Skip to main content

Help us improve the Digital Marketplace - send your feedback

The Virtual Forge

DevOps Consultancy

The Virtual Forge provides DevOps consultancy and a managed DevOps service, depending on your requirements. From CI/CD configuration and management to cloud infrastructure configuration and maintenance. We can also analyse and recommend security improvements to existing cloud infrastructure.

Features

  • System Design and Architecture
  • Seamless migration to Cloud-based solutions
  • System implementation and maintenance
  • Continuous Integration/Continuous Delivery
  • Data Intelligence
  • Complete bespoke design and service
  • System monitoring

Benefits

  • Combine data science with business analytics to extract data value
  • Create scalable, resilient, well architected systems to specifications
  • Leverage repeatable automation of your infrastructure
  • DevOps cloud services for consultancy, security, with AWS and Azure
  • Extensive experience with cloud systems

Pricing

£0 to £137 an instance an hour

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at connect@thevirtualforge.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

9 4 2 5 1 6 8 3 5 6 3 0 0 3 0

Contact

The Virtual Forge The Virtual Forge
Telephone: +44 (0) 207 078 8855
Email: connect@thevirtualforge.com

Service scope

Service constraints
As a certified AWS partner and certified Microsoft Azure consultants. We can provide solutions and services that make use of the full suite of AWS or Azure products and services.

We currently do not offer any hardware support or design as we work exclusively in cloud systems.

Our software is primarily written in .NET Core and Javascript.
System requirements
  • Solution requirements must be compatible with AWS or Azure
  • Solutions must run on Windows, Linux, or serverless.

User support

Email or online ticketing support
Yes, at extra cost
Support response times
Response times are based on the priority of the ticket:
- Priority1 = Immediate
- Priority2 = 2 working hours
- Priority3 = 8 working hours
- Priority4 = 24 working hours

Customers may purchase out of hours and weekend support at an additional cost, and response times will be agreed as part of that service.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Our standard support offering includes:
- Access to Freshdesk ticketing system
- Access to onsite support
- Dedicated Account Manager
- Response times SLA

Our Premium offering additionally includes:
- Dedicated support staff
- 24x7 hotline for Priority1 incidents

Both offerings are priced separately per project, depending on the amount of support required each month.

Out of hours support
Unsociable hours, namely weekends and statutory holidays, and after 5.00pm on weekdays, will be charged at £300/month to have the service available.

If the customer uses the emergency call line, £500 will be charged for the call-out. This covers up to one hour of the support team member’s time. £150 will be charged for every whole or partial 30 minute period thereafter.
These rates are for the work the development team will have to perform in order to identify and resolve the problem.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Our approach is to provide a managed service in terms of hosting, so minimal training is required in this regard.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
AWS offers different pricing models, depending on the model you are using the contract date will vary. As AWS services are scalable, you will only pay for what you are using they can be scaled up or down at anytime.

AWS pricing contract information can be found here
https://aws.amazon.com/pricing/?nc2=h_ql_pr_ln-a
End-of-contract process
Details of account closure can be found on the AWS Billing and Cost Management site

https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/close-account.html

Using the service

Web browser interface
Yes
Using the web interface
Almost all AWS services can be accessed via the web portal.

Configuration parameters of some services are only available from the CLI, SDK or API interface.
Web interface accessibility standard
None or don’t know
How the web interface is accessible
You can sign in to the AWS Management Console using your AWS account root user credentials at https://console.aws.amazon.com/console/home.

AWS Identity and Access Management (IAM) user, can be configured enabling the use of a specialised URL.
Web interface accessibility testing
AWS offers assistive technology
API
Yes
What users can and can't do using the API
All functionality is available from the API
API automation tools
  • Ansible
  • Chef
  • OpenStack
  • SaltStack
  • Terraform
  • Puppet
API documentation
Yes
API documentation formats
  • HTML
  • PDF
  • Other
Command line interface
Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
  • MacOS
Using the command line interface
All AWS functionality is available via the CLI.

