IBM Managed Security Services for Security Event and Log Management

Size: px
Start display at page:

Download "IBM Managed Security Services for Security Event and Log Management"

Transcription

1 Service Description IBM Managed Security Services for Security Event and Log Management 1. Scope of Services IBM Managed Security Services for Security Event and Log Management (called MSS for Security Event and Log Management or Service ) is designed to provide a security-enhanced Web-based solution for the consolidation, analysis and archiving of security event and log data. Security event and log data is initially consolidated into the Virtual Security Operations Center (called Virtual-SOC ), but can be archived to a security-enhanced facility (designed to be scalable and fault tolerant) for up to seven years. The Virtual-SOC is designed to provide a functionally rich, easy-to-use interface to facilitate access to, and searching of, security event and log data. MSS for Security Event and Log Management may also help Customers reduce data storage infrastructure costs. IBM offers the Service at two service levels. MSS for Security Event and Log Management Standard MSS for Security Event and Log Management Select Both service levels are described in further detail below. The details of Customer s order (for example, the services requested (including service levels), contract period, and charges) will be specified in an Order. Definitions of Service-specific terminology can be found at The following table provides a feature and services comparison overview for MSS for Security Event and Log Management Standard and Select service levels. Features and Services Feature and Services Standard Level Select Level Project kickoff, assessment, and implementation Included Supported product categories Any device or application that creates log data in a textbased format (supported IDS/IPS devices, most routers, network infrastructure devices, operating systems, and applications). Generic text and syslog formats Supported network Intrusion Detection and Intrusion Prevention device that creates security event data Automated analysis of event data Not available Provided for supported network Intrusion Detection and Intrusion Prevention events SOC event monitoring Not available Available as an option for supported network Intrusion Detection and Intrusion Prevention events X-Force Protection System alerts Not available Provided for supported network Intrusion Detection and Intrusion Prevention security events; escalation delivered by report Detailed reporting Included templates provided for Intrusion Detection and BELUX /2008 Page 1 of 13

2 Intrusion Prevention devices as well as firewall devices Events per second Out of band ( OOB ) access Security event and log delivery on encrypted DVD to specified location Duration security event and log data is available online Duration security event and log data is archived offline Incident ticketing Integration with Customer ticketing system Simple and advanced querying Integrated security intelligence Multiple audience reports Determined by the platform creating the log data Available as an option for the On-site Aggregator ( OA ) only Available as an option Up to 1 year Up to 7 years Included Available as an option Included Included Included MSS for Security Event and Log Management - Standard MSS for Security Event and Log Management Standard provides a central source for security event and log data from a variety of devices. The Service enables organizations to collect security events and logs from various technologies and consolidate this voluminous data into the Virtual-SOC for archival, analysis, correlation, trending, and reporting. 2. IBM Responsibilities 2.1 Deployment and Initiation Project Kickoff IBM will send Customer a welcome and conduct a kickoff call to: introduce Customer contacts to the assigned IBM deployment specialist; review IBM and Customer responsibilities; set expectations; and begin to assess Customer requirements and environment. IBM will provide a document called Network Access Requirements, detailing how IBM will connect remotely to Customer s network, and any specific technical requirements to enable such access Assessment Data Gathering IBM will provide a form for Customer to document detailed information for the initial setup of the Service. Most of the questions will be technical in nature to help determine the layout of Customer network, Hosts on the network, and desired security policies. A portion of the requested data will reflect Customer organization, and will include security contacts and escalation paths. Environment Assessment Using the provided information, IBM will work with Customer to understand the existing Customer environment. BELUX /2008 Page 2 of 13

3 During this assessment, IBM may make recommendations to adjust policies on devices or modify the network architecture to enhance security On-site Aggregator Implementation IBM will assist in the installation of Customer- provided hardware platform for the OA software. A previously owned or acquired system may require reinstallation of applications and firmware and possibly, overall configuration changes. IBM may require the system to be shipped at Customer s expense to a deployment center for configuration, after which IBM will ship the configured system to Customer for installation. In some cases, IBM may provide a system image or installation procedures, or require that other steps be taken to enable IBM to begin service. In cases where a Customer already has the required hardware, IBM will begin the deployment and management takeover process with an evaluation of the current state of each part of the system. This may include a review of current hardware, software applications, and overall system configuration. Based on the results of the evaluation of each system, IBM may require reinstallation of, or updates to, the application and firmware, and/or overall configuration changes to bring each system s settings in line with the latest managed services certified release. Hardware requirements for each implementation depend on the number of alerts the platform receives in a given timeframe Transition to SOC Once the OA Appliance is configured, physically installed, connected to the IBM Managed Security Services infrastructure and Hosts are successfully sending data to the X-Force Protection System, IBM will provide Customer with an optional demonstration of the Virtual-SOC capabilities and performance of common tasks. The final step of Service deployment occurs when the Security Operations Center ( SOC ) takes over management and support of the OA Appliance and the relationship with Customer. At this time, the ongoing management and support phase of the Services officially begins and all applicable Service Level Agreements and Service Level Objectives will go into affect. 2.2 Ongoing Management and Support After the Services environment has been established, and during any renewal contract period, IBM will provide MSS for Security Event and Log Management - Standard on a 24 hours/day by 7 days/week basis X-Force Threat Analysis Service X-Force Threat Analysis Service provides proactive security management through evaluation of global online threat conditions and detailed analyses. X-Force Threat Analysis Service provides threat information collected from the SOCs, and trusted security intelligence from the X-Force research and development team. This combination helps to identify the nature and severity of external Internet threats. Each authorized security contact will receive access to the X-Force Threat Analysis Service for the duration of the contract Event Collection and Transmission Security events and logs will be aggregated by an OA located within the Customer environment. The OA is a required software solution that will be installed on Customer premises to collect data, via syslog, or the use of a Universal Logging Agent ( ULA ) on a Host. Once the data is collected at the OA, it will be compressed, encrypted and sent via the Internet to the X-Force Protection System located at IBM. This is performed in real time with configurable flow control to manage bandwidth consumption. Requests for connectivity through alternate means (for example, private data circuit or VPN) will be addressed on a case-by-case basis. Additional monthly fees may apply to accommodate connection requirements outside of the standard in-band connectivity. To confirm that valid security event and log data is being received from devices and security platforms on a daily basis, the X-Force Protection System is designed to evaluate security event and log data upon receipt. BELUX /2008 Page 3 of 13

4 Agent-Based Collection If syslog cannot be supported, a ULA is required to transmit security event and log data to the OA Appliance. The ULA may require installation directly on certain devices or management consoles. This installation will allow the ULA to collect, encrypt, and transmit security event data back to IBM through an OA Appliance. The ULA is lightweight and, in most typical implementations, carries a negligible performance overhead Security Event and Log Management Connectivity and OA Device Management Platform and Agent Troubleshooting If problems develop with the OA receiving data, an IBM security analyst will assist Customer in troubleshooting those issues that relate to IBM s successful receipt of security event and log data from the contracted Hosts. As long as security event and log data is being successfully received by the OA, IBM will not provide further troubleshooting assistance on Customer premise platforms. Should problems arise on the ULA, IBM will work directly with authorized Customer security contacts to diagnose the underlying problem. If it is determined that the ULA is not the cause of the problem, no further support will be provided by the IBM SOC for the platform or its management infrastructure. OA Device Management The OA is required for all MSS for Security Event and Log Management - Standard deployments. IBM will maintain sole administration of the OA and as such restricts use of other applications and user accounts on the OA. The health and performance of the OA is monitored by IBM using a Host-based monitoring Agent. The device is regularly polled by the SOC, keeping IBM security analysts informed of potential problems as they develop. In addition to system health metrics, IBM will monitor for device availability. If contact with an OA is lost, additional time-based checks will be initiated to verify a valid outage has been identified. OA Device Troubleshooting In the event system health problems or an outage has been confirmed, a trouble ticket will be created and an IBM security analyst will be notified to begin research and investigation. The status of system health tickets is available through the Virtual-SOC. IBM will examine the device configuration and functionality for potential issues. Troubleshooting may consist of an offline analysis by IBM, or an active troubleshooting session between IBM and Customer. IBM will attempt to resolve any technical issues as expediently as feasible. If the platform is eliminated as the source of a given problem, no further troubleshooting will be performed by IBM. Outage Notification If the OA is not reachable through standard in-band means, Customer will be notified via telephone using a predetermined escalation procedure. Following telephone escalation, IBM will begin investigating problems related to the configuration or functionality of the managed platform. Patch and Firmware Updates Periodically, it will be necessary for IBM to install patches and firmware updates to improve OA performance, enable additional functionality, and resolve potential application problems. The application of such patches and updates may require platform downtime or Customer assistance to complete. If required, IBM will declare a maintenance window in advance of any such updates, and the notification will clearly state the impacts of the scheduled maintenance and any Customer-specific requirements. Out-of-Band Access (Optional) Out-of-band ( OOB ) access is a highly recommended feature that assists the SOC in the diagnosis of OA device issues. Implementing OOB for the OA requires Customer to purchase an IBM-supported OOB device and provide a dedicated analog phone line for connectivity. If Customer has an existing OOB solution, IBM will use this solution for OOB access to managed devices, provided: the solution is approved by IBM; the solution does not allow IBM access to any non-managed devices; using the solution does not require installation of any specialized software; BELUX /2008 Page 4 of 13

