Office f Infrmatin Technlgy Services Service Level Agreement Distributed Hsting and Distributed Database Hsting Nvember 12, 2013
Service Descriptin Distributed Hsting and Distributed Database Hsting Service Descriptin Distributed Hsting ITS Distributed Hsting prvides dedicated and virtual hsting slutins fr custmer applicatins. Thrugh the use f advanced technlgy, ITS prvides multiple platfrms geared t meet custmer cmputing needs n a 24 x 7 basis. These platfrms prvide custmers with highly available, mnitred, and securely managed hsting slutins. The service design includes multiple redundant high-speed Internet cnnectins, security prtectin, cling/envirnmental system supprt and redundant pwer acrss tw gegraphically-dispersed data centers. Supprted hsting envirnments include: Windws and Linux hsting Virtual hsting services fr Windws and Linux UNIX platfrm (Slaris, AIX) Virtual UNIX hsting supprt (Slaris, AIX) Custmers seeking hsting services are prvided with prvisining/planning supprt, deplyment crdinatin, OS patching and security, and mnitring f all hsted instances. ITS prvides a single pint-f-cntact during planning/deplyment as well as 24x7 peratinal supprt. Distributed Database Hsting (Nt included in the standard service ffering) Distributed Database Hsting prvides the database infrastructure required t supprt business applicatins fr yur rganizatin. In cnjunctin with the Distributed Hsting service, the DB team installs and maintains the database resurce t ensure data integrity and security, as well as apprpriate levels f availability and recverability. Distributed Database Hsting ffers Standard and Extended Level Services. Extended Level Services include all Standard Level Services and are individually selected fr specific needs f the client and their system s requirements. Supprt fr each f the services ffered in this area are quted and charged separately. Additinal details are prvide in the Database Hsting Sectin f the ITS Service Catalg. Strage and Backups ITS ffers a wide variety f strage capabilities t supprt Distributed Hsting, including tape, ptical and disk. These capabilities span the mainframe and the distributed hsting envirnments, including bth dedicated physical and virtual hsting fferings. ITS prvides multiple disk and tape tiers such as high-end disk strage, virtual tape, mid-range disk strage, Netwrk Addressable Page 2
Service Cmmitments Strage (NAS) devices, Serial Advanced Technlgy Attachment (SATA) disk systems, Strage Area Netwrk (SAN) attached strage, and cntent addressable strage. All hsting envirnments can be integrated with strage, backup, and archive services. Business cntinuity requirements fr business critical applicatins and disaster recvery capabilities can be achieved via leverage f the gegraphically-dispersed Eastern and Western Data Centers, redundant high-speed netwrking, and enterprise backups and data mirrring acrss strage envirnments. Backup/Data Recvery is available based n requirements. Standard media rtatin and retentin schedule is as fllws: Daily incremental backups retained ff-site fr tw weeks Daily incrementals are nt retained lnger than tw weeks unless requested Backups run Mnday thrugh Saturday Full backups are perfrmed weekly and retained ff-site fr 1 mnth (1 cpy per week) Backups mved ff-site daily Distributed Database Hsting Standard Level Services prvides: Physical DB architectural design Installatin and cnfiguratin f the DB engine Design and implementatin f apprpriate DB archive lgs and backup schedule t prvide fr recvery bjectives Maintenance level and security patches t the DB engine Scheduling services fr recurring user-defined cmmand scripts On-call paging and/r e-mail alert f DB resurce availability and disk space Database recvery/restratin Distributed Database Hsting Extended Level Services available: Database replicatin Database clustering Extended Prductin Prblem Respnse up t 24 x 7 Database migratin assistance Service Cmmitments The general areas f supprt (such as Incident and Change Management) applicable t every ITS service, are specified in the ITS Glbal Service Levels dcument. The Distributed Hsting target service availability is 99.99%. Page 3
Service Cmmitments Distributed Database Hsting s primary gal is t maintain the integrity and recverability f the custmer s data. ITS is cmmitted t prvide availability f the database service at 99% availability except during agreed upn maintenance windws as negtiated with the custmer. Availability reprting and tracking will be accmplished by the cmpletin f service requests in the Incident Management system indicating actual utage times. Database Hsting will wrk with the vendrs t reslve all prductin database dwn issues with a 24x 7 effrt. Service Requests Request Type Example Target Reslutin Time User Level Change User Access Rights Fllws Incident Pririty Mdel listed in the Glbal SLA Server Level Add memry r CPU Fllws ITS change prcess; Minr change is 3 days, significant change is 10 days and a majr change is 30 days. System/Applicatin Level Request t prvisin multiple servers and services in supprt f a new applicatin. Negtiated as part f the ITS Hsting Services Transitin prvisining prcess. Page 4
