Zengenti Private Cloud is an enterprise-class, on-demand computing, storage and networking resource, capable of 100% uptime. It’s based on high availability (no single point of failure) Windows and Linux virtual servers, in Tier 3, ISO27001 UK datacentres. Featuring rapid deployment, you can manage your own operating systems, applications and databases.
- Uses high-grade industry-leading components and ISO27001 certified
- Flexible vm’s deployed in minutes to meet you project requirements
- Engineers trained and experienced in high availability, high traffic environments
- Redundant Tier 1 resilient connectivity housed in core Internet Exchanges
- Manage Virtual Machines using a web based dashboard
- Agile infrastructure offering up to 100% availability dependant on configuration
- Full back-up and DR capabilities
- Automated failover for all hardware components
- Protective and proactive monitoring of all services and hardware
- Ability to clone entire environments
- Reduce time to deploy digital solutions
- All support operations are free, 24/7 & UK based
- Easily flex services up and down with demand
- Comply with strictest security standards and keep your data safe
- Avoid high project start-up and fixed costs
- Have complete control of your data
- Flexible, responsive, client-centric company ethos
£59 per unit per month
- Education pricing available
- Free trial available
|Service constraints||Planned maintenance varies with service level and infrastructure chosen. Details are provided in Service Definition document.|
|System requirements||No standard system requirements|
|Email or online ticketing support||Email or online ticketing|
|Support response times||
We provide a single, consistently good level of service, appropriate to meet the 99.99% SLA uptime commitment. The associated response times for support tickets are;
1. Critical Incident: handled 24/7/365, receipt is immediate, response within 30 minutes and resolution within 8 hours including weekends.
2. Standard Incident: handled during office days and hours (8.00am to 6.00pm), receipt is within 60 minutes, response within 4 hours and resolution within 2 working days.
3. Minor Incident: handled during office hours, receipt within 4 hours, response within 8 hours and resolution within 3 working days & prioritised.
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||None or don’t know|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
We provide a single, consistently good level of service, which is appropriate to meet the 99.99% availability commitment in the SLA. The associated response times for support tickets are;
1. Critical Incident: these are handled 24/7/365, receipt is immediate, response is within 30 minutes and resolution within 8 hours.
2. Standard Incident: these are handled during office days and hours (8.00am to 6.00pm), receipt is within 60 minutes, response is within 4 hours and resolution within 2 working days.
3. Minor Incident: these are handled during office hours, receipt is within 4 hours, response is within 8 hours and resolution within 3 working days & prioritised.
Support is provided within the IAAS cost.
We allocate an engineer to each issue and they stay with it until resolution.
|Support available to third parties||Yes|
Onboarding and offboarding
Once a call-off contract has been agreed, we will undertake all the work to provision the cloud hosting service within 48 hours. The key users will be given access to the services and to Helpdesk (ticketing), Zenhub (knowledge base) and Forum.
Training can be agreed on the basis of individual client's requirements.
|End-of-contract data extraction||Data extract methods would depend on what the user had put onto the servers. The most likely option is a straightforward back-up. If you do not have the resources to do this, we can undertake it as an extra cost option.|
|End-of-contract process||Full support in line with the SLA will continue up to the end of the contract. Any work you ask us to do after you have ceased paying for the infrastructure would be charged at our normal day rate (of £800 remote, £950 onsite).|
Using the service
|Web browser interface||Yes|
|Using the web interface||Users can provision, delete and configure environments.|
|Web interface accessibility standard||WCAG 2.1 AA or EN 301 549|
|Web interface accessibility testing||We regularly test screens from the UI using VoiceOver. Users with partial sight have actively used Contensis in a work context on a number of occasions. The system also has icons and other visual cues throughout, rather than relying on text. Our testing suggests that people with dyslexia would be able to use the vast majority of the system from the beginning, and would learn to recognise the very few text-rich screens and features after only a short period of familiarisation.|
|What users can and can't do using the API||Users can create instances and delete instances.|
|API automation tools||Ansible|
|API documentation formats||HTML|
|Command line interface||No|
|Independence of resources||Each client has a separate infrastructure which is scaled to handle their own specific peaks in demand. We ensure we maintain a healthy headroom in terms of elastic capability.|
|Infrastructure or application metrics||Yes|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Baseline Personnel Security Standard (BPSS)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||‘IT Health Check’ performed by a CHECK service provider|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||In-house destruction process|
Backup and recovery
|Backup and recovery||Yes|
|What’s backed up||The service backs up entire virtual machines|
|Backup controls||There is a standard backup schedule, users cannot dictate this, however users can request regular snapshots should they need finer control.|
|Datacentre setup||Multiple datacentres with disaster recovery|
|Scheduling backups||Supplier controls the whole backup schedule|
|Backup recovery||Users contact the support team|
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
Availability and resilience
Our services have an uptime of 99.99%, measured on a monthly basis. This includes planned maintenance.
