BlackBox Hosting

BlackBox Hosting Managed Cloud Services

BlackBox Hosting offers a complete managed service package, including the provision of Virtual Private Servers (VPS) or physical servers in multiple tier 3 data centres in the UK with diverse routing.

Features

  • Hosted only in Tier 3+ UK Datacentres IPv4 and IPV6
  • Performance cloud VM VPN high security options
  • Secure deep packet inspection IPS IDS AV 10GB Connectivity
  • Proactive monitoring platforms provide support 24/7/365 99.999% uptime guarantees
  • Vmware Cisco 3Par Fortigate Kemp Microsoft Veeam HPE experts
  • High Bandwidth, low latency connectivity using diverse routing
  • Enterprise grade DDOS protection AV malware DLP SLA
  • Online Service portal for self deployment of complete Virtual networks
  • 4 hour hardware replacement warranties together with automatic failover technologies
  • 3PAR SSD VM HA High Availability Encryption at rest

Benefits

  • ISO9001 ISO20000 ISO27001 and Cyber Essentials Plus certified
  • VMware Cloud Verified and Manage Service Provider
  • Flexible contracts with performance hosting stack
  • Use the latest technologies without the need for capital expenditure
  • Forward thinking and innovative team providing a full IT portfolio
  • Resources on demand when required with real time upgrades
  • Bespoke solutions for your applications that simply work
  • Secure, encrypted connections back to your office using HTTPS, SSL
  • Encryption at Rest, SSD Performance HPE Blades for power efficiency
  • Fast Deployment and technical setup

Pricing

£55 to £85 a server a month

  • Education pricing available
  • Free trial available

Service documents

Framework

G-Cloud 12

Service ID

9 3 0 2 1 6 5 9 2 2 7 9 2 0 3

Contact

BlackBox Hosting Matthew Burden
Telephone: 0203 740 7840
Email: matthew@blackboxhosting.net

Service scope

Service constraints
A Planned Maintenance is a pre-planned maintenance to any of the infrastructure relating to the cloud service, which is notified to the Customer 7 days in advance. Planned Maintenance will always occur out of core business hours defined as 08:00 to 20:00, Monday to Friday.
System requirements
Internet Access

User support

Email or online ticketing support
Email or online ticketing
Support response times
Within 1 hour 24/7/365
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Standard support 08:00 - 18:00 Mon - Friday Included in VM price
Enhanced support 24/7 /365 - £35 per VM per month.
Both support options have a dedicated TAM (technical account manager) with dedicated cloud support engineers.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
At BlackBox Hosting we are committed to working alongside you to deliver a solution that is transparent, scalable and cost-efficient without compromising on quality.

Before we begin you will be assigned a dedicated account manager and solution architect. They will meet with you to discuss your requirements.

A detailed report will then be provided outlining the overall solution and design followed by a final Q&A session to confirm exactly what is to be deployed.

Once agreed, the solution architect will then deploy the cloud resources required. This includes the creation of VMs, storage, networks (virtual routing and VLans), firewalls and load balancers. If data migration is required, we will work with you to identify which method and migration tools will be most suitable.

A handover of the network is then completed and signed off by you and your dedicated account manager. This handover session will include access to self-service portals, training, passwords and details of the support process.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
We pride ourselves in the transparency of our services, which include no long-term contracts or penalty fees. The reason you’ll stay with us is because our solutions are the best.

In the unlikely event that you do have to leave us, we will work with you to make this process as efficient as possible.

Firstly, your account manager will confirm the date that our services will cease and the date of your last invoice. Notice periods vary depending on the scale of the cloud services provided, with the minimum notice period being one month.

After the end of service date, all VMs and data will be retained free of charge for one month. During this time, you can request a copy of the VMs and data if required to a device that you provide.

After one month has passed the VMs and data will be deleted in accordance with our secure data destruction process.
End-of-contract process
All cloud services are set at a fixed priced. Consultancy is additional cost.

