Rackspace Ltd

Rackspace Server Virtualization Powered by VMware

With Rackspace Server Virtualization, you can have the agility and cost savings of VMware virtualization, in a dedicated environment, while our specialists manage vSphere® and the underlying physical infrastructure for you.


  • Different Service levels depending on your support needs
  • OS support available with named Account Team
  • Regular account reviews and custom monitoring service available
  • Load Balancers, WAFs, backups/storage, IDS, Log Manager are available
  • Customised patching, run book and roll-back capabilities available
  • 1 hour hardware replacement and 100% network infrastructure SLA
  • 24x7 proactive ITIL service management, trusted advice and thought leadership
  • Fully customisable hypervisors; clone existing VMs in 24 hours
  • Optional Hybrid Cloud capability to burst into Public Cloud+F24:E24:M24


  • 24x7x365 Fanatical Support
  • Mitigate risk with optional 99.999% platform availability SLA
  • Quick resolution of incidents through proactive and robust monitoring solutions
  • Control panel to easily manage account and tickets
  • Reduce costs, improve performance through insight account reporting
  • 24x7 monitoring and management of your hosting environment
  • On-going needs analysis and consulting by dedicated team
  • Protect business critical applications through automated replication tools
  • Reduce operational burden, as Rackspace can manage the OS layer


£173 per instance per month

Service documents

G-Cloud 10


Rackspace Ltd

John Beasley

07788 721 069


Service scope

Service scope
Service constraints Customers will not have direct access to hypervisor or VMware vCenter servers.
System requirements
  • Each environment is designed to customers specifications
  • Anti Virus is included by default on all Windows VMs
  • Anti Virus is optional on Linux VMs

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Up to minimum 15 minutes, max 4 hours depending on severity of support request and service level.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels Rackspace offers three different level of support and management, depending on the individual needs for core provisioning and management of your technology stack.

Intensive Service Level provides a consultative, proactive service approach, where Rackspace is responsible for deep multi-layer monitoring, patching, management and planning for the environment. This is backed by a dedicated account team, consisting of a Service Delivery Manager, Lead Engineer and a Business Development Consultant.

Managed Service Level consists of infrastructure 24x7 monitoring, patching, maintenance and ‘on-demand’ support for the operating system level.

Core Infrastructure Level is a hosting solution specially designed for customers wishing to retain control and flexibility to manage and administer their environment, but do not want the burden of managing infrastructure. Rackspace is responsible for all aspects of the physical data centre, network infrastructure and hardware supply chain, whilst the customer remains responsible for managing the day-to-day administration of their environment, including the operating system, networking devices, monitoring and storage.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Rackspace provides all new customers a ‘101’ introduction to the service, which includes an overview of the service level, including the support team functions, the monthly account review (Intensive service level), service delivery team engagement, change and escalation processes and the MyRackspace portal walk-through.

The MyRackspace portal is a self-management customer tool, which includes a knowledge base feature, and allows the Customer to search through a wealth of documents, covering a variety of hosting-related topics, to answer your questions or help you solve technical issues.

For the Intensive Service, your Rackspace Service Delivery Team will deliver informal training for your technicians on particular topics they would like more information on.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Apart from backup under the Managed Backup service Rackspace does not transfer customer hosted data to portable media under normal operating conditions. Upon request, Rackspace can attach a portable device to customer’s servers. Customers are responsible for transferring data to the portal device and for ensuring personal data, sensitive personal data, and other types of sensitive data are appropriately protected (encryption).
End-of-contract process At the end of the contract, it will automatically roll over to monthly cycle contract unless customer gives one month notice to terminate or renew their contract.
In case customer wishes to terminate contract, Rackspace agrees to plan, cooperate and provide exit assistance in good time to achieve a smooth transition of services with minimal disruption customer’s operation and to continue to provide the services until transfer is complete.

