FCO IAAS
FlexiScale is an online cloud platform providing IaaS, PaaS and SaaS. It's patented multi-tier architecture allowing rapid deployment of on-demand services within minutes, instant scale-up/scale-down compute, network or storage resources, with on-premise and public cloud.
FlexiScale also has elastic application-aware auto-scaling, which automatically scales up your resources for increased workloads
Features
- INFRASTRUCTURE & PLATFORM AS A SERVICE ORCHESTRATION
- APPLICATION AS A SERVICE ORCHESTRATION
- ADVANCED STORAGE OPTIONS
- ADVANCED NETWORKING & SECURITY CONTROL
- GRANULAR METERING/BILLING & REPORTING
- MULTI-TENANCY ACROSS COMPANY ENTITY'S, RESOURCES
- SCALABLE & ELASTIC ARCHITECTURE
- CLOUD BLUEPRINTING AND MARKETPLACE
- ADVANCED EXTENSIBILITY & API CAPABILITY
- HYBRID & MULTI CLOUD SUPPORT
Benefits
- EASY TO USE INTUITIVE CLOUD INTERFACE
- RAPID DEPLOYMENT OF INFRASTRUCTURE/PLATFORM AND APPLICATION SERVICES
- 5 LAYERS OF INTERCOMPANY/DEPARTMENTAL CONTROL & SECURITY OF RESOURCES/USERS
- ALLOWS ABILITY TO CREATE CUSTOMER DRIVEN PLATFORM & APPLICATION MARKETPLACES
- MULTI/HYBRID CLOUD SUPPORT FOR APPLICATION/INFRASTRUCTURE/PLATFORM DEPLOYMENTS TO OTHER CLOUDS
- FLEXIBLE LOW COST PRICING OPTIONS GUARANTEE
- RESILIENT HIGH PERFORMANCE HARDWARE INFRASTRUCTURE WITH THE LATEST GPU/CPU
- HYBRID & PRIVATE CLOUD SUPPORT ENSURING GUARANTEED SECURITY LEVELS/CONTROL
- UK HOSTING ENSURING UK DATA SOVEREIGNTY
- AUTO FAILOVER FOR CUSTOMER PLATFORM AND APPLICATIONS
Pricing
£0.01 a unit an hour
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 10
Service ID
5 6 0 3 9 2 7 1 0 4 6 2 8 7 8
Contact
FLEXISCALE TECHNOLOGIES LTD
Rajinder Basi
Telephone: 07976 125488
Email: r.basi@flexiscale.com
Service scope
- Service constraints
- There are no service constraints
- System requirements
-
- Internet Browser accessibility
- Software compatibility based on x86 architecture
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Ticket Response - Confirmation immediate
Ticket Response - Individual within 30 minutes 0900 - 2100 Weekdays
Ticket Response - Individual within 60 minutes 2100 - 0900 Weekdays
Ticket Response - Individual within 60 minutes 0900 - 2100 Weekends
Ticket Response - Individual within 60 minutes 2100 - 0900 Weekends - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
From basic support to turnkey outsourced managed services
Costs are based on hourly rate of £90/hr
Provide Technical Account Manager and Cloud Support Engineers. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Users are initiated with training and online documentation.
Optional onsite training available at a cost - Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
-
File transfer by customer
Back onto media or cloud repository - End-of-contract process
- Flexiscale only charge on a hourly rate if requested.
Using the service
- Web browser interface
- Yes
- Using the web interface
- Users have complete control of procuring any of the services they want to install, create, maintain and administer from the web interface.
- Web interface accessibility standard
- None or don’t know
- How the web interface is accessible
-
User accesses the service via our login page: https://mycloud.flexiscale.com/?action=login
From this dashboard the customer has complete access to their environment. - Web interface accessibility testing
- None at present
- API
- Yes
- What users can and can't do using the API
-
Flexiscale API: We have three APIs:
The User API - for end users.
The Admin API - for administrative functions for Billing Entities or Licensees of the platform.
The System API - for licensees of the platform to manipulate use of physical resources.
These User and Admin APIs are available in both REST and SOAP. The System API is available in SOAP only. For more information, see the following pages:
SOAP documentation - http://docs.flexiscale.com/display/DOCS/SOAP+documentation
REST documentation - http://docs.flexiscale.com/display/DOCS/REST+documentation
An introduction to our APIs is available here - http://docs.flexiscale.com/display/DOCS/Introduction+to+Jade+APIs
Flexiscale Query Language: A unique offering of Cloud Orchestrator is the Flexiscale Query Language (or FQL). FQL allows you to perform structured queries against resources to easily allow you to track, report and manage the resources being used.
More information on FQL is available from Flexiscale Query Language (FQL) - http://docs.flexiscale.com/pages/viewpage.action?pageId=10879087
Flexiscale Development Language: Flexiscale Development Language allows you to extend FCO by writing plug-ins. It provides a complete programmable suite of functions including access to our internal business logic, as well as the ability to integrate with external applications.
More information on FDL is available from Flexiscale Development Language - http://docs.flexiscale.com/display/DOCS/Flexiscale+Development+Language - API automation tools
-
- Chef
- Puppet
- Other
- Other API automation tools
-
- FDL
- FQL
- Javascript
- API documentation
- Yes
- API documentation formats
-
- HTML
- Command line interface
- Yes
- Command line interface compatibility
-
- Linux or Unix
- Windows
- MacOS
- Using the command line interface
-
Users can interact with their own account and carry out any or all actions as defined by the role based access group/permissions they are assigned to.
