Airbus Defence and Space Limited

Airbus GeoStore Web Portal

Airbus Web Portals enable the efficient delivery of geospatial data, including APGB and PSMA data, direct to you.

Use our secure, high-availability data hosting platform to discover, view, order, download and stream large volumes of vector and raster data. The Portal front end can be customised to meet your requirements.

Features

  • Intuitive user interface and customisable to suit your requirements
  • High volume order production capability with proactive performance monitoring
  • Guidance information and user-specific licences included with data orders
  • Role based access management
  • Management and reporting analytics features to obtain portal usage information
  • Bookmark option to quickly zoom to frequently visited map locations
  • Map annotation
  • Map configurations can be saved and reloaded
  • Map reference system can be changed with switch projection feature
  • Map printing and map export options

Benefits

  • Order your data anytime, anywhere (subject to network connectivity)
  • 24/7 automated order fulfilment
  • Mobile and tablet compatible
  • Harvesting, hosting and managing data types, including ‘Change Only’ Updates
  • Flexibility to scale your service
  • Remove duplication of resource efforts by centrally maintaining common data
  • Free up your time by using our fully managed service
  • Full audit trail of distributed data from our secure datacentre

Pricing

£3000 per unit per month

  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

9 7 2 7 2 5 6 3 4 9 0 7 3 8 4

Contact

Airbus Defence and Space Limited

Airbus Customer Service Operation Centre

+44 (0) 1633715000

CSOC@airbus.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Hybrid cloud
Service constraints No, there are no constraints. A notification is provided if there is any planned maintenance scheduled with 5 days advance notice.
System requirements No system requirements

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Response times are based on severity and are determined by your requirements as defined in the Service Level Agreement during contractual discussions. We recognise the unique needs of each individual customer and strive to accommodate, where possible, all of your requirements in relation to answering your support questions and resolving with the tickets you raise. This could include weekend support or 24/7 support if required. Response times offered range from 1 hour to 8 hours.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels We offer as standard phone and email support through the Airbus Service Desk between 09:00-17:00 Monday to Friday (excluding English public holidays) with additional access to 24x7 support ticket logging via an on-line portal. The on-line portal allows customers to log new calls, view current and closed support calls, and view knowledge articles and FAQs created as part of the Knowledge Management process.

The Service Desk provides a constant first point of contact for all support queries and is resourced using dedicated support staff with the ability to maintain and support service operations on an extended hours or 24x7 basis, if required. Airbus also maintains a dedicated Customer Services Team for customer support, incident reporting and service related issues in relation to Airbus services.

A submitted issue or a query can be allocated a priority with different levels of response, our standard response time is 4 hours.

We strive to accommodate all of your requirements in relation to support levels and prices can be tailored to meet your individual needs, with technical support based on the SFIA Rate Card.

Airbus will provide an Account Manager for both managing the relationship with the customer and as a means of escalation.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Designed to be intuitive with on-site training, text and video documentation, customised training, FAQs and help documentation.
Service documentation Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction Upon conclusion of the service, the following will occur:
• Arrangements are made with the customer to transfer back the latest versions of all data content if required.
• The data will be transferred using an agreed delivery mechanism based on customer requirements.
• All user accounts and data owned by the customer will be deleted.
• Data logs related to usage of the service during the contracted period will also be returned to the customer if required, together with agreed relevant audit trail information.
End-of-contract process Prior to contract expiry we will discuss with the customer their future requirements. If this is to extend the contract term we will support the customer during their procurement process. If the requirement is to cease, or transition the service we will fulfil our obligations as described within the contract. This could include, but is not limited to, removal of all live data and the storage of archived data for a pre-defined period. All end-of-contract support will be discussed during contract negotiations.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Functionality remains the same, only changes are dynamic scaling for screen resolution and orientation.
Service interface Yes
Description of service interface The service is accessed using an online website which is compatible for use with mobiles and tablets. The intuitive user interface is customisable to suit your requirements. The data and service features are accessed through either a secure user login from the home page or through “single sign on” within a customer’s own application. All data viewing, ordering functionality and integrated GIS mapping functionality are easily accessed from a single screen. The data catalogue is displayed in easy-to-navigate data collections and once ordered/downloaded the data can be loaded for use within the same map window.
Accessibility standards None or don’t know
Description of accessibility GeoStore is typically image-centric and mapping based. It does not support accessibility standards
Accessibility testing None
API No
Customisation available No

Scaling

Scaling
Independence of resources Performance is ensured through the use of load balancer technology, duplication of server resources in server farms, provision of substantial internet bandwidth and continuous service monitoring.

