Logicalis UK Limited

Flexera One ITAM & FinOps

Flexera Software, direct or via IBM, is a set of data-oriented SaaS solutions that optimizes the value of technology for hybrid IT environments. Flexera One solutions are built on a set of definitive data powered by Technopedia that enables organizations to visualize their Enterprise Technology Blueprint, from on-premises to SaaS.

Features

• Software License Compliance calculations and Reporting / Dashboards.
• Vendor Certifications / verification's - Oracle, SAP, ServiceNow, Microsoft, others
• IT Asset Management & Cloud FinOps
• Advanced License metric calculations and optimization of IT CLIENT Assets
• Simulation capability of Cloud_&_virtual environments for License optimization
• Reporting of SaaS, Cloud and Internal (private) IT Asset usage
• Compliance calculation Engines reporting on changes in Licensing estate
• Agents (Services) to track application usage in environment.

Benefits

• Avoidance of software compliance risks associated with Audits.
• Standard certified integrations for rapid deployment and results.
• Tracking of IT assets in the estate, against purchases.
• Ongoing discovery / reporting of new and existing IT Assets.
• Automate desktop and Client software Licensing and reduce resource needs
• Test and verify License optimization changes, before implementing.
• Optimise Licence assets in cloud or on-premise
• Maintain continuous software license compliance to minimize audit risk
• Tracking application usage to reclaim licenses, reduce denials of service

£1.00 a unit

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bid.management@uk.logicalis.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

910298995872383

Contact

Leah Shafik
01753 777200
bid.management@uk.logicalis.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: Planned Maintenance is performed on a regular basis, more details and historical performance can be found on the Flexera website.
• System requirements:
  • Dependent on modules required/chosen
  • https://docs.flexera.com/flexera/EN/Beacons/Prereqs.htm

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Depending upon Severity and negotiated Support contract. Typically for Gold Support, responses are elicited within 30 minutes for Sev1, or up to 8 business hours for Sev4.; Example of service levels - ; https://www.flexera.com/legal/support-terms-gold; https://www.flexera.com/legal/support-terms-silver
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Two levels of support, Gold and silver; https://www.flexera.com/legal/support-terms-gold; ; https://www.flexera.com/legal/support-terms-silver
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Flexera offer both onsite and web-based training for customer, with most web-based training videos being free for customers.; ; Extensive documentation for Flexera One exists, both in PDF format or in-context HTML for accessing when using the Web UI.; Onboarding Services are also offered and can be defined in accordance with requirements, as customers see fit. These services can be delivered via Flexera Professional Services, or via 3rd party.; Flexera also offer "Practice Guides" that allow customers insights into Flexera best practice onboarding activities and process. These guides contain sample project definitions too.; ; Logicalis Professional Services can provide additional assistance outside of vendor services
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Should the users wish to extract data, this can be accomplished via the web-UI and reporting. These interfaces allows users to extract data seen in views and/or reports in PDF, XLSX, CSV and in some case RTF files.; The UI supports a 'grid' or spreadsheet type format, where users can add columns and filter/sort prior to extract. Most objects in Flexera One offer this functionality. The Flexera reporting/analytics function provides the data model for more granular data extraction, should this be necessary.; ; Logicalis Professional Services can provide additional assistance if needed.
• End-of-contract process: Exit support to be mutually agreed

