Meridian IT

Managed Cloud Services

Meridian's Cloud Services for IBMi, IBM Aix, IBM Power Linux and Intel environments offers high performance, scalable platforms. Our Cloud infrastructure resides in secure UK datacentres and is an integral part of the Group’s international managed services capability; offering Cloud compute, resilience, Cyber Security and AI Cloud solutions.

Features

  • Real time data replication and validation between systems and sites
  • IBMi , AIX, Windows, Linux, VMware Hyper-V, Veeam, HP-UX
  • Fast recovery of systems in cloud by experienced recovery specialists
  • Provide a strong flexible approach for application modernisation and development
  • Customised service providing remote monitoring through to full systems management
  • Software Asset Management and Project Management
  • Highly resilient infrastructure means more uptime for your business
  • Single, private and Multi tenant cloud solutions
  • Production and DR environments with 24x7x365 monitoring
  • Specialist support for laboratory information management system (LIMS)

Benefits

  • Flexible Capacity, Secure, UK Data Centres, Resilient carrier class connectivity
  • Fast, automated, dynamic storage, limitless capacity, data secure UK DCs
  • Reliable, tailored service fast recovery for systems and data
  • Providing the highest level of systems availability for continuous business
  • Efficient approach to providing 7x24 support for critical systems
  • Software compliance and optimisation to reduce vendor penalties and costs
  • Image recognition and Machine Learning platform
  • Security - Endpoint protection to ensure integrity of your organisation
  • Cyber Security - Malicious Software Identification

Pricing

£243 per unit per month

  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

1 3 3 3 4 3 3 1 8 7 7 2 6 4 7

Contact

Meridian IT

Andy Haley

01564 330650

andy.haley@meridianit.co.uk

Service scope

Service constraints
Meridian IT will indicate patch management and security update when necessary which may require a short service outage upon agreement with the customer.
System requirements
  • Applications and services supported on IBM-Power, HPE and Intel systems
  • Applications and services supported on Intel x86 systems

User support

Email or online ticketing support
Email or online ticketing
Support response times
Severity 1 Critical impact to Business / System resulting in business critical applications being unavailable. 1 Hour response 24x7 Severity 2 Severe impact to Business / System resulting in use of business critical applications being restricted / slow. 4 Hour response 24x7 Severity 3 Some Business impact / inconvenience but business processes able to continue. 1 working day response Severity 4 Minimal or no Business impact. Perhaps requests for information or explanation. 3 working day response.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Onsite support
Support levels
Support levels as determined by account manager in liaison with Service Desk, as per standard support criteria. Severity 1: Critical impact to Business / system down resulting in Business critical applications being unavailable, 1 hour response – 24*7;
Severity 2: Severe impact to Business / system resulting in use of Business critical applications being restricted/slow, 4 working hours response;
Severity 3: Some Business impact/inconvenience but Business processes able to continue, 1 working day response;
Severity 4: Minimal or no Business impact. Perhaps requests for information or explanation, 3 working days response.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
A Cloud readiness assessment followed by a workshop to fully understand requirements. This would be carried out by experienced consultants using ‘best will discover’ the entire connected infrastructure of a business including all hardware and software components. The raw data is transformed into a management view via an augmentation process so that a clear hierarchy and structure of ownership is presented along with an analytical view of usage and costs.The discovery phase of the service will provide an assessment of which components of the IT infrastructure can be delivered through private or public cloud consumption. It also assesses the business impact of moving to a cloud services so that a holistic view can be taken as to the appropriate level of transformation required to achieve the optimum business results. The customer would be allocated a Service Delivery Manager and Project Manager, who would agree a plan with the customer that would highlight relevant service levels and agreements, along with the various alerts and responses that would be addressed by the Meridian Support Cloud.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Client Data will be returned within a reasonable period, normally 60 days in agreed format, upon receiving written instructions from the Client prior to termination or expiration of current agreed contract.
End-of-contract process
Offering dependant.

Using the service

Web browser interface
Yes
Using the web interface
Users can log in request new services and browse services offered. Can liaise with Account Manager to add more resource under hosting contract or increase response times determined by severity levels.
Web interface accessibility standard
None or don’t know
How the web interface is accessible
Access can be discussed with account manager and appropriate measures set in place.
Web interface accessibility testing
None to date.
API
Yes
What users can and can't do using the API
Application Programming Interfaces can be established in liaison with Service Desk to allow access to Cloud services such as AWS under our hosting terms.
API automation tools
  • Ansible
  • OpenStack
  • Terraform
  • Other
Other API automation tools
  • Arcad DROPS
  • Jenkins
  • Kubernetes
API documentation
No
Command line interface
No

Scaling

Scaling available
Yes
Scaling type
Automatic
Independence of resources
IBM & Intel Infrastructure Platform (hardware and software), virtualisation with cloud backup and network redundancy.
Usage notifications
Yes
Usage reporting
Email

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • Memory
  • Network
  • Number of active instances
Reporting types
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller (no extras)
Organisation whose services are being resold
Node4, Equinix, Pulsant, TechData, Dell, Lenovo, HPE, Effective Security Ltd.

