Symantec Managed Data Loss Prevention

Transcription

1 Symantec Managed Data Lss Preventin Service Descriptin Service Overview This Service Descriptin, with any attachments included by reference, is part f any agreement which incrprates this Service Descriptin by reference (cllectively, the Agreement ), fr thse Services which are described in this Service Descriptin and are prvided by Symantec. The Symantec Managed Data Lss Preventin ( Services r MDLP ) is a managed service that mnitrs, manages, and maintains Custmer s n premise implementatins f Symantec Data Lss Preventin ( DLP ). Further, the Services prvide remte mnitring and remediatin, peridic reprting, semi-annual health checks, sftware upgrades and general guidance n infrmatin prtectin strategy as it relates t DLP. These Services are nly available t a Custmer wh licenses and deplys DLP sftware and has and maintains a current supprt subscriptin n the DLP sftware. Table f Cntents Service Overview Technical/Business Functinality and Capabilities Service Features Custmer Respnsibilities Supprted Platfrms and Technical Requirements Service Specific Terms Initial Perid Autmatic Renewal Opt-Out Prcess Service Cnditins Definitins SYMANTEC PROPRIETARY PERMITTED USE ONLY 1 Cpyright 2015 Symantec Crpratin. All rights reserved. Symantec, the Symantec Lg and any ther trademark fund n the Symantec Trademarks List ( that are referred t r displayed in the dcument are trademarks r registered trademarks f Symantec Crpratin r its affiliates in the U.S. and ther cuntries. Other names may be trademarks f their respective wners. The cntents f this dcument are nly fr use by existing r prspective custmers r partners f Symantec, slely fr the use and/r acquisitin f the Services described in this dcument.

2 Symantec Managed Data Lss Preventin Service Descriptin Technical/Business Functinality and Capabilities The Services will be perfrmed by Symantec during Reginal Business Hurs. Ntwithstanding, a limited number f Service features described belw may require afterhurs crdinatin with the apprpriate Custmer persnnel. Service Features All timeframes listed in the Service Features table are targets subject t cmmercially reasnable effrts. Feature Frequency/Availability Descriptin DLP Incident Remediatin and Reginal Business Hurs Symantec will perfrm DLP wrkflw activities related t DLP incidents and alerts generated by the DLP slutin. These activities include: Reprting First Respnder incident analysis, validatin and escalatin Execute pre-defined respnse (fr example: Ntify, Escalate r Reslve as False Psitive ) Escalatin tracking Detailed reprting and trend analysis DLP Plicy Analysis and Tuning Weekly during Reginal Business Hurs Symantec will review and identify pprtunities t ptimize the perfrmance f DLP plicies and respnse settings, and wrk within the Custmer s change cntrl prcess t implement these recmmendatins. These activities include: Tune, test and mature DLP plicies Manage IDM and EDM prfiles False psitive tuning Cnfiguring discvery scans f netwrk & endpint data repsitries Respnse rules management Deplyment f Majr Release Deplyment f Minr Releases and Bug Fixes Deply ne (1) Majr Release every twelve (12) mnths as applicable As released If a Majr Release f DLP is available, Symantec will help deply this Majr Release within Custmer s envirnment. This activity will be perfrmed remtely and crdinated with the Custmer and in n event will Symantec deply a Majr Release mre ften than nce every twelve (12) mnths. Symantec will deply Minr Releases and Bug Fixes (smetimes referred t as minr prduct updates and htfixes) as available, fr DLP. This activity will be perfrmed remtely and crdinated with the Custmer. Administrative Tasks Reginal Business Hurs Symantec will perfrm all administrative tasks relating t cnfiguratin items within DLP and cnduct planning activities. These activities include, but are nt limited t: Weekly: Fault Management Health f the Enfrce Server, Oracle database, detectin servers and agents (Reprt and escalate if necessary t Custmer) Discver scans failure and success mnitring Mnitr lkup plugins Mnitr DLP system errr and warning events User creatin and rle assignments (n request by Custmer) Reprt cnfiguratin (n request by Custmer, limited t ut f bx SYMANTEC PROPRIETARY PERMITTED USE ONLY 2 Cpyright 2015 Symantec Crpratin. All rights reserved. Symantec, the Symantec Lg and any ther trademark fund n the Symantec Trademarks List ( that are referred t r displayed in the dcument are trademarks r registered trademarks f Symantec Crpratin r its affiliates in the U.S. and ther cuntries. Other names may be trademarks f their respective wners. The cntents f this dcument are nly fr use by existing r prspective custmers r partners f Symantec, slely fr the use and/r acquisitin f the Services described in this dcument.

