SPS - Large Document Template
advertisement
NOT PROTECTIVELY MARKED Compute as a Service Production GCloud 4 Version: 1, Issue Date: 19 September 2013 NOT PROTECTIVELY MARKED NOT PROTECTIVELY MARKED ii © Capita Secure Information Solutions Ltd 2016. Other than for the sole purpose of evaluating this Service Description, no part of this material may be reproduced or transmitted in any form, or by any means, electronic, mechanical, photocopied, recorded or otherwise or stored in any retrieval system of any nature without the written permission of Capita Secure Information Solutions Ltd. Capita Secure Information Solutions Ltd, Methuen Park, Bath Road, Chippenham, Wilts SN14 0TW Telephone: 08456 041999, Fax: 08456 042999 Registered Office: 17 Rochester Row, London, SW1P 1QT. Registered in England No. 1593831 Vat Reg No. GB 618 1841 40 File: DOCUMENT1 Doc Reference: CUST-0000-0000 Issue: 1 Document Type: Service Description Copyright: Capita Secure Information Solutions Ltd 2016 NOT PROTECTIVELY MARKED 1 Contents 1 Overview .................................................................................................................... 2 2 Description ................................................................................................................ 2 3 Example use cases ................................................................................................... 2 4 Product features ....................................................................................................... 3 5 Pricing ........................................................................................................................ 4 6 Technical features .................................................................................................... 1 7 Backup / Recovery & Disaster Recovery ............................................................... 4 8 Information assurance: Impact Level (IL) at which the G-Cloud Service is accredited to hold and process information ......................................................... 4 9 On-boarding and off-boarding ................................................................................ 4 10 Service options ......................................................................................................... 5 11 Service management ................................................................................................ 6 12 Service levels ............................................................................................................ 6 13 Service constraints................................................................................................... 7 14 Training ...................................................................................................................... 8 15 Ordering and invoicing ............................................................................................ 8 16 Service lead time ...................................................................................................... 8 17 Termination ............................................................................................................... 8 18 Data restoration / service migration ....................................................................... 9 19 Consumer responsibilities....................................................................................... 9 20 Technical requirements ........................................................................................... 9 File: DOCUMENT1 Doc Reference: CUST-0000-0000 Issue: 1 Document Type: Service Description Copyright: Capita Secure Information Solutions Ltd 2016 NOT PROTECTIVELY MARKED 1 2 Overview Compute as a Service from Capita is an Infrastructure as a service (IaaS) offing which enables organisations to provision and scale secure Virtual Machines in minutes, in a flexible and autonomous manner. Fully configurable, scalable and resilient, the platform allows both technical and non-technical people to quickly build simple environments or enable complex tiered solutions. Capita have achieved Pan Government Accreditation for both IL2 and IL3 data for this service, meaning that a significant proportion of assurance has already been completed thus allowing Public Sector Organisations to gain the benefits of secure, purpose built, on-demand compute resources that meet their stringent requirements, all on a true utility (pay for what you use) consumption model. Capita provide Compute as a Service at a range of Impact Levels and Service Levels – up to 99.99% availability – allowing Consumers the ability to match their application / user needs to an appropriate impact level, service level and cost instead of designing everything to the highest level when not needed. 