Ixis IT Limited

Container based Managed Cloud Hosting

A cloud based container hosting model suitable for Open Source projects. Features enable flexible development and CI in PHP & NodeJS.

This Platform as a Service (PaaS) offering provides an accelerated and highly automated environment within which projects based on Open Source technology are developed, tested and delivered into production.


  • 99.95% uptime SLA on PaaS
  • 24/7 Support and Monitoring via UK Service Desk
  • Multiple environments for each domain (stage, qa, user story etc.)
  • Git version control repository provided
  • Fully managed backup with minimum 1 month retention


  • Enhanced integrated agile development workflow
  • Control for developers to spin up environments on demand
  • Optimised for Drupal 7 & 8
  • Supports latest Node JS, MongoDB, Elastic Search, MariaDB stack


£126 to £1434 per instance per month

  • Education pricing available

Service documents

G-Cloud 10


Ixis IT Limited

Dan Pala



Service scope

Service scope
Service constraints No high availability (HA) option available.
No load balanced option.
Linux only environment for hosting web applications.
System requirements
  • Knowledge of Git
  • PHP based application

User support

User support
Email or online ticketing support Email or online ticketing
Support response times General support is provided Monday - Friday except bank holidays

Out of hours is break-fix incident response only.

P1 incident 30 minute response with a 2 hour resolution.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support No
Support levels Infrastructure support is included with per project pricing.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started User accounts generated.
Access level defined.
Tutorial videos for using the web UI available on YouTube.
Service documentation Yes
Documentation formats HTML
End-of-contract data extraction Data (database, file assets) are available for extraction at any point using the standard Drupal Drush tool.

All source code is stored in Git and available at all times.
End-of-contract process There are no additional costs for off-boarding other than settling the final invoice for the service used.

Using the service

Using the service
Web browser interface No
What users can and can't do using the API A RESTful API is available over HTTP.
Examples of API integrations are available on GitHub.
API automation tools
  • Ansible
  • Puppet
API documentation Yes
API documentation formats HTML
Command line interface Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
  • MacOS
Using the command line interface Cannot add new projects.
Can execute backups.


Scaling available No
Independence of resources Expected increases in demand are discussed at monthly service reviews, or notified to supplier by raising a ticket so that adequate configuration changes can be made in advance.

A CDN is recommended to protection against unplanned spikes in anonymous visitor traffic.
Usage notifications Yes
Usage reporting Other


Infrastructure or application metrics Yes
Metrics types HTTP request and response status
Reporting types Reports on request


Supplier type Reseller providing extra features and support
Organisation whose services are being resold Platform

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Supplier-defined controls
Penetration testing frequency Never
Protecting data at rest Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • Source Code (in Git)
  • Database
  • File assets
Backup controls The service is fully managed and automated on a daily schedule.

Ad-hoc data backups can be performed using the Drush tool.
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Supplier controls the whole backup schedule
Backup recovery Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability 99.5% uptime SLA on Standard Dedicated Server
24/7 Support and Monitoring via our UK Service Desk
Dedicated isolated environments not shared with any other clients
Production and Staging environments for each domain being hosted
Linux operating system management including security patching
Fully hosted and managed GIT version control
Fully hosted and managed GIT version control
Fully managed backup with minimum 2 week retention
Support beyond the LAMP stack: reverse proxy Varnish, MySQL replication
Amazon Web Services (AWS) Consulting Partner

On a case by case basis we can offer service credits which are discussed as part of the contract process
Approach to resilience Available on request as this depends on the buyers set up and requirements.
Outage reporting Email alerts are triggered from outages detected within 3 minutes from multiple locations around the globe.

Identity and authentication

Identity and authentication
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels All users require a username and password pair, along with being assigned to a specified role.

2 factor auth can be added to the individuals account to further strengthen access.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password
Devices users manage the service through Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information You control when users can access audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 Alcumus ISOQAR
ISO/IEC 27001 accreditation date 27/04/2018
What the ISO/IEC 27001 doesn’t cover Working in secure areas (11.1.5)
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes .

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach We practice an ITIL V3 process for all changes requests.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Automated updates to server software ensures that high-priority fixes are deployed as soon as they are available.
Security is always considered first when designing consumer architecture or providing services.
Software is chosen based on its security features, history of security exploits, and ease of maintenance and monitoring.
Configuration management processes are used throughout the development and support of all services.
Protective monitoring type Undisclosed
Protective monitoring approach We have established practices for managing and recovering from incidents, and restoring a secure service.
Incident management type Undisclosed
Incident management approach We have established practices for managing and recovering from incidents, and restoring a secure service.

Users report by phone / email or raising a ticket.

Incident reports are provided by ticket - with root cause analysis where needed.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Third-party
Third-party virtualisation provider Amazon Web Services
How shared infrastructure is kept separate LX Containers hosted on AWS VM hosts.

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes


Price £126 to £1434 per instance per month
Discount for educational organisations Yes
Free trial available No


Pricing document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