3 Symantec Managed Data Lss Preventin Service Descriptin Feature Frequency/Availability Descriptin templates and available filters) DLP System Incident Management DLP System Prblem Management Mnthly: DLP Incident data archival and purging Manage discver scan targets Manage applicatin mnitring (AFAC) Manage agent cnfiguratin, grups and packaging 24x7 fr Severity Level 1 Symantec will perfrm remte triage and trubleshting f DLP fr Incidents, Incidents detected by Symantec r reprted by the Custmer. If the cause f Reginal Business Hurs the Incident is nt within the scpe f DLP (such as elsewhere within fr all ther Severities Custmer s netwrk infrastructure), the Custmer will be respnsible fr crrective actin. Reginal Business Hurs Symantec will remtely perfrm rt cause analysis f Severity Level 1 Prblems identified as pertaining t DLP. If the Prblem is nt with DLP (such as elsewhere within Custmer s netwrk infrastructure), the Custmer will be respnsible fr crrective actin. Access Management Reginal Business Hurs Symantec will prvide access t MDLP fr up t six (6) Designated Users wh are apprved by the Custmer s main pint f cntact. Designated Users can be changed by sending a written request t the service management center. These Designated Users will receive service reprts and be entitled t call the service management center with service requests r t reprt Incidents. Change Management Standard Changes - Reginal Business Hurs Emergency Changes 24x7 Symantec will mnitr the mutually agreed upn Custmer change management queue(s) and address changes pertaining t In-Scpe Devices. Additinally, Symantec will evaluate and apprve changes relating t the DLP sftware cnfiguratin, prvide the Custmer with varius ptins fr change requests, pr-actively alert the Custmer regarding prductin changes in the DLP envirnment, and execute apprved changed requests as agreed t by the defined stakehlders. Accunt Management 24x7 The Custmer Success Manager will prvide accunt management functins related t MDLP. Exclusins: MDLP is nly cmprised f the Service features described abve n ther activities r deliverables are included. The list belw describes examples f activities that are nt Service features and are ut f scpe fr MDLP: DLP business enablement wrkshps Implement DLP prduct Architect DLP envirnment Implement additinal DLP agents/ptins Server hardware/sftware maintenance management Backup maintenance Hardware fault rectificatin Hardware and strage prvisin Identify scpe and effrt required t implement DLP Desktp end user supprt SYMANTEC PROPRIETARY PERMITTED USE ONLY 3 Cpyright 2015 Symantec Crpratin. All rights reserved. Symantec, the Symantec Lg and any ther trademark fund n the Symantec Trademarks List ( that are referred t r displayed in the dcument are trademarks r registered trademarks f Symantec Crpratin r its affiliates in the U.S. and ther cuntries. Other names may be trademarks f their respective wners. The cntents f this dcument are nly fr use by existing r prspective custmers r partners f Symantec, slely fr the use and/r acquisitin f the Services described in this dcument.