5 Customer provides detailed instructions for accessing IBM-managed devices; and Customer is responsible for all aspects of managing the OOB solution Virtual-SOC The Virtual-SOC is a Web-based interface designed to enable delivery of key service details and ondemand protection solutions. The Virtual-SOC is structured to deliver a consolidated view of Customer s overall security posture. The interface is capable of merging data from multiple geographies or technologies into a common interface, allowing for comprehensive analysis, alerting, remediation, and reporting. The Virtual-SOC provides real-time access for communications including ticket creation, security event handling, incident response, data presentation, report generation, and trend analysis. Reporting The reporting feature of the Service enables Customer to view their security event and log data in a single dataset, and generate reports spanning the entire enterprise. Reports can be generated across multiple data types and time intervals, including daily, weekly, monthly, custom, and real-time. Reports will vary based on service level and device platform. Customer will have access to comprehensive Service information, via the Virtual-SOC, to review service tickets and Security Incidents, and generate activity reports at any time. Once per month, IBM will produce a summary report that includes: a. number of Service Level Agreements ( SLAs ) invoked and met; b. number and type of service requests; c. list and summary of service tickets; d. number of Security Incidents detected, priority and status; and e. list and summary of Security Incidents. Querying Capabilities The Service provides capabilities for near real-time querying of security event and log data, including similar data from disparate, multi-vendor technologies. Customers can query security events and logs along with data received from other IBM fully-managed solutions. Users of the System The Service is designed to help Customers manage security event and log data across the enterprise. Multiple individuals, holding varying roles within an organization, may require different levels of access to the system. Therefore, IBM provides three levels of Virtual-SOC system access for designated Customer contacts. All designated Customer contacts will be authenticated via static password or Customerprovided public-key encryption technology (for example, RSA SecureID token). a. Authorized Security Contacts Users classified as Customer security contacts will be the primary users of MSS for Security Event and Log Management - Standard and will have full access to the system including the ability to generate tickets, evaluate all data, and export security events and logs for offline processing. IBM SOC analysts will only accept phone calls from authorized Customer security contacts. Customers may identify up to three authorized security contacts for MSS for Security Event and Log Management - Standard. b. Regular Users Users classified at this level will receive limited access to the MSS for Security Event and Log Management - Standard system. Subordinates/system administrators are identified by authorized Customer security contacts, and are then assigned specific devices for which they may have access. Subsequently, subordinates/system administrators may login to the system, review and research security event and log data, as well as generate tickets for anomalous or suspicious activity. Users at this level do not have the authority to review data or make changes outside of devices assigned directly to them or to interact with the SOC. Customers may identify an unlimited number of subordinates/system administrators for the MSS for Security Event and Log Management - Standard service. BELUX /2008 Page 5 of 13

6 c. Restricted Users Custom access allows for granular assignment of access permissions to individual contacts. Such a capability allows for specific contacts to be granted access to individual features on a per device basis (for example, security event query, export, and reporting). There is no limit to the number of custom access users within the MSS for Security Event and Log Management - Standard implementation. Security Event and Log Management Dashboard MSS for Security Event and Log Management - Standard provides an overview at a glance (called Dashboard ) to deliver a snapshot of Customer s security event and log management status. The Dashboard provides administrators with a comprehensive overview of security event and log sources, total volumes of data, dates and times of last security event and log receipt, and other information relevant to the organization s implementation. Authorized Customer security contacts will have access to the entire Dashboard and all service features and functionality. Regular and restricted users may receive a more focused view that outlines security event and log sources to which they have been assigned. Security Event and Log Querying The Virtual-SOC allows online data to be queried directly through the Virtual-SOC for up to one year. Reports and queries for security event and log data can be issued on a per device basis or across userdefined groups. Devices sharing the same log format can all be queried simultaneously through a common interface for rapid analysis of potential security impacts. Retrieved security events and logs can be further sorted or filtered by using the robust, easy-to-use interface to select specific IP addresses, security event types, ports, and dates. Once data has been filtered to the desired level of detail, security events and logs may be exported for offline analysis. Customers who use the Service in conjunction with other IBM fully-managed services, will have access to their security event and log data from both managed and unmanaged security devices through a common interface. An appropriate combination of services may allow for simultaneous querying of all devices across the enterprise, whether managed by IBM or Customer. In some circumstances, normalized log data and raw log data will need to be queried separately. Security Event and Log Delivery IBM will retrieve Customer data, at their request, from the IBM Managed Security Services Infrastructure and store it on encrypted media for delivery to a specified location. IBM will charge then-current consulting fees or pre-negotiated fees for all time and materials utilized to restore and prepare data in the Customer s requested format. Security Event and Log Archival IBM may retain security event and log data for up to seven years from the date of creation. Customers must specify exact retention periods on a per device basis in one year increments. Devices for which retention times have not been specified will automatically default to one year of retention. Archived security events and logs are stored natively in a compressed format, preserving the original raw data. As each security event and log (or group of data) is written to disk, a unique hash is automatically generated to ensure the integrity of the unaltered data can be maintained. At the close of each 24 hour period, a checksum of all hashes generated over the course of the day is created, serving as a snapshot of the previous day s activity. Long term storage is provided by the X-Force Protection System. The X-Force Protection System provides a highly scalable architecture for organizing and retrieving security event and log data. It is also designed to maintain the safeguards required for the logical separation of data by device and by Customer. Reasonable business efforts will be made to implement security event and log archival and facilitate MSS for Security Event and Log Management - Standard data storage. However, IBM does not guarantee any domestic or international legal system will admit security event and log data from a given archival solution. Admissibility is based on the technologies involved and a Customer s ability to prove proper data handling and chain of custody for each set of data presented. BELUX /2008 Page 6 of 13

7 2.2.5 Incident Ticketing MSS for Security Event and Log Management - Standard provides Customers with the capability to document and record incidents of varying types. This capability can help Customers notify security teams of pending work, or track the progress of an incident remediation process. Generating Incident Tickets The Virtual-SOC provides capabilities to allow Incident tickets to be created by Customer, based on manual research conducted either while querying security event and log data or while evaluating X-Force Protection System alerts. Once an incident ticket has been created, it can be viewed and updated by specific contacts (as defined by their roles and permissions) within Customer security team. Each incident ticket includes details such as the following: issue description issue type and priority relevant dates and times issue owners relevant IP addresses and ports security event names device information detailed worklog of all actions taken Customer Ticketing System Integration (Optional) For Customers who wish to leverage existing trouble ticketing and case management investments, IBM will provide an application program interface ( API ) which allows for customized integration with external ticketing systems. At Customer s request and for an additional fee, IBM will provide the API to Customer. Because ticketing systems vary in design and complexity, IBM cannot provide detailed assistance or consulting for Customer s ticket system integration. However, IBM will provide a neatly formatted ticket output that can be made available for push or pull access to import into Customer s system Security Event and Log Delivery (Optional) Customers may elect to have their security events and logs placed on an encrypted DVD and delivered to a specific location. This option is available for an additional fee Service Decommission or Turn-Down If the Service is cancelled or the contract is not renewed, Customer will have either 90 days from the date of cancellation or 90 days from the date of contract expiration, whichever comes first, to request the receipt of archived data on removable media (i.e., CD/DVD). IBM will charge pre-negotiated fees for all time and material utilized to restore and prepare data in Customer s requested format. Such request may be submitted through the Virtual-SOC or via telephone if access to the portal is no longer available. If a request is not received within the 90 day period, as stated above, IBM will permanently destroy all archived data pertaining to security devices no longer under a valid MSS for Security Event and Log Management - Standard contract. 3. Customer Responsibilities While IBM will work with Customer to deploy and implement the Agent, and IBM will manage the Agent, Customer will be required to work with IBM in good faith and assist IBM in certain situations as requested by IBM. 3.1 Deployment and Initiation During deployment, Customer will work with IBM to deploy an OA. Customer must ensure that the OA Appliance meets IBM specifications, and must work to meet recommendations concerning Customer s network and network access requirements, if changes are required to facilitate workable protection strategies. BELUX /2008 Page 7 of 13

