G-Cloud 11 services are suspended on Digital Marketplace

If you have an ongoing procurement on G-Cloud 11, you must complete it by 18 December 2020. Existing contracts with VMware UK Limited are still valid.
VMware UK Limited

Network Insight

Network Insight fast-tracks application security planning and network troubleshooting across private, public and hybrid clouds

Features

  • Plan application security and migration
  • Troubleshoot application connectivity
  • Optimize and troubleshoot virtual, physical and cloud networks
  • Manage and Scale VMware NSX

Benefits

  • Discover applications and map dependencies
  • Secure data center through micro-segmentation planning to minimize risk
  • Reduce mean time to resolution for networking and security issues
  • Identify network hairpins and communicating VMs to optimize network performance
  • Vendor agnostic and agentless
  • Built for multi-cloud environments (private, public and hybrid)

Pricing

£33.93 to £1,132.49 a unit a year

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at G-Cloud@vmware.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 11

Service ID

2 6 0 6 8 3 0 3 9 1 9 4 2 0 3

Contact

VMware UK Limited G-Cloud Enquiries
Telephone: 07824 478092
Email: G-Cloud@vmware.com

Service scope

Software add-on or extension
No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints
VMware Network Insight works across VMware private cloud, VMware Cloud™ on AWS, and native AWS. Additional clouds planned include Microsoft Azure and Google Cloud Platform.
System requirements
Not Applicable

User support

Email or online ticketing support
Email or online ticketing
Support response times
VMware Cloud Service Support Policies are published: https://www.vmware.com/support/policies/saas-support.html Critical (SaaS Severity 1) 30 minutes or less: 24x7 Major (SaaS Severity 2) 4 business hours Minor (SaaS Severity 3) 8 business hours Cosmetic (SaaS Severity 4) 12 business hours
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
WCAG 2.1 AA or EN 301 549
Web chat accessibility testing
Network Insight leverages in-product chat from Intercom.com. Details about chat accessibility can be found here. https://www.intercom.com/help/faqs-and-troubleshooting/the-intercom-messenger/is-the-intercom-messenger-accessible Additional details on development and testing for accessibility of the chat interface can be found here: https://www.intercom.com/blog/messenger-accessibility/
Onsite support
Yes, at extra cost
Support levels
Please refer to our website for support details: https://www.vmware.com/support/services/saas-production.html
Technical Account Specialists are available at an additional cost.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
VMware provides a range of resources to help to start using the Network Insight. These include comprehensive documentation (in multiple formats), introductory videos, hands-on labs, online and in-person training, access to a large ecosystem of partners and support from the customer success team and public sector account team.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Per Section 3.3 at https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/support/vmw-network-insight-service-description.pdf
If you or we terminate your account, you will permanently lose access to the data collected by the Service Offering. This data includes any configuration created in the Service Offering for the purpose of providing services to end users. That data will be deleted within 90 days of account termination. The Service Offering is not intended to or configured to accept any Content, including any data restricted or prohibited by the Terms of Service.

The VMware Data Processing Addendum is available by visiting https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/downloads/eula/vmware-data-processing-addendum.pdf
End-of-contract process
Per Section 3.3 at https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/support/vmw-network-insight-service-description.pdf
If you or we terminate your account, you will permanently lose access to the data collected by the Service Offering. This data includes any configuration created in the Service Offering for the purpose of providing services to end users. That data will be deleted within 90 days of account termination. The Service Offering is not intended to or configured to accept any Content, including any data restricted or prohibited by the Terms of Service.

The VMware Data Processing Addendum is available by visiting https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/downloads/eula/vmware-data-processing-addendum.pdf

Using the service

Web browser interface
Yes
Supported browsers
  • Firefox
  • Chrome
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Network Insight is accessible via web browser which can be instantiated on mobile devices as well. The user interface is very responsive to any kind of device.
Service interface
Yes
Description of service interface
Network Insight is an HTML5-based web app that delivers a unified, easy-to-use interface across all supported platforms and devices

The user interface is simple, intuitive and responsive. Interactive dashboards, advanced filters, search options and customizable user preferences provide IT administrators the information they need to make decisions.
Accessibility standards
None or don’t know
Description of accessibility
VMware is dedicated to support customers to make VMware products and technologies accessible to people with disabilities.

Please visit https://www.vmware.com/uk/help/accessibility.html for an overview of the accessibility testing conducted on the various VMware products and services at this time
Accessibility testing
Please visit https://www.vmware.com/uk/help/accessibility.html for an overview of the accessibility testing conducted on the various VMware products and services at this time
API
Yes
What users can and can't do using the API
One of the great things about VMware’s Cloud services is that all of the authentication to the platform is centralized within the Cloud Services Portal (CSP). One benefit to this is that the API token that you leverage within the platform is a common token across all off the Cloud Services. In order to leverage the API endpoints we highlight below, you’ll need to acquire and use that token.
API documentations:
https://code.vmware.com/apis/224/vrni
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
No
Customisation available
No

Scaling

Independence of resources
- Our solution meets strict requirements for high availability and redundancy through load balancing across multiple, geographically disparate data centers. We eliminate any single point of failure through the use of redundant equipment, network, power and clustering of key components.

