OCSL MANAGED SERVICES LIMITED

CloudRoute - OCSL

CloudRoute is an adaptive, high performance, national reach product that provides customers with high bandwidth, low latency, layer 3 connectivity to both public cloud providers as well as private hosted assets that can reside in OCSL’s datacentres. OCSL can integrate CloudRoute into NHS N3 and JA.Net networks.

Features

  • CloudRoute - 10Gbps trunk network
  • Up to 10Gbps customer connection
  • End to end encryption
  • Standard and Premium class traffic shaping
  • Emailed reports of bandwidth use
  • Diverse network connectivity to multiple carriers
  • N3 Aggregator
  • Janet Partner
  • HSCN Partner

Benefits

  • Combine public cloud with on premise or OCSL hosted infrastructure
  • Simplify connections to public cloud providers with one contract
  • Guaranteed user experience
  • Flat rate pricing and no data usage charges
  • Low latency: from as low as 4ms end to end
  • Low jitter < 2 ms
  • Increased security to latest standards
  • No surprise cost predictability for fixed budgets
  • Bandwidth choices from 100Mbps up to 10Gbps
  • Single supplier, single procurement exercise, single invoice

Pricing

£1697.40 to £11802.64 per unit per month

  • Free trial available

Service documents

G-Cloud 9

899160671745413

OCSL MANAGED SERVICES LIMITED

Mark Skelton

0845 605 2100

gcloud@ocslms.co.uk

Service scope

Service scope
Service constraints Installation of fibre links is subject to survey
System requirements System requirements depend upon individual customer needs

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Priority Level - Initial Response - Progress Update - Target Resolution
1 - 15 mins* - 1 hour - 4 hours
2 - 1 hour - 2 hours - 8 hours
3 - 2 hour - 1 day - 10 working days
4 - 4 hour - 1 day - 20 working days

*P1 calls must be logged by telephone
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support No
Support levels Priority Level - Initial Response - Progress Update - Target Resolution
1 - 15 mins* - 1 hour - 6 hours
2 - 1 hour - 2 hours - 8 hours
3 - 2 hour - 1 day - 10 working days
4 - 4 hour - 1 day - 20 working days

*P1 calls must be logged by telephone
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started OCSL order, install and configure the service, customers simply need to manage local area network connectivity, routing and firewalls.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction No data is held by this service
End-of-contract process Upon receiving notification of termination, OCSL will on a mutually agreed date, simply disable the customer’s access.

Using the service

Using the service
Web browser interface No
API No
Command line interface No

Scaling

Scaling
Scaling available No
Independence of resources The service is dedicated to the customer only
Usage notifications Yes
Usage reporting Other

Analytics

Analytics
Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
  • Other
Other metrics
  • Failure
  • Capacity
  • Server hardware components such as system fans
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Reseller providing extra support
Organisation whose services are being resold BT, Virgin, Microsoft, Amazon

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest Physical access control, complying with another standard
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • We provide this as a seperate service
  • Please see: BaaS - Backup as a Service - OCSL
Backup controls Please refer to: BaaS - Backup as a Service - OCSL
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Users schedule backups through a web interface
Backup recovery Users can recover backups themselves, for example through a web interface

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Private network or public sector network
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability N/A
Approach to resilience There are three service levels available:

Standard Resilience
• Single Path from Customer to OCSL Infrastructure and into Public Networks
• Single Router at a customer premise

Diverse Resilience
• 2 Carrier diverse independent access circuits in OCSL Infrastructure and into Public Cloud
• Presented on separate NTE’s at Customer Site
• Bandwidth can differ between circuits
• Seamless failover between circuits in the event of carrier or fibre issues
• Dual egress paths in the event of Public Cloud provider pop failure
• Geographically diverse ingress points to OCSL

Diverse Resilience Plus
• 2 Carrier diverse independent access circuits in OCSL Infrastructure and into Public Cloud
• Presented on separate NTE’s at Customer Site
• Bandwidth can differ between circuits
• Seamless failover between circuits in the event of carrier or fibre issues
• Dual routers with single gateway UP presented and seamless failover between routers in the event of carrier, fibre, NTE or router failure
• Dual egress paths in the event of a Public Cloud provider pop failure
• Geographically diverse ingress points to OCSL
Outage reporting OCSL is ISO2000-1 accredited and follows standard ITIL conformant processes.

Identity and authentication

Identity and authentication
User authentication 2-factor authentication
Access restrictions in management interfaces and support channels Active Directory is used to control user identification and authentication. OCSL Managed Services uses unique user IDs to enable users to be linked to, and held responsible for, their actions. This is in the following format: Firstname.Surname. Each computer also has a host name.
Access restriction testing frequency At least every 6 months
Management access authentication 2-factor authentication
Devices users manage the service through Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for Between 6 months and 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for Between 6 months and 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 Registrar of Standards (Holdings) Ltd
ISO/IEC 27001 accreditation date 21/06/2011
What the ISO/IEC 27001 doesn’t cover There are 114 controls within ISO 27001:2013. •OCSL Managed Services has currently adopted 110 of the controls. The remaining 4 controls have not been adopted at this stage. A.14.1.2 (OCSL Managed Services do not use public networks). A.14.1.3 (OCSL Managed Services do not use application transactions). A.14.2.1 (OCSL Managed Services do not develop software). A.14.2.7 (OCSL Managed Services do not outsource software development).
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations Yes
Any other security accreditations
  • Government OFFICIAL
  • NHS N3 Aggregator

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards OCSL is accredited to the following governance standards

o ISO9001 (Quality)
o ISO20000-1 (Service Management)
o Government OFFICIAL
o NHS N3 Aggregator
Information security policies and processes All ISO27001, Commercial N3 Aggregator, Government Official, Cyber Essentials & NHS IG Toolkit required policies. No policies have been excluded from scope.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Our methodology minimises the impact of change-related incidents on service quality and improves the day-to-day operations of the organisation. The procedures are designed to ensure that all changes are correctly planned, interested parties are notified and any service interruption is controlled. Changes can be initiated by the client or internally within OCSL. A robust Change Control process minimises the risk associated with changes. It enables all parties to keep track of changes made to systems, ensures implications of changes are assessed and that interdependencies are explored. A back-out process is also considered before any change is implemented.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Annual IT Health Checks are completed by a CHECK accredited independent organisation under the CHECK Scheme. The CHECK scheme enables penetration testing by CESG approved companies, employing penetration testing personnel, qualified to assess HMG and other public and private sector bodies. The testing personnel are CHECK Team Leaders who have proven their technical competency through lab examinations and written exams, they are skilled in application and infrastructure testing. They have also undergone thorough background checking. This technical compliance review is an extensive internal and external examination of operational systems to ensure that hardware and software controls have been correctly implemented.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach User activities, exceptions, and information security events are recorded and kept for an agreed period to assist in future investigations and access control monitoring. Software is used to monitor system use. As per the ‘Systems monitoring policy’.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach The OCSL Service Desk enables our team to co-ordinate the work of restoring supported systems as soon as possible and within agreed SLAs. The Service Desk determines the nature of incidents so they can be sent to appropriately skilled engineers for resolution. An IMS is incorporated within the Service Desk. When logging calls via the telephone Service Desk, the call operative uses the same call logging software that the customer will have access to via our secure web portal. Integrated with this functionality is our knowledge base, which is used to capture information and provide accurate incident reports.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart No

Energy efficiency

Energy efficiency
Energy-efficient datacentres No

Pricing

Pricing
Price £1697.40 to £11802.64 per unit per month
Discount for educational organisations No
Free trial available Yes
Description of free trial Details available upon request

Documents

Documents
Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