SoftwareONE

Flexera Data Platform

Flexera Data Platform is the largest and most comprehensive Technology Asset repository of market intelligence on enterprise software and hardware.It provides the foundation for making the best, most effective decisions for enterprise technology by delivering a complete, categorized listing of all your hardware and software.

Features

  • Provides hardware and software products, classified into usable taxonomy
  • Provides detailed information IT Assets releases including manufacturer, model, etc.
  • Content Packs provide key product information and intelligence for initiatives.
  • Data Platform evolves with IT, with over 2,500 updates daily.
  • Provides a structured catalog of hardware and software product releases.
  • Content Packs extend DP Catalog with immediately actionable information.
  • Powerful RESTful API that accesses latest information from DP.
  • Extracts and normalizes IT data from multiple data sources.
  • De-duplicates installation data to avoid double counting.
  • Deterministically categorizes IT data as either known or irrelevant.

Benefits

  • Reduce compliance risk and drive corporate standards.
  • Provide accurate product information and real-time market intelligence for ITAM.
  • Gather strategic insights for the C-Level suite.
  • Enable organizations to connect Asset content to consistent product ID's.
  • Unify data silos and improve efficiencies across the enterprise.
  • Drive strong IT-business alignment.
  • Make timely, data-driven decisions.
  • Establish appropriate enterprise-wide standards with a comprehensive taxonomy.
  • Optimize and align IT Asset goals for effective enterprise architecture.
  • Achieve complete visibility into IT assets to support management initiatives.

Pricing

£1.53 per unit

  • Education pricing available
  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

2 2 6 8 6 5 8 2 7 8 6 5 2 5 6

Contact

SoftwareONE

Tom Hook

+44 203 005 0238

technology-products.uk@softwareone.com

Service scope

Software add-on or extension
No
Cloud deployment model
Hybrid cloud
Service constraints
None
System requirements
  • Server OS: Windows Server 2012/2012 R2.
  • Database: Microsoft SQL Server 2014. Oracle 11gR2/12c Enterprise Edition.
  • CPU: Xeon ES-2630 or similar, 4 cores
  • RAM: 8 GB, Storage capacity: 100 GB free space
  • Network connection: Gigabit. Disk I/O: 80 MB/sec. Capacity: Varies
  • Ports: 80,443, 8084, 389/636, 1433/1521

User support

Email or online ticketing support
Email or online ticketing
Support response times
This would depend upon Severity and negotiated Support contract. Typically for Gold Support, responses are elicited within 30 minutes for Sev1, or up to 8 business hours for Sev4.
More information on Support Levels (Gold / Silver) can be found by contacting Flexera.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Flexera offer two levels of support for FlexNet Manager Cloud - these are 'Gold' and 'Silver'. More details can be found on the Flexera website - https://community.flexera.com/t5/Flexera-Community/ct-p/Flexera_Community.

A 'Customer Success Manager' is provided for customers to drive success at each account. The CSM is typically not charged for.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Flexera offer both onsite and web-based training for customer, with most web-based training videos being free for customers.
Extensive documentation for Flexera Data Platform exists, both in PDF format or in-context HTML for accessing when using the Web UI.
Onboarding Services are also offered and can be defined in accordance with requirements, as customers see fit. These services can be delivered via Flexera Professional Services, or via 3rd party.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Users can export data via a number of methods from the Data Platform, such as via the Admin UI's - into standard formats such as CSV/XLS. Command line interfaces are also availble to export reports and templates, and access to the customer Technopedia database is also available for data exports. The API can also be used to export data, as defined in the API section.
End-of-contract process
Exit support to be mutually agreed

