Oracle Corporation UK Limited

Oracle Java Cloud Service - Metered

The Oracle Java Cloud Service is a complete enterprise grade platform and infrastructure cloud solution for building, deploying, and managing Java EE applications. Use Oracle Java Cloud Service to rapidly provision an application environment with Oracle WebLogic Server as the application container and Oracle Traffic Director as the software load-balancer.

Features

  • Self-service portal to provision your environment in minutes
  • Full automated life cycle management using advanced tooling
  • Powered by the industry’s #1 application server Oracle WebLogic Service
  • Standards-based platform for easy deployment of new or existing Java-applications
  • Built-in High Availability
  • RESTful APIs for automation
  • Developer productivity tools such as Maven, Ant, Eclipse, NetBeans, JDeveloper

Benefits

  • Massive developer and administrator productivity with self-service, agile platform
  • Rapid development, focus on business problem, and innovation
  • Reduce cost with pay per use and instant reporting ofusage
  • Zero code change to move applications to cloud
  • Huge capacity available at your fingertips, any-time without upfront commitment
  • Quick time to market
  • Never lose business with highly available platform

Pricing

£206.788 per unit per month

  • Free trial available

Service documents

G-Cloud 9

189085054472310

Oracle Corporation UK Limited

Adrienne Belton

+44 118 92 43257

Gcloud-enquiries_gb@oracle.com

Service scope

Service scope
Service constraints The service may be temporarily offline (within the parameters of the availability SLA) for events such as planned outages, scheduled and announced maintenance. Customers will are notified in advance of these outages.
System requirements None

User support

User support
Email or online ticketing support Email or online ticketing
Support response times 1 Hour
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support Web chat
Web chat support availability 24 hours, 7 days a week
Web chat support accessibility standard WCAG 2.0 AA or EN 301 549 9: Web
Web chat accessibility testing Oracle products are tested for accessibility using a variety of techniques including automated tools, expert heuristic review, visual inspection, manual operation, and testing with various AT by both disabled and non-disabled users. We report the outcome of that testing using the Voluntary Product Accessibility Template (VPAT). The VPAT was developed by ITI and GSA to assist Federal contracting officials and other buyers in making preliminary assessments regarding the availability of commercial ICT products and services with features that support accessibility. See Voluntary Product Accessibility Templates for an in-depth discussion of how we use the VPAT, and to locate the VPATs for Oracle products.
Onsite support Yes, at extra cost
Support levels Oracle provides enhanced electronic-based and telephone technical support to customers with a current technical support services agreement. Customers have access to the largest and most advanced support organization in the world, with more than 50,000 development engineers and customer support specialists, working in 29 languages from 28 global support centers across 145 countries.
Technical support services are available to resolve product issues quickly and accurately by providing answers to product questions that are general or routine in nature. This includes questions about product functionality, syntax, setup, and use. Technical support engineers will also work with customers to diagnose and troubleshoot errors, determine workarounds, and process enhancement requests.
Technical support is provided for issues (including problems created by the user) that are demonstrable, running unaltered, and on an appropriate hardware, database and operating system configuration, as specified in the customer order or program documentation.
In addition, working with the global support hubs, Oracle provides onsite hardware support for Oracle and Sun branded systems either directly, or in some countries through an extensive partner network. For further information please refer to Oracle Technical Support Policy documents provided at: http://www.oracle.com/us/support/policies/index.html.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Oracle provides a Customer Satisfaction Manager who will introduce you to the service. Training is available onlne; training courses are available either on-site or remote (cost items). Introductory tutorials & online help are available at no cost.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction For a period of no less than 60 days after the termination or expiration of the Services, Oracle will make available Your production data via secured protocols, or keep the service system accessible, for the purpose of data retrieval by You. During this period, the service system should not be used for production activities. Oracle has no obligation to retain Your Content after this 60 day period.
End-of-contract process After termination or expiration of the Services under Your order, or at Your request, Oracle will delete or otherwise render inaccessible the production Services, including Your Content residing therein, in a manner designed to ensure that they cannot reasonably be accessed or read, unless there is a legal obligation imposed on Oracle preventing it from deleting all or part of the service environment.

Using the service

Using the service
Web browser interface Yes
Using the web interface The web interface is used for some design functions, and also provides one mechanism for full deployment, management & monitoring functions.
Web interface accessibility standard WCAG 2.0 AA or EN 301 549
Web interface accessibility testing Oracle products are tested for accessibility using a variety of techniques including automated tools, expert heuristic review, visual inspection, manual operation, and testing with various AT by both disabled and non-disabled users. We report the outcome of that testing using the Voluntary Product Accessibility Template (VPAT). The VPAT was developed by ITI and GSA to assist Federal contracting officials and other buyers in making preliminary assessments regarding the availability of commercial ICT products and services with features that support accessibility. See Voluntary Product Accessibility Templates for an in-depth discussion of how we use the VPAT, and to locate the VPATsforOracleproducts.
API Yes
What users can and can't do using the API Oracle Messaging Cloud Service provides APIs for managing & monitoring Messagingservers, triggering events & triggering & controlling human workflow functions & tasks., Oracle Messaging Cloud Service provides APIs for managing & monitoring Messagingservers, triggering events & triggering & controlling human workflow functions & tasks. Messagingapplications publish web service interfaces for the purposes of invocation & communication.
API automation tools
  • Ansible
  • Chef
  • OpenStack
  • SaltStack
  • Terraform
  • Puppet
  • Other
API documentation Yes
API documentation formats HTML
Command line interface No

