Schedule 2s. Additional terms for Security Services. 1. Security Service Description

Transcription

1 1. Security Service Description Schedule 2s This Schedule describes the additional terms and conditions applicable to the following Interoute Services: 3. Security Services Fault Management Categories DDoS Protection Service Filtering (non-hardware based) Services Web Content Filtering (non-hardware based) Services Firewall Service Roaming IPsec/SSL Access Roaming ipass DMZ Service Managed Authentication Service Web Content Filtering Service (hardware based) IPS Service These Services can be acquired by the Customer as supplemental to other Services. The Charges for Security Services will be set out in the applicable Purchase Order. 2. Definitions In this Schedule, capitalised terms shall have the meaning ascribed to them below: 2FA or Two-Factor Authentication Service means the Deliverables and Services; 2AP or 2FA Administration Portal means an Internet portal that allows the Administrator, through a web browser, to perform administrative functions including, but not limited to, assigning and de-assigning Devices to End Users; Administrator means any person the Customer designates to use 2AP to provision and support the End Users and Devices purchased by the Customer; A-PoP or Authentication Point of Presence means the designated part of the Interoute Network that communicates with the Customer s Authentication Node; Authentication Node means any item of Customer Equipment that is configured to receive access requests from End Users and to forward same along with the End Users credentials to 2FA for verification; Authentication Service means an internet based service that validates the credentials of End Users passed to by the Authentication Node; Black Holing means discarding all data destined for a particular IP Address so that it does not disrupt the flow of data to other IP Addresses; Critical Incident is a Incident without which there will be a serious business impact to the Customer s online operation; Customer the third party that Interoute directly sells service to; Customer Token Pool means the inventory of Devices allocated to Customer and which the Administrator can assign to End Users to be used by End Users for authentication; Customer Service Manual means the manual that Interoute issues to the customer at the time of the service being activated and handed over to the customer. The Customer service manual details the methods that Interoute employs to support the service and the customer; Deliverable means Hardware Devices and Software Devices; page 1 of 20

2 "Device(s) means Hardware Devices and Software Devices; Schedule 2s DDoS or Distributed Denial of Service means a form of electronic attack involving multiple computers, which send repeated requests to a server (web site) generating false traffic and rendering it inaccessible to valid users; "End User" means anyone who uses an Interoute Service using the Customer s access details; Event Log means a log file which stores information about several events for future analysis; Fault means an incident that would prevent the use (full or partial) of the Service; Firewall Policy means the document provided to Interoute which states the Customer required rules for Interoute to implement in the Firewall Service; Firewall Service means an optional feature of the IP VPN, Internet or Hosting Service ordered on the applicable Purchase Order comprising Internet Access and a Managed Firewall co-located within one of the Interoute Core IP Nodes; "Hardware Device(s) means hardware tokens which may incorporate firmware (such as a key-fob token); Hub, The means Interoutes online web portal ( a utility that Interoutes customers can access to review the product they purchase from Interoute. IP Address means the identifying number of a computer attached to the Internet. Every computer must have a unique IP Address. IP Addresses are written as four sets of numbers separated by full stops: for example ; IP Customers means Customers who purchase Internet, VPN, Hosting, Managed or Unmanaged CPE or any other Service type that relies upon the IP Protocol suite as its transport mechanism; IPS Appliance means a physical device or a virtual device, systems, cabling and facilities provided by Interoute in order to make the Managed IPS Service available to the Customer; IPS Detection Engine means a feature of the IPS Service that is resident on the IPS Appliance purchased as part of the IP Service; IPS Policy means the document provided by the Customer to Interoute that states the Customer required rules for Interoute to implement for the IPS Service; IPS Service means an Intrusion Prevention Service for the supply and operation of IPS Appliance and IPS Detection Engines and any corresponding Licensed Software and implementation of Customer s IPS Policy within an Interoute Co-Location facility or a Site; MAE means Metropolitan Area Exchange; Managed CPE Firewall means an optional feature of the Internet Access Service ordered on the applicable Purchase Order comprising Internet Access and a Managed Firewall Service; Managed Firewall Equipment means the Equipment, systems, cabling and facilities provided by Interoute in order to make the Managed Firewall Service available to the Customer; Managed Firewall Service means the optional feature of the Internet Service for the supply and operation of Managed Firewall Equipment and Service and any corresponding Licensed Software and implementation of Customer s Firewall Policy within an Interoute Co-Location facility or a Site; Managed Object means a Customer specific profile configured on Interoute s DDoS Protection Service detailing the IP addresses or autonomous system number to be protected by the Service. MAP or MAS Administration Portal means an Internet portal that allows the Administrator, through a web browser, to perform administrative functions including, but not limited to, assigning and de-assigning Devices to End Users; MAS or Managed Authentication Service means the Deliverables and Services; NAP means Network Access Point; page 2 of 20