Analytics

Service usage metrics
No

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Other
Other data at rest protection approach
- Proper User access controls are in place. Only authorized users get access to the data.
- Intrusion detection system such as Redlock in place to monitor the system
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Network Insight exports network flow information, security groups information, Dashboards and audit logs through administrator user interface.
Data export formats
  • CSV
  • Other
Other data export formats
  • XML
  • PDF
Data import formats
Other
Other data import formats
YAML

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
VMware will use commercially reasonable efforts to ensure that each component of the Service Offering ("service component") is “Available” during a given billing month (as defined in the Service Description)

https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/support/vmw-network-insight-service-description.pdf
Approach to resilience
Our solution meets strict requirements for high availability and redundancy through load balancing across multiple, geographically disparate data centers. We eliminate any single point of failure through the use of redundant equipment, network, power and clustering of key components.
- Proper Backup/Restore and DR process are in place.
- Additional information can be provided upon request.
Outage reporting
The real-time status of the Network Insight along with past incidents is publicly available on https://status.vmware-services.io/.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels
Management interfaces implement role-based access controls and require members to authenticate against the corporate identity provider.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Between 1 month and 6 months
Access to supplier activity audit information
No audit information available
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Schellman & Company, LLC
ISO/IEC 27001 accreditation date
06/03/2019
What the ISO/IEC 27001 doesn’t cover
Not Applicable
ISO 28000:2007 certification
No
CSA STAR certification
Yes
CSA STAR accreditation date
13/11/2018
CSA STAR certification level
Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover
N/A
PCI certification
No
Other security certifications
Yes
Any other security certifications
Global DC operations have undergone a SSAE16/SOC2 Type I audit

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
VMware security policies are documented and available to employees on an internal web site. Policies and procedures are reviewed annually, updated as needed and retained for a minimum of six years from the date of creation. VMware utilizes a standard operating procedure repository to store an extensive set of documented procedures. Detailed procedures are defined for the following categories of functions: information security, physical security, network availability, HR, communications, risk/issues and service level customer service. On an annual basis, Network Insight is audited by third-party auditors for ISO 27001, and SOC 2. Policy adherence is included as a part of these third-party audits.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
We maintain a documented Configuration Management policy based on industry best practices to harden SaaS environment and Change Control Policy to manage changes to SaaS environment
-- Changes to Configuration Management policy are processed through Change Management policy
-- Change Management includes approval, testing, implementation and rollback
--- Support staff members initiate change through change control form, which Change Advisory Board team reviews for completeness, impact and scheduling. Severity level of change is categorized.
--- Once form is approved, change is scheduled and alert is released to necessary groups; once change is made, it is tested, validated and closed
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
We receive threat information and explore threat resolutions from the VMware Security Response Center (http://www.vmware.com/security/vsrc.html)
- Regular internal and external vulnerability assessments tests performed against the SaaS environment
- Risk methodology based on NIST standards, including:
-- Identifying and characterizing threats
-- Assessing the vulnerability of critical assets to specific threats
-- Determining risk (i.e., expected likelihood and consequences of attacks)
-- Identifying ways to reduce risks
-- Prioritizing risk reduction measures based on strategy
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Our cloud support staff have configured the system to notify IT personnel if the central processing unit (CPU) utilization is too high, disk space limited, memory issues, key service failures, bandwidth utilization, power consumption, or other performance items.
- IT Operations has subscriptions to pertinent vendor security and bug-tracking mailing lists.
- After analyzing the severity and impact, network, utility and security equipment is patched or upgraded
- Tools like wavefront and Lacework are in place that continuously monitors the service KPIs.
Incident management type
Supplier-defined controls
Incident management approach
We maintain an Incident Management Plan as part of our Information Security Program.

Incidents are reported to and resolved by the appropriate Cloud Operations team and by senior management where needed.
-- Alerts, responses and resolutions are tracked through completion.
-- In the unlikely event of an incident, we will notify customers within two business days of any customer data that is affected.
- Incident logs are reviewed by applicable support personnel for analysis and remediation to avoid further incidents of similar type. All remediation actions are reviewed and approved by our Information Security Governance Committee.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£33.93 to £1,132.49 a unit a year
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
We encourage the use of our 30 days free trial experience as part of customer acceptance strategy. Trial enables you to review all solution functionality across all clouds

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at G-Cloud@vmware.com. Tell them what format you need. It will help if you say what assistive technology you use.