Fujitsu Services Limited

Fujitsu Secure Cloud Azure Stack Hub

Fujitsu Secure Cloud platform is used to deliver our next generation digital business capabilities, drawing on extensive global experience of delivering technology at all security classifications. Fujitsu Secure Cloud provides a private dedicated private/community cloud solution capable of running workloads with Government Security Classification of OFFICIAL, SECRET and TOP SECRET.

Features

• Low cost of entry
• Pay-as-you-use
• Autonomous, isolated from the Internet and Microsoft Azure public cloud
• Suitable for SECRET and ABOVE SECRET workloads
• Self-service portal and API
• Marketplace of operating systems, software and solutions
• Infrastructure as a Service (IaaS): Virtual Machines
• Platform as a service (PaaS): SQL Databases, Kubernetes Services
• Deployable globally
• UK based Security cleared Service Management Team

Benefits

• Deployable globally
• Supports rapid development and DevOps practices
• Focus on business solutions over VMs, networks and storage
• Evergreen –enhanced capabilities over time
• Highly available
• Pay only for what you consume (subject to minimum commitment)
• Reduced MSP support requirements compared with traditional hosting solutions
• Dedicated support team
• Agile and DevOps experience
• Continuous availability of workloads via 2 or more datacentres

£38.00 to £47.00 a virtual machine a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at government.frameworks@fujitsu.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

993972868699845

Contact

Sam Skinner
07867829234
government.frameworks@fujitsu.com

Service scope

• Service constraints: The service requires a minimum 2 year commit term for service. Capacity expansion is constrained by hardware lead times. All customers bring their own Operating System and Application licenses. Azure Stack Hub provides a subset of the capailities available in Azure Public Cloud. These are currently: Compute (VMs), storage, networking (including Load Balancing), SQL Database, App Service and Kubernetes Service.
• System requirements: None (can be standalone or integrated into existing networks)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Incident Management Service levels:; Priority 1: 4 hours; Priority 2: 8 hours; Priority 3: 16 hours; Priority 4: 3 days; Priority 5: 5 days; Please review the Service Definition for further information on service levels
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Yes, at an extra cost
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Please refer to the Service definition document
• Web chat accessibility testing: Information availabel on request
• Onsite support: Yes, at extra cost
• Support levels: Support is provided during standard working hours Monday to Friday 08:00Hrs – 17:00Hrs (excluding Public and Bank Holidays). The option for additional support hours can be requested and shall be subject to an additional charge. A named Service Delivery Management will be aligned to this service.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: User documentation will be provided
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Extraction of data is self-service activity which can be accomplished by migrating workloads and data to other hosting platforms or to archive storage. Fujitsu can support these activities at additional cost, if required.
• End-of-contract process: As part of the standard service, no specific off-boarding activities have been included. The customer should ensure all services have been migrated off the cloud service prior to the end of the contract. Fujitsu is able to provide additional services to support the customer with these migration activities and should confirm the price for these services prior to termination. Whilst capacity is being paid for on the platform it will continue to exist, the customer can then migrate at their leisure supported if necessary by Fujitsu teams, the customer bill will reduce as capacity rolls off. When the customer requests cessation of service a final bill will be raised continuing any current spend or committed charges

Using the service

• Web browser interface: Yes
• Using the web interface: Using the familiar Microsoft Azure portal, developers and application owners can self-serve to create and manage all supported resource types including virtual networks, virtual machines, web apps, SQL databases and Kubernetes clusters.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: The Azure Portal provides high-contrast themes and focus navigation by keyboard.
• Web interface accessibility testing: None
• API: Yes
• What users can and can't do using the API: Resources can be created, maintained and destroyed using the familiar Azure Resource Manager API. Capabilities and usage is documented at https://docs.microsoft.com/en-us/azure-stack/user/azure-stack-rest-api-use
• API automation tools:
  • Ansible
  • Chef
  • Terraform
  • Other
• Other API automation tools: Powershell
• API documentation: Yes
• API documentation formats: HTML
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
  • MacOS
• Using the command line interface: Resources can be queried, created, managed and destroyed. Capabilities and usage are documented at https://docs.microsoft.com/en-us/azure-stack/user/azure-stack-powershell-overview

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: Users choose a virtual machine size that is appropriate to the workload. Each VM size has a guaranteed level of performance
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • Memory
  • Network
  • Other
• Other metrics: Windows performance counters
• Reporting types:
  • API access
  • Real-time dashboards