3 Non-Critical Request is a request such as a request for information which has no immediate or significant impact on the running of the Customer online operation; Secrets means passwords, personal identification numbers, question and answer combinations or other information that must be kept confidential and may be used by either Party to identify End Users or to prevent anyone other than the End User from using 2FA; "Secure Items means Devices and Secrets; Software means (i) Software Devices; and/or (ii) all other software provided by Interoute to Customer; Software Devices means software tokens installed on generic hardware such as a PC, mobile phone or personal digital assistant; and Working Hours means 9.00 am-5.00 pm GMT on a Working Day in London; Any other capitalised terms have the meanings set out in Schedule 1 or the applicable Additional Terms. 3. Security Services Fault Management Categories Security Incidents / Requests will be classified according to the following matrix: Category Critical Major Definition Service Affecting faults: Unprotected Service hard down or Protected/Resilient service with both main and back up not working (service affecting). Unprotected/Protected/resilient service with severe degradation making service unusable. Interconnect or platform failure. NOTE: Full access for intrusive testing is assumed/agreed by the customer. Degradation faults: Degraded service but usable. Major fault type - protected/resilient service working on back up with no impact to performance. Major fault type - partial loss of service (i.e. calls failing to one country). Major fault type - first time connections. NOTE: Customer permission is required before intrusive testing is allowed. Planned testing. Standard Single number failures. Non service affecting threshold alerts (hosting services). Change requests Table Definitions: Service Affecting (SA) - A Service Affecting Fault means any fault, repair or condition affecting the applicable Service(s) as logged by Customer or Interoute. It should be remembered that fault restoration time may be dependant on a third party provider in the case of complete network failure, and hence the restoration timescales of the service/network provider themselves shall be adhered to. Interoute shall provide full co-operation in rectifying these types of faults. page 3 of 20

4 Degradation (DA) - Degradation faults are defined as those faults, which cause a decrease in normal daily traffic volumes i.e. high incidence of 'Packet Loss' or excessive 'latency'. These faults are defined as Non- Service Affecting Faults. Non-Service Affecting (NSA) - Non-Service Affecting fault means any issue, repair or condition that does not cause live disruption to Customer traffic. NSA faults raised outside normal Working Hours can be deferred until next Working Day for resolution if both Parties agree. SLA Parameters - The Service Levels are agreed in the Service related Additional Terms of the Agreement between Customer and Interoute. All Service Level measurements are based on the criteria defined in the Additional Terms. The Target Time to Repair (TTR) is specified in the relevant Additional Terms specific to each Service. Interoute reserves the right to decline any direct action to rectify any incident and fault unless the customer has adhered to the Incident Management and Escalation procedures described in the Customer Service Manual. 4. DDoS Mitigation Service a. The following terms and conditions apply where the Customer has indicated on an applicable Purchase Order that they require DDoS Mitigation or where Interoute has advised the Customer that DDoS Mitigation is required for the Service(s) they are purchasing. The Interoute DDoS Mitigation Service offers Customers the ability to mitigate against DDoS attacks. b. Provision Of Service The DDoS Mitigation Service comprises of the cleaning of the traffic directed towards the Customer s website and includes: I. installation and maintenance of the Service on the relevant Equipment; II. III. configuration of a set of pre-defined monitoring parameters as specified by Interoute; monitoring of agreed parameters and status information via the Event Log. c. Monitoring and Detection It is the Customer s responsibility to monitor and detect abnormal or unusual traffic. If any such behaviour is detected, Customer must inform Interoute immediately and request that the DDoS Mitigation Service is enabled. Following this request, Interoute will work with the Customer to identify when a DDoS attack is occurring. d. Cleaning and Mitigation - When Interoute is notified of an attack, traffic destined for the targeted IP address or autonomous system number will be redirected by Interoute to its DDoS Mitigation infrastructure, for inspection. Diverted traffic will be subjected to multiple layers of statistical analysis, active verification and anomaly recognition to identify malicious sources, reveal abnormal behaviour and discard packets that do not conform to the normal traffic pattern. Whilst traffic cleaning is underway it is envisaged that an increase in latency will occur and during such periods Interoute s standard service performance levels (Service Levels) will not apply. e. Interoute will use reasonable endeavours to ensure that legitimate traffic is received as normally as possible during an attack, and that the website user experience is affected as little as possible. In an attack, countermeasures will be deployed by Interoute to ensure disruptions to operations are minimised, and measures such as Black Holing will only be used by Interoute if all other measures have been deemed by Interoute to have failed or will be likely to fail. f. Where Customer reports a Non-Critical Request to reconfigure the DDoS parameters, Interoute will use reasonable endeavours to re-configure the Service parameters to achieve maximum DDoS Mitigation with minimum processing overhead and traffic disruption. g. Interoute will monitor the Devices used by Interoute to provide this Service (via ICMP and SNMP) and Interoute will configure them via secure connections. page 4 of 20

5 h. The DDoS Mitigation Service neither offers nor provides: Schedule 2s i. Load balancing of traffic or of the functionality of any Service, including Security Services described herein ii. iii. iv. Direct access to Interoute s network security or engineering staff. All initial contact between the Customer and Interoute must be directed to Interoute s Customer Service Centre. Archival and storage of log files beyond thirty (30) days Incident response, forensics and investigations v. Legal case preparation, PR incident support vi. vii. viii. i. Service Provision requirements Security consulting services (e.g. security policy design, security auditing, penetration testing, contingency/disaster recovery planning, etc) Security reporting and analysis Permanent filtering or cleaning of traffic In order to provide the Service, the following requirements apply: i. The Customer will not have access to any Equipment or Software required for the Service; ii. iii. j. No Warranty The Customer must specify the IP Addresses, IP Address ranges or the autonomous system number for which the Customer desires the DDoS Protection Service to be activated, by completing a form which Interoute will provide to the Customer The Customer must provide Interoute with contact details for the departments and/or people Interoute are to contact during a DDoS attack. This Service is designed to Mitigate the Customer and the Customer s End Users from DDoS attacks. However, Interoute does not warrant that it shall withstand these attacks on all occasions. Interoute reserve the right to Black Hole any of the Customer traffic as required to protect the Interoute Network or its or its other customers traffic. Interoute s DDoS Mitigation supports a maximum throughput of 20Gbps ( Maximum Throughput ). If the Maximum Throughput is exceeded, the level traffic will be indiscriminately discarded by Interoute s DDoS Mitigation Service. k. Service Levels i. Availability Interoute will use reasonable efforts to ensure that the DDoS Mitigation Service is available to the Customer 99% of any Monthly Review Period ( Service Availability ). Percentage Service Availability is calculated per Monthly Review Period using the following formula: Where: P = (H-U) P is the percentage availability; H X 100 U is the total amount of minutes a Customer Service during that Monthly Review Period for which the Service was unavailable; H is the total number of minutes in that Monthly Review Period; page 5 of 20

