CenturyLink Communications UK Limited

Colt Private Cloud

Offering UK Public Sector the latest software-defined solutions delivering completely integrated Infrastructure-as-a-Service (IaaS) in isolated single tenant environments. Hosted in our UK Sovereign datacentres, or your chosen datacentres, suitable for OFFICIAL or OFIFICIAL SENSITIVE workloads. Built on industry-leading technologies -VMware Cloud Foundation, DELL, Microsoft Azure Stack.

Features

• Dedicated private cloud infrastructure
• Powerful management, automation and orchestration platform
• Leverages hyper converged infrastructure
• Features VMware vSAN, NSX SDN and vCloud Director technologies
• Enterprise SLAs for a Private Cloud environment
• Compliant and audited
• Enterprise level security
• Fully automated installation with VMware tools
• Software Defined Data Centre as a Service

Benefits

• Single-tenant architecture enables private cloud compliance
• Simplified management of Data Centre resources
• Enhanced security via micro-segmentation
• Enables application continuity through replication of entire application environments
• Faster deployment and reduced errors through use of VMware tools
• Rigorous SLAs ensure service availability for your users
• Bring your own IP address
• Lower total cost of ownership and improved time to value
• Reduced financial risk enabled by predictable cost model
• Ready to deploy Hybrid IT model with turnkey like simplicity

£1,800 to £4,150 a server a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at conor.mcevoy@colt.net. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

868455441954051

Contact

Conor McEvoy
07917 077693
conor.mcevoy@colt.net

Service scope

• Service constraints: Colt offers a flexible Private Cloud service that can vary in configuration. The constraints are dependent on the services subscribed by the customers. This can be provided and detailed upon request.
• System requirements: No specific system requirements are needed

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: This is service / agreed SLA dependent. The response SLAs varies between 15 minutes to over 4 hours dependent on the severity level of the ticket. The response times also varies depending the support level agreed. Colt provides various levels starting 8/5 weekdays only to 24/7 support.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: The support levels are dependant on the priority / severity of the support request. The support levels varies from Tier 1 support to Tier 4 support. Depending on the complexity of the infrastructure Colt can provide specific support roles such as TSE (Technical Services Engineer), TOM (Technical Operations Manager), TAM (Technical Account Manager, CTA (Client Technology Advisor), etc... at additional cost under Colt's "Consulting Services".
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The Colt Private Cloud onboarding team provide a flexible service to ensure that the customer is educated to ensure best use of the platform. The first week is usually introductions to the people and programme and at least one training session.The Assisted Deployment is where the QuickStart team assists you in building out additional VMs, creating reports, and working with backups and your other services.The final closure phase is where the QuickStart Team ensures the goals set out in the first meeting were met, and reviews all the support contacts and processes so that you know how to engage Colt for ongoing support. Extended onboarding engagements are available on request.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: This is service dependant and also depends on the complexity of the infrastructure services provided. Colt has a standard methodology for the creation of an exit plan for its customers. The costs and timescales are wholly dependent on the size of the infrastructure, the requirements of the customer and the customer needs for the transfer of data back to the customer or its new supplier. A customer can request the return of data on a standard CD format or stored onto unique tape media, encrypted, duplicated and shipped to separate locations.
• End-of-contract process: Colt has a standard methodology for the creation of an exit plan for its customers. The costs and timescales are wholly dependent on the size of the infrastructure, the requirements of the customer and the customer needs for the transfer of data back to the customer or its new supplier. At a high-level the proposed exit plan methodology, under a statement of work, would be as follows: The contract reaches the point of natural expiry is terminated as per the contract, or another trigger event occurs that requires the implementation of an exit plan. Colt Professional Services / Project Manager will own execution of the plan within Colt. Professional Services / Project Manager discuss with customer exactly what is required of the migration. Professional Services / Project Manager engage the areas of the business required to deliver on the plan. If this exceeds contracted thresholds for exit costs, or is otherwise chargeable under the contract then these charges will be agreed with customer before commencement of the plan. Execute in accordance with the agreed plan.

