IBM United Kingdom Ltd

IBM Private Cloud, Bluemix Local System (PaaS for Secret)

IBM Bluemix Local System is an on-premises system allowing clients to run complex cloud-enabled applications and cloud-native services concurrently.
Supported workloads include:
- IBM Bluemix Local
- x86 Red Hat and Windows applications, using IBM and non-IBM middleware components
Native VMWare support

Features

  • Cloud-in-a-box functionality
  • Cloud-native workloads on Bluemix Local Platform as a Service
  • Hybrid Cloud deployment of complex middleware and applications
  • Pattern based approach. Automated application topology blueprints
  • Accelerated deployment of complex software
  • One pattern deploys anywhere: On-Premises, Off-Premises, or Hybrid
  • Native VMware support (vSphere)
  • Supports Open Standards: Chef, Docker and others
  • Provides automated scaling, load balancing, upgrading and patching
  • Provides embedded system monitoring

Benefits

  • Automated deployment of complex applications and middleware
  • Accelerated delivery of applications
  • Consistent and repeatable deployment of software
  • Reduction of risk in complex software deployment
  • Reduction of risk in complex software upgrade and patching
  • Cost reduction of deploying and running complex applications
  • Investment protection. On-Premises and Off-Premises use the same pattern
  • Open Standard. Docker, Chef and other standards supported
  • Integrated System, Middleware and Application monitoring
  • Native VMware support

Pricing

£246596 per unit

Service documents

G-Cloud 9

625866860127021

IBM United Kingdom Ltd

Jason Dymott

+44-07753-829879

gcloud@uk.ibm.com

Service scope

Service scope
Service constraints - Bluemix Local System is provided in an appliance form factor
- Bluemix Local System is not a managed service
- The underlying technology of IBM Bluemix Local System is x86
- Some of the workloads running on IBM Bluemix Local System might need a relay to be upgraded by IBM
- The Bluemix Local System is available as two different configurations, each with a full range of models:
-W3500 models: Ideally suited to CPU intensive workloads
-W3550 models: High-performance systems targeted for high IOPS and low latency workloads
System requirements
  • W3500: http://ibm.biz/W3500SysReq
  • W3550: http://ibm.biz/W3550SysReq

User support

User support
Email or online ticketing support Email or online ticketing
Support response times IBM provides support through Service Requests. Response SLAs vary depending on the severity level that customers assign to the request:
1 - Critical: Within 1 hour
2 - Significant: Within 2 business hours
3 - Minor: Within 4 business hours
4 - Minimal: Within 1 business day
More details: https://www-304.ibm.com/support/customercare/sas/f/handbook/getsupport.html
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels IBM provides support through Service Requests at no charge. Response SLAs vary depending on the severity level that customers assign to the request:
1 - Critical: Within 1 hour
2 - Significant: Within 2 business hours
3 - Minor: Within 4 business hours
4 - Minimal: Within 1 business day
More details: https://www-304.ibm.com/support/customercare/sas/f/handbook/getsupport.html
On top of the Service Requests support, paid engagements can be scoped and priced based on customers’ need.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Full documentation is available here:
- https://www.ibm.com/support/knowledgecenter/SS9723
- https://www.ibm.com/support/knowledgecenter/SS97LW
IBM also organises Proofs of Technology and PureApplication Pattern workshops at no cost for buyers.
In addition to that, training courses and tailored engagements are available at a charge.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction IBM Bluemix Local System is not a service offering: it comes in an appliance form factor. Therefore, no term contract is generally associated with it.
End-of-contract process IBM Bluemix Local System is not a service offering: it comes in an appliance form factor. Therefore, no term contract is generally associated with it.

