Ideal Networks Ltd

Disaster Recovery as a Service

Ideal's Disaster Recovery as Service (DRaaS) provides a secure, geographically separate, cloud-based target for data replication of critical applications, with ongoing monitoring showing real time health and available RPO. The service provides optimised RTO times, with options for fully supported recovery of service should the primary site fail.


  • Disaster Recovery delivered as a Service
  • Automation
  • RPO of 10-15 Seconds
  • Recover workloads into cloud
  • Flexible on demand testing
  • hypervisor based replication on VMware
  • Managed support
  • Private to Cloud/ Cloud to Cloud replication
  • Storage-agnostic replication
  • Multi-site replication as sources and targets


  • Simple setup and onboarding process
  • Manage, view status and test DR securely from any location
  • Tailored recovery objectives to match business needs
  • Simplify cloud migrations
  • Self service infrastructure
  • Ability to burst into cloud
  • Pay-as-you-use model
  • Storage agnostic


£32 per virtual machine per month

  • Free trial available

Service documents

G-Cloud 10


Ideal Networks Ltd

Mike Henson

01273 957500

Service scope

Service scope
Service constraints There are few locations world wide 2 UK and 2 US
System requirements
  • VPN connectivity to link private to public cloud
  • Inbuilt DR tests
  • Cloud replication of application-level resource groups
  • Recover to Cloud
  • Storage agnostic hypervisor based replication

User support

User support
Email or online ticketing support Yes, at extra cost
Support response times Ideal Networks provides 24/7 365 support. We maintain the same response times on weekdays and weekends. Minimum response time 15 minutes with service restoration within 4 hours (P1)
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support No
Support levels Ideal provides 24/7 365 support. Standard service levels will address response time and target resolution time. This will be the same for weekends as it is weekdays, or as per specific customer SLA. Standard Incident SLA: P1 Response time within 15 minutes, Service restoration within 4 hours; P2 Response time within 30 minutes, Service restoration by next business day; P3 Response time within 2 hours, Service restoration within 2 business days. We offer a Technical Account Manager as part of this service.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Full consultancy available for onboarding, including sizing, system mapping, tiering of apps and documentation.
Training and knowledge share available.
A demo account can be created to review and test before full on boarding.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction A VPN is established to move data to and from the platform. The backup?DR product can also be used to move data to and from the platform.
End-of-contract process The contract is normally a 12-36 month contract that can be ended via a request or all resources are removed. Once closed no extra cost is required. Data can be easily be restored back to client site, and any data still in place will automatically be over written and any resource instances closed down.

Using the service

Using the service
Web browser interface Yes
Using the web interface Request and provision services, such as:
change target Data Centre
Run a test restore
Run a restore on workloads
raise a support ticket.
Web interface accessibility standard None or don’t know
How the web interface is accessible Our web pages are designed to ensure we:
- Give users enough time to read and use content.
- Do not use content that causes seizures.
- Help users navigate and find content.
- Make text readable and understandable.
- Make content appear and operate in predictable ways.
- Help users avoid and correct mistakes.
Web interface accessibility testing End to end testing of common user processes.
Command line interface No


Scaling available Yes
Scaling type Manual
Independence of resources VMs are segregated via firewalls and VMware's vCloud platform. All metrics relating to scalability and performance of the underlying infrastructure are monitored by Navisite and resources managed and added as required.
Performance can be either be shared or dedicated.
Usage notifications Yes
Usage reporting Email


Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Reseller providing extra support
Organisation whose services are being resold Rubrik and Zerto

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations Yes
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Hardware containing data is completely destroyed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • Virtual machine level
  • File level
  • Databases
  • Application group level
Backup controls User can schedule or manually trigger from web interface as an add-on extra, or request via Ideal service desk.
Datacentre setup
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
Scheduling backups Users schedule backups through a web interface
Backup recovery
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability Based on 99.999% availability
Approach to resilience HA is included by design at network, server, storage and hypervisor layer, with no single point of failure. The customer can choose to have dual or single connections to the backup target.
Outage reporting We report outages via dashboard and emails, and telephone if significant service affecting disruption is experienced

Identity and authentication

Identity and authentication
User authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Each user has only access to their environment
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Cloud Security Alliance (CSA) STAR Certification

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards Other
Other security governance standards SSAE16
Information security policies and processes Information Security Policies consist of multiple policy documents, which are reviewed and approved throughout the year, as well as audited for SSAE 16 compliance. Policies include documents such as the Acceptable Use Policy, Change Management Policy, Encryption Policy, Logging and Audit Policy, Media Handling Policy, Patch Management Policy, Risk Management Policy, and more.
The Information Security program has the following ownership and responsibility structure:
• CIO has full executive ownership and accountability
• CIO approves all EIS program policies
• Enterprise Information Security Director approves all EIS program standards

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach The service operates a SSAE 16-compliant Change Management procedure.
A ticket-based system is used to track progress and history of the change process from initial request through closure. The process applies to all systems, including internal Navisite infrastructure components and customer-specific components. A Change Management Review Board has been established to provide oversight and ensure compliance with the Change Management process. Change metrics are also reviewed periodically and opportunities for improvement are considered.
A policy document has been developed to govern changes and includes definitions of terms, roles and responsibilities, and procedures.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Vulnerability assessments are performed periodically utilising third party network assessment tools. Vulnerabilities identified are documented and provided to the customer for risk acceptance or remediation approval.

The Patch Management Policy provides a framework for vulnerability identification, threat assessment, priority, and voluntary/involuntary remediation via patch distribution. The Patch Management Team is responsible for identifying vulnerabilities that may impact the service or customers’ assets, and make recommendations on schedules. Patches or updates are applied to each host depending on the priority ranking assigned.
Protective monitoring type Supplier-defined controls
Protective monitoring approach All critical system components and thresholds are monitored using various monitoring tools. This includes vulnerability scanning.

Alerts can be customised for different risk factors and for specifc users. Typical events monitored are:

Computer issues/changes
Firewall events
Intrusion prevention and detection
Log inspection
Incident management type Supplier-defined controls
Incident management approach We have a defined Incident Management (IM) process to be able to efficiently handle escalations, customer notifications, and the resource management necessary to resolve urgent incidents quickly. The Service Delivery team is responsible for overseeing status and progress, change window activity, assignment of appropriate resources, escalation and communication with the customer and/or internal resources.

Users report incidents and view reporting via the portal, and all major incidents will be followed with a problem ticket and incident report.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Supplier
Virtualisation technologies used VMware
How shared infrastructure is kept separate These are kept apart by different tenants within VMware vCloud Director platform. Network segregation techniques such as VLANs are also deployed.

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes


Price £32 per virtual machine per month
Discount for educational organisations No
Free trial available Yes
Description of free trial Full access excluding VPN from cloud to private cloud and full DR testing from public to private cloud.


Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Terms and conditions document View uploaded document
Return to top ↑