Wipro - VirtuaDesk (VDI) Services
VirtuaDesk is a platform that provides Desktops as a Service which helps in reducing your overall TCO significantly and improves the end user experience by providing 2x times better performance over laptops equipped with SSDs.
The Service offers; EUC, Virtual Desktop(DaaS), User_Management, Profile_Management. Pricing excludes Microsoft licenses.
Features
- High Availability
- Performance
- Monitoring
- Self Service
- Security
- Service Management
Benefits
- High Availability provided through Redundant hardware & software
- Performance achieved through Storage Boost architecture
- Exhaustive end user experience monitoring leveraging predictive analytics for alerts
- Simplified operations through workflow automation & self service portal
- Two factor based authentication, TLS/SSL security for data in transit
- Platform stays current at N1 version leading to Evergreen IT
Pricing
£40 a user a month
Service documents
Request an accessible format
Framework
G-Cloud 10
Service ID
5 0 6 4 4 8 0 7 4 4 2 5 8 6 5
Contact
WIPRO HOLDINGS (UK) LIMITED
Wipro- Public Sector UK
Telephone: +44-7970436743
Email: publicsector-uki@wipro.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Hybrid cloud
- Service constraints
- Our Offering provides Windows Server based desktops with either Windows 7/8/10 look and feel. In case customers need a true Windows client desktops customers will have to bring their own licenses for Windows 7/8/10 under BYOL licensing model as per the need.
- System requirements
-
- End points with Browser
- Thin Clients
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Request Type Severity Classification Response Time
Incident Management
Priority Level 1 <30 Minutes
Priority Level 2 <60 Minutes
Priority Level 3 <120 Minutes
Service Request
Priority Level 1 <4 hours
Priority Level 2 <10 hours
Priority Level 3 <30 hours - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.0 AA or EN 301 549
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- Yes, at an extra cost
- Web chat support availability
- 24 hours, 7 days a week
- Web chat support accessibility standard
- WCAG 2.0 AA or EN 301 549 9: Web
- Web chat accessibility testing
- We provide support using Lync/ Skype for Business messenger/chat
- Onsite support
- Yes, at extra cost
- Support levels
-
Support availability: 08:00 to 18:00 Hrs on business days as standard. 24X7 available as optional
Standard support response times: 30 minutes
Incident escalation process available: Yes - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- We provide user documentation and also webinar sessions for user training in order to help them start with our service. Wipro can provide onsite training through our registered training providers at extra cost.
- Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- VirtuaDesk never stores user data on its platform. All user data is stored on customers file shares located in their premises which we integrate into through secure network protocols. Hence there is no need for users to extract their data when the contract ends
- End-of-contract process
-
At the end of contract, all the VdI images for that customer are formatted and the VMs released. The following are included as part of our service/contract
1. Hardware (Servers, Switches, Gateway/Load Balancer)
2. Software (Microsoft Windows Server & System Center Licenses, Software Defined Storage Licenses, VDI Broker Licenses)
3. Services (Implementation, Technical Support)
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 7
- Internet Explorer 8
- Internet Explorer 9
- Internet Explorer 10
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari 9+
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Our service supports any device which can host a Citrix receiver. The primary difference between mobile and desktop service will be in the UI layout.
- Accessibility standards
- WCAG 2.0 AA or EN 301 549
- Accessibility testing
- Service is accessible either from any HTML5 compliant browser or from any device with Citrix receiver installed
- API
- Yes
- What users can and can't do using the API
- Users/Admins can customize the workflows based on their need through a web interface.
- API documentation
- Yes
- API documentation formats
-
- HTML
- ODF
- API sandbox or test environment
- No
- Customisation available
- Yes
- Description of customisation
- Users can customize the branding elements like logos, header/footer using Admin portal.
Scaling
- Independence of resources
- We maintain about 25% buffer capacity at any point of time so that any spikes in use demand can be met instantly. We also review the user requirements periodically and can easily scale by adding additional servers in case of additional demand
Analytics
- Service usage metrics
- Yes
- Metrics types
-
We provide the following service metrics & reports on a monthly basis -
Uptime report for HSD/VDI infra, which includes all user profile uptime status.
Latency report (If any due to any reason)
Total number of clients accessing HSD/VDI stream
Online Uptime reports - Reporting types
-
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- EU-US Privacy Shield agreement locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- In-house
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with SSAE-16 / ISAE 3402
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- There is no need for users to export their data as we integrate into the customer’s file shares to access all user data. All communication between customers file shares and our service are fully encrypted and secure adhering to industry standard security protocols.
