Flexera FlexNet Manager - Data Centers

FlexNet Manager services provides Software Compliance, IT Asset Management, Hardware Asset Management and Reporting. Analytics, Cloud Management, Vendor Certified product and application management are components of this service. FlexNet Manager is a Gartner / Forrester leader in ITAM and related Services.


  • Software License Compliance calculations and Reporting / Dashboards.
  • Vendor Certifications / verification's - Oracle, SAP, ServiceNow, Microsoft, others
  • Hardware Asset Management and Reconciliation (purchased to discovery)
  • Discovery and Inventory of hardware software with Inventory system integrations
  • Advanced License metric calculations and optimization of IT Assets
  • Simulation capability of virtual environments for License optimization
  • Reporting of SaaS, Cloud and Internal (private) IT Asset usage
  • Compliance calculation Engines reporting on changes in Licensing estate
  • Agents (Services) to track application usage in environment.
  • Automated Purchase Order processing via direct integrations


  • Avoidance of software compliance risks associated with Audits.
  • Standard certified integrations for rapid deployment and results.
  • Tracking of hardware assets in the estate, against purchases.
  • Ongoing discovery / reporting of new and existing IT Assets.
  • Automate complex datacenter software Licensing and reduce resource needs
  • Test and verify License optimization changes, before implementing.
  • Manage IT Assets in private, public hybrid Cloud and SaaS
  • Maintain continuous software license compliance to minimize audit risk
  • Tracking application usage to reclaim licenses, reduce denials of service
  • Current purchases are automatically factored into compliance positions.


£23.19 per server

  • Education pricing available
  • Free trial available

Service documents


G-Cloud 11

Service ID

3 0 5 5 2 0 6 6 0 0 9 7 4 5 4



Tom Hook

+44 203 005 0238

Service scope

Software add-on or extension
Cloud deployment model
Hybrid cloud
Service constraints
- Planned Maintenance is performed on a regular basis, more details and historical performance can be found on the Flexera website.
- Data Model changes/extensions are not permitted (or necessary).
System requirements
  • Agents OS: Windows, various Linux, Mac and Unix are supported.
  • Agent HW: 1-core, 2GB RAM, 125MB HDD
  • Beacon: Windows server and desktop OS are supported.
  • Beacon HW: 2-core, 4GB RAM, 1GB/10,000 devices
  • IPv4/6 supported, HTTP(S), TLS1.1/1.2
  • DNS Hostnames -

User support

Email or online ticketing support
Email or online ticketing
Support response times
This would depend upon Severity and negotiated Support contract. Typically for Gold Support, responses are elicited within 30 minutes for Sev1, or up to 8 business hours for Sev4.
More information on Support Levels (Gold / Silver) can be found by contacting Flexera.
User can manage status and priority of support tickets
Online ticketing support accessibility
None or don’t know
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
Flexera offer two levels of support for FlexNet Manager Cloud - these are 'Gold' and 'Silver'. More details can be found on the Flexera website -

A 'Customer Success Manager' is provided for customers to drive success at each account. The CSM is typically not charged for.
Support available to third parties

Onboarding and offboarding

Getting started
Flexera offer both onsite and web-based training for customer, with most web-based training videos being free for customers.
Extensive documentation for FlexNet Manager exists, both in PDF format or in-context HTML for accessing when using the Web UI.
Onboarding Services are also offered and can be defined in accordance with requirements, as customers see fit. These services can be delivered via Flexera Professional Services, or via 3rd party.
Flexera also offer "Practice Guides" that allow customers insights into Flexera best practice onboarding activities and process. These guides contain sample project definitions too.
Service documentation
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Should the users wish to extract data, this can be accomplished via the web-UI and reporting. These interfaces allows users to extract data seen in views and/or reports in PDF, XLSX, CSV and in some case RTF files.
The UI supports a 'grid' or spreadsheet type format, where users can add columns and filter/sort prior to extract. Most objects in FlexNet Manager off this functionality. The FlexNet reporting/analytics function provides the data model for more granular data extraction, should this be necessary.
End-of-contract process
To be agreed

