BRUHATI SOLUTIONS LTD

Bruhati offering of Software AG webMethods

Bruhati offering of Software AG webMethods.io Integration Cloud is an integration Platform-as-a-Service (iPaaS) that connects cloud-based and on-premises applications and enables rapid deployment to the cloud.

Features

• Standard connector framework for creating custom connectors
• SaaS connectivity with a huge library of pre-built connectors
• SaaS connection management
• Manage and simplify often complex SaaS vendor APIs
• Service orchestration, to create complex integrations
• Mapping, transformation and enrichment of data
• Graphical user interface
• Secure on-premise connectivity to integrate SaaS and on-premise
• Recipes for common integration patterns
• Monitoring and reporting

Benefits

• Faster business implementation of SaaS applications
• Scales on demand to meet the requirements of the business
• Quickly deploy existing webMethods integrations to the cloud
• Lower TCO due to elimination of maintenance and upgrade projects
• Greater reuse of existing integration investments
• Greater flexibility since people can work from anywhere
• Improved customer satisfaction by reducing errors caused by bad data
• Support Citizen Integrators as well as IT Developers
• Understand environment through end-to-end monitoring
• Facilitate promotion of assets through test, dev, prod environments

£2,500 an instance

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@bruhati.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

910527829939158

Contact

Manuel Di Toma
07554871926
sales@bruhati.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Bruhati's offering of Software AG's other cloud services which includes but not limited to : - ; IT and Portfolio Management with Alfabet; Business Process Analysis and Transformation with Aris; IoT Integration with Cumulocity
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: No service constraints
• System requirements: Software AG webMethods license

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response Times vary depending on the urgency/severity of the support required. The response time can be between 30 minutes to 2 working days. In case of Standard Cloud Hosted Enterprise Customers, support is provided Mon to Friday 9 am to 5pm. ; For Cumulocity On Premise or High Value Govt Customers , the Response Times can be uplifted after performing feasibility study and pricing per mutual agreement e.g. 24*7
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Ensured the keyboard is accessible and text-to-speech is reader-friendly. We’ve made all the default colour settings WCAG 2.1 AA compliant by default.
• Onsite support: Yes, at extra cost
• Support levels: With standard support offerings, we provide 4 Support levels termed as Critical Priority, High Priority, Medium Priority and Low Priority - all of which have target response times detailed in the SLA. Standard Support comes with the product for a standard fee.; ; For more tailored support, clients can selects a Managed Service option whereby the SLA’s and response times are configured in accordance with their requests. ; ; This service can include aspects such as Technical Account Manager, Capacity Management and any other service the client might want to add. The fee for the managed service is determined by the service required.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Standard Training and Full documentation provided - Training and documentation and video's can also be tailored/ created to meet specific customer requirements. Train the trainer is also available upon request.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Open standard exporting of Data can be provided at Contract end using tooling capability.
• End-of-contract process: At end of contract customers typically decide to continue with the service. Alternatively they can choose to export the data for example to another Service Provider, we can assist you with this process.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Web-based user interface for tenant (account) management and development. The solution has been assessed against the German BTIV 2.0 regulation designed on top of the WCAG 2.0 standard
• Accessibility standards: None or don’t know
• Description of accessibility: The solution has been assessed against the German BTIV 2.0 regulation designed on top of the WCAG 2.0 standard.
• Accessibility testing: The solution has been assessed against the German BTIV 2.0 regulation designed on top of the WCAG 2.0 standard.
• API: Yes
• What users can and can't do using the API: A command line interface is available deploying services to the cloud. This is provided to enable the solution to fit in with organisation's continuous integration and continuous deployment (DevOps) practices.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: No

Scaling

• Independence of resources: Most relevant Cumulocity scaling variables are: ; Transaction per seconds ; Less relevant: “Aways-on” (device push) concurrently connected devices Number and complexity of CEP rules ; Even less relevant: Number of tenants (unless < few hundreds) Number of devices Number of users ; ; Cumulocity Scales horizontally by instantiating more nodes High-Availability uses load balancer and NoSQL features All external traffic inbound terminates on Load balancer, Client affinity required Cumulocity Application Tier is mostly stateless. Database Tier uses sharding where the Sharding is based on device id.

