MTI Technology Ltd

MTI VMware by Broadcom - Virtualisation and Cloud computing

MTI has been granted Pinnacle status in the new landscape with Broadcom. This is the highest partner status for VMware; we are now one of only twelve partners in the UK holding this channel partner status.
MTI has demonstrated its expertise in designing, deploying, and managing VMware datacentre virtualisation solutions.

Features

• VMWare Simplified
• VMWare Cloud on AWS
• Hypervisor
• Distributed Firewall- NSX
• vRealize
• Tanzu
• Network & Security Virtualisation
• vSAN

Benefits

• Datacenter Rationalisation
• Management Console
• Return on Investment
• Scaleable
• Seucre by Design

£10 to £1,000 a licence a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bid@mti.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

985545039481399

Contact

Darren Moyes
01483520200
bid@mti.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: There are no known constraints within the VMWare portfolio. There are weekly SW releases that look to address any user experience and performance issues.
• System requirements: VSphere

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: SLA's are available depending on severity. VMWare Support is 24x7 with global support centres staffed around the clock.; ; Critical (SaaSSeverity 1) 30 minutes or less: 24x7 Major (SaaS Severity 2) 4 business hoursMinor (SaaS Severity 3) 8 business hours Cosmetic (SaaS Severity 4) 12business hours
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: In-product chat from Intercom.com. Details about chat accessibility can be found here. https://www.intercom.com/help/faqs-and-troubleshooting/the-intercom-messenger/is-the-intercom-messenger-accessible
• Onsite support: Yes, at extra cost
• Support levels: Support levels available are:; ; Business Critical: 24x7; Business Essential: 8x5; ; Support costs calculated are proportionate to Software purchased
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Users are encouraged to attend courses online or in person to learn how to install, configure and manage VMware products.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Data can be extracted via the web interface, APIs, or Databus solution before the contract ends.
• End-of-contract process: There is a 14 day period between the end of the contract and the deletion of the services. If requested, this period can be made shorter for a quicker deletion of data.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: VMware
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Testing conductinve involved extensive use of leading assistive technologies including screen readers (NVDA & Voiceover). The code is also inspected manually using developer tools on Chrome and Safari.; ; Reports can be found at:; https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/products/vpat/
• API: Yes
• What users can and can't do using the API: Users can use APIs to automate processes.; All functions available through Center are programmable via API
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • PDF
• API sandbox or test environment: No
• Customisation available: No

Scaling

• Independence of resources: VMWare products are designed to scale by utilising the inherent scaling of the underlying cloud provider.

Analytics

• Service usage metrics: Yes
• Metrics types: -Number of vSphere and VMware Cloud CPU sockets monitored ; -Number of AWS and Azure vCPUs monitored ; -Number of SD-WAN Edges monitored
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: VMware, Palo Alto, Watchguard, Forcepoint, Check Point, Cisco

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
• Other data at rest protection approach: Elastic Block Storage
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Data can be extracted via the web interface, APIs, or Databus solution before the contract ends.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • JSON
  • CSV
  • XML
  • PDF
  • YAML
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • XML
  • IPFIX
  • Netflow
  • SFlow
  • SNMP
  • SSH

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: This Service Level Agreement (“SLA”) is subject to the VMware Cloud Service Offerings Terms ofService and the Service Description; https://www.vmware.com/download/eula.html.Capitalized terms not defined in this SLA will have the meanings specified in the Terms of Serviceand the Service Description. VMWare reserve the right to change the terms of this SLA in accordancewith the Terms of Service. VMware will use commercially reasonable efforts to ensure that the Service Offering is “Available” during a given billing month equal to the “AvailabilityCommitment” of 99.90% SLA Credits, Limitations and Claims are covered here:https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/downloads/eula
• Approach to resilience: VMware Cloud products are SaaS based and designed to be resilient by utilising the inherent resiliency of the underlying cloud provider.
• Outage reporting: There is a public dashboard for all VMware cloud offerings. It can be found here: https://status.vmware-services.io/

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Based on the principle of least privilege, VMware cloud solutions use identity and access management controls (AD/LDAP,MFA),ensuring the appropriate level of access for all personnel to keep your data and systems safe and secure.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Schellman
• ISO/IEC 27001 accreditation date: 09/06/2021
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 25/03/2022
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: N/A
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • ISO 27017
  • ISO 27018
  • SOC 2
  • SOC 3

