MarkLogic Corporation

MarkLogic Enterprise NoSQL Database Server (UK Government Edition)

MarkLogic Server (inc. Semantics Search + Advanced. Security + Tier Storage + X-Query + XA Trans. + Advanced Geospatial) is the only Enterprise NoSQL database delivering a unified software platform/database with built-in search/alerting & integrated application services. MarkLogic's XML/RDF-centric, schema-agnostic, No-ETL, secure, ACID-compliant, real-time, mission-critical, enterprise-scalable, data-management solutions.


  • Enterprise NoSQL database delivers mission-critical big-data capabilities, applications & solutions
  • Patented universal index drives embedded search/query and real-time alerting capabilities
  • ACID compliance ensures zero data-loss with full transactional integrity
  • Clustered, high-availability/DR; automated-failover & backup delivers complete enterprise assurance
  • Automated, cluster-management & unique flexible-replication gives full function anytime/anywhere.
  • Government/military-grade security at document and compartment level protects all data.
  • Enterprise scalability and automated server elasticity provides smooth cloud experiences.
  • Cloud deployment provides flexibility to meet all requirements.
  • Powerful analytics with flexible visualisation options provide user-friendly application interfaces.
  • Semantic/triple-store & object-based-production provide perfect platforms for secure applications.


  • The only enterprise NoSQL database: scalable; robust; ACID-compliant; transactional; secure
  • Eliminate data silos: Massively reducing schema-design costs & ETL overhead/timescales
  • Create a single enterprise data-layer. Significantly reducing integration costs/resources
  • Develop applications faster: Agile development accelerates time-to-value and future flexibility
  • Rapid data ingestion: Loads all data “As-Is” with automated indexing
  • Reduce data storage costs: Efficient tiered-storage & Hadoop Interoperability options
  • Secure your data: government-grade security for industry leading data protection
  • Single intelligence environment: NoSQL database; semantics; search; graph & application-framework
  • Mission-critical systems: Real-time search and alerts, deliver sub-second applications performance
  • Efficient clustering, data-compression/indexing & cloud hosting reduces hardware costs


£22050 per licence per year

Service documents


G-Cloud 11

Service ID

6 8 7 3 9 1 6 6 9 2 5 5 9 4 6


MarkLogic Corporation

Chris Cherry

+44 (0)7798 534528

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints No applicable constraints.
System requirements
  • Cloud agnostic - public, private, community or hybrid cloud
  • Commodity Intel x64 processor

User support

User support
Email or online ticketing support Email or online ticketing
Support response times MarkLogic Support offers comprehensive 24/7 support for the MarkLogic software. In addition MarkLogic Consulting Services can offer application and service support. Typically this will only be while we are developing and delivering services and long-term support would be provided by our customers' teams after transition to business-as-usual.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels MarkLogic has one level of support, which includes 9:00am to 5:00pm support in customer local time for P2, P3 and P4 incidents, and 24x7 support for P1 incidents, as defined in our Support Handbook. We have support engineers configured geographically to cover all timezones, and will "follow the sun," handing off as necessary to work P1 incidents until they are resolved. P2 through P4 incidents are typically handled by a single support engineer, although occasionally these will also be handed off to take advantage of an engineer's language, timezone, or technical expertise. Support personnel are tightly integrated with the product engineering team and provide the interface between the customer and the product engineering team.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started MarkLogic provides a variety of training options tailored to customer requirements, whether it is a new customer just getting started with MarkLogic or an organisation that needs customised, private training for an entire team. Successful implementation and self-sufficiency in utilising the MarkLogic platform is our goal for customers, so our entire education programme is available free of charge. MarkLogic University (MLU) offers a full curriculum of training. Training is available as live, instructor-led online courses and many courses are also presented as pre-recorded self-paced training to suit the learning style and preferences of individual learners. Additionally, MLU provides a wealth of small on-demand modules around specific features. Learning Assessments help our customers to track the attainment of their teams’ skills through the training and ultimately MarkLogic Professional Certification is available to recognise mature skills in your team. Documentation around all parts of the MarkLogic Server platform is provided by our dedicated technical documentation team and available on the MarkLogic Developer website.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction MarkLogic Server is cloud agnostic and specifically designed to avoid cloud lock-in.

