Pivotal Software Inc

Pivotal Data Suite

Pivotal Data Suite provides the flexibility to choose and adopt proven, open source, scale-out databases, including: Pivotal Greenplum, our enterprise data warehouse system; Pivotal Postgres, a leading alternative for organizations that want to get away from the cost and complexity often associated with third-party databases.

Features

  • Shared-nothing MPP data warehouse
  • ANSI SQL 2013 Compliance
  • Stream Ingestion
  • In-database machine learning
  • In-database analytics
  • Graph analytics
  • Spatial analytics
  • Text analytics

Benefits

  • Cut reporting times with scale out database performance
  • Combine varied types of data in a single analytical query
  • Load streaming data direct from Kafka into the Data Warehouse
  • Query semi-structured data like JSON and XML

Pricing

£165 to £631 per unit per year

  • Free trial available

Service documents

G-Cloud 11

488688823200202

Pivotal Software Inc

Imran Razzaq

07817719868

irazzaq@pivotal.io

Service scope

Service scope
Service constraints Pivotal Data Suite runs on Linux operating systems. It can be hosted on Amazon AWS, Google Cloud Platform (GCP), Microsoft Azure and VMWare vSphere based infrastructure.
System requirements
  • Linux Operating system, Ubuntu, Centos or Red Hat enterprise
  • 25Gb or 40Gb connectivity between cluster members (Greenplum)
  • At least 500MB/s sustained throughput from disc (Greenplum)

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Support is available. This is available 24 hours a day, 7 days a week, 365 days a year. Target Response Times Critical (Severity 1) 30 minutes or less (24 hours/ 7days a week) Major (Severity 2) 
 2 business hours Minor (Severity 3) 
 8 business hours Cosmetic (Severity 4) 1 business day Business Hours - 7am to 7pm, Monday to Friday.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.1 AA or EN 301 549
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels We provide Support for all Enterprise users. The cost is included in the Annual subscription for our software (see above). We provide an additional level of support called Business Critical Support services which are delivered remotely by a Designated Support Engineer (DSE). The DSE serves as your single point of contact for Pivotal Software support and is an extension of your team: In personally overseeing your Pivotal support experience, the DSE drives faster resolution and engages Pivotal subject-matter experts when needed. The DSE engages your team in discussing open service requests and product-related issues, driving toward more efficient resolution and enabling discussion of future plans, projects, or enhancements. Should there be a critical event, your DSE will conduct a full Root Cause Analysis, including incident review with detailed outline of the impacting event, additional detail around the debug analysis, recovery, and the resolution steps taken. Your DSE can facilitate the feature request process with your team, advocates with Pivotal product management on your behalf, and lays out timelines and delivery dates of new features. The cost of this service for 12 months is £70,000 and £35,000 for 6 months, which provides 10 hours/week support for the duration of the agreement.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Pivotal Data Suite offers services are designed to accelerate your success with Greenplum and Postgres by pairing our experts with your people to plan, implement, customize, use, and scale the platform to meet your needs. By working together we improve project outcomes and maximize on-the-job skills enablement. An expert team from Pivotal will work with designated people from your organization on a prioritized backlog over a period of 2 or 6 weeks. Typically the Pivotal Data Suite onboarding service is focused on deployment and testing concerns. Actual work is tailored against your objectives and actively prioritized by your Product Owner to ensure investments align to what’s most important.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Greenplum provides facilities for loading and unloading data in bulk to a variety of storage systems, including Amazon S3 and compatible object storage. Formats available for extract include; delimited text, AVRO and Parquet. Data created by the system or its applications would still be stored in a customers IaaS provisioned storage in its native format. Customers, therefore, can simply continue to use the data connected to the database product that created it.
End-of-contract process In the event of expiration of a Subscription License or any termination of the Agreement, Customer must remove and destroy all copies of Software, including all backup copies, from the server, virtual machine, and all computers and terminals on which Software (including copies) is installed or used and certify destruction of the Software. All support services cease.

Using the service

Using the service
Web browser interface Yes
Using the web interface Greenplum Command Center provides a browser-native HTML5 graphical console for viewingGreenplum Database system metrics and performing workload monitoring and management tasks. Greenplum Command Centre’s event framework provides configurable alerts for query behaviour and resource utilisation exceptions. The introduction page of the Greenplum Command Center documentation gives a further overview - https://gpcc.docs.pivotal.io/460/topics/overview.html
Web interface accessibility standard None or don’t know
How the web interface is accessible The web interface is accessible through a browser. We support all major browser types. The end user is able to access some but not all of the accessibility features. Currently, users can use the High contrast visibility features within these browsers. We are working on making our software more accessible by delivering additional functionality that will allow us to be WCAG 2.1 AA compliant by the end of the year.
Web interface accessibility testing We have been undertaking a significant amount of testing with assistive technology users. All our support services and applications are WCAG 2.1 AA compliant. We are working on a roadmap to ensure that all our end-user applications are WCAG 2.1 AA compliant by the end of this year.
API No
Command line interface Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
  • MacOS
  • Other
Using the command line interface All administration tasks are available through command line tools and/or SQL commands andall status and diagnostic data is available through system catalog tables if this type of access is required or preferred. Informational commands including cluster status and tasks such as starting and stopping the database engine are available from commands in the operating system shell and task such as user privilege management, space reclamation and index management are available from the Greenplum or Postgres command shell - psql.

