SixSq

NuvlaBox - the instant private cloud

SixSq's NuvlaBox is a turnkey instant private cloud solution which is secure, affordable and simple to use. It includes a plug and play device with remote management & application update capabilities. A non-technical operator can easily and securely set up the appliance. Multi-cloud app store and unified dashboard simplify operations

Features

  • Remote access & management from any device
  • Simple set up in a few minutes
  • Built-in security
  • Secure web access
  • Reliable local connectivity
  • Supports hybrid cloud strategy
  • Local installation possible
  • Connectivity agnostic
  • Multi-cloud capabilities
  • Easily scalable as requirements change

Benefits

  • Minimal provisioning time means private cloud in an instant
  • Allows management of content on the move via remote access
  • Removes need for on-site IT expertise
  • Access to cloud support from industry experts
  • Supports business growth with scalable technology
  • Enables Internet of Things
  • Enables Smart Cities
  • Extends service at network edge
  • Simplifies Big Data management
  • Reduces maintenance and update costs

Pricing

£15 to £300 per device per month

  • Excluding VAT
  • Education pricing available
  • Termination costs apply
  • Minimum contract period: Year
  • Trial option available

Service documents

G-Cloud 8

859116332589109

SixSq

Louise Merifield

+41 77 4468 170

merifield@sixsq.com

Support

Support
Name Content
Support service type
  • Service desk
  • Email
  • Phone
  • Live chat
  • Onsite
Support accessible to any third-party suppliers No
Support availability Reporting available 24/7. Telephone and chat available Mon-Fri 9am-6pm CET
Standard support response times 24 hour response time within business hours
Incident escalation process available Yes

Open standards

Open standards
Name Content
Open standards supported and documented Yes

Onboarding and offboarding

Onboarding and offboarding
Name Content
Service onboarding process included Yes
Service offboarding process included Yes

Analytics

Analytics
Name Content
Real-time management information available Yes

Cloud features

Cloud features
Name Content
Elastic cloud approach supported Yes
Guaranteed resources defined Yes
Persistent storage supported Yes

Provisioning

Provisioning
Name Content
Self-service provisioning supported Yes
Service provisioning time 1 hour to set up & 1 minute to provision applications
Service deprovisioning time 1 minute to de-provision applications. 1 hour to factory reset the private cloud

Open source

Open source
Name Content
Open-source software used and supported Yes

API access

API access
Name Content
API access available and supported Yes
API type RESTful

Networks and connectivity

Networks and connectivity
Name Content
Networks the service is directly connected to
  • Internet
  • Other

Access

Access
Name Content
Supported web browsers
  • Internet Explorer 9
  • Internet Explorer 10+
  • Firefox
  • Chrome
  • Safari
  • Opera
Offline working and syncing supported Yes
Supported devices
  • PC
  • Mac
  • Smartphone
  • Tablet

Certifications

Certifications
Name Content
Vendor certification(s) CSA Star Self Assessment underway

Data storage

Data storage
Name Content
Datacentres adhere to the EU code of conduct for energy-efficient datacentres Yes
User-defined data location Yes
Datacentre tier None of the above
Backup, disaster recovery and resilience plan in place Yes
Data extraction/removal plan in place Yes

Data-in-transit protection

Data-in-transit protection
Name Content
Data protection between user device and service TLS (HTTPS or VPN) version 1.2 or later
Data protection within service
  • TLS (HTTPS or VPN) version 1.2 or later
  • VLAN
Data protection between services TLS (HTTPS or VPN) version 1.2 or later

Asset protection and resilience

Asset protection and resilience
Name Content
Datacentre location
  • UK
  • EU
  • Other countries with data protection treaties
  • Rest of world
Data management location
  • UK
  • EU
  • Other countries with data protection treaties
  • Rest of world
Legal jurisdiction of service provider Other countries with data protection treaties
Datacentre protection Yes
Data-at-rest protection
  • Secure containers, racks or cages
  • Physical access control
Secure data deletion Other secure erasure process
Storage media disposal Other secure erasure process
Secure equipment disposal Yes
Redundant equipment accounts revoked Yes
Service availability 99.5

Separation between consumers

Separation between consumers
Name Content
Cloud deployment model Private cloud
Type of consumer No other consumer
Services separation Yes
Services management separation Yes

Governance

Governance
Name Content
Governance framework No

Configuration and change management

Configuration and change management
Name Content
Configuration and change management tracking Yes
Change impact assessment Yes

Vulnerability management

Vulnerability management
Name Content
Vulnerability assessment Yes
Vulnerability monitoring Yes
Vulnerability mitigation prioritisation Yes
Vulnerability tracking Yes
Vulnerability mitigation timescales Yes

Event monitoring

Event monitoring
Name Content
Event monitoring Yes

Incident management

Incident management
Name Content
Incident management processes Yes
Consumer reporting of security incidents Yes
Security incident definition published Yes

Personnel security

Personnel security
Name Content
Personnel security checks Employment checks

Secure development

Secure development
Name Content
Secure development Yes
Secure design, coding, testing and deployment Yes
Software configuration management Yes

Supply-chain security

Supply-chain security
Name Content
Visibility of data shared with third-party suppliers Yes
Third-party supplier security requirements Yes
Third-party supplier risk assessment Yes
Third-party supplier compliance monitoring Yes
Hardware and software verification Yes

Authentication of consumers

Authentication of consumers
Name Content
User authentication and access management Yes
User access control through support channels Yes

Separation and access control within management interfaces

Separation and access control within management interfaces
Name Content
User access control within management interfaces Yes
Administrator permissions Yes
Management interface protection Yes

Identity and authentication

Identity and authentication
Name Content
Identity and authentication controls
  • Username and TLS client certificate
  • Authentication federation
  • Limited access over dedicated link, enterprise or community network
  • Username and strong password/passphrase enforcement

External interface protection

External interface protection
Name Content
Onboarding guidance provided Yes
Interconnection method provided Internet

Secure service administration

Secure service administration
Name Content
Service management model Dedicated devices on a segregated network

Audit information provision to consumers

Audit information provision to consumers
Name Content
Audit information provided Data made available by negotiation

Secure use of the service by the customer

Secure use of the service by the customer
Name Content
Device access method Corporate/enterprise devices
Service configuration guidance Yes
Training Yes
Return to top ↑