6 Where Service Availability falls below this target during any Monthly Review Period, the Customer will be entitled to Service Credits as follows: Unavailability Duration below target 0.25% below target 5% 0.75% below target 10% 1.5% below target 15% 2.5% below target 20% 3.5% below target 25% > 3.5% below target 30% Service Credits as % of Monthly Recurring Charge Interoute will use reasonable endeavours to reach the following Service Levels: ii. Response Times: Response Time Resolution Time Critical 1 hour 4 hours Major 4 hours 24 hours Standard 24 hours 96 hours Specific Product Responses Enabling of DDoS Mitigation Within 1 hour of Customer raising a trouble ticket with Interoute i. If the Customer requires any work for the provision of service to be undertaken outside of normal Working Hours, or the Customer requests Non-Critical Request support beyond the allocated number per calendar month, Interoute reserve the right to make a charge based on the applicable professional services rate. ii. Where Interoute can not resolve a Fault at the time the Customer reported the Fault to the Customer s satisfaction then Interoute will ask the Customer to provide a contact telephone number to enable reports on progress with the Fault clearance to be made. iii. Interoute will: iii. Service Changes I. provide advice by telephone; II. III. carry out tests and diagnostics on the Service; work to resolve the Fault within the agreed time period as stated in the table set out above. iv. If Interoute responds to and works on a reported Fault and it is subsequently found not to be a Fault with the Service then a charge will be made based on the applicable rate. i. Should the Customer require changes to be made to the configuration or operation of the DDoS Mitigation service once a DDoS Mitigation Service has been installed, the Customer must contact Interoute via either Telephone, Fax, or through the Interoute hub. Configuration and service changes might be carried out free of charge depending on the classification of the change. The following table shows all potential DDoS Mitigation service page 6 of 20

7 changes and whether they are deemed as chargeable items (Major Changes) or whether they are included within the scope of the service (Minor Changes): Types of Modifications Major Change Minor Change Add Managed Object Modification of a managed object During the first full calendar month following the Ready for Service Date, the Customer shall be entitled to request certain reasonable changes (to be determined by Interoute) which will be covered by a non-recurring Charge. Where the Customer requests a minor change to be carried out on their IPS Service, and where all of the relevant information is provided by the Customer to Interoute, Interoute will endeavour to complete all minor changes within one (1) working days from receiving such requests. As standard, DDoS Customers are permitted to request up to three (3) minor change requests per calendar month free of charge. Should a Customer request more than three (3) minor changes during a given month, Interoute reserves the right to charge a one-off fee. 5. Filtering (non-hardware based) Services a. The following terms and conditions apply where the Customer has indicated on a Purchase Order that they require the Interoute Services and/or Web Content Filtering Service. These Services are provided to Customers through Interoute s third party supplier. The Filtering Service includes Anti-Virus, Malware protection and Anti-Spam protection.. b. The terms and conditions for the Service are available at In addition to these terms and conditions, Interoute will provide a first line support service to the Customer s IT department which shall include: call logging and basic technical trouble shooting. Interoute shall, at its sole discretion determine what is classed as first line support. All other support shall be provided by Interoute s third party supplier. Except as set out in this Agreement, Interoute shall have no further liability in relation to these Services. c. Provided that it does not materially diminish the quality and functionality of the Service, Interoute reserves the right to change its third party supplier of these Services with thirty (30) days notice to the Customer. d. Service Levels i. Availability Interoute will use reasonable efforts to ensure that the Filtering Service is available to the Customer 99% of any Monthly Review Period ( Service Availability ). Percentage Service Availability is calculated per Monthly Review Period using the following formula: Where: P = (H-U) P is the percentage availability; H X 100 U is the total amount of minutes during that Monthly Review Period for which the Service was unavailable; H is the total number of minutes in that Monthly Review Period; Where Service Availability falls below this target during any Monthly Review Period, the Customer will be entitled to Service Credits as follows: page 7 of 20

8 Unavailability Duration below target Service Credits as % of Monthly Recurring Charge: 0.25% below target 5% 0.75% below target 10% 1.5% below target 15% 2.5% below target 20% 3.5% below target 25% > 3.5% below target 30% iv. Response Times: Interoute will use reasonable endeavours to respond to requests within the following timescales in line with section b above: Response Time Resolution Time Critical 4 hour 24 hours Major 24 hours 96 hours Standard 24 hours 96 hours v. Service Changes i. If the Customer requires any work for the provision of service to be undertaken outside of normal Working Hours, or the Customer requests Non-Critical Request support beyond the allocated number per calendar month, Interoute reserve the right to make a charge based on the applicable professional services rate. ii. Where Interoute can not resolve a Fault at the time the Customer reported the Fault to the Customer s satisfaction then Interoute will ask the Customer to provide a contact telephone number to enable reports on progress with the Fault clearance to be made. I. Interoute will provide advice by telephone; II. III. carry out tests and diagnostics on the Service; work to resolve the Fault within the agreed time period as stated in the table set out above. iii. If Interoute responds to and works on a reported Fault and it is subsequently found not to be a Fault with the Service then a charge will be made based on the applicable rate. Should the Customer require changes to be made to the configuration or operation of the Filtering service once an Filtering Service has been installed, the Customer must contact Interoute via either Telephone, Fax, or through the Interoute hub. Configuration and service changes might be carried out free of charge depending on the classification of the change. The following table shows all potential Filtering service changes and whether they are deemed as chargeable items (Major Changes) or whether they are included within the scope of the service (Minor Changes): Types of Modifications Major Change Minor Change Add/Remove Users from a Customers domain(s) Add/Remove Domain(s) page 8 of 20