Using the service

• Web browser interface: Yes
• Using the web interface: VMware vCloud Director (vCD) is the web interface presented to the customer. With just a minimal amount of familiarity with vCloud Director, clients will be able to scale environments up and down, provision firewall rules, manage virtual load balancers, copy entire environments for migration or replication, set up NAT, provision site-to-site or client-to-site VPNs, do SSL offloading, mount CD ROM drives, reboot, and much more.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: VMware is dedicated to supporting users with disabilities. The available Voluntary Product Accessibility Templates (VPATs) document the accessibility features found in VMware’s products so as to address the regulations of Section 508 and EN 301 549.
• Web interface accessibility testing: None
• API: Yes
• What users can and can't do using the API: Extensive APIs are exposed through vCloud Director to facilitate automation and provide extensive customer interaction with the platform. To begin using the API, clients request the system to create a session object. In this request, clients supply credentials in an authorisation header of the form prescribed by the identity provider that your organisation uses. The response includes an authorisation token, which must be included in subsequent requests. Once access is enabled, the vCloud API Schema Reference includes reference material for all elements, types, operations, and queries in the vCloud API
• API automation tools:
  • Ansible
  • Chef
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: Colt Private Cloud on VMware Cloud Foundation platform is a dedicated / private cloud platform that will be physically and logically dedicated to a specific customers at all levels including Network, Compute and Storage. The platform will be physically and logically isolated from other users / customers and the customer can make full use of its performance capabilities.
• Usage notifications: Yes
• Usage reporting:
  • API
  • Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Simple Backup - Object Storage Data File Backup only
  • Dedicated Backup Appliance, VM Level Backups on Dedicated equipment
  • Total backup Size options from 19TB up to 960TB
  • This option backs up the VM, Guest OS
  • Application and All of the VMDK (Date files)
• Backup controls: Each of the two Backup and Recovery Product Options have an interface to control the backup profiles you want for each VMDK Datastore and or VM. Backup includes data backup and restore on demand, utilising high capacity and high availability tape libraries. Backup Encryption provides the same services as Utility Backup with the addition of data encryption throughout the lifecycle of the data Vaulting includes retention, data management and rotation of data to off-site secure data archiving facilities. Service is only available to Customers whose backups are managed by Colt. Backup targets and schedules can be adjusted via Colt support.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
  • Other
• Other protection within supplier network: Colt will protect the customer data by using various mechanisms at different levels depending upon the complexity and protection levels, this includes but not limited to; physically and logically isolating the data with the environment, SAN zoning at the storage layer, Firewall policies and Access Control Lists (ACL) at the network layer, Multi-Factor Authentication, Physical Access controls, Change Control, etc.. Further details can be provided upon request.

Availability and resilience

• Guaranteed availability: Colt provides a minimum of 99.9% Availability for Colt Private Cloud on VMware Cloud Foundation with 4 or more Nodes per stack
• Approach to resilience: The minimum node configuration to support Private Cloud on VMware Cloud Foundation is three nodes. CenturyLink adds a fourth node so we can offer "N-plus-2" High Availability. That means we can support two of the base 4 nodes failing and still keep the system up and running.
• Outage reporting: As a standard Colt will report outage by sending automatic email alerts and Dashboard Status Updates. For customers with a dedicated service partner any outages will be reported by the service partner resource either by email or a telephone contact to the nominated customer resource

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Management access to the Private cloud is through a Restricted Management Network that is Multi-Factor Authenticated with a RSA Token and only our Virtualisation Team that supports the CPC on VCF product has access for assisting our customers or to troubleshoot an alert or an issue raised by our customer.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Schellman
• ISO/IEC 27001 accreditation date: 30/06/2017
• What the ISO/IEC 27001 doesn’t cover: N/a
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 29/06/2015
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: N/a
• PCI certification: Yes
• Who accredited the PCI DSS certification: Schellman
• PCI DSS accreditation date: 25/10/2017
• What the PCI DSS doesn’t cover: Specific customer environments – The certification is of Colt's vendor as a service provider. The ROS and AOC are available on request.
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • PSN Customer Certified
  • PSN Supplier Certified

