Netscan Limited

Managed Private Cloud (Assured)

Complete private cloud solution utilising integrated storage technology, and a comprehensive 24 hour monitoring/management service that provides a round-the-clock virtual IT department. Powerful, cost-effective, scalable and flexible.

Managed, secure services over internet or JANET, for customers requiring an OFFICIAL platform based upon Assured or Elevated architecture (previously IL2 and IL3).


  • Flexible, Scalable Cloud Infrastructure
  • Enterprise Grade Performance in a UK Energy Efficient Datacentre
  • Full Image and incremental backups of all VMs
  • Robust security across the platform, providing a secure environment
  • Linux and Windows Server options
  • Choose your own hardware requirements, and scale immediately when required
  • 24hr proactive management, monitoring and optimisation by our experts
  • Disaster Recovery options available
  • Private Cloud, fully owned - install in any datacentre
  • Staff training options for monitoring and management.


  • Integrated SAN for maximum affordability
  • Full server image backups included
  • Powerful, fast storage, based on SSD and SAS hybrid arrays
  • Autoscaling for peaks in traffic
  • Unlimited 24x7x365 technical support
  • Automatic Failover giving true High Availability (HA) and maximum uptime
  • High end security throughout the platform
  • Migration Assistance from our team
  • Total control of cloud servers through a user-friendly control panel
  • All data stored within the UK and protected under ISO27001.


£8135 per unit per month

  • Education pricing available
  • Free trial available

Service documents


G-Cloud 11

Service ID

6 6 6 5 0 2 2 1 3 4 0 2 2 5 7


Netscan Limited

Peter Duggal


Service scope

Service constraints
Scheduled maintenance is always carried out with at least 4 weeks advance notice
System requirements
Antivirus software is recommended on virtual servers

User support

Email or online ticketing support
Email or online ticketing
Support response times
60 minutes SLA, 24/7/365
User can manage status and priority of support tickets
Online ticketing support accessibility
None or don’t know
Phone support
Phone support availability
24 hours, 7 days a week
Web chat support
Onsite support
Onsite support
Support levels
NetscanUK provide response times from 5 minutes depending on the priority/severity of the incident or request 24/7.
Support available to third parties

Onboarding and offboarding

Getting started
Onsite training is provided where agreed.
Service documentation
End-of-contract data extraction
All data is provided in a portable archive.
End-of-contract process
The services are provided as outlined, with no additional costs except where the service is customised in agreement with the user.

Using the service

Web browser interface
Using the web interface
Users can manage VMs and Cloud Resources within the client area.
(Servers can be created/deleted/rebooted/suspended/powered on and off etc.)

All support requests can be raised through the web interface.

Profile and account information can be managed through the web interface. Additional contacts can be added/removed.
Web interface accessibility standard
None or don’t know
How the web interface is accessible
Web interface is responsive, and scalable.
Web interface accessibility testing
Basic testing
What users can and can't do using the API
All API access/management is carried out on a custom basis directly with our technicians.
API automation tools
API documentation
API documentation formats
Command line interface
Command line interface compatibility
  • Linux or Unix
  • Windows
Using the command line interface
Root access to all services is provided.


Scaling available
Scaling type
Independence of resources
All instances are segregated with defined limits on usage.
Usage notifications
Usage reporting


Infrastructure or application metrics
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
Reporting types
Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
What’s backed up
  • Virtual Machines
  • Configuration
  • Files
  • Folders
  • Databases
Backup controls
Requests can be made through the support channel to manage backup schedules as per the user requirement.
Datacentre setup
Single datacentre with multiple copies
Scheduling backups
Users contact the support team to schedule backups
Backup recovery
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
NetscanUK guarantees that the NetscanUK network will be available 100% of the time, excluding Maintenance. Customer is eligible for a credit for Network Downtime for any breach of this guarantee, which can be verified by NetscanUK’s technical support team. “Network Downtime” is defined as an inability to transmit and receive data caused by failure of network equipment managed and owned by NetscanUK and/or any upstream partners of NetscanUK, excluding Maintenance, but including managed switches, routers, and cabling.
Approach to resilience
Available on request
Outage reporting
Email alerts

Identity and authentication

User authentication
Public key authentication (including by TLS client certificate)
Access restrictions in management interfaces and support channels
VPN access only with 2FA
Access restriction testing frequency
At least every 6 months
Management access authentication
2-factor authentication
Devices users manage the service through
Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

Access to user activity audit information
You control when users can access audit information
How long user audit data is stored for
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications
Any other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
Adherence to ISO 27001 throughout

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Internal system developed that audits and logs all changes made to any system/configuration. Changes are implemented on test infrastructure before being placed in production.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Internal systems developed over an 18 year period to monitor and mitigate threats.

Patches are deployed for any known vulnerability/exploit within 4 hours.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Infrastructure is monitored on a 2 minute basis, 24 hours a day.
Potential compromises are mitigated through custom software developed in house over an 18 year period that can be demonstrated to the user on request.
Incidents are responded to within an average of 10 minutes.
Incident management type
Supplier-defined controls
Incident management approach
Incidents managed as per ISO 27001 guidelines.
Users report incidents through support channel (ticket/phone).

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Who implements virtualisation
Third-party virtualisation provider
How shared infrastructure is kept separate
Strict firewall implementation along with built in cloud management layer segregation

Energy efficiency

Energy-efficient datacentres


£8135 per unit per month
Discount for educational organisations
Free trial available
Description of free trial
For customers making a 2 year commitment, we provide a 3 month free trial on all services rendered. (No cancellation fee within first 3 months of the free trial)

Service documents

Return to top ↑