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Dell EMC, Microsoft

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: No

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: Data encryption at rest

Availability and resilience

• Guaranteed availability: 99.99% application availability subject to requirements for High Availability being adopted
• Approach to resilience: Resilience, with no single point of failure, is designed into the service. Dual power supplies to network connections over dual NICS to dual switches and customer uplinks from a 4 or 8 port channel spread over at least 2 switches in one or more racks. Service capacity is always sized excluding "spare" nodes, which are added at a ratio of between 1:8 and 1:12 to ensure capacity even after node failure. Details can be provided on request including options for Fujitsu UK datacentres/customer/Crown Premises. Availability Sets ensure virtual machine instances are not co-located on a physical server node. Load Balancers probe server health and direct requests to healthy instances. PaaS services such as SQL Database and Azure Kubernetes Service have built-in resilience.
• Outage reporting: Outages are reported to the Fujitsu Service management team that then inform the customer of any service impacting outages.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Microsoft Active Directory provides authentication and authorisation. Admin and User portals require authorisation.
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Bureau Veritas
• ISO/IEC 27001 accreditation date: Recertification cycle start date: 06/01/2022 Certification expiry date: 04/12/2024
• What the ISO/IEC 27001 doesn’t cover: Our certificate covers:; A. Design, delivery, support and management of:-; - Outsourcing and managed services for customers; including hosting operations virtualization ; and end user support including service desk;; - IT solutions including applications development, hosting and database maintenance and, ; where appropriate sales, leasing and consulting.; B. Design, delivery, operation, support and management of telecommunication and network solutions, ; including repair and refurbishment of equipment; ; C. Cloud Hosting services/Service Hub; ; D. Managed Security Services from Security Operations Centres/Advanced Threat Centres; ; E. Product, sales, installation and maintenance; ; F. Digitization services - document scanning and digitization of sensitive personal data and personal ; medical data; ; G. Provision of ICT services related to Workplace services/managed office and Multi-vendor support ; services/managed maintenance;; H. Productivity Center Services; Mobile and Internet Services; Logistics and Installation Services ; I. The management and operation of the secure network environment provided by the Defence and National Security Business
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ISO27001-certified governance regime for company. Fujitsu delivers the Services using a secure ISO27001:2013 compliant support environment. This element of the service comprises - Definition, maintenance and implementation of the Fujitsu standard Information Security Management System (ISMS); Physical protection of the defined infrastructure within Fujitsu’s ISO27001:2013 accredited Data Centres; Undertaking appropriate audits and assessments to ensure ongoing compliance; Implementation and enforcement of Fujitsu’s security policies and supporting processes and procedures; Prevention of unauthorized physical or logical access to the Services; Identification of threats to relevant assets and implementation of proactive controls to diminish risk probability and/or impacts; Visibility and involvement in the maintenance of the Fujitsu standard ISMS at all levels of Fujitsu management.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: ISO27001-certified configuration and change management regime for company
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: ISO27001-certified incident management process for company
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: ISO27001-certified incident management process for company

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Other
• Other virtualisation technology used: Microsoft Azure Stack Hub
• How shared infrastructure is kept separate: This is a single tenant private cloud with dedicated infrastructure per Organisation

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: The Strategic Fujitsu Datacentres are registered “participants” in the EU Code of Conduct for datacentres, complying with their energy efficiency guidelines conforming to ISO50001 Energy Management. The Supplier’s infrastructure planners have used optimal layouts, as determined by the EU Code of Conduct to build the service within these datacentres.

Social Value

• Fighting climate change:

  Fighting climate change

  Fujitsu operates a Dual Delivery approach to Social Value (SV). Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake local initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.; To align with the theme of Fighting Climate Change with a policy outcome, we co-ordinate our efforts via an environmental action plan, a green procurement policy and a responsible procurement charter. Our initiatives are based on the National TOMs Framework. The 47 metrics of the Fujitsu TOMs have been developed in consultation with the Social Value Portal (SVP). We will use this to manage, monitor, measure, evidence and report on implemented initiatives within G-Cloud 13. At the end of each year, we will provide an independently audited Social Value Report, outlining completed activities, quantifiable SV generated and how each initiative aligns to the SVM policy outcomes.; The G-Cloud Service initiatives may include:; Developing Environmental Action Plans focusing on societal challenges of climate change, resource circulation and living in harmony with nature.; Supporting local School’s Programmes i.e. the UK Trees to supporting biodiversity, environmental education & clean air.; Ensuring all projects utilise our secure logistics facility so that all IT assets are re-purposed before recycling or disposal through secure /accredited routes; Continuing the installation of Solar Panels across our or customer sites, enabling self-generating renewable energy.; Fujitsu as a member of RE100, promotes global corporate initiatives driving towards 100% renewable energy.; Supporting customer efforts to collect information on measures to promote the resource-saving design of products.
• Covid-19 recovery:

  Covid-19 recovery

  Fujitsu operates a Dual Delivery approach to Social Value (SV). ; Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake local initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.; To align with the theme of supporting Covid 19 recovery with a policy outcome, we focus on helping our customers, local communities and supporting our staff with the social and economic impacts. Our initiatives are based on the National TOMs Framework. The 47 metrics of the Fujitsu TOMs have been developed in consultation with the Social Value Portal (SVP). We will use this to manage, monitor, measure, evidence and report on implemented initiatives within G-Cloud 13. At the end of each year, we will provide an independently audited Social Value Report, outlining completed activities, quantifiable SV generated and how each initiative aligns to the SVM policy outcomes.; ; The G-Cloud Service initiatives may include: ; Helping our customers move to a more home-based/mobile service.; Support to local communities and helping schools to ensure disadvantaged children are not left behind in terms of access and skills to learn remotely by supplying equipment and training.; Our volunteering refocused on the transfer of digital skills to support schools and the unemployed.; Acceleration of our apprentice schemes to support employment initiatives, including tackling skills gaps.; Support to enable SMEs/VCSEs to develop in disadvantaged areas through gifting of our apprentice levy.; Initiatives such as DASH, Karma Nirvana, Manchester Women’s Aid to support the Home Office Domestic Abuse Charity, provided laptops and technical support.
• Tackling economic inequality:

  Tackling economic inequality

  Fujitsu operates a Dual Delivery approach to Social Value (SV). ; Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake local initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.; To align with the theme of Tackling Economic Inequality with a policy outcome, we focus on creating employment and removing any barriers to employment, developing new skills, supporting our supply chain including SMEs and VCSEs. Our initiatives are based on the National TOMs Framework. The 47 metrics of the Fujitsu TOMs have been developed in consultation with the Social Value Portal (SVP). We will use this to manage, monitor, measure, evidence and report on implemented initiatives within G-Cloud 13. At the end of each year, we will provide an independently audited Social Value Report, outlining completed activities, quantifiable SV generated and how each initiative aligns to the SVM policy outcomes.; ; The G-Cloud Service initiatives may include:; Providing employment opportunities for those facing barriers to employment, particularly those located in deprived areas.; Working with educational institutions and community groups to provide CV Skills/Mock Interview Workshops and STEM Schools career visits.; Creating apprenticeship/graduate opportunities within Fujitsu.; Training opportunities, for industries with skills shortages or high growth sectors i.e. Digital skills programmes. ; Assisting Rock2Recovery helping Armed Forces Veterans and an increasing number of Blue Light staff and their families by providing coaching and support e.g. business advice and their fund-raising activities.; Supporting local SMEs/VCSEs with access to learning pathways to develop and learn new skills to enhance their offerings.
• Equal opportunity:

  Equal opportunity

  Fujitsu operates a Dual Delivery approach to Social Value (SV). ; Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake local initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.; To align with the theme of Equal Opportunity with a policy outcome, we focus on reducing the disability employment gap, tackling workforce inequality and providing demonstrable value to society. Our initiatives are based on the National TOMs Framework. The 47 metrics of the Fujitsu TOMs have been developed in consultation with the Social Value Portal (SVP). We will use this to manage, monitor, measure, evidence and report on implemented initiatives within G-Cloud 13. At the end of each year, we will provide an independently audited Social Value Report, outlining completed activities, quantifiable SV generated and how each initiative aligns to the SVM policy outcomes.; The G-Cloud Service initiatives may include:; Our Work Your Way Programme, providing flexible working arrangements to all employees from day one.; Comprehensive digital skills training for disadvantaged people e.g. NEETs, minority, gender and ethnic groups, disabled, rehabilitating young offenders, or elderly people.; Employee Passport detailing all adjustments to fully supporting employees throughout their career.; Mandated accessibility standards are actively considered in Framework contracts throughout the solution/product/service lifecycle ; Opening up our supply chain to SMEs to share an ecosystem of alliances, expert partners and academic institutions and charities.; ; We build accessibility into Framework contracts via policies, processes and working environments to comply with legislation.
• Wellbeing:

  Wellbeing

  Fujitsu operates a Dual Delivery approach to Social Value (SV). ; Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake local initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.; To align with the theme of Wellbeing with a policy outcome, we focus on the Health and Wellbeing of all our workforce including our supply chain. Our initiatives are based on the National TOMs Framework. The 47 metrics of the Fujitsu TOMs have been developed in consultation with the Social Value Portal (SVP). We will use this to manage, monitor, measure, evidence and report on implemented initiatives within G-Cloud 13. At the end of each year, we will provide an independently audited Social Value Report, outlining completed activities, quantifiable SV generated and how each initiative aligns to the SVM policy outcomes.; The G-Cloud Service initiatives may include:; We provide access to Wellbeing Programmes supporting mental and physical health, including: Employee Assistance Programme; “My Healthy Advantage” app providing content and 121 Live-Chat support; Mental Health First Aiders.; Mental Health campaigns for all staff including subcontractors, to create community of acceptance around mental health.; Fujitsu and supplier volunteering to support local wellbeing projects initiatives to support older, disabled and vulnerable people to build a stronger community network; Providing specialist skills to support “Creating Better Environments” project – creating a digital platform helping autistic people better navigate environments.; The BuddyConnect™ application created by Fujitsu to support neurodiversity and inclusion in the workplace.

Pricing

• Price: £38.00 to £47.00 a virtual machine a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at government.frameworks@fujitsu.com. Tell them what format you need. It will help if you say what assistive technology you use.