Scaling

Scaling available
Yes
Scaling type
  • Automatic
  • Manual
Independence of resources
Provision of multiple instances. Auto-scaling in place for further instances if pre-agreed compute or latency thresholds are exceeded.
Usage notifications
Yes
Usage reporting
  • API
  • Email
  • SMS
  • Other

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
  • Other
Other metrics
  • AWS Cloudwatch configured to collect all metrics
  • All AWS services publish metrics to Cloudwatch
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
AWS

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
Less than once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
Other data at rest protection approach
Encryption is managed by 3rd party, ie AWS and Azure, who are CSA CCM v3.0 compliant. AWS use AES-256 for the encryption protocol on data at rest.
Data sanitisation process
No
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • Amazon EBS volumes
  • Amazon RDS databases
  • Amazon DynamoDB tables
  • Amazon EFS file systems
  • Azure Virtual Machines
  • SQL and SAP databases
  • Azure File Shares
Backup controls
Both AWS & Azure have enterprise fully managed backup service that makes it easy to centralise and automate the back up of data across their services in the cloud as well as on premises, Utilising the AWS Storage Gateway or the Azure central management interface, The Virtual Forge can centrally configure backup policies and monitor backup activity for resources. Automating and consolidating backup tasks. Providing a fully managed, policy-based backup solution, simplifying your backup management, enabling you to meet your business and regulatory backup compliance requirements.
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Users schedule backups through a web interface
Backup recovery
Users can recover backups themselves, for example through a web interface

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Use infrastructure assuring 99.9% uptime
Approach to resilience
We make extensive use of AWS's native resiliency and redundancy capabilities through leveraging multiple Availability Zones through load balancers for servers and (where possible) distributed databases or read replicas. This is further supported by 'warm' backup regions in case of a disaster recovery scenario.

Details of Amazon SLA's can be found here; https://aws.amazon.com/compute/sla/
Outage reporting
Public dashboard
Email alerts
Text messages

Identity and authentication

User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Username or password
  • Other
Other user authentication
Typically username and password, but MFA also available.
Access restrictions in management interfaces and support channels
Username and password. Resets only available directly to user via their email.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Devices users manage the service through
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
British Assessment Bureau
ISO/IEC 27001 accreditation date
21/12/2021
What the ISO/IEC 27001 doesn’t cover
N/A
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
No
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Company Information Security Policy must be signed by all employees, and is updated regularly.
CTO – The company’s Chief Technology Officer is responsible for corporate-wide IS system planning, implementation, and execution.
Information Security Manager – The IS Manager is responsible for the company-wide datacenter and network infrastructures.
DevOps Engineers – The DevOps Engineers are responsible for all enterprise business systems.
Internal Users -- All members of the the company User Community are required to familiarise themselves with the policies outlined in the The Company Employee and Contractor IS Policies document.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Changes are managed via the change control process to ensure projects remain within approved constraints. Change proposals are agreed with the client, completed by the individual who identifies the need for a change, then submitted to us. The project team then assesses the impact of the change. The request is submitted to the change control board with the project team's findings to be reviewed. If the change is approved, all project documentation must be updated and the change must be communicated to all stakeholders. Some changes may also require re-alignment of the project costs, schedule, or scope.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Threats are monitored using an IDS provided by AWS along with the standard protection offered by AWS. Patches are routinely applied with urgent hotfixes applied the same day as a threat is identified. Threat information is monitored from AWS and industry leading security boards and alert feeds.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
This is managed by AWS on our behalf.
Incident management type
Supplier-defined controls
Incident management approach
Incidents are managed via a ticketing system.
Information and FAQs are available via the ticketing system to help with common issues. Canned responses are prepared for common issues. Users report incidents via email or through ticket portal. Responses are given according to pre-defined SLAs. RCAs are available for critical issues. Ticket reports are available at client request.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Third-party
Third-party virtualisation provider
Amazon Web Services
How shared infrastructure is kept separate
Different accounts for different clients on AWS. Clients have separated AWS instances.
AWS assure security of the cloud.

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
Amazon is committed to achieving 100% renewable energy across our global infrastructure.

https://aws.amazon.com/about-aws/sustainability/

Social Value

Fighting climate change

Fighting climate change

The Virtual Forge are committed to ● Complying and keeping up to date with environmental legislation ● Preventing pollution ● Continually working to reduce our environmental impacts – minimising waste produced, minimising our energy use, training staff and encouraging greener transport options Specific areas where we are working to reduce our environmental footprint: ● Working with our staff and building users to make all of the building’s operations as environmentally friendly as we can, heating and lighting our premises efficiently ● Investigating how much waste we generate, using segregation to enable higher rates of recycling ● Looking at how people travel to and from our site: encouraging public transport and cycling ● Looking at what we buy – sourcing goods with low environmental impact and working with local suppliers wherever possible
Equal opportunity

Equal opportunity

The Virtual Forge Limited is committed to achieving a working environment which provides equality of opportunity and freedom from unlawful discrimination on the grounds of race, sex, pregnancy and maternity, marital or civil partnership status, gender reassignment, disability, religion or beliefs, age or sexual orientation.

Pricing

Price
£0 to £137 an instance an hour
Discount for educational organisations
Yes
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at connect@thevirtualforge.com. Tell them what format you need. It will help if you say what assistive technology you use.