Introduction
This service catalog describes the services provided by Inventx as standardized cloud services within the ix.Cloud product line.
The services of ix.Cloud are produced on Inventx's own Community Cloud and exclusively in Swiss data centers. The architecture of the Community Cloud follows a shared infrastructure approach, in which the tenants share the hypervisor and the underlying hardware (network, storage, and compute).
Inventx defines a tenant as the highest organizational instance, which represents a self-contained unit in terms of data and organization. This ensures the necessary isolation between customers. Each tenant is always assigned to an explicit customer and serves not only for isolation but also for the use of resources and services.
The following graphic illustrates the available service models (IaaS, PaaS, SaaS) and service categories in the middle section, and the digital customer interfaces (Digital Customer Interfaces) for service management in the upper section. Complementary to this, the general Inventx standards in the areas of information security and compliance are listed in the lower section.
Service Models and Service Categories
The table below shows the service models and service categories available in ix.Cloud.
| Model | Category | Description |
|---|---|---|
| Infrastructure as a Service (IaaS) | Datacenter Services | Infrastructure in Inventx's own data centers (DCs). Thanks to secured access, fire protection, secure power supply, and cooling, applications remain available at all times and data is secured. |
| Network Services | Offers highest service quality by networking cloud and on-premises infrastructures. | |
| Storage Services | Provides secure, scalable cloud storage for data, apps, and workloads. | |
| Compute Services | Pre-configured Availability Sets and computing power from the cloud on demand, billed on a usage basis. | |
| Platform as a Service (PaaS) | System Management Services | Operations-optimized services for efficient provisioning and operation of business applications on virtual machines. |
| Database Services | Fully managed database services enable barrier-free and highly scalable data management. | |
| Container Services | Continuous Delivery with simple and reliable tools for even faster development - innovation at its core. |
Depending on the service model, the supply obligations of the customer and Inventx differ. This means that both parties must assume corresponding responsibilities so that a target application can be provided with the desired depth of production and the required security features.
The following graphic illustrates the responsibilities per service model.
:::tip Managed Services
Additional Managed Services can be agreed upon between the customer and Inventx for all service models and service categories. These are individual services that are not or only partially covered by this service catalog.
:::
Digital Customer Interfaces
Inventx offers customers highly available digital interfaces according to SLA Rhodium, through which ix.Cloud services and resources can be obtained and managed around the clock.
Authorization for the digital customer interfaces is defined and implemented via a separate onboarding project.
ix.Cloud Portal
With the ix.Cloud Portal, authorized customer users have access to a web portal where the corresponding services can be ordered and managed around the clock. Every customer has at least one user for the ix.Cloud Portal after successful onboarding. The customer-specific user management is controlled via a customer's identity provider (e.g., Active Directory) and transmitted to the portal via an identity proxy (e.g., AD Federation Services), which ensures authorization.
The attributes to be transmitted are:
| Criterion | Description |
|---|---|
| Username | Transmission of the User Principal Name |
| Group name | Transmission of the Group Name |
ix.Cloud API
The ix.Cloud API forms the basis for standardized and automated management of ix.Cloud services and simultaneously the prerequisite for integrating IaC (infrastructure as code). IaC is the process of managing and deploying resources via code instead of physical configurations or using configuration tools.
ITSM Portal
The Inventx ITSM Portal is available to defined customer users for processing shared IT Service Management processes within the scope of Service Requests and Incidents.
ITSM API
The ITSM API forms the basis for linking and automating ITSM processes between the customer and Inventx.
Resource Deletion Process
The deletion of a resource occurs automatically via an asynchronous job. Under normal conditions, the following steps are performed:
- The corresponding resources are removed from the target system.
- Associated entries in surrounding systems, such as DNS, monitoring, backup, and billing, are also deleted.
- In the IT Service Management System (ITSM), the status of the record is set to "deleted".
In case of an error, the following procedures apply:
- Job execution is automatically retried at specified intervals.
- If the retries do not succeed, an incident is automatically created.
- The processing of the incident is carried out by the responsible expert teams, who also ensure the completeness of the measures.
Subscriptions and Service Offering
The ix.Cloud is based on three fundamental elements - Tenant, Subscription, and Resources. A Tenant represents a company, which can be divided into several organizational units - Subscriptions. A Resource is a manageable service element that can be ordered via the portal and consumed via a Subscription.
