Bristol Is Open Ltd.

Smart City Experimentation Infrastructure as a Service

Test platform to resolve scalability issues within applications. Use the virtualised private cloud solution to identify minimum and optimum server,memory,processor,storage allocations. Test whether developed software is applicable to single server or distributed server scenarios,

Features

  • Remote access to virtualised solutions
  • Secure analytics within a private cloud

Benefits

  • Privacy/Security within a private cloud
  • Scalable analytics solutions from SoC to HPC

Pricing

£500 per instance per week

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 11

743652520734654

Bristol Is Open Ltd.

Paul Proctor

0117 290 0001

paul.proctor@bristolisopen.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints We undertake planned maintenance other than this we don't have specific constraints.
System requirements
  • Prefer installation instructions and source code than pre-configured virtual appliances
  • OpenSource default licensing scheme. Additional licences by buyer.

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Weekend emails will be responded to Mon-Fri, 9am-5pm
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Yes, at an extra cost
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard None or don’t know
How the web chat support is accessible To be designed for each project
Web chat accessibility testing To be designed for each project
Onsite support Yes, at extra cost
Support levels The infrastructure and software services are built within an R&D platform which by default has no SLA. However, for specific experiments on the platform SLAs can be established according to need.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Initial consultation through email with followups via telephone, face to face and workshop meetings. Where necessary site visits will be a factor.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction By end of contract we will advise the most appropriate medium for data transfer or destruction. Transfers can be enabled online or via USB storage.
End-of-contract process Decommissioning of the solution is included within the project quotation and an indication as to the intent for final data location/destruction.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install Yes
Compatible operating systems Other
Designed for use on mobile devices Yes
Differences between the mobile and desktop service To be designed for each project
Service interface Yes
Description of service interface To be designed for each project
Accessibility standards None or don’t know
Description of accessibility To be designed for each project
Accessibility testing To be designed for each project
API Yes
What users can and can't do using the API APIs are tailored to specific experiments. Current examples are JSON formatted post/get.
API documentation Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • ODF
  • PDF
  • Other
API sandbox or test environment Yes
Customisation available Yes
Description of customisation This is an R&D and pilot solution, can be customised per project.

Scaling

Scaling
Independence of resources Scheduling of resources and resource segmentation to dedicate resources for the duration of the respective project.

Analytics

Analytics
Service usage metrics Yes
Metrics types For maintenance monitoring purposes
Reporting types
  • API access
  • Real-time dashboards
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least every 6 months
Penetration testing approach In-house
Protecting data at rest
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach On request to support staff if assistance is required. Otherwise via their own access methods to the virtualised solution.
Data export formats
  • CSV
  • Other
Other data export formats
  • JSON API calls
  • SQL Dumps
Data import formats
  • CSV
  • Other
Other data import formats
  • JSON API calls
  • SQL uploads

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network Dark fibre segmentation/management

Availability and resilience

Availability and resilience
Guaranteed availability No default SLAs due to R&D nature of infrastructure.
SLAs can be negotiated assuming resourcing available/budgeted for.
Approach to resilience High Availability options are available but are not the default configuration.
Outage reporting Email alerts and API monitoring

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels New SSH/TLS Credentials are never transmitted over public communication systems. New users obtain their credentials by physically visiting site.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information You control when users can access audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information You control when users can access audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach At Project Initiation stage a risk assessment is taken regarding the data potentially going to be collected. Active monitoring throughout the project lifecycle ensures any data reclassification is addressed and measured steps to secure it further. The platform is by default a closed, private cloud.
Information security policies and processes We have GDPR compliant policies in-place to cover the use of person-identifiable information.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach The infrastructure is dynamically changed according to the requirements of the projects in operation. Change Management records when non-operational/BAU changes are planned along with appropriate rollback procedures if unsuccessful.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Monitoring of online CVE vulnerability database and patch management processes in-place. Each new virtualised project is built with the latest appropriate software to assist in mitigating longstanding known vulnerabilities.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Perimeter firewall engineers monitor system logs to identify probes.
Resource utilisation within the network is dashboard managed to highlight changes in BAU.
We would expect to notice changes in network operation at the earliest opportunity within operational hours of Mon-Fri, 9am-5pm.
Incident management type Supplier-defined controls
Incident management approach Incident occurrences involve notification of board-level management and an impact assessment is carried out via the Senior Leadership Team.
System notifications usually come direct from server/network engineers using the resources as BAU when deviations occur.
End-users would report any incidents to those server/network engineers for initial troubleshooting and subsequent escalation where needed.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks Joint Academic Network (JANET)

Pricing

Pricing
Price £500 per instance per week
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Limited access to resources to test compatibility of solution with platform. Once established then ongoing usage fees apply.

Service documents

pdf document: Pricing document pdf document: Service definition document pdf document: Terms and conditions
Service documents
Return to top ↑