Virtustream Enterprise Cloud
Virtustream Enterprise Cloud is an Infrastructure as a Service cloud hosting platform designed for enterprise-class applications.
Features
- Availability and performance SLA's
- Application and data security
- Development and flexibility
- Application flexibility
- Reliability and resilience
- Manageability
- Interoperability
- Compliance certifications and authorizations
- Performance assurance
- Comprehensive security
Benefits
- High availability
- Disaster recovery
- Consumption-based pricing
- Dedicated VLAN's
- Tenant isolation
- Critical application migration
- Managed services from infrastructure to application
- Increased reliability
- Data replication
Pricing
£0.07 a gigabyte
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at gcloud@virtustream.com.
Tell them what format you need. It will help if you say what assistive technology you use.
Framework
G-Cloud 10
Service ID
2 1 4 0 4 2 8 4 8 6 1 3 8 4 9
Contact
Virtustream UK Limited
Mark Switzer
Telephone: 02075105810
Email: gcloud@virtustream.com
Service scope
- Service constraints
- There a no known constraints.
- System requirements
-
- Support wide array of OS, platform, and software
- Support x86 and VMware hosted platforms
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Virtustream's Global Service Desk is available 24 hours a day, 7 days per week.
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- No
- Support levels
-
Virtustream offers a range of SLAs and SLOs for the IaaS and Application Managed Service as follows:
* IaaS availability up to 99.999%
* SAP application availability up to 99.90%
The cost of the SLAs is inherently built into the cloud solution models being proposed. For example, customers with DR in the non-internet facing zones will have higher SLAs i.e. availability SLAs are directly linked with the solution design.
Technical Account Managers are aligned with all services and the support is available on a tiered service model of Base, Silver, Gold and Platinum. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
After the Planning, Setup and Implementation, Migration, and Service Transition work streams are complete, Customers and Virtustream will review the project against the success criteria that was defined during the kickoff, and discuss project feedback. The documentation and knowledge transfer information that was created during the project phases are made available to the applicable ongoing Service Operations team. The Virtustream project team will provide readiness support to the ongoing Service Operations team, in advance of the service go-live to ensure that the operational runbook and ongoing management needs are understood. The understanding of the operational runbook is paramount in ensuring successful ongoing service delivery. On signoff and commencement of service go-live, the Virtustream project team will remain involved as part of an incubation period to ensure that the service has been transitioned successfully. At the end of the incubation period, the customer and Virtustream will do a final signoff on completion of the project so that the live systems/environments can be supported by the ongoing management teams.
Training is delivered is a verity of ways depending on the customers needs. This can be online, via webex or classroom based. - Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
-
Virtustream’s contract separation services are typically outlined in a Statement of Work (SOW) after engagement. Transition services address terms pertaining to equipment, data and resource termination. Examples of services that can be addressed in an SOW are listed below.
Data Disposal. After securely returning data to the customer, any data that remains after a contract comes to termination will be located and destroyed and rendered irretrievable. The disk repetitive overwrite process will be used as described by NIST 800- 88 Rev.1. This process also applies to laptops used to process customer data.
Data Ownership. Throughout the contract terms, the customer retains data ownership of data on its systems hosted on the Virtustream platform. In the event of contract termination, the customer can request a transfer of its data to its new target environment.
Data Availability. In the event of a contract termination, data will be available to the customer based on the specific technical requirement (e.g., data transfer in-house to the customer or another service provider using existing network connections, NAS device). Virtustream can provide a OVM image too. - End-of-contract process
-
At a high level, the exit process will include:
Data Disposal. After securely returning data to the customer, any data that remains after a contract comes to termination will be located and destroyed and rendered irretrievable. The disk repetitive overwrite process will be used as described by NIST 800- 88 Rev.1. This process also applies to laptops used to process customer data.
Data Availability. In the event of a contract termination, data will be available the customer based on the specific technical requirement.
System Relocation. When the contractual period comes to the end or is terminated, both parties will agree a reasonable period of time to allow the systems to be moved to a new location. At the point that it is agreed that the systems should be shut down, Virtustream will give the customer access to the data for an agreed period of time.
Confidential Information. Upon termination of the SOW, Virtustream shall cease performance of the Services and the customer shall cease use of the Cloud Services and each party shall promptly return any Confidential Information of the other party in its possession.