1.1 Highlights Pan Government Accredited - Suitable for IL0, IL1, IL2 and IL3 data. PGA accredited IL2 to IL3 Bridge (gateway) is available to facilitate Citizen access to secure systems. Exceptional value – lowest cost compute resources (from £0.02 per hour for workloads which are not performance sensitive or from £0.03 per hour for workloads requiring predictable performance) Immediately available at all impact levels – zero delay to your project. Flexible and Adaptable – add, remove or change your solution via the Capita Portal or our fully documented API. All datacentres are highly resilient, Tier3 and UK sovereign with >50 miles separation. Connectivity via the Internet or a government secure networks (e.g. PSN, GSI, etc.) or your own dedicated circuits such as Xcryptors, CPA, Leased Lines, MPLS, etc. 2 Description This services provides an organisation with a secure, scalable and flexible Virtual Data Centre (VDC). Consumers can easily create, clone and configure VMs (with associated network, storage and application tiering) with high Service Level Agreements (SLA) that support performance sensitive or critical workloads. Capita’s service has been designed specifically of for the UK public sector, and is available only to the UK public sector. The service supports and complies with all relevant areas of the Government ICT Strategy and Information Principles for the UK Public Sector. Capita’s datacentres are some of the most energy efficient in the world and as such support the Greening Government ICT Strategy in full. 3 Example use cases Organisations requiring enterprise / production class hosted environments, needing responsive deployments with scalable builds, release templates, catalogues and cloning of environments. Organisations looking to reduce costs on server running expenses for intranet sites, knowledge base portals etc. that are only required to be available during normal business hours. File: DOCUMENT1 Doc Reference: CUST-0000-0000 Issue: 1 Document Type: Service Description Copyright: Capita Secure Information Solutions Ltd 2016 NOT PROTECTIVELY MARKED 3 Organisation seeking a massively scalable infrastructure to host high volume websites and Citizen facing applications. Organisations requiring full control over their hosted environment whilst gaining on demand responsiveness, flexibility and scalability. Individual departments who use hosted applications that have monthly peaks in computing demands or only need to be available for a small period of time during a month. Organisations wanting to consume and pay for their infrastructure in an OPEX model. Organisations wanting greater efficiency and the ability to reduce their carbon impact. Organisations requiring an accredited infrastructure (IL2 and IL3) without wanting to incur the time, cost and risk of deploying and accrediting a dedicated infrastructure. 4 Product features Compute as a Service provides an accredited, secure and highly scalable compute platform which offers the following benefits: Build and configure VMs within minutes. Users can add more (or less) resources when needed. Already Pan Government Accredited to IL2 and IL3 – Organisations gain significant advantages in terms of costs, time and effort compared with how systems and platforms were built in the past. Range of services levels and VM sizes – chose the right service, and the right price for what you and your application / data require. Billed by the hour / resources used - enabling significant cost savings if VMs are turned off when not needed and on when they are. Expedites your project – no need to wait for infrastructure and deployment teams – new VMs are provisioned quickly via an easy-to-use self-service portal. Assured Security – the platform is Pan Government Accredited at both IL2 & IL3, hosted in highly resilient Tier3, UK sovereign data centres and benefits from QinetiQ’s Protective Monitoring solution at IL3. Green – the Capita service is based in UK data centres which offer market leading efficiency around power and cooling. A Capita solution will generate less Carbon than many other solutions. Compute as a Service from Capita offers an assured service including monitoring and management of the platform using best practice IT Service Management ITIL methodologies, with a clear SLA. The service is billed on the basis of the resources used or reserved during a period of time (1 hour minimum) based on metrics including VM size (memory, processors, storage), licenses and bandwidth. File: DOCUMENT1 Doc Reference: CUST-0000-0000 Issue: 1 Document Type: Service Description Copyright: Capita Secure Information Solutions Ltd 2016 NOT PROTECTIVELY MARKED 5 4 Pricing TEST & DEV BASIC STANDARD ENHANCED 2GHz vCPU 1 (500MHz) RAM (GB) IL0 IL2 IL3 IL0 IL2 IL3 IL0 IL2 IL3 IL0 IL2 IL3 0.5 £0.022 £0.033 £0.044 £0.033 £0.044 £0.055 £0.055 £0.066 £0.077 £0.275 £0.308 £0.385 Tiny 1 2 £0.066 £0.077 £0.110 £0.110 £0.143 £0.154 £0.154 £0.176 £0.231 £0.308 £0.363 £0.495 Small 2 4 £0.088 £0.099 £0.132 £0.154 £0.165 £0.187 £0.209 £0.231 £0.319 £0.363 £0.429 £0.594 Medium 4 8 £0.132 £0.165 £0.198 £0.286 £0.308 £0.341 £0.363 £0.407 £0.528 £0.473 £0.561 £0.781 Medium High Memory 4 16 £0.264 £0.308 £0.363 £0.429 £0.429 £0.495 £0.517 £0.583 £0.748 £0.748 £0.880 £1.221 Large 8 16 £0.297 £0.319 £0.418 £0.583 £0.616 £0.704 £0.748 £0.836 £1.089 £0.979 £1.155 £1.606 Large High Memory 8 32 £0.550 £0.583 £0.715 £0.946 £0.990 £1.133 £1.210 £1.353 £1.760 £1.793 £2.101 £2.629 Tier 1 Apps Small 8 48 £0.737 £0.781 £0.979 £1.320 £1.364 £1.562 £1.672 £1.870 £2.431 £2.442 £2.871 £3.564 Tier 1 Apps Medium 8 64 £0.924 £0.979 £1.221 £1.672 £1.749 £1.980 £2.134 £2.376 £3.113 £3.069 £3.608 £4.565 Tier 1 Apps Large 8 96 £1.298 £1.375 £1.716 £2.409 £2.497 £2.827 £3.058 £3.410 £4.455 £4.323 £5.082 £6.567 Micro1 Basic Storage (Primary storage only) £0.385 / GB / Month £0.385 / GB / Month N/A N/A N/A N/A £0.495 / GB / Month N/A N/A N/A N/A £1.65 / GB / Month 14 day Backup Retention2 £0.50 / GB / Month £0.50 / GB / Month N/A N/A 28 day Backup Retention2 £0.825 / GB / Month £0.825 / GB / Month £0.165 / GB / Month £0.165 / GB / Month Standard Storage (including 14 day backup) Enhanced Storage (including replication & 14 day replicated backup) Micro has a fixed 10GB storage allocation (no additional storage can be added to Micro VM’s) and a single 500Mhz vCPU. Micro VM’s must reside in a dedicated Virtual Data Centre (VDC) separate from other VM sizes. Consumers can configure a VPN between the Micro VDC and other VDC’s to enable network connectivity if required. 1 2 Backup storage must match the entire storage allocated to the VM being backed up (e.g. a VM with 150GB storage will require 150GB of backup where this option is specified). There is no option to partially backup a virtual machine. Price is per GB per month. The hourly VM charges above are incurred when the VM is running. When the VM is stopped the storage & backup charges are incurred at a pro-rated hourly rate based on the monthly charge File: DOCUMENT1 Doc Reference: CUST-0000-0000 Issue: 1 Document Type: Service Description Copyright: Capita Secure Information Solutions Ltd 2016 NOT PROTECTIVELY MARKED 5 above. This applies also to Consumer specific template images. When the VM (and associated storage) is deleted no charges are incurred. The pricing in the above table is based on GBP (£) per hour (part hour charged as a whole hour). Operating Systems If licensing operating systems through Capita, the following charges are applicable; Microsoft Windows (note that as per Microsoft Terms & Conditions, Capita must license this) Micro, Tiny VM Small VM Medium VM Medium High Memory Large VM, Large High Memory, Tier One Apps SPLA Type Per Hour per VM Academic £0.002 G-SPLA £0.008 Academic £0.003 G-SPLA £0.014 Academic £0.006 G-SPLA £0.029 Academic £0.006 G-SPLA £0.029 Academic £0.017 G-SPLA £0.084 RHEL Clients can chose to license through Capita and gain access to the RHEL Support. All VM Sizes Type Per Hour per VM RHEL £0.10 If Linux distributions are not licensed through Capita, Consumers should consider how VMs can be authenticated and patches received. Software Microsoft SQL If licensing SQL through Capita, the following charges are applicable and are based on the size of the VM: Tiny, Small, Medium, Medium High Memory Large, Large High Memory, Tier One Apps File: DOCUMENT1 Doc Reference: CUST-0000-0000 Issue: 1 SPLA Type Per Hour per VM Academic £0.09 G-SPLA £0.25 Academic £0.17 G-SPLA £0.50 Document Type: Service Description Copyright: Capita Secure Information Solutions Ltd 2016 NOT PROTECTIVELY MARKED 6 Connectivity Options Option Notes Price Internet Inbound Data Transfer £0.00p per GB Outbound Data Transfer £0.132p per GB PSN (IL2) Connectivity Access to the PSN on a reserved bandwidth model £48.40 per Mbps per DC per month PSN (IL3) Connectivity Access to the PSN on a reserved bandwidth model £275 per Mbps per DC per month GSI (IL3) Connectivity Access to the GSI on a reserved bandwidth model £412.50 per Mbps per DC per month IL0/IL2 Inter Data Centre Connectivity Both IL0 and IL2 inter data centre connectivity will utilise Skyscape’s IL0 inter data centre circuits (IL2 traffic will require a site-to-site VPN to suitably encrypt data). VM replication bandwidth is included in the price of ENHANCED VM’s. £0.132/GB/month IL3 Inter Data Centre Connectivity Consumers pay for access to Skyscape’s IL3 accredited resilient multi-gigabit inter data centre connectivity. Usage is not metered but is subject to a Fair Usage Policy. VM replication bandwidth is included in the price of ENHANCED VM’s. £550 per month Dedicated Leased Lines Leased line to be ordered and managed by the Consumer directly with a Skyscape approved Telco. Connection terminated on a Skyscape router. Per Data Centre Charge: £2,200 one off setup charge No recurring charge IL3 VPN Solutions CAPS approved or appropriate CPA assured solutions to be ordered and managed by the Consumer directly, requiring VPN devices to be hosted within the Skyscape data centre(s) Per Data Centre Charge: £2,200 one off setup charge £550 per month IL2-IL3 Data Bridge (aka Guard) Skyscape uniquely provide a Pan Government Accredited bridge to facilitate access to IL3 systems by the Public/citizens. Requires your application design to be reviewed and approved by the PGA accreditor. Per Data Centre Charge: No one off