Contents
Networking, Virtualisation, and Cloud
Reference: 25-26376
Date response sent: 23/12/2025
Details of enquiry
See Table Below and/or Attached.
Response sent
You will note that at Question 3 we have withheld data on our servers under FOI s31(a). the explanation of this is provided as follows:
Exemption from disclosure has been engaged to withhold data to protect the security of our servers, under s.31(a) of the FOIA, Law Enforcement: the prevention or detection of crime. This is a qualified exemption that requires the Trust to carry out the public interest test. We have carried out the public interest test and have set out below the public interest arguments which we have considered:
Arguments in favour of disclosure:
- Promoting accountability and transparency on how public funds are utilised and spent
- There is undoubtedly a public interest in how public bodies protect and secure their information assets
Arguments in favour of maintaining the exemption:
- The Trust has a duty to ensure that its information systems and assets are kept secure
- Disclosure of the requested information could prejudice the security of our information assets by facilitating criminal criminal activity, in particular cybercrime, especially when combined with information already in the public domain and other sources, including any information that the Trust has previously provided or may be forced to disclose in the future.
- Disclosure of the requested information could, therefore, increase vulnerability to malicious attack, including the corruption or loss of data, software, hardware or other equipment, which would impact on the Trust’s ability to provide essential services
- These vulnerabilities could extend to suppliers on whose services the Trust relies.
- Any compromise to the confidentiality, integrity or availability of our information assets is likely to impact on our operations.
- Any impact on services could compromise patient safety and wellbeing, and could require substantial resources to resolve and incur significant costs
We have concluded that, on balance, the public interest in maintaining the exemption outweighs the public interest in disclosure.
| 1. For each of the elements below, please provide details about your cloud provider: | Main provider | Total annual spend 2025/2026 (£) | Contract end date | Additional notes |
| Data storage | Microsoft Public Cloud | £15k | Rolling Contract | |
| Networking | Nasstar | £20k | Dec-26 | |
| Back-up and archive | Trustmarque | £22k | Aug-26 | |
| Application databases | N/A | |||
| Big Data analytics databases | N/A | |||
| Microsoft Public Cloud | n/a | n/a | included in the O365 licences | |
| 2. For each of the network supply systems listed below, please provide the requested details: | Main provider | Total annual spend 2025/2026 (£) | Contract end date | Additional notes |
| Mobile telecoms | O2 Telefonica | 25,000 | Nov-26 | |
| Data network (broadband) | Virgin Wavenet Nasstar |
£70k | Nov-26 | |
| DEFINITION: Broadband is the actual internet connection afforded by your internet service provider (ISP), which you can access directly via a LAN or ethernet connection between your modem and device | ||||
| WiFi (hardware) | Pervasive | Nil | Outright purchase | |
| DEFINITION: Wifi is a wireless connection between multiple devices and your router, and just one of the ways you can access the internet | ||||
| CoIN (if applicable) – Community of Interest Network | N/A | |||
| WAN (Wide Area Network) | N/A | see row 14 above | ||
| DEFINITION: WANs connect users and applications in geographically dispersed locations | ||||
| LAN (Local Area Network) | Convergence | £47k | Jun-27 | |
| DEFINITION: LANs connect users and applications in close geographical proximity (same building) | ||||
| VPN provider | N/A | Micosoft VPN | ||
| Other (please specify) | ||||
| 3. Please supply the following details regarding your servers: | Main supplier | Total annual spend 2025/2026 (£) | Contract end date | Additional notes |
| Data withheld FOIA S31(a) | Data withheld FOIA S31(a) | Data withheld FOIA S31(a) | Data withheld FOIA S31(a) | |
| 4. For each element of IT infrastructure below, please provide the requested details: | Main provider | Total annual spend 2025/2026 (£) | Contract end date | Additional notes |
| Desktop management | In House | 0 | nil | |
| Networking | Cisco | 5,250 | Purchased as required, no contract | |
| Data Centre: hardware | Cisco/Backup tech | £47k | Purchased as required, no contract | |
| Server management | nil | Purchased as required, no contract | ||
| IT/cyber security support supplier | Data Withheld | Data Withheld | Data Withheld | |
| 5a. What percentage of your servers are virtualised? | % Virtualised | Main supplier | Additional notes | |
| DEFINITION: A virtual server re-creates the functionality of a dedicated physical server. It exists transparently to users as a partitioned space inside a physical server. | 25% | Microsoft |
| 5b. In relation to your trust’s virtual servers, please provide the requested information: | Number of servers | Owned or Leased | Average age of servers | Main supplier | Annual spend 2025/2026 (£) | Contract end date | Additional notes |
| 55 | Owned | 4.5 years | Dell Corporation | £30k | n/a |
| 6a. Does your trust have any virtualised desktops? | Main product | Main Supplier | Total annual spend 2025/2026 (£) | Number of virtual desktops | Contract end date | Additional notes |
| DEFINITION: A virtual desktop is a preconfigured image of operating systems and applications in which the desktop environment is separated from the physical device used to access it. Users can access their virtual desktops remotely over a network. | Vmware | Aro | £76k | 150 Concurrent | 01/06/2026 |
| 6b. If your organisation does not have virtualised desktops, are you planning to implement any within the next two years? | Yes/No | Preferred supplier | Expected number | Additional notes |
| Where you plan to implement new virtualised desktops, please provide details as requested | N/A |
| 7. Please outline your trust’s WiFi coverage for each element listed below: | Patient WiFi coverage | Staff WiFi coverage | Additional notes |
| Community wide (e.g. CoIN – Community of Interest Network) | N/A | ||
| Enterprise wide (whole campus) | Yes | Yes | |
| Main building only | No | No | |
| Sections of building(s) only | No | No | |
| Mobile phone signal enabled through WiFi | Yes | Yes | |
| No wireless networks are used in the trust | No | No |