Sungard Availability Services (UK) Ltd

Application Cloud Services for SAP & SAP HANA

Sungard AS Application Cloud Service for SAP & SAP HANA provides support for SAP applications and databases on fully virtualised system resources, running on SAP & SAP HANA certified platforms. Operating System, virtualisation, backup and monitoring software licensing and 24 x 7 support included.

Features

  • Hosted within Sungard Availability Services UK datacentres
  • Fully redundant multi-tenancy multi-site enterprise infrastructure
  • Fully redundant Internet & Private Connectivity options
  • Up to 99.95% Availability Service Level Agreement (SLA)

Benefits

  • Fully Managed SAP Infrastructure as a Service (Cloud)
  • Fully Managed SAP Basis Service
  • Business and application scalability via flexibility computing capacity
  • Consume infrastructure within an OPEX-based financial model
  • Reduction in security and compliance risks
  • Improved Business availability via high availibility infrastructure design
  • Business outage protection via managed disaster recovery process
  • Business service level assurances via contractural SLAs
  • Service availability via 24 by 365 support access and coverage
  • Optimised IT processes via ITIL based/SAP certified best practices

Pricing

£45.00 per virtual machine per month

Service documents

G-Cloud 9

421504140924185

Sungard Availability Services (UK) Ltd

Sungard Availability Services

0800 143 413

government@sungardas.com

Service scope

Service scope
Service constraints Planned maintenance windows are agreed with the customer(s).
System requirements
  • Managed OS on individual virtualised instances
  • All VMs include Anti-Virus
  • IPSec VPN over the Internet
  • Redhat Linux 7.x, VMware vSphere 6.x support
  • Windows Server 2008 R2 & 2012 R2 support
  • Fully managed firewalls and networking
  • Available security clearance for administrators
  • Supports current versions of SAP business suite and netweaver applications
  • SAP databases supported include Oracle/MS SQL Server/MaxDB/ Sybase & HANA

User support

User support
Email or online ticketing support Email or online ticketing
Support response times As low as Priority 1 = 15 minutes
Priority 2 = 30 minutes
Priority 3 = 1 hour
Priority 4 = 12 hours

This is applicable 24 by 7, 365 days a year.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support No
Support levels Different levels of infrastructure availability and disaster recovery services can be purchased at the individual VM level, per customer preference. SAP support services can be purchased as Infrastructure as a Service only, or in combination with SAP Basis services.

Service Management is included for all SAP services.

The service follows ITIL v3 best practice processes and procedures.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started As a fully managed service, we provide full on-boarding services through our consulting and operational teams. Options are available for data migration.

We have user documentation such as on-boarding and service management documentation covering how to raise tickets, service request, change, escalations etc.
Service documentation Yes
Documentation formats
  • HTML
  • ODF
  • PDF
  • Other
Other documentation formats
  • Microsoft Word
  • Microsoft Excel
  • Microsoft Powerpoint
End-of-contract data extraction Off-boarding services provide options of data migration, network transfer and backup tapes.
End-of-contract process At the point of termination, all your data, accounts and access will be securely deleted; there will be no mechanism to subsequently recover data after this point.

Using the service

Using the service
Web browser interface Yes
Using the web interface We provide customers access to a web portal that allows them to raise incidents, service requests and change requests. The web portal also provides access to current and historical service ticket records. As well as process documentation, monitoring data.
Web interface accessibility standard None or don’t know
How the web interface is accessible Our web portal is accessible through a standard internet browser.

Sungard AS is making every effort to ensure Viewpoint is compatible with modern browser releases, is optimised for use on iPad and Android tablets and is mobile-friendly. Optimal browsers for use include:
- Chrome in the Windows, Macintosh, and Linux environments
- Firefox in the Windows, Macintosh, and Linux environments
- Internet Explorer 9 or above in the Microsoft Windows environment*
- Safari in the Macintosh environment
* Earlier versions of Internet Explorer (IE 8, 7, 6, 5) are not supported.
From Ticketing, to access the following you must use Internet Explorer 9 or above and you will be required to re-authenticate.
Web interface accessibility testing No assistive technology users have been used to test the web interface.
API No
Command line interface No

Scaling

Scaling
Scaling available No
Independence of resources SungardAS multi tenant SAP Cloud services include logical isolation of all individual customer environments at the VM, storage and network level. Per SAP best practices no VM resource over subscriptions are used. Infrastructure components are designed to avoid resource contention or bottlenecks. Additionally customer environments are monitored to ensure performance levels are being maintained.
Usage notifications Yes
Usage reporting
  • Email
  • Other

Analytics

Analytics
Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • Memory
  • Network
  • Number of active instances
  • Other
Other metrics
  • VM patching levels
  • Anti-Virus update status
Reporting types
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency Never
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Other
Other data at rest protection approach Sungard AS provides “known locations for storage, processing and management” of the service and all data within.