setup charge £1,100 per month IP addresses IP Addresses over those provided as standard can be provided by requires approval from Skyscape Administration Charge £220 per IP Address Colocation of equipment See specific Service Description See specific Service Description Data ingestion and extraction In many circumstances, Capita can help facilitate the bulk import or export of Virtual Machines and associated data to/from the platform. This service option is priced on a time and materials basis form the Capita SFIA rate card. All pricing is exclusive of VAT. File: DOCUMENT1 Doc Reference: CUST-0000-0000 Issue: 1 Document Type: Service Description Copyright: Capita Secure Information Solutions Ltd 2016 NOT PROTECTIVELY MARKED 6 1 Technical features Compute as a Service offers organisations full management of their environment through a secure web portal which will enable users to complete the following; Build VMs either from pre-defined templates or by specifying the exact requirements from memory (256MB to 96GB), processors (1 to 8 vCPU), storage and installing a wide range of operating systems, including Windows Server 2008 R2, Redhat Enterprise Linux 6 and CentOS 6 – in minutes. Special “Micro” sized VM’s designed specifically for lightweight Linux distributions Stop, start, clone and delete VMs. Reconfigure virtual hardware “on the fly” – changing memory, processors, network and storage as and when needed. Manage and define all firewall security rules and/or policies. Set and control access, user profiles and capabilities. Upload own operating systems, applications and data, or alternatively select from Capita’s catalogue of template based standard OS configurations. Control the environment via an easy-to-use self-service portal or programmatically through a documented API. Users can select from the predefined VMs below: Virtual CPU RAM (GB) Micro 1 (500Mhz) 0.5 Tiny 1 2 Small 2 4 Medium 4 8 Medium High Memory 4 16 Large 8 16 Large High Memory 8 32 Small Tier One Apps 8 48 Medium Tier One Apps 8 64 Large Tier One Apps 8 96 All VMs (except Micro) come with 50GB of storage by default included in the price, additional storage can simply be added as required and is bought on a per GB basis. Micro comes with a fixed 10GB allocation which cannot be expanded. Other important information: Leased line and site to site VPN connectivity for remote access is available. Each organisation is provided with 3 useable external IP address by default, these are not transferable. Additional IP addresses maybe available on request. File: DOCUMENT1 Doc Reference: CUST-0000-0000 Issue: 1 Document Type: Service Description Copyright: Capita Secure Information Solutions Ltd 2016 NOT PROTECTIVELY MARKED 2 Memory and processors are uncontented and so performance is certain to be predictable at the BASIC, STANDARD or ENHANCED Service Levels. The TEST & DEVELOPMENT Service Level is subject to resource contention and so performance might be more variable. Micro VM’s must reside in a dedicated Virtual Data Centre (VDC) separate from other VM sizes. Consumers can configure a VPN between the Micro VDC and other VDC’s to enable network connectivity if required. Each organisation can create their own catalogues of software and operating systems, providing gold images for other users to build and replicate from. VMs and storage (including backups) are persistent – they are not deleted when the VM is stopped. Data transfer between VMs within an organisations environment is free whilst within the same data centre. When transferring data between data centres (for example for back up), charges will be incurred Capita use VMware vSphere as the hypervisor for this IaaS service. Software The VM templates offer the organisation a default configuration operating system, allowing them to configure it how they require. VM templates do not have third party applications such as Java or Adobe for example. It remains the organisations responsibility to manage, license and install these. Anti-virus is not included. Capita recommend customers deploy an appropriate Antivirus solution as part of their Assurance Plan. Backup TEST & DEVELOPMENT BASIC STANDARD ENHANCED Availability Optional Cost Optional Cost Inclusive Inclusive Default Retention Period 14 days 14 days 14 days 14 days Maximum Retention Period 28 days 28 days 28 days 28 days Replicated Backup No No No Yes Backup Location Local or Remote DC Local or Remote DC Local or Remote DC Local and Remote DC Backup Frequency Once every 24 hours Once every 24 hours Once every 24 hours Once every 24 hours Recovery Via Service Request Via Service Request Via Service Request Via Service Request Backups include the whole Virtual Machine (crash consistent snapshot) and so partial backups are not supported Backups do not include the Virtual Data Centre configuration (e.g. firewall rules, load balancing configuration, etc). Additionally, Organisations can purchase capacity on the Capita “Storage as a Service” platform on which can be used to keep secondary copies of data. This can be achieved