45 days after the effective date of termination, BMC will make the Customer Data available to Customer for retrieval in an industry-standard format. After such 45-day period, BMC shall have no obligation to maintain any Customer Data and will thereafter delete Customer Data
• End-of-contract process: Upon termination or expiration, all rights and licenses will terminate and the customer will make no further use of the services. No termination will relieve the customer of the obligation to pay any fees accrued or payable to BMC pursuant to any order. Upon written request by the customer made within 45 days after the effective date of termination, BMC will make the Customer Content available for retrieval in an industry-standard format. After such 45-day period, BMC shall have no obligation to maintain any Customer Content and will thereafter delete Customer Content.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: The REST API is intended to be used by a script or program to interact with and control BMC Discovery from a remote machine. You can use the API for a variety of tasks, such as:; ; - Submitting discovery runs; - Managing credentials; - Querying the data in your system; - Uploading TKUs; ; The aim of the API is to enable you to perform most tasks that you can currently do through the BMC Discovery UI or command-line utilities. The XML and CSV export APIs are still supported, but the REST API provides more control when retrieving data, and a range of features across its endpoints.; ; The API follows the REST architectural style, so resources, HTTP verbs, and status codes are used. JSON is used for request and response bodies. The endpoints provided by the API are specified using the Swagger specification language. All endpoints use the OAuth 2.0 protocol for authentication.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
  • Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The Pattern Language, TPL, is used to describe applications, products and other real-world entities that have been modelled in BMC Discovery. The core purpose of TPL is to make it easy to describe the most common structures to be modelled while remaining powerful enough to describe the vast majority of modelling situations

Scaling

• Independence of resources: There are four classes of appliance deployment, which broadly follow how BMC Discovery is deployed in the field. These classes are differentiated by the number of Operating System Instances (OSIs) that are scanned by BMC Discovery.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: BMC Software

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: No
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: You can export the results of any search operation or any report in CSV format, enabling you to access the data using text editors, spreadsheet, and database applications
• Data export formats:
  • CSV
  • Other
• Other data export formats: XML
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: IPsec or TLS VPN gateway
• Data protection within supplier network: IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: This is a function of the Cloud provider
• Approach to resilience: This is a function of the Cloud provider
• Outage reporting: This is a function of the Cloud provider

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: The Administrator is responsible for setting up details of all the users who are permitted to use the BMC Discovery system. Users are allocated a user name and a password, which they must enter in order to log in to the system. Each user is a member of one or more user groups, which define the parts of the system that the user is permitted to access. For example, users defined as members of the Admin group are able to create and edit user details, while members of the Public group cannot access these areas.BMC Discovery can integrate with LDAP
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Please refer to the selected Cloud provider for details
• ISO/IEC 27001 accreditation date: Please refer to the selected Cloud provider
• What the ISO/IEC 27001 doesn’t cover: Please refer to the selected Cloud provider for details https://aws.amazon.com/compliance/iso-27001-faqs/
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: Please refer to the selected Cloud provider
• CSA STAR certification level: Level 5: CSA STAR Continuous Monitoring
• What the CSA STAR doesn’t cover: Please refer to the selected Cloud provider for details https://aws.amazon.com/compliance/iso-27001-faqs/
• PCI certification: Yes
• Who accredited the PCI DSS certification: Please refer to the selected Cloud provider for details
• PCI DSS accreditation date: Please refer to the selected Cloud provider
• What the PCI DSS doesn’t cover: Please refer to the selected Cloud provider for details AWS: https://aws.amazon.com/compliance/pci-dss-level-1-faqs/
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • https://aws.amazon.com/security/
  • https://www.bmc.com/corporate/trust-center.html
  • https://www.bmc.com/legal/data-privacy-binding-corporate-rules.html

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: This is a function of the Cloud provider
• Information security policies and processes: This is a function of the Cloud provider

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: This is a function of the Cloud provider https://docs.bmc.com/docs/display/public/helixsubscriber/BMC+Helix+Change+Management+policy
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: This is a function of the Cloud provider https://www.bmc.com/corporate/trust-center.html#tab-abec2ac6-f57c-4964-a132-46b9511008d4
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: This is a function of the Cloud provider https://docs.bmc.com/docs/display/public/helixsubscriber/System+monitoring
• Incident management type: Supplier-defined controls
• Incident management approach: This is a function of the Cloud provider https://docs.bmc.com/docs/display/public/helixsubscriber/BMC+Helix+Incident+Response+policy

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Tackling economic inequality:

  Tackling economic inequality

  To support this initiative, we recruited an apprentice who will earn an IT Technical Sales Level 3 Diploma, awarded by the British Computer Society. The programme offers a previously unemployed graduate the opportunity to consolidate existing competencies and nurture additional skills, to elicit a marked improvement in the habits and practices of Sales Professionals.

Pricing

• Price: £34.80 to £138.60 a server a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: 30-day trial licence, no limitations

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at keith@tekwurx.com. Tell them what format you need. It will help if you say what assistive technology you use.