Tekwurx Limited

BMC Helix Discovery

BMC Helix Discovery automates the discovery of IT assets in the data centre, hybrid and multi-cloud environments. It uses the discovered assets to build application maps that provide a holistic view of your assets and their relationships, supporting service management, cloud migration and security initiatives. Tekwurx is a BMC Partner.

Features

• Automated, continuous discovery of data centre assets
• Automated mapping of business applications
• Continuous content updates
• Over 4,000 data centre assets covered
• Open and secure
• Multi Cloud discovery and relationship mapping

Benefits

• 5-year average ROI of 470%
• 57% reduction in unplanned downtime
• 15% more efficient IT infrastructure teams
• Lower risk
• Reduced number of vulnerabilities

£189 a server a year

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at keith@tekwurx.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

514388154890847

Contact

Keith Pound
+44 208 148 3717
keith@tekwurx.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: BMC Helix Discovery is a stand-alone service but can add value when used with other BMC Software and Tekwurx products, including:; ; - Tekwurx uControl; - BMC Helix ITSM; - BMC Helix Control-M; - ServiceNow ITSM; - ServiceNow CMDB
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: You can customise BMC Helix services to suit your needs. BMC recommends that you review best practices recommendations for your applications before designing customisations to ensure the best experience for supportability and upgrades.
• System requirements: Supported browser is required

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: The BMC SaaS Operations team provides operation and management of BMC Helix Control-M services 24 hours a day, 7 days a week.; ; More details here: https://docs.bmc.com/docs/ctmhelix/service-levels-and-support-hours-964536235.html
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: The BMC SaaS Operations team provides operation and management of BMC Helix Control-M services 24 hours a day, 7 days a week. ; ; https://docs.bmc.com/docs/ctmhelix/service-levels-and-support-hours-964536235.html; ; Tekwurx can provide additional support as costed options
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Tekwurx has extensive experience in architecting and deploying BMC Helix Discovery solutions, from single installations covering a few hundred devices through to 50+ Discovery appliances discovering in excess of 150,000 devices. We focus on delivering the highest quality project for each and every client. ; ; A typical engagement consists of:; ; - Initial discussion to understand the basic requirements; - Review the “as-is”; - Follow-up discussion to clarify details and agree on the scope and estimated project fees; - Deliver an in-depth workshop to better understand the details, develop the design and agree on all major elements of the project deliverables; - Produce the architecture design; - Deploy agreed design; - Undertake UAT testing and production deployment; - Create build and configuration documentation; - Provide knowledge transfer and training sessions; - Work with the customer on initial BAU remediation activities; - Provide on-going support
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats: We will conform to the customer's preferred format
• End-of-contract data extraction: Upon written request by Customer made within 45 days after the effective date of termination, BMC will make the Customer Data available to Customer for retrieval in an industry-standard format. After such 45-day period, BMC shall have no obligation to maintain any Customer Data and will thereafter delete Customer Data
• End-of-contract process: Upon termination or expiration, all rights and licenses will terminate and the customer will make no further use of the services. No termination will relieve the customer of the obligation to pay any fees accrued or payable to BMC pursuant to any order. Upon written request by the customer made within 45 days after the effective date of termination, BMC will make the Customer Content available for retrieval in an industry-standard format. After such 45-day period, BMC shall have no obligation to maintain any Customer Content and will thereafter delete Customer Content.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: The REST API is intended to be used by a script or program to interact with and control BMC Discovery from a remote machine. You can use the API for a variety of tasks, such as:; ; - Submitting discovery runs; - Managing credentials; - Querying the data in your system; - Uploading TKUs; ; The aim of the API is to enable you to perform most tasks that you can currently do through the BMC Discovery UI or command-line utilities. The XML and CSV export APIs are still supported, but the REST API provides more control when retrieving data, and a range of features across its endpoints.; ; The API follows the REST architectural style, so resources, HTTP verbs, and status codes are used. JSON is used for request and response bodies. The endpoints provided by the API are specified using the Swagger specification language. All endpoints use the OAuth 2.0 protocol for authentication.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
  • Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The Pattern Language, TPL, is used to describe applications, products and other real-world entities that have been modelled in BMC Discovery. The core purpose of TPL is to make it easy to describe the most common structures to be modelled while remaining powerful enough to describe the vast majority of modelling situations

Scaling

• Independence of resources: There are four classes of appliance deployment, which broadly follow how BMC Discovery is deployed in the field. These classes are differentiated by the number of Operating System Instances (OSIs) that are scanned by BMC Discovery.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: BMC Software

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: No
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: You can export the results of any search operation or any report in CSV format, enabling you to access the data using text editors, spreadsheet, and database applications
• Data export formats:
  • CSV
  • Other
• Other data export formats: XML
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: IPsec or TLS VPN gateway
• Data protection within supplier network: IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: BMC Helix services are delivered from a variety of cloud locations that seamlessly scale to meet performance requirements and consumption demands. Our typical availability SLA is 99.9% unless contracted otherwise. BMC readily hits 99.98% average availability with real service credits for a breach.; ; More details here: https://www.bmc.com/corporate/trust-center/availability.html
• Approach to resilience: With BMC Helix, we’ve built availability and resiliency into every layer: from physical security through to computer, network, and storage. Our employees and contractors are rigorously trained to protect your data at every turn, and to safeguard the integrity of how data is shared.; ; The BMC Security Operations Center (SOC) and Network Operations Center (NOC) teams work 24x7x365 to ensure the continuous and secure operation of your service. The NOC makes extensive use of BMC’s world class monitoring and automation solutions, and frequently resolves potential incidents before they impact customers.; ; Service environment: Separate customer environments are provisioned for your BMC Helix services. Customer data is not co-mingled with other customer data or between environments.; ; Service availability: Our Information Systems Contingency plan (ISCP) establishes comprehensive procedures to recover BMC Helix services quickly and effectively following a service disruption.; ; More details here: https://www.bmc.com/corporate/trust-center/availability.html
• Outage reporting: BMC reports service availability on it's Trust Site: https://trust.onbmc.com/trustsite/index.php