via manual data copy, scripted data copy or the use of supported backup applications such as Commvault, Networker and others. Such data can be replicated between data centres for even higher data protection. File: DOCUMENT1 Doc Reference: CUST-0000-0000 Issue: 1 Document Type: Service Description Copyright: Capita Secure Information Solutions Ltd 2016 NOT PROTECTIVELY MARKED 3 Licensing Licensing of the Hypervisor is included within the service In line with Microsoft Terms & Conditions, licenses for Microsoft Windows operating systems must be provided by Capita. Other Microsoft licenses (e.g. applications such as Exchange, SQL, etc) on existing agreements have the potential to be used under Microsoft’s ‘License Mobility’. o Capita can provide G-SPLA or Charity & Academic Licensing. o Capita reserve the right to change SPLA pricing in line with Microsoft. Licenses/Subscriptions for Red Hat Enterprise Linux Operating Systems can be provided by either party. Licensing for all other software is the responsibility of each Consumer. Billing Billing is per hour, each partial hour consumed will be billed as a full hour. Whilst a VM is stopped, charges will be applied to the persistent storage/backup element. If reconfiguring or resizing a VM outside the pre-defined templates, pricing is based the next closest sized machine in an upwardly fashion. Monitoring The availability of the Compute as a Service platform and each VM will be monitored by Capita to ensure the Service Level Agreements are met. Capita will not monitor the operating system and applications inside of the VMs, this can be implemented by the Consumer. Organisations have access to online reports including useful statistics such as number of VMs, performance, size, users and real time costs and usage. For VM performance, this requires VM tools to be installed on the operating system. File: DOCUMENT1 Doc Reference: CUST-0000-0000 Issue: 1 Document Type: Service Description Copyright: Capita Secure Information Solutions Ltd 2016 NOT PROTECTIVELY MARKED 7 4 Backup / Recovery & Disaster Recovery As standard, localised component failures are tolerated within the infrastructure by eliminating all single points of failure (including physical server failure or disk failure). Consumers are also advised to consider building in high availability and fault tolerance at the Virtual Machine level (e.g. load balancing across multiple virtual machines). In this way, service will be automatically restored in most situations. Backup Further, organisations have the option to back data up or take “snapshots” and “clones” of VMs which can provide additional protection. Consumers can back-up their data themselves using the Capita Storage as a Service solution or can choose to procure the optional automated backup on a per GB per month basis. Disaster Recovery For Consumers choosing the ENHANCED Service Level, Capita will replicate the VMs and associated data to a second UK locale which provides a robust solution for more substantial failure of the primary environment (e.g. site failure) At the TEST& DEVELOPMENT, BASIC and STANDARD service levels: Organisations can choose to deploy independent VM’s in each site and implement application level replication utilising Capita’s secure and scalable inter-datacentre circuits (at additional cost). In the event of a site failure, the Consumer is able to failover their environment to the second data centre. Organisations can choose to have backups stored at the remote site. In the event of a major failure affecting the primary data centre, Capita will endeavour to allow Consumers to reprovision their environment within the second data centre. Consumers should note that this is subject to available capacity within the second data centre. If consumers require certainty that capacity will be available in the event of DR, it is recommended that VM’s are procured at the second data centre. NOTE: Capita backups include the whole VM but not the Virtual Data Centre configuration (e.g. firewall configuration, load balancing, virtual networking, etc) which would need to be reconfigured by the Consumer manually. 8 Information assurance: Impact Level (IL) at which the G-Cloud Service is accredited to hold and process information Compute as a Service has achieved Pan Government Accreditation (PGA) for data at Impact Level 2 and Impact Level 3. Suitable for IL0, IL1, IL2 and IL3 data. In addition of PGA for IL2 and IL3, Capita also hold independent ISO9000, ISO20000 and ISO27001 accreditations which underpin our business operations and Cloud Platform. All datacentres are highly resilient Tier3, UK sovereign and separated by >50 miles for geographical diversity. Capita staff are Security Cleared and based in the UK 9 On-boarding and off-boarding 9.1 On-boarding Within 48 hours of acceptance of an order, Capita will create the Consumers Primary Administrator account and send the consumer a Welcome Pack which includes the URL for the Capita Customer Portal and associated authentication details. File: DOCUMENT1 Doc Reference: CUST-0000-0000 Issue: 1 Document Type: Service Description Copyright: Capita Secure Information Solutions Ltd 2016 NOT PROTECTIVELY MARKED 5 The Consumers Administrator is then able to create additional user accounts and allocate roles and privileges for users within their project. Each user can then simply log on and begin using the service. As part of the initial order, Consumers can select the Capita FASTstart option on the order form. This is a free service in which Capita will automatically provision the VMs stated at the specification required. As Capita has two UK DC’s, a Consumer can request to be deployed into a specific one at the time of the order if they require. Whilst unlikely to ever be rejected, this remains at Capita discretion. 