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We model our security framework using the NIST SP 800-53 -We have an Information Security Governance Committee(ISGC) that is chaired by members of senior management andrepresentatives from our Information Security, IT Operations,HR, Marketing, Facilities and Legal teams.
• Information security policies and processes: Our Information Security Program is modeled using industrybest practices and regulatory standards, including NIST SP800-53 and ISO 27001. We maintain our own InformationSecurity Program and Policies to protect customer datahosted in our systems and perform annual reviews and auditsof our program to ensure the integrity of our hosted offering. --The VMware Information Security team manages theenforcement, development, and maintenance of informationsecurity policies and standards to ensure VMware InformationAssets are preserved in a security environment, in accordancewith generally accepted best practices, focusing on VMwarebusiness and risk objectives. The VMware InformationSecurity Team is responsible for updating policies as threatsand technologies change, initiating and managing periodicreviews of the information security policies and standards, aswell as evaluating exceptions to information security policyand standards. -- Our Information Security team overseesorganizational compliance while team leads in conjunctionwith IT and HR teams help enforce department-levelcompliance.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Only the VMware SRE team is entitled to perform changes. ; - Change Requests are reviewed with the creator, discussed within the team and approved. -Changes are tested on Development environment first, applied to Staging environment and then promoted to Production.; - Changes go through vulnerability checks using Synopsys Black Duck - We also run Nessus scans on our Provider Infrastructure to identify any loopholes and triage them at priority. ; - Configurations are code driven and stored in repositories. ; - We also use Credstash and Vault for secrets management
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: All deliverables are scanned regularly on Synopsys Blackduck through the development process and triaged immediately. ; ·Vulnerabilities are reviewed regularly in cross functional meetings and considered as a critical factor to achieve a release milestone. ; · Patchesare applied at the highest priority for vulnerable packages. ; · We get updates from VMware’s vSecr team as well as our cloud provider (AWS)on potential threats
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: · We follow vSecr guidelines, cloud provider’s guidelines and industry best practices. ; · All the public facing load balancers implement WAF Rules to check unauthorised traffic.; · VPC flow logs and Load Balancer logs are captured and analysed. · VMware’s Red Team conducts Penetration Testing on cloud services at regular intervals. ; · Any compromise is reported to the vSecr team and immediately acted upon.
• Incident management type: Supplier-defined controls
• Incident management approach: The process complies with industry standards for legally admissible chain-of-custody and forensic-data-collection management processes and controls. Response standards, procedures, methods are implemented based on the severity level. If VMware determines that unauthorised access to/use/disclosure of customer content, VMware will use commercially reasonable efforts to notify customers, taking into account any applicable law, regulations, governmental request. VMware will also notify customers of a suspected breach of the infrastructure if that breach occurred on a segment of the platform consumed by a customer, or in the event of Denial of Service attacks. VMware does not monitor guest workloads for such breaches.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  MTI publishes an annual Quality & Environmental (Q&E) Policy statement, which is aligned to its ISO 9001 & ISO 14001 accreditations and the annual EcoVadis CSR review and accreditation. MTI’s Corporate & Social Responsibility policies integrate our business values and operations to meet our strategic objectives and the expectations of our customers, employees, investors, suppliers, the community and the environment. By putting our CSR into practice, we are committed to conducting ourselves responsibly and in an ethical manner, creating a positive and supportive working environment, supporting local communities, improving service levels to customers, acting fairly and collaboratively with suppliers and other third parties, to deliver solutions that support our environmental objectives. Our Environmental Management System, recognised by independent ISO 14001 Environmental Management certification, incorporates our Environmental Policies and Procedures.Demonstrating our commitment to protecting the environment and sustainability. We undergo regular independent audits to demonstrate our commitment to improvement. Our management review programme and CSR and Environmental Reporting, evaluate and demonstrate our environmental achievements, through measurement of impacts as a result of all business activities, monitoring of reduction targets, achievements against objectives & results from our activities, initiatives and environmental commitments. Our FY2022 focus includes; Zero-Carbon Society: we will strive to achieve zero emissions from our own business activities and encourage carbon neutrality within our supply chain. Through comprehensive energy conservation activities and the use of renewable energy, we aim to reducing our carbon footprint and impact on the environment through reduction of contributions to greenhouse gases (GHGs) and annual CO2 emissions, and support supplier commitments; •Partnering with Tier-1 suppliers who are committed to carbon neutrality, evidenced through annual environmental and sustainability assessment •Commitment form partners/product vendors to commit to supplying packaging with a minimum of 50% recycled content (80% Cardboard) or be entirely derived from sustainable sources.

