PATCH MANAGER what does it do?

Transcription

1 PATCH MANAGER what does it do? PATCH MANAGER SAAS maps all your physical assets and physical infrastructure such as network and power cabling, racks, servers, switches, UPS and generators. It provides a detailed fully interactive model of physical cable connections to patch panels and switch ports and the power connections to the UPS and generator systems and scales from a few racks to thousands across multiple locations. PATCH MANAGER enables you to manage connectivity across your entire estate. This means you can easily navigate your power, copper and fibre network cable infrastructure to quickly diagnose faults and plan moves and changes. PATCH MANAGER enables you to: Accurately map network infrastructure across multiple sites Quickly identify network outage issues Plan network Moves, Adds and Changes efficiently Manage Capacity Map patch panel and rack space connectivity in equipment rooms and data centres Data mine your assets and connectivity for engineering and management reporting Manage floor space Manage physical assets. Lifecycle, location and efficiency reports Open APIs make it possible to integrate with your existing real time monitoring, BMS, ITSM and server utilisation software such as BMC, VMware and CiscoWorks to provide an integrated Data Centre Infrastructure Monitoring (DCIM) solution. AIT Partnership Group Ltd can provide additional real time monitoring systems or integrate with what you already have. The majority of DCIM solutions have been developed to support intelligent PDU and monitoring systems or evolved from space and work flow management solutions. They are not optimised to map the physical layer and your entire cable infrastructure. Patch Manager is ideal for network infrastructures of any size from small offices to multi-site global networks. It provides an easy transition from spreadsheet management

2 Pricing Schedule 12 Month SAAS Contract Up to 30 racks 2,550 Each additional Rack 140 Optional Professional Services Importing data and building the model in PATCH MANGER is very easy but if required AIT can provide a full range of services including; Auditing of assets and data Configuration and integration using APIs Training 550 per day 550 per day 550 per day per delegate G-Cloud Accreditation Patch Manger SAAS is delivered on Amazon Web Services (AWS) that has been designed and managed in alignment with regulations, standards, and best-practices including SOC 1, 2 and 3, ISO27001 and PCI DSS level 1 AWS has been approved and signed up as a supplier to G-Cloud. AIT will work with CESG to assess how Impact Level accreditation can be delivered. AIT currently provides Code of Connection approved services and maintains a technical support team of security cleared personnel

3 Support Please the Terms and Conditions document for full details of the support provided under the standard SAAS contract. AIT can provide additional support options under flexible support contracts up to and including 24/7 4 hour response. Support can be requested during normal business hours by telephone or through the on-line customer support centre by clicking the support on AIT will log all Support requests by Client through the on-line customer support centre, including: a) the date and time of reception of the request; b) the name provided as that of the Client representative; c) a short description of the request or report; d) the date and time that handling of the request or report starts; e) the date and time that the request is resolved; and f) the name(s) of the AIT employee(s) receiving and handling the requests. Hosting PATCH MANAGER SAAS is hosted on the Amazon Web Services (AWS) platform. The physical location of the Software is per customer choice from the following AWS Availability Zones: US East (Virginia) US West (Oregon) US West (N. California) EU West (Ireland) Asia Pacific (Singapore) Asia Pacific (Tokyo) Asia Pacific (Sydney) South America (Sao Paulo) By default, the URL for locating the Software will be of the form and may optionally be replaced with a customer specified URL where agreed as part of the contract

4 Security AIT shall ensure that the Hosting Environment shall comply with the following physical security specifications: a) All physical access points shall be monitored at all times; b) Access validation including identity checks shall be imposed; c) Access shall be granted only to persons on a list of person approved for this purpose by AIT and/or its contracted supplier of hosting services or facilities, if any. Amazon Web Services (AWS) platform provides highly secure data centres with state-of-the art electronic surveillance and multi-factor access control systems. Data centres are staffed 24x7 by trained security guards, and access is authorized strictly on a least privileged basis. Environmental systems are designed to minimize the impact of disruptions to operations. And multiple geographic regions and Availability Zones allow you to remain resilient in the face of most failure modes, including natural disasters or system failures. The AWS virtual infrastructure has been designed to provide optimum availability while ensuring complete customer privacy and segregation. For a complete list of all the security measures built into the core AWS cloud infrastructure, platforms, and services, please go to Built-in Security Features Not only are your applications and data protected by highly secure facilities and infrastructure, but they re also protected by extensive network and security monitoring systems. These systems provide basic but important security measures such as distributed denial of service (DDoS) protection and password brute-force detection on AWS Accounts. Additional security measures include: Secure access Customer access points, also called API endpoints, allow secure HTTP access (HTTPS) so that you can establish secure communication sessions with your AWS services using SSL.