9.2 Off-boarding Prior to terminating the contract, the Consumer is able to transfer all their data out of the solution (e.g. using the Capita portal to export Virtual Machines). When the organisation terminates their agreement with Capita, Capita ensures all of the organisation’s data is deleted. 10 Service options Capita provide four Service Levels to choose from: TEST & DEVELOPMENT compute is hosted in one UK DC with no backup included by default. Typical use cases can include short term testing and development projects or less critical workloads such as temporary applications. If backup is required then Consumers can pay per GB at the rates above or deploy their own solution using Capita Storage as a Service. BASIC compute is hosted in one UK DC with no backup included by default. Typical use cases can include true cloud applications which are designed for failure, short term Pilots & PoC’s or when disposable compute resources are required. If backup is required then Consumers can pay per GB at the rates above or deploy their own solution using Capita Storage as a Service. STANDARD compute is hosted in one UK DC and includes a local backup for 14 days within the price of both the VM and additional storage. In addition, backups can be stored within the second DC at an additional charge. Typical uses cases include Enterprise / Production environments requiring the additional protection of automated backup included. This solution can be engineered to help a Consumer design a solution that is highly resilient. ENHANCED compute offers Consumer a turnkey solution that contains a highly resilient environment by continually replicating the live VMs over to the second DC in real time, offering near zero RPO and RTO’s to help Consumers with their Disaster Avoidance plans. The service includes a local and remote backup for 14 days within the price of both the VM and additional storage. Backups: Where included, Capita take a snapshot of the VM each day and store that according to the profile chosen (location & retention). If Consumers requires a 28 day retention period, then this additional backup storage is charged on the above rates minus that amount included in the Service Level. A summary of the Service Options is below: Service Level Agreement TEST/DEV BASIC STANDARD ENHANCED 99.90% 99.95% 99.99% 99.99% File: DOCUMENT1 Doc Reference: CUST-0000-0000 Issue: 1 Document Type: Service Description Copyright: Capita Secure Information Solutions Ltd 2016 NOT PROTECTIVELY MARKED 6 Compute Environment Location Single UK DC Single UK DC Single UK DC Dual UK DC Disaster Recovery between DCs No No No Yes Performance of VM Contended Uncontended Uncontended Uncontended Inclusive 14 day backup Not included but optional at above rates Not included but optional at above rates Yes – Local Yes – Local and Remote 28 day backup retention Not included but optional at above rates Not included but optional at above rates Not included but optional at above rates Not included but optional at above rates Potential Backup location Local or Second DC Local or Second DC Local or Second DC Dual UK DC Storage included (GB)1 50 50 50 50 QinetiQ Protective Monitoring Included for IL3 IaaS Optional for IL2 IaaS and OS/App components 1Micro 11 VM has 10GB of storage included Service management As a true Cloud service aligned to the NIST definition of IaaS, the service is designed to be self managed via the secure online Capita portal (or API) which provides common Service Management functionality and addresses standard requirements. On rare occasions, Capita may decide to assign an experienced, qualified ITIL Service Delivery Manager to some Consumers. In these cases, the SDM will provide additional assistance with reporting, incident escalation and continual service improvement, at all times following Capita’s ISO20000 certified ITIL-based process framework. For Organisations that require more of a managed service, Capita work with a number of Partners which have extensive capability to provide a Managed Service wrapper around the Capita IaaS. Capita will be pleased to make an introduction where appropriate. Capita may use MDS Technologies as a subcontractor. Other subcontracts can / may be used. 12 Service levels Capita provide both an Availability SLA and Response Time SLA