EnterpriseDB

EDB Postgres Managed DBaaS Service

Fully managed private Postgres DBaaS on AWS. Proactive 24x7 monitoring and tuning by certified specialists. Customized database/OS templates conform to organizational security and performance standards. Self-service provisioning balances operational control against developer agility for DevOps (single instances to production clusters) of databases in the cloud. No compromise live expert support.

Features

  • Resource consumption managed with database templates for your business requirements.
  • Remote DBAs manage detection, reporting, and remedies over incident management.
  • Auto-scaling/failover/backups meet application high availability and disaster requirements.
  • Customized guidance and setup on environment, databases, and application design.
  • Extensive instrumentation provides expert Postgres monitoring and alerts 24x7x365.
  • Performance tuning as databases grow and workloads evolve over time.
  • On demand help with standard database operations beyond managed service.
  • DBAs and Developers quick start training for self-service provisioning.
  • Named contact for interfacing with EDB and your DBaaS services.
  • One price for software, services, training and expert personnel.

Benefits

  • Gives operations staff control over development, test and production environments.
  • Experts employ best practices for managing Postgres databases trouble free.
  • Cloud based elasticity and automation ensure access to mission-critical applications.
  • Fit for purpose DBaaS without a one-size-fits-all approach ensures success.
  • Instrumentation probes created by Postgres experts provide world-class incident protection.
  • Continuous performance tuning prevents unseen problems growing out of control.
  • Your staff DBAs have a go-to Postgres resource when needed.
  • Begin agile DevOps processes immediately with best practices training.
  • Live support without the wait associated with typical cloud services.
  • One all inclusive cost except cloud infrastructure of your choice.

Pricing

£75000 to £850000 per unit per year

Service documents

G-Cloud 11

266371151448902

EnterpriseDB

Matthew Peachey

44-7801-383565

matt.peachey@enterprisedb.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Hybrid cloud
Service constraints None, Control and configuration is by the customer and their Cloud supplier of choice.
System requirements
  • Red Hat Enterprise Linux
  • CentOS 7.x
  • Amazon EC2
  • Microsoft Azure

User support

User support
Email or online ticketing support Email or online ticketing
Support response times 24x7x365 with a targeted initial response time of 30 minutes
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels All production level support is available on a 24x7x365 basis with a targeted initial response of 30 minutes.
Non-production level support is available on a 10x5x365 basis with a targeted initial response of 48 hours.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started On-boarding services are included to plan and specify requirements, define template configurations, and perform setup and configuration tasks. Training is also included for using the self-provisioning features.

During on-boarding we review customer requirements, leading to an initial environment configuration suitable to meet unique needs and to support both the managed and self-service user models.
1) Business Requirements- understand critical business processes and impact on IT, define RPO and RTO parameters, and review application usage patterns including maintenance needs
2) Current Operational Needs- patching, backup/ retention policies, DR validation
3) Cloud Architecture Study- authentication models, access rules and policies, users and user groups, DNS, and network isolation or VPC requirements
4) General Architecture Review- instance types, data model, application understanding, and clustering and connection pooling requirements
5) Resiliency and Availability needs including cloning or replicas
6) Database Migration Assessment plans
7) Monitoring Overview- monitoring points and how EDB handles alerts of each severity level
8) Processes for change management, ad hoc requests, and escalation

Each account has a technical lead from EDB who serves as a primary contact for any questions or concerns. A RemoteDBA team is assigned for ongoing monitoring, maintenance, support and tuning of deployed clusters according to requirements.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction The EDB Postgres solution sits within the buyer's infrastructure of choice They have their own license for the use of the deployed software and control the management of the data contained within. Data can be extracted in a wide variety of formats including: Postgres, Oracle, SQL Server, MongoDB, MySQL, Hadoop, CSV and user defined custom formats. This will allow the buyer to port their data to an alternative solution should this be necessary.
End-of-contract process The buyer controls the management of the data and is in complete control of the processes should they decide not to renew licenses at the end of the contract. EDB can provide professional services at extra cost to help with the transition between solutions. These services are outlined in the attached service description document and are listed under the Cloud Services category.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install Yes
Compatible operating systems Linux or Unix
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Users can access the software management features through mobile browsers. However given screen size restrictions this is not recommended.
Service interface No
API Yes
What users can and can't do using the API The EDB Postgres Managed DBaaS Service is built on EDB Postgres Ark which has an API for integrating into DevOps environments that automate database deployments using IT automation software like Chef™, Puppet™, or popular ITSMs like ServiceNow and BMC Remedy.

IT automation software can be used to script deployments from scratch.

Database templates consisting of customized operating systems, Postgres extensions, and database settings can be created to ensure operational policies around security, configurations, workloads, compute power and more for development, test and production environments.

Besides creating a new Postgres database cluster, you can add additional streaming replicas for high availability and read/write scalability, configure backups for disaster recovery, or set the thresholds . You can also use the API to monitor servers as well as databases, and download server logs.

Details in the attached service description document.
API documentation Yes
API documentation formats
  • HTML
  • ODF
  • PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation The service can be customized to create a variety of different database templates for different operating system configurations, application use cases (transactional, reporting, document oriented, spatial etc.), operating environments (development, test, production) and cloud compute/storage resource profiles.

The service can also be integrated into DevOps automation environments such as Chef and Puppet as well as ITSMs like ServiceNow and BMC Remedy.

Scaling

Scaling
Independence of resources The EDB Postgres solution sits within the buyers cloud infrastructure of choice. All cloud instances for EDB solutions are private instances and respect the isolation and processing independence such instances are afforded by the cloud infrastructure provider. EDB Postgres instances are not shared with other users outside of those authorized by the buyer.