9 During the first full calendar month following the Ready for Service Date, the Customer shall be entitled to request certain reasonable changes (to be determined by Interoute) which will be covered by a non-recurring Charge. Where the Customer requests a minor change to be carried out on their Filtering Service, and where all of the relevant information is provided by the Customer to Interoute, Interoute will endeavour to complete all minor changes within one (1) working day from receiving such requests. As standard, Filtering Customers are permitted to request up to three (3) minor change requests per calendar month free of charge. Should a Customer request more than three (3) minor changes during a given month, Interoute reserves the right to charge a one-off fee. vi. Exclusions i. Interoute shall not be liable to the Customer for the direct support of End Users of the Filtering Service; 6. Web Content Filtering (non-hardware based) Services a. The following terms and conditions apply where the Customer has indicated on a Purchase Order that they require the non-hardware based Web Content Filtering Service. These Services are provided to Customers through Interoute s third party supplier. The Web Content Filtering Service includes Web Anti Virus, Web Anti Spyware and Web URL filtering (as defined in the terms and conditions referenced below). b. The terms and conditions for the Web Content Filtering Service are available at In addition to these terms and conditions, Interoute will provide a first line support service to the Customer s IT department which shall include: call logging and basic technical trouble shooting. Interoute shall, at its sole discretion determine what is classed as first line support. All other support shall be provided by Interoute s third party supplier. Except as set out in this Agreement, Interoute shall have no further liability in relation to these Services. c. Provided that it does not materially diminish the quality and functionality of the Service, Interoute reserves the right to change its third party supplier of these Services with thirty (30) Days notice to the Customer. 7. Firewall Service a. The following terms and conditions apply where IP Customers have indicated on a Purchase Order that they require the Firewall Service. b. The Firewall Service is provided to IP Customers who require public Internet access delivered through one central point. The Service offers controlled and mediated public Internet Access through a central interconnect between the Customer VPN and the public Internet. This feature is known as Firewall. Firewall is delivered as a central 100Mb/s or 1 Gb/s connection provided in one of Interoute s facilities. Interoute shall provision a centrally managed firewall device and security policy for this purpose. c. Where the Firewall Service is purchased the Customer agrees and warrants to own, maintain and keep a Firewall Policy and undertakes to keep Interoute fully informed of the Firewall Policy and to notify Interoute of any changes to it immediately. Where requested by Interoute, the Customer shall provide a copy of the said Firewall Policy to Interoute. d. The Customer acknowledges and accepts that Interoute shall not be responsible for or liable for any security breach or failure resulting from the Customer s Firewall Policy and Interoute shall not be obliged to supply, advise or comply with the Customer s Firewall Policy. e. Where the Customer has purchased the Firewall Service, the Customer agrees that it has assessed for itself the suitability of the Firewall Service for its requirements based on the Firewall Policy. Interoute does not warrant that the Firewall Service will meet such requirements or that the Firewall Service will operate in the particular circumstances in which it is used by the Customer or that any use will be uninterrupted or error free. f. The Parties acknowledge that it is technically impracticable to provide the Firewall Policy Service free of faults. However, without prejudice to the generality of the foregoing, Interoute shall endeavour to provide the page 9 of 20

10 Services in accordance with the relevant Service Levels detailed below. Interoute endeavours to carry out maintenance work, updating, remedy, repair or reconnection of Customer Equipment, and the Services in accordance with the provisions contained within this Agreement. g. Service Levels i. Availability for the Firewall Service Service type used when connecting to the Interoute IP Network Target Site Availability Firewall Service 99.95% Percentage Site Availability is calculated per Monthly Review Period using the following formula: Where: P = (H-U) P is the percentage availability; H X 100 U is the total amount of minutes during that Monthly Review Period for which the Service was unavailable; H is the total number of minutes in that Monthly Review Period; Where Site Availability falls below the applicable Target Site Availability during any Monthly Review Period, the Customer will be entitled to Service Credits as follows: Service Availability for each applicable Site during Monthly Review Period falling below target Availability by Service Credits as % of the applicable Site Monthly Charge Up to 1% 5% Up to 2% 10% Up to 3% 15% More than 3% 20% Service Credits are the sole and exclusive remedy for any cause of action arising out of the failure of the Firewall Service. ii. Response Times: Interoute will use reasonable endeavours to respond to requests within the following timescales: Response Time Resolution Time Critical 1 hour 4 hours Major 2 hours 8 hours Standard 6 hours 24 hours i. If the Customer requires any work for the provision of service to be undertaken outside of normal Working Hours, or the Customer requests Non-Critical Request support beyond the allocated number per calendar month, Interoute reserve the right to make a charge based on the applicable professional services rate. page 10 of 20

