Security Annex for Firewalls Additional Terms for Firewall Service



Similar documents
Security Annex for Firewalls Additional Terms for Firewall Service

Security Annex for 2FA Additional Terms for Two Factor Authentication Service

ADDITIONAL TERMS FOR VIRTUAL DATA CENTRE SERVICE SCHEDULE 2N

ADDITIONAL TERMS FOR HOSTED EXCHANGE SERVICES SCHEDULE 2Z

Interoute Application Management comprises the following managed services for application and database software:

schedule 2f additional terms for internet services

How To Use Adobe Software For A Business

MAILGUARD, WEBGUARD AND ARCHIVING SERVICE SCHEDULE

Maintenance and Service Level Agreement (SLA)

Community Anchor Institution Service Level Agreement

Schedule Document. Leased Lines & Ethernet Based Services. Node4 Limited 29/11/2007

Information Crib Sheet Internet Access Service Agreement

Schedule 2Z Virtual Servers, Firewalls and Load Balancers

Schedule 2f. Schedule 2F Internet Services UK Eng Lang V page 1 of 10

SaaS Terms & Conditions

SERVICE SCHEDULE LEASED LINE, METRO ETHERNET AND WAN SERVICES

means the charges applied by Ancar B Technologies Limited which recur annually;

1 ForestSafe SaaS Service details Service Description Functional Non Functional

Service Level Agreement (SLA)

Gilat Satcom Support Level Agreement ("SLA") This SLA shall apply only to Optical Fiber IP Connectivity Services and describes the support services

Schedule 2 VoIP Service

Lot 1 Service Specification MANAGED SECURITY SERVICES

Kinetic Internet Limited

Schedule 2i. All the terms indicated above in capital letters are defined below.

Service Specification Schedule For Fujitsu Cloud IaaS Trusted Public S5

Websites Made Easy a division of Securecom Limited (WSME) -.nz Domain Names Terms and Conditions

Egress Switch & File Encryption Service Description

Service Level Agreement (SLA)

SERVICE SCHEDULE PULSANT ENTERPRISE CLOUD SERVICES

BAE Systems PCI Essentail. PCI Requirements Coverage Summary Table

Overview Software Assurance is an annual subscription that includes: Technical Support, Maintenance and Software Upgrades.

CLOUD SERVICE SCHEDULE Newcastle

MANAGED PBX SERVICE SCHEDULE

REDCENTRIC MANAGED FIREWALL SERVICE DEFINITION

SERVICE SCHEDULE CO-LOCATION SERVICES

COMPUTER AND INFORMATION TECHNOLOGY MANAGED SERVICES AGREEMENT

IBM Global Technology Services Statement of Work. for. IBM Infrastructure Security Services - Penetration Testing - Express Penetration Testing

Fusion Service Schedule Virtual Data Centre ( VDC ) Version FUS-VDC-7.1

AAPT Business NBNPhone

EASYNET CHANNEL PARTNERS LIMITED PARTNER MASTER SERVICES AGREEMENT HYBRID CLOUD IT PRODUCT TERMS

Reference Offer for Leased Line and Ethernet Services. Service Operations Manual

CLOUD SERVICE SCHEDULE

Dell Advanced Network Monitoring Services Service Description

July Brennan IT Voice and Data. Service Level Agreement

VDC SLA Annex Additional Terms for Virtual Data Centre - SLAs

VDC SLA Annex Additional Terms for Virtual Data Centre - SLAs

Hosting Agreement. WHEREAS, Lanex is a software development and hosting firm that offers design, programming and hosting services; and

Product Support and Maintenance Terms & Conditions

SERVICE LEVEL AGREEMENT

ADDENDUM. Dedicated Servers v3.0

SERVICE SCHEDULE ReachONE Internet Metro Ethernet (Version Issue Date: July 17, 2012)

Services Agreement. Rev 12/10/08 TC v08 1

INFRASTRUCTURE AS A SERVICE (IAAS) SERVICE SCHEDULE Australia

January Brennan Voice and Data Pty Ltd. Service Level Agreement

Link-Connect Service Level Agreement

Virtual Server Hosting Service Definition. SD021 v1.8 Issue Date 20 December 10

BANK LINK USE AGREEMENT NO. Representative:

