Perfect Image

Splunk Enterprise - ITOPS, Security and Analytics

Monitor and analyse machine data from any source to deliver Operational Intelligence to optimise your IT, security and business performance. With intuitive analysis , machine learning, applications and open APIs, Splunk Enterprise can be delivered from both public and private cloud.
Specialist services include scoping, implentation and support.

Features

  • Consultancy
  • Requirements gathering
  • Solution definition
  • Strategy and planning
  • Bespoke development
  • Support
  • Health checks
  • Design & Architecture
  • Integration

Benefits

  • Improved Operations
  • Improved insights
  • Scalable solutions
  • Integrated solutions
  • Improved productivity
  • Improved decision making
  • Iimprove data accessibility
  • Enhanced Security
  • Monitoring of entire infrastructure & application estate

Pricing

£2520 per instance per year

  • Free trial available

Service documents

G-Cloud 11

244082742201161

Perfect Image

Andrew Smith

01912380111

andrew.smith@perfect-image.co.uk

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to Please refer to the service definition document for details.
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints Constrains : planned maintenance and upgrades
Please refer to the service definition document for details.
System requirements This varies depending on the customer requirement

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Our standard SLA for response is 2 hours
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels Perfect Image customers benefit from a support desk of highly trained and certified application engineers that are all UK based.
Support is defined into five key areas that also help form the service level agreement with our customers and to ensure it meets your organisation’s needs. These include:
• Service Definition
Including start and end date whilst also stating all key contacts and level of support provided.
• Incident Management
Under ITIL an Incident is any sort of problem or service request submitted by the Customer to Perfect Image. Perfect Image’s Service Desk, which will log and respond to all Incidents, operates during our Normal Hours of Coverage which is between 8:00am and 6:00pm, Monday through Friday excluding public holidays. Out of hours’ support is also available on request.
Our service levels are detailed below
• Critical - 4 hour target resolution
• High - 7.5 hour target resolution
• Medium - 22.5 hour target resolution
• Low - 75 hours target resolution
Costs - We have a single rate for all level of support as it is the nature of the incident that will confirm its support status. We provide cloud support engineers as part of this service.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started The following services form the basis of on-boarding a customer.
- Implementation, training & consultancy. Each of these can be delivered remotely or on-site.
- Professional services post Go-Live. Business Intelligence and analytics solutions are expected to evolve as your organisation benefits from the features of the software and the maturity in using it increases. It is therefore expected that additional professional services may be required from Perfect Image after the system has gone live. We work closely with customers to ensure your own in house service skills are met, but in some instances your team may require additional services for areas such as customisation and training.
- Ad-hoc hosting services. The hosting of your BI and analytics solutions is linked to your licensing, user numbers and capacity requirements. We work with each client to confirm the estimated cost of a complete service and is dependent on the recommended product and solution.
User documentation can be provided on request.
Service documentation No
End-of-contract data extraction Off-boarding with Perfect Image is a straightforward procedure and the customer has provided one month’s notice to cancel in writing.
Perfect Image can facilitate a copy of all data stored and then arrange to delete all data associated with your organisation. The format of the data would be agreed in advance to ensure there is a smooth transition off the service being provided.
End-of-contract process Off-Boarding
Each customer will have different requirements and Perfect Image will work closely to understand and support Off-boarding. Services to support this would be charged for on a time and materials basis.
- Data Extraction charges
The data required and associated effort will vary from one organisation to the next. The Perfect Image team will work to forecast the effort required to extract data. All work would be delivered on a time and materials basis.
- Licence charges
In the event that an organisation wishes to terminate their license, one full month’s notice must be provided in writing for SaaS solutions. A final charge will then be made for the next full month. In the case of perpetual license being deployed in the cloud, these would have been purchased in advance.
- Professional Services charges
The customer will be charged for any service provision provided during the month of the termination. All incurred expenses will also be re-charged i.e. travelling, accommodation, booking and administrative work.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Please refer to the service definition document for details.
API Yes
What users can and can't do using the API Please refer to the service definition document for details.
API documentation No
API sandbox or test environment No
Customisation available Yes
Description of customisation Please refer to the service definition document for details.

Scaling

Scaling
Independence of resources This is a privately hosted solution with no shared computing resource with other clients. We would size the hosting in accordance with planned usage to minimise any variations in the application performance.

Analytics

Analytics
Service usage metrics Yes
Metrics types Please refer to the service definition document for details.
Reporting types API access

Resellers

Resellers
Supplier type Reseller providing extra features and support
Organisation whose services are being resold Splunk

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach In-house
Protecting data at rest Physical access control, complying with CSA CCM v3.0
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach There are export facilities within the application and the formats are extremely varied. The facility to access this functionality would be limited to those with administration access or people identified with the need for this functionality as part of the governance and security review at the start of the project.
Data export formats
  • CSV
  • Other
Other data export formats
  • JSON
  • XML
  • PDF
  • RAW
Data import formats
  • CSV
  • Other
Other data import formats
  • JSON
  • RAW
  • XML
  • TSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Private network or public sector network
Data protection within supplier network Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability Each customer can stipulate the level of availabiity that needs to be guranteed. We will then implement the services required to meet this.
Approach to resilience This is available on request
Outage reporting We monitor all services proactivley through the use of dashboards, email and text alerts.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication 2-factor authentication
Access restrictions in management interfaces and support channels We restrict access by user, security and job role.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Please refer to the service definition document for details.

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes We have an ISSM library which is aligned to GDPR 2018 and the governments Cyber Essentials scheme. We also are aligned to 27001 Annex A.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Changes are asssesed for potential security Impact inline with ITIL best practice
Vulnerability management type Supplier-defined controls
Vulnerability management approach Daily vulnerability testing on external IP ports, scheduled patch management and background Antivirus.
Protective monitoring type Supplier-defined controls
Protective monitoring approach We deploy an Opsview platform as a NOC central monitoring facility. This uses proactive round robin monitoring and testing across agreed client threshholds. Red Amber Green reporting against these threshholds.
Incident management type Supplier-defined controls
Incident management approach Controlled through our support desk. We follow an ITIL aligned Incident Management process. We carry out the following steps:- Identify and log incidents/Calssify and Prioritise/Investigate and Diagnose/Resolution and Recovery/Close incident

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £2520 per instance per year
Discount for educational organisations No
Free trial available Yes
Description of free trial Please refer to the service definition document for details.

Service documents

pdf document: Pricing document pdf document: Skills Framework for the Information Age rate card pdf document: Service definition document pdf document: Terms and conditions
Service documents
Return to top ↑