Using the service

Using the service
Web browser interface Yes
Using the web interface The PueAppllication Software Console is a unified interface that provides management and administration for Bluemix Local System All operations around pattern creation and deployment, workload management, monitoring, administration and maintenance are available through the console. The console provides a number of common scenarios and tools that customers can work with. The scenarios and tools that are available to each individual depend on their user role and permissions.
Web interface accessibility standard None or don’t know
How the web interface is accessible IBM software uses the latest W3C Standard, WAI-ARIA 1.0, to ensure compliance with US Section 508 and Web Content Accessibility Guidelines (WCAG) 2.0
Web interface accessibility testing Interface testing is performed with IBM AppScan Enterprise, which conforms to the above standards.
API Yes
What users can and can't do using the API All functionality exposed through the browser console is also accessible through RESTful APIs and a Command Line Interface. An exhaustive list can be found here:
- https://www.ibm.com/support/knowledgecenter/en/SS9723_2.2.2/doc/iwd/rat_overview.html
https://www.ibm.com/support/knowledgecenter/en/SS9723_2.2.2/doc/iwd/cct_usingcli.html

IBM Bluemix Local System is an on-premises system allowing clients to automate and orchestrate complex cloud-enabled applications and cloud-native services concurrently. As such, the PureApplication technology provides its own set of automation and orchestration tools for workload deployment and post-deployment operations. The PureApplication technology also supports Chef and Puppet out of the box, and exposes standard RESTful APIs that can be used to integrate with other orchestration technologies. More information about the REST API can be found here: https://www.ibm.com/support/knowledgecenter/SSL5ES_2.2.2/intel/rest/rat_overview.html
API automation tools Other
Other API automation tools
  • Maestro framework: proprietory technology providing orchestration and post-deployment automation
  • See above
API documentation Yes
API documentation formats
  • HTML
  • PDF
Command line interface Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
  • MacOS
Using the command line interface All operations around pattern creation and deployment, workload management, monitoring, administration and maintenance, available through the console, are also available through che Command Line Interface. More information can be found here: https://www.ibm.com/support/knowledgecenter/SSL5ES_2.2.2/intel/cli/ccc_clicomma.html

Scaling

Scaling
Scaling available No
Independence of resources IBM Bluemix Local System is a physical appliance isolated and dedicated to a single buyer. In addition to that, each IBM Bluemix Local System Cloud Group can be configured to be single-tenant, isolated and dedicated to a team or third-party.
Usage notifications Yes
Usage reporting Email

Analytics

Analytics
Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
  • Other
Other metrics https://ibm.biz/BdiZHY
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations Yes
Datacentre security standards Supplier-defined controls
Penetration testing frequency Never
Protecting data at rest Other
Other data at rest protection approach IBM Bluemix Local System is a physical appliance installed in the buyer’s data centre (or in a third-party data centre if the buyer so wishes). Data protection is managed and performed by the buyer or managing third-party.
In addition to that, each middleware component running on Bluemix Local System can enforce a higher level of data protection, including encryption of data at rest and in motion.
Data sanitisation process No
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • All data on the system can be backed up.
  • Backup requires manual configuration (not provided as a Service)
Backup controls Backup requires manual configuration (not provided as a Service), therefore they are in full control of the users.
Datacentre setup Single datacentre with multiple copies
Scheduling backups Users schedule backups through a web interface
Backup recovery Users can recover backups themselves, for example through a web interface

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Other
Other protection between networks IBM Bluemix Local System is a physical appliance installed in the buyer’s data centre (or in a third-party data centre if the buyer so wishes). Network connectivity and security is managed and controlled by the data centre operation and networking teams.
In addition to that, each middleware component running on Bluemix Local System can enforce a higher level of data protection, including encryption of data at rest and in motion.
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection within supplier network Each Bluemix Local System Cloud Group uses dedicated and private subnets. In addition to that, each middleware component running on the service can enforce a higher level of data protection, including encryption of data at rest and in motion.

Availability and resilience

Availability and resilience
Guaranteed availability IBM Bluemix Local System is a physical appliance installed in the buyer’s data centre (or in a third-party data centre if the buyer so wishes). As the appliance is not managed by IBM, IBM is not responsible for the workload Service Level Agreements.
Approach to resilience Available on request.
Outage reporting IBM Bluemix Local System is a physical appliance installed in the buyer’s data centre (or in a third-party data centre if the buyer so wishes). As the appliance is not managed by IBM, IBM is not responsible to report outages.