11 iii. ii. Where Interoute can not resolve a Fault at the time the Customer reported the Fault to the Customer s satisfaction then Interoute will ask the Customer to provide a contact telephone number to enable reports on progress with the Fault clearance to be made. i. Interoute will provide advice by telephone; ii. carry out tests and diagnostics on the Service; iii. work to resolve the Fault within the agreed time period as stated in the table set out above. iii. If Interoute responds to and works on a reported Fault and it is subsequently found not to be a Fault with the Service then a charge will be made based on the applicable rate. Service Changes Should the Customer require changes to be made to the configuration or operation of the Firewall service once an Firewall Service has been installed, the Customer must contact Interoute via either Telephone, Fax, or through the Interoute hub. Configuration and service changes might be carried out free of charge depending on the classification of the change. The following table shows all potential Firewall service changes and whether they are deemed as chargeable items (Major Changes) or whether they are included within the scope of the Service (Minor Changes): Types of Modifications Major Change Minor Change Add/Delete/Modify specific filtering Rule Add/Delete/Modify PAC configuration file Add/Delete Users Add/Delete IP Address Add/Delete/Modify Zone Profile Produce Attack Log Protect Zone Switch Zone to learning Add/Delete/Modify specific Filtering rule Add/Delete/Modify specific detection rule Add/ Change/ Delete Firewall Rules for existing firewall customer Providing Firewall Log files to Internet Central customers IP Address Change Remote Access (per site) Cycling shared security secret for Remote Access users Adding for Network Address Translations (NAT) Changing NAT Remove NAT During the first full calendar month following the Ready for Service Date, the Customer shall be entitled to request certain reasonable changes (to be determined by Interoute) which will be covered by a non-recurring Charge. Where the Customer requests a minor change to be carried out on their Firewall Service, and where all of the relevant information is provided by the Customer to Interoute, Interoute will endeavour to complete all minor changes within one (1) working days from receiving such requests. As standard, page 11 of 20

12 Firewall Customers are permitted to request up to three (3) minor change requests per calendar month free of charge. Should a Customer request more than three (3) minor changes during a given month, Interoute reserves the right to charge a one-off fee. 8. Roaming IPsec/SSL Access Services a. The following terms and conditions apply where IP Customers (who have also purchased the Firewall Service) have indicated on a Purchase Order that they require the Roaming IPsec/SSL Access Service to use with their IPVPN Service. This Service is provided to Customers who have End Users that require access to corporate resources on the IPVPN Service from non-fixed locations. Interoute can provide the Remote Access feature using an IPsec client on mobile devices such as laptops or provide access based on SSL (Secure Socket Layer). b. The terms and conditions for the Roaming IPsec/SSL Access Service are available at In addition to these terms and conditions, Interoute will provide a support service to the Customer s IT department. Except as set out in this Agreement, Interoute shall have no further liability in relation to these Services. c. Provided that it does not materially diminish the quality and functionality of the Service, Interoute reserves the right to change its third party supplier of these Services without notice to the Customer. d. Service Levels i. Service Changes Should the Customer require changes to be made to the configuration or operation of the Roaming IPSec/SSL service once an Roaming IPSec/SSL Service has been handed over to the customer, the Customer must contact Interoute via either Telephone, Fax, or through the Interoute hub. Configuration and service changes might be carried out free of charge depending on the classification of the change. The following table shows all potential Roaming IPSec/SSL service changes and whether they are deemed as chargeable items (Major Changes) or whether they are included within the scope of the service (Minor Changes): Types of Modifications Major Change Minor Change Roaming IPSec Service Add Remove Remote Users Roaming IPSec Service Provide Usage Report Roaming IPSec Service Roaming IPSec Service Cycling shared security secret for Remote Access users Request Two-Factor Authentication Tokens Roaming SSL Service Add SSL configuration file/tunnel group Roaming SSL Service Delete SSL tunnel group Roaming SSL Service Provide Usage Report Roaming SSL Service Request Two-Factor Authentication Tokens *The maximum amount of users is dependant on the capability of the firewall During the first full calendar month following the Ready for Service Date, the Customer shall be entitled to request certain reasonable changes (to be determined by Interoute) which will be covered by a non-recurring Charge. Where the Customer requests a minor change to be carried out on their Roaming IPSec/SSL Service, and where all of the relevant information is provided by the Customer to Interoute, Interoute will endeavour to complete all minor changes within one (1) working day from receiving such requests. As page 12 of 20

13 standard, IPSec/SSL Customers are permitted to request up to three (3) minor change requests per calendar month free of charge. Should a Customer request more than three (3) minor changes during a given month, Interoute reserves the right to charge a one-off fee. 9. Roaming ipass Service a. The following terms and conditions apply where IP Customers have indicated on a Purchase Order that they require the Interoute Roaming ipass Service. This Service is provided to Customers who have End Users that require Internet access from non-fixed locations. b. The terms and conditions for the Roaming ipass Service are available at All other support shall be provided by Interoute s third party supplier. Except as set out in this Agreement, Interoute shall have no further liability in relation to these Services. c. Provided that it does not materially diminish the quality and functionality of the Service, Interoute reserves the right to change its third party supplier of these Services with thirty (30) days notice to the Customer. d. Service Levels e. Exclusions i. Service Changes ii. 10. DMZ Service Should the Customer require changes to be made to the configuration or operation of the Roaming ipass service once an Roaming ipass Service has been handed over to the customer, the Customer must contact Interoute via either Telephone, Fax, or through the Interoute hub. Configuration and service changes might be carried out free of charge depending on the classification of the change. The following table shows all potential Roaming ipass service changes and whether they are deemed as chargeable items (Major Changes) or whether they are included within the scope of the service (Minor Changes): Types of Modifications Provide Usage Report Major Change Minor Change During the first full calendar month following the Ready for Service Date, the Customer shall be entitled to request certain reasonable changes (to be determined by Interoute) which will be covered by a non-recurring Charge. Where the Customer requests a minor change to be carried out on their Roaming ipass Service, and where all of the relevant information is provided by the Customer to Interoute, Interoute will endeavour to complete all minor changes within one (1) working day from receiving such requests. As standard, ipass Customers are permitted to request up to three (3) minor change requests per calendar month free of charge. Should a Customer request more than three (3) minor changes during a given month, Interoute reserves the right to charge a one-off fee. Interoute shall not be liable to the Customer for the direct support of End users of the ipass Roaming Service. a. The DMZ Service provides a separate security zone configured on a Firewall device where Interoute provides a Firewall Service. b. The following terms and conditions apply where IP Customers have indicated on a Purchase Order that they require the DMZ Service. c. The DMZ Service is provided only in conjunction with a new or existing Firewall Service. The DMZ Service(s) is directly connected, or related to its Firewall Service. d. Single or multiple incidents of the DMZ Service can be related to one (1) Firewall Service. page 13 of 20