Service credits are calculated on the basis of the difference between actual and SLA availability:
service credits = (100 - a) x b
a = the actual percentage availability of the infrastructure during the relevant calendar month; and
b = the Charges payable in respect of access to the infrastructure during the relevant calendar month (exclusive of VAT and other taxes).
|Approach to resilience||
The service operates from multiple Tier-3 datacentres in separate geographical regions.
Each datacentre has separate electricity substations. Dual power cables run to each item of equipment. There are also back-up generators.
All infrastructure is virtualised. An individual logical server, e.g. a CMS server, has an average of 3 physical servers underlying it.
All equipment is monitored, and can be host swapped and remotely managed.
All key services are duplicated, including firewalls, routers and internet connections.
Since we meet or exceed the 99.99% uptime, outages of the Contensis cloud service are rare. If they do occur, they typically involve a single client.
Issues raised by the client will be via the Helpdesk, so all client staff with access will be aware of it and can follow progress to resolution. If we become aware of the outage outside the client's normal working hours, we will pro-actively raise a ticket on your behalf, and if appropriate, report the issue by email.
We can also phone if you have provided an out-of-hours contact. We will engage with your incident management process where appropriate.
If an issue affected multiple clients, we will issue a group email explaining what occurred, what action we have taken to resolve it and how we plan to prevent it in future.
Identity and authentication
|Access restrictions in management interfaces and support channels||Anyone wanting to self-register on the Helpdesk or Cloud Dashboard requires a valid client email address. Once registered, it can only be accessed by registered users who authenticate.|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||Dedicated link (for example VPN)|
|Devices users manage the service through||Directly from any device which may also be used for normal business (for example web browsing or viewing external email)|
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||NQA|
|ISO/IEC 27001 accreditation date||8th July 2016|
|What the ISO/IEC 27001 doesn’t cover||All relevant areas of our operation are comprehensively covered in the certification scope. We are happy to provide potential G-Cloud clients with a copy of the Statement of Applicability.|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||
All staff receive a set of standard training sessions at the point they are recruited, and this includes secure work practices. These are reinforced through ongoing appraisal and supervision processes and are included in the Staff Handbook.
As an ISO 27001 registered company, our data handling process is scrutinised on a regular basis as part of internal and external quality audits.
As a company we are registered with the Data Protection Registrar.
Where an issue requires escalation, we have a set of identified processes, including phone numbers, so that you can talk directly and express the level of urgency or business challenge. The levels are:-
After 1 hour Head of Support
After 2 hours Chief Product Officer
3 hours+ Chief Executive Officer
One of the key advantages of working with Zengenti Ltd, is that we keep the barriers to communication as low as possible - commensurate with delivering services efficiently to our whole client base. This means that when you need to speak to someone with the necessary technical skill and the authority to decide a course of action, you can.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||Our infrastructure is managed through a configuration management system. As a result, all changes to configuration of customer environments is auditable. Changes are first tested in staging environments, before being rolled into production.|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
We assess potential threats through proactive monitoring of logs and security advisories from major partners/suppliers in the security sector.
We can deploy patches in minutes, but we would assess the risk posed by the particular vulnerability and decide the most appropriate schedule. Typically patches are applied monthly.
We recently had an opportunity to prove the resilience of our processes, when our engineers discovered a vulnerability. Within 48 hours, we had put fixes in place to eliminate any potential risk and told all our clients about the process. We also upgraded all our hosted clients.
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
We have monitoring systems in place that will detect unexpected network traffic and behaviour on servers. There are a range of different solutions depending on the device, for example, on a Linux server we will be automatically notified if there's a change in user account details.
If we find a potential compromise, our incident management process would be triggered.
From that point, the speed of response would be agreed between the engineers and the incident manager.
|Incident management type||Supplier-defined controls|
|Incident management approach||
The majority of incidents are handled through the helpdesk. This streamlines incident management, tracking and resolution. Supportive questions help us gather essential information. Users rate the severity via impact on their business processes.
For critical incidents, on-duty incident managers assess the situation and any affected customer(s), and create a communication list for the incident.
● instigate conference calls
● a high-level view of problems
● ensure resolution of the issue within SLA
● be involved in the debrief
● provide incident reports on resolution
All communication are available within the service desk portal.
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Separation between users
|Virtualisation technology used to keep applications and users sharing the same infrastructure apart||No|
|Description of energy efficient datacentres||Our colocation partners are committed to constantly monitoring and where practical reducing energy use. The London DC (Interxion), which operates entirely on renewable energy, is typical. Their summary is "Core to our operational ethic is continual management of our use of energy, measured through Power Usage Effectiveness (PUE), which measures how efficiently a data centre uses energy. As an active member of industry groups focused on Green IT and energy efficiency, we strive to maximise use and support of sustainable energy sources across our European footprint."|
|Price||£59 per unit per month|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||We provide a "sandpit" version of the actual infrastructure. Servers, bandwidth and storage are limited by negotiation. Typically, we would expect the trial version to be available for no more than 3 months.|