OSG CLOUD LIMITED

Infrastructure as a Service - IaaS

Secure Hybrid Cloud platform providing an Infrastructure as a Service (IaaS) offering, leveraging VMware Cloud Foundation (vSphere, NSX and vSAN) to deliver software-defined data centres (SDDCs) as a cloud service delivered on DellEMC' VxRAIL platform out of UK based Tier3+ data centres.

Can be delivered as a fully managed service.

Features

• Dedicated private cloud infrastructure
• Powerful management, automation and orchestration platform
• Leverages hyper converged infrastructure
• Features VMware vSAN, NSX SDN and vCloud Director technologies
• Enterprise SLAs for a Private Cloud environment
• Enterprise level security
• Fully automated installation with VMware tools
• Software Defined Data Centre as a Service
• Compliant & audited
• Fully managed and security services available

Benefits

• Single-tenant architecture enables private cloud compliance
• Jointly engineered to deliver the best of VMware and VxRAIL
• Unparalleled security of VMWare NSX-T
• Achieve multi cloud operating model with VMWare Cloud Foundation
• Faster deployment and reduced errors through use of VMware tools
• Simplified management of Data Centre resources
• Faster deployment and reduced errors through use of VMware tools
• Ready to deploy Hybrid IT model with turnkey like simplicity
• Support existing and next-generation applications and containers in one platform
• Reduced financial risk enabled by predictable cost model

£0 to £10,000 a unit a month

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at brian.mccrory@osgcloud.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

632033285338868

Contact

Brian McCrory
02894485112
brian.mccrory@osgcloud.co.uk

Service scope

• Service constraints: Services delivered exclusively from UK data centre locations
• System requirements: N/A

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Support tickets are responded to in line with agreed SLA based on priority, impact or escalation; and can be bespoke to each customers.; ; As an example, standard response times are based on:; ; P1 - 15 Minutes; P2 - 1 Hour; P3 - 4 Hours; P4 - 8 Hours
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Support levels are dependant on the priority / severity of the support and aligned to service level agreement (SLA); ; Depending on the complexity of the infrastructure we can provide specific support roles such as cloud and solutions architects, systems engineers and technical account managers,
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The OSG onboarding team provide a flexible service to ensure customers are educated to ensure best use of the platform. There are also a range of online resources available to help to start using the vCloud Director, including comprehensive documentation (in multiple formats), introductory videos, hands-on labs, online and in-person training, and support from the OSG customer success and account team.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Migration of data to and from VMware Cloud can be fully managed by the customer. Documentation exists along with additional tools and services to facilitate any migration. VMware Cloud natively runs VMware vSphere which stores customer data in an industry accepted virtual machine format and VMware vSphere natively supports the Open Virtualization Format (OVF), making it simple to download, clone, migrate, copy, port or transfer workloads between environments.
• End-of-contract process: If you are using the Service Offering on an on-demand basis, you can cancel at any time by deleting your SDDC, using the vCloud Director interface. You will be charged for all usage up to the point of termination. Unless you purchase a new subscription, upon expiration of the Subscription Term all services will continue to operate on an on-demand basis, and you will be billed at the then current on-demand rate for those services until you cancel your on-demand use.

Using the service

• Web browser interface: Yes
• Using the web interface: VMware vCloud Director (vCD) is the web interface presented to customers.; ; This extremely user friendly and intuitive interface enables clients to scale environments up and down, provision firewall rules, manage virtual load balancers, copy entire environments for migration or replication, set up NAT, provision site-to-site or client-to-site VPNs, do SSL offloading, mount CD ROM drives, reboot, and much more.
• Web interface accessibility standard: WCAG 2.1 A
• Web interface accessibility testing: The vCloud Director interface has undergone accessibility testing - please see: https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/product/vpat/vmware-vcloud-director-9.0-for-service-providers-vpat.pdf
• API: Yes
• What users can and can't do using the API: Extensive APIs are exposed through vCloud Director to facilitate automation and provide extensive customer interaction with the platform.; ; To begin using the API, clients request the system to create a session object. In this request, clients supply credentials in an authorisation header of the form prescribed by the identity provider that your organisation uses. The response includes an authorisation token, which must be included in subsequent requests.; ; Once access is enabled, the vCloud API Schema Reference includes reference material for all elements, types, operations, and queries in the vCloud API.
• API automation tools:
  • Ansible
  • Chef
  • Terraform
  • Puppet
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: The OSG VMware Cloud Foundation platform is a private cloud platform that will be physically and logically dedicated to a specific customers at all levels including Network, Compute and Storage. The platform is isolated from 'nieghbours' and the customer can make full use of its performance capabilities.
• Usage notifications: Yes
• Usage reporting:
  • API
  • Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • SDDC Configuration information
  • VM Level Backups
• Backup controls: Backups, including scheduling, retention periods and VM and file level restores are managed through the Veeam console, accessed through vCloud Director.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery: Users can recover backups themselves, for example through a web interface