  Covid-19 recovery

  In response to the COVID-19 pandemic, MTI has implemented thorough in-house technology solutions allowing over 90% of our staff to be based at home, including the majority of our service delivery staff. This approach provides greater job opportunities across the region without the potential for geographically disadvantage, and ensures we have skilled staff locally across the UK to deliver our core services. Where MTI are delivering longer-term services to Buyers, MTI is committed to sourcing and utilising local suppliers to provide relevant elements of the service and would support running local supplier days to publicise the delivery and give opportunities for local company involvement. MTI recognises that the COVID-19 pandemic presents challenges for graduate employment and is offering employment opportunities for graduates in order to support local students to progress from higher education into jobs utilising their skills and knowledge.

  Tackling economic inequality

  MTI has invested significantly in developing in house skills and capabilities in order to provide high-class services across a wide range of technologies and disciplines, with emphasis on providing a wide range of professional and managed services. Our Internal Development Programmes and individual development plans ensure that all employees are offered opportunities for learning and development and provides skills training for new employees and existing employees to prepare them for promotions, transfers or new responsibilities. Our development programmes help our employees stretch their capabilities and those of the organisation, upskilling employees through investments in a wide range of skills and product training and development for staff and managers to broaden opportunities. Building a diverse and inclusive workplace has become an imperative part for the all-round growth and development of MTI. Therefore, our HR team takes tangible steps to create a workplace that is committed to diversity and inclusion, including providing career opportunities to support disadvantaged people into the workplace. MTI are registered to the Disability Confident scheme and have agreed to the Disability Confident commitments to provide interventions to increase employment opportunities and retention for people with a long- term health condition or disability to support these people into employment.

  Equal opportunity

  We recognise our obligations under the Equality Act 2010, Article 119 of the Treaty of Rome, The Race Relations Act, The Employment Equality (Sexual Orientation) Regulations 2003 and The Employment Equality (Religion or Beliefs) Regulations 2003, and The Codes of Practice published by the Equal Opportunities Commission, the Commission for Racial Equality and the European Commission; We are committed to the principle of equal opportunities in employment. We are opposed to any form of less favourable treatment or financial reward through direct or indirect discrimination, harassment, victimisation to our staff members or job applicants on the grounds of race, religious beliefs, political opinions, creed, colour, ethnic origin, nationality, marital/parental status, sex, sexual orientation, offending past, disability, age, caring responsibilities or social class. We extend protection under this Policy to our suppliers, customers, contractors, and others who are on our premises and in return expect all suppliers, customers, contractors and others to behave in the same way towards our members of staff. This policy is intended to assist the organisation to put this commitment into practice. Compliance with this policy should also ensure that employees do not commit unlawful acts of discrimination. Communicating this policy will be supported by appropriate training, and the effectiveness of this Policy will be monitored on an on-going basis. No form of intimidation, bullying or harassment will be tolerated. Implementation of this policy will be carried out where necessary by invoking the Disciplinary Procedure. Every employee is required to assist the organisation to meet its commitment to provide equal opportunities in employment and avoid unlawful discrimination.

  Wellbeing

  The organisation has developed an employee wellbeing policy to manage its obligations to maintain the mental health and wellbeing of all staff. It covers the organisation's commitment to employee health, the responsibilities of managers and others for maintaining psychological health, health promotion initiatives, communicating and training on health issues, the range of support available for the maintenance of mental health, and organisational commitment to handling individual issues.

Pricing

• Price: £10 to £1,000 a licence a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Trial options are available as part of the "Proof of Value" phase

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bid@mti.com. Tell them what format you need. It will help if you say what assistive technology you use.