Ultimedia
Umbraco Cloud
Umbraco CMS cloud hosting on Microsoft Azure and Amazon Web Services platforms provides a flexible Microsoft .NET development for Umbraco CMS with SharePoint and Microsoft Dynamics CRM integrations..
Features
- Enterprise level Content Management environment
- Microsoft Azure and Amazon Web Services cloud hosting
- Microsoft .NET development for integrations
- SharePoint and Microsoft Dynamics CRM integrations
Benefits
- Enterprise Web Content Management environment
- Scalability and performance assured
- Multiple device publication and repurposing
Pricing
£25 to £500 an instance a month
- Free trial available
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at glenn.stewart@ultimedia.co.uk.
Tell them what format you need. It will help if you say what assistive technology you use.
Framework
G-Cloud 12
Service ID
9 1 9 5 7 5 1 1 6 0 7 3 1 2 0
Contact
Ultimedia
Glenn Stewart
Telephone: 07973510805
Email: glenn.stewart@ultimedia.co.uk
Service scope
- Service constraints
- Support availability Monday to Friday 9am to 5pm. Standard support response times 4 hours and Incident escalation process available.
- System requirements
-
- Microsoft Windows Server 2016, 2012R2 or 2012
- Microsoft Internet Information Services 8.5 or 8
- Microsoft .NET Framework 4.5.2 or later
- Microsoft MVC 5 or 4
- Microsoft Internet Explorer 11, Mozilla Firefox, Google Chrome
User support
- Email or online ticketing support
- Yes, at extra cost
- Support response times
-
08:00 to 18:00 Monday to Friday (excluding weekends and UK Bank Holidays) response is 1.Critical - Response 1 hour, Restoration 4 hours 2.Urgent - Response 1 hour, Resolution 5 days 3.Non-Urgent - Response 4 hours, Resolution 20 days.
Extended and 24x7 is also available with similar response times at extra cost - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
24x7x365 monitoring and operations support for all Cloud customers through a dedicated global managed services team.
If there is an incident our managed services team will work within our customer’s environment to resolve the issue and provide a resolution without our customer’s involvement.
Cloud customers additionally receive Developer Support as part of their cloud subscription. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- Training is available for technical and user access to the service and full documentation sets are provided both HTML and PDF
- Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- Downloads can be arranged from SQL Server databases.
- End-of-contract process
- End of contract, the user will receive an extension offer and if that is not taken up the service will be terminated.
Using the service
- Web browser interface
- No
- API
- Yes
- What users can and can't do using the API
- API access through .NET libraries, RESTful services and JavaScript (for UI extensibility)
- API automation tools
- OpenStack
- API documentation
- Yes
- API documentation formats
-
- HTML
- Command line interface
- Yes
- Command line interface compatibility
- Windows
- Using the command line interface
- Command line support for the add-on system is implemented as a PowerShell snap-in with a set of CmdLets.
Scaling
- Scaling available
- Yes
- Scaling type
- Automatic
- Independence of resources
- Extra virtual machines can be switched in without affecting the user service
- Usage notifications
- Yes
- Usage reporting
Analytics
- Infrastructure or application metrics
- Yes
- Metrics types
-
- CPU
- Disk
- HTTP request and response status
- Memory
- Network
- Number of active instances
- Reporting types
-
- API access
- Real-time dashboards
Resellers
- Supplier type
- Reseller providing extra features and support
- Organisation whose services are being resold
- Kentico
Staff security
- Staff security clearance
- Staff screening not performed
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- Other locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a CHECK service provider
- Protecting data at rest
- Physical access control, complying with another standard
- Data sanitisation process
- No
- Equipment disposal approach
- In-house destruction process
Backup and recovery
- Backup and recovery
- Yes
- What’s backed up
-
- Regular backups of the application and databases
- Azure and Amazon Web Services backups used
- Web Application backed up to the Azure storage acocunt
- Regular 24 hour backups performed
- Database backups are replicated to a geo-redundant data center
- Backup controls
- Users can perform backups as required both of the web application and of the Microsoft SQL Server databases
- Datacentre setup
- Multiple datacentres with disaster recovery
- Scheduling backups
- Users contact the support team to schedule backups
- Backup recovery
-
- Users can recover backups themselves, for example through a web interface
- Users contact the support team
Data-in-transit protection
- Data protection between buyer and supplier networks
- Legacy SSL and TLS (under version 1.2)
- Data protection within supplier network
- Legacy SSL and TLS (under version 1.2)
Availability and resilience
- Guaranteed availability
- Group and Corporate level provide 99.7% availability. Enterprise level provides 99.9% availability
- Approach to resilience
- Microsoft Azure SDKs for BLOBs, Service Bus, and Entity Framework have built-in support for transient faults handling and retry policies.
- Outage reporting
- Kentico provide a public dashboard service, together with email alerts of any outages.
Identity and authentication
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
- Access restrictions in management interfaces and support channels
- User access within management interfaces is restricted by authentication and service design. Administrator permissions are allocated to companies accordingly. Management interface protection is in place.
- Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
- Devices users manage the service through
-
- Dedicated device on a segregated network (providers own provision)
- Dedicated device on a government network (for example PSN)
- Dedicated device over multiple services or networks
- Directly from any device which may also be used for normal business (for example web browsing or viewing external email)
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- Between 6 months and 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- To maintain information security, only approved personnel have access to the system, the customer's environments, and individual customer data.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- Change management tracking is performed and impact assessments of changes are produced and acted upon.
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
- Vulnerability assessments are regularly produced in conjunction with Episerver regular vulnerability monitoring. Mitigation strategies are produced, implemented and mitigation timescales determined.
- Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- Events are continually monitored and reported upon to identify potential compromises, strategies devised and implemented within a mitigation timescale.
- Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
- Pre-defined processes are in place for common incident management events. Users report incidents via a ticketing system and timescales determined for mitigation and resolution.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- Yes
- Who implements virtualisation
- Supplier
- Virtualisation technologies used
- VMware
- How shared infrastructure is kept separate
- Customer data sharing the same infrastructure is kept separate by virtue of the service design
Energy efficiency
- Energy-efficient datacentres
- Yes
- Description of energy efficient datacentres
- Amazon Web Services used for cloud hosting
Pricing
- Price
- £25 to £500 an instance a month
- Discount for educational organisations
- No
- Free trial available
- Yes
- Description of free trial
- All functionality of the full system
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at glenn.stewart@ultimedia.co.uk.
Tell them what format you need. It will help if you say what assistive technology you use.