Network Insight
Network Insight fast-tracks application security planning and network troubleshooting across private, public and hybrid clouds
Features
- Plan application security and migration
- Troubleshoot application connectivity
- Optimize and troubleshoot virtual, physical and cloud networks
- Manage and Scale VMware NSX
Benefits
- Discover applications and map dependencies
- Secure data center through micro-segmentation planning to minimize risk
- Reduce mean time to resolution for networking and security issues
- Identify network hairpins and communicating VMs to optimize network performance
- Vendor agnostic and agentless
- Built for multi-cloud environments (private, public and hybrid)
Pricing
£33.93 to £1,132.49 a unit a year
- Education pricing available
- Free trial available
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at G-Cloud@vmware.com.
Tell them what format you need. It will help if you say what assistive technology you use.
Framework
G-Cloud 11
Service ID
2 6 0 6 8 3 0 3 9 1 9 4 2 0 3
Contact
VMware UK Limited
G-Cloud Enquiries
Telephone: 07824 478092
Email: G-Cloud@vmware.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
-
- Public cloud
- Private cloud
- Hybrid cloud
- Service constraints
- VMware Network Insight works across VMware private cloud, VMware Cloud™ on AWS, and native AWS. Additional clouds planned include Microsoft Azure and Google Cloud Platform.
- System requirements
- Not Applicable
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- VMware Cloud Service Support Policies are published: https://www.vmware.com/support/policies/saas-support.html Critical (SaaS Severity 1) 30 minutes or less: 24x7 Major (SaaS Severity 2) 4 business hours Minor (SaaS Severity 3) 8 business hours Cosmetic (SaaS Severity 4) 12 business hours
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- Web chat
- Web chat support availability
- 24 hours, 7 days a week
- Web chat support accessibility standard
- WCAG 2.1 AA or EN 301 549
- Web chat accessibility testing
- Network Insight leverages in-product chat from Intercom.com. Details about chat accessibility can be found here. https://www.intercom.com/help/faqs-and-troubleshooting/the-intercom-messenger/is-the-intercom-messenger-accessible Additional details on development and testing for accessibility of the chat interface can be found here: https://www.intercom.com/blog/messenger-accessibility/
- Onsite support
- Yes, at extra cost
- Support levels
-
Please refer to our website for support details: https://www.vmware.com/support/services/saas-production.html
Technical Account Specialists are available at an additional cost. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- VMware provides a range of resources to help to start using the Network Insight. These include comprehensive documentation (in multiple formats), introductory videos, hands-on labs, online and in-person training, access to a large ecosystem of partners and support from the customer success team and public sector account team.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
-
Per Section 3.3 at https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/support/vmw-network-insight-service-description.pdf
If you or we terminate your account, you will permanently lose access to the data collected by the Service Offering. This data includes any configuration created in the Service Offering for the purpose of providing services to end users. That data will be deleted within 90 days of account termination. The Service Offering is not intended to or configured to accept any Content, including any data restricted or prohibited by the Terms of Service.
The VMware Data Processing Addendum is available by visiting https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/downloads/eula/vmware-data-processing-addendum.pdf - End-of-contract process
-
Per Section 3.3 at https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/support/vmw-network-insight-service-description.pdf
If you or we terminate your account, you will permanently lose access to the data collected by the Service Offering. This data includes any configuration created in the Service Offering for the purpose of providing services to end users. That data will be deleted within 90 days of account termination. The Service Offering is not intended to or configured to accept any Content, including any data restricted or prohibited by the Terms of Service.
The VMware Data Processing Addendum is available by visiting https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/downloads/eula/vmware-data-processing-addendum.pdf
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Firefox
- Chrome
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Network Insight is accessible via web browser which can be instantiated on mobile devices as well. The user interface is very responsive to any kind of device.
- Service interface
- Yes
- Description of service interface
-
Network Insight is an HTML5-based web app that delivers a unified, easy-to-use interface across all supported platforms and devices
The user interface is simple, intuitive and responsive. Interactive dashboards, advanced filters, search options and customizable user preferences provide IT administrators the information they need to make decisions. - Accessibility standards
- None or don’t know
- Description of accessibility
-
VMware is dedicated to support customers to make VMware products and technologies accessible to people with disabilities.
Please visit https://www.vmware.com/uk/help/accessibility.html for an overview of the accessibility testing conducted on the various VMware products and services at this time - Accessibility testing
- Please visit https://www.vmware.com/uk/help/accessibility.html for an overview of the accessibility testing conducted on the various VMware products and services at this time
- API
- Yes
- What users can and can't do using the API
-
One of the great things about VMware’s Cloud services is that all of the authentication to the platform is centralized within the Cloud Services Portal (CSP). One benefit to this is that the API token that you leverage within the platform is a common token across all off the Cloud Services. In order to leverage the API endpoints we highlight below, you’ll need to acquire and use that token.
API documentations:
https://code.vmware.com/apis/224/vrni - API documentation
- Yes
- API documentation formats
- Open API (also known as Swagger)
- API sandbox or test environment
- No
- Customisation available
- No
Scaling
- Independence of resources
- - Our solution meets strict requirements for high availability and redundancy through load balancing across multiple, geographically disparate data centers. We eliminate any single point of failure through the use of redundant equipment, network, power and clustering of key components.
