• No results found

IBM Web Server as a Service

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "IBM Web Server as a Service"

Copied!
8
0
0

Loading.... (view fulltext now)

Download now ( 8 Page )

Full text

(1)

IBM Web Server as a Service

(2)

1. Summary

1.1 Service Description

This offering is provided by IBM Global Business Services and provides a Web Server capability. The supplied platform is an Apache HTTP-based web server. The service can authenticate web requests against a Lightweight Directory Access Protocol (LDAP) server over secure and unsecure connections.

In addition, the offering includes;

• Proactive monitoring of the Web Server platform from 8am-6pm Mon-Fri and 9am-5pm Sat/Sun and UK Bank Holidays.

• Initial response to system alerts – e.g. restart of failed process or node using procedures provided by the client

• Escalation of any issues which are not resolved to the individual or organisation nominated by the client

This offering is designed to provide a Web Server platform which comes deployed on an IL0, IL2 or IL3 pan-government accredited cloud. An established and mature team will build and monitor your Web Server platform and will provide an initial response to an alert, along with a mechanism to get the client team involved should the issue be more complex.

1.2 Service Characteristics

Lot Cloud Infrastructure and Hosting (Platform as a service)

Applicability Any organisation which requires a Web Server platform at IL0, IL2 or IL3

Contract Duration Flexible – to be agreed in the Call-Off Order Contract Price As per G-Cloud order.

Lead time to start 2 weeks Related Lot(s)

/Offering(s)

Application Systems Management as a Service Database as a Service

(3)

1.3 Why IBM

• Proven track record of delivery to multiple Government departments • Leading Cloud services

• Leading server and software technology to deliver Cloud services

1.4 Contact

Contact Name Steve Cliff

Title IBM UK Cloud Alliances Executive Address PO Box 41

North Harbour Portsmouth Hants, PO6 3AU

Contact Email [email protected]

Contact Phone 07710 035877

(4)

2.

Delivery

2.1 Context

Most modern systems are built around a Web Server capability, which provides a platform to host HTML content. This offering provides a managed Web Server for integration into a larger system. The offering can operate at IL0, IL2 or IL3 and is hosted within a secure pan-government accredited cloud.

2.2 What we will deliver

IBM will provide the following;

• supply a Service which is a Web Server hosted on a hardened, standardised Operating System incorporating relevant management and security agents • provide both burst and elastic capabilities for CPU, Memory and Storage • a guaranteed set of resources that can be defined at purchase

• allow the Service to connect to specific Customer networks with connectivity through approved CESG products

• provide fail over capabilities to a secondary location

• build the platform on industry standard processes, techniques and service components

• Service shall be delivered from an infrastructure platform that is private, in the context of it being available to the UK Public Sector community only

• Service will be delivered at Impact Level IL0, IL2 or IL3 as appropriate and will be delivered from a pre-accredited infrastructure and shall be connected to an appropriate Public Sector network or the Internet.

• it shall be the responsibility of the Customer, Supplier, and the Accreditor to ensure that code of connection compliance is adhered to.

• The supplier shall have the right to disable or remove Services that can be proven to cause a security risk to the community as a whole. However, the supplier would promptly alert the Service Recipient of the potential service stoppage, providing all available details of the security risk. The supplier would provide the maximum of one (1) hour for the Service Recipient to respond to this incident, prior to disablement or removal of the service.

• In order to maintain IL0, IL2 or IL3 compliance for Managed Virtual Machines the Supplier shall ensure hardening and patch compliance is maintained in line with the code of connection and CESG documentation including all relevant Good Practice Guides.

• Availability is 99.9% for the server (or optionally 99.95%) – this is measured as availability of the server upon which the Web Server will run. Availability of the Web Server is a shared responsibility and hence is not covered by the SLA.

(5)

STORAGE

• Storage at IL0, IL2 and IL3 Secure is provided as follows: • On a per 100GB per month basis.

