Vodafone Limited

Private Cloud

Hosted Private Cloud is a service – hosted and managed by Vodafone – that provides you and your employees with the ability to use a self-service portal to manage virtual compute, storage, disaster recovery and networking services running on dedicated physical infrastructure.


  • Dedicated cloud computing
  • Single tenant
  • Self Service
  • Automated provisioning
  • Network Virtualisation
  • Virtual Machines
  • Storage and Backup
  • Integration with additional Cloud & Hosting services e.g. Managed Hosting
  • Software Defined Data Centre approach


  • Secure platform
  • Fixed Cost
  • Flexible levels of management
  • Full control
  • Dedicated Private Cloud for increased security
  • Shared Private Cloud available for low cost entry
  • Secure Network Connectivitity
  • Managed Service Options
  • API's and Automated Provisioning
  • Connected with Public Cloud


£51.17 to £223.65 per virtual machine per month

Service documents

G-Cloud 10


Vodafone Limited

Nicola Penrice

+44 (0) 7467339990


Service scope

Service scope
Service constraints The service is provided out of Uxbridge, Swindon, Leeds, US, Singapore, Hong-Kong, Spain and Ireland DC Datacentres
There is a pre-defined catalogue of service requests; minimal flexibility
Pre-defined supplier developed API
Pre-defined Operating Systems, no customer provided images.
Minimum size entry for Private Cloud of 1 compute unit.
System requirements
  • Internet access for connectivity to the Self-Service Portal.
  • Access to the infrastructure through Internet or MPLS connectivity

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Severity Level 4, Non-Service Affecting, but requiring some investigation or corrective action including information requests are responded to via the Service Desk on a normal business working hours basis (9am to 5pm). The Service desk team have a target to answer calls within 20seconds 90% of the time.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support No
Support levels Vodafone catagorises support into severity levels as follows:
Severity 1 resolution within 4 business hours.
Severity 2 resolution within 4 business hours
Severity 3 resolution within 48 hours
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started Two phase approach with Go-live taking you through the service and handover the solution. A Delivery Handbook and Operations Handbook is provided covering Service desk, self-service,Admin tools, Reporting & Billing.
Early Life Support phase, for the first week from go-live Vodafone are available to build your confidence and knowledge of the solution.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Customers can extract their data over the Network connection into the Vodafone Private Cloud Platform or alternatively Vodafone can provide a range of professional services for data extraction.
End-of-contract process Exit charges may apply.

Using the service

Using the service
Web browser interface Yes
Using the web interface Users can provision virtual compute, storage and software defined networking through the portal, which provides a catalogue of standardised services which can be provisioned within minutes. The portal can be used to also managed those resources post provisioning allowing for the scaling up in line with business demand.
Web interface accessibility standard None or don’t know
How the web interface is accessible N/a
Web interface accessibility testing N/a
What users can and can't do using the API Using the API customers can place requests for the service catalogue items available on Private Cloud using their internal systems.
API automation tools Ansible
API documentation Yes
API documentation formats PDF
Command line interface No


Scaling available Yes
Scaling type Manual
Independence of resources N/a
Usage notifications Yes
Usage reporting
  • Email
  • Other


Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • Memory
  • Network
Reporting types Regular reports


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Hardware containing data is completely destroyed
Equipment disposal approach A third-party destruction service

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • Near-line (on-site) and off-site backup.
  • Restore your data, covering file, application, machine level point-in-time copies.
  • Compression and de-duplication of data to reduce costs.
  • Provides on-site storage with spinning disks.
  • Providing increased backup/recovery performance in comparison to traditional tape.
  • Off-site tape services, utilising secure facilities (commercial service) storing tapes.
Backup controls Both Managed and Unmanaged Virtual Machines can be backed up via Vodafone’s Data Protection service. Image-based backups are deployed as standard, however file-based backups, providing more granular selection and control, are available for Managed Virtual Machines. Managed Virtual Machines also have their Operating Systems backed up (and restored, if required) as part of the standard service.
You can select backup policies for both compressible data, thereby benefiting from a lower cost tariff as data is de-duplicated or uncompressible data, with a slightly higher cost tariff in which data is encrypted and cannot be de-duplicated.
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Users schedule backups through a web interface
Backup recovery Users can recover backups themselves, for example through a web interface

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Private network or public sector network
Data protection within supplier network IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability 99.90%
Approach to resilience Each of the Vodafone data centres has resilient, high bandwidth connectivity to our Internet backbone over Vodafone fibre, as well as being connected to our Multi-Service Platform next-generation network. This enables the Flexible Comptuing for Government solution to be accessed over your WAN via the MPLS network services such as PSN(P), Ethernet Wireline and other bandwidth products.
Outage reporting Customers will be provided with monthly service performance reports against Key Performance Indicators. This will include a summary of monthly service subscriptions by application, and measurement of actual performance against SLA terms.

Identity and authentication

Identity and authentication
User authentication Username or password
Access restrictions in management interfaces and support channels Username on Password – via HTTPs or Vsphere Client only from basion hosts (Limited Access) withing the management network (segregated network) that have no access to the outside.
Access restriction testing frequency At least once a year
Management access authentication 2-factor authentication
Devices users manage the service through Dedicated device on a segregated network (providers own provision)

Audit information for users

Audit information for users
Access to user activity audit information No audit information available
Access to supplier activity audit information No audit information available
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 LRQA are Vodafones ISO27001:2013 accreditor
ISO/IEC 27001 accreditation date 01/05/2017
What the ISO/IEC 27001 doesn’t cover N/a
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification Yes
Who accredited the PCI DSS certification NCC Group
PCI DSS accreditation date 08/08/2017
What the PCI DSS doesn’t cover Vodafone holds 5 PCI DSS certificates covering:
Retail Environment
Voice Payments
PCI Zone - multi channel payments

Functions and process not involved in the processing of payment card data
Other security certifications Yes
Any other security certifications
  • CAS(T) certification for our MPLS Fixed Line Network
  • ISO22301:2015 for all Vodafone UK business units and functions

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes All detailed in the UK and Group policy library and governed by the UK policy framework. Key polices are Information Security, Classification & materials handling, Vulnerability and Patch management, risk management, change management, incident management.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Formal management responsibilities and procedures within Vodafone are in place to ensure satisfactory control of all changes. When changes are made, an audit log containing all relevant information is retained on the Vodafone change management system. Changes to operational systems are only made when there is a valid business reason to do so, such as an increase in the risk to the system.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Vulnerability scanning is performed by industry standard a vulnerability management platform. Governance is in place to ensure that appropriate patching and/or remedial action is reviewed and implemented according to the severity and business impact of the vulnerability.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Vodafone has logging and monitoring capabilities in place along with appropriate storage of log data. The monitoring capability and events are managed and stored within the SIEM solution. The SIEM solution has been built in line with GPG13 DETER.
Incident management type Supplier-defined controls
Incident management approach Incident management processes are in line with ITIL best practice, and integrated with event, problem and change management processes.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Supplier
Virtualisation technologies used VMware
How shared infrastructure is kept separate This is a Private Cloud designed and dedicated to cater for one organisation only.

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes


Price £51.17 to £223.65 per virtual machine per month
Discount for educational organisations No
Free trial available No


Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