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Firefox
  • Chrome
Application to install
No
Designed for use on mobile devices
No
Service interface
Yes
Description of service interface
Flexera Data Platform provides a web-based browser interface to the service, using standard browser controls and access to obtain the information in Data Platform. Flexera Data Platform provides and intuitive user experience, allowing users to drag-n-drop data fields and definitions, sort and filter in the views and export data in certain view types. Configuration of the system can be performed in this interface too.
Accessibility standards
None or don’t know
Description of accessibility
Users primary involvement in Flexera Data Platform is to view IT Asset data and reporting. Flexera Data Platform provides a web-based browser to this end, using standard browser controls and access to obtain the information in the Data Platform. Accessibility of data for users is within the capability delivered via the browser.
Accessibility testing
No specific testing on assistive technology.
API
Yes
What users can and can't do using the API
The Data Platform Technopedia API provides you with read access to the Technopedia database. The most comprehensive method for retrieving data from Technopedia is by using the Technopedia query language (TQL) to create a query that is used in an HTTP GET request to query the Technopedia database. Users make an HTTP GET request to the /tql endpoint, which requires a TQL query to describe the data that you want to retrieve. Data is returned as key-value pairs in JSON format.
The following query example shows how an HTTP GET request uses the /tql endpoint to retrieve software product data for Visual Studio:
GET: https://data.technopedia.com/tql?q=MATCH (n:ASSET) WHERE n.product = 'Visual Studio' RETURN n

The following endpoints can be used to retrieve data from Technopedia:
The Technopedia ID Endpoint enables you to submit a Technopedia ID (TID) via HTTP GET request that returns asset data for that ID.
The Software Mapping Endpoint enables you map your software asset metadata to a software asset by using an HTTP POST request, which returns a Technopedia ID.
The Hardware Mapping Endpoint enables you map your hardware asset metadata to a hardware asset by using an HTTP POST request, which returns a Technopedia ID.
API documentation
Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
The Data Platform 'Analyzer' is an analysis tool that provides a rich Web-based, drag-and-drop user interface, which makes it easy to create reports based on exploration of your data. Users can display Analyzer reports in a dashboard. Unlike standard reports which tend to be static or minimally interactive after they are created, Analyzer reports allow Users to explore data dynamically and to drill down into the data to discover previously hidden details. Analyzer reports present data multi-dimensionally and lets users select what dimensions and measures you want to explore. Use Analyzer reports to drill, slice, dice, pivot, filter, chart data and to create calculated fields. Users of Analyzer reports can query the data in a database without having to understand how the database is structured.
Customization can be done through the web-based UI, and control of the User access and what functions they are able to do (e.g. create, modify, delete reports etc.) can be customized according to the customers requirements.

Scaling

Independence of resources
Flexera provision the Flexera Data Platform both as a Cloud hosted (e.g. AWS) service and an On-Premise solution. For Cloud-hosted, the capability of the providers public-Cloud / Hybrid-Cloud offers the resilience and availability required by the solution. Note that high number of Users are not typically the norm with the Flexera Data Platform, so Users are rarely impacted.

Analytics

Service usage metrics
No

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Flexera

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
European Economic Area (EEA)
User control over data storage and processing locations
No
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
No
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Most data is presented via the administrative Web-UI, and can then be exported using built-in functions to extract to CSV, PDF, XLS formats.
For more detailed reporting and analytics, using a similar web-based approach is used, where a user can drag-n-drop data in the reporting module, to export very specific data.
Data can also be exported using the API (RESTful API's) or database queries.
Data export formats
  • CSV
  • Other
Other data export formats
  • PDF
  • XLSX
Data import formats
  • CSV
  • Other
Other data import formats
XLSX

Data-in-transit protection

Data protection between buyer and supplier networks
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection between networks
SSL (HTTPS) port 443 is the default.
Data protection within supplier network
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection within supplier network
SSL (HTTPS) port 443 is the default.