Using the service

Using the service
Web browser interface Yes
Using the web interface Rackspace operates an innovative web-based portal MyRackspace that gives our customers precise, up-to-the-minute information on their web infrastructure. Features include:

◾Incident Management – Submit, search, view and update support request tickets
◾DNS Administration – View and configure your domains and sub-domains managed on Rackspace DNS servers
◾Manage Your Account – View invoices, add users, change user access permissions
◾Server Tools – Edit device names, nicknames and logins and view your server configurations
◾Firewall Configuration Management – View permit and deny rules in the access control lists; authorised users can add and delete simple permit rules
◾Virtual Server Management – Create new VMs, take snapshots, clone or template, turn your VM on or off or restore a VM from a snapshot
◾Bandwidth & Backup Utilisation Reporting – View usage date for all devices, view backup configurations and status
◾SSL Certificates – Review and purchase SSL certificates for your domains hosted by Rackspace
◾Rackspace Email – View the mailboxes and domains you’ve configured in the Rackspace mail solution, configure anti-virus, spam filtering and white list settings
◾Knowledge Base – Search through a wealth of documentation covering a variety of hosting related topics
Web interface accessibility standard None or don’t know
How the web interface is accessible The web interface can be accessed via secure internet.
Web interface accessibility testing No testing has been completed with users of assistive technology.
Command line interface No


Scaling available Yes
Scaling type Manual
Independence of resources There are no shared infrastructure components among various customers and therefore will not impact with other users demands.
Usage notifications Yes
Usage reporting Email


Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • Memory
  • Network
Reporting types
  • Real-time dashboards
  • Regular reports


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency Never
Protecting data at rest Other
Other data at rest protection approach Data Encryption is implemented as per the customers requirements.
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • Files, Folders
  • Optionally full image backup of VM
  • Open database backup
Backup controls Rackspace will perform backups of data on your servers using CommVault data protection software. The backup process is structured to meet our customer’s business needs and requests. The default schedule is performed weekly full / daily differential with retention rates of two or four weeks (default is 2 weeks). Incremental backups are available upon request. Rackspace will work with customer to help define a solution that will meet your specific business needs / demands. Rackspace will be responsible for data restoration should the need arise.
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Users contact the support team to schedule backups
Backup recovery Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network Other
Other protection within supplier network Dedicated customer Virtual networks (VLAN) are used to logically segment customers on the Rackspace network into different broadcast domains so that packets are only switched between ports that are designated on the same VLAN.

Firewalls protecting the customer from the Rackspace public network and from the Internet are implemented, configured and managed by experienced Internet security specialists according to the customer’s explicit requirements. Firewalls are configured with Access Command Lists (ACL) which prevent access to private internal IPs and deny access to all non-Administrative ports.

Availability and resilience

Availability and resilience
Guaranteed availability Below are the availability SLAs: -Power: A/C power to the outbound port on your serving PDU will be available 100% of the time. -Network: The data centre network will be available 100% of the time in a given month. -1 Hour Hardware Replacement: Rackspace will repair or replace failed hardware components that we provide at no additional cost, and within an hour of identifying the problem. -Support Request Response Times : As part of intensive service level, Rackspace provides 15 minutes response time SLA for emergency upto 4 hours for standard priority tickets. -Platform Availability Guarantee (PAG): As part of intensive service level, Rackspace can additionally provide platform availability guarantee of upto 99.999% Should there be a failure to meet any SLA objectives, the Service Delivery Manager will calculate the appropriate performance credit as per the contractual agreement, and complete the necessary internal approval process. Once approved, the credit is issued to the customer account and can be offset against pending or future invoice. A relevant ticket is also created and the credit note stored on the customer portal for long-term record keeping.
Approach to resilience Disaster Recovery (DR) can be provided in a variety of ways. These vary from application level down to hypervisor or storage replication utilising hypervisor technology such as VMware SRM (Site Recovery Manager) and/or storage array technology, such as EMC RecoverPoint to replicate data between sites. Rackspace can provide multiple data centres per region in a majority of cases, utilising Rackspace sites, and/or cloud platforms such as AWS or Azure. Rackspace will work with customers to understand their disaster recovery/resilience requirements, and will architect a solution designed to meet the defined recovery time / point objectives.
Outage reporting Following a major incident, a customer may request an Incident Report from the Rackspace Service Delivery Manager. This report will be delivered via email and contains a summary of the events that occurred, along with a root cause analysis and preventative actions.

Identity and authentication

Identity and authentication
User authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Customers do not have direct access to hypervisors or virtual center.
Rackspace access control policies based on the principles of ‘least privilege’ and ‘segregation of duties.’