All Sungard AS UK Ltd contracts are with a UK registered Company and are governed under UK Law.

Sungard AS data centres conform to a recognised standard. The operating locations which host and manage Sungard AS's Managed SAP & SAP HANA Cloud Services are certified to ISO27001. All UK Data Centres undergo an annual review against ISAE 3402 Type II.
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • Virtual Machines
  • Files
  • Databases (restoration services vary by selected database service level)
  • Network configuration
Backup controls Primary site production VM instances are backed up and protected and the SAP database instances or application servers can be restored from most recent backup data copies.
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Users contact the support team to schedule backups
Backup recovery Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network Sungard AS implements IPsec VPNs for the protection of administrative traffic. All vendor patch downloads and imports and protected via TLS.

Sungard AS customer portal is protected via TLS

Availability and resilience

Availability and resilience
Guaranteed availability Infrastructure - Up to 99.95% availability assured by contractual commitment.
SAP application level - Up to 99.9% when optional SAP Basis services are contracted.
For optional disaster recovery services, four hour recovery time objective, and one hour recover point objective.
Approach to resilience SungardAS SAP infrastructure is designed to be resilient through the elimination of single points of failure within the architecture, as well as automated fail over in the event of device level and virtual machine failures. Additionally, secondary site infrastructure is used to replicate primary site systems via the optional disaster recovery services providing an additional level of protection for the environment.
Outage reporting Email alerts and other direct contact methods as identified in the contact/ alert process.

Identity and authentication

Identity and authentication
User authentication
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Separate internal management network that is not accessible by customers which is secured by username/password and 2-factor authentication to specific support personnel.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Devices users manage the service through Dedicated device over multiple services or networks

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 Lloyd's Register Quality Assurance
ISO/IEC 27001 accreditation date 3/12/2013
What the ISO/IEC 27001 doesn’t cover The following is what is covered. The management of the processes, the people and assets operating out of our LTC ,TC2, TC3, TC4 and TC5 data centres, and supporting functions (Finance, Procurement, Legal and HR functions) within our Theale and LTC A offices are covered by the ISO/IEC 27001 certification.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations Yes
Any other security accreditations
  • ISAE 3402 (formerly SAS 70)
  • ISO 9001: 2008
  • ISO 22301 (formerly BS 25999)
  • ISO 27031 (formerly BS 25777)

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Sungard AS has an information security management system that certifies to ISO27001 which includes an overall security policy. Adherance to the policies is regularity audited by an independent external provider.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Sungard AS has a governance process in place to track all assets and to review and manage change to the platform. This process is encompassed within the Sungard AS ISO27001 certification.

All changes are reviewed and approved including impact from a security perspective before implementation.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Sungard AS applies patches to the platform, including customer managed elements in critical patches within 14 Days.

Sungard AS use automated Vendors tools to retrieve and manage the application of patches.

A patching policy is in place for the estate.

Where emergency patches are required to address an imminent threat to the platform or service then the Sungard AS change management process can support this.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Sungard AS, through it's vendors, manage the regular update of security patches of the platform to mitigate potential security threats.
Incident management type Supplier-defined controls
Incident management approach Sungard AS has a defined incident management process which is available on request.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Supplier
Virtualisation technologies used VMware
How shared infrastructure is kept separate Sungard AS use virtualisation technologies to provide full logical resource and network separation and isolation between customer tenants hosted on the platform.

Network separation between customers is achieved through virtual routing and forwarding (VRF) technologies and virtual networking capabilities provided by Cisco ASA and Cisco Nexus switching. Network separation within a customers service is provided by virtual LANs (VLANs).

Storage separation is enabled through customer specific lun configurations.

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes

Pricing

Pricing
Price £45.00 per virtual machine per month
Discount for educational organisations No
Free trial available No

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