14 e. Service Credits are the sole and exclusive remedy for any cause of action arising out of the failure of the DMZ Service. f. Where an Internet Access Customer has purchased the DMZ Service, it is the Customer s responsibility to ensure that the Firewall Policy takes into account the presence of a DMZ Service and that the same conditions of implementation, record keeping and security control incumbent on the Customer apply when a DMZ Service is present within the Firewall Policy. g. Where the DMZ Service is purchased the Customer agrees and warrants to own, maintain and keep a Firewall Policy and undertakes to keep Interoute fully informed of the Firewall Policy and to notify Interoute of any changes to it immediately. Where requested by Interoute, the Customer shall provide a copy of the Firewall Policy to Interoute. h. The Customer acknowledges and accepts that Interoute shall not be responsible for or liable for any security breach or failure resulting from the Customer s Firewall Policy in relation to the DMZ Service and Interoute shall not be obliged to supply, advise or comply with the Customer s Firewall Policy. i. The Parties acknowledge that it is technically impracticable to provide the DMZ Service free of faults. However, without prejudice to the generality of the foregoing, Interoute shall endeavour to provide the Services in accordance with the relevant Service Levels detailed within this Schedule 2S. j. Service Levels i. Availability The Interoute DMZ Service is wholly reliant on the Customers Interoute Firewall service and as a direct result the Service Availability attributed to Firewall Service applies to Interoutes DMZ service. i. Response Times: ii. The Interoute DMZ Service is wholly reliant on the Customers Interoute Firewall service and as a direct result the Response Times attributed to Firewall Service applies to Interoutes DMZ service. DMZ Service Changes The Interoute DMZ Service is wholly reliant on the Customers Interoute Firewall service and as a direct result the Service Changes attributed to Firewall Service applies to Interoutes DMZ service. 11. Managed Two Factor Authentication Service a. The following terms and conditions apply where IP Customers require additional security to remote access to their network or resources, either as a complement to Roaming IPsec/SSL Services they have indicated on a Purchase Order, or as an independent authentication service they will be making use via their own equipment or systems. This additional fully Managed Two Factor Authentication Service uses two factor authentication (2FA) Secure Tokens to access the Customer s network. In order to permit access to the Customer s resources or network, the End User must have their username, password and (if applicable) the token in their possession. b. The end user schedules applicable to the Managed Two Factor Authentication Service which supplement the terms and conditions contained within this Schedule 2S are available at In addition to the terms and conditions set out in the end user schedules, Interoute will provide a first line support service to the Customer s Administrator which shall include; call logging and basic technical trouble shooting. Interoute shall, at its sole discretion determine what is classed as first line support. Interoute provide the first line support service between the hours of 08:00 and 18:00, Monday to Friday Central European Time (CET). All other support shall be provided by the third party supplier identifiable through the URL above. Except as set out in this Agreement, Interoute shall have no further liability in relation to these Services. c. Provided that it does not materially diminish the quality and functionality of the Service, Interoute reserves the right to change its third party supplier of these Services without notice to the Customer. page 14 of 20

15 d. Optional Managed Authentication Services Schedule 2s i. Provisioning: Interoute will ensure the tokens are initialised for use on the Managed Two Factor Authentication Service and will deliver any hardware Devices to the Customer at a single delivery address outlined on the relevant Purchase Order. It shall be the Customer s responsibility to distribute hardware tokens or any software to their End Users. ii. Customer setup: Interoute will provide reasonable assistance to Customer in the set up of its Authentication Node, including adding the Authentication Node details into 2AP iii. Technical Support: Interoute will provide 1 st line technical support relating to any aspect of the Managed Two Factor Authentication Service to the Administrator for the Term of this Agreement. Interoute will not provide technical support to End Users. iv. For the avoidance of doubt, the Administrator is solely responsible for the following: 1. Managing profiles, permissions and other aspects in respect of setting up and maintaining End Users within the system; 2. Providing information and instructions to End Users to enable authentication using the Managed Authentication Service; 3. Unlocking, resetting and re-synchronising Devices; 4. Diagnosing and replacing faulty and broken or lost Devices; 5. Managing the operation of the Authentication Node(s); 6. Gaining usage reports from the administration portal. v. Software Devices are provided to the Customer directly by Interoute s 2FA partner on an as is basis. It is the responsibility of the Customer to satisfy itself that the Software Devices will function in the way required and with the equipment it wishes to use them on. Interoute does not support any issues that may be caused by the use of the Software Devices and will not deal with issues relating to them directly. Should any issues arise, the Customer must contact Interoute and Interoute will forward issues to the 2FA partner. vi. The 2FA partner validates the use of the tokens on the generally available versions of the operating systems as advised by Interoute. vii. Interoute shall have no further responsibility and/or liability to the Customer in relation to the Managed Two Factor Authentication Service. e. Service Levels i. Service Changes Should the Customer require changes to be made to the configuration or operation of the Managed Two Factor Authentication Service once a Managed Two Factor Authentication Service has been handed over to the Customer, the Customer must contact Interoute via either Telephone, Fax, or through the Interoute Hub. Configuration and Service changes might be carried out free of charge depending on the classification of the change. The following table shows all potential Managed Two Factor Authentication Service changes and whether they are deemed as chargeable items (Major Changes) or whether they are included within the scope of the Service (Minor Changes): Request More Tokens (Hardware/Software) Provide Usage Report Major Change Minor Change During the first full calendar month following the Ready for Service Date, the Customer shall be entitled to request certain reasonable changes (to be determined by Interoute) which will be covered by a non-recurring Charge. page 15 of 20