At the end of the contract, the user can extract and continue to use their data by the following methods: A backup archive of all data can be generated and migrated to a different cloud service; MarkLogic utilises standard data formats for storage (XML and JSON) allowing this data can be extracted and used.
End-of-contract process At the end of the contract if the buyer decides not the renew then the buyer is responsible for ensuring the export and archive of their data from a production MarkLogic before license expiry.

If the buyer requires consulting expertise on this process this is available at an additional cost at standard consulting rates.

Using the service

Using the service
Web browser interface No
Application to install Yes
Compatible operating systems
  • Linux or Unix
  • MacOS
  • Windows
Designed for use on mobile devices No
Service interface No
What users can and can't do using the API MarkLogic Server provides a number of APIs including REST, XCC, SQL, ODBC and WebDav. Wrappers for common programming languages are also provided, including Java, JavaScript and Node.JS and others. All APIs are comprehensively documented.

Two of the core APIs are the Client REST API and Management REST API.

The Client REST API is a REST-based API for creating applications that with document manipulation and search capabilities. Use the web services provided by the API to create, read, update, delete, and search content in MarkLogic Server.

The Management API is a REST-based API that allows you to administer MarkLogic Server and access MarkLogic Server instrumentation with no provisioning or set-up. You can use the API to perform administrative tasks such as initialising or extending a cluster; creating databases, forests, and App Servers; and managing tiered storage partitions. The API also provides the ability to easily capture detailed information on MarkLogic Server objects and processes, such as hosts, databases, forests, App Servers, groups, transactions, and requests from a wide variety of tools.
API documentation Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation MarkLogic Server provides a cloud agnostic platform to build application that store all kinds of data, including content, geospatial data, numeric data, binary data, and so on. Developers build applications using XQuery and/or Server-Side JavaScript both to search the content and as a programming language in which to develop the applications. The applications can integrate with other environments via client APIs (Java, Node.js, and REST), via other web services, or via an XCC interface from Java or .NET. But it is possible to create entire applications using only MarkLogic Server, and programmed entirely in XQuery or Server-Side JavaScript.


Independence of resources MarkLogic Server is cloud agnostic and deployed on cloud infrastructure with resources as specified by the buyer.

For an AWS deployment option MarkLogic Server would be deployed on EC2 instances dedicated to the buyer and their users only. For other cloud platforms similar separation of infrastructure and users is available.


Service usage metrics Yes
Metrics types MarkLogic Server provides service metrics for CPU, disk, memory and network. The Monitoring History feature allows the capture and view of critical performance data from your cluster. Once the performance data has been collected, the data can be viewed in the Monitoring History page. The top-level Monitoring History page provides an overview of the performance metrics for all of the key resources in a cluster. For each resource, you can drill down for more detail. The time-span of the viewed data can also be adjusted and filters applied to view the data for select resources to compare and spot exceptions.
Reporting types
  • API access
  • Real-time dashboards


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency Less than once a year
Penetration testing approach In-house
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
Other data at rest protection approach MarkLogic is cloud-agnostic and deployed with protection of data at rest requirements as specified by the buyer.

For AWS deployments this can be achieved using EBS volume encryption to protect data at rest inside the volume, data moving between the volume and the instance and all snapshots created from the volume.

Native encryption rest is also supported and enables the transparent and selective encryption of data residing on disk in a cluster. External Key Management Systems(KMS) are also supported allowing the separation of control between the MarkLogic administrator and the security administrator who controls the KMS further enhancing the protection.
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach MarkLogic Server provides a number of different mechanisms to search, query and export data.

For performing bulk export the primary tool is the MarkLogic Content Pump (mlcp). This is an open-source, Java-based command-line tool. mlcp helps to export, and copy data to or from MarkLogic databases.
Data export formats Other
Other data export formats
  • XML
  • JSON
Data import formats
  • CSV
  • Other
Other data import formats
  • XML
  • JSON

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection between networks MarkLogic Server is cloud agnostic and deployed on infrastructure with protection between networks as specified by the buyer.

For an AWS deployment option MarkLogic Server would be deployed on a VPC and encrypted connectivity provided via an encrypted VPN over the internet or AWS Direct Connect.