4 Symantec Managed Data Lss Preventin Service Descriptin Desktp/Client installatin r upgrades Custmer Respnsibilities Custmer acknwledges and agrees that Symantec can nly perfrm Services if Custmer prvides required infrmatin r perfrms required actins as set frth belw r as reasnably requested by Symantec. Accrdingly, and withut limitatin, if Custmer des nt meet the fllwing respnsibilities, Symantec s perfrmance f Services may be delayed, impaired r prevented, as nted belw: Have Symantec prfessinal services, r an apprved Symantec delivery partner, cnduct business advisry wrkshps, technical design, architecture and cnfiguratin f Custmer s DLP envirnment prir t the cmmencement f Services. Identify a Custmer Prject Executive ( Prject Executive ) wh can prvide exclusive versight and has the authrity t make decisins fr Custmer regarding change rders, budget, scpe, resurces and ther prject related issues if they cannt be reslved by the Custmer main pint f cntact. Prvide Symantec with necessary security access t enable remte access t Custmer s DLP instances fr which Custmer has purchased Services. Assign a main pint f cntact t supprt executin f Services. Custmer s main pint f cntact will Wrk with Symantec n enfrcement f change cntrl prcess Wrk with custmer-internal resurces t drive/cmplete tasks designated t them Wrk with custmer-prcured third parties t drive/cmplete tasks designated t them Act as the fcal pint fr reslutin f issues in supprt f the delivery f Services Prvide Symantec with all necessary cperatin, infrmatin, and supprt that may reasnably be required by Symantec fr the perfrmance f the Services. This includes access t suitably cnfigured cmputers, sftware prducts, and applicable passwrds, access t install and maintain deplyed sftware n the Custmer systems in the perfrmance f the Services at such times as Symantec requires. In additin, if nsite presence is required Symantec persnnel will be given all reasnably necessary access as required t perfrm Services, including if wrk is required utside f Reginal Business Hurs. Custmer will als prvide access t a suitable cnference rm fr meetings, interviews, and facilitated sessins during any nsite cmpnents f the engagement. Ensure that Symantec has access t the fllwing at all times: Materials and resurces related t the technical envirnment; Sftware design dcumentatin, current design diagrams, and ther infrmatin that may aid in the delivery f these Services; and Access t all perating systems, netwrk and cmputing envirnments necessary t perfrm Services Prvide a list f relevant IP addresses, URLs and user authenticatin. Fllw the apprpriate perating prcedures listed in the Operatins Manual during submissin f Services requests. Run a supprted versin f Data Lss Preventin as detailed in the Operatins Manual and in a Supprted Cnfiguratin. Ntify Symantec in writing at least twenty-fur (24) hurs in advance f any scheduled maintenance, netwrk, r system administratin activity that wuld affect Symantec s ability t perfrm the Services. Ensure that prir t the cmmencement f Services by Symantec and cntinuing thrughut the prvisin f Services, that: DLP has been crrectly licensed fr all apprpriate platfrms and the same are made available in a timely manner t Symantec. Custmer has Essential Supprt n all DLP in the In-Scpe Devices. SYMANTEC PROPRIETARY PERMITTED USE ONLY 4 Cpyright 2015 Symantec Crpratin. All rights reserved. Symantec, the Symantec Lg and any ther trademark fund n the Symantec Trademarks List ( that are referred t r displayed in the dcument are trademarks r registered trademarks f Symantec Crpratin r its affiliates in the U.S. and ther cuntries. Other names may be trademarks f their respective wners. The cntents f this dcument are nly fr use by existing r prspective custmers r partners f Symantec, slely fr the use and/r acquisitin f the Services described in this dcument.

5 Symantec Managed Data Lss Preventin Service Descriptin All maintenance and supprt cntracts f required systems, sftware, and hardware are prvided t Symantec. All such cntracts are active and in gd standing, and all supprt cntract numbers r identificatins have been prvided. The perating systems f all apprpriate servers and cmputers will be at a level supprted by the Symantec sftware prducts t be used. The DLP cnfiguratin will be running in a Supprted Cnfiguratin. The technical envirnment, including the applicatin and database, will be kept under change cntrl. The physical envirnment is stable and prvides a viable envirnment fr Symantec t perfrm the Services. Prvide and maintain apprpriate levels f high availability and supprting clustered infrastructure t ensure DLP applicatin availability. Prvide and maintain an apprpriate disaster recvery envirnment t supprt the DLP applicatin in case f a majr site level disaster. Supprted Platfrms and Technical Requirements The Service is sld n a per Custmer FTE basis and prvided t Custmer in accrdance with the quantities set frth in the Subscriptin Instrument. Custmer may nly receive Services fr versins f DLP that are currently supprted by Symantec. Custmer may nly receive Services during such time as Custmer maintains a valid Custmer Success (Enterprise r Premier) agreement. Custmer may nly receive Services during such time as Custmer maintains a valid Managed Security Services Advanced Mnitring agreement which includes Data Lss Preventin endpints. Service-Specific Terms Initial Perid The Initial Perid will cmmence n the Services start date identified in the Subscriptin Instrument. Custmer acknwledges and agrees that the Term will expire at the end f Custmer s subscriptin even if Custmer des nt cmplete its nbarding requirements in rder t receive Services during the Term. Autmatic Renewal Opt-Out Prcess The Service renews autmatically as set frth in the Agreement, unless Custmer cancels as fllws: Custmer may pt-ut f autmatic renewal by prviding Symantec ntice at least ninety (90) days prir t the end f Custmer s Initial Perid (als smetimes called the Minimum Perid) r a then-current Renewal Perid (each, a Term ). Such ntice f autmatic renewal pt-ut, r ntice f nn-renewal, must be sent t the assigned Service Delivery Manager. A ntice f nn-renewal takes effect upn the expiratin f the then-current Term. Service Cnditins Custmer shall nt disclse the results f any benchmark tests r ther tests cnnected with the Services t any third party withut Symantec s prir written cnsent. SYMANTEC PROPRIETARY PERMITTED USE ONLY 5 Cpyright 2015 Symantec Crpratin. All rights reserved. Symantec, the Symantec Lg and any ther trademark fund n the Symantec Trademarks List ( that are referred t r displayed in the dcument are trademarks r registered trademarks f Symantec Crpratin r its affiliates in the U.S. and ther cuntries. Other names may be trademarks f their respective wners. The cntents f this dcument are nly fr use by existing r prspective custmers r partners f Symantec, slely fr the use and/r acquisitin f the Services described in this dcument.