Using the service
- Web browser interface
- Yes
- Using the web interface
-
Virtustream xStream Cloud Management Platform provides an interface and orchestration tool that allows users to monitor and manage their virtual machines and storage through a “single pane of glass.” Multiple sites and different types of clouds are viewed from a single unified dashboard. xStream provides visibility into the consumption of resources throughout the customer's cloud. The web interface allows users to managed VMs as follows:
*
Power On VMs
*
Power Off VMs
*
Suspend VMs
* Clone VM
* Shut Down OS
* Standby VMs
* Reboot VMs
* Delete VMs
* Edit VM Instance
* Snapshots VMs
* Create a Snapshot
* Delete a Snapshot
* Revert to Snapshot
* Convert to Template
The xStream scheduling function allows a tenant to automate their VM operations, consumption management, and availability according to a predefined schedule. - Web interface accessibility standard
- None or don’t know
- How the web interface is accessible
- The xStream Portal allows customer to access their tenant space. Within the portal customers can view cloud resources, generate consumption reports to align with billing, transfer files, create OS images, customize their OS, add VM instances, manage their VM instances to include managing NICs, manage hard disks, manage snapshots, and migrate VM's. Virtustream shall provide an xStream Portal User Guide to all customers who wish to use the portal.
- Web interface accessibility testing
- The xStream portal does not have assistive technology at this time.
- API
- Yes
- What users can and can't do using the API
-
An API (application programming interface) is available for customers seeking to integrate with the Virtustream xStream Cloud Management Platform. Customers using the APIs benefit from controllability and configurability without having to recode their applications specifically for Virtustream. The xStream API is based on standards such as HTTP (Hypertext Transfer Protocol), JSON (JavaScript Object Notation), and publicly available encryption algorithms.
Every action in the xStream portal consists of one or more calls to the xStream API. That means that every portal function is available programmatically through the API. This provides an option to automate functions via the API that they would otherwise perform manually through the xStream user interface.
The xStream API strives to remain RESTful and is consistent throughout each call. Every call is made through HTTP to a URI (Uniform Resource Identifier) using one of the verbs GET, POST, PUT, and DELETE. Each call then returns a response in the format of the caller’s choosing, which can be JSON or XML. - API automation tools
-
- Ansible
- SaltStack
- Puppet
- Other
- API documentation
- Yes
- API documentation formats
- Command line interface
- No
Scaling
- Scaling available
- Yes
- Scaling type
- Automatic
- Independence of resources
- Virtustream's customers are logically separated into unique tenant spaces. Each customer's VLAN is dedicated to their firewall context and is not ported to any other customer. A customer's WAN connection to the Virtustream boundary is solely used for their tenant space.
- Usage notifications
- Yes
- Usage reporting
-
- Other
Analytics
- Infrastructure or application metrics
- Yes
- Metrics types
-
- CPU
- Disk
- Memory
- Network
- Reporting types
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- None
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- EU-US Privacy Shield agreement locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with SSAE-16 / ISAE 3402
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Hardware containing data is completely destroyed
- Equipment disposal approach
- A third-party destruction service
Backup and recovery
- Backup and recovery
- Yes
- What’s backed up
-
- IaaS data
- OS Data
- Database Data
- VMs
- Backup controls
-
The Virtustream service offering includes different tiers of back-up and frequency of these back-ups. The standard is:
· Production /Mission Critical Storage: Backup once weekly with daily incremental backups. SAP HANA databases are backed up daily.
· Non-production Storage: Backup once weekly with daily incremental backups.
· Database Logs: Backups every two to four hours.
· Large backups (e.g., >5 TB) that cannot be completed during the standard backup window (e.g., >12 hours between 6 pm – 6 am local time) will be considered on an individual customer basis. - Datacentre setup
-
- Multiple datacentres with disaster recovery
- Multiple datacentres
- Single datacentre with multiple copies
- Scheduling backups
- Supplier controls the whole backup schedule
- Backup recovery
- Users contact the support team
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Bonded fibre optic connections
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Legacy SSL and TLS (under version 1.2)
Availability and resilience
- Guaranteed availability
-
Virtustream's typical SLA's are and RTO of two (2) hours and and RPO of fifteen (15) minutes. Virtustream can adjust the SLAs per customer if mutually and contractually agreed upon.