SERVICE SCHEDULE FOR ETHERNET PASS-THROUGH SERVICES

VDC SLA Annex Additional Terms for Virtual Data Centre - SLAs

EASYNET CHANNEL PARTNERS LIMITED PARTNER MASTER SERVICES AGREEMENT HOSTED IP TELEPHONY SERVICE PRODUCT TERMS

VOICE SERVICE SCHEDULE AGREEMENT

SERVICE SCHEDULE PUBLIC CLOUD SERVICES

Additional Terms for managed hosting services

Supplier Information Security Addendum for GE Restricted Data

CITY OF LEMOORE REQUEST FOR PROPOSALS FOR CREDIT CARD PROCESSING SERVICE. City of Lemoore Finance Department 119 Fox St Lemoore, CA 93245

AAPT Business Reach Voice

The Installation, Maintenance and Removal of Data Logging Equipment on Scottish Water s Water Revenue Meters. Terms and Conditions

TIMICO LIMITED SERVICE SPECIFIC SCHEDULES

Service Level Terms Inter8 Cloud Services. Service Level Terms Inter8 Cloud Services

ASYMMETRIC DIGITAL SUBSCRIBER LINE INTERNET ACCESS TERMS

Shared Hosting Service Agreement. 1.0 Terminology. 3.0 Service Options. 2.0 Service Description. 4.0 Service Delivery

Backup & Storage Service Terms & Conditions

SCHEDULE DOCUMENT HOSTED TELEPHONY PUBLIC NODE4 LIMITED 03/02/2014

Service Description: Cisco Prime Home Hosted Services. This document describes the Cisco Prime Home Hosted Services.

DEDICATED SYSTEM HOSTING AGREEMENT BETWEEN RAPIDHOST LIMITED AND <COMPANY NAME>

Dedicated Server Service Level Agreement

TRUSTBOX SERVICE LEVEL AGREEMENT

We released this document in response to a Freedom of Information request. Over time it may become out of date. Department for Work and Pensions

Information Crib Sheet Fixed Line Telephony Service Agreement

EASYNET CHANNEL PARTNERS LIMITED PARTNER MASTER SERVICES AGREEMENT MANAGED IP VPN MPLS PRODUCT TERMS

QAD CLOUD EDI PROGRAM DOCUMENT

Transcription:

CONTENTS 1 Glossary of Terms & Definitions... 2 2 Service Description... 2 2.1 Firewall Service and Next Generation Firewall Service... 2 2.2 Roaming SSL Access Services... 3 2.3 DMZ Services... 3 3 Vendor Change... 3 4 Charges... 3 4.1 Charges payable by the... 3 4.2 Additional Charges... 3 4.3 Charges for Service Changes... 3 5 Service Levels... 3 5.1 Availability... 3 5.2 Service Unavailability... 4 6 Service Credits... 4 6.1 Claiming Service Credits... 4 6.2 Calculation of Service Credits... 4 7 Responsibilities... 4 7.1 Technical Representatives... 4 7.2 Other Responsibilities... 4 8 Service Operation... 5 8.1 Service Changes... 5 8.2 Incident Management... 5 8.3 Exclusions... 6 Page 1

1 GLOSSARY OF TERMS & DEFINITIONS DMZ means demilitarised zone, i.e. a separate security zone configured on Firewall Device; End Users means the actual end user of the Service; Event means when any monitored component of the Service is not operating pursuant to its standard functionality, as indicated by alerts on s monitoring systems; Firewall Policy means the set of rules required by the for to implement as a part of the Firewall Service; Incident means an unplanned interruption to a Service or deterioration in the normal quality of a Service; Incident Management means the Incident management Service provided by pursuant to this Annex to investigate an Event or Incident; Firewall Device means the equipment, Virtual Machines (where applicable), systems, cabling and facilities provided by in order to make the Firewall Service available to the ; Firewall Service or Service means the optional feature of an Service for the supply and operation of the Firewall Device and service and any corresponding Licensed Software and implementation of the Firewall Policy within an Site; Next Generation Firewall Service means the optional feature of the Firewall Service that includes the availability of live reporting and visibility of the firewall devices to the s parameters; SLO means Service Level Objective, which is a specific target within the Service Level Agreement; SOC or Secure Operations Centre means s operational centre for the management, maintenance, configuration and service management of the Security Services. Virtual Machine means a licensed software implementation of a physical server or machine. Any other terms in capital