Analytics
- Service usage metrics
- No
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- None
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- Other locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Physical access control, complying with SSAE-16 / ISAE 3402
- Physical access control, complying with another standard
- Encryption of all physical media
- Other
- Other data at rest protection approach
-
- Proper User access controls are in place. Only authorized users get access to the data.
- Intrusion detection system such as Redlock in place to monitor the system - Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- Network Insight exports network flow information, security groups information, Dashboards and audit logs through administrator user interface.
- Data export formats
-
- CSV
- Other
- Other data export formats
-
- XML
- Data import formats
- Other
- Other data import formats
- YAML
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
-
VMware will use commercially reasonable efforts to ensure that each component of the Service Offering ("service component") is “Available” during a given billing month (as defined in the Service Description)
https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/support/vmw-network-insight-service-description.pdf - Approach to resilience
-
Our solution meets strict requirements for high availability and redundancy through load balancing across multiple, geographically disparate data centers. We eliminate any single point of failure through the use of redundant equipment, network, power and clustering of key components.
- Proper Backup/Restore and DR process are in place.
- Additional information can be provided upon request. - Outage reporting
- The real-time status of the Network Insight along with past incidents is publicly available on https://status.vmware-services.io/.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Username or password
- Access restrictions in management interfaces and support channels
- Management interfaces implement role-based access controls and require members to authenticate against the corporate identity provider.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- Between 1 month and 6 months
- Access to supplier activity audit information
- No audit information available
- How long system logs are stored for
- Between 1 month and 6 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- Schellman & Company, LLC
- ISO/IEC 27001 accreditation date
- 06/03/2019
- What the ISO/IEC 27001 doesn’t cover
- Not Applicable
- ISO 28000:2007 certification
- No
- CSA STAR certification
- Yes
- CSA STAR accreditation date
- 13/11/2018
- CSA STAR certification level
- Level 1: CSA STAR Self-Assessment
- What the CSA STAR doesn’t cover
- N/A
- PCI certification
- No
- Other security certifications
- Yes
- Any other security certifications
- Global DC operations have undergone a SSAE16/SOC2 Type I audit
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- VMware security policies are documented and available to employees on an internal web site. Policies and procedures are reviewed annually, updated as needed and retained for a minimum of six years from the date of creation. VMware utilizes a standard operating procedure repository to store an extensive set of documented procedures. Detailed procedures are defined for the following categories of functions: information security, physical security, network availability, HR, communications, risk/issues and service level customer service. On an annual basis, Network Insight is audited by third-party auditors for ISO 27001, and SOC 2. Policy adherence is included as a part of these third-party audits.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
We maintain a documented Configuration Management policy based on industry best practices to harden SaaS environment and Change Control Policy to manage changes to SaaS environment
-- Changes to Configuration Management policy are processed through Change Management policy
-- Change Management includes approval, testing, implementation and rollback
--- Support staff members initiate change through change control form, which Change Advisory Board team reviews for completeness, impact and scheduling. Severity level of change is categorized.
--- Once form is approved, change is scheduled and alert is released to necessary groups; once change is made, it is tested, validated and closed - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
We receive threat information and explore threat resolutions from the VMware Security Response Center (http://www.vmware.com/security/vsrc.html)
- Regular internal and external vulnerability assessments tests performed against the SaaS environment
- Risk methodology based on NIST standards, including:
-- Identifying and characterizing threats
-- Assessing the vulnerability of critical assets to specific threats
-- Determining risk (i.e., expected likelihood and consequences of attacks)
-- Identifying ways to reduce risks
-- Prioritizing risk reduction measures based on strategy - Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
-
Our cloud support staff have configured the system to notify IT personnel if the central processing unit (CPU) utilization is too high, disk space limited, memory issues, key service failures, bandwidth utilization, power consumption, or other performance items.
- IT Operations has subscriptions to pertinent vendor security and bug-tracking mailing lists.
- After analyzing the severity and impact, network, utility and security equipment is patched or upgraded
- Tools like wavefront and Lacework are in place that continuously monitors the service KPIs. - Incident management type
- Supplier-defined controls
- Incident management approach
-
We maintain an Incident Management Plan as part of our Information Security Program.
Incidents are reported to and resolved by the appropriate Cloud Operations team and by senior management where needed.
-- Alerts, responses and resolutions are tracked through completion.
-- In the unlikely event of an incident, we will notify customers within two business days of any customer data that is affected.
- Incident logs are reviewed by applicable support personnel for analysis and remediation to avoid further incidents of similar type. All remediation actions are reviewed and approved by our Information Security Governance Committee.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Pricing
- Price
- £33.93 to £1,132.49 a unit a year
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- We encourage the use of our 30 days free trial experience as part of customer acceptance strategy. Trial enables you to review all solution functionality across all clouds
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at G-Cloud@vmware.com.
Tell them what format you need. It will help if you say what assistive technology you use.