• Comprising 3 tiered options:

o Tier 1 performance is 20,000 IOPS o Tier 2 performance is 10,000 IOPS o Tier 3 performance is 5,000 IOPS. • Providing both Burst and Elastic capabilities.

• Including a guaranteed set of resources that can be defined at purchase. • With backup from our Secure Backup Service available as an additional Service. • Service will be delivered at Impact Level IL0, IL2 or IL3 as appropriate

• It shall be the responsibility of the Customer, the Supplier and the accreditor to ensure that code of connection compliance is adhered to.

• The Supplier shall have the right to disable or remove Services that can be proven to cause a security risk to the community as a whole. Where possible we will communicate in advance of the disablement or removal of the associated service, but in the event of a major security event we will look to restrict the impact of the issue as quickly as possible, acting on best practice actions.

BACKUP

• Back up of the Service in performed in accordance to the following criteria:

• The Service shall be backed up to disk each day and backups will be retained for 10 days, this backup shall be limited to the Non-Persistent VMDK image of the VM and will not include additional Persistent storage that shall be connected to the Service.

• Recovery of a VM Image from backup shall be completed within 4 Hours from the point of request by the Customer through the customer portal.

Service Specification:

• This Service delivers a Web Server running on a Virtual Machine (VM), which shall include a hardened operating system built by the Supplier with all management and monitoring agents, backup agents and security agents.

• The build shall be fully managed by the Supplier and shall be subject to change through change control procedures.

• The Supplier’s accredited and security cleared staff shall be responsible for all on-boarding activities associated with the delivery of a new Service.

• Any test and development Web Server capability required by the Customer will be enabled as IL0, IL2 or IL3 as appropriate and built within the appropriate zone of the infrastructure.

• A secure method of connectivity to the Web Server, for support purposes, will be agreed between the Supplier and the Customer. This will be particularly necessary

(6)

STORAGE

• This Service shall deliver a Secure Storage platform. The Supplier shall provide tiered disk appropriate to Customer data needs, within a fully monitored and managed SAN environment.

• Customer data shall be loaded on to the secure storage Service by the Supplier’s accredited and security cleared staff who shall be responsible for all on-boarding activities associated with the delivery of this Service.

• The secure storage Service shall be fully managed by the Supplier’s security cleared staff, including:

• To ascertain availability of the Storage Service Infrastructure.

• To measure the percentage of Storage Service capacity being used (this information will also be available via the Supplier’s customer portal)

• Requests for additional storage requirements shall be made, either via the Supplier’s customer portal or via the Service change request process.

• The Customer will be responsible for ensuring adequate bandwidth is provided for their user community to effectively access the data residing within the Secure Storage Service, within the platform. However, the Supplier would promptly alert the Service Recipient of the potential service stoppage, providing all available details of the security risk. The Supplier would provide the maximum of one (1) hour for the Service Recipient to respond to this incident, prior to disablement or removal of the service.

• A secure method of connectivity to the environment, for support purposes, will be agreed between the Supplier and the Customer. This will be particularly necessary for all Customer 3rd party support providers.

The Customer Responsibilities:

• Integration of the Web Server into a wider system or capability. • Procurement, maintenance and management of any Customer data.

• Provision, maintenance and management as the case may be of any Customer content and configuration to be provisioned on the Web Server.

• Administration, management and control of Users access to the Customer’s applications and/or data stored on the Web Server.

• Should the Supplier determine that the Customer usage of the Infrastructure is not compliant with best practice guidelines then the Customer must comply with the Supplier’s reasonable requests for change.

• Procurement, maintenance and management of any Customer data communications lines not identified.

• Provision of ‘first response’ procedures • Provision of contact list for ‘second response’

• The Web Server is provided on a pan-government accreditated cloud. The Accreditation of the specific instance of the Web Server in the context of the Customers system will be done by the Customer.

(7)

Service Limitations:

• The Service shall be allocated a maintenance window between the hours of 23:00 and 06:00 the window shall be allocated during Service initiation. If the maintenance conducted within the window should implicate possible down-time for the service we would provide prior notification to the affected Customer. SLA’s will not apply during such events.