5 Built-in firewalls You can control how accessible your instances are by configuring built-in firewall rules from totally public to completely private, or somewhere in between. And when your instances reside within a Virtual Private Cloud (VPC) subnet, you can control egress as well as ingress. Unique users The AWS Identity and Access Management (IAM) tool allows you to control the level of access your own users have to your AWS infrastructure services. With AWS IAM, each user can have unique security credentials, eliminating the need for shared passwords or keys and allowing the security best practices of role separation and least privilege. Multi-factor authentication (MFA) AWS provides built-in support for multi-factor authentication (MFA) for use with AWS Accounts as well as individual IAM user accounts. Private Subnets The AWS Virtual Private Cloud (VPC) service allows you to add another layer of network security to your instances by creating private subnets and even adding an IPsec VPN tunnel between your home network and your AWS VPC. Encrypted data storage Customers can have the data and objects they store in Amazon S3, Glacier, Redshift, and Oracle RDS encrypted automatically using Advanced Encryption Standard (AES) 256, a secure symmetric-key encryption standard using 256-bit encryption keys. Dedicated connection option The AWS Direct Connect service allows you to establish a dedicated network connection from your premise to AWS. Using industry standard 802.1q VLANs, this dedicated connection can be partitioned into multiple logical connections to enable you to access both public and private IP environments within your AWS cloud. Isolated GovCloud For customers who require additional measures in order to comply with US ITAR regulations, AWS provides an entirely separate region called AWS GovCloud (US) that provides an environment where customers can run ITAR-compliant applications, and provides special endpoints that utilize only FIPS encryption. Dedicated, hardware-based crypto key storage option For customers who must use Hardware Security Module (HSM) appliances for cryptographic key storage, AWS CloudHSM provides a highly secure and convenient way to store and manage keys.

6 Trusted Advisor Provided automatically when you sign up for premium support, the Trusted Advisor service is a convenient way for you to see where you could use a little more security. It monitors AWS resources and alerts you to security configuration gaps such as overly permissive access to certain EC2 instance ports and S3 storage buckets, minimal use of role segregation using IAM, and weak password policies. The Hosting Environment shall comply with the following electronic security specifications: a) For each Client, a dedicated instance of the Software and database configuration are provided to ensure isolation and protection of customer data. b) Access to the Software is via a firewall in default deny mode. A point-to-point IP-range based firewall can also be established between the customer premises and the service. c) Access to the systems running the Software requires a two-step authentication process involving both password and key based authentication. d) Optional integration with Single-Sign-On servers via SAML. e) All communication with the Software from Client systems will be SSL encyrypted. Data Security and back up By default, the Software database is backed-up on a nightly basis with an option to increase this to 2-hourly intervals where agreed By default the Software and database contents back up is made using the Amazon S3 storage service. Optionally, the database back ups can be made available in a customer download account. In the event of contract termination or deployment of the Software to an in house customer server, the database and configuration will be returned in a format from a choice of the most popular commercial or open source databases (MS SQL Server, Oracle, IBM DB2, MySQL, PostgreSQL)

7 Maintenance and Uptime AIT shall undertake period maintenance upgrades of the Software and systems comprising the Hosting Environment. Such maintenance shall be undertaken during pre-notified scheduled timeslots. During the scheduled timeslot the software upgrades may result in up to 2hrs of downtime. AIT undertakes to provide the Hosting Environment with an uptime availability of not less than ninety-nine point five percent (99.5%) other than for times of unavailability during scheduled and agreed down time.