8 The Customer must specify exact retention periods for log storage on a per device basis in one year increments. All specified retention times assume an active Service contract has been maintained for each Agent. Customer is responsible for supplying the IBM-approved OS and antivirus for use on the OA Appliance and keeping current maintenance contracts for support and updates Customer is responsible for shipping, racking and cabling of the OA appliance for all OA installations Customer will participate in a scheduled kickoff call to introduce team members, set expectations and begin the assessment process. Customer will be required to complete a form with detailed information about the network configuration (including applications and services for the Hosts on the protected network) and must work with IBM in good faith to accurately assess Customer s network and environment. Customer must provide contacts within the organization, and specify an escalation path through the organization in the event that IBM must contact Customer. Customer will be responsible for installing all required Agent software and configuring all log sources to properly send data, as instructed by IBM. At Customer s request and for an additional fee, IBM will provide physical installation services. Customer is responsible for updating any access control lists ( ACLs ) and firewall rules required to allow contracted devices to communicate with X-Force Protection System... Customer is responsible for creating a Customer Inquiry ticket to notify IBM of any IP changes to the OA or contracted devices that could potentially disrupt event and log flow into the X-Force Protection System. 3.2 Ongoing Management and Support Customer is responsible for maintaining current hardware, OS and antivirus agent maintenance contracts. Customer is responsible for making agreed-to changes to the network environment based upon IBM recommendations. Customer is required to maintain an active and fully functional Internet connection at all times. Configuration / Change Management Customer acknowledges that IBM retains sole administrative access to the OA device and is responsible for all management and maintenance functions. Customer is responsible for hardware and software-level configurations as well as overall health and availability monitoring of all contracted security event and log management Hosts. Customer must work in good faith to allow IBM to upgrade its back-end infrastructure so as to improve service features, functionality, and reliability. Customer is required to provide advance notice of any scheduled system reboots, maintenance, or power tests that may result in temporary cessation of receipt of security event and log data. Customer is responsible for all activities associated with break-fix should a device fail that is not directly and completely managed by IBM. Server Environment Requirements Network infrastructure devices and applications sending security events and logs to IBM must meet the most current application minimum system requirements as outlined in the vendor s product documentation. Customer is responsible for taking the appropriate measures to ensure all Hosts and OA Appliances are protected and installed in networks using appropriate security practices Customer must provide a secure, physically controlled environment for servers on which the ULA resides. Virtual-SOC At Customer s request, IBM will provide an SLA compliance report Data Compilation Customer consents to IBM collecting, gathering and compiling security event log data to look at trends, and real or potential threats. IBM may compile or otherwise combine this security event log data with BELUX /2008 Page 8 of 13

9 similar data of other customers so long as such data is compiled or combined in a manner that will not in any way reveal the data as being attributable to Customer. MSS for Security Event and Log Management - Select MSS for Security Event and Log Management - Select provides additional value by providing an automated mechanism for analyzing security data anomalies using X-Force Protection System. In connection with the above, IBM will perform the responsibilities as set forth in the section entitled MSS for Security Event and Log Management Standard, subsection IBM Responsibilities. In addition, IBM will perform the responsibilities set forth in the section entitled MSS for Security Event and Log Management Select, subsection IBM Responsibilities below. Customer agrees to perform all of the tasks set forth in the section entitled MSS for Security Event and Log Management Standard, subsection Customer Responsibilities above. In addition, Customer agrees to perform the responsibilities set forth in the section entitled MSS for Security Event and Log Management Select, subsection Customer Responsibilities below. 4. IBM Responsibilities 4.1 Ongoing Management and Support Automated Analysis Following data collection, security events from supported systems and applications are forwarded to IBM for automated analysis. This analysis process evaluates security events for statistical deviations, anomalies, and suspicious activity through the application of sophisticated algorithmic analysis. If the system identifies activity warranting further investigation, an X-Force Protection System alert will be generated and stored within the Virtual-SOC for further evaluation by Customer. communications may also be configured via the Virtual-SOC for users of the system to be notified using an hourly report of any X-Force Protection System alerts generated for specific systems and applications. Such alerts are subject to the X-Force Protection System alert notification guarantee as outlined in the section of this Service Description entitled Service Level Agreements. Examples of X-Force Protection System-based alert types include, but are not limited to: hot decodes alert notification of specific signatures or attacks in the security event stream; malicious code alert notification of worm-like activity propagating in the environment; and probes and scans alert notification of a substantial increase in reconnaissance activity. Automated analysis of security event data applies only to IBM-supported network Intrusion Detection and Intrusion Prevention devices and technologies. Automated analysis support for additional device types will be added periodically. Events from supported IDS/IPS devices can be compared by Customer to identify relationships between multivendor products and solutions. Research and Investigation User-friendly query tools allow for real-time research and analysis to quickly conduct investigations of suspicious IP addresses and suspected misuse. These tools augment the automated real-time analysis of network Intrusion Detection and Intrusion Prevention devices performed by the X-Force Protection System. X-Force Protection System Alert Review IBM security analysts are available to assist MSS for Security Event and Log Management - Select Customers by answering general questions regarding an X-Force Protection System alert or service capability. However, IBM does not provide a personalized review of X-Force Protection System alerts or a walk-through of potential incidents as a standard feature of the MSS for Security Event and Log Management Select service. At Customer s request, such support may be provided by the IBM SOCs for an additional fee. Security Event Summary As part of MSS for Security Event and Log Management - Select, security events received from supported network Intrusion Detection and Intrusion Prevention devices are summarized by X-Force Protection System. This process allows for statistical reporting and analysis to be performed at a later BELUX /2008 Page 9 of 13

