RE-SOLUTION DATA LTD

Managed Security Services

Re-solution provide comprehensive managed security solutions utilising Cisco’s CloudCenter platform. CloudCenter is an application-centric hybrid cloud management platform that securely provisions infrastructure resources and deploys applications to data centre, private cloud, and public cloud environments.

Features

  • Model a cloud-agnostic blueprint
  • Multi Tenancy
  • Centralise governance and security
  • Deploy on demand to a data centre or cloud
  • Manage with a wide range of actions
  • Use enterprise-class features
  • Results in better user support and faster service resolution
  • Control and understand costs with your Cloud environments

Benefits

  • Quickly and easily build a cloud-independent application profile
  • Govern Shadow IT usage
  • One-click deployment to any data centre or cloud environment.
  • A wide range of application life-cycle actions to set policies
  • Single platform across datacentre, private cloud and public cloud environments
  • A secure, scalable, multi-tenant solution
  • Precise access control, network isolation, encryption, customer controlled key vaulting
  • Works with many types of applications
  • Fast time to value

Pricing

£31 per virtual machine per month

Service documents

G-Cloud 10

975126326112237

RE-SOLUTION DATA LTD

Sean Draper

02038808369

sales@re-solution.co.uk

Service scope

Service scope
Software add-on or extension Yes
What software services is the service an extension to Service Now
Cloud deployment model Hybrid cloud
Service constraints No
System requirements Implementation on-premise (VM Ware) or public cloud (AWS, Azure, etc)

User support

User support
Email or online ticketing support Yes, at extra cost
Support response times Dependent upon SLA. Contract can be 24x7, 365 day support agreement with guaranteed response no later than 4 hours.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels On site and remote hands support are in addition to standard Cisco CloudCenter provided support, and are agreed in consultation with prospective customers at the start of the service.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started The CloudCenter product suite is available online and covers installation, best practice, configuration and management: http://docs.cloudcenter.cisco.com/display/HOME/CloudCenter+Documentation
Workshops and associated in person training can be provided as needed based on the needs of the customer.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction The CloudCenter product is a solution that exists inside of the customer's own environment, be it cloud or on premises. Any unique data that was stored on the CloudCenter nodes can be gathered prior to removing them from operation with no restriction.
End-of-contract process Re-solution will provide any end-of-contract assistance as an additional service. Any additional transitional assistance shall be chargeable as per Re-solution's SFIA rate card.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices No
Accessibility standards None or don’t know
Description of accessibility The service is available as a Software-as-a-Service (SaaS) solution, which utilises their own portal. It can be also be accessed via a service desk such as ServiceNow.
Accessibility testing Answer later
API Yes
What users can and can't do using the API CloudCenter has mature, documented APIs. Everything users can do from the UI, you can access via API.

CloudCenter has an extensive range of API support. Full details and documentation on these and their support can be found at:

https://editor-docs.cloudcenter.cisco.com/display/40API/CloudCenter+API+Overview
API documentation Yes
API documentation formats HTML
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Cisco CloudCenter provides a highly customisable single-platform solution. Each component represents a service like OS, or application or web server, database, etc. You can use out of box, or easily customize or add your own. It supports configuration management tools, PaaS and cloud services, as well as containers. 

Organisations can start with one application in one cloud or manage multiple applications across multiple environments. It works with a simple virtual machine or with complex, multi-tier application stacks..

Application profiles are easily created with a simple, visual, drag-and-drop topology modeler using a library of ready-to-use or customised services, images and containers.

You can:
Install Workers.
Configure Clouds.
Create Instance Types.
Create Deployment environments.
Set up role-based access control.
Create User specific branding and logos.
Create Multi-tenancies.

Scaling

Scaling
Independence of resources The solution combines a cloud-independent application profile, which defines deployment and management requirements for the application stack, with a cloud-specific orchestrator, which abstracts the unique aspects of the environment and provisions infrastructure and deploys and configures application components in a way that is optimised for that environment’s infrastructure and cloud services.

Analytics

Analytics
Service usage metrics Yes
Metrics types CloudCenter offers extensive reporting to manage the service, including:
• Cloud accounts: Manage cloud regions, usable OS images and services, and custom pricing. Create use-specific deployment environments.
• Tenant, groups, and users: Grant access rights to tenants, subtenants, groups, and users and accelerate user activation with activation profiles. Grant access rights and use plans based on the role or specific resource.
• Financial controls: Limit spending with fixed and variable use plans and bundles for different users.
• Usage reporting: Aggregate precise use, activity, and cost reports.
• Tag-based governance rules: Simplify and automate user placement, deployment and run-time decisions.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Reseller providing extra features and support
Organisation whose services are being resold Cisco

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with another standard
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach CloudCenter allows the ability to import and export a range of information relating to the operation and management of the service and data including application profiles and other information.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network Users can select additional levels of transit security on request.

Availability and resilience

Availability and resilience
Guaranteed availability Software is deployed to a user specific virtual machine or combination of physical and cloud environments. We monitor our operation continuously and in any event work on all products to ensure a 99.9% service availability.
Approach to resilience HA configuration and strategy available on request
Outage reporting Via the service desk
email alerts
Phone (priority dependent)

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Restrictions are provided based on RBAC (Role Based Access Controls)
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 BSI
ISO/IEC 27001 accreditation date 20/10/2017
What the ISO/IEC 27001 doesn’t cover Everything is covered in the ISO/IEC 27001 certification.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes We operate to an internal security information policy process which adheres to applicable legislation and regulatory requirements. This covers personal, sensitive, critical and business data and corporate assets. Our standards are in excess of that set out by the Data Protection Act.

Our information head is our operations director who is responsible for company wide governance.

Further detail available upon request.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach CloudCenter releases are automated by Cisco and do not impact the service in real-time so clients always have service availability
Vulnerability management type Supplier-defined controls
Vulnerability management approach CloudCenter is a product that resides in the clients environment. 
Vulnerability testing and management can be determined and agreed at the time of service design and deployment.

Further detail available upon request..
Protective monitoring type Supplier-defined controls
Protective monitoring approach Managed services staff are instructed to flag tasks which effect security as "Reportable Incidents". Reportable Incidents are reviewed every 4 weeks and either closed or escalated to "Security Incidents".
Incident management type Supplier-defined controls
Incident management approach Incident management procedures conform with ISO/IEC 27001: 2013. 

Events that are classified as incidents include malware infections, excessive spam, information system failures, Denial of loss of service. 

A thorough review is carried out following all incidents and all findings are detailed in a report available to all customers.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £31 per virtual machine per month
Discount for educational organisations No
Free trial available No

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