Scaling

Scaling
Scaling available Yes
Scaling type Manual
Independence of resources The service uses isolated VMs for each tenant
Usage notifications Yes
Usage reporting Email

Analytics

Analytics
Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • Memory
  • Network
  • Other
Other metrics
  • Status and Uptime Percentage
  • Estimated Account Balance Details
Reporting types Real-time dashboards

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations No
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Other
Other data at rest protection approach Physical access to Oracle cages within data centres controlled via badge and biometric measures. Access Control Lists verified by Oracle support managers. Databases encrypted at rest.
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up Configuration files, metadata and persistent store.
Backup controls Using Database Backup Service, Using Database Backup Service.
Datacentre setup Multiple datacentres
Scheduling backups Users schedule backups through a web interface
Backup recovery Users can recover backups themselves, for example through a web interface

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network Details available on request

Availability and resilience

Availability and resilience
Guaranteed availability Target Uptime 99.95%. This is not guaranteed.
Approach to resilience Redundancy is built in to all Oracle Systems. Each site in turn has its own redundancies built in with dual data feeds, backup power solutions and each operated in a N+1 configuration.
Outage reporting Outages originating from Data Centre are initially reported to Oracle via email to nominated support staff. Customers are alerted via emails from relevant Oracle service team to nominated Customer administrators.

Identity and authentication

Identity and authentication
User authentication
  • Username or password
  • Other
Other user authentication Oracle Identity Management enables organisations to effectively manage the end-to-end lifecycle of user identities across all enterprise resources, both within and beyond the firewall and into the cloud. The Oracle Identity Management platform delivers scalable solutions for identity governance, access management and directory services. Based on the Identity domain created, the Admin Users from customer end have the privileges to create/delete user or add/remove roles to the other users.
Access restrictions in management interfaces and support channels The customer Admin User and the administrators they create are granted access to the My Oracle Support (MOS) channel. This enables them to raise Service Requests via the MOS Portal or via phone-call.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
Devices users manage the service through Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information You control when users can access audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations Yes
Any other security accreditations SOC1 and 2

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation No
Security governance approach Security governance for PaaS services in Oracle Public Cloud is aligned with existing policies, controls and processes in place for SaaS, which has ISO27001 certification.
Information security policies and processes "Information Security policies and processes for PaaS services in Oracle Public Cloud are aligned with existing policies, controls and processes in place for SaaS, which has ISO27001 certification.
PaaS services expected to achieve ISO27001 certification in Q2 CY17."

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach The Cloud Change Management process manages the introduction of changes into any Cloud environment and is designed to ensure minimal disruption from planned outages and quick recovery from unplanned outages. Oracle Cloud Operations performs changes to cloud hardware infrastructure, operating software, product software, and supporting application software to maintain  operational stability, availability, security, performance, and currency of the Oracle Cloud.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Oracle Cloud follows a vulnerability management process and procedure that includes identification of vulnerabilities, ranking of vulnerabilities by severity, prioritization of vulnerability remediations by severity and re-testing.  All changes required by vulnerability remediations follow our standard change management processes
Protective monitoring type Supplier-defined controls
Protective monitoring approach Oracle have implemented protective monitoring controls in order to oversee how Cloud systems are used (or abused) and to assure user accountability for their use of these services. The controls include mechanisms for collecting log information and configuring logs in order to provide an audit trail of security relevant events of interest.
Incident management type Supplier-defined controls
Incident management approach "The Oracle Information Security Incident Reporting and Response Policy details the procedures that must be followed by all Oracle employees should an incident be identified. It includes:
·          Mandatory reporting of security events
·          Mandatory reporting of security weaknesses
·          Assessment and classification of security incidents
·          Incident classification and escalation
·          Preservation of evidence"

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Supplier
Virtualisation technologies used Oracle VM
How shared infrastructure is kept separate Each customer organisation is provisioned with their own VM environment ensuring segregation from other organisations sharing the same physical server infrastructure.

Energy efficiency

Energy efficiency
Energy-efficient datacentres No

Pricing

Pricing
Price £206.788 per unit per month
Discount for educational organisations No
Free trial available Yes
Description of free trial 30 day trial of full service, alternatively via a free cloud credit offer.

Documents

Documents
Pricing document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