Identity and authentication

Identity and authentication
User authentication
  • Identity federation with existing provider (for example Google apps)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels IBM Bluemix Local System is a physical appliance installed in the buyer’s data centre (or in a third-party data centre if the buyer so wishes). As the appliance is not managed by IBM, IBM does not access the system.
Access restriction testing frequency Never
Management access authentication Other
Devices users manage the service through Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for Between 1 month and 6 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for Between 1 month and 6 months
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards ISO/IEC 27001
Information security policies and processes IBM has an Information Technology (IT) Security policy that establishes the requirements for the protection of IBM's worldwide IT systems and the information assets they contain, including networks and computing devices such as servers, workstations, host computers, application programs, web services, and telephone systems within the IBM infrastructure. IBM’s IT Security policy is supplemented by standards and guidelines, such as the Security Standards for IBM's Infrastructure, the Security and Use Standards for IBM Employees and the Security Guidelines for Outsourced Business Services. Such are reviewed by a cross-company team led by the IT Risk organization every six months.

IBM has a dedicated Vice President of IT Security who leads a team responsible for IBM's own enterprise data security standards and practices. Responsibility and accountability for executing internal security programs is established through formal documented policies. IBM Services teams also have dedicated executives and teams who are responsible for information and physical security in the delivery of our client services.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach IBM maintains policies and procedures to manage risks associated with the application of changes to its Cloud Services. Prior to implementation, all changes to a Cloud Service, including its systems, networks and underlying components, will be documented in a registered change request that includes a description and reason for the change, implementation details and schedule, a risk statement addressing impact to the Cloud Service and its clients, expected outcome, rollback plan, and documented approval by IBM management or its authorized delegate.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach With each Cloud Service, as applicable and commercially reasonable, IBM will a) perform penetration testing and vulnerability assessments before production release and routinely thereafter, b) enlist a qualified and reputable independent third-party to perform penetration testing and ethical hacking at least annually, c) perform automated management and routine verification of underlying components’ compliance with security configuration requirements, and d) remediate any identified vulnerability or noncompliance with its security configuration requirements based on associated risk, exploitability, and impact. IBM takes reasonable care to avoid Cloud Service disruption when performing its tests, assessments, scans, and execution of remediation activities.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach IBM maintains and follows policies requiring administrative access and activity in its Cloud Services’ computing environments to be logged and monitored, and the logs to be archived and retained in compliance with IBM’s worldwide records management plan. IBM monitors privileged account use and maintain security information and event management policies and measures designed to a) identify unauthorized administrative access and activity, b) facilitate a timely and appropriate response, and c) enable internal and independent third party audits of compliance with such policies. IBM systematically monitors the health and availability of production Cloud Service systems and infrastructure at all times.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach IBM:
-maintains and follows incident response policies aligned with NIST guidelines for computer security incident handling, and will comply with data breach notification requirements under applicable law.
-investigates security incidents, including unauthorised access or use of content or the Cloud Service, of which IBM becomes aware, and, if warranted, define and execute an appropriate response plan.
-promptly notifies Client upon determining that a security incident known or reasonably suspected by IBM to affect Client has occurred.
-provides Client with reasonably requested information about such security incident and status of applicable remediation and restoration activities performed or directed by IBM.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Supplier
Virtualisation technologies used VMware
How shared infrastructure is kept separate IBM Bluemix Local System is a physical appliance isolated and dedicated to a single buyer. In addition to that, each IBM Bluemix Local System can be segmented in several Cloud Groups. A Cloud Group can be configured to be single-tenant, isolated and dedicated to a team or third-party.

Energy efficiency

Energy efficiency
Energy-efficient datacentres No

Pricing

Pricing
Price £246596 per unit
Discount for educational organisations No
Free trial available No

Documents

Documents
Pricing document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