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Colt maintain CE+
• Information security policies and processes: Multiple policies and standards support the ISO27001 ISMS and available to employees and are referenced in the annuakl secuirty awareness training process for all employees.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The change management process requires that all assets are identified and aligned with the Colt asset database along with ensuring that the criticality of assets are defined.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Colt maintains a vulnerability management process that is aligned to The Common Vulnerability Scoring System (CVSS) and provides a way to capture the principal characteristics of a vulnerability and produce a numerical score reflecting its severity. The numerical score is then translated into a qualitative representation ( low, medium, high, and critical) to help assess and prioritize issues identified in the vulnerability management processes.; ; Colt maintains scanning for vulnerabilities of all of its different asset types and can deploy critical patches within 48 hours. Threat information is supplied commercial companies, vendors, government and regulatory agencies
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Systems (e.g., servers, applications, databases) maintain internal controls for auditing, tracking, and personal accountability. Security logs for high-risk systems are sent to the centralized log monitoring system or Security Incident and Event Management (SIEM) system for continuous systematic review of anomalous behavior and compliance reporting. Response to critical incidents is progressed on a real time basis.
• Incident management type: Supplier-defined controls
• Incident management approach: Threat detection and prevention systems are strategically placed within Colt to inspect network traffic for malicious activity. These methods provide the basis for the CIRT Program to gain visibility throughout the enterprise environment to detect cyber threats and respond accordingly. ; Security operations will conduct incident scope identification, containment, remediation, and recovery actions. The CIRT Program assures the business of rapid detection and response to cyber threats and limits risk associated with data exposure or loss of services to customers. Incidents can be reported by portals and phone. Reports are generated as part of the post incident process with lessons learned.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: VMware
• How shared infrastructure is kept separate: The Colt Private Cloud platform is a dedicated / private cloud platform that will be physically and logically dedicated to a specific organisation at all levels including Network, Compute and Storage. The platform will be physically and logically isolated from other users / customers and the customer can make full use of its performance capabilities

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Colt is committed to incorporating environmental sustainability principles and practices throughout our operations as we work to serve our customers and our communities. We demonstrate this commitment by establishing long-term greenhouse gas (GHG) emissions reductions targets, purchasing renewable energy to power our network and facilities in EMEA, operating certain facilities according to ISO 14001 certified Environmental Management Systems and/or ISO 50001 certified Energy Management Systems, implementing waste minimization, re-use and recycling initiatives, and by effectively managing our environmental compliance obligations globally. All the data centres managed under the ISO50001 EMS are also supported under the EU Code of Conduct Our global climate change mitigation efforts resulted in being listed on the Carbon Disclosure Project (CDP) “A-list” for the 2017 emissions year (former Level 3 Communications footprint only). Additionally, CenturyLink has achieved its current long-term (2024) carbon-intensity target, met 78% of our absolute emissions target, and met 66% of the GHG reductions associated with our 2025 SBTI-approved science-based target (SBT is for former Level 3 Communications footprint only).

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Climate change is a key pillar of our corporate sustainability strategy. As a large company with worldwide activities, we want to lead by example when working with our suppliers, partners, customers and communities to reduce our impact on the environment. In 2023, Colt Group received approval from the SBTI for our updated near-term science-based target (SBT). These targets are now set on a baseline that includes Well-To-Tank (WTT) emissions for relevant Scope 3 categories and splits the emissions by two different entities: Colt and Colt DCS. We also submitted a long-term net-zero target for 2045, aligned to the new SBTi net-zero standard.; ; Colt Group's main initiatives to achieve our net-zero target include committing to procure renewable power and achieve 100% Scope 2 renewable electricity for all sites globally by 2030. We will reduce indirect emissions by finding alternatives to travel and encourage colleagues to choose better travel options for the environment. We are also decarbonising our in-house fleet through electrification and investing in green innovations such as Carbon Capture and Storage, as well as focusing on circularity initiatives to reduce waste within our network. We run a dedicated supplier programme covering a wide ESG agenda with a special focus on our top suppliers in terms of emissions. To achieve our Scope 3 target, we have committed to engage with 93% of our suppliers by emissions (covering purchased goods and services and capital goods) to set Scope 1 and 2 science-based targets approved by Science Based Target Initiative (SBTi) by 2025.; ; Colt Group's current targets do not include the Lumen EMEA assets acquired in 2023: The acquisition has been finalised and we are in the process of integrating teams and their data. The integration of data and subsequent resubmission of Science Based Targets is planned in 2024/25.