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
Designed for use on mobile devices
Service interface
Description of service interface
FlexNet Manager provides a web-based browser interface to the service, using standard browser controls and access to obtain the information in FlexNet. FlexNet Manager provides an intuitive user experience, allowing users to drag-n-drop data fields and definitions, sort and filter in the views and export data in certain view types. Configuration of the system can be performed in this interface too
Accessibility standards
None or don’t know
Description of accessibility
Users primary involvement in FlexNet Manager is to view IT Asset and Software Compliance data and reporting. FlexNet Manager provides a web-based browser to this end, using standard browser controls and access to obtain the information in the Data Platform. Accessibility of data for users is within the capability delivered via the browser.
Accessibility testing
No specific testing on assistive technology.
What users can and can't do using the API
A limited compliance API exists to query positions in FlexNet Manager. The following are some of the Operations that are supported:
• AllocateLicense
• CreateAsset
• CreateAssetList
• CreateContract
• CreateContractList
• CreateLicense
• CreateLicenseAllocation
• CreateLicenseList
• CreateUser
• CreateUserList
• CreateVendor
• CreateVendorList
• DeallocateLicense
• DeleteAsset
• DeleteAssetList
• DeleteContract
• GetLicenseByID
• GetLicenseForCreate
• GetLicenseListByContractID
• GetLicenseListByIDs
• GetLicenseListByPurchaseOrderDetailID
• GetVendorForCreate
• GetVendorListByIDs
• GetVersion
• IsSupportedVersion
• LinkAssetListToContract
• LinkAssetListToPOLine
• LinkContractListToAsset
• LinkContractListToLicense
• LinkLicenseListToContract
• LinkLicenseListToPOLine
• LinkPOLineListToAsset
• LinkPOLineListToLicense
• LinkPOListToContract
• UnlinkLicenseListFromContract
• UnlinkLicenseListFromPOLine
• UnlinkPOLineListFromAsset
• UnlinkPOLineListFromLicense
• UnlinkPOListFromContract
• UpdateAsset
• UpdateAssetList
• UpdateContract
• UpdateContractList
• UpdateLicense
Users can access the API to perform some Operations via typical API methods - CURL, PowerShell, etc. There is an option to test the API Operation within the browser.
Not all operations are available, as the Compliance API is designed for Compliance actions only.
API documentation
API documentation formats
API sandbox or test environment
Customisation available
Description of customisation
Typically Reporting and Dashboards are customised in the service, according to Role/Requirement. Views can also be modified and set to Global or User-specific.
Users customize via the web-browser using the FlexNet interface and save the report/dashboard/view.
Control in FlexNet is granular and customisable, and is role-based, allowing only specific users to create, modify, delete reports/dashboards/view, if this is necessary.


Independence of resources
Flexera operate on non-public infrastructure with Flexera Cloud Operations team monitoring User response times and user experience. The Cloud Ops team will monitor Cloud service levels through a number of key metrics, including latency, queuing, and availability. Events that affect production service availability of Cloud applications are identified, investigated, resolved and documented according to procedure by the Site Reliability Engineering department.
FlexNet Manager operations status information is made available at the following website:


Service usage metrics


Supplier type
Reseller providing extra features and support
Organisation whose services are being resold

Staff security

Staff security clearance
Other security clearance
Government security clearance

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
European Economic Area (EEA)
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
Data sanitisation process
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Most data is presented via the administrative Web-UI, and can then be exported using built-in functions to extract to csv, xlsx, pdf, rtf formats.
For more detailed reporting and analytics, using a similar web-based approach is used, where a user can drag-n-drop data in the reporting module, to export very specific data.
Data export formats
  • CSV
  • Other
Other data export formats
  • PDF
  • RTF
  • XLSX
Data import formats
  • CSV
  • Other
Other data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
Flexera will maintain systems/controls designed to maximize Monthly Up-time, minimize outages, and enable notification in event of any unscheduled outage. Flexera will credit Licensee the percentage specified of the total Monthly Fee paid, for any calendar month in which Monthly Up-time falls within the range specified. In order to receive a credit, Licensee must request this in writing within thirty (30) days of the end of the month for which it seeks a credit.
Monthly Uptime % % Monthly Fee Credited
99.50% - 100% 0%
97.5% - 99.49% 5%
95% -97.49% 10%
Less than 95% 15%
If Monthly Up-time falls below 99.5% for any 3 consecutive months, or falls below 95% in any single month, Licensee may, within 30 days of the end of the month giving rise to this termination right, terminate the subscription related to failed Monthly Up-time commitment upon written notice.
Excused Outages. Licensee may experience outages in the Cloud Site due to Scheduled Maintenance and/or Emergency Maintenance, as defined in the contract.
Approach to resilience
This topic is defined in the Flexera document "Flexera Cloud Security.pdf" and supplied upon request.
Outage reporting
A public dashboard - and Email Alerts, for subscribed customers.

