SoftwareONE

Flexera FlexNet Manager - Data Centers

FlexNet Manager services provides Software Compliance, IT Asset Management, Hardware Asset Management and Reporting. Analytics, Cloud Management, Vendor Certified product and application management are components of this service. FlexNet Manager is a Gartner / Forrester leader in ITAM and related Services.

Features

  • Software License Compliance calculations and Reporting / Dashboards.
  • Vendor Certifications / verification's - Oracle, SAP, ServiceNow, Microsoft, others
  • Hardware Asset Management and Reconciliation (purchased to discovery)
  • Discovery and Inventory of hardware software with Inventory system integrations
  • Advanced License metric calculations and optimization of IT Assets
  • Simulation capability of virtual environments for License optimization
  • Reporting of SaaS, Cloud and Internal (private) IT Asset usage
  • Compliance calculation Engines reporting on changes in Licensing estate
  • Agents (Services) to track application usage in environment.
  • Automated Purchase Order processing via direct integrations

Benefits

  • Avoidance of software compliance risks associated with Audits.
  • Standard certified integrations for rapid deployment and results.
  • Tracking of hardware assets in the estate, against purchases.
  • Ongoing discovery / reporting of new and existing IT Assets.
  • Automate complex datacenter software Licensing and reduce resource needs
  • Test and verify License optimization changes, before implementing.
  • Manage IT Assets in private, public hybrid Cloud and SaaS
  • Maintain continuous software license compliance to minimize audit risk
  • Tracking application usage to reclaim licenses, reduce denials of service
  • Current purchases are automatically factored into compliance positions.

Pricing

£23.19 per server

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 11

305520660097454

SoftwareONE

James Lockett

+44 2035300286

james.lockett@softwareone.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Hybrid cloud
Service constraints - Planned Maintenance is performed on a regular basis, more details and historical performance can be found on the Flexera website.
- Data Model changes/extensions are not permitted (or necessary).
System requirements
  • Agents OS: Windows, various Linux, Mac and Unix are supported.
  • Agent HW: 1-core, 2GB RAM, 125MB HDD
  • Beacon: Windows server and desktop OS are supported.
  • Beacon HW: 2-core, 4GB RAM, 1GB/10,000 devices
  • IPv4/6 supported, HTTP(S), TLS1.1/1.2
  • DNS Hostnames - www.flexnetmanager.eu

User support

User support
Email or online ticketing support Email or online ticketing
Support response times This would depend upon Severity and negotiated Support contract. Typically for Gold Support, responses are elicited within 30 minutes for Sev1, or up to 8 business hours for Sev4.
More information on Support Levels (Gold / Silver) can be found by contacting Flexera.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Flexera offer two levels of support for FlexNet Manager Cloud - these are 'Gold' and 'Silver'. More details can be found on the Flexera website - https://community.flexera.com/t5/Flexera-Community/ct-p/Flexera_Community.

A 'Customer Success Manager' is provided for customers to drive success at each account. The CSM is typically not charged for.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Flexera offer both onsite and web-based training for customer, with most web-based training videos being free for customers.
Extensive documentation for FlexNet Manager exists, both in PDF format or in-context HTML for accessing when using the Web UI.
Onboarding Services are also offered and can be defined in accordance with requirements, as customers see fit. These services can be delivered via Flexera Professional Services, or via 3rd party.
Flexera also offer "Practice Guides" that allow customers insights into Flexera best practice onboarding activities and process. These guides contain sample project definitions too.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Should the users wish to extract data, this can be accomplished via the web-UI and reporting. These interfaces allows users to extract data seen in views and/or reports in PDF, XLSX, CSV and in some case RTF files.
The UI supports a 'grid' or spreadsheet type format, where users can add columns and filter/sort prior to extract. Most objects in FlexNet Manager off this functionality. The FlexNet reporting/analytics function provides the data model for more granular data extraction, should this be necessary.
End-of-contract process To be agreed

