Agilisys Ltd

Enterprise Storage-as-a-Service with Zadara Storage Cloud

In partnership with Zadara Storage Cloud, Agilisys offers an enterprise-class storage service with the same user experience of a physical array where users enjoy the flexible, rich feature-set of today’s storage system, on an agile, cost effective and elastic solution, based on a Zero Capex, “as-a-service” business model.


  • Scalable, elastic, cost-effective, Enterprise Storage as-a-Service
  • Deployed in your DC, on Public Cloud or Hybrid
  • Zero CapEx, Pay-as-you-go pricing delivering Cloud Agility to all applications
  • High performance platform with dedicated resources per application/tenant
  • Multi-Tenant platform delivering a Single Tenant Experience and known QoS
  • Secure platform with encryption in transit and rest (customer keys)
  • Support for Block, File and Object data using any protocol
  • Delivering seamless data mobility between local DC and Cloud
  • Delivered with a 100% up-time service SLA
  • Uses Zadara Storage Cloud


  • No up-front purchases, pay for what you use
  • No over-provisioning, eliminates the expense of unused storage assets
  • No storage refresh cycles, refresh costs or capital asset amortisation
  • No data migration costs, eliminating 3/5 year upgrade cycle
  • Fully managed service, staff can focus on more valuable tasks
  • Complete scalability - grow or shrink your usage, as-needed
  • ‘Immortal’ Storage. Storage resources are always state-of-the-art
  • Features & functionality of an enterprise array in the Cloud
  • Cloud agility & scalability for On-Premises Data Management


£671.60 per instance

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 10


Agilisys Ltd

Darren London

07702 367779

Service scope

Service scope
Service constraints Minimum commitment for Hyperscale Cloud connected usage (AWS, Azure & GCP) is 1 x Engine and 2 x Drives. Minimum commitment for an "On-Premises" deployment is $4000 per month (Can be a mixture of Engines and drives) Must have internet connectivity for monitoring, management and billing.
System requirements
  • Ethernet connectivity for compute access
  • Ethernet connectivity for iSCSi Block access
  • Ethernet connectivity for NAS access
  • Ethernet connectivity for Object access
  • Fibre Channel access for FC Storage
  • Internet connectivity for monitoring, management and billing

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Response times within service hours as per selected management service are:
P1 15 minutes, P2 30 minutes, P3 2 hours, P4 4 hours
Gold - 24x365 Service desk and P1 Incident resolution in addition to silver
Silver - 24x365 Service desk in addition to Bronze
Bronze - 08:00-18:00 M-F Excl Holidays for all calls
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels Agilisys operates a Service Desk to provide a single contact point for all service related Incidents, Requests and Changes. Our service desk agents are available as detailed within the Management Service option selected.

Basic management is included within the cost of each infrastructure element and provides service desk, subscription support, billing and reporting. Each layer builds on the service provided by the layer below to provide service support options from basic incident management with working hours’ support, to proactive management with 24x7 support with for your service.

Gold - As Silver, including 24x7 incident management.
Silver - As Bronze, plus 24x7 Servicedesk.
Bronze - 0800:1800 Monday to Friday (excluding holidays) support and account management.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We treat each customer use case as unique and offer our full support to help you understand how the Zadara Cloud can benefit your business. We provide a full On-boarding session for each new customer to help connect your compute and we offer a full demo of the GUI, including all Data Services, Raid Group, Pool and volume creation as part of the On-boarding process. Additional training can be offered at an agreed price.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction The Customer should contact their Account Manager to cancel the service.

Zadara provides open systems standard interfaces such as iSCSi, NFS, CIFS, S3 and swift compatible Object interfaces. This allows any 3rd party tools used for data migration to interoperate with Zadara. In addition, Zadara provides a Backup to Object capability which can be used to redeploy a Block or NAS volume image onto a non Zadara platform.
End-of-contract process The customer initiates the off-boarding process via a service request.

Once the data has been moved off of the platform the customer simply deletes their VPSA and can also use a DOD 3 pass shred for the drives consumed if this is required. Alternatively, if encryption is used, this is not required because the key was never provided to Zadara.

Using the service

Using the service
Web browser interface Yes
Using the web interface After a set up process, users will be able to self serve agains their array. Role-based access control enables different users to have different rights to manage each interface. (Virtual Private Storage array (VPSA), ecommerce and Cloud console interfaces). Users can also use our fully RestFul-API to manage the system.
Web interface accessibility standard None or don’t know
How the web interface is accessible N/A.
Web interface accessibility testing N/A.
What users can and can't do using the API The Zadara VPSA is addressable via a RESTful API. Please refer to for details.
API automation tools Other
Other API automation tools RESTful API
API documentation Yes
API documentation formats HTML
Command line interface No