Analytics

Analytics
Service usage metrics Yes
Metrics types All incoming/outgoing traffic is logged so the service can report many metrics including number of requests, number of requests by type, number and identity (username) of users/companies making the requests, daily/weekly/monthly/annual usage, datasets being requested, orders placed, spatial location and extents of requests.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach View, order and download data or receive data on media.
Data export formats
  • CSV
  • Other
Other data export formats
  • JPEG
  • GeoTIFF
  • PNG
  • ASCII grid
  • GML
  • KML
  • DXF
  • SHP
  • GDB
Data import formats
  • CSV
  • Other
Other data import formats
  • JPEG
  • GeoTIFF
  • PNG
  • ASCII grid
  • GML
  • KML
  • DXF
  • SHP
  • GDB

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability Our standard service availability is 99%. Enhanced service availability can also be provided to meet your requirements.
Service credits are not offered as standard for our services, but is they are required, Airbus would be happy to discuss this on a case by case basis.
Approach to resilience Resilience is ensured through the use of load balancer technology, duplication of server resources, redundant internet connectivity, power protection (UPS) and managed RAID storage.
Outage reporting All affected customers are notified via an email alert. Additional options include notifications through a news feed and RSS feed on the service home page, when purchased with the service.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Username or password
Access restrictions in management interfaces and support channels Full user authentication and managed firewalls
Access restriction testing frequency At least every 6 months
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users receive audit information on a regular basis
How long supplier audit data is stored for User-defined
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 BSI
ISO/IEC 27001 accreditation date 24/04/2018
What the ISO/IEC 27001 doesn’t cover This service is managed by the Airbus Defence and Space Intelligence (UK) Programme Line. This certification information is for Airbus Defence and Space Intelligence (UK) with offices in Guildford, Leicester, Newcastle and Newport. Any services outside of Intelligence (UK) are not covered by this certification.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Cyber Essentials Plus

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards Cyber Essentials Plus
Information security policies and processes Airbus is committed to providing good security practices, our IT infrastructure and access controls were put together following the guidelines and good practice of ISO 27002:2013, Code of Practice for Information Security Management and is compliant with the requirements of ISO 27001:2013. The Information Security Management System (ISMS) covers interlinked processes controlled by an IS Policy, covering:

* Physical and Environmental security on access control to buildings and restricted areas,
* Communications and operations of computer systems and network facilities,
* Preservation of data,
* Asset management with levels of protection,
* Information Security Incident management and reporting
* Compliance to data and information regulations
* Electronic Commerce Services
* Personnel Security Responsibilities and Information Security training
* Information System Acquisition and Development
* Business Continuity and Disaster Recovery Plan

The ISMS is the responsibility of the Deputy Managing Director in close liaison with the Security Council made up of IT personnel, Security, Facilities and Quality Assurance Managers. The objective being to maintain, develop and keep secure the information Assets in accordance with Security Policy requirements and the needs of the business and Customers. This includes availability, capacity, business continuity and security monitoring and policy.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Airbus’s well-defined process evaluates changes in order to prevent unintended incidents affecting the quality and security of our services. One key element is the consideration of security implications whereby we follow standard methods and procedures to assess and resolve any risks. The Change Management process is regularly audited internally against ISO9001 and ISO27001 to ensure it continually meets these standards. Airbus’s Configuration Management Plan identifies responsibilities and procedures, as well as technical baselines and configuration data that are to be established and maintained. The Release/Configuration Manager records what is deployed and where, and manages the versioning of all Configuration Items.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Airbus has a vulnerability management framework that will be customised for G Cloud requirements. Regular patching forms part of the overall process, information / alerts on potential threats will be provided by the relevant software vendors RedHat, Microsoft, GovCERT etc. On identification of a potential technical vulnerability, a vulnerability risk assessment is to be carried out to determine which systems are affected, the likely impact upon each and the actions or controls that are available to mitigate the associated risks. Addressing of any potential technical vulnerability is to be proportionate and timely.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Airbus will work with the customer to establish protective monitoring controls relevant to the service or solution provided. An industry standard security information and event management package will deployed to gather and analyse the collected log/event information against the protective monitoring controls. Altering or reporting of any incidents detected will also be defined and agreed with the customer.
Ensuring the correct protective monitoring controls are defined and managed over time is key to the operation of the protective monitoring system.
Incident management type Supplier-defined controls
Incident management approach All Security incidents are promptly reported via the BMS incident tool. The Security Council will with the appropriate service team:
• initiate collection of evidence
• investigate incident;
• ensure that incident is clearly identified;
• document incident and its handling/resolution
• implement necessary immediate corrective action
• escalate within the company or to a corporate level as appropriate;
• escalate to customers or clients as appropriate;
• identify any preventive measures to be considered;
• make sure incident is reported at next meeting of the Security Council;
• inform those involved with incident of the outcome of the investigation.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £3000 per unit per month
Discount for educational organisations No
Free trial available Yes
Description of free trial If you would like to carry out a trial of our service, please contact us to discuss your individual requirements.

Service documents

Return to top ↑