- Data export formats
-
- CSV
- ODF
- Other
- Data import formats
-
- CSV
- ODF
- Other
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- Other
- Other protection within supplier network
- All data in transit is protected using SSL/TSL protocols and is compliant with FIPS standards.
Availability and resilience
- Guaranteed availability
-
We provide 99.5% with High Availability and 99.9% uptime with DR
Our SLA’s are as follows
Severity Classification Response Time Resolution Time
Incident Management
Priority Level 1 <30 Minutes 8 hours
Priority Level 2 <60 Minutes 3 Business days
Priority Level 3 <120 Minutes 5 Business days
Service Request
Priority Level 1 <4 hours 1 Business day
Priority Level 2 <10 hours 2 Business days
Priority Level 3 <30 hours 5 Business days - Approach to resilience
- Available on request
- Outage reporting
- Outages are triggered through monitoring dashboard and emails
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Username or password
- Access restrictions in management interfaces and support channels
- VirtuaDesk restricts access to the core components to the specific service accounts created with different access levels to meet the system administration operations and monitoring activities. All the activities on these service accounts is logged and monitored for audit purposes. For most of the service accounts interactive logons are disabled to prevent any misuse.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Username or password
- Other
Audit information for users
- Access to user activity audit information
- Users receive audit information on a regular basis
- How long user audit data is stored for
- Between 6 months and 12 months
- Access to supplier activity audit information
- Users receive audit information on a regular basis
- How long supplier audit data is stored for
- Between 6 months and 12 months
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- UKAS Management Systems
- ISO/IEC 27001 accreditation date
- 01/12/2017
- What the ISO/IEC 27001 doesn’t cover
- N/A
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- Yes
- Who accredited the PCI DSS certification
- -
- PCI DSS accreditation date
- -
- What the PCI DSS doesn’t cover
- -
- Other security certifications
- Yes
- Any other security certifications
-
- FIPS 140-2 Compliant
- Common Criteria Certified
- ISO/IEC 27001:2013
- NIST SP 800 Series
- PCI DSS V3.0
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
-
- CSA CCM version 3.0
- ISO/IEC 27001
- Information security policies and processes
-
Wipro follows Open Web Application Security Project (OWASP) methodology to verify if the service/ platform/ application is exposed to the Top 10 OWASP vulnerabilities. Web Applications are tested for the presence of the OWASP Top 10 vulnerabilities:
Injection, Cross-Site Scripting (XSS), Broken Authentication and Session Management, Insecure Direct Object References, Cross-Site Request Forgery (CSRF), Security Misconfiguration, Insecure Cryptographic Storage, Failure to restrict URL access, Insufficient Transport Layer Protection and Un-validated Redirects and Forwards.
Wipro uses a combination of business impact and ease of exploitability in defining the severity of the vulnerabilities. Appropriate mitigation techniques are implemented to fix the vulnerabilities before the applications are promoted to the production environment. Final round of verification is done after the application goes live to ensure the security vulnerabilities do not resurface in production environment.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- VirtuaDesk leverages and consolidates the audit reports provided by the underlying products for access portal, broker services, databases, hypervisors and core infrastructure which track the changes to the configuration through self-service portal or directly on the component.
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
- VirtuaDesk uses well-defined Vulnerability Management & Patch Management policy/procedure to proactively monitor the vulnerabilities related to the platforms used at Wipro & patching the known vulnerabilities thereby preventing the customer platforms from getting exploited by internal/external threats.
- Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- VirtuaDesk has implemented integrated monitoring tool for end to end monitoring of VDI infrastructure and end user experience and leverages predictive analytics for alerts, notifications, dashboards and reporting. Tool demonstrates the deep insights into VDI technology and functioning of VDI deployments
- Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
-
Incident management covers all reactive and proactive activities to achieve Incident Resolution for Incidents which are allocated to Wipro. Wipro’s responsibilities will include -
Promptly informing the customer’s Service Owner of any interruption to or reduction in quality of the Service which will or may become a Major Incident;
Updating the Ticketing Tool in keeping with the relevant Service Level Target times and responding with accurate and up to date status information to the Service Desk and the User (in agreed format).
Performing appropriate testing of the Fix associated with Incident Resolution
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- Yes
- Connected networks
-
- Public Services Network (PSN)
- Police National Network (PNN)
- New NHS Network (N3)
- Joint Academic Network (JANET)
- Scottish Wide Area Network (SWAN)
Pricing
- Price
- £40 a user a month
- Discount for educational organisations
- No
- Free trial available
- No