6 Symantec Managed Data Lss Preventin Service Descriptin Definitins Capitalized terms used in this Service Descriptin, and nt therwise defined in the Agreement r this Services Descriptin, have the meaning given belw: Designated User means persn designated by the Custmer t access the service. First Respnder means Symantec s first pint f cntact designated fr initial incident analysis and escalatin, if necessary, f critical incidents thrugh defined channels t apprpriate persnnel within Custmer s rganizatin (fr example, Frensics, Legal, Cmpliance, Human Resurces, etc.) fr further investigatin r reslutin by Custmer. In-Scpe Devices means the cntrl pints and endpints fr which Custmer has purchased Services. Incident(s) means any event which is nt part f the standard peratin f the Services and which causes, r may cause, an interruptin r a reductin f the quality f the Services. Majr Release has the meaning set frth in the Symantec Enterprise Technical Supprt Handbk. Minr Release has the meaning set frth in the Symantec Enterprise Technical Supprt Handbk. Mnthly Charge means the prrated mnthly fee payable t Symantec fr the affected Services. Operatins Manual means the peratinal guide detailing administrative prcesses and peratins fr Symantec Managed Data Lss Preventin. The Operatins Manual may be updated by Symantec frm time and time will be distributed t Custmer by the Services accunt team. Prblem has the meaning set frth in the Symantec Enterprise Technical Supprt Handbk. Reginal Business Hurs means the standard hurs f business peratin, typically 8 a.m. t 5 p.m., during the business hurs and business days in a specific gegraphic regin, based n the lcal ffice hurs f Symantec and/r its lcal Service prvider(s). Reginal Business Hurs exclude hlidays and days f rest. Severity Level and Severity Level 1 has the meaning set frth in the Symantec Enterprise Technical Supprt Handbk. Subscriptin Instrument means the applicable Symantec certificate r a similar dcument issued by Symantec that accmpanies, precedes r fllws Custmer s access t the Service, r a Service-specific written agreement is executed between Custmer and Symantec the terms f which expressly supersede the certificate. Supprted Cnfiguratin has the meaning set frth in the Symantec Enterprise Technical Supprt Handbk. Symantec Enterprise Technical Supprt Handbk means the supprt handbk that prvides an verview f the Symantec technical supprt fferings available frm Symantec. The mst recent versin is available at r END OF SERVICE DESCRIPTION SYMANTEC PROPRIETARY PERMITTED USE ONLY 6 Cpyright 2015 Symantec Crpratin. All rights reserved. Symantec, the Symantec Lg and any ther trademark fund n the Symantec Trademarks List ( that are referred t r displayed in the dcument are trademarks r registered trademarks f Symantec Crpratin r its affiliates in the U.S. and ther cuntries. Other names may be trademarks f their respective wners. The cntents f this dcument are nly fr use by existing r prspective custmers r partners f Symantec, slely fr the use and/r acquisitin f the Services described in this dcument.