for the Compute as a Service for Test & Development service as per the following table. Availability (monthly*) TEST/DEV BASIC STANDARD ENHANCED 99.90% 99.95% 99.99% 99.99% P1 – within 15 minutes P2 – within 4 hours P3 – within 24 hours P4 – within 72 hours Incident response P1 – hourly P2 – every 2 hours P3 – every 24 hours P4 – every 24 hours Incident update Communication Auto email response with access to File: DOCUMENT1 Doc Reference: CUST-0000-0000 Issue: 1 Auto email response with access to Bespoke email P1/P2 Phone P3/P4 Bespoke Document Type: Service Description Copyright: Capita Secure Information Solutions Ltd 2016 NOT PROTECTIVELY MARKED 7 TEST/DEV BASIC online portal online portal STANDARD ENHANCED Incident review FAQs via online portal FAQs via online portal Incident Report Incident Report Service credits 3% of monthly spend 5% of monthly spend 10% of monthly spend 15% of monthly spend email Capita customer support advisor * Availability indication based on an average 730hrs per month. Excludes planned & emergency maintenance. Unavailability applies to existing VMs where the VM becomes unresponsive due to a fault recognised at the hypervisor layer or lower: i.e. fault is not within the Consumers control (OS, Applications, user networks) fault is within Capita controlled components such as the virtual infrastructure, storage, power and physical firewalls & routers etc. External connectivity providers (e.g. internet, PSN, GSi) and components collocated at Capita are also not included in the availability calculation. In addition, Capita also provide an Availability Service Level Target on the Capita Portal i.e. the ability to log into the portal to create support tickets and use other functions. Target Availability (monthly*) Client Portal Availability (monthly) 12.1 99.90% Financial recompense model if service levels aren't met If the service level falls below the stated availability percentage (excluding Planned and Emergency maintenance periods), consumers will be eligible for service credits on affected VM’s only. Service credits will be calculated as a percentage of the fees for the affected services for the monthly billing period during which the failure occurred (to be applied at the end of the billing cycle). Service Credit Cap Compute Environment: TEST & DEVELOPMENT Service Level 3% of monthly spend 3% of monthly spend Compute Environment: BASIC Service Level 5% of monthly spend 5% of monthly spend Compute Environment: STANDARD Service Level 10% of monthly spend 10% of monthly spend Compute Environment: ENHANCED Service Level 15% of monthly spend 15% of monthly spend Client Portal 1% of monthly spend per 5% below service level target or part thereof Up to 5% of monthly spend 13 Service constraints Capita will adhere to the following in terms of maintenance windows; File: DOCUMENT1 Doc Reference: CUST-0000-0000 Issue: 1 Document Type: Service Description Copyright: Capita Secure Information Solutions Ltd 2016 NOT PROTECTIVELY MARKED 8 “Planned Maintenance” means any pre-planned maintenance of any infrastructure relating to the Services. Capita shall provide the Client with at least twenty four (24) hours’ advance notice of any such planned maintenance: Planned maintenance of Capita’s infrastructure relating to the Services shall happen between the hours of 00:00 and 06:00 (UK local time) Monday to Sunday and/or between the hours of 08:00 and 12:00 (UK local time) on a Saturday and/or Sunday. No planned maintenance will take place on a Saturday unless agreed in advance by both parties; Planned Maintenance shall be excluded from any availability calculation in regard to service credits but shall be included in the monthly service reporting; “Emergency Maintenance” means any emergency maintenance of any of the infrastructure relating to the Services. Whenever possible, Capita shall provide the Client with at least six (6) hours’ advance notice: Whenever possible Emergency Maintenance of Capita’s infrastructure will happen between the hours of 00:00 and 06:00 (UK local time) Monday to Sunday and/or between the hours of 08:00 and 12:00 (UK local time)on Saturday and/or Sunday unless there is an identified and demonstrable immediate risk to a Clients environment; Emergency Maintenance shall be excluded from any availability calculation in regard to service credits but shall be included in the monthly service reporting. 14 Training Capita have created a number of videos, help guides, manuals and FAQs to help train and instruct users so that are up and running quickly and easily. Capita can also deliver additional services such as training, support and managed services. 15 Ordering and invoicing Billing for the service is monthly in arrears. Payment can be via Purchase Order and Direct Debit. Capita are preparing to be able to accept Debit/Credit Card payments (e.g. Government Procurement Card) – please enquire at time of order to check whether this is available. 