  Covid-19 recovery

  Colt was very proactive in supporting customers during the Covid-19 epidemic and has continued to support customers and employees during the subsequent recovery phase.

  Tackling economic inequality

  Colt’s Diversity, Equity & Inclusion (DEI) strategy is to build an innovative, great and inclusive place to work. We have four DEI pillars:; • Governance & Impact - Ensure we have the governance in place to deliver on our inclusion goals and we collaborate for wider impact that we develop our leaders as inclusive role models.; • Leadership & culture – develop our leaders as inclusive role models and drive an inclusive culture where we can harness diversity of thought for greater success.; • Diverse Representation - Improve the diversity of our workplace, ensuring we represent the communities that we serve.; • Equitable Business Practices - Employ equitable business practices that improve the employee experience and affect positive change in the wider world.; ; Our Global Diversity, Equity & Inclusion policy makes our approach clear and explains our governance structures and our commitment to equal opportunities. It also outlines our zero tolerance approach to discrimination, bullying and harassment. One of the ways we ensure equal opportunities is by building inclusion into our people processes from the beginning. We have worked to make our recruitment process more inclusive by introducing a tool to reduce bias in language used in job adverts. We’ve also introduced training for hiring managers and checklists to be used to mitigate bias when hiring. We also raise awareness of bias during other people process such as performance management and make clear how managers need to be aware and mitigate for bias by inviting diverse thoughts and positive challenge from their peers. ; In addition, we have a five year strategy to improve accessibility within the company – both physical and digital accessibility. This also covers how we communicate and our employee and customer journeys. This is available publicly on our website

  Equal opportunity

  Colt’s Diversity, Equity & Inclusion (DEI) strategy is to build an innovative, great and inclusive place to work. We have four DEI pillars:; ; • Governance & Impact - Ensure we have the governance in place to deliver on our inclusion goals and we collaborate for wider impact that we develop our leaders as inclusive role models.; • Leadership & culture – develop our leaders as inclusive role models and drive an inclusive culture where we can harness diversity of thought for greater success.; • Diverse Representation - Improve the diversity of our workplace, ensuring we represent the communities that we serve.; • Equitable Business Practices - Employ equitable business practices that improve the employee experience and affect positive change in the wider world.; ; Our Global Diversity, Equity & Inclusion policy makes our approach clear and explains our governance structures and our commitment to equal opportunities. It also outlines our zero tolerance approach to discrimination, bullying and harassment. One of the ways we ensure equal opportunities is by building inclusion into our people processes from the beginning. We have worked to make our recruitment process more inclusive by introducing a tool to reduce bias in language used in job adverts. We’ve also introduced training for hiring managers and checklists to be used to mitigate bias when hiring. We also raise awareness of bias during other people process such as performance management and make clear how managers need to be aware and mitigate for bias by inviting diverse thoughts and positive challenge from their peers. ; In addition, we have a five year strategy to improve accessibility within the company – both physical and digital accessibility. This also covers how we communicate and our employee and customer journeys. This is available publicly on our website

  Wellbeing

  At Colt we prioritise the wellbeing of our employees by offering a comprehensive range of initiatives and support systems. In every country where we operate, we provide an Employee Assistance Programme to ensure that our employees have access to confidential counseling and support services when needed. Additionally, we have established a global network of Mental Health First Aiders who are trained to provide initial support and assistance to colleagues facing mental health challenges. Moreover, our Health & Safety team works diligently to maintain safe working environments and provide essential training, including rolling out first aiders to all of our offices. Working in tandem with our Business Continuity team, we are committed to maintaining operational resilience and ensuring continuity of support even in challenging circumstances. Guided by a global wellbeing policy, our organisation fosters a culture of support and inclusivity, with resources, information, and educational materials available through our Wellbeing Academy and intranet page. We empower employee networks and global employee ambassadors to lead wellbeing-related events, sessions, and initiatives, fostering a culture of support and inclusivity within Colt. Furthermore, our CSR team is committed to giving back to the communities we operate in, ensuring that our impact extends beyond the workplace. Together, these initiatives demonstrate our commitment to creating a healthy, supportive, and socially responsible environment for all our employees.

Pricing

• Price: £1,800 to £4,150 a server a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at conor.mcevoy@colt.net. Tell them what format you need. It will help if you say what assistive technology you use.