10 time. Summarized data is stored in a security enhanced database within an IBM data center, and is physically separate from the storage mechanism for unaltered raw security event data. Maintaining both sets of data helps to provide the ability to perform analysis while maintaining the integrity of the original data stream SOC Event Monitoring (optional service) SOC Event Monitoring is designed to provide automated, real-time analysis of security events using algorithms created and maintained by IBM. Subsequent eyes-on scrutiny of associated alerts helps the SOC notify Customer of potential security risks. Such monitoring is available to MSS for Security Event and Log Management Select Customers for an additional fee and will be performed by the SOC for supported network Intrusion Detection and Intrusion Prevention devices in an on-demand or regularly scheduled fashion. Customer event streams are analyzed using algorithms created and maintained by IBM. During or following live security event monitoring, IBM may request that Customer implement a modification to the then-current IDS/IPS configuration if the current policy prevents the SOC from optimally processing event data satisfactorily. Requested policy changes must be implemented prior to the next monitoring period. If Customer does not change the policy, the Security Incident response guarantee will be null and void. In the event malicious activity is detected, the SOC will review relevant alerts, and if determined necessary, generate a Security Incident ticket in the Virtual-SOC. Actionable, validated Security Incidents will be escalated to Customer via , -based text messaging notification, or telephone, depending on declared event severity, as described in the section entitled SLA Remedies below. Customer will be provided with a description of the Security Incident, the potential impact, and a recommended course of action. An notification of the Security Incident will be sent to the designated Customer contact. 4.2 Customer Responsibilities Customer is responsible for remediation of any X-Force Protection System alerts and SOC escalations it receives. Customer is responsible for patching systems and implementing associated policy changes to remediate potential security risks as identified by either X-Force Protection System alerts or the SOC. X-Force Protection System alerts should be evaluated by a member of Customer security team as quickly as possible. Certain X-Force Protection System alerts may indicate network attacks or system compromise. Evaluating an X-Force Protection System alert will typically involve examining the alert type and any snapshots of security event data (either raw or summarized) that may be included with the notification. If an X-Force Protection System alert is determined to require further action or investigation, a Security Incident ticket may be created by Customer from within the X-Force Protection System alert for further tracking by Customer security team. 5. Service Level Agreements IBM SLAs establish response time objectives for the Services. The SLAs become effective when the deployment process has been completed, the device has been set to live, and support and management of the OA Appliance has been successfully transitioned to the SOC. The SLA remedies are available provided Customer meets its obligations as defined in this Service Description. Operational activities related to Security Incidents, change requests, responses, and other kinds of tickets are documented and time-stamped within the IBM trouble ticketing system, which shall be used as the sole authoritative information source for purposes of this SLA guarantee. 5.1 SLA Guarantees The SLA guarantees described below comprise the measured metrics for delivery of the Service. Unless explicitly stated below, no additional guarantees or warranties of any kind shall apply to services delivered under this Service Description. The sole remedies for failure to meet the SLA guarantees are specified in the section entitled SLA Remedies, below. a. Proactive system monitoring guarantee: BELUX /2008 Page 10 of 13

11 (1) Standard level IBM will attempt to contact Customer within 30 minutes after IBM determines the OA is unreachable via standard in-band connectivity. (2) Select level - IBM will attempt to contact Customer within 15 minutes after IBM determines the OA is unreachable via standard in-band connectivity. IBM will contact the designated Customer contact by a method elected by IBM. During an outage escalation, IBM will continue attempting to notify the designated Customer contact until such contact is reached or all escalation contacts have been exhausted. b. Security Incident response guarantee (available only for MSS for SELM Select Customers who have contracted for the optional SOC Event Monitoring service) During the SOC monitoring period, IBM will respond to all identified Security Incidents within 15 minutes of identification. Customer s designated Security Incident contact will be notified by telephone for Priority 1 Security Incidents and via for Priority 2 and 3 Security Incidents. During a Priority 1 Security Incident escalation, IBM will continue attempting to contact the designated Customer contact until such contact is reached or all escalation contacts have been exhausted. SLA Summary Service Level Agreement Standard Select Proactive system monitoring guarantee For OA Appliance only within 30 minutes For OA Appliance only within 15 minutes Security Incident response Not available Available with purchase of SOC Event Monitoring for Response within 15 minutes 5.2 SLA Remedies A credit will be issued as the sole remedy for failure to meet any of the guarantees described in the section entitled SLA Guarantees during any given calendar month. The Customer may obtain no more than one credit for each SLA per day, not to exceed a total for all SLAs of (euros) or the equivalent in local currency, or the contracted value of the Service in a given calendar month. Specific SLA remedies are listed below: a. Proactive System Monitoring remedy If IBM fails to meet this guarantee, a credit will be issued for the applicable charges for one day of the specific device s Monthly Monitoring Fee and, if applicable, specific managed security platform for which the respective guarantee was not met. b. Security Incident response remedy (available only for MSS for SELM Select Customers who have contracted for the optional SOC Event Monitoring service) If IBM fails to meet this guarantee for any given calendar month, a credit will be issued for the prorated charges as specified below: (1) Priority 1 Security Incidents: Failure to identify the security event(s) as a Security Incident will result in a one month credit for the initial device that reported the event(s). (2) Priority 2 Security Incidents: Failure to identify the security event(s) as a Security Incident will result in a one week credit for the initial device that reported the event(s). (3) Priority 3 Security Incidents: Failure to identify the security event(s) as a Security Incident will result in a one day credit for the initial device that reported the event(s). SLAs and Remedies Summary Service Level Agreement Proactive system monitoring guarantee Security Incident response Remedies for MSS for SELM Credit of 1 day of the affected device s monthly SOC Event Monitoring fee Priority 1: Credit of 1 month of the OA Management fee BELUX /2008 Page 11 of 13

12 5.3 Scheduled and Emergency Portal Maintenance Scheduled maintenance shall mean any maintenance: Priority 2: Credit of 1 week of the OA Management fee Priority 3: Credit of 1 day of the OA Management fee a. of which Customer is notified at least five days in advance; or b. that is performed during the standard monthly maintenance window on the second Saturday of every month from 8:00 a.m. 4:00 p.m. United States Eastern Time. Notice of scheduled maintenance will be provided to the designated Customer contact. No statement in the section entitled Service Level Agreements shall prevent IBM from conducting emergency maintenance on an as needed basis. During such emergency maintenance, the affected Customer s primary point of contact will receive notification within 30 minutes of initialization of the emergency maintenance and within 30 minutes of the completion of any emergency maintenance. 5.4 SLA Exclusions and Stipulations Customer Contact Information Multiple SLAs require IBM to provide notification to the designated Customer contact after certain events occur. To ensure the accuracy of IBM s notifications, Customer is solely responsible for providing IBM with accurate and current contact information for the designated contact(s). The current Customer contact information on record is available to authorized Customer contacts. IBM will be relieved of its obligations under these SLAs if Customer contact information provided to IBM is out of date or inaccurate due to Customer action or omission Customer Network/Server Change Notifications Customer is responsible for providing IBM advance notice regarding any network or server changes to the environment for contracted Hosts. If the event advance notice cannot be provided, Customer is required to provide IBM with notification of changes within seven calendar days of said network or server changes. Notification is completed by the submission or update of a critical server ticket through the Virtual-SOC. If Customer fails to notify IBM as stated above, all SLA remedies are considered null and void SLA Compliance and Reporting SLA compliance and the associated remedies are based on fully functional network environments, Internet and circuit connectivity, and properly configured servers. If SLA compliance failure is caused by reasons other than those directly within IBM s control, such as failure of customer owned hardware or software, all SLA remedies are considered null and void. IBM will provide SLA compliance reporting through the Virtual-SOC Event Restoration Each request for the restoration of security event and log data to removable media for data volumes in excess of six months in duration will be evaluated by IBM and an estimated time to restore will be provided. Due to a variety of technical variables involved in restoring data volumes of this size, IBM is unable to provide an SLA at this time. 6. Service Level Objectives IBM service level objectives (called SLOs ) establish nonbinding objectives for the provision of certain features of the Service. The SLOs become effective when the deployment process has been completed, the device has been set to live, and support and management of the device have been successfully transitioned to the SOC. IBM reserves the right to modify these SLOs with 30 days prior written ( or Virtual-SOC) notice. a. Virtual-SOC - IBM will provide a 99.9% accessibility objective for the Virtual-SOC outside of the times detailed in the section entitled Scheduled and Emergency Portal Maintenance. b. Internet Emergency - In the event IBM declares an Internet emergency, it is IBM s objective to notify Customer s specified points of contact via within 15 minutes of emergency declaration. This notification will include an incident tracking number, telephone bridge number, and the time that IBM will conduct a situation briefing. BELUX /2008 Page 12 of 13

13 During declared Internet emergencies, IBM will provide a live telephone-conference situation briefing and summarized designed to provide information Customer can use to protect its organization. Situation briefings following the onset of an Internet emergency will supersede any requirement for IBM to provide Customer-specific escalations for security events directly related to the declared Internet emergency. During an Internet emergency, IBM will communicate other priority level incidents via automated systems such as , pager and voice mail. Standard escalation practices will resume upon conclusion of the stated Internet emergency. Termination of an emergency state is marked by a decrease in the AlertCon level to AlertCon 2, or an notification delivered to an authorized Customer security contact. c. X-Force Protection System Alert Notification IBM will send an hourly notification to the designated Customer contact, summarizing any X-Force Protection System alerts. IBM only guarantees the initial sending of the X-Force Protection System alert notification; not the confirmed delivery to the end recipient(s). 7. Other Terms and Conditions IBM reserves the right to modify the terms of this Service Description at any time. Should such modification reduce the scope or level of the Services being delivered (for example, eliminating a previously provided Service or lengthening the Security Incident response time), IBM will provide a minimum of 30 days prior notice via the ISS Web portal or other electronic means. BELUX /2008 Page 13 of 13