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: A web-based browser interface to the service, using standard browser controls and access to obtain the information in FlexNet. FlexNet Manager provides an intuitive user experience, allowing users to drag-n-drop data fields and definitions, sort and filter in the views and export data in certain view types. Configuration of the system can be performed in this interface too.
• Accessibility standards: None or don’t know
• Description of accessibility: Users primary involvement in Flexera One Manager is to view IT Asset and Software Compliance data and reporting. It provides a web-based browser to this end, using standard browser controls and access to obtain the information in the Data Platform. Accessibility of data for users is within the capability delivered via the browser.
• Accessibility testing: No specific testing on assistive technology.
• API: Yes
• What users can and can't do using the API: A limited compliance API exists to query positions in FlexNet Manager. The following are some of the Operations that are supported:; • AllocateLicense; • CreateAsset; • CreateAssetList; • CreateContract; • CreateContractList; • CreateLicense; • CreateLicenseAllocation; • CreateLicenseList; • CreateUser; • CreateUserList; • CreateVendor; • CreateVendorList; • DeallocateLicense; • DeleteAsset; • DeleteAssetList; • DeleteContract; • GetLicenseByID; • GetLicenseForCreate; • GetLicenseListByContractID; • GetLicenseListByIDs; • GetLicenseListByPurchaseOrderDetailID; • GetVendorForCreate; • GetVendorListByIDs; • GetVersion; • IsSupportedVersion; • LinkAssetListToContract; • LinkAssetListToPOLine; • LinkContractListToAsset; • LinkContractListToLicense; • LinkLicenseListToContract; • LinkLicenseListToPOLine; • LinkPOLineListToAsset; • LinkPOLineListToLicense; • LinkPOListToContract; • UnlinkLicenseListFromContract; • UnlinkLicenseListFromPOLine; • UnlinkPOLineListFromAsset; • UnlinkPOLineListFromLicense; • UnlinkPOListFromContract; • UpdateAsset; • UpdateAssetList; • UpdateContract; • UpdateContractList; • UpdateLicense; Users can access the API to perform some Operations via typical API methods - CURL, PowerShell, etc. There is an option to test the API Operation within the browser.; Not all operations are available, as the Compliance API is designed for Compliance actions only.
• API documentation: Yes
• API documentation formats: Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Typically Reporting and Dashboards are customised in the service, according to Role/Requirement. Views can also be modified and set to Global or User-specific.; Users customize via the web-browser using the Flexera interface and save the report/dashboard/view.; Control in Flexera one is granular and customisable, and is role-based, allowing only specific users to create, modify, delete reports/dashboards/view, if this is necessary.

Scaling

• Independence of resources: Flexera operate on non-public infrastructure with Flexera Cloud Operations team monitoring User response times and user experience. The Cloud Ops team will monitor Cloud service levels through a number of key metrics, including latency, queuing, and availability. Events that affect production service availability of Cloud applications are identified, investigated, resolved and documented according to procedure by the Site Reliability Engineering department.; Operations status information is made available at the following website: https://status.flexera.com/#month

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Flexera / IBM

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Most data is presented via the administrative Web-UI, and can then be exported using built-in functions to extract to csv, xlsx, pdf, rtf formats.; For more detailed reporting and analytics, using a similar web-based approach is used, where a user can drag-n-drop data in the reporting module, to export very specific data.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • RTF
  • XLSX
• Data import formats:
  • CSV
  • Other
• Other data import formats: Xlsx

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Flexera will maintain systems/controls designed to maximize Monthly Up-time, minimize outages, and enable notification in event of any unscheduled outage. Flexera will credit Licensee the percentage specified of the total Monthly Fee paid, for any calendar month in which Monthly Up-time falls within the range specified. In order to receive a credit, Licensee must request this in writing within thirty (30) days of the end of the month for which it seeks a credit.
• Approach to resilience: Resilience is described in the "Flexera Cloud Security.pdf".
• Outage reporting: A public dashboard available at https://status.flexera.com/#month and Email Alerts, for subscribed customers.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Via User and Group / Role definitions. Flexera One operates with Roles defined according to customers access requirements. Roles are defined across logical objects with more detailed levels of access to the different functions in each object type. E.g. An administrator Role has all object / all-level access, where a Contract Manager may only be able to access the Contract object and may not be able to delete existing contracts. This definition is based upon the functional requirements as defined during the build/design phase.
• Access restriction testing frequency: At least once a year
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Sche
• ISO/IEC 27001 accreditation date: 2023
• What the ISO/IEC 27001 doesn’t cover: The scope of Flexera’s ISMS includes the assets, technologies, and processes employed by Flexera for processing, management, and delivery of services to its customers. Services covered by the ISMS include the Flexera One suite of services, including IT Visibility, IT Asset Management, Cloud Migration and Modernization, and Cloud Cost Optimization services and all associated applications and technologies that are hosted, developed, and maintained by Flexera to enable data input, processing, storage, and output. The scope has also been drafted considering the control implementation requirements of ISO/IEC 27001:2013 Annex A in accordance with the Statement of Applicability.; ; Interested parties can verify and review the details of Flexera’s ISMS certification here.
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 2019
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: Does not cover On Premise components
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: SOC2 Type 2