Virtustream offers a range of SLAs and SLOs for the IaaS and Application Managed Service as follows:
*
IaaS availability up to 99.999%
*
SAP application availability up to 99.90%
If the SLAs are exceeded, customers are refunded via charge back credits as contractually agreed upon. - Approach to resilience
- Available upon request.
- Outage reporting
- Virtustream notifies customers directly through the contracted notification method. Typically, customers are alerted by email. If necessary, Virtustream will set up a conference call with customers to support them through the outage. All outages will have a root cause analysis and after action review report available.
Identity and authentication
- User authentication
- 2-factor authentication
- Access restrictions in management interfaces and support channels
- Virtustream's customers are responsible for their access control within their tenant space. Virtustream restricts access within the management zone to approved, privileged users. Virtustream privileged users are required to authenticate with unique username, password, and two factor authentication.
- Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Username or password
- Devices users manage the service through
- Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
Audit information for users
- Access to user activity audit information
- You control when users can access audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- No audit information available
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- A-lign
- ISO/IEC 27001 accreditation date
- 4/3/2016
- What the ISO/IEC 27001 doesn’t cover
- Physical media transfer above the hypervisor within the customer zone. Outsourced development. Regulation of cryptographic controls.
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- Yes
- Who accredited the PCI DSS certification
- A-lign
- PCI DSS accreditation date
- 6/4/2018
- What the PCI DSS doesn’t cover
- FedRAMP and ITAR cloud services.
- Other security certifications
- Yes
- Any other security certifications
-
- ISO 27001/27017/27108
- SSAE18/SOC2/SOC3
- ISO 9001
- ISO 22301
- NHS/N3
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
-
- CSA CCM version 3.0
- ISO/IEC 27001
- Information security policies and processes
- Virtustream has a security incident response process in place. Virtustream's incident response notification to customers is in accordance with what is mutually and contractually agreed upon. All Virtustream employees are required to adhere to Dell/EMC Technology policies where its applicable to corporate network operations. All Virtustream employees who are privileged users within the commercial management zone that supports GOV.UK are required to adhere to the ISO 27001 information security policies.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- All changes to the Virtustream IaaS are required to pass through the change control board prior to implementation. All changes are tracked through the Virtustream ServiceNow ticketing system. All changes are assessed and reviewed for operational and security impact on the customer zone and the management zone.
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
- Virtustream performs weekly vulnerability scanning. Virtustream applies patches to affected systems according to the PCI DSS standard. Critical and high vulnerabilities are patched within thirty (30) days (unless vendor/operational dependent) and moderates are patched within sixty (60) days (unless vendor/operational dependent). Virtustream's Security Intelligence Operations Center uses over thirty (30) industry recognized threat feeds to analyze threats to the Virtustream IaaS.
- Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- Virtustream maintains a comprehensive set of rules regarding event notifications, and we monitor these notifications 24x7. It is Virtustream’s responsibility to ensure that alerts/event triggers associated with the Infrastructure as a Service (IaaS) platform – up to the hypervisor stack – are managed internally by Virtustream as part of the core IaaS offering. There are several hundred parameters that are monitored on the IaaS platform that can trigger notifications or alerts. For example, notifications or alerts are configured for capacity, security, availability, environmental conditions, status of configuration items (CI), normal activity, and more.
- Incident management type
- Supplier-defined controls
- Incident management approach
- Virtustream following ITIL best practice for incident management. The Virtustream ITSM ticketing system is used to track (including report) the status of the ticket, escalate it to a higher support level if necessary, and close out the ticket with the initiator once the request is resolved. The Virtustream ITSM ticketing system tracks the service level performance, records the time elapsed, notifies the informed parties, and allows the solution provided and the closure status of the ticket to be recorded. Furthermore, the Virtustream ITSM ticketing system archives ticket data for historical analysis.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- Yes
- Who implements virtualisation
- Supplier
- Virtualisation technologies used
- VMware
- How shared infrastructure is kept separate
- Tenant isolation is provided by individual VRFs and VLAN segmentation.
Energy efficiency
- Energy-efficient datacentres
- Yes
Pricing
- Price
- £0.07 a gigabyte
- Discount for educational organisations
- No
- Free trial available
- No
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at gcloud@virtustream.com.
Tell them what format you need. It will help if you say what assistive technology you use.