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: The Administrator is responsible for setting up details of all the users who are permitted to use the BMC Discovery system. Users are allocated a user name and a password, which they must enter in order to log in to the system. Each user is a member of one or more user groups, which define the parts of the system that the user is permitted to access. For example, users defined as members of the Admin group are able to create and edit user details, while members of the Public group cannot access these areas.BMC Discovery can integrate with LDAP
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Please refer to the selected Cloud provider for details
• ISO/IEC 27001 accreditation date: Please refer to the selected Cloud provider
• What the ISO/IEC 27001 doesn’t cover: Please refer to the selected Cloud provider for details https://aws.amazon.com/compliance/iso-27001-faqs/
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: Please refer to the selected Cloud provider
• CSA STAR certification level: Level 5: CSA STAR Continuous Monitoring
• What the CSA STAR doesn’t cover: Please refer to the selected Cloud provider for details https://aws.amazon.com/compliance/iso-27001-faqs/
• PCI certification: Yes
• Who accredited the PCI DSS certification: Please refer to the selected Cloud provider for details
• PCI DSS accreditation date: Please refer to the selected Cloud provider
• What the PCI DSS doesn’t cover: Please refer to the selected Cloud provider for details AWS: https://aws.amazon.com/compliance/pci-dss-level-1-faqs/
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • https://aws.amazon.com/security/
  • https://www.bmc.com/corporate/trust-center.html
  • https://www.bmc.com/legal/data-privacy-binding-corporate-rules.html

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: This is a function of the Cloud provider
• Information security policies and processes: The Product Security Group at BMC is responsible for upholding BMC's corporate standards of quality, especially as those standards relate to defining, evangelising, and measuring all aspects of security within all product line development lifecycles. BMC has a governing policy, metrics, and guidelines for ensuring all BMC products meet security standards.; ; More details here: https://docs.bmc.com/docs/security/a-holistic-approach-to-bmc-product-security-851061458.html

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: This is a function of the Cloud provider https://docs.bmc.com/docs/display/public/helixsubscriber/BMC+Helix+Change+Management+policy
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: This is a function of the Cloud provider https://www.bmc.com/corporate/trust-center.html#tab-abec2ac6-f57c-4964-a132-46b9511008d4
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Identifying a problem before it impacts service is critical to outage avoidance. BMC has extensive monitoring capabilities in place to proactively monitor performance for the production instances through use of its own tools.; ; More details here: https://docs.bmc.com/docs/helixsubscriber/system-monitoring-826833345.html
• Incident management type: Supplier-defined controls
• Incident management approach: BMC's incident management procedure enables swift response to any potential incident. This procedure covers emergency incidents, escalation, and public vulnerability disclosure. BMC’s practices include procedures for documenting the incident in detail and producing a report for future reference or management attention.; ; More details here: https://www.bmc.com/corporate/trust-center/vulnerability-disclosure.html

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Tekwurx cloud solutions and services assist in COVID-19 recovery efforts by:; 1. Facilitating remote work setups, allowing businesses and organisations to continue operations while adhering to social distancing measures.; 2. Tekwurx Cloud services offer scalability and flexibility, enabling organisations to quickly scale up or down their IT resources based on fluctuating demands

  Covid-19 recovery

  Tekwurx cloud solutions and services assist in COVID-19 recovery efforts by:; 1. Facilitating remote work setups, allowing businesses and organisations to continue operations while adhering to social distancing measures.; 2. Tekwurx Cloud services offer scalability and flexibility, enabling organisations to quickly scale up or down their IT resources based on fluctuating demands

  Tackling economic inequality

  Tekwurx Cloud Solutions and Services can tackle economic inequality by fostering inclusive practices within the company, investing in communities, and advocating for policies that promote economic justice and opportunity for all.

  Equal opportunity

  TekWurx Cloud Solutions and Services promotes equal opportunities in several ways:; 1. We implemented diverse hiring practices that ensure our workforce represents various backgrounds, including gender, race, ethnicity, and socio-economic status. This promotes equal opportunities within the company itself.; 2. We offer training and development programs that help all our team develop the skills they need to advance within the company; 3. We ensure that promotions and opportunities for advancement within the company are based on merit rather than factors such as gender or ethnicity. This creates a level playing field for all employees.

  Wellbeing

  By focusing on efficiency, flexibility, security, collaboration, customer satisfaction, and employee development, TekWurx's cloud solutions and services can significantly promote well-being within its team and customer base.

Pricing

• Price: £189 a server a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: 30-day trial licence, no limitations
• Link to free trial: https://tekwurx.com/contact-us/

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at keith@tekwurx.com. Tell them what format you need. It will help if you say what assistive technology you use.