IBM Managed Security Services for Security Event and Log Management

IBM Managed Security Services for Security Event and Log Management Service Description IBM Managed Security Services for Security Event and Log Management 1. Scope of Services IBM Managed Security Services for Security Event and Log Management (called MSS for Security

More information

IBM Managed Security Services for Security Event and Log Management

IBM Managed Security Services for Security Event and Log Management Service Description IBM Managed Security Services for Security Event and Log Management 1. Scope of Services IBM Managed Security Services for Security Event and Log Management (called MSS for SELM ) is

More information

IBM Vulnerability Management Service

IBM Vulnerability Management Service Service Description 1. Service Overview IBM Vulnerability Management Service IBM Vulnerability Management Service (called VMS or Service ) is designed to provide a comprehensive, Web-driven vulnerability

More information

Managed Protection Service for Desktop Firewalls Standard

Managed Protection Service for Desktop Firewalls Standard Service Description IBM Ireland Limited Registered in Dublin: No. 16226 Registered Office: Oldbrook House 24-32 Pembroke Road Ballsbridge, Dublin 4. Managed Protection Service for Desktop Firewalls Standard

More information

IBM Managed Security Services for Network Intrusion Detection and Intrusion Prevention Systems - Standard

IBM Managed Security Services for Network Intrusion Detection and Intrusion Prevention Systems - Standard IBM Managed Security Services for Network Intrusion Detection and Intrusion Prevention Systems - Standard NO-7805-05-ENG 2010-03 (INTC-7805-05 10-2009)Page 1 of 27 Table of Contents 1. Scope of Services...4

More information

Managed Security Services - Automated Analysis, Threat Analyst Monitoring and Notification

Managed Security Services - Automated Analysis, Threat Analyst Monitoring and Notification Service Description Managed Security Services - Automated Analysis, Threat Analyst Monitoring and Notification The services described herein are governed by the terms and conditions of the agreement specified

More information

IBM Infrastructure Security Services - Firewall Management - Select

IBM Infrastructure Security Services - Firewall Management - Select IBM Infrastructure Security Services - Firewall Management - Select BELUX-8471-01 10-2010 Page 1 of 26 Table of Contents 1. Scope of Services...4 2. Definitions...4 3. Services...4 3.1 Security Operations

More information

Service Description Managed Protection Services for Networks - Standard

Service Description Managed Protection Services for Networks - Standard Service Description Managed Protection Services for Networks - Standard 1. Scope of Services IBM Managed Protection Services for Networks Standard (called MPS for Networks Standard ) is designed to provide

More information

IBM Application Security Services Secure Web Gateway Management - Premium

IBM Application Security Services Secure Web Gateway Management - Premium IBM Application Security Services Secure Web Gateway Management - Premium Z125-8482-01 01-2011 Page 1 of 22 Table of Contents 1. Scope of Services... 4 2. Definitions... 4 3. Services... 4 3.1 Security

More information

IBM Infrastructure Security Services - Firewall Management - Standard

IBM Infrastructure Security Services - Firewall Management - Standard IBM Infrastructure Security Services - Firewall Management - Standard Z125-8470-00 05-2010 Page 1 of 24 Table of Contents 1. Scope of Services... 4 2. Definitions... 4 3. Services... 4 3.1 Security Operations

More information

IBM Managed Security Services General Provisions Services Description

IBM Managed Security Services General Provisions Services Description IBM Managed Security Services General Provisions Services Description I126-8484-EN-04 03-2016 Page 1 of 32 Table of Contents 1. Scope of Services...4 2. Definitions...4 3. Services...4 3.1 MSS Portal...4

More information

IBM Managed Security Services for Network Firewalls - Standard

IBM Managed Security Services for Network Firewalls - Standard IBM Managed Security Services for Network Firewalls - Standard DK-7799-07-ENG 2010-03 (INTC-7799-07 10-2009) Page 1 of 27 Table of Contents 1. Scope of Services...4 2. Definitions...4 3. MSS for Network

More information

IBM Infrastructure Security Services - Managed Protection Services for Networks - Standard

IBM Infrastructure Security Services - Managed Protection Services for Networks - Standard IBM Infrastructure Security Services - Managed Protection Services for Networks - Standard Z125-8464-01 10-2010 Page 1 of 28 Table of Contents 1. Scope of Services... 4 2. Definitions... 4 3. Services...

More information

Managed Security Services - Event Collector Implementation, Configuration and Management

Managed Security Services - Event Collector Implementation, Configuration and Management Service Description Managed Security Services - Event Collector Implementation, Configuration and Management The services described herein are governed by the terms and conditions of the agreement specified

More information

IBM Managed Security Services (Cloud Computing) - Hosted Security Event and Log Management - Standard

IBM Managed Security Services (Cloud Computing) - Hosted Security Event and Log Management - Standard IBM Managed Security Services (Cloud Computing) - Hosted Security Event and Log Management - Standard INTC-8477-01 Nordic 2011-02 (INTC-8477-01 11-2010) Page 1 of 19 Table of Contents 1. Scope of Services...3

More information

Services Description IBM Application Security Services - Secure Web Gateway Management - Select

Services Description IBM Application Security Services - Secure Web Gateway Management - Select IBM United Kingdom Limited Registered in England: 741598 Registered Office: PO Box 41, North Harbour, Portsmouth, PO6 3AU (hereinafter IBM ) Services Description IBM Application Security Services - Secure

More information

IBM Infrastructure Security Services firewall management - managed VPN concentrator

IBM Infrastructure Security Services firewall management - managed VPN concentrator IBM Infrastructure Security Services firewall management - managed VPN concentrator INTC-8605-01 01-2011 Page 1 of 26 Table of Contents 1. Scope of Services...4 2. Definitions...4 3. Services...4 3.1 Security

More information

IBM Infrastructure Security Services firewall management - managed VPN concentrator

IBM Infrastructure Security Services firewall management - managed VPN concentrator IBM Infrastructure Security Services firewall management - managed VPN concentrator INTC-8605-01 Nordic 2011-02 (INTC-8605-01 01-2011) Page 1 of 23 Table of Contents 1. Scope of Services...3 2. Definitions...3

More information

IBM Infrastructure Security Services - Managed Protection Services for Servers - Select

IBM Infrastructure Security Services - Managed Protection Services for Servers - Select IBM Infrastructure Security Services - Managed Protection Services for Servers - Select INTC-8474-00 Nordic 2011-02 (INTC-8474-00 05-2010) Page 1 of 23 Table of Contents 1. Scope of Services...4 2. Definitions...4

More information

Services Description IBM Infrastructure Security Services - Firewall Management - Standard

Services Description IBM Infrastructure Security Services - Firewall Management - Standard IBM United Kingdom Limited Registered in England: 741598 Registered Office: PO Box 41, North Harbour, Portsmouth, PO6 3AU (hereinafter IBM ) Services Description IBM Infrastructure Security Services -

More information

IBM Hosted Application Security Services - Pre-Production Application Scanning

IBM Hosted Application Security Services - Pre-Production Application Scanning IBM Hosted Application Security Services - Pre-Production Application Scanning FR_INTC-8839-02 2-2012 Page 1 of 21 Table of Contents IBM Hosted Application Security Services -...1 Pre-Production Application

More information

IBM Managed Security Services for X-Force Hosted Threat Analysis Service

IBM Managed Security Services for X-Force Hosted Threat Analysis Service IBM Managed Security Services for X-Force Hosted Threat Analysis Service Z125-8483-00 05-2010 Page 1 of 5 Table of Contents 1. Scope of Services... 3 1.1 Licensing... 3 1.1.1 Individual... 3 1.1.2 Distribution...