Availability and resilience

Guaranteed availability
Assuming AWS Hosting:- AWS is architected in a manner to maintain availability of its services through defined programs, processes, and procedures. The AWS Resiliency Program encompasses the processes and procedures by which AWS identifies, responds to, and recovers from a major event or incident within the environment. This program builds upon the traditional approach of addressing contingency management, incorporating elements of business continuity and disaster recovery plans while expanding to consider critical elements of proactive risk mitigation strategies. These strategies include engineering physically separate Availability Zones (AZs) and continuous infrastructure capacity planning.
Approach to resilience
Assuming AWS implementation:- AWS has identified critical system components required to maintain the availability of the system and recover services in the event of an outage. These components are replicated across multiple availability zones; authoritative backups are maintained and monitored to ensure successful replication.
Service usage is continuously monitored, protecting infrastructure needs and supporting availability commitments and requirements. Additionally, AWS maintains a capacity planning model to assess infrastructure usage and demands.
Outage reporting
None

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
Via User and Group / Role definitions. FlexNet Manager Cloud operates with Roles defined according to customers access requirements. Roles are defined across logical objects with more detailed levels of access to the different functions in each object type. E.g. An administrator Role has all object / all-level access, where a Contract Manager may only be able to access the Contract object and may not be able to delete existing contracts. This definition is based upon the functional requirements as defined during the build/design phase.
Access restriction testing frequency
At least once a year
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
You control when users can access audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
You control when users can access audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Certified by EY CertifyPoint
ISO/IEC 27001 accreditation date
December 11, 2011
What the ISO/IEC 27001 doesn’t cover
The applications and supporting software not covered by the AWS ISO 27001 Global Certification.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
  • AWS_ISO_27001_Global_Certification.pdf
  • AWS Systems and Controls (SOC) 3 Report
  • Praetorian OWASP ASVS Level 2: Standard Verification

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Flexera operate a multi-faceted approach to Application Security Governance. A Secure Systems/Software Development Lifecycle is active and In addition to the mandatory corporate security training provided through our Learning Cloud, Flexera provides access and encourages training for its engineering staff through Pluralsight.  Participation in training provided through Pluralsight, this will become mandatory in 2019 for our engineering staff (to include developers and testers). Flexera uses WhiteHat for security testing during software development life cycle and testing covers OWASP Top 10 and WASC 2.0.  Dynamic and manual application security testing is performed.  These tests are run against the QA instances of their respective cloud products.
A clearly defined reporting structure is in place with Senior leadership executing security governance and reviews regularly. More details can be provided on demand.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Public Cloud hosted Flexera applications are managed within a change management methodology that includes processes for the request, review, approval, and verification of changes. Flexera has an established change management committee (CMC) with responsibility for the scheduling and administration of changes. Change requests are submitted in Flexera’s CMS, reviewed by committee, and approved by management during the weekly CMC meetings. For any scheduled high risk changes, test and back out plans will be discussed before the change approval.
All changes are assessed by Flexera Data Platform security principals for security impact.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Flexera conducts a formal risk management program to continually identify, assess, mitigate, and monitor risks, and modifies its controls as a result of this process. A risk management assessment is completed on an annual basis at a minimum. Any changes required by the risk mitigation activity will be scheduled and approved in the weekly Change Management Committee (CMC) meetings.
AWS provide a comprehensive patch management policy that is in place for mission critical devices, and ensures that software, firmware and operating system patches are identified, tested and installed in a timely manner.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
AWS public cloud hosted applications/infrastructure are monitored using monitoring applications that provide notification of critical system/app events. Customer-facing websites are monitored using different services – one for immediate event notification and another for calculation of SLAs.
Events that affect availability of AWS Hosted Cloud applications are investigated, resolved and documented according to procedure by the Site Reliability Engineering department. This team is alerted to any suspicious activity with the alert method varying depending on the severity.
Incident management type
Supplier-defined controls
Incident management approach
Predefined processes exist for Events. The first priority is for the Site Reliability Engineering team to investigate and resolve any issues affecting the availability, stability, performance, or security of the Cloud hosted application/services. If there is no resolution within 15 minutes, an email will be sent to notify members of the SRE, Engineering, Client Success and Customer Support. If after hours, customer support will be notified.
Further escalation to the Cloud hosting service provider will occur, if and when identified.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£1.53 per unit
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
A trial version of Flexera Data Platform Manager can be requested during a PoC. This can be supplied with demonstration data. This version is limited to a short time frame for use (i.e. during the PoC) where specific use cases are performed, according to customer requirements.

Service documents

Return to top ↑