Coreix Public Cloud Solo VM X Large

Service scope

Service constraints: Coreix infrastructure is built to be truly resilient and work alongside our SLAs of 100% uptime, 100% Network & 100% Infrastructure. Our support team are available 24/7/365 with a 5 minute response time based at our on site NOC. We look after and monitor our services at the infrastructure level as well as any networking or licensing that is required.
System requirements: Internet Connection

User support

Email or online ticketing support: Email or online ticketing
Support response times: We offer 5 minute response times 24/7/365 as standard
User can manage status and priority of support tickets: Yes
Online ticketing support accessibility: WCAG 2.1 AAA
Phone support: Yes
Phone support availability: 24 hours, 7 days a week
Web chat support: Web chat
Web chat support availability: 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard: None or don’t know
How the web chat support is accessible: Appears on website as a prompt for engagement. Colours provide decent contracts with standard features as provided by our website provider. Can be navigated by keyboard as well as correctly built alt text for ease.
Web chat accessibility testing: N/A
Onsite support: Onsite support
Support levels: We offer 1 hour remote hands as standard per month for all of our customers broken down into 15 minute intervals. Additional hours can be brought at £50.00/month for a commitment or £75.00 ad hoc charge.

This covers all requirements with any time taken over the allocated amount being charged ad hoc and invoiced in arrears.
Support available to third parties: Yes

Onboarding and offboarding

Getting started: Coreix has a number of how to articles on our knowledgebase for users to consult in the first instance on how to use the system in place. We have a dedicated technical team available to answer any questions as well as a competent sales team who can demonstrate how best to use the features and functionality of the my.coreix portal.
Service documentation: Yes
Documentation formats: PDF
End-of-contract data extraction: Due to the nature of the work involved this would involve a consultation with our technical team to ensure the best course of action is taken. This would be organised in line with our account management team with timescales before the end of the contract. We believe at Coreix that data extraction should not be an arduous job and will work with you, be that by providing external infrastructure, helping move the data with your technical team or making recommendations.
End-of-contract process: At Coreix the end of contract procedure is simple. Our cancellation team will engage with you prior to the end of the contract to ensure the solution is indeed to be ceased. We will remove any information or documentation in line with our policies and procedures and remove access to the service. The information will be wiped and the VM/resources moved back into stock.

Using the service

Web browser interface: Yes
Using the web interface: Monitor: The Coreix portal gives access to a number of useful tools to monitor the use of your services. See key information such as IP addresses, resource utilisation and key stats. This gives access to the status of your infrastructure with the ability to build VMs directly from the resource pool you have access to.

Services: Buy, provision, upgrade, downgrade or cancel your services directly through the portal with transparent pricing and clarity on how this will impact your solution.

Users: Assign as many users as required to access the portal and decide how much access each user gains to information and access control. You can control who gains access to certain sections through predefined roles or fully customise the experience. Roles such as Billing, Technical, Buyer or full admin are available out of the box.

Raise tickets directly through the portal. The portal will allow you to send tickets to our Technical Team, Sales Team & Billing Team. Set preferences on what alerts you will receive via text or email and access our knowledgebase for any frequently asked questions.

Fully limit how much access users gain or give full access ot change control to suit your needs.
Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
Web interface accessibility testing: Unfortunately the portal does not come with assistive technology users in mind out of the box, we have made a concerted effort to ensure they layout and design of our portal doesn't cause too many problems.
API: No
Command line interface: Yes
Command line interface compatibility: Linux or Unix

Windows

Other
Using the command line interface: Gain direct access to the command line interface via the portal with full admin privileges for you to run any actions as reasonably required.