Using the service

Web browser interface
Yes
Using the web interface
VMware Vcloud Director
Web interface accessibility standard
None or don’t know
How the web interface is accessible
Full Access to deploy VM and provision VMware Services only.
Web interface accessibility testing
Tested access on latest version of OS, including Windows 7, 8.1 and windows 10 as well as Latest Mac OS.
API
Yes
What users can and can't do using the API
Interface with our current and our new ITSM system.
API automation tools
Other
Other API automation tools
  • REST
  • Soap
API documentation
Yes
API documentation formats
HTML
Command line interface
No

Scaling

Scaling available
Yes
Scaling type
Manual
Independence of resources
1-2-1 host VM contention with SSD Storage
Usage notifications
Yes
Usage reporting
Email

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Other
Other data at rest protection approach
VM Encryption available.
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • GRT, File Virtual Machines and Databases
  • 3-2-1 Backup service, to disk, tape and offsite.
  • SAN Storage replication also available over encrypted links
  • SRM
Backup controls
Schedules can be set as per customer requirements, as well DR replica with replication and or SRM.
Datacentre setup
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
Scheduling backups
Supplier controls the whole backup schedule
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
External Network/Internet
External network is the communication between our internal network and the Internet.
Our SLA excludes end customer Internet connections and their respective provider networks, as these are the exclusive remit of the respective end user connectivity provider.
SLA: 100% excluding Maintenance windows.
Credits: 10% of Monthly Recurring Charge (MRC) for the service affected in the relevant month (maximum 50% of the MRC in case of multiple events)

Internal Network
The internal network includes cables, switches, routers and firewalls within our network perimeter.
It does not cover any other reason for communication difficulties, e.g. an incorrect configuration at a server level or a firewall restriction.
SLA: 100% excluding Maintenance windows.

Credits: 10% of Monthly Recurring Charge (MRC) for the service affected in the relevant month (maximum 50% of the MRC in case of multiple events)

Virtual Private Server (VPS)
This comprises all the physical hardware required within our cloud platform. These include:
 Switches
 Physical hosts
 Firewalls
 Storage fabric

SLA: 99.99% excluding Maintenance windows.

Credits: 10% of Monthly Recurring Charge for the Service affected in the relevant month (subject to a maximum of 50% in any calendar month)
Approach to resilience
Available on request
Outage reporting
Email alerts, SMS Alerts Available.

Identity and authentication

User authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Out of band management is deployed as well as IP restrictions and firewall control.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
URS Certificatiion
ISO/IEC 27001 accreditation date
26/04/2019
What the ISO/IEC 27001 doesn’t cover
Anything not listed on our statement of applicability. Our statement covers us for the Provision of Private Cloud, Co-location, and Managed Hosting and consultancy services.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
Cyber Essentails Plus

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
GDPR compliant, ISO 27001, and Cyber Essentials Plus Certified.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
The Change Management process owner will assign the CR to a team member with the relevant skillset to perform the assessment and evaluate the potential risks of making the change.

If the Change Request isn’t clear at this stage the assignee will need to retrieve more relevant information until the Change Request and likely implications are clear.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
The security team monitor all cyber related threats.

Critical Security Patches are applied as soon as possible.

Various news and vendor channels are used to get information on potential threats.
Protective monitoring type
Undisclosed
Protective monitoring approach
Network, firewall and compute security products are used to monitor identify potential compromises.

As soon as a threat is detect the customer is notified.

All security incidents are responded to immediately regardless or support level.
Incident management type
Supplier-defined controls
Incident management approach
ITIL and ISO 20000 Framework in place for service management. Common events are flagged and reported by the service management software.

User report incidents, via web portal email or telephone.

Reports are reviewed weekly in Management Review Meetings and can also be scheduled as per customer requirements.

Secure development

Approach to secure software development best practice
Supplier-defined process

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Supplier
Virtualisation technologies used
VMware
How shared infrastructure is kept separate
Separate VLANs, VRF's and Firewalls.

Energy efficiency

Energy-efficient datacentres
No

Pricing

Price
£55 to £85 a server a month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
We offer a complete ‘trial before you buy’ service with the following benefits:

Complete environment testing from connectivity to firewalls and VMs
Trials are available for 30 days; longer periods can be discussed

Available to new and existing customers
Seamless transition from trial to production environments

Service documents