WM Promus

WMP Openstack Managed Service

WM Promus provides an inexpensive, opensource-based, private cloud solution to ensure your organisation can manage large pools of systems, storage and networking resources via an easy-to-use dashboard, CLI, or API. The underpinning technology is Openstack which is the defacto standard for an Amazon Web Services compatible and feature-complete private cloud.

Features

  • Cloud Computing
  • Object Storage
  • Containers Management
  • As a Service Offering
  • Department or Project based Billing
  • Network Security and Data Sovereignty

Benefits

  • A public cloud-like experience on your own hardware
  • Securely store files and media in your own cloud
  • Spin-up and manage your containers in your own server-less environment
  • Database-as-a-Service, Message-Bus-as-a-Service and more
  • Always know how much each department or project is spending
  • Your data is encrypted and does not leave the country

Pricing

£41900 per unit per year

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 9

298833625408755

WM Promus

Tom Hickmott

+44 (0) 203 946 6218

tom.hickmott@wmpromus.com

Service scope

Service scope
Service constraints None
System requirements Linux required for hypervisor and controller systems

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Severity 1 (Urgent): First technical response within 30 minutes.

Severity 2 (High): First technical response within 12 hours.

Severity 3 (Normal): First technical response within 24 hours.

Weekend response times depend on contract and is provided by an on-call service. This facility is only available for Severity 1 tickets.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Yes, at an extra cost
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard WCAG 2.0 A
Web chat accessibility testing As an IT service provider, we've been using web chat support for years with our users.
Onsite support Yes, at extra cost
Support levels We provide Level 3 engineer/consultant on-site or remote. We also provide a technical account manager. Level 3 is charged at standard consultancy rate. Technical account management is included as part of the service.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started During the installation phase, our clients are mostly hands-off as our consultants do all the work. The systems are installed automatically using our Openstack DevOps tool. After thorough testing, both automatic and by the consultant, implementation, administration, and user training begins. Training is delivered by one of the consultants who built your system and is always tailored to your specific needs. Because the consultant who built your Openstack system is providing the training, the training is focused specifically on your implementation needs and your questions never go unanswered. Once training is complete, the last and final phase is handover. Your IT team receives hands-on training on how to deal with issues as they arise. If they need help after handover, your teams will have access to our dedicated support team of experienced professionals. WM Promus’ deployment method makes Openstack a straightforward yet highly customised experience that meets your organisation’s specific needs and demands. WM Promus can provide onsite training, online training as well as user documentation.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction At the end of the contract per customer request, the data will be downloaded to a data pod and shipped or couriered to the customer. The data will be kept in an open format standard to be imported into any standard cloud.
End-of-contract process There are no exit fees except the cost of the data pod charged at market rate.

Using the service

Using the service
Web browser interface Yes
Using the web interface Users can access, manage, and maintain their systems through an easy to use web dashboard. Users setup the service through a series of wizards and configuration screens. The same wizards and screens are used to make changes later on with no limitations to the service.

Users can manage:
Virtual Machines/Cloud Instances
Virtual Disk Volumes
Network
Containers
Database as a Service
Manage Permission
Web interface accessibility standard WCAG 2.0 A
Web interface accessibility testing The OpenStack user base has done extensive testing and maintains a Wiki that outlines the testing and any issues found.
API Yes
What users can and can't do using the API Users can make all the same changes through our API. These API endpoints are clearly defined and documented. There are absolutely no limitations to our Openstack API.
API automation tools
  • Ansible
  • Chef
  • OpenStack
  • SaltStack
  • Terraform
  • Puppet
  • Other
Other API automation tools
  • Packstack
  • RDO Project
  • WM Promus DevOps Suite
  • Any Bash or Scripting language
API documentation Yes
API documentation formats
  • HTML
  • PDF
Command line interface Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
  • MacOS
  • Other
Using the command line interface Users can access our service through our CLI tools which use our Backend API. Users can make any change through Web or API through our CLI. Our CLI tools can be used on any modern operating system as it requires Python to run.

Scaling

Scaling
Scaling available Yes
Scaling type
  • Automatic
  • Manual
Independence of resources The Consul Auto Discovery Service detects down instances and routes around them. However it is dependent on the Users applications.
Usage notifications Yes
Usage reporting
  • Email
  • Other

Analytics

Analytics
Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
Reporting types
  • API access
  • Real-time dashboards
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach In-house
Protecting data at rest Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Hardware containing data is completely destroyed
Equipment disposal approach A third-party destruction service

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • VM or Cloud Instances
  • Databases
  • Block Storage (Files)
  • Configuration of the core system
Backup controls These are done automatically on the users behalf no configuration is required.
Datacentre setup
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
  • Single datacentre with multiple copies
  • Single datacentre
Scheduling backups Supplier controls the whole backup schedule
Backup recovery Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability Availability is dependent on customer needs. This varies between contracts.
Approach to resilience Available upon request.
Outage reporting Any outages will be reported by email.

Identity and authentication

Identity and authentication
User authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels Built into Dashboard which gives RBAC controls.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Devices users manage the service through Dedicated device on a segregated network (providers own provision)

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for Between 6 months and 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for Between 6 months and 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards ISO/IEC 27001
Information security policies and processes SANS Top 20 and ISO 27001.

On identification of an issue that cannot be resolved by the customer they should contact WM Promus Service Desk to log an incident. This can be via telephone or email depending on the priority of the incident.
Should the client experience problems with any of the services provided they should escalate using the following contacts:

Stage 1 Escalation – Technical Account Manager.
Stage 2 Escalation – Service Delivery Manager.
Stage 3 Escalation – General Manager.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Systems and Configurations management are tracked through our Openstack Dashboard and HPE tools. All software aspects are tracked through Puppet Configuration Management software.
During the life of the solution the team may identify changes required to improve security or resolve known errors. Some changes may be minor and may be easily accommodated within the current service with no discernible impact. Other changes may take the form of significant modifications to the service, requiring that a formal change process be followed.
The formal change process will be initiated by the completion of a Change Request Confirmation form describing the requested change.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach We conduct routine penetration scans and service version discovery scans. Upon finding a vulnerability WM Promus will deploy patches and/or workaround to address said vulnerability. Vulnerabilities are published in Openstack communication channels.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach We use various Firewall and IPS devices at our BGP Gateways. We will respond to incidents in accordance with the agreed service level.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Contact WM Promus Service Desk to log an incident, via telephone or email.
The WM Promus Service Desk will register incoming calls with a unique incident reference number and assign a support engineer.
Ensure customer communication in accordance with the service level definitions
If the incident cannot be resolved WM Promus will propose a workaround.
If the fault cannot be resolved remotely, the WM Promus support engineer will escalate to the WM Promus Operations Management team that will liaise with the user to propose a plan of action, with appropriate timescales, to perform a permanent resolution to the issue.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Supplier
Virtualisation technologies used KVM hypervisor
How shared infrastructure is kept separate Each organisation has its own set of Hypervisors.

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes

Pricing

Pricing
Price £41900 per unit per year
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Full access trial for 30 days.

Documents

Documents
Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