So long as the users have a valid account, users authenticate they can carry out any or all services on the command line, create start stop, midify or delete etc. Example command line calls can be found here http://docs.flexiscale.com/display/DOCS/Introduction+to+Jade+APIs
Scaling
- Scaling available
- Yes
- Scaling type
-
- Automatic
- Manual
- Independence of resources
- Platform capacity planning and infrastructure availability. The services are always deployed on compute nodes that have capacity availability without any disruption or performance degradation to the customer experience.
- Usage notifications
- Yes
- Usage reporting
-
- API
- Other
Analytics
- Infrastructure or application metrics
- Yes
- Metrics types
-
- CPU
- Disk
- HTTP request and response status
- Memory
- Network
- Number of active instances
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2012
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Physical access control, complying with SSAE-16 / ISAE 3402
- Physical access control, complying with another standard
- Scale, obfuscating techniques, or data storage sharding
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- In-house destruction process
Backup and recovery
- Backup and recovery
- Yes
- What’s backed up
-
- Files
- Virtual machines
- IaaS deployments
- PaaS deployments
- Software Images
- Databases
- Disks
- Custom Configurations
- Snapshots
- Backup controls
- Users can self adminstrate their own back up policies that suit them as an organisation. They can also select at any time, backup regimes and policies based on their required backup software.
- Datacentre setup
- Multiple datacentres with disaster recovery
- Scheduling backups
- Users schedule backups through a web interface
- Backup recovery
- Users can recover backups themselves, for example through a web interface
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Bonded fibre optic connections
- Legacy SSL and TLS (under version 1.2)
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Legacy SSL and TLS (under version 1.2)
Availability and resilience
- Guaranteed availability
- Refer to http://www.flexiscale.com/support/service-level-guarantee/
- Approach to resilience
-
Physical datacentre Tier 3+ resilience.
Cloud platform resilience is available across difference clusters and different datacentres - Outage reporting
-
Email alerts
API
Identity and authentication
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google apps)
- Dedicated link (for example VPN)
- Username or password
- Access restrictions in management interfaces and support channels
-
Each customer account has its own unique authentication process (Username, password and MFA)
Within each customer account/environment, we have a full role based access, permission and self configuration workspace. - Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Dedicated link (for example VPN)
- Username or password
- Other
- Devices users manage the service through
-
- Dedicated device on a segregated network (providers own provision)
- Dedicated device on a government network (for example PSN)
- Dedicated device over multiple services or networks
- Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
- Directly from any device which may also be used for normal business (for example web browsing or viewing external email)
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- In process
- ISO/IEC 27001 accreditation date
- In process
- What the ISO/IEC 27001 doesn’t cover
- In process
- ISO 28000:2007 certification
- Yes
- Who accredited the ISO 28000:2007
- In process
- ISO 28000:2007 accreditation date
- In process
- What the ISO 28000:2007 doesn’t cover
- In process
- CSA STAR certification
- Yes
- CSA STAR accreditation date
- In process
- CSA STAR certification level
- Level 1: CSA STAR Self-Assessment
- What the CSA STAR doesn’t cover
- None
- PCI certification
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
-
The following security policies are followed
Acceptable Use Policy, Password Policy, Backup Policy, Network Access Policy, Incident Response Policy, Remote Access Policy, Email Policy, Guest Access Policy, Wireless Policy, Third Party Connection Policy, Network Security Policy, Encryption Policy, Confidential Data Policy, Data Classification Policy, Mobile Device Policy, Retention Policy, Outsourcing Policy, Physical Security Policy, Virtual Private Network (VPN) Policy
We adhere to industry standard procedures and have a dedicated resource monitoring and ensuring the correct reporting process in complied with.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Our Change Access Board meets fortnightly to discuss and review any upcoming changes within the next 3 months assigning risk level and priority level aswell as deployment manager, deployment SOP & dedicated resource for deployment alongside roll back plans and test scripts.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- Potential threats are managed using dedicated staff who work with trade and industry bodies, software houses and hardware OEMs to study and highlight any or potential threats and vulnerabilities and work alongside these industry professionals and bodies to then test any potential patches on our test environments before rollout to production.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
We have dedicated hardware and monitoring services which identify potential compromises.
Any potential compromise is automatically blocked and alerted to our security personnel who will take immediate action. - Incident management type
- Supplier-defined controls
- Incident management approach
-
There is a structured and defined incident reporting and management process which is used by our dedicated support personnel in our 24/7 NOC. Users report incidents via phone, email or logging a support ticket.
Incident reports are published post resolution and after identification or root cause.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- Yes
- Who implements virtualisation
- Supplier
- Virtualisation technologies used
- KVM hypervisor
- How shared infrastructure is kept separate
- Flexiscale has multiple confidential security profiles including 32 bit Unique user IDs and isolation between customer environments/VDCs, Flexiscale isolates each component assigned to each customer therefore ensuring complete exclusivity and isolation of any resource.
Energy efficiency
- Energy-efficient datacentres
- Yes
Pricing
- Price
- £0.01 a unit an hour
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
-
The full cloud service functionality and capability is included within the free trial.
Max time limit is 3 months or 10,000 units
The client can signup and so long as they are from a G Cloud organisation then they will have access to the platform on a trial basis. - Link to free trial
- https://mycloud.flexiscale.com/?view=signup