More information

IBM Case Manager on Cloud

IBM Case Manager on Cloud Service Description IBM Case Manager on Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means and includes the company, its authorized users or recipients of the

More information

Z DK-1 01/2013 Page 1 of 38

Z DK-1 01/2013 Page 1 of 38 IBM Infrastructure Security Services Managed Network Security Services for Firewall Management Intrusion Detection and Prevention Management Unified Threat Management Secure Web Gateway Management Service

More information

IBM Infrastructure Security Services Managed Network Security Services Service description

IBM Infrastructure Security Services Managed Network Security Services Service description IBM Infrastructure Security Services Managed Network Security Services Service description Z126-5942-GR-3 11-2013 Page 1 of 37 Table of Contents IBM Managed Network Security Services...4 1.Managed Network

More information

Services Description IBM Infrastructure Security Services - Firewall Management - Select

Services Description IBM Infrastructure Security Services - Firewall Management - Select IBM United Kingdom Limited Registered in England: 741598 Registered Office: PO Box 41, North Harbour, Portsmouth, PO6 3AU (hereinafter IBM ) Services Description IBM Infrastructure Security Services -

More information

Managed NIDS Care Services

Managed NIDS Care Services Managed NIDS Care Services This Service Guide ( SG ) sets forth a description of CenturyLink Managed NIDS Care Service ( Service ) offerings including technical details and additional requirements or terms,

More information

Version v November 2015

Version v November 2015 Service Description HPE Project and Portfolio Management on Software-as-a- Service Version v2.0 26 November 2015 This Service Description describes the components and services included in HPE Project and

More information

IBM Security Intelligence on Cloud

IBM Security Intelligence on Cloud Service Description IBM Security Intelligence on Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means and includes the company, its authorized users or recipients

More information

IBM Managed Security Services for Security

IBM Managed Security Services for  Security Service Description 1. Scope of Services IBM Managed Security Services for E-mail Security IBM Managed Security Services for E-mail Security (called MSS for E-mail Security ) may include: a. E-mail Antivirus

More information

COMCAST ENTERPRISE SERVICES PRODUCT-SPECIFIC ATTACHMENT SOFTWARE-DEFINED WIDE AREA NETWORKING (SD-WAN)

COMCAST ENTERPRISE SERVICES PRODUCT-SPECIFIC ATTACHMENT SOFTWARE-DEFINED WIDE AREA NETWORKING (SD-WAN) ATTACHMENT IDENTIFIER: SD-WAN, Ver. 1.0 COMCAST ENTERPRISE SERVICES PRODUCT-SPECIFIC ATTACHMENT SOFTWARE-DEFINED WIDE AREA NETWORKING (SD-WAN) The following additional terms and conditions are applicable

More information

IBM Hosted Application Security Services - Website Scanning Platform

IBM Hosted Application Security Services - Website Scanning Platform IBM Hosted Application Security Services - Website Scanning Platform Z126-5886-US-1 09-2012 Page 1 of 13 Table of Contents IBM Hosted Application Security Services -... 1 Website Scanning Platform... 1

More information

Managed Security Services - Endpoint Managed Security on Cloud

Managed Security Services - Endpoint Managed Security on Cloud Services Description Managed Security Services - Endpoint Managed Security on Cloud The services described herein are governed by the terms and conditions of the agreement specified in the Order Document

More information

Version v November 2015

Version v November 2015 Service Description HPE Quality Center Enterprise on Software-as-a-Service Version v2.0 26 November 2015 This Service Description describes the components and services included in HPE Quality Center Enterprise

More information

SERVICE DESCRIPTION MANAGED BACKUP & RECOVERY

SERVICE DESCRIPTION MANAGED BACKUP & RECOVERY Contents Service Overview.... 3 Key Features... 3 Implementation... 4 Validation... 4 Implementation Process.... 4 Internal Kick-Off... 4 Customer Kick-Off... 5 Provisioning & Testing.... 5 Billing....

More information

v February 2016

v February 2016 Service Description HPE Application Performance Management on Software-as-a- Service v2.1 20 February 2016 This Service Description describes the components and services included in HPE Application Performance

More information

SERVICE DESCRIPTION MANAGED FIREWALL/VPN

SERVICE DESCRIPTION MANAGED FIREWALL/VPN Contents Service Overview.... 3 Key Features... 3 Service Features... 3 Responsibilities... 5 Additional Services.... 5 Implementation... 6 Validation... 6 Implementation Process.... 6 Customer Kick-Off...

More information

Application Lifecycle Management on Softwareas-a-Service

Application Lifecycle Management on Softwareas-a-Service Service Description HPE Application Lifecycle Management on Software-as-a- Service Version v2.0 26 November 2015 This Service Description describes the components and services included in HPE Application

More information

CERANET SERVICE LEVEL AGREEMENT

CERANET SERVICE LEVEL AGREEMENT Page 1 of 5 CERANET SERVICE LEVEL AGREEMENT This CeraNet Service Level Agreement ("SLA") applies to all dedicated servers and Co-location services. The Client agrees that CeraNet internal measurements

More information

IBM Managed Security Services - Vulnerability Scanning

IBM Managed Security Services - Vulnerability Scanning Service Description IBM Managed Security Services - Vulnerability Scanning This Service Description describes the Service IBM provides to Client. 1.1 Service IBM Managed Security Services - Vulnerability

More information

Managed WAN SLA. Contents

Managed WAN SLA. Contents Managed WAN SLA Contents Terminology... 2 Service Description... 2 General... 2 Levels and Offerings... 2 Private Network Services... 2 Features... 2 Internet Access... 3 Features... 3 Service Level Metrics...

More information

Managed WAN SLA. Contents

Managed WAN SLA. Contents Managed WAN SLA Contents Terminology... 2 Service Description... 2 Service Offerings... 2 Private Network Services... 2 Ethernet Connectivity... 2 T-1 Connectivity... 3 Other Connectivity... 3 Internet

More information

Solution Pack. Managed Services Virtual Private Cloud Security Features Selections and Prerequisites

Solution Pack. Managed Services Virtual Private Cloud Security Features Selections and Prerequisites Solution Pack Managed Services Virtual Private Cloud Security Features Selections and Prerequisites Subject Governing Agreement DXC Services Requirements Agreement between DXC and Customer including DXC

More information

Attachment C Service Level Agreement for WAN and Internet

Attachment C Service Level Agreement for WAN and Internet Attachment C Service Level Agreement for WAN and Internet Overview The Vendor SLA for Owner shall apply to all data transmission and reception on all Vendor provided Owner Wide Area Network (WAN) connectivity,

More information

IBM Resilient Incident Response Platform On Cloud

IBM Resilient Incident Response Platform On Cloud Service Description IBM Resilient Incident Response Platform On Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means the contracting party and its authorized

More information

XO SITE SECURITY SERVICES

XO SITE SECURITY SERVICES XO SITE SECURITY SERVICES 1.0 Product and Services 1.1 Product Description. XO Site Security (the "Service") is a managed security service which uses Premises-based, multi-threat sensing Customer Premises

More information

IBM Resilient Incident Response Platform On Cloud

IBM Resilient Incident Response Platform On Cloud Service Description IBM Resilient Incident Response Platform On Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means the contracting party and its authorized

More information

Security Annex for Firewalls Additional Terms for Firewall Service

Security Annex for Firewalls Additional Terms for Firewall Service CONTENTS 1 Glossary of Terms & Definitions... 2 2 Service Description... 2 2.1 Firewall Service... 2 2.2 Provisioning... 2 3 Firewall throughput... 3 4 Vendor Change... 3 5 Charges... 3 5.1 Charges payable

More information

IBM Hosted Application Security Services - Production Application Scanning

IBM Hosted Application Security Services - Production Application Scanning IBM Hosted Application Security Services - Production Application Scanning AT_INTC-8840-02 2-2012 Page 1 of 20 INTC-8840-02 2-2012 IBM Österreich Internationale Büromaschinen Gesellschaft m.b.h. A-1020

More information

IBM Case Manager on Cloud

IBM Case Manager on Cloud Service Description IBM Case Manager on Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means the company and its authorized users and recipients of the Cloud

More information

Schedule document N4MDM. PUBLIC Node4 limited 31/11/2018. Node4 Limited Millennium Way Pride Park Derby DE24 8HZ