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: CSA CCM version 3.0
• Information security policies and processes: ISO27001 https://www.flexera.com/about-us/press-center/flexera-achieves-iso-27001-certification

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Cloud infrastructure and applications are managed within a change management methodology that includes processes for the request, review, approval, and verification of changes. Flexera has an established change management committee (CMC) with responsibility for the scheduling and administration of changes. Change requests are submitted in Flexera’s CMS, reviewed by committee, and approved by management during the weekly CMC meetings. For any scheduled high risk changes, test and back out plans will be discussed before the change approval. All changes are assessed by Flexera Cloud Operations security principals for security impact
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Flexera conducts a formal risk management program to continually identify, assess, mitigate, and monitor risks, and modifies its controls as a result of this process. A risk management assessment is completed on an annual basis at a minimum. Any changes required by the risk mitigation activity will be scheduled and approved in the weekly Change Management Committee (CMC) meetings.; A comprehensive patch management policy is in place for mission critical devices, and ensures that software, firmware and operating system patches are identified, tested and installed in a timely manner.; Please see "Flexera Cloud Security.PDF" for more information.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Cloud applications/infrastructure is monitored using monitoring applications that provide notification of critical system/app events. Customer-facing websites are monitored using different services – one for immediate event notification and another for calculation of SLAs.; Events that affect availability of Cloud applications are investigated, resolved and documented according to procedure by the Site Reliability Engineering department. This team is alerted to any suspicious activity with the alert method varying depending on the severity. It can range from an immediate phone call to the on-call personnel for critical alerts or immediate automated page for high alerts to a daily or weekly summary reports.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Defined processes exist for Events, the first priority is for the Site Reliability Engineering team to investigate and resolve any issues affecting the availability, stability, performance, or security of the Cloud services. If no resolution within 15 minutes, an email will be sent to notify members of the SRE team, Engineering, Client Success and Customer Support. If after hours, customer support will be notified.; Customers can subscribe to the Flexera external status page to view real time site status and receive proactive notifications about incidents. Customers will receive notification in an unscheduled outage lasting longer than 30 minutes.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Take a look at our latest developments: Carbon neutral on scope 1&2 by 2025 - Announced intent to be carbon neutral on scope 1 and 2 by 2025. Engaged EcoVadis – Partnered with EcoVadis to provide a holistic understanding of our ESG performance. Carbon Disclosure Project – Deepened our scope with the CDP. SBTi – Committed to Science Based Targets initiative, joining the largest group of companies actively driving the reduction in global emissions. Launched customer sustainability score – Developed scoring mechanisms that enable customers to understand their IT emissions with recommendations, all available as a managed service.

  Equal opportunity

  Diversity, equity and inclusion activities From our global inclusion council to unconscious bias training for all employees, we empower our employees to create an inclusive environment.

  Wellbeing

  Innovation drives creativity and when people from diverse backgrounds work together, the more innovative and creative that team is likely to be. Our people are critical to our ongoing success and together we can create an environment where everyone can belong, grow and thrive. We are committed to making Logicalis the best it can be through our people and in FY23 we were recognised as being a 'Great Place to Work' in 12 countries.

Pricing

• Price: £1.00 a unit
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: A trial version of the Flexera Software Platform can be requested during a PoC. This can be supplied with demonstration data. This version is limited to a short time frame for use (i.e. during the PoC) where specific use cases are performed, according to customer requirements.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bid.management@uk.logicalis.com. Tell them what format you need. It will help if you say what assistive technology you use.