• The Service shall be change managed in accordance with the Service change

procedure. Change boards will sit weekly and changes shall be carried out during the subsequent change window. A maximum of 4 changes during a month shall be included in the Service.

• Configuration changes that cause a reboot/downtime but are deemed urgent shall not impact SLAs and the associated charging mechanism.

• The ability to add move or change the number of Web Servers in the Customer solution shall be achieved via the Service change procedure and may be subject to appropriate financial approvals.

• Web Servers shall be decommissioned via change control and images will be shut down but the images will be left in place for a further 24 hours after which point they will be destroyed.

• All virtual backups will be destroyed and any physical backups will be returned to the Customer or destroyed.

• Decommissioned machines shall be quarantined and can be restored to full operational state within 24 hours of being decommissioned.

• Customer will also have the ability to add, move or change the storage capacity solution via the change request process, and this can be initiated via SCC’s customer portal, subject to financial approvals. Configuration changes that cause a

reboot/downtime but are deemed urgent shall not impact SLAs and the associated charging mechanism.

• Services to manage your servers are limited to ‘first response’ with the ‘second response’ being to contact an appropriate resolver. IBM can provide more extensive management if required, and this can be specified and provided at any stage during the provision of the service.

2.3 Commercials

This will be a Fixed Price as per the G-Cloud order

Initial work will be carried out under the Strategy and Planning category of the approved G-Cloud 4 IBM SFIA rate table unless agreed otherwise.

Follow on work will be under the appropriate category(ies) of the approved G-Cloud 4 IBM SFIA rate table.

(8)

The scope of work will be set out in the Call Off Order Form and agreed by both parties. Follow on services to enable you to complete implementation of cloud services can be provided by IBM. Details should be agreed via the Call-Off Order and priced using the IBM SFIA rate card, as described above.

2.4 Key Points

Other key points to note are as follows:

• This offering is subject to availability of IBM resources.

• The pricing and terms on individual call-off orders should be handled as commercially sensitive by the Customer.

• Where work is of a sensitive and secure nature, security standards will be agreed between IBM and the Customer, and if necessary IBM will ask the Customer to issue a Security Aspects letter.

• Whilst we do not propose to handle or have access to any personal data, we will suggest and agree alternative approaches such as the use of anonymised data for testing purposes.

• The work is subject to IBM’s Terms of Business, which are attached separately to this catalogue item.

References

Download now ( PDF - 8 Page - 255.64 KB )

Related documents

Hierarchical Neural Networks for Image Interpretation

In the case of binarization of Data Matrix codes, a Neural Abstraction Pyramid is trained to produce the output of the adaptive thresholding method not only for the original images,

Transmission of Data in Secure Manner With DNA Sequence

Data Security is a challenging issue of data communications today that touches many areas including secure communication channel, strong data encryption technique and trusted

Master Service Agreement

Monthly Service Fees - Fees for service(s) ordered by the Customer shall begin on the date of the initial order is accepted by Server Intellect and that date shall serve as the

310 East Main Street Ann M. Zydek Warsaw, IN May 5, BOARD OF TRUSTEES MEETING AGENDA May 10, 2021, 4:00 P.M.

The Director shall be held responsible for the care of the building(s) and equipment, for the employment and direction of the staff, for the efficiency of the Library’s service to

Increasing Campus Sense of Belonging through LLC Participation: To Gems Camp We Go

While studies have demonstrated that LLCs increase students’ sense of belonging, the goal of this study is to explicitly test via propensity score matching if (a) enrollment in

IBM Database as a Service

• Customer data shall be loaded on to the secure storage Service by the Supplier’s accredited and security cleared staff who shall be responsible for all on-boarding

QUESTIONS AND ANSWERS / QUESTIONS ET RÉPONSES SOLICITATION NUMBER / NUMERO DE SOLICITATION:

Remote sites without an ISDN line would require a bridge to connect their IP line to the Senate/HoC committee room’s ISDN line.. Date October 20, 2015 Date October