Analytics

Analytics
Service usage metrics Yes
Metrics types TODO
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency Never
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
Other data at rest protection approach The EDB Postgres solution sits within the buyers infrastructure of choice. They or their cloud supplier of choice have complete control of their data and its security including the encryption of data on disk or encrypting selected columns of data in the database.
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach The EDB Postgres solution sits within the buyers infrastructure of choice They have their own licence for the use of the deployed software and control the management of the data contained within. Data can be extracted in a wide variety of formats including: Postgres, Oracle, SQL Server, MongoDB, MySQL, Hadoop, CSV and user defined custom formats. This will allow the buyer to port their data to an alternative solution should this be necessary.
Data export formats Other
Other data export formats SQL
Data import formats Other
Other data import formats
  • SQL
  • Import directly into database using the EDB Migration Portal

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Other
Other protection between networks The buyer controls the connectivity of the solution and there is no requirement for connection to EDB as the supplier. Buyers can deploy the database to their private/public cloud of choice and connect to it using existing security protocols for their applications.
Data protection within supplier network
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection within supplier network Not applicable. EDB as a software supplier does not provide the connectivity to the buyer's public or private cloud of choice to deploy the database.

Availability and resilience

Availability and resilience
Guaranteed availability The EDB Postgres solution sits within the buyers infrastructure of choice. Availability is controlled by their own network resilience software configuration as well as by the Service Level Agreements of their cloud provider of choice.
Clusters are distributed across multiple availability zones and are fault-tolerant. EDB supports a range of database architectures which are backed by availability SLAs.
Approach to resilience The EDB Postgres solution sits within the buyers infrastructure of choice. Resilience is controlled by their own network resilience and software configuration as well as by the resilience of the infrastructure of their cloud provider of choice.
For managed clusters, the solution provides automatic, self-healing failover and automatic online backup to protect from data loss. Replicas are automatically scaled out based on increasing user demand. Automated connection pooling and load balancing increases database read performance by distributing requests across all cluster members.
Outage reporting The EDB Managed DBaaS monitoring services consists of the active monitoring of 3 layers: database, server, and cloud infrastructure. Databases are monitored for availability and performance, with defined thresholds and alerts, and we monitor across your server resources, including memory and CPU utilization, database availability, maximum connections, long running queries, bloat, capacity, replication lag, network availability, and audits of configuration changes.
Our advanced monitoring solution combines the robust monitoring capabilities of EDB Postgres Enterprise Manager (“PEM”) with AWS CloudWatch metrics and internally developed technology. The EDB Operations team utilizes a mature event and incident management methodology to sustain the solution, enabling detection and management of issues that arise through alerts (events), and fast action for resolution. The team works 24x7x365 to analyze the health and monitor your operating environment, and responds to each alert according to severity and SLA. Outages are reported immediately the EDB Managed DBaaS operations team through automated alerts, and e-mail alerts for critical severity 1 issues are provided to the customer.

This solution contains management software for monitoring and sits within the buyers infrastructure of choice. Management and reporting of certain cloud platform service outages is controlled by the buyers infrastructure or cloud provider of choice.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Not applicable. The EDB Postgres solution sits within the buyers cloud infrastructure. They access management and support channels are managed internally or by their cloud provider of choice.
Authentication, network isolation, encryption, and role-based access controls keep data protected. Environments are built on a secure AWS architecture and network topologies, and we can work with specific deployment patterns with VPCs and security groups.
Access restriction testing frequency Never
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information No audit information available
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach Security is governed by the cloud service provider and/or the customer's internal network.
Information security policies and processes Authentication, network isolation, encryption, and role-based access controls keep your data protected. Environments are built on a secure AWS architecture and network topologies, and we can work with your specific deployment patterns with VPCs and security groups.

EDB does not maintain the buyers data. Primary security policy and process is the responsibility of the buyers network or the chosen cloud provider supplemented by a wide variety of security measures available inside the database including roles, row level security, view security barriers, SQL injection protection, SQL GRANT/REVOKE, and Column Level Permissions.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach The EDB solution allows users to have Postgres databased deployed the cloud in the virtual private network of choice. Therefore the issues of configuration and change management for the security controls are the buyer's responsibility or the responsibility of their chosen cloud provider. EDB will provide guidance on change management processes.
Vulnerability management type Supplier-defined controls
Vulnerability management approach The software is deployed in the buyers network or on the infrastructure of their chosen cloud provider. Vulnerability management is the responsibility of the buyer and/or their cloud provider. For the database, EDB maintains a watch on the marketplace and the PostgreSQL user community for emerging vulnerabilities using the CVE standard and will issue patches for customers to apply as needed. Additional tools inside the database are also available for added security such as roles, row level security, view security barriers, SQL injection protection, SQL GRANT/REVOKE, and Column Level Permissions.
Protective monitoring type Supplier-defined controls
Protective monitoring approach This EDB software offering is to be deployed in the buyer's network or their cloud provider of choice. Protective monitoring will be carried out by their relevant NOC/SOC activities, and optionally supplemented with EDB's management and monitoring software.
Incident management type Supplier-defined controls
Incident management approach This EDB software offering is to be deployed in the buyer's network or their cloud provider of choice. Incident Management activities will be carried out by their relevant NOC/SOC activities, and optionally supplemented with EDB's management and monitoring software.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £75000 to £850000 per unit per year
Discount for educational organisations No
Free trial available Yes
Description of free trial Contact vendor for free trials.
Link to free trial Contact vendor for free trials.

Service documents

pdf document: Pricing document pdf document: Service definition document pdf document: Terms and conditions
Service documents
Return to top ↑