OPAL WAVE SOLUTIONS LIMITED

SAP HANA Managed Platform as a Service

SAP HANA Platform as a Service provides a SAP certified/supported HANA platform that allows users to run their own SAP HANA Applications on a fully managed BW4/HANA environment. The Fully Managed platform includes both the middleware BASIS/HANA and the infrastructure environment provides ‘as a Service’

Features

  • Supports any HANA Application including S/4HANA & Business ONE-HANA
  • Reduce costs from EoS and sharing across multiple users
  • Security expertise from industry best practice
  • Single Point of Service, one partner provides all platform needs
  • Scalability to grows or decline according to the business needs
  • Business Continuity with Highly Available, Resilience fault tolerant systems
  • Reduced time to benefit, get up and running in hours
  • Middleware Expertise from HANA/BASIS/SUSE industry specialists
  • No up-front investment, charged on a predictable monthly payment
  • Long term supplier relationships proven by customers over many years

Benefits

  • PaaS delivered according to industry standards and best practices
  • All HANA expertise and support part of the service
  • primary and secondary, geographically distant datacentres based in UK
  • Basis administration: installation, configuration, load-balancing, performance of applications
  • Basis maintenance: database, OS, application and webserver services
  • Managed platform security and Multi-Factor Authentication (MFA)
  • Solution Architecture, Management of virtual machines and networking
  • HANA Backup management, testing & restorations
  • Certified ISO9001, ISO14001, ISO/IEC27001, CSA Star Accreditation, PCI-DSS
  • Quarterly, bi-annual and annual software upgrade options

Pricing

£32 a gigabyte a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at mujahid.ali@opalwave.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

5 4 0 9 2 5 4 7 8 0 9 6 0 9 8

Contact

OPAL WAVE SOLUTIONS LIMITED Mujahid Ali
Telephone: 02030 789 389
Email: mujahid.ali@opalwave.com

Service scope

Service constraints
None
System requirements
  • Supports any SAP HANA Applications
  • Supports S/4HANA
  • Supports BW/4HANA
  • Supports SAP Business ONE for HANA

User support

Email or online ticketing support
Email or online ticketing
Support response times
Standard service includes 24x7 online support ticket logging and monitoring system with telephone helpdesk support during UK office hours. SLA response times 1 - 4 hours, average response times sub 2 hours. Fully managed system providing 24x7 access. Business as usual functional support UK office hours excluding bank holidays (critical period and extended hours support available at extra cost)
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Platform and infrastructure fully managed with 24 x 7 support inclusive. Business as usual functional support with 4 hours per month inclusive support time, additional support hours and options available at extra cost (extended hours, critical period cover etc).
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Provision of rapid deployment templates Classroom and onsite training services Free to consume video training modules Consulting support for configuration assistance Online help files
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Full database backup available as well as flat file data file option.
End-of-contract process
At the end of the contract users may renew for additional term with no service interruption or may take all data and reports for archival and / or transfer to new replacement system.

Using the service

Web browser interface
No
API
No
Command line interface
No

Scaling

Scaling available
No
Independence of resources
Ringfenced resources dedicated to each customer
Usage notifications
Yes
Usage reporting
Email

Analytics

Infrastructure or application metrics
No

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
SAP

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
No
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • SAP HANA database replication
  • Managed virtual machines
  • Managed networking
  • Managed DR from additional DC available
  • Managed Snapshot and full backups
  • Managed backup testing
  • Managed DR failover
Backup controls
Agreement with SAP Managed Service Provider
Datacentre setup
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
  • Single datacentre with multiple copies
Scheduling backups
Supplier controls the whole backup schedule
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Infrastructure components working within normal operation parameters 99.5% Availability of the Production Environment: Server availability with Customer having administrative access to SAP BPC 99.5% Recovery Time Objective (RTO) The RTO of the production environment will never exceed 24 hours within the applicable service window Recovery Point Objective (RPO) The RPO of the production system will never exceed 24 hours within the applicable service window The Availability Service Level is applicable during the service windows and is measured on a monthly basis. If the Availability Service Level is breached on a cumulative basis, after exclusions, in any calendar month, we will, upon the Customer request For every 0.5% up to 3.5% breach beyond SLA 1% of Monthly Fee per 0.5% Breach > 3.5% beyond SLA 10% of Monthly Fee
Approach to resilience
Available on request
Outage reporting
System is monitored by agents which generate email alerts.

Identity and authentication

User authentication
2-factor authentication
Access restrictions in management interfaces and support channels
Technical staff who need admin access have separate accounts for normal task with no admin rights and an admin account with no remote/normal access.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Devices users manage the service through
Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
British Assessment Bureau
ISO/IEC 27001 accreditation date
13/01/2020
What the ISO/IEC 27001 doesn’t cover
None.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Information security policies are managed through ISO 27001 governance process including monthly service and risk review with ISO manager and Technical director and reported monthly at management meetings. Policies and processes are documented in the Opal Wave security policy document IT Security Policy which can be viewed on request.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Our change procedure conforms to ISO 27001 standard
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Our vulnerability management process conforms to ISO 27001 standard
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Our proactive monitoring process conforms to ISO 27001 standard
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Our incident management process follows ITIL best practice standard

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Supplier
Virtualisation technologies used
Hyper-V
How shared infrastructure is kept separate
Separate HANA database instances

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
Compliant

Pricing

Price
£32 a gigabyte a month
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at mujahid.ali@opalwave.com. Tell them what format you need. It will help if you say what assistive technology you use.