Scaling

Scaling available: Yes
Scaling type: Manual
Independence of resources: Our resources are not contended and for the allocated resources product stack we offer we ensure you n effect have your own private cloud solution to build your resources. Our infrastructure is scalable and we ensure more resources are added before we hit any thresholds to limit performance.
Usage notifications: Yes
Usage reporting: Email

Other

Analytics

Infrastructure or application metrics: Yes
Metrics types: CPU

Disk

HTTP request and response status

Memory

Network

Number of active instances
Reporting types: Real-time dashboards

Reports on request

Resellers

Supplier type: Not a reseller

Staff security

Staff security clearance: Conforms to BS7858:2019
Government security clearance: Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: United Kingdom
User control over data storage and processing locations: Yes
Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency: At least once a year
Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest: Physical access control, complying with another standard
Data sanitisation process: Yes
Data sanitisation type: Explicit overwriting of storage before reallocation

Deleted data can’t be directly accessed

Hardware containing data is completely destroyed
Equipment disposal approach: A third-party destruction service

Backup and recovery

Backup and recovery: Yes
What’s backed up: Files

Virtual Machines

Databases
Backup controls: You can access different levels of backups with different schedule to suit your requirements. We offer a fully managed service with no access granted to our client or a service where you have complete control over the frequency, retention and location of the backup.
Datacentre setup: Multiple datacentres with disaster recovery
Scheduling backups: Supplier controls the whole backup schedule
Backup recovery: Users can recover backups themselves, for example through a web interface

Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks: Private network or public sector network

TLS (version 1.2 or above)

IPsec or TLS VPN gateway

Bonded fibre optic connections
Data protection within supplier network: TLS (version 1.2 or above)

IPsec or TLS VPN gateway

Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability: 5 MINUTE RESPONSE SLA
in place, all tickets will be answered within this time period. If you would like to get in touch with the support team, please contact support@coreix.net.

100% INFRASTRUCTURE AVAILABILITY

Coreix commits to the availability of power and HVAC (heating, ventilation and air conditioning) 100% of the time in any given month.

In the case of HVAC, the achievement of this level will apply when;

(i) an average daily room temperature of between 18 and 28 degrees Celsius is achieved and

(ii) an average room relative humidity of 50% (+/- 30%) is achieved.

In the case of power, the achievement of this level will apply when uninterrupted power is delivered to the server/firewall or, in the case of collocation, to the power bar.

100% NETWORK AVAILABILITY

Coreix commits to the availability of its network services 100% of the time in any given month.

The network will be considered available where

(i) it is possible to transmit and receive data across the network equipment owned and managed by Coreix, and

(ii) it is possible to connect to Coreix border routers via any of the Coreix network providers

credit information found at coreix.net/about/service-level-agreement
Approach to resilience: We operate tier 3 plus data centres with full network resiliency and A + B power to all devices. More information is available upon request
Outage reporting: Coreix has a dedicated page for status updates at status.coreix.net in which we regularly update. You can subscribe to email alerts from this page as well to ensure you are always abreast of any upcoming works. For any planned maintenance we will be in direct contact with all affected to make them aware of how this will impact their services prior to any work being done.

Identity and authentication

User authentication: 2-factor authentication

Public key authentication (including by TLS client certificate)

Username or password

Other
Other user authentication: Our security settings allow for a predefined IP address being required to access the portal for an additional level of security.
Access restrictions in management interfaces and support channels: Customise or use predefined roles to limit the access to all of your users. Sort by department or business function to allow authority where needed. Coreix also runs an authorised contact policy which requires you to be a named individual to be able to raise support tickets, access confidential information or request cancellation. Using security questions and escalation procedures allows for varying level of restrictions to suit your requirements for management of resources or support information.
Access restriction testing frequency: At least every 6 months
Management access authentication: 2-factor authentication

Public key authentication (including by TLS client certificate)

Username or password

Other
Description of management access authentication: Our security settings allow for a predefined IP address being required to access the portal for an additional level of security.
Devices users manage the service through: Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information: Users have access to real-time audit information
How long user audit data is stored for: User-defined
Access to supplier activity audit information: Users have access to real-time audit information
How long supplier audit data is stored for: User-defined
How long system logs are stored for: At least 12 months

Standards and certifications

ISO/IEC 27001 certification: Yes
Who accredited the ISO/IEC 27001: Alcumus
ISO/IEC 27001 accreditation date: 29/03/2021
What the ISO/IEC 27001 doesn’t cover: N/A
ISO 28000:2007 certification: No
CSA STAR certification: No
PCI certification: Yes
Who accredited the PCI DSS certification: Clone systems INC T/A Server Scan
PCI DSS accreditation date: 17/11/2021
What the PCI DSS doesn’t cover: This is for Coreix services.
Cyber essentials: Yes
Cyber essentials plus: No
Other security certifications: No

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: Yes
Security governance standards: ISO/IEC 27001
Information security policies and processes: Coreix runs a number of regular internal and external audits to ensure we remain in line with our ISO accreditations. We run quarterly compliance meetings with our dedicated compliance manager and board level sign off. We have a strict policy around information management with levels of reporting and approvals built into our BMS.