Scaling

Scaling
Scaling available No
Independence of resources Pivotal Greenplum provides resource queues, to enforce limits on the impact which users and operations have on other activity on the system. Resource queue limits are enforced by the Linux kernel cgroups mechanism, controlling the CPU and memory usage of managed activities.
Usage notifications No

Analytics

Analytics
Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • Memory
  • Network
  • Other
Other metrics
  • Active queries
  • Query duration
  • Database object locks
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency Less than once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
Other data at rest protection approach The method used will depend upon the underlying Infrastructure as a Service (IaaS) used. Many customers will use vSphere in their own infrastructure, in which case the controls are customer defined.
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • Database schema
  • Database content
Backup controls Backups can be taken of an entire cluster, an individual database, individual schema or individual table. Backups can be full, differential or incremental. Restoration of individual tables is possible from schema, database or cluster level backups.
Datacentre setup
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
  • Single datacentre with multiple copies
  • Single datacentre
Scheduling backups Users schedule backups through a web interface
Backup recovery
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability The level of availability on the Pivotal Data Suite depends upon the infrastructure it is deployed upon. Amazon AWS, for example, has a particular SLA it guarantees and so the Pivotal Data Suite could not be guaranteed to be any further available than that. Pivotal provides an onboarding service whereby our labs team pairs with a customers platform management team to install and configure the platform on their infrastructure to meet any SLAs they may have. Pivotal Data Suite is configurable in a variety of ways to meet availability requirements as necessary.
Approach to resilience Greenplum Database supports highly available, fault-tolerant database services when you enable and properly configure Greenplum high availability features.

See link: https://gpdb.docs.pivotal.io/5170/best_practices/ha.html.

With mirroring enabled, Greenplum Database automatically fails over to a mirror segment when a primary segment goes down. Provided one segment instance is online per portion of data, users may not realize a segment is down. If a transaction is in progress when a fault occurs, the in-progress transaction rolls back and restarts automatically on the reconfigured set of segments.

Pivotal Postgres implements leader-follower replication, either synchronous or asynchronous, between systems. Multiple followers and cascading followers are possible. The systems in a replication configuration may be in the same data centre or different data centres, as dictated by the tradeoff between resilience and performance for a particular application.
Outage reporting We do not provide any outage reporting. We are reliant upon the infrastructure providers reporting mechanisms if sufficient underlying components supporting the cluster fail.

Identity and authentication

Identity and authentication
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Username or password
  • Other
Other user authentication The exact network interconnects available will depend upon the customer's own preferred infrastructure as a service (IaaS), be they AWS, GCP, Microsoft Azure, or their own private infrastructure using VMWare vSphere.
Access restrictions in management interfaces and support channels Pivotal restricts access to named user accounts working on behalf of customers or ourselves. Separate administration roles are available for all administration tasks.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Devices users manage the service through
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications
  • NIST 800-53(r4) controls are documented for Pivotal Cloud Foundry
  • Pivotal Cloud Foundry is undergoing a UK Government accreditation process

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards A mapping of NCSC cloud security guidance on to PCF features is available on request. A Pivotal reference architecture for PCF at Official (including OS) is available on request. A NIST 800 53 (r4) controls mapping is available on our website.
Information security policies and processes Pivotal’s Information Security Policies are based on ISO/IEC 27001:2013. The policies have been published on the company’s internal portal and are reviewed periodically and approved by the Chief Security Officer. All users are provided with appropriate security awareness training to ensure policies are followed. The Information Security Team is led by the Chief Security Officer. The security organization is comprised of 3 distinct yet collaborative teams - (1) Governance, Risk and Compliance (2) Information Security and (3) Physical Security.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Every Pivotal software upgrade is pre-tested against our own security pipeline and alongside other components in the platform before it is shipped to customers via the Pivotal Network (PivNet). We perform additional vulnerability scanning of our software and dependencies using third party scanning software. Ever code change to a component is linked to a requirement, and has tests written for it, before it is accepted in to the next release. This provides tracking of every change back to the specific user need that it was required for, alongside the output of the tests.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Regular testing is done against all our software. In addition, when a CVE is disclosed in the third party component or dependency, we take the latest fix and test it and ship it as soon as possible after the upstream project releases a fix. We also routinely harden software components to minimise the attack surface.
Protective monitoring type Supplier-defined controls
Protective monitoring approach All service and application component logs are aggregated in to a log stream allowing centralised analysis of all activity within an installation (Called a Foundation). There are also components to spot when an unauthorised process modified any binaries of built containers, or works around the immutable nature of a running container. How quickly a response occurs depends on the customer's own incident management processes and policies.
Incident management type Supplier-defined controls
Incident management approach How quickly a response occurs depends on the customer's own incident management processes and policies. Should a problem be discovered in the underlying Pivotal platform, Pivotal's support staff will respond within the SLA agreed timings.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart No

Energy efficiency

Energy efficiency
Energy-efficient datacentres No

Pricing

Pricing
Price £165 to £631 per unit per year
Discount for educational organisations No
Free trial available Yes
Description of free trial There is a free 90 day time limited and usage limited version that can be used for testing and evaluation purposes.

Service documents

pdf document: Pricing document pdf document: Service definition document pdf document: Terms and conditions
Service documents
Return to top ↑