A Tenant must contain at least one Subscription. A Subscription serves to separate and map organizational structures through the following points:
- User and rights management
- Managing the service offering
- Managing and ordering resources
- Accounting for and allocating costs
Billing and Reporting
Billing and Reporting refers to the invoicing of consumed services described in this service catalog.
The services are invoiced based on the Consumption Report (Metered Services) and billing is done monthly in arrears.
Backup
The backup service is based on a highly available, scalable and performant platform in Inventx's data centers, which ensures the backup of data and, if required, its restoration for a service or a complete VM.
Service Architecture
Service Scope
| Features | |
|---|---|
| Access Control | ◼ |
| Data Encryption | ◼ |
| Immutable Backups | ◼ |
| Backup Profiles | ◼ |
| Monitoring & Logging | ◼ |
| Data Integrity | ◼ |
| Data Recovery | ◼ |
| Disaster Recovery (RTO and RPO) | ◼ |
Service Options
Access Control
Access to the backup infrastructure is role-based (RBAC/ixPAM) and uses multi-factor authentication (MFA).
Data Encryption
Backup data is encrypted both during transfer and throughout its retention period (AES-256, FIPS 140-2 compliant encryption of data in flight and at rest).
Immutable Backups
Backup data cannot be changed or deleted throughout its retention period (Immutable Backup & DataLock/WORM). This provides effective protection against ransomware or malicious deletion of backup data.
Backup Profiles
The following backup profiles can be selected:
| Service Level | Bronze | Silver | Gold | Platinum* | Rhodium |
|---|---|---|---|---|---|
| Backup Location | Local | Remote | Remote & DR-Datacenter | ||
| Backup Interval | Daily | ||||
| Backup Retention | No Backup, 14, 40, 100, 200 or 400 Days | ||||
Backup Location
Primary data is always backed up to the backup infrastructure in the remote data center. For Platinum*/Rhodium service levels, an additional replication (copy) of the data is made to the DR data center.
As an option, additional backup copies within or outside the Inventx data centers can be ordered via "Generic Request".
Backup Interval
The interval defines the time period at which data backups are created. An incremental backup is performed at least once daily; for databases, logs (archive, transaction logs, etc.) are backed up several times per hour.
Backup Retention
Retention determines the retention period of data backups in days. After the selected period expires, the data will be irrecoverably deleted.
For the "No Backup" profile, the customer explicitly waives data recovery! This applies to primary data at the OS, database, application level, etc., and also includes cloning via backup restore to a VM/DB for which the "No Backup" profile was selected!
Monitoring & Logging
Inventx monitors the backup process and ensures that it is carried out at the planned regularity. All relevant accesses, changes to configuration or system parameters are recorded in an audit log.
Data Integrity
The backup solution used ensures that data is encrypted during transmission and, after the copy is stored, is protected against accidental or malicious changes and premature deletion using WORM technology.
Data Recovery
Monolithic recovery of a complete VM is performed in self-service via the ix.Cloud portal. File- or database-based recoveries generally need to be requested via "Generic Request".
Disaster Recovery (RTO and RPO)
RTO and RPO define, in the event of a disaster, the maximum duration of recovery (RTO) of an application, system and/ or process and the maximum data loss (RPO).
| Service Level | Bronze | Silver | Gold | Platinum | Rhodium |
|---|---|---|---|---|---|
| Recovery Time Objective (RTO) | - | Best Effort | 48h | 2h | 2h |
| Recovery Point Objective (RPO) | Best Effort | 24h | 15min | 0min | 0min |
Recovery Time Objective (RTO)
The circumstances of a disaster can vary greatly and influence this service level. The value strongly depends on the number of simultaneous recoveries; i.e., with multiple simultaneous recoveries, the value per recovery may be lower. For a single recovery, a guideline of 200-400 MB/s can be assumed.
Recovery Point Objective (RPO)
Damage events caused by manipulated or corrupted data are exclusively covered by the backup-relevant quality elements in the SLA. This means that if corrupted data exists in the live system, it can only be corrected from a backup, and the specified RPO does not apply.
Version: 2026-06-12 09:52
This document is machine translated. German language is contractual binding.