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices No
Service interface Yes
Description of service interface FlexNet Manager provides a web-based browser interface to the service, using standard browser controls and access to obtain the information in FlexNet. FlexNet Manager provides an intuitive user experience, allowing users to drag-n-drop data fields and definitions, sort and filter in the views and export data in certain view types. Configuration of the system can be performed in this interface too
Accessibility standards None or don’t know
Description of accessibility Users primary involvement in FlexNet Manager is to view IT Asset and Software Compliance data and reporting. FlexNet Manager provides a web-based browser to this end, using standard browser controls and access to obtain the information in the Data Platform. Accessibility of data for users is within the capability delivered via the browser.
Accessibility testing No specific testing on assistive technology.
API Yes
What users can and can't do using the API A limited compliance API exists to query positions in FlexNet Manager. The following are some of the Operations that are supported:
• AllocateLicense
• CreateAsset
• CreateAssetList
• CreateContract
• CreateContractList
• CreateLicense
• CreateLicenseAllocation
• CreateLicenseList
• CreateUser
• CreateUserList
• CreateVendor
• CreateVendorList
• DeallocateLicense
• DeleteAsset
• DeleteAssetList
• DeleteContract
• GetLicenseByID
• GetLicenseForCreate
• GetLicenseListByContractID
• GetLicenseListByIDs
• GetLicenseListByPurchaseOrderDetailID
• GetVendorForCreate
• GetVendorListByIDs
• GetVersion
• IsSupportedVersion
• LinkAssetListToContract
• LinkAssetListToPOLine
• LinkContractListToAsset
• LinkContractListToLicense
• LinkLicenseListToContract
• LinkLicenseListToPOLine
• LinkPOLineListToAsset
• LinkPOLineListToLicense
• LinkPOListToContract
• UnlinkLicenseListFromContract
• UnlinkLicenseListFromPOLine
• UnlinkPOLineListFromAsset
• UnlinkPOLineListFromLicense
• UnlinkPOListFromContract
• UpdateAsset
• UpdateAssetList
• UpdateContract
• UpdateContractList
• UpdateLicense
Users can access the API to perform some Operations via typical API methods - CURL, PowerShell, etc. There is an option to test the API Operation within the browser.
Not all operations are available, as the Compliance API is designed for Compliance actions only.
API documentation Yes
API documentation formats Other
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Typically Reporting and Dashboards are customised in the service, according to Role/Requirement. Views can also be modified and set to Global or User-specific.
Users customize via the web-browser using the FlexNet interface and save the report/dashboard/view.
Control in FlexNet is granular and customisable, and is role-based, allowing only specific users to create, modify, delete reports/dashboards/view, if this is necessary.

Scaling

Scaling
Independence of resources Flexera operate on non-public infrastructure with Flexera Cloud Operations team monitoring User response times and user experience. The Cloud Ops team will monitor Cloud service levels through a number of key metrics, including latency, queuing, and availability. Events that affect production service availability of Cloud applications are identified, investigated, resolved and documented according to procedure by the Site Reliability Engineering department.
FlexNet Manager operations status information is made available at the following website: https://status.flexera.com/#month

Analytics

Analytics
Service usage metrics No

Resellers

Resellers
Supplier type Reseller providing extra features and support
Organisation whose services are being resold Flexera

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Most data is presented via the administrative Web-UI, and can then be exported using built-in functions to extract to csv, xlsx, pdf, rtf formats.
For more detailed reporting and analytics, using a similar web-based approach is used, where a user can drag-n-drop data in the reporting module, to export very specific data.
Data export formats
  • CSV
  • Other
Other data export formats
  • PDF
  • RTF
  • XLSX
Data import formats
  • CSV
  • Other
Other data import formats XLSX