Schedule document N4MDM. PUBLIC Node4 limited 31/11/2018. Node4 Limited Millennium Way Pride Park Derby DE24 8HZ Schedule document N4MDM PUBLIC Node4 limited 31/11/2018 Schedule document N4MDM This Schedule contains additional terms, Service Description & Service Level Agreement applicable to the N4 End Point Management

More information

SCHEDULE DOCUMENT N4MDM PUBLIC NODE4 LIMITED 13/07/2017. Node4 Limited Millennium Way Pride Park Derby DE24 8HZ

SCHEDULE DOCUMENT N4MDM PUBLIC NODE4 LIMITED 13/07/2017. Node4 Limited Millennium Way Pride Park Derby DE24 8HZ SCHEDULE DOCUMENT N4MDM PUBLIC NODE4 LIMITED 13/07/2017 SCHEDULE This Schedule contains additional terms, Service Description & Service Level Agreement applicable to the N4 End Point Management Service

More information

Table of Contents. Stand: * * *

Table of Contents. Stand: * * * IBM Österreich Internationale Büromaschinen Gesellschaft m.b.h. A-1020 Wien, Obere Donaustraße 95 Telefon (01) 211 45-0* Telefax (01) 216 08 86 Sitz: Wien Firmenbuchnummer FN 80000 y Firmenbuchgericht

More information

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW: SOLUTION OVERVIEW: ALERT LOGIC THREAT MANAGER WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE Protecting your business assets and sensitive data requires regular vulnerability assessment,

More information

IBM Resilient Incident Response Platform On Cloud

IBM Resilient Incident Response Platform On Cloud Service Description IBM Resilient Incident Response Platform On Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means the company and its authorized users and

More information

Network Intrusion Detection

Network Intrusion Detection Network Intrusion Detection This CenturyLink Service Guide ( SG ) sets forth a description of CenturyLink Network Intrusion Detection Services ( Service ) offerings including technical details and additional

More information

ISO27001 Preparing your business with Snare

ISO27001 Preparing your business with Snare WHITEPAPER Complying with ISO27001 Preparing your business with Snare T he technical controls imposed by ISO (International Organisation for Standardization) Standard 27001 cover a wide range of security

More information

MANAGED WAN SERVICE GENERAL Service Definition Standard Service Features. Monitor and Notify Service Level Monitoring Notification

MANAGED WAN SERVICE GENERAL Service Definition Standard Service Features. Monitor and Notify Service Level Monitoring Notification MANAGED WAN SERVICE 1. GENERAL 1.1 Service Definition 1.2 Standard Service Features 1.3 Optional Service Features 1.4 Customer Responsibilities 2. SUPPLEMENTAL TERMS 3. SERVICE LEVEL AGREEMENT 4. FINANCIAL

More information

Epicor ERP Cloud Services Specification Multi-Tenant and Dedicated Tenant Cloud Services (Updated July 31, 2017)

Epicor ERP Cloud Services Specification Multi-Tenant and Dedicated Tenant Cloud Services (Updated July 31, 2017) Epicor ERP Cloud Services Specification Multi-Tenant and Dedicated Tenant Cloud Services (Updated July 31, 2017) GENERAL TERMS & INFORMATION A. GENERAL TERMS & DEFINITIONS 1. This Services Specification

More information

Solution Pack. Managed Services Virtual Private Cloud Managed Database Service Selections and Prerequisites

Solution Pack. Managed Services Virtual Private Cloud Managed Database Service Selections and Prerequisites Solution Pack Managed Services Virtual Private Cloud Managed Database Service Selections and Prerequisites Subject Governing Agreement Term DXC Services Requirements Agreement between DXC and Customer

More information

OUR CUSTOMER TERMS CLOUD SERVICES - INFRASTRUCTURE

OUR CUSTOMER TERMS CLOUD SERVICES - INFRASTRUCTURE CONTENTS 1 ABOUT THIS PART... 2 2 GENERAL... 2 3 CLOUD INFRASTRUCTURE (FORMERLY UTILITY HOSTING)... 2 4 TAILORED INFRASTRUCTURE (FORMERLY DEDICATED HOSTING)... 3 5 COMPUTE... 3 6 BACKUP & RECOVERY... 8

More information

PTS Customer Protection Agreement

PTS Customer Protection Agreement PTS Customer Protection Agreement Revised: July 26, 2017 Thank you for choosing as your IT provider. Customer s Network environments with the most success have an in-house Network Administrator or someone

More information

IBM Sterling B2B Services File Transfer Service

IBM Sterling B2B Services File Transfer Service Service Description IBM Sterling B2B Services File Transfer Service This Service Description describes the Cloud Service IBM provides to Client. Client means the company and its authorized users and recipients

More information

VMware vcloud Air Accelerator Service

VMware vcloud Air Accelerator Service DATASHEET AT A GLANCE The VMware vcloud Air Accelerator Service assists customers with extending their private VMware vsphere environment to a VMware vcloud Air public cloud. This Accelerator Service engagement

More information

CORPORATE GLOBAL ROAMING PRODUCT SPECIFICATION

CORPORATE GLOBAL ROAMING PRODUCT SPECIFICATION CORPORATE GLOBAL ROAMING PRODUCT SPECIFICATION 1. INTRODUCTION This document contains information on the Corporate Global Roaming service. If you require more detailed technical information, please contact

More information

Clearswift Managed Security Service for

Clearswift Managed Security Service for Clearswift Managed Security Service for Email Service Description Revision 1.0 Copyright Published by Clearswift Ltd. 1995 2019 Clearswift Ltd. All rights reserved. The materials contained herein are the

More information

Service Description VMware Workspace ONE

Service Description VMware Workspace ONE VMware Workspace ONE Last Updated: 05 April 2018 The product described in this Service Description is protected by U.S. and international copyright and intellectual property laws. The product described

More information

AppPulse Point of Presence (POP)

AppPulse Point of Presence (POP) AppPulse Point of Presence Micro Focus AppPulse POP service is a remotely delivered solution that provides a managed environment of Application Performance Management. AppPulse POP service supplies real-time

More information

HOSTING SERVICES AGREEMENT

HOSTING SERVICES AGREEMENT HOSTING SERVICES AGREEMENT 1 Introduction 1.1 Usage. This Schedule is an addition to and forms an integral part of the General Terms and Conditions, hereafter referred as the "Main Agreement". This Schedule

More information

Service Description: Software Support

Service Description: Software Support Page 1 of 1 Service Description: Software Support This document describes the service offers under Cisco Software Support. This includes Software Support Service (SWSS), Software Support Basic, Software

More information

ABOUT THIS SECTION...

ABOUT THIS SECTION... CONTENTS 1 ABOUT THIS SECTION... 2 2 MANAGED SECURITY SERVICES... 2 3 WHAT IS SECURITY MONITORING?... 3 4 WHAT ARE THE SECURITY MONITORING SERVICE LEVELS?... 6 5 WHAT IS SECURITY INTELLIGENCE?... 10 6

More information

IBM Content Manager OnDemand on Cloud

IBM Content Manager OnDemand on Cloud Service Description IBM Content Manager OnDemand on Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means the company and its authorized users and recipients of

More information

SERVICE DESCRIPTION DEDICATED SERVER

SERVICE DESCRIPTION DEDICATED SERVER Contents Service Overview.... 3 Key Features... 3 Implementation... 4 Validation... 4 Implementation Process.... 4 Internal Kick-Off... 4 Customer Kick-Off... 5 Provisioning & Testing.... 5 Billing....

More information

IBM Managed Security Services (Cloud Computing) hosted and Web security - express managed security

IBM Managed Security Services (Cloud Computing) hosted  and Web security - express managed  security IBM Managed Security Services (Cloud Computing) hosted e-mail and Web security - express managed e-mail security Z125-8581-01 12-2010 Page 1 of 15 Table of Contents 1. Scope of Services... 3 2. Definitions...