For other cloud platforms similar network encryption or dedicated network links are available.
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection within supplier network MarkLogic Server is cloud agnostic and deployed with protection within the network as specified by the buyer.

For an AWS deployment option this includes logically network isolation using a VPC and VPN encryption between different availability zones. MarkLogic Server also provides SSL encryption for both the internal protocol (XQDP) and external (HTTP) communication should the server nodes not reside within a secure network.

Other cloud platforms provide similar data protection within the network.

Availability and resilience

Availability and resilience
Guaranteed availability MarkLogic is cloud agnostic and deployable with SLAs as specified by the buyer.

For an AWS deployment option by employing a highly available/disaster recovery configuration across multiple availability zones and regions availability in excess of 99.99% is achievable.

For other cloud platforms similar capabilities are available.
Approach to resilience MarkLogic is cloud agnostic and the level of service resilience is specified by the buyer. Further information as to service resilience capabilities is available on request.
Outage reporting MarkLogic is cloud agnostic and deployed with service monitoring available as specified by the buyer.

For an AWS deployment option outage reporting is available via a public dashboard, API and email alerts.

MarkLogic also provides plugins for the Nagios and New Relic application performance management and monitoring tools.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels MarkLogic Server is cloud agnostic and the restriction in management interfaces and support channels is specified by the buyer.

For an AWS deployment option this is achieved using the IAM Service where you can centrally manage users, security credentials such as passwords, access keys, and permissions policies that control which AWS services and resources users can access.
Access restriction testing frequency At least every 6 months
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications
  • Common Criteria Certified
  • PL3/ICD 503
  • Cyber Security Essentials
  • FIPS 140-2
  • NIST 800-53, ICD 503, SSAE 16
  • HIPAA, SOX 302/404
  • FedRAMP
  • ISO/IEC 15408 EAL2 with ALC_FLR.3 certification
  • EU 95/46/EC

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards Other
Other security governance standards MarkLogic Server has achieved Common Criteria security certification. This is an internationally recognised International Standards Organisation standard (ISO/IEC 15408) used by governments and other organisations to assess the security capabilities of technology products.
Information security policies and processes The MarkLogic Information Security Policy (ISP) contains policies and procedures for remote access, network security, physical security, email & web conferencing security, password security, clean desk policy, data handling privacy and protection, backup & restoration, security breach/incident response policy and procedures and password security.

A copy of the ISP is distributed to all employees who have to acknowledge receipt and review of the company’s ISP. The ISP is also included as part of the new hire orientation for all new employees. changes made to the ISP are updated to the internal MarkLogic portal.

The VP of I.T. is the designated Chief Information Security Officer (CISO). Other members of the MarkLogic security team include SVP Engineering, Senior Director – I.T. compliance, EVP – Products and the Lead Security Engineer.

In addition, we have a dedicated Facilities Security Officer who provides security briefings for security cleared employees at least on an annual basis

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Available on request.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Finders who believe they have discovered a vulnerability in MarkLogic products should contact MarkLogic. To protect the user community, MarkLogic requests that the finder follow the coordinated disclosure process and not post any information in public forums until after product updates are released. MarkLogic will validate the issue and verify whether any currently supported products are affected.

MarkLogic will coordinate a plan of action to resolve the issue and communicate concerning the vulnerability. Response could range from workarounds to patches, depending on the severity and impact of the issue (as determined by CVSS scoring).
Protective monitoring type Supplier-defined controls
Protective monitoring approach MarkLogic has established a protective monitoring process to conform to SSAE16 requirements.
Incident management type Supplier-defined controls
Incident management approach MarkLogic has established incident management processes to conform to SSAE16 requirements.

MarkLogic has a comprehensive security breach/incident response plan that defines procedures for reporting and responding to security incidents that may compromise the availability, integrity, and confidentiality of MarkLogic’s information systems, network resources or data. This plan covers phases of preparation, identification, assessment, containment, eradication, recovery and follow-up.

Employees can report an incident via an incident response reporting form, email or verbally to their manager or the CISO.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £22050 per licence per year
Discount for educational organisations No
Free trial available Yes
Description of free trial We offer a free developer edition which is fully provides all MarkLogic features. The developer edition for non-production use and is limited to 1TB data. Full enterprise support is not available on the developer edition.
Link to free trial

Service documents

Return to top ↑