16 Where the Customer requests a minor change to be carried out on their Managed Two Factor Authentication Service, and where all of the relevant information is provided by the Customer to Interoute, Interoute will endeavour to complete all minor changes within one (1) working day from receiving such requests. As standard, Managed Two Factor Authentication Customers are permitted to request up to three (3) minor change requests per calendar month free of charge. Should a Customer request more than three (3) minor changes during a given month, Interoute reserves the right to charge a one-off fee. 12. Web Content Filtering Service (hardware based) a. The following terms and conditions apply where IP Customers (who have also purchased the Firewall Service) have indicated on a Purchase Order that they require a hardware based web filtering service. The Interoute Web Content Filtering Service is an appliance based Service that provides corporate Customers with a solution to manage their own corporate Internet access policy. b. It is the Customer s responsibility to set its policies, allowing them to decide what content corporate Internet access End Users are allowed to see. c. The hardware associated with the Interoute Content Filtering Service is specific to each Customer and allows the Customer to have their own specific policy on the appliance according to corporate guidelines and individual requirements. d. The Interoute Web Content Filtering Service must be provisioned in conjunction with the Firewall Service, and can only be sold in the same Interoute co-location facility that is used for the Firewall Service. e. This managed Service includes daily updates of the URL categorisation database, which are uploaded onto the appliance daily. f. In the event of hardware failure, Interoute will use reasonable endeavours to ensure hardware replacements are delivered to the Customer by the next Working Day. Although the appliance will block all traffic in the event of a hardware failure, Interoute will as soon as reasonably practicable and upon Customer request implement a change to allow the Customer to have unfiltered Internet access directly via the Firewall Service. g. Interoute is not responsible for the Customers rules and/or policies. Further, Interoute accepts no liability in relation to such rules and/or policies or their content. h. The Customer is responsible for advising Interoute of any websites it requires to be blocked. i. Interoute will use reasonable endeavours to provision Customer requests as soon as reasonably possible. j. Service Availability 13. IPS Service i. Interoute shall use reasonable endeavours to ensure the Web Content Filtering Service is available 99.5% during any Monthly Review Period. Interoute shall have no liability to the Customer in relation to the Interoute Web Content Filtering Service. Service Credits are not applicable to this Service. a. The following terms and conditions apply where IP Customers have indicated on a Purchase Order that they require the IPS Service. b. The IPS Service is provided to IP Customers who require protection from malicious attacks against their infrastructure from internal and/or external sources depending on the deployment topology that the Customer chooses. IPS identifies the pattern of an attack and depending on the rule sets inherent in the system or those applied by the Customer s approved technical teams, blocks such attacks whilst legitimate traffic remains unaffected. IPS is delivered as a network based Service in either a central or distributed model. Interoute will provision an appropriately scaled device dependant on the Customer s requirements. Acceptable requirements are gathered by Interoute from the Customer during an initial consultation period and recorded. page 16 of 20

17 c. Where the IPS Service is purchased the Customer agrees and warrants to own, maintain and keep a IPS Policy and undertakes to keep Interoute fully informed of the IPS Policy and to notify Interoute of any changes to it immediately. Where requested by Interoute, the Customer shall provide a copy of the IPS Policy to Interoute. d. The Customer acknowledges and accepts that Interoute shall not be responsible or liable for any security breach or failure resulting from the Customer s IPS Policy. Interoute does not review, advise or provide customer IPS Policies. e. Where the Customer has purchased the IPS Service, the Customer agrees that it has assessed for itself the suitability of the IPS Service and confirms that the IPS Service provided by Interoute meets its requirements. Interoute does not warrant that the IPS Service will meet such requirements or that the IPS Service will operate in the particular circumstances in which it is used by the Customer or that any use will be uninterrupted. f. The Parties acknowledge that it is technically impracticable to provide the IPS Service free of faults. However, without prejudice to the generality of the foregoing, Interoute shall endeavour to provide the Services in accordance with the relevant Service Levels detailed below. Interoute endeavours to carry out maintenance work, updating, remedy and/or repair in accordance with the provisions contained within this Agreement. g. The management of the IPS Service is provided by Interoute at its two network operational centres, in Prague and Geneva. Critical event data (as defined in l below) is passed between the Customer s IPS Service components and Interoute management systems at these locations. Additionally, event data that may contain transactional information is captured on customer dedicated management systems, these systems are deployed by Interoute on Interoute secure infrastructure at locations within Interoute s European network. h. Service Availability for the IPS Service Service type used when connecting to the Interoute IP Network Target Site Availability IPS Service 99.95% Percentage Site Availability is calculated per Monthly Review Period using the following formula: P = (H-U) H X 100 Where: P is the percentage availability; U is the total amount of minutes a Customer Site during that Monthly Review Period for which the Service was unavailable; H is the total number of minutes in that Monthly Review Period; Where Site Availability falls below the Target Site Availability during any Monthly Review Period, the Customer will be entitled to Service Credits as follows: Service Availability for each applicable Site during Monthly Review Period falling below Target Availability by: i. Planned Maintenance Exclusions Service Credits as % of the applicable Site Monthly Charge: Up to 1% 5% Up to 2% 10% Up to 3% 15% More than 3% 20% page 17 of 20