Scaling available Yes
Scaling type Manual
Independence of resources The Zadara VPSA's multi-tenant architecture actually allocates dedicated resources (drives, CPU, networking) to each user, even in public cloud environments. That means customers enjoy robust, enterprise storage powered by private, dedicated resources, yet these resources are elastic. They can grow, shrink and change on the fly. Users can create as many VPSAs as needed (e.g. different VPSAs for different areas or departments within a company). With billing and chargeback built in, companies and/or service providers can easily monitor usage by each tenant/user.
Usage notifications Yes
Usage reporting
  • API
  • Email
  • Other


Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • Memory
  • Network
  • Number of active instances
  • Other
Other metrics
  • Cache hit ratios
  • Cache utilisation
  • Pool/RAID group performance
  • Host Performance
  • All details available via API
Reporting types
  • API access
  • Real-time dashboards
  • Reports on request


Supplier type Reseller providing extra support
Organisation whose services are being resold Zadara Storage

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Other
Other data at rest protection approach Encryption (AES256) uses keys owned and managed by the customer.
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Backup and recovery No

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
Data protection within supplier network
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network Each customer within the Zadara Cloud is segregated from each other from a network controller and disk perspective. This is separate and segregated from the out of band Zadara management interfaces and networks. Access to the management networks is controlled and restricted to know operatives from known locations using secure, encrypted tunnels and multi-factor authentication. Each customer can further encrypt their data in-flight and at rest.

Availability and resilience

Availability and resilience
Guaranteed availability Due to the rapidly evolving nature of cloud product offerings, SLAs are best reviewed directly on our website via the links below:
Approach to resilience In addition to a robust, resilient platform that designs out single points of failure in the hardware, Zadara supports multiple on-premises installations or multiple regions for customers running multiple data centres.

All Block and NAS volumes can be replicated to another Zadara instance. Additionally, Zadara supports Backup to S3, Swift compatible and Zadara's own object storage platforms. We also have a VSS hardware provider to support application consistent snapshots of Microsoft VSS aware applications. In addition, a RESTful API to enable pre and post script integration.
Outage reporting Alerts are generated by our monitoring platform that are received by our 24x7 Operations Centre. SMS text alerts and email notifications are generated and dispatched to user stakeholders for affected services.

Identity and authentication

Identity and authentication
User authentication
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
Other user authentication API access token over TLS
Access restrictions in management interfaces and support channels If deployed within Agilisys. Access to the management LAN is via a physically separate dedicated firewall with different contexts deployed to secure and separate the traffic. Management access is granted only to UK based engineers that hold current Security Check (SC) Clearances. Two factor authentication, and strict segregation of administrative privileges is used to further control access.
Management traffic is segregated using physically separate firewalls, physical switches and separate partitions within the secure switches.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device over multiple services or networks

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 SII (Standards Institution of Israel)
ISO/IEC 27001 accreditation date 29/04/2018
What the ISO/IEC 27001 doesn’t cover N/A
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards SOC2
Information security policies and processes

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Our CMDB contains details of all the IT services delivered to our customers, together with relationships to the supporting services, shared services, components and Configuration Items (CIs) necessary to support the provision of the service.
Agilisys ensures the smooth running of operations using well-defined change management processes. Our Change Advisory Board (CAB) is managed to ITIL standards (assessed within the scope of ISO27001), with 98.5% of changes completing successfully.
Many of our processes are documented as standard changes, however service impacting or non-standard changes require a full change submission that may require communication with end customers via our Service Desk.
Vulnerability management type Supplier-defined controls
Vulnerability management approach We use multiple publications and independent agencies, along with our own customers to advise on new threats. Once a new threat is identified our security and engineering teams’ asses the risk and relevancy to our systems and deploy new patches based on the threat severity.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Agilisys has comprehensive incident Management Processes and Security Operating Procedures in place.

A GPG 13 compliant Security Information and Event Management (SIEM) service has been deployed in addition to log capture on the IaaS Platform which monitors up to, but not within, tenant environments with logs filtered and supplied to our operations centre. The SIEM is configured in accordance with the our SIEM & GPG13 Protective Monitoring Audit Policy.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Our Incident Management process is aligned to the ITIL Standard and has been audited and approved by external auditors as part of our ISO27001 certification.
Agilisys’ Service desk function provides the single contact point for all Incidents, Requests and Changes. Operating 24x7 the service desk agents provide core services, including help and advice, and Major Incident Management. Accessible by telephone and email, once an incident call ticket has been raised, the desk retains control of the call. Escalations and communications including updates are accessible via the Service desk.
Major Incident reports are provided for all P1 incidents within 5-working days.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Supplier
Virtualisation technologies used Other
Other virtualisation technology used Modified KVM Hypervisor
How shared infrastructure is kept separate Zadara's patented architecture combines a modified KVM Hypervisor technology with SRIOV, iSER and paravirtualization to provide separation between tenants and VPSA’s where CPU and RAM resources are pinned and separated rather than using standard virtualisation resource scheduling.

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes


Price £671.60 per instance
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Trial options are available, please contact us to discuss your requirements.


Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