Identity and authentication

User authentication needed
User authentication
Username or password
Access restrictions in management interfaces and support channels
Via User and Group / Role definitions. FlexNet Manager Cloud operates with Roles defined according to customers access requirements. Roles are defined across logical objects with more detailed levels of access to the different functions in each object type. E.g. An administrator Role has all object / all-level access, where a Contract Manager may only be able to access the Contract object and may not be able to delete existing contracts. This definition is based upon the functional requirements as defined during the build/design phase.
Access restriction testing frequency
At least once a year
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
Lloyd's Register Quality Assurance
ISO/IEC 27001 accreditation date
22 March 2016
What the ISO/IEC 27001 doesn’t cover
The Information Security Management System is applicable to:
The provision of data centers, supporting content and
connectivity services and associated corporate functions of the organization that hosts the Flexera FlexNet Cloud solution i.e.
Equinix (EMEA) B.V.
Rembrandt Tower, Amstelpein 1, Amsterdam
ISO 28000:2007 certification
CSA STAR certification
CSA STAR accreditation date
CSA STAR certification level
Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover
Flexera has a SSAE 16 SOC 2 Type II audit report conducted by a third-party auditor on an annual basis.
Flexera maintains a CSA Star Self-Assessment for multiple products.  We do this by filling out and periodically revising our answers to the CSA’s CAIQ questionnaire.  The Consensus Assessments Initiative which is part of the Cloud Security Alliance surveyed 32 different security standards, including the ISO 27001 standard. Based on the security issues addressed in these standards, the CAI compiled a list of 295 security and data privacy questions. The resulting composite questionnaire is called the Consensus Assessments Initiative Questionnaire (CAIQ).  The completed questionnaire is available upon request.
PCI certification
Other security certifications
Any other security certifications
  • SOC2 Type 2 Report
  • Iron Mountain - Service Organization Control 3 Report
  • Equinix ISO 9001 Certificate
  • Equinix ISO 27001 Certificate
  • Equinix ISO 50001 Certificate
  • Equinix ISO 14001 Certificate
  • Equinix ISO 18001 Certificate
  • WhiteHat Dynamic Application Security Testing - Attestation
  • CenturyLink DDos

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
  • CSA CCM version 3.0
  • Other
Other security governance standards
SOC2 Type2 report
Information security policies and processes
A comprehensive document on Flexera cloud security can be provided on request - "Flexera Cloud Security.PDF"

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Cloud infrastructure and applications are managed within a change management methodology that includes processes for the request, review, approval, and verification of changes. Flexera has an established change management committee (CMC) with responsibility for the scheduling and administration of changes. Change requests are submitted in Flexera’s CMS, reviewed by committee, and approved by management during the weekly CMC meetings. For any scheduled high risk changes, test and back out plans will be discussed before the change approval.
All changes are assessed by Flexera Cloud Operations security principals for security impact.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Flexera conducts a formal risk management program to continually identify, assess, mitigate, and monitor risks, and modifies its controls as a result of this process. A risk management assessment is completed on an annual basis at a minimum. Any changes required by the risk mitigation activity will be scheduled and approved in the weekly Change Management Committee (CMC) meetings.
A comprehensive patch management policy is in place for mission critical devices, and ensures that software, firmware and operating system patches are identified, tested and installed in a timely manner.
Please see "Flexera Cloud Security.PDF" for more information.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Cloud applications/infrastructure is monitored using monitoring applications that provide notification of critical system/app events. Customer-facing websites are monitored using different services – one for immediate event notification and another for calculation of SLAs.
Events that affect availability of Cloud applications are investigated, resolved and documented according to procedure by the Site Reliability Engineering department. This team is alerted to any suspicious activity with the alert method varying depending on the severity. It can range from an immediate phone call to the on-call personnel for critical alerts or immediate automated page for high alerts to a daily or weekly summary reports.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Predefined processes exist for Events. The first priority is for the Site Reliability Engineering team to investigate and resolve any issues affecting the availability, stability, performance, or security of the Cloud services. If there is no resolution within 15 minutes, an email will be sent to notify members of the SRE, Engineering, Client Success and Customer Support. If after hours, customer support will be notified.
Customers can subscribe to the Flexera external status page to view real time site status and receive proactive notifications about incidents. Customers will receive notification in an unscheduled outage lasting longer than 30 minutes.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks


£23.19 per server
Discount for educational organisations
Free trial available
Description of free trial
A trial version of FlexNet Manager can be requested during a PoC. This can be supplied with demonstration data. This version is limited to a short time frame for use (i.e. during the PoC) where specific use cases are performed, according to customer requirements.

Service documents

Return to top ↑