More information

IBM Cloud Service Description: Watson Analytics

IBM Cloud Service Description: Watson Analytics IBM Cloud Services Agreement IBM Cloud Service Description: Watson Analytics The following is the Service Description for your Order: 1. Cloud Service The Cloud Service offering is described below, portions

More information

IBM Aspera on Cloud. The Standard Edition of this Cloud Service is available on a subscription basis. It includes:

IBM Aspera on Cloud. The Standard Edition of this Cloud Service is available on a subscription basis. It includes: Service Description IBM Aspera on Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means the contracting party and its authorized users and recipients of the Cloud

More information

ForeScout Extended Module for Carbon Black

ForeScout Extended Module for Carbon Black ForeScout Extended Module for Carbon Black Version 1.0 Table of Contents About the Carbon Black Integration... 4 Advanced Threat Detection with the IOC Scanner Plugin... 4 Use Cases... 5 Carbon Black Agent

More information

Updated December 12, Chapter 10 Service Description IBM Cloud for Government

Updated December 12, Chapter 10 Service Description IBM Cloud for Government Updated December 12, 2018 Chapter 10 Service Description IBM Cloud for Government IBM Cloud for Government This Service Description describes IBM s Cloud for Government available to Clients under the Federal

More information

XO Wide Area Network ( WAN ) Services IP Virtual Private Network Services Ethernet VPLS Services

XO Wide Area Network ( WAN ) Services IP Virtual Private Network Services Ethernet VPLS Services 1.0 PRODUCT AND SERVICES 1.1 Product Descriptions. XO Wide Area Network ( WAN ) Services IP Virtual Private Network Services Ethernet VPLS Services (a) XO IP VPN. XO IP VPN is a layer 3 data networking

More information

ORACLE PRODUCT SPECIFIC TERMS AND CONDITIONS FOR DYN DELIVERY SERVICES

ORACLE PRODUCT SPECIFIC TERMS AND CONDITIONS FOR DYN  DELIVERY SERVICES FOR DYN EMAIL DELIVERY SERVICES 1. INTRODUCTION. These Oracle Product Specific Terms and Conditions for Dyn Email Delivery Services are entered into by and between Oracle and Client, and are incorporated

More information

VERIZON SELECT SERVICES INC. Page 1. SECTION 13 - EXHIBIT M - Network-Based IP VPN SERVICE

VERIZON SELECT SERVICES INC. Page 1. SECTION 13 - EXHIBIT M - Network-Based IP VPN SERVICE VERIZON SELECT SERVICES INC. Page 1 Quote Number or CBS/CNE Tracking Number: 1) Description of Service. Internet Protocol-Virtual Private Network (IP VPN) Service (Service) is a packet-based advanced data

More information

Service Description: Software Support

Service Description: Software Support Page 1 of 6 Service Description: Software Support This document describes the service offers under Cisco Software Support. This includes Software Support Service (SWSS), Software Support Basic, Software

More information

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045 Solution Brief 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized intelligence that

More information

IBM dashdb for Analytics

IBM dashdb for Analytics Service Description IBM dashdb for Analytics This Service Description describes the Cloud Service IBM provides to Client. Client means the company and its authorized users and recipients of the Cloud Service.

More information

Service Level Agreement

Service Level Agreement This ( ) sets forth the specific terms and conditions under which LightEdge Solutions, Inc. ( LightEdge ) shall supply all Managed Services to Customer. The Master Agreement entered into between LightEdge

More information

SCHEDULE DOCUMENT N4PROTECT DDOS SERVICE PUBLIC NODE4 LIMITED 28/07/2017

SCHEDULE DOCUMENT N4PROTECT DDOS SERVICE PUBLIC NODE4 LIMITED 28/07/2017 SCHEDULE DOCUMENT N4PROTECT DDOS SERVICE PUBLIC NODE4 LIMITED 28/07/2017 SCHEDULE DOCUMENT 1.2 N4PROTECT DDOS This schedule contains additional terms and conditions, service description & Service Levels

More information

Service Description: Cisco Technical Services Advantage (Releases 1.0 through 2.3)

Service Description: Cisco Technical Services Advantage (Releases 1.0 through 2.3) Page 1 of 8 Service Description: Cisco Technical Services Advantage (Releases 1.0 through 2.3) This document describes Cisco Technical Services Advantage support services. Related Documents: This document

More information

University of Pittsburgh Security Assessment Questionnaire (v1.7)

University of Pittsburgh Security Assessment Questionnaire (v1.7) Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.7) Directions and Instructions for completing this assessment The answers provided

More information

Service Level Agreement (SLA) and Service Level Objectives (SLO)

Service Level Agreement (SLA) and Service Level Objectives (SLO) Service Level Agreement (SLA) and Service Level Objectives (SLO) Ver 1.4 Table of Contents 1. Overview.... 3 2. Definitions.... 3 3. Credit Standards... 3 3.1 Datacenter... 4 3.2 Infrastructure... 4 3.3

More information

PRODUCT DESCRIPTIONS AND METRICS

PRODUCT DESCRIPTIONS AND METRICS PRODUCT DESCRIPTIONS AND METRICS Adobe PDM - Adobe LiveCycle Managed Services (2014v1) The Services described in this PDM are Managed Services and are governed by the terms of the General Terms, the Exhibit

More information

Managed Security Services Premises Premium Service Level Agreement

Managed Security Services Premises Premium Service Level Agreement Managed Security Services Premises Premium Service Level Agreement 1. Key Performance Indicators. This SLA defines the service metrics for which Customer has the right to receive credits (Service Credits)

More information

IBM PureApplication Service

IBM PureApplication Service Service Description IBM PureApplication Service This Service Description describes the Cloud Service IBM provides to Client. Client means the company and its authorized users and recipients of the Cloud

More information

Standdards of Service

Standdards of Service Standards of Service for the Provision and Maintenance of; THUS Demon Business 2000, Business 8000, Business 2+, Business 2 + Pro, Demon Business Lite, Demon Business Lite +, Demon Business Unlimited,

More information

IBM Internet Security Systems Proventia Management SiteProtector

IBM Internet Security Systems Proventia Management SiteProtector Supporting compliance and mitigating risk through centralized management of enterprise security devices IBM Internet Security Systems Proventia Management SiteProtector Highlights Reduces the costs and

More information

Forescout. eyeextend for Palo Alto Networks Wildfire. Configuration Guide. Version 2.2

Forescout. eyeextend for Palo Alto Networks Wildfire. Configuration Guide. Version 2.2 Forescout Version 2.2 Contact Information Forescout Technologies, Inc. 190 West Tasman Drive San Jose, CA 95134 USA https://www.forescout.com/support/ Toll-Free (US): 1.866.377.8771 Tel (Intl): 1.408.213.3191

More information

Service Description. IBM Aspera Files. 1. Cloud Service. 1.1 IBM Aspera Files Personal Edition. 1.2 IBM Aspera Files Business Edition

Service Description. IBM Aspera Files. 1. Cloud Service. 1.1 IBM Aspera Files Personal Edition. 1.2 IBM Aspera Files Business Edition Service Description IBM Aspera Files This Service Description describes the Cloud Service IBM provides to Client. Client means the company and its authorized users and recipients of the Cloud Service.

More information

Service Level Agreement

Service Level Agreement Service Level Agreement Version 2018.1 Copyright 2018 Aldridge PO Box 56506, Houston, TX 77256-6506 713.403.9150 http://aldridge.com Contents Contents... 2 Agreement... 3 The Aggregate Set of Agreements

More information

Schedule to Data Products Service Appendix Service Level Agreement

Schedule to Data Products Service Appendix Service Level Agreement Schedule to Data Products Service Appendix Service Level Agreement This Service Level Agreement (SLA) is a Schedule to the itel Networks Service Appendix (Appendices) for Data Services and is incorporated

More information

Managed Firewall 3.0. CenturyLink Technology Solutions Service Guide

Managed Firewall 3.0. CenturyLink Technology Solutions Service Guide Managed Firewall 3.0 This CenturyLink Service Guide ( SG ) sets forth a description of Utility Backup and Vaulting Services ( Service ) offerings by CenturyLink, including technical details and additional

More information

Version v January 2016

Version v January 2016 Service Description HPE StormRunner Load Version v2.1 20 January 2016 This Service Description describes the components and services included in HPE StormRunner Load (which also may be referred to as SaaS

More information