DXC Technology Enterprise PaaS
DXC Technology’s Enterprise PaaS is the ideal solution for UK Public Sector organisations requiring traditional or modern platforms for Enterprise Applications. Hosted in DXC’s UK List X next generation Data Centres staffed by security cleared staff to SC, this shared facility eliminates need for high investment in traditional IT provision.
Features
- Provision of highly secure (OFFICIAL), isolated private cloud
- Connect to the Public Services Network (PSN) or Internet Facing
- Transform traditional IT to a managed private cloud hosting platform
- Provide commercial flexibility, OPEX
- Full management of operating systems, security services and server management
- Enterprise-class support included as standard at all SLAs
- Partner with exceptional experience at managing private cloud transformation
- We support the following platforms: Mainframe: MVS (z/OS)
- VME Midrange: AIX, HP-UX, Solaris, X86 (Linux and Windows)
- Full range of support technologies available on request
Benefits
- 100% dedicated, managed, complete IaaS and PaaS solution
- Purpose-built, pre-integrated solutions using market-leading DXC hardware, software and services
- Tailored hardware and software solutions from leading manufacturers
- Choice of pre-defined configurations aligned to workloads
- Consumption-based service configured to meet your needs
- Greater security options, data placement preferences, and support locations
- Incorporates SHA2 Certificates, Symantec SEEDC, Symantec WDE
Pricing
£85.00 to £2,693.00 a virtual machine a month
Service documents
Request an accessible format
Framework
G-Cloud 10
Service ID
1 8 4 2 0 4 5 4 9 6 1 6 0 7 9
Contact
EntServ UK Ltd part of the DXC Technologies Group
DXC Frameworks Team
Telephone: +44 7966 827455
Email: ukitenders@dxc.com
Service scope
- Service constraints
- UK based DXC Data Centres only.
- System requirements
- Disclosed upon application
User support
- Email or online ticketing support
- Yes, at extra cost
- Support response times
- Would be agreed on case by case basis.
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- No
- Support levels
-
Please refer to the Service Description Document for our Support levels.
DXC will provide a technical account manager for each engagement. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- DXC will provide onsite training, online training, and user documentation tailored to specific requirements at additional cost.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- On request service.
- End-of-contract process
- On request service.
Using the service
- Web browser interface
- No
- API
- No
- Command line interface
- No
Scaling
- Scaling available
- No
- Independence of resources
- By System monitoring, Capacity reporting, and Change control.
- Usage notifications
- Yes
- Usage reporting
- Other
Analytics
- Infrastructure or application metrics
- No
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2012
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a CHECK service provider
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with SSAE-16 / ISAE 3402
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Hardware containing data is completely destroyed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Backup and recovery
- Backup and recovery
- Yes
- What’s backed up
-
- Application data
- Virtual Machine
- System
- Backup controls
- As agreed on service on-boarding.
- Datacentre setup
- Multiple datacentres with disaster recovery
- Scheduling backups
- Supplier controls the whole backup schedule
- Backup recovery
- Users contact the support team
Data-in-transit protection
- Data protection between buyer and supplier networks
- Private network or public sector network
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Legacy SSL and TLS (under version 1.2)
Availability and resilience
- Guaranteed availability
-
Depends on requested Solution.
Typically, up to 99.95% SLA.
SLA failures are refunded by a service credit as agreed up on. - Approach to resilience
- Dual Data centre, an HA configuration, Cross site DWDM Network.
- Outage reporting
- Through Service Level reports and Instant management process using Telephone, email etc. as agreed.
Identity and authentication
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
- Other
- Other user authentication
- Authenticated federation.
- Access restrictions in management interfaces and support channels
- Multi- Factor Authentication.
- Access restriction testing frequency
- At least once a year
- Management access authentication
-
- Dedicated link (for example VPN)
- Username or password
- Devices users manage the service through
- Dedicated device over multiple services or networks
Audit information for users
- Access to user activity audit information
- You control when users can access audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- BSI
- ISO/IEC 27001 accreditation date
- 23/09/2015
- What the ISO/IEC 27001 doesn’t cover
- N/A
- ISO 28000:2007 certification
- No
- CSA STAR certification
- Yes
- CSA STAR accreditation date
- 29/11/2016
- CSA STAR certification level
- Level 3: CSA STAR Certification
- What the CSA STAR doesn’t cover
- N/A
- PCI certification
- No
- Other security certifications
- Yes
- Any other security certifications
-
- HMG Accreditation
- PSN Accreditation
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
-
- CSA CCM version 3.0
- ISO/IEC 27001
- Information security policies and processes
- DWP Information Security Systems Standards (ISSS).
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- CMDB, hardware tracking in data centre. All changes are impacted by Service/Account Security Manager.
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
- Available on request.
- Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- Available on request.
- Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
- As agreed with client.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- Yes
- Who implements virtualisation
- Supplier
- Virtualisation technologies used
- VMware
- How shared infrastructure is kept separate
- Through Physical and Virtual Segregation.
Energy efficiency
- Energy-efficient datacentres
- Yes
Pricing
- Price
- £85.00 to £2,693.00 a virtual machine a month
- Discount for educational organisations
- No
- Free trial available
- No