Data Backup and Retentin Respnsibilities Businesses Cntinuity and Disaster Recvery ITS wrks with agencies and applicatin wners t determine their recvery time bjective (RTO), their recvery pint bjective (RPO) f their applicatin and assciated data and their methd f recvery. This culd include restres frm applicatin backups t new hardware, bringing the custmers develpment r pre-prductin envirnment up as prductin, r restring the applicatin n an existing platfrm that the custmer has purchased as a cld r ht standby. Database Hsting will prvide resurces t assist the custmers during the annual Disaster Recvery test perids t recver their databases. The custmer is respnsible fr prcurement f the recvery hardware envirnment. The custmer is expected t prvide verificatin testing fr all databases they request t be recvered during the exercise. Supprt fr Disaster Recvery testing effrts utside the nrmal ITS spring and fall exercises are negtiated and scheduled in advance and are subject t time and material charges fr effrt exceeding 8 hurs annually. Data Backup and Retentin Respnsibilities Database Backup, Retentin, and Recvery requirements are defined by the custmer during the prvisining prcess. Database Hsting services will cnfigure database lgging and backups t meet the custmer recvery needs. Database backups are scheduled, perfrmed and mnitred by the Database Hsting services grup. Service level is set at 100% f daily backups executed withut errr. Reprting f backup daily backup executin status is available t the client by database mail as a cmpnent f the backup batch prcess. Hurs f Availability The Distributed Hsting service is available 24 x 7 and adheres t the maintenance windw schedule listed in the ITS Glbal Services Sectin dcument. Supprt is available 7 days a week, 24 hurs a day and 365 days a year by cntacting the ITS Service Desk. Distributed Database Hsting standard supprt hurs are frm 8:00 a.m. t 5:00 p.m., Mnday- Friday. Extended supprt up t 24 x 7 with n-call paging is available as required fr prductin instances. ITS Respnsibilities Supprt and Maintenance Supprt and maintenance includes hardware, perating system, perfrmance and system mnitring, and security vulnerability and scanning. Hardware supprt and maintenance ITS installs and sets up all server hardware in accrdance with industry best practices. Als, in cnjunctin with the hardware perating system (OS) vendrs, ITS will apply firmware patches t systems in accrdance with state plicies and standards. Page 5
ITS Respnsibilities ITS als repairs r replaces any hardware cmpnent under warranty shwn t be defective; predictive analysis indicates an impending failure r nt perfrming as designed. ITS fllws the Priritizatin Mdel specified in the ITS Glbal Service Levels fr incident and request status reprting intervals and target reslutin times. Operating system supprt and maintenance ITS, at the recmmendatin f the ITS Enterprise Security and Risk Management Office (ESRMO) and OS vendrs, will apply patches t perating systems in accrdance with state plicies and standards. Distributed Database Hsting Distributed Database Hsting will prvide resurces t assist the custmers during the annual Disaster Recvery test perids t recver their databases. The custmer is respnsible fr prcurement f the recvery hardware envirnment. The custmer is expected t prvide verificatin testing fr all databases they request t be recvered during the exercise. Database Hsting recvery bjectives fllw the standard ITS RTO bjectives. Supprt fr Disaster Recvery testing effrts utside the nrmal ITS spring and fall exercises are negtiated and scheduled in advance and are subject t time and material charges fr effrt exceeding 8 hurs annually. Database Backup, Retentin, and Recvery requirements are defined by the custmer during the prvisining prcess. Database Hsting services will cnfigure database lgging and backups t meet the custmer recvery needs. Database backups are scheduled, perfrmed and mnitred by the Database Hsting services grup. Service level is set at 100% f daily backups executed withut errr. Reprting f backup daily backup executin status is available t the client by database mail as a cmpnent f the backup batch prcess. Perfrmance and system mnitring ITS mnitrs key items fr all servers n the fllwing platfrms: Linux See Linux mnitring parameters and ntificatins. UNIX See UNIX mnitring parameters and ntificatins. Windws See Windws mnitring parameters and ntificatins. ITS mnitrs prcesses and lg files, as requested ITS perfrms standard fault, cnfiguratin, perfrmance and security management mnitring f the Server Farm Netwrk including: Page 6
