Airbus Information on Demand Services: WMS / WMTS / WFS / APIs
Efficiently and securely stream geospatial data to your end user communities 24 hours a day, 365 days a year.
Our OGC and INSPIRE compliant WMS, WMTS and WFS services and APIs enable you to stream large data volumes, including APGB and PSMA data, served from a secure, high-availability hosting platform.
Features
- High volume service capability to enable your service to grow
- High service availability
- All services operated 24 hours a day/365 days a year
- Stream your datasets and third party datasets, with federated options
- INSPIRE compliant services including all ‘optional’ features
- Data management including Change Only Updates
- Reporting analytics on your service’s usage information and management
- The Airbus hosting infrastructure is independently certified to ISO® 27001:2013
- Various service support level options to suit your requirements
- Flexibility to enhance your service, including 24x7 technical support
Benefits
- Flexibility to scale your service to your needs
- Meet your INSPIRE requirements for data streaming services
- Control of where your data is hosted, including public cloud
- Harvesting, hosting and managing data types, including ‘Change Only’ Updates
- Full audit trail and management statistics for accountability
Pricing
£115.50 a unit a month
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 11
Service ID
3 6 1 7 3 4 2 7 8 3 2 4 7 5 2
Contact
Airbus Defence and Space Limited
Airbus Customer Service Operation Centre
Telephone: 07770314654
Email: louisa.adams@UK.airbus.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Hybrid cloud
- Service constraints
- No, there are no constraints. A notification is provided if there is planned maintenance scheduled with 5 days advance notice.
- System requirements
- Requires a OGC client to access OGC services
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Response times are based on severity and are determined by your requirements as defined in the Service Level Agreement during contractual discussions. We recognise the unique needs of each individual customer and strive to accommodate, where possible, all of your requirements in relation to answering your support questions and resolving with the tickets you raise. This could include weekend support or 24/7 support if required. Our standard response time is 4 hours.
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
We offer as standard phone and email support through the Airbus Service Desk between 09:00-17:00 Monday to Friday (excluding English public holidays) with additional access to 24x7 support ticket logging via an on-line portal. The on-line portal allows customers to log new calls, view current and closed support calls, and view knowledge articles and FAQs created as part of the Knowledge Management process.
The Service Desk provides a constant first point of contact for all support queries and is resourced using dedicated support staff with the ability to maintain and support service operations on an extended hours or 24x7 basis, if required. Airbus also maintains a dedicated Customer Services Team for customer support, incident reporting and service related issues in relation to Airbus services.
A submitted issue or a query can be allocated a priority with different levels of response, our standard response time is 4 hours.
We strive to accommodate all of your requirements in relation to support levels and prices can be tailored to meet your individual needs, with technical support based on the SFIA Rate Card.
Airbus will provide an Account Manager for both managing the relationship with the customer and as a means of escalation. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- Designed to be intuitive with on-site training, user documentation, customised training, FAQs and help documentation.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- ODF
- End-of-contract data extraction
-
Upon conclusion of the service, the following will occur:
• Arrangements are made with the customer to transfer back the latest versions of all data content if required.
• The data will be transferred using an agreed delivery mechanism based on customer requirements.
• All user accounts and data owned by the customer will be deleted.
• Data logs related to usage of the service during the contracted period will also be returned to the customer if required, together with agreed relevant audit trail information. - End-of-contract process
- Prior to contract expiry we will discuss with the customer their future requirements. If this is to extend the contract term we will support the customer during their procurement process. If the requirement is to cease, or transition the service we will fulfill our obligations as described within the contract. This could include, but is not limited to, removal of all live data and the storage of archived data for a pre-defined period. All end-of-contract support will be discussed during contract negotiations
Using the service
- Web browser interface
- No
- Application to install
- No
- Designed for use on mobile devices
- No
- Service interface
- No
- API
- Yes
- What users can and can't do using the API
- Users may be able to access the API via a URL with a set of defined parameters. A JSON response will be returned with the search terms supplied for reference and diagnostics. When not supplied, search term elements will be omitted from the JSON response.
- API documentation
- Yes
- API documentation formats
- API sandbox or test environment
- No
- Customisation available
- No
Scaling
- Independence of resources
- Performance is ensured through the use of load balancer technology, duplication of server resources in server farms, provision of substantial internet bandwidth and continuous service monitoring.
Analytics
- Service usage metrics
- Yes
- Metrics types
- All incoming/outgoing traffic is logged so the service can report many metrics including number of requests, number of requests by type, number and identity (username) of users/companies making the requests, daily/weekly/monthly/annual usage, datasets being requested, orders placed, spatial location and extents of requests and so on.