Operational security

Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach: As part of our quality assurance process and commitment to our ISO 9001 Quality Management certification we follow rigorous policies and procedures around configuration and change management. By providing a audit log we can ensure we have a full log of the lifetime of components as well as the outcome of any testing that could negatively impact us.
Vulnerability management type: Supplier-defined controls
Vulnerability management approach: Coreix run a number of tests both internal and externally such as Pen testing to ensure our infrastructure is protected from any vulnerabilities. We regularly schedule deployment of patch's for our internal infrastructure and often recommend the same to our clients. Our on Site NOC team keep abreast of any potential threats and make sure our systems are built to manage and mitigate any potential problems. Our network team are dedicated to ensuring the integrity of our infrastructure.
Protective monitoring type: Supplier-defined controls
Protective monitoring approach: Coreix use a number of different monitoring systems constantly monitored by our NOC team 24/7/365. Any alerts are immediately checked, confirmed and raised with the client for awareness. We offer different levels of monitoring or management depending on needs and requirements.
Incident management type: Supplier-defined controls
Incident management approach: Coreix has a number of pre defined processes to ensure consistency in how we report and manage any incidents. Our status.coreix.net page is regularly updated for visibility during an incident as well as direct lines of communication raised for any impacted. Once resolved incident reports are generated upon request, within 24 hours. If users feel there is an incident and can see no record of this being raised by Coreix, they can raise a request directly with our support team by phone, email, ticket or live chat.

Secure development

Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
Who implements virtualisation: Supplier
Virtualisation technologies used: KVM hypervisor
How shared infrastructure is kept separate: We offer Openstack, VMWare, Hyper-V & Promox as standard for this. Our policies and procedure ensure that in the majority of cases solutions that have a high regard for security will be deployed on their own infrastructure. If the need is required to place this on shared infrastructure we ensure through the use of virtualisation we keep data intact and separated.

Energy efficiency

Energy-efficient datacentres: Yes
Description of energy efficient datacentres: Our data centres run in adherence of the EUs independent scheme for the Code f Conduct for Data Centres to ensure we have adopted energy efficiency best practices. We regularly recommend more energy efficient solutions for our customers as champion reducing our energy consumption with a core company target based around our power consumption, reviewed quarterly.

Fighting climate change: Fighting climate change

Coreix is committed to help tackle climate change whereby we focus on being as energy efficient as possible to minimise our impact on the environment. We have ISO 14001 to ensure we are held accountable and use 100% renewable energy in our flagship data centre
Equal opportunity: Equal opportunity

Coreix aims to ensure no applicant or employee receives less favourable treatment due to race, sexuality, gender, age, disability, religious belief or marital status.
As an equal opportunities employer we aim to ensure no one is disadvantaged by conditions or requirements which cannot be shown.
Wellbeing: Wellbeing

Coreix is committed to providing a healthy working environment and improving the quality of working lives for all staff. The wellbeing strategy aims to support the
company’s mission and core values of freedom of thought and expression, freedom from discrimination and the recognition that our staff are our greatest asset

Pricing

Price: £56.87 a virtual machine a month
Discount for educational organisations: Yes
Free trial available: Yes
Description of free trial: You gain access to the required VM for a period of 1 week. When the trial ends we close this down or agree a contractual commitment to the solution
Link to free trial: My.coreix.net

Coreix Public Cloud Solo VM X Large

Features

Benefits

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Backup and recovery

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Separation between users

Energy efficiency

Pricing

Service documents

Cookies on Digital Marketplace

Coreix Public Cloud Solo VM X Large

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Backup and recovery

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Separation between users

Energy efficiency

Social Value

Pricing

Service documents