18 The following activities are considered by Interoute to be necessary for the IPS Service to function correctly. In addition to the exclusions in clause 9 of Schedule 1, Service Credits will not be payable by Interoute to the Customer for the IPS Service where the failure to meet a Service Level is caused by any of the following: j. Support Planned maintenance; Maintenance and modification of the IPS; Backing-up the IPS configuration and policy; Signature management and maintenance, with new signatures being downloaded to the IPS on an hourly basis; Platform updates, with patches and version upgrades applied on a monthly basis. Interoute provides support for the IPS Service and maintains connectivity and administrative control of the IPS appliance(s) and application at all time. a. Interoute supports i. The IPS Appliance, in line with the Service Availability section above; ii. The management of the Licensed Software and application resident on that appliance(s) including software updates, vulnerability updates and signature updates; iii. The provision of management reporting to the Customer s nominated contact; iv. The Customer s nominated technical department and Customer end user management. k. The Customer is provided with delegated access to their specific IPS management system for resource and reporting capabilities. It is the Customer s responsibility to control: a. The IPS Policy for the IPS Appliance within their Service and how that may affect their business and that of their End Users; and b. the handling of all issues and faults for their End Users l. Event classification IPS Events (as defined below) are assigned a severity level depending on the type of attack, age, threat and impact of the attack; Event Table Priority Impact Event Description Action Taken Low Unknown No direct threat, but may contain information indicative of attempted intrusion activity Store for a period of time for forensic purposes, view available on the Customer portal. Medium Currently Not Vulnerable A malevolent packet (a deprecated attack or intrusive enumeration) sent to the target representing no direct threat to operation. A medium alert would not impact the operation or the logical access controls of a system. Automated event analysis. Trend analysis and correlation with other events available on the Customer portal. page 18 of 20

19 High Potentially Vulnerable Vulnerable Attack on the target, representing a real potential threat and having an impact on the availability or security of a systems and its data i.e. service interruption, data integrity loss or data exposure, injection of malicious code or software, etc. Significant evidence of ongoing actual system compromise. Multiple high events corroborated by supporting system evidence (i.e. defaced website, system unavailable or maxed bandwidth/cpu). Schedule 2s Target must be analysed by the Customer to identify if it was compromised or a false positive. Escalation to the Customer. The Event to Alert time defines the maximum time between the moment the alarm is raised on the IPS platform, its analysis and information communicated to the Customer. These are shown in the table below: Threat Level Time Communication Media Alert to Response High/Vulnerable High/Potentially Vulnerable Low/Medium Not Vulnerable/ Unknown Any Any Any Alert Customer Portal Daily Report Customer Portal Monthly Report Customer Portal 30 Minutes It is the Customer s responsibility to provide Interoute with current contact details for the relevant interface for this Service. Interoute will not accept fault reports from End Users. Interoute will be immediately notified of an alert. However, when configured to do so the IPS application will also take immediate action blocking the traffic. This action is based upon the IPS Policy supplied by the Customer at the requirements phase of the installation. m. IPS Service Changes Should the Customer require changes to be made to the configuration or operation of the IPS Service once an IPS service has been installed, the Customer must contact Interoute via either Telephone, Fax, or through the Interoute Hub. Configuration and Service changes might be carried out free of charge depending on the classification of the change. The following table shows all potential IPS Service changes and whether they are deemed as chargeable items (Major Changes) or whether they are included within the scope of the service (Minor Changes): Types of Modifications Major Change Minor Change The Addition of an IPS appliance The Addition of an IPS Detection Engine The addition of an IPS Management system The provision of bespoke reports Modifications to IPS Policy Increasing the RNA User Licences N/A N/A page 19 of 20

20 During the first full calendar month following the Ready for Service Date, the Customer shall be entitled to request certain reasonable changes (to be determined by Interoute) which will be covered by a non-recurring Charge. Where the Customer requests a minor change to be carried out on their IPS Service, and where all of the relevant information is provided by the Customer to Interoute, Interoute will endeavour to complete all minor changes within three (1) working day from receiving such requests. As standard, IPS Customers are permitted to request up to three (3) minor change requests per calendar month free of charge. Should a Customer request more than three (3) minor changes during a given month, Interoute reserves the right to charge a one-off fee. General Exclusions i. In addition to any exclusions stated in this Schedule 2S, Interoute shall not be liable to the Customer for: Liability i. The performance of third party networks including Third Party Local Access circuits, traffic exchange points including Internet networks, transit and peering connections provided and controlled by other companies, and public and private exchange points such as NAPs and MAEs ii. The performance of Third Party systems including management systems, systems supporting the service and operating systems that either the third party, the Customer or the customers end users supply. I. The provision of Service Credits (where applicable) shall be the sole and exclusive remedy for the failure to meet targets for any Security Service. Interoute shall have no additional liability to the Customer. page 20 of 20