Sitecore Azure Managed Cloud

The provision of Sitecore digital website hosting on the Microsoft Azure Platform. This includes design, set-up, configuration and management on a 24/7/365 basis.


  • Managed Sitecore Hosting on Azure
  • Specialist Sitecore support and configuration
  • SLA based support on response and resolution
  • On-going monitoring and optimisation


  • Central support and co-ordination across multiple vendors
  • Sitecore specialism from Platinum Partner
  • Tuned and experienced Sitecore tailored design and configuration
  • Based on the Azure platform. Leading .Net Cloud provider
  • Relationship from Rackspace for deep infrastructure knowledge
  • 24/7/375 support


£10000 to £150000 per unit per year

Service documents

G-Cloud 10



Marcus Taylor

02920 666655


Service scope

Service scope
Service constraints No constraints
System requirements Sitecore Experience Platform Licence

User support

User support
Email or online ticketing support Email or online ticketing
Support response times We have SLA that includes response and resolution times. Each SLA is bespoke to customer needs. We operate e-mail ticketing and a dedicated phone line.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.0 AA or EN 301 549
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Our services include the managed hosting of Sitecore hosting on either a PaaS or IaaS basis. Kagool operates a tiered process of associating priority levels and an associated SLA. The nature of the customer's site influences the nature of the support requested. Each customer has a bespoke SLA and costs related to the service provision needed.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started Users interested in either building a new Sitecore site with managed hosting or transferring an existing hosted solution. Should contact Kagool in order to start an assessment on how to on-board.
Part of the process would involve designing the appropriate architecture, building it and then creating/migrating the Sitecore instance.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Based on the service being Managed Azure we would either provide transfer of the assets to an alternative subscription or provide exports for the customer to arrange an alternative supplier.
End-of-contract process Any migration costs are additional unless agreed as part of the original Hosting Statement of Work

Using the service

Using the service
Web browser interface No
Command line interface No


Scaling available Yes
Scaling type
  • Automatic
  • Manual
Independence of resources This is included as part of the service design as part of the platform design. The scaling is dependent on whether the solution is IaaS or PaaS
Usage notifications Yes
Usage reporting
  • Email
  • Other


Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Reseller providing extra features and support
Organisation whose services are being resold Microsoft, Rackspace

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process No
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • Virtual Machines
  • Files and Folders
Backup controls Users request the level and frequency of the requested back-ups in line with their organisations target RPO and RTO
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Users contact the support team to schedule backups
Backup recovery Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability The level of availability is dependent on the design. Availability of Azure machines are dependent on numerous factors. Such as clustering, load balancing, failover configuration. We can offer the desired level of availability based on customer requirements
Approach to resilience Available on request
Outage reporting Any outages are made available by public dashboard as well as e-mail alerts sent to our customer base.

Identity and authentication

Identity and authentication
User authentication
  • Identity federation with existing provider (for example Google apps)
  • Username or password
Access restrictions in management interfaces and support channels We have access to support portals. This has specific access management controls where the access and level of is controlled. This applies to our support portal, Rackspace and Azure portal.
Access restriction testing frequency At least every 6 months
Management access authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 United Registrar of Systems
ISO/IEC 27001 accreditation date 26 March 2014
What the ISO/IEC 27001 doesn’t cover Not Applicable
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes We operate a fully accredited ISMS within the overall Business Management System. This includes 25 specific Information Security Policies. Information security is treated at the highest level and the Managing Director holds the board level responsibility.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach We run Change Approval Boards in line with the ISP13 (Change Control) which is part of the overall ISMS. The ISMS underpins our ISO 27001
Vulnerability management type Supplier-defined controls
Vulnerability management approach We run assess vulnerabilities in line with Information Security Policy which is part of the overall ISMS. The ISMS underpins our ISO 27001
Protective monitoring type Supplier-defined controls
Protective monitoring approach We run monitoring services in line with Information Security Policy which is part of the overall ISMS. The ISMS underpins our ISO 27001
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach We run incident management investigation in line with Information Security Policy which is part of the overall ISMS. The ISMS underpins our ISO 27001

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Supplier
Virtualisation technologies used Other
Other virtualisation technology used Azure Virtualisation approach
How shared infrastructure is kept separate Each machine is a dedicate compute instance via the Azure cloud if running as IaaS. Or seperate Web App if running as PaaS

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes


Price £10000 to £150000 per unit per year
Discount for educational organisations No
Free trial available No


Pricing document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