Custmer Respnsibilities Fault detectin with ntificatin t peratinal persnnel, custmer cntacts and incident ticket creatin Intrusin preventin mnitring and autmated ticket generatin Archiving device cnfiguratins and insuring security plicies are enfrced in the cnfiguratin Syslg cllectin and archiving Netwrk device authenticatin, authrizatin and accunting Security, vulnerability and scanning ITS perfrm peridic scans f IP addresses under the State f Nrth Carlina's cntrl: ITS takes every precautin t prtect the netwrk infrastructure and the machines scanned. Scans are run in the safe mde ensuring minimum impact. Enterprise Security and Risk Management Office (ESRMO) crdinates and cmmunicates scans fllwing the ITS Change Management prcess. ESRMO prvides a ntificatin email prir t perfrming a scan. If an agency des nt want an applicatin scanned, the custmer will need t fllw the Statewide Standards Deviatin Reprting prcess (040106). ITS makes n representatin r warranty that vulnerability scans will disclse all vulnerabilities. ITS prvides cnsultatin n findings and mitigatins ITS tracks findings accrding t classificatin and status Systems Administratin ITS will make every effrt t prvide agency administratrs the ability t perfrm system level functins in supprt f their applicatin, Access t the required cmmands will be limited thrugh the use f the pseud cmmand r permissins granted thrugh the use f grup plicies. T retain cntrl and accuntability, ITS will nt grant rt r administrative access t administratrs r users utside the ITS Distributed Hsting grup. Custmer Respnsibilities Agency Applicatin Lifecycle Management Applicatin infrmatin gathering and dcumentatin is the respnsibility f the business system wner. The business system wner is respnsible fr engaging the agency security liaisn, agency technicians, vendrs, and thers as required. ITS is available t facilitate the gathering f requirements and templates. Page 7
Custmer Respnsibilities The agency is respnsible fr the life cycle f the applicatin which includes applicatin patching and wrking with ITS staff t patch the peratin system. Database Respnsibilities Custmers are respnsible fr prviding and maintaining their wn applicatin and applicatin DBA supprt. Database wnership rights are assigned t the custmer; Database Hsting services retains systems cnfiguratin and administratin rights. Custmers shuld ntify the DBA services grup, thrugh the ITS Service Desk, f any planned applicatin and/r database changes that will affect the database structure befre changes are made Custmers shuld designate lcal staff t serve as the primary cntact fr the database hsting services grup Custmer supprt requests shuld be directed t the ITS Service Desk Custmers are expected t perfrm verificatin tests after all database patching and maintenance activities Database Backup, Retentin, and Recvery requirements are defined by the custmer during the prvisining prcess The custmer is respnsible fr all database archive and purging activities The custmer is respnsible fr prcurement f the recvery hardware envirnment Cmmunicatins with ITS Cntact the ITS Service Desk: When changes are being applied t yur applicatins When applicatin changes are slated t be applied that may cnflict with the ITS standard maintenance windw When the installatin f a mandatry OS r security patch is knwn t have an adverse impact n a custmer applicatin(s). ITS will wrk with the custmer and make every effrt t eliminate r mitigate the impact f the patch. If the custmer chses nt t install the patch, a deviatin request must be submitted by the custmer t the Enterprise Security and Risk Management Office. Prvide a list f apprved custmer cntacts wh can request changes t the applicatin envirnment t the ITS Service Desk. This list shuld include cntacts fr bth standard business hurs and 24 X 7 supprt. Risk Management Cnduct Risk Management: Page 8
Service Level Agreement Scpe Agencies shuld identify the ptential risks and impacts t service delivery frm either applicatin r hardware failure t develp the strategies, justify the resurces required t prvide the apprpriate level f Business Cntinuity services and develp a test plan t verify the strategy is sufficient t recver the business in the event f a failure. Agencies shuld cnduct business risk analysis activities that clearly define the Recvery Time Objective (RTO) and Recvery Pint Objective (RPO) fr all business critical systems. Suggestins t include: Define the agency s critical functins and services Define the resurces (technlgy, staff, and facilities) that supprt each critical functin r service Identify key relatinships and interdependencies amng the agency s critical resurces, functins, and services Estimate the Recvery Pint Objective (RPO) - the maximum amunt f infrmatin r data that can be lst withut a catastrphic impact t critical functin r service. Estimate the Recvery Time Objective (RTO) -. maximum amunt f hsting services dwntime withut a catastrphic impact t critical functin r service. Identify any interim r wrkarund prcedures that exist fr the agency s critical functins r services Wrk with ITS t define a backup strategy and determine retentin requirements. Remediate security findings in accrdance with Statewide Infrmatin Security Standards r accept the risk and fllw the apprved Statewide Standards Deviatin Reprting prcess. Service Level Agreement Scpe This agreement specifies nly the standard peratinal service cmmitments and respnsibilities f ITS and its custmers. Custmer-specific deviatins frm these cmmitments and respnsibilities will be specified in an accmpanying Memrandum f Understanding. Service rates are utside the scpe f this agreement and are specified in financial dcuments. Page 9
Custmer Signatures Signatures f Apprval and Agreement Date Custmer Signatures Agency Head r Designee: Name Title Signature Date Agency Chief Financial Officer: Name Title Signature Date ITS Signature State Chief Infrmatin Officer: Name Title Signature Date Chris Estes State CIO Page 10