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: OSG provides a minimum of 99.999% Availability for infrastructure resources and individual VMs under service level agreement (SLA). Punitive measure are in place that provide for a service credit regime for any failure to meet SLA.
• Approach to resilience: We operate a minimum N+1 configuration across our entire service delivery stack to ensure zero points of failure, with enough redundancy and capacity built in to absorb and tolerate hardware and service delivery chain failures.
• Outage reporting: OSG report outages by sending automatic email alerts to the customer. Following any outage a full root cause analysis is performed and comprehensive report of findings and remedial actions taken, including and future improvements, is delivered to the customer.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Management interfaces implement role-based access controls and require members to authenticate against the corporate identity provider. Access is managed through the management gateway which restricts access based on originating IP address and SSL usage. Additional security and authentication mechanisms including the use of time-based credentials are used to secure and monitor access.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: SGS United Kingdom Ltd
• ISO/IEC 27001 accreditation date: 16/04/2021
• What the ISO/IEC 27001 doesn’t cover: All parts of our service are within the scope of our ISMS.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: There are a number of policies and processes that apply across OSG internal and customer infrastructures; policies are critical for providing assurance to customers, regulators and auditors. OSG takes seriously the confidentiality, integrity and availability of data placed in its care. There are also a number of guidelines that OSG follow while working with confidential and/or personal data. The policies include, but not limited to, Access Control Policy, Application Control Policy, Antivirus Policy, Asset Management Policy, Data Centre Design Policy, Conditions of use of IT facilities at CenturyLink, Confidential Information Transfer Policy, Electronic Messaging Policy, IT User Accounts Policy, Laptop Encryption Policy, Network Connection Policy, Password Policy, Patch Management Policy, PCI DSS Compliance Policy, Information Security Policy, Remote Access Policy, etc.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: The VMware Cloud has a comprehensive development lifecycle and change management system in place. Continuous reviews and testing occur on the software development pipelines for individual products and components. VMware generates builds from approved components and runs these through BITs (Basic Integration tests), PVTs (Product Validation Tests), FSLite (Feature Stress Lite tests) and continuous Loop tests for Deployment, Upgrade, and Cluster expansion / reduction. Additionally, we run performance tests, feature stress tests, security scans, vulnerability tests and System Tests at scale for every cycle.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: VMware has a comprehensive vulnerability management program in place which includes continuous internal and regular third-party vulnerability scanning and penetration testing. The VMware Security Response Centre (VSRC) leads the analysis and remediation of service security issues. VSRC receives reports directly, and monitors the ecosystem for relevant security issues and works with VMware Research and Development to develop and resolve issues. In partnership with DellEMC and VMWare we have the capability to rapidly patch vulnerabilities. Remediation efforts and timelines are prioritized and applied using industry best practices.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: The Service Desk is the single point of contact for requests and incidents and also provides constant proactive monitoring, vendor management and communication of incidents within a client’s environment.; The Service Desk is staffed with Incident Specialists who are responsible for monitoring and responding events. They have management control over customer infrastructure and adhere to a strict functional escalation methodology to enable rapid fault isolation and restoration of customer services. Incident Specialists communicate directly with the customer during incident troubleshooting and resolution or change execution.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: OSG will provide customer support 24 x 7. When an Incident or Request occurs, COSG will use reasonable efforts to meet the Time to Respond Objectives we have in place.; Incidents are categorised as severity levels P1 (Urgent), P2 (High), and P3 (Medium). Requests are categorised as severity levels P1 (Urgent) or P4 (Low).; There are four ways for a customer to initiate a request:; Proactive monitoring, phone call, portal or e-mail.; ; Updates for P1 Incidents are sent every hour, P2 Incidents and P1 Requests are sent every four hours. P3 Incidents and P4 Requests are sent every 24 hours.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: VMware
• How shared infrastructure is kept separate: The OSG Cloud platform is a true multi-tenanted platform that can be logically separated and dedicated to a specific client's at all levels including Network, Compute and Storage. ; ; The platform is fully software defined, adn vCloud Director enables individual customer virtual data centres (vDC) to be provisioned and fully isolated from other vDCs.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: OSG and its datacentre providers are committed to incorporating environmental sustainability principles and practices throughout our operations as we work to serve our customers and our communities.; We demonstrate this commitment by establishing long-term greenhouse gas (GHG) emissions reductions targets, purchasing renewable energy to power our network and facilities in EMEA, operating certain facilities according to ISO 14001 certified Environmental Management Systems and/or ISO 50001 certified Energy Management Systems, implementing waste minimization, re-use and recycling initiatives, and by effectively managing our environmental compliance obligations globally.; All the data centres managed under the ISO50001 EMS are also supported under the EU Code of Conduct

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  OSG continuously strive to minimise the impact of our operations on the environment, while maximising sustainable business practices to better serve our employees, customers, partners, shareholders and communities.

  Tackling economic inequality

  OSG support and strengthen our local communities by enabling employees to donate time and resources where they are most passionate, by investing in causes that have a positive social impact, and by providing skills to people around the world to help maximise their full potential. Through our giving back program, our employees have helped students realise more of their limitless potential with consistent, hands on mentoring in life skills and academic subjects.

  Equal opportunity

  We have a robust recruitment policy that drives equality from the top down. Our aim is to always recruit the person who is most suited to each role, whether the candidate is internal or external. We recruit solely on the basis of the candidate’s skills, capabilities and individual meri tas measured against the criteria for the role. Qualifications, experience, and skills may also be assessed at the level that is relevant to the job. We are committed to applying our equality, diversity and inclusion policy at all stages of the recruitment and selection process. We always carry out shortlisting, interviewing and selection without regard to an applicant's sex, gender identity, sexual orientation, marital or civil partnership status, skin colour, race, nationality, ethnic or national origins, religion or belief, age, pregnancy or maternity leave.

  Wellbeing

  We are committed to creating a compassionate workplace where all employees feel supported personally and professionally by challenging the stigma surrounding mental health, raising awareness, and offering education opportunities. We ensure that our team are supported, remain in communication with management and each other, and understand that they can speak openly to their managers about their health and wellbeing to encourage discussion about how we can help them. Our programme of activities is run by our internal mental health and wellbeing ambassadors to help promote positive mental health and embed it into the culture of the organisation.

Pricing

• Price: £0 to £10,000 a unit a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Full Org vDC provisioned with limited resource allocation for up to 1 month available upon request.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at brian.mccrory@osgcloud.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.