Customer solutions reside on their own dedicated VLAN. Rackspace administrative access to dedicated customer solutions is performed via the Bastion Servers, which act as segregation points between the Rackspace corporate network and the customer environment. Access via the Bastion Servers is subject to stringent logging controls.
Access restriction testing frequency At least every 6 months
Management access authentication 2-factor authentication
Devices users manage the service through Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information You control when users can access audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information You control when users can access audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 BSI
ISO/IEC 27001 accreditation date 21/03/2016
What the ISO/IEC 27001 doesn’t cover Software development controls are excluded and some international office space is not in scope.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification Yes
Who accredited the PCI DSS certification Protiviti
PCI DSS accreditation date 03/09/2016
What the PCI DSS doesn’t cover N/A
Other security certifications Yes
Any other security certifications ISAE 3402 Type II / SOC

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards PCI-DSS Level 1 Service Provider
Information security policies and processes Rackspace’s Leadership Team has assigned lead responsibility for information security to the Chief Security Officer. The Chief Security Officer has reviewed and approved the information security management system (ISMS), which demonstrates the commitment to the establishment, implementation, operation, monitoring, review, maintenance and improvement of the ISMS. The Chief Security Officer collaborates with Rackspace Legal to monitor compliance with all local, state, and federal laws and regulations that apply to Rackspace.

Rackspace has documented policies which meet the recommendations of the ISO27001 standard (including an Information Security Policy).The Rackspace Information Security Policy is reviewed at least annually or as a significant change occurs to ensure its continuing suitability, adequacy, and effectiveness.

Supporting policies include:
-Global Rackspace Corporate Information Security Policy
-Global Organization of Corporate Information Security Policy
-Management of Information Security Incidents Policy
-Global Information Technology Risk and Compliance Policy
-Global Business Continuity Policy
-Global Supplier Relationship Management Policy
-Global Communication Security Policy
-Global Operations Security Policy
-Global Physical Security Policy
-Global Access Control Policy
-Global Asset Management Policy
-Global Vulnerability Management
-Global System Acquisition Development and Maintenance Policy
-Global Cryptography Policy

Policies and processes are audited internally and externally by an independent assessor.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach CORE is Rackspace proprietary hosting automation platform, to facilitate change control with the provisioning, changing, and scaling of customer’s hosting environment. CORE centralises all information about customer and their hosting configuration and manages all change related tasks and communication.
CORE seamlessly assigns work across Rackspace resources for issues that require multiple teams to troubleshoot, and by carefully controlling changes, we are able to achieve guaranteed uptime and minimise any impact on customer business operations

Rackspace utilises a Technical Change Management to control changes to the shared infrastructure. Proposed technical changes are subject to Change Board approval according to defined thresholds.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Rackspace maintains an ISO27001 certified internal vulnerability management programme that includes regular vulnerability assessments of the corporate network intended to identify, assess and remediate technical vulnerabilities. In addition, the PCI Merchant program requires quarterly scans of the internal network for vulnerabilities; remediation follows PCI standard guidelines.

Customers can specify the desired frequency to apply patches, however by default:
1) Linux updates are pushed into the Intensive channels once a month.
2) Windows monthly patches are released across three separate weeks.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Rackspace data centers and Network Operations Center (NOC) are manned 24/7/365.

Rackspace will implement our “RackWatch” programme, which is our network monitoring service. Numerous monitoring levels are available depending on service level and segment. Our experienced technicians will automatically take action in your best interest within agreed support procedures.

Please note that the level of alerting and monitoring depends on the service selected.

Rackspace will respond via agreed communication channels approved by the customer

Rackspace will respond as soon as possible to incidents, at a minimum within agreed SLAs.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Rackspace maintains formal incident response processes concerning both corporate network incidents and incidents affecting customer solutions. Incidents that affect more than one customer or Rackspace operations (Enterprise Impacting) are managed from a centralised tool that provides alerting and escalation paths and procedures, communication procedures and command, control and communication across all Rackspace facilities.

Rackspace will work with you to institute a formal incident response plan for your environment. Rackspace can optionally provide a dedicated Intrusion Detection Service device with Managed Services for this purpose.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Supplier
Virtualisation technologies used VMware
How shared infrastructure is kept separate There are no shared infrastructure components for compute and networking. Our managed back up utilises an independent private network for backups running on network equipment to minimise network security concerns. Rackspace will create a new zone configuration for every host which is connected to the shared SAN environment. This zoning includes the unique World Wide Name (WWN) for the Host Bus Adapter (HBA) which is physically installed in each server and the WWN of the particular storage array that contains their disk assignment. This association blocks access to any storage array for which a server is not explicitly provided access.

Energy efficiency

Energy efficiency
Energy-efficient datacentres No


Price £173 per instance per month
Discount for educational organisations No
Free trial available No


Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