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Other
Other data at rest protection approach
Node4 as a datacentre protects its data under the controls of ISO 27001 which covers a wide range of security policies, procedures and risk asset register, physical controls externally and internally. Option of managed security solution that understands your threat landscape and areas of weakness.
Immediate awareness and response to any threats by applying threat analysis and reporting (both automated and manual) to your business
SIEM technology, with intrusion detection, vulnerability management services, application penetration testing and external vulnerability testing continuously being performed.
Delivered at three levels: essential, enhanced and elite to accommodate any business requirement.
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • All data
  • Evault Cloud Backup
  • Veeam Backup
Backup controls
Bespoke backup schedule and data retention available.
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Supplier controls the whole backup schedule
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
Other
Other protection between networks
Network controls – All servers are protected by Firewalls with strict access rules and sensitive information transmitted via VPN connections.
Data protection within supplier network
Other
Other protection within supplier network
Network controls – All servers are protected by Firewalls with strict access rules and sensitive information transmitted via VPN connections. Devices and services are logically grouped based and are assigned to Virtual LAN’s which provides network segmentation. Policies and procedures are in places internally to transfer data and are also in line with InfoSec classification.

Availability and resilience

Guaranteed availability
Typically handled by Service Credits:-eg: Contractor warrants that it will resolve all properly notified Incidents classified as Critical or High within the Target Resolution Time specified in Section 2.3. If Contractor does not resolve these Incidents within the Target Resolution Time, then the Maintenance Fee shall be automatically reduced by the percentage set out below and Contractor shall disburse the respective amounts to Customer:
• by 5% if Contractor fails to resolve more than 10% of notified Incidents within the Target Resolution Time;
• by 20% if Contractor fails to resolve more than 20% of notified Incidents within the Target Resolution Time;
• by 30% if Contractor fails to resolve more than 30% of notified Incidents within the Target Resolution Time;
• by 50% if Contractor fails to resolve more than 40% of notified Incidents within the Target Resolution Time;
• by 60% if Contractor fails to resolve more than 50% of notified Incidents within the Target Resolution Time. Bespoke to each customer.
Approach to resilience
Multiple data centre locations for high availability and data replication ensures availability within agreed SLAs. Tier 3 Data Centre. Cloud data is replicated between sites. All other specific information can be obtained upon request.
Outage reporting
SMS, email (automation).

Identity and authentication

User authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
  • Other
Other user authentication
In line with customer requirements.
Access restrictions in management interfaces and support channels
Username and password requirements, employees only.
Access restriction testing frequency
At least every 6 months
Management access authentication
2-factor authentication
Devices users manage the service through
Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
British Assessment Bureau
ISO/IEC 27001 accreditation date
14/04/2016
What the ISO/IEC 27001 doesn’t cover
N/A
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
ISO/IEC 27001 Information Security

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
All security policies are overseen by Managed Services Directors within the Group. Within the UK the Managed services Director and Managing Director input to Group Policies which can be disclosed upon pre-sales engagement.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
ITIL
Vulnerability management type
Undisclosed
Vulnerability management approach
Meridian IT work with Effective Security Ltd., Node4 and Equinix.
Protective monitoring type
Undisclosed
Protective monitoring approach
Available on request.
Incident management type
Undisclosed
Incident management approach
Available on request.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Supplier
Virtualisation technologies used
Other
Other virtualisation technology used
VMware. Also PowerVM, is a feature of IBM POWER servers and is required for support of micro-partitions and LPAR virtualisation features. Support is provided for IBM i, AIX and Linux. PowerKVM is open source server virtualization that is based on the IBM POWER8 technology. It includes the Linux open source technology of KVM virtualization, and it complements the performance, scalability, and security qualities of Linux.
How shared infrastructure is kept separate
Virtualisation using PowerVM or Vmware.

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
We use World Class Datacentre facilities with energy accreditation:ISO 50001
ISO 50001, the most current version being ISO 50001:2011, specifies requirements for establishing, implementing, maintaining and improving an energy management system, whose purpose is to enable an organization to follow a systematic approach in achieving continual improvement of energy performance, including efficiency, use and consumption. It has been designed to be used independently, but it can be aligned or integrated with other management systems.

Pricing

Price
£243 per unit per month
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
Same as full version with limited use and defined timescales.

Service documents

Return to top ↑