CustodianDC Limited

Custodian Data Centres: Distributed denial of service attack (DDOS) mitigation

Custodian Data Centres supplies businesses with DDoS Mitigation to protect them against DDoS attacks of >1Tbps. These services are housed in an ISO 27001, environmentally friendly Tier IV data centre which supports high performance computing with an extensive network. All services are tailored to meet specific businesses requirements.


  • Access to major cloud providers including AWS, Azure & Google
  • Scalable increments 10Mpbs to 10Gbps
  • ISO 27001:2013 certified data centre
  • Highly efficient evaporative cooling systems
  • High capacity interconnects to more than 300 data centres
  • Fibre, MPS, VPLS, Wavelength, Private Circuits available
  • Fully multi-homed IP Transit network under global ASN (50300)
  • Interconnections with major global internet exchanges
  • Managed DDoS Mitigation Service to withstand attacks of >1Tbps
  • True 2N UPS dual path supporting 64amps of power-per-rack


  • Zero power outages
  • Award-winning green cooling with an annualised PUE of 1.2
  • Major cloud providers access through local network connection
  • Scalable colocation environment
  • Highly resilient colocation environment
  • 24/7/365 on-site support
  • 24/7/365 on-site security. SEAP 3 rated perimeter fencing
  • Carrier agnostic network
  • Dual stage argonite fire suppression system
  • Service management including client portal


£35.00 per server

Service documents

G-Cloud 10


CustodianDC Limited

Philip Brand


Service scope

Service scope
Service constraints No service constraints
System requirements N/A

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Custodian operate a 24/7/365 on-site NOC (network operations centre) with a dedicated and experienced team available at all times.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels CUSTODIAN Remote Hands provides our clients support services including pre-installation handling, physical hardware installation, cabling for power and comms services, cable tracing, labelling, power cycling and component swapouts.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started Custodian places engagement with the customer at their core during their time with them. A dedicated account manager is implemented at the point of on boarding, and thereafter to optimise, review and measure your performance in line with your business needs.

Where required a dedicated technical contact/ team will liaise with you to make sure service provision is exactly what you expect, or to assist in any set up’s that require that extra attention to detail.

Online, access system and in-house monitoring systems training is provided as part of a full on boarding process, with detailed service reporting proactively provided on a regular basis.

A Customer Welcome Pack, which details all processes, setting up your IT infrastructure and how to access your IT infrastructure is provided at point of install.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction To be discussed with your dedicated account manager
End-of-contract process To be discussed with your dedicated account manager

Using the service

Using the service
Web browser interface No
Command line interface No


Scaling available No
Independence of resources Deployed on dedicated infrastructure. Guaranteed bandwidth service. No contention
Usage notifications Yes
Usage reporting
  • Email
  • Other


Infrastructure or application metrics Yes
Metrics types
  • Network
  • Other
Other metrics
  • Environmental
  • Mechanical &Electrical
Reporting types
  • Real-time dashboards
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency Never
Protecting data at rest Physical access control, complying with another standard
Data sanitisation process No
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Backup and recovery No

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Other
Other protection between networks Data is not exposed to us as we have no access to your data. We will provide optically isolated wavelength services. If the services above are required this can be discussed with your account manager.
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability 100% Uptime
Approach to resilience Our power delivery is 2N. Cooling infrastructure is N+1. Network specification is highly resilient and available on request.
Outage reporting A public status page is available on the Custodian website, which shows live status of our core network and infrastructure. When scheduled or emergency events then occur, notifications to the agreed contacts will be sent either by email and/or phone call.

Identity and authentication

Identity and authentication
User authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels A unique user name and password is utilised for ticketing system and managerial access control. Admin rights are restricted and reviewed regularly. Admin rights are restricted to the ability to change members of the list only, system functionality is locked down and is not configurable.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
Devices users manage the service through Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 BSI
ISO/IEC 27001 accreditation date 01/07/2013
What the ISO/IEC 27001 doesn’t cover No exclusions
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes ISO27001:2013

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Custodian operates its change management processes in accordance with ISO/IEC 27001:2013 to ensure all changes are assessed, approved, implemented and reviewed in a controlled manner. Changes are classified depending on potential impact to services. This covers Hardware, Communication Systems and Software and all documentation and procedures associated with the running, support and maintenance of live systems and Data Centre facilities.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Software is automatically updated to ensure concurrency, with systems also patched to ensure all updates are current. As an ISO27001:2013 accredited organisation, Custodian also operate a rolling internal and external audit process to continually review risks relevant to the business and manage appropriately.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Custodian have security staff and engineers on site 24x7x365. Sophisticated monitoring systems are in place at each location ensuring continual monitoring of all service elements with alerting capability and rapid response in the event of any incidents. CCTV systems are in operation at all sites site-wide both internally and externally, which when combined with Electronic Access Control systems provide comprehensive protection. In the event an incident occurs, a robust set of Business Continuity Procedures and Disaster Recovery Processes are in place to ensure rapid response in all circumstances.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Incident reporting procedure complying with the requirements of ISO/IEC 27001

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart No

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes


Price £35.00 per server
Discount for educational organisations No
Free trial available No


Pricing document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