Analytics

• Service usage metrics: Yes
• Metrics types: Metrics types http://status.cumulocity.com/ ; Cumulocity API Response ; Cumulocity MQTT Response
• Reporting types:
  • API access
  • Real-time dashboards

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Software AG

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Integrations created with the solution can be imported and exported from the administration browser screen as zip archive files.
• Data export formats: Other
• Other data export formats: Zip
• Data import formats: Other
• Other data import formats: Zip

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: 99.99%, assured by contractual commitment from Software AG
• Approach to resilience: Software AG’s cloud services provide 99.99% infrastructure availability (over AWS) and 99.99% availability for the solution itself
• Outage reporting: Software AG’s Cloud Trust Centre website provides web-based access to ; • Live data on our cloud system availability; • Current and historical information on system performance

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Authentication is required and is implemented access cloud accounts and account activities are logged using AWS Cloud Trail services. In addition, the cloud product permits the configuration of a connection to customer's Single Sign On Services through an Identity Federation Capability via SAML2. In addition, the AWS Identity and Access Management (IAM) service provides identity federation to the AWS Management Console. Multi-factor authentication is an optional feature that a customer can utilize. A certification based authentication is not required.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users receive audit information on a regular basis
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • Bruhati has IASME Governance
  • Software AG ISO/IEC 27001:2013, ISO/IEC 27017:2015, and ISO/IEC 27018:2019
  • Software AG Complies with SOC 2 standards

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Software AG Security testing and policies, ; (SOC) Type II, independent third-party auditor certification,; AICPA Trust Services,; Implement and maintain a standards based ISMS, ; Comply with (IaaS) provider, ; Amazon Web Services security policy,; Cloud Security Alliance (CSA),; CSA Consensus Assessment Initiative Questionnaire (CAIQ),; Security testing type,; Penetration testing,; IT Health Checks,; Risk analysis

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Components of the service are tracked through the lifetime via standard services which include regular upgrades to latest software versions (following release cycle); seamless patching during maintenance windows to minimize vulnerabilities or bug impact; performance monitoring and service continuity and recovery procedures for high up-time.; ; Changes are assessed for potential security impact through security testing performed after each release or change to the cloud environment. A standard release process is used to manage the changes and track through to completion.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: A formal risk management program is used to identify potential new threats, vulnerabilities or exploitation techniques which could affect the service. These are assessed and corrective action is taken. Depending on severity, Critical patches are assessed and installed within 48 hours, Important patches in the next maintenance release and moderate patches in the next general release.; ; Relevant sources of information relating to threat, vulnerability and exploitation techniques are monitored by the service provider. This includes threat/security awareness systems, vulnerability databases, security bulletins/advisories/RSS feeds.; ; Service provider timescales for implementing mitigation's are understood and are deemed acceptable.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Software AG auditor’s SOC 2 Type II report certifies the operational effectiveness of our systems that keep your sensitive data secure. This provides a high level of transparency into our controls that mitigate operational and compliance risks. Because it requires an attestation by an independent and objective CPA who bears professional liability for his or her opinion, the SOC 2 is more stringent and credible than other types of reporting on information security controls.
• Incident management type: Supplier-defined controls
• Incident management approach: All Cloud Products are covered by Bruhati's & Software AG's Standard Support Agreement. Bruhati raises support issues through Software AG’s customer service portal, Empower, which is available 24x7. Three levels of support are available, with standard support offering 24x7 access to the support portal, 9 to 5 telephone support for standard and critical incidents and 24x7 support service for crisis incidents.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Our service can help organisations deliver social value for fighting climate change, by providing solutions that reduce carbon footprint, optimise energy efficiency, and promote sustainability practices. For example, the service can help design and implement cloud-native applications that leverage serverless computing, microservices, and green data centres, which can lower the environmental impact of IT operations and enable faster and more frequent deployments.

  Covid-19 recovery

  Our service can help organisations deliver social value for Covid-19 recovery, by providing solutions that enable business continuity, resilience, and agility in the face of uncertainty and disruption. For example, the service can help design and implement cloud-based collaboration tools, remote work platforms, and digital services, which can enhance productivity, communication, and customer satisfaction, and support the transition to new ways of working and interacting.

  Tackling economic inequality

  Our service can help organisations deliver social value for tackling economic inequality, by providing solutions that create opportunities for employment, education, and entrepreneurship, and that support the development of skills and capabilities. For example, the service can help design and implement cloud-based learning platforms, online courses, and certification programs, which can increase access to quality education and training, and foster lifelong learning and career development.

  Equal opportunity

  Our service can help organisations deliver social value for equal opportunity, by providing solutions that promote diversity, inclusion, and accessibility, and that prevent or address discrimination and bias. For example, the service can help design and implement cloud-based solutions that use artificial intelligence, natural language processing, and computer vision, which can enhance the accessibility and usability of digital products and services and ensure fairness and accountability in decision making and outcomes.

  Wellbeing

  Our service can help organisations deliver social value for wellbeing, by providing solutions that improve the health and happiness of employees and customers, and that support the balance between work and life. For example, the service can help design and implement cloud-based solutions that use gamification, analytics, and feedback, which can increase engagement, motivation, and satisfaction, and foster a culture of recognition and appreciation.

Pricing

• Price: £2,500 an instance
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: A free trial offering full functionality for testing, restricted by number of transactions only, is available for 30 days

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@bruhati.com. Tell them what format you need. It will help if you say what assistive technology you use.