G-Cloud 11 services are suspended on Digital Marketplace

If you have an ongoing procurement on G-Cloud 11, you must complete it by 18 December 2020. Existing contracts with The Server Labs Ltd. are still valid.
The Server Labs Ltd.

JFrog Tools Hosting (Artifactory, BinTray, Mission Control , XRay)

JFrog products such as Artifactory, BinTray, Mission Control and XRay form the backbone of Devops. Thousands of teams choose JFrog tools to develop and manage their software projects and artifacts. Clouds supported: AWS, Google Compute Engine, Azure, UKCloud

Features

  • First step to Continous Delivery
  • Access via Internet, VPN or Government Network
  • Supported clouds: AWS, Azure, Google, UKCloud
  • Secure Hosting in UK or EU Datacentres
  • Payments in GBP

Benefits

  • No on-premise installation. Get up and running straight away
  • Gives power back to your development teams
  • Shortened delivery cycles
  • Secure, accesible from anywhere
  • Access from all devices, PC, Tablet, IOS, Android

Pricing

£100 a server a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@theserverlabs.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 11

Service ID

9 6 2 2 5 0 9 8 7 2 8 9 8 5 3

Contact

The Server Labs Ltd. Dolores Saiz
Telephone: 07914163683
Email: sales@theserverlabs.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
JFrog Artifactory, BinTray, Mission Control , XRay
Cloud deployment model
Public cloud
Service constraints
Can be deployed in public cloud or on-premise in private clouds.
System requirements
Linux

User support

Email or online ticketing support
Email or online ticketing
Support response times
S1 The production system cannot be used. No users are able to work in the production system. 24x7x365 <= 30 mins <= 2 h 95% 1,2 S2 Users can access the production system but a critical part of the application is unavailable or degraded.24x7x365 <=60 mins. <= 4 h 90% 1,2 S3 Users can access the production system and work but experience periodic problems. S4 Low impact for the user.The users can work normaly. <= 24 h <= 48 h 90% 1,2
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
We offer support in either 24x7 and 9x5 modes. Cost varies by the amount of services deployed The service has a preventative component, with periodic maintenance, monthly reporting and continuous improvement of the infrastructure, and a corrective component, when problems occur in the system covered by this support contract. Once an issue has been received by The Server Labs, the procedure takes the following steps. • Verification of the issue and escalation to second level support. • Communication to customer of the solution to be undertaken. • Restoration of any service lost working with the DBA and or engineer assigned to the project. • Restoration of any data lost working with the DBA assigned to the project. • Update of the system documentation if necessary. • Closeout of the issue with description of actions undertaken.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
User documentation is provided along with on-line training videos.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
The data is fully available at all times. After the customer has extracted the data, we will ensure that the disks are wiped securely.
End-of-contract process
After the customer has extracted their data, we will ensure that the disks are wiped securely.
There is no early termination penalty.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Not all features are available on mobile devices. This is primarily a developer platform, used from the desktop.
Service interface
No
API
Yes
What users can and can't do using the API
Most of the tools in the solution have a REST API https://www.jfrog.com/confluence/display/RTF/Artifactory+REST+API
API documentation
Yes
API documentation formats
HTML
API sandbox or test environment
No
Customisation available
Yes
Description of customisation
Additional products can be configured on request. Many of the tools in the solution offer the possibility to install add-ons without any support involvement.

Scaling

Independence of resources
This is handled by the underlying cloud provider

Analytics

Service usage metrics
Yes
Metrics types
Some of the tools provide user access metrics
We can supply infrastructure metrics on request.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra support
Organisation whose services are being resold
JFrog

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
In-house
Protecting data at rest
Other
Other data at rest protection approach
Data isolation is handled by the underlying cloud provider.
On customer request we can provide volume encryption.
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Data can be exported via the web interface or via command line tools, depending upon the product within the solution.
Data export formats
  • CSV
  • Other
Other data export formats
  • Xml
  • Tar, zip
Data import formats
  • CSV
  • Other
Other data import formats
  • Xml
  • Tar,zip

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
99.99% SLA
Approach to resilience
Handled by the underlying cloud provider.
The Server Labs can provide Disaster Recovery solutions on request.
Outage reporting
Email alerts

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
Handled by the underlying cloud provider
Access restriction testing frequency
At least every 6 months
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
We are working towards attaining ISO27001
Information security policies and processes
We are working towards attaining ISO27001 and ISO9001

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
ITIL compliant
Vulnerability management type
Undisclosed
Vulnerability management approach
Regular scans and Intrusion tests.
Protective monitoring type
Undisclosed
Protective monitoring approach
We use standard IDS mechanisms
Any compromise found would be reported to the customer immediately.
Incident management type
Undisclosed
Incident management approach
We offer support in either 24x7 and 9x5 modes. Cost varies by the amount of services deployed The service has a preventative component and a corrective component, when problems occur covered by this support contract. Once an issue has been received by The Server Labs, the procedure takes the following steps. • Verification of the issue and escalation to second level support. • Communication to customer of the solution to be undertaken. • Restoration of any service lost working with the DBA and or engineer assigned to the project. • Closeout of the issue with description of actions undertaken

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£100 a server a month
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@theserverlabs.com. Tell them what format you need. It will help if you say what assistive technology you use.