16 Service lead time Setting up a new organisation will typically be completed within 48 hours from acceptance of order. Shorter deployment times are typically achieved and can be prioritised upon request. Once set up Organisations have instant access to additional compute and storage resources with no notice period required as they manage this themselves. 17 Termination 17.1 Terms At the point of termination, all consumer data, accounts and access will be permanently deleted, and will not be able to be subsequently recovered or restored. 17.2 Costs There are no termination costs for this Service. Consumers are responsible for extracting their own data from the platform if required. Capita may make an additional charge for transferring data out of the service. File: DOCUMENT1 Doc Reference: CUST-0000-0000 Issue: 1 Document Type: Service Description Copyright: Capita Secure Information Solutions Ltd 2016 NOT PROTECTIVELY MARKED 18 9 Data restoration / service migration For service migration, Capita allows existing VM images built using VMware or compatible Open Virtualisation Format (OVF) to be migrated to and from the platform via the Capita Portal. In many circumstances, Capita can help facilitate a bulk migration to the platform using local data import. This is priced on a time and materials basis form the Capita SFIA rate card. 19 Consumer responsibilities The control and management of access and responsibilities for end users including appropriate connectivity, security and accreditation if required. Where access is required over GSI or PSN, the consumer is responsible for adhering to the Code of Connection and assigning appropriate IP addresses from their own allocation to their services hosted on the Capita platform. Management and administration of layers above the Hypervisor (e.g. OS patching, application performance monitoring, user administration, etc). As a core benefit of the Cloud Platform, consumers are expected to self-manage the environment including provisioning (which can be facilitated by Capita as part of the FASTstart service), stopping/starting virtual machines, AV, patching, etc. Consumers must be aware of the variable nature of the billing based on usage. The consumer is also responsible for ensuring only appropriate data (e.g. IL0-IL2 or IL3) is stored and processed by applications on this environment and that they comply with the Capita Security Operating Procedures (SyOps) and other information assurance requirements as specified in Capita System Interconnect and Security Policy (SISP) and associated accreditation documentation sets. 20 Technical requirements Consumers will require appropriate network connectivity such as internet access (IL0-IL2) or accredited connectivity such as a government secure network (IL3) to the Capita Cloud Platforms. Connectivity via the internet, a government secure network (PSN, GSI) or private leased line is available but may incur additional charges if the hosting of CPE routers is required - see the pricing section for more details. Where required, Consumers are responsible for procuring and managing appropriate devices or software to meet the requirement for data security over the various forms of connectivity. Consumers have a number of options to choose from with Capita to access their environment dependant on their requirement. The below are guides to demonstrate what is possible but may require further engagement to explain further: IL0 – 2 Standard Internet connectivity over common protocols (HTTP, HTTPS, SSH, etc) o Non-standard ports considered via Service Request Secure commercial grade VPN o Self-managed Site-to-Site IPSEC VPN to the Capita compute environment o Self-managed SSL VPN to the Capita compute environment PSN - You will need to assign part of your PSN IP allocation to your services hosted by Capita Leased Line (CAS(T) compliant) or non-CAS(T) using CPA/PEPAS overlay encryption IL3 Preferred connectivity is over a Government Secure Network such as GSI or PSN File: DOCUMENT1 Doc Reference: CUST-0000-0000 Issue: 1 Document Type: Service Description Copyright: Capita Secure Information Solutions Ltd 2016 NOT PROTECTIVELY MARKED 10 PSN/GSI - You will need to assign part of your PSN/GSI IP allocation to your services hosted by Capita PSN or CAS(T) Leased Line (IL3 over IL2) o CPA/PEPAS approved solution providing overlay encryption (e.g. Cisco ISR/ASR) IL0 (e.g. Internet or non CAS(T) circuit) to IL3 VPN o Site-to-Site VPN using CAPS approved solutions (e.g. Ultra AEP Xcryptor) o CPA assured solution where Foundation Grade assurance is appropriate (e.g. Cisco ISR/ASR) IL3 Leased Line (assured network connection) Consumers will require appropriate OS/App Patching, Antivirus, Protective Monitoring (for OS, Apps and user networks only), etc as appropriate as part of the assurance plan for the application. File: DOCUMENT1 Doc Reference: CUST-0000-0000 Issue: 1 Document Type: Service Description Copyright: Capita Secure Information Solutions Ltd 2016 NOT PROTECTIVELY MARKED File: DOCUMENT1 Doc Reference: CUST-0000-0000 Issue: 1 1 Document Type: Service Description Copyright: Capita Secure Information Solutions Ltd 2016