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability Flexera will maintain systems/controls designed to maximize Monthly Up-time, minimize outages, and enable notification in event of any unscheduled outage. Flexera will credit Licensee the percentage specified of the total Monthly Fee paid, for any calendar month in which Monthly Up-time falls within the range specified. In order to receive a credit, Licensee must request this in writing within thirty (30) days of the end of the month for which it seeks a credit.
Monthly Uptime % % Monthly Fee Credited
99.50% - 100% 0%
97.5% - 99.49% 5%
95% -97.49% 10%
Less than 95% 15%
If Monthly Up-time falls below 99.5% for any 3 consecutive months, or falls below 95% in any single month, Licensee may, within 30 days of the end of the month giving rise to this termination right, terminate the subscription related to failed Monthly Up-time commitment upon written notice.
Excused Outages. Licensee may experience outages in the Cloud Site due to Scheduled Maintenance and/or Emergency Maintenance, as defined in the contract.
Approach to resilience This topic is defined in the Flexera document "Flexera Cloud Security.pdf" and supplied upon request.
Outage reporting A public dashboard - https://status.flexera.com/#month and Email Alerts, for subscribed customers.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Via User and Group / Role definitions. FlexNet Manager Cloud operates with Roles defined according to customers access requirements. Roles are defined across logical objects with more detailed levels of access to the different functions in each object type. E.g. An administrator Role has all object / all-level access, where a Contract Manager may only be able to access the Contract object and may not be able to delete existing contracts. This definition is based upon the functional requirements as defined during the build/design phase.
Access restriction testing frequency At least once a year
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 Lloyd's Register Quality Assurance
ISO/IEC 27001 accreditation date 22 March 2016
What the ISO/IEC 27001 doesn’t cover The Information Security Management System is applicable to:
The provision of data centers, supporting content and
connectivity services and associated corporate functions of the organization that hosts the Flexera FlexNet Cloud solution i.e.
Equinix (EMEA) B.V.
Rembrandt Tower, Amstelpein 1, Amsterdam
Netherlands
ISO 28000:2007 certification No
CSA STAR certification Yes
CSA STAR accreditation date 01/01/2018
CSA STAR certification level Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover Flexera has a SSAE 16 SOC 2 Type II audit report conducted by a third-party auditor on an annual basis.
Flexera maintains a CSA Star Self-Assessment for multiple products.  We do this by filling out and periodically revising our answers to the CSA’s CAIQ questionnaire.  The Consensus Assessments Initiative which is part of the Cloud Security Alliance surveyed 32 different security standards, including the ISO 27001 standard. Based on the security issues addressed in these standards, the CAI compiled a list of 295 security and data privacy questions. The resulting composite questionnaire is called the Consensus Assessments Initiative Questionnaire (CAIQ).  The completed questionnaire is available upon request.
PCI certification No
Other security certifications Yes
Any other security certifications
  • CONSENSUS ASSESSMENTS INITIATIVE QUESTIONNAIRE v3.0.1 (CAIQ)
  • SOC2 Type 2 Report
  • Iron Mountain - Service Organization Control 3 Report
  • Equinix ISO 9001 Certificate
  • Equinix ISO 27001 Certificate
  • Equinix ISO 50001 Certificate
  • Equinix ISO 14001 Certificate
  • Equinix ISO 18001 Certificate
  • WhiteHat Dynamic Application Security Testing - Attestation
  • CenturyLink DDos

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards
  • CSA CCM version 3.0
  • Other
Other security governance standards SOC2 Type2 report
Information security policies and processes A comprehensive document on Flexera cloud security can be provided on request - "Flexera Cloud Security.PDF"

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Cloud infrastructure and applications are managed within a change management methodology that includes processes for the request, review, approval, and verification of changes. Flexera has an established change management committee (CMC) with responsibility for the scheduling and administration of changes. Change requests are submitted in Flexera’s CMS, reviewed by committee, and approved by management during the weekly CMC meetings. For any scheduled high risk changes, test and back out plans will be discussed before the change approval.
All changes are assessed by Flexera Cloud Operations security principals for security impact.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Flexera conducts a formal risk management program to continually identify, assess, mitigate, and monitor risks, and modifies its controls as a result of this process. A risk management assessment is completed on an annual basis at a minimum. Any changes required by the risk mitigation activity will be scheduled and approved in the weekly Change Management Committee (CMC) meetings.
A comprehensive patch management policy is in place for mission critical devices, and ensures that software, firmware and operating system patches are identified, tested and installed in a timely manner.
Please see "Flexera Cloud Security.PDF" for more information.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Cloud applications/infrastructure is monitored using monitoring applications that provide notification of critical system/app events. Customer-facing websites are monitored using different services – one for immediate event notification and another for calculation of SLAs.
Events that affect availability of Cloud applications are investigated, resolved and documented according to procedure by the Site Reliability Engineering department. This team is alerted to any suspicious activity with the alert method varying depending on the severity. It can range from an immediate phone call to the on-call personnel for critical alerts or immediate automated page for high alerts to a daily or weekly summary reports.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Predefined processes exist for Events. The first priority is for the Site Reliability Engineering team to investigate and resolve any issues affecting the availability, stability, performance, or security of the Cloud services. If there is no resolution within 15 minutes, an email will be sent to notify members of the SRE, Engineering, Client Success and Customer Support. If after hours, customer support will be notified.
Customers can subscribe to the Flexera external status page to view real time site status and receive proactive notifications about incidents. Customers will receive notification in an unscheduled outage lasting longer than 30 minutes.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £23.19 per server
Discount for educational organisations Yes
Free trial available Yes
Description of free trial A trial version of FlexNet Manager can be requested during a PoC. This can be supplied with demonstration data. This version is limited to a short time frame for use (i.e. during the PoC) where specific use cases are performed, according to customer requirements.

Service documents

pdf document: Pricing document pdf document: Service definition document pdf document: Terms and conditions pdf document: Modern Slavery statement
Service documents
Return to top ↑