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
-
- Physical access control, complying with another standard
- Encryption of all physical media
- Data sanitisation process
- No
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- View and download data through OGC services
- Data export formats
- Other
- Other data export formats
-
- JPEG
- TIFF
- PNG
- GML
- HTML
- XML
- ASCII text file
- JSON
- Data import formats
- Other
- Other data import formats
-
- JPEG
- TIFF
- PNG
- GML
- HTML
- XML
- ASCII text file
- GDB
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
- Legacy SSL and TLS (under version 1.2)
Availability and resilience
- Guaranteed availability
-
Our standard service availability is 99%. Enhanced service availability can also be provided to meet your requirements.
Service credits are not offered as standard for our services, but if they are required, Airbus would be happy to discuss this on a case by case basis. - Approach to resilience
- Resilience is ensured through the use of load balancer technology, duplication of server resources, redundant internet connectivity, power protection (UPS) and managed RAID storage.
- Outage reporting
- All affected customers are notified via an email alert. Additional options include notifications through a news feed and RSS feed on the service home page, when purchased with the service.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Username or password
- Access restrictions in management interfaces and support channels
- Full user authentication if required and managed firewalls
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users receive audit information on a regular basis
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- BSI
- ISO/IEC 27001 accreditation date
- 23/04/2018
- What the ISO/IEC 27001 doesn’t cover
- This service is managed by the Airbus Defence and Space Intelligence (UK) Programme Line. This certification information is for Airbus Defence and Space Intelligence (UK) with offices in Guildford, Leicester, Newcastle and Newport. Any services outside of Intelligence (UK) are not covered by this certification.
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- Yes
- Any other security certifications
- Cyber Essentials Plus
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
-
- ISO/IEC 27001
- Other
- Other security governance standards
- Cyber Essentials Plus
- Information security policies and processes
-
Airbus is committed to providing good security practices, our IT infrastructure and access controls were put together following the guidelines and good practice of ISO 27002:2013, Code of Practice for Information Security Management and is compliant with the requirements of ISO 27001:2013. The Information Security Management System (ISMS) covers interlinked processes controlled by an IS Policy, covering:
* Physical and Environmental security on access control to buildings and restricted areas,
* Communications and operations of computer systems and network facilities,
* Preservation of data,
* Asset management with levels of protection,
* Information Security Incident management and reporting
* Compliance to data and information regulations
* Electronic Commerce Services
* Personnel Security Responsibilities and Information Security training
* Information System Acquisition and Development
* Business Continuity and Disaster Recovery Plan
The ISMS is the responsibility of the Deputy Managing Director in close liaison with the Security Council made up of IT personnel, Security, Facilities and Quality Assurance Managers. The objective being to maintain, develop and keep secure the information Assets in accordance with Security Policy requirements and the needs of the business and Customers. This includes availability, capacity, business continuity and security monitoring and policy.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Airbus’s well-defined process evaluates changes in order to prevent unintended incidents affecting the quality and security of our services. One key element is the consideration of security implications whereby we follow standard methods and procedures to assess and resolve any risks. The Change Management process is regularly audited internally against ISO9001 and ISO27001 to ensure it continually meets these standards. Airbus’s Configuration Management Plan identifies responsibilities and procedures, as well as technical baselines and configuration data that are to be established and maintained. The Release/Configuration Manager records what is deployed and where, and manages the versioning of all Configuration Items.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- Airbus has a vulnerability management framework that will be customised for G Cloud requirements. Regular patching forms part of the overall process, information / alerts on potential threats will be provided by the relevant software vendors RedHat, Microsoft, GovCERT etc. On identification of a potential technical vulnerability, a vulnerability risk assessment is to be carried out to determine which systems are affected, the likely impact upon each and the actions or controls that are available to mitigate the associated risks. Addressing of any potential technical vulnerability is to be proportionate and timely.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
Airbus will work with the customer to establish protective monitoring controls relevant to the service or solution provided. An industry standard security information and event management package will deployed to gather and analyse the collected log/event information against the protective monitoring controls. Altering or reporting of any incidents detected will also be defined and agreed with the customer.
Ensuring the correct protective monitoring controls are defined and managed over time is key to the operation of the protective monitoring system. - Incident management type
- Supplier-defined controls
- Incident management approach
-
All Security incidents are promptly reported via the BMS incident tool. The Security Council with the appropriate service team:
• initiate collection of evidence
• investigate incident;
• ensure that incident is clearly identified;
• document incident and its handling/resolution
• implement necessary immediate corrective action
• escalate within the company or to a corporate level as appropriate;
• escalate to customers or clients as appropriate;
• identify any preventive measures to be considered;
• make sure incident is reported at next meeting of the Security Council.
• inform those involved with the incident of the outcome of the investigation
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Pricing
- Price
- £115.50 a unit a month
- Discount for educational organisations
- No
- Free trial available
- Yes
- Description of free trial
- If you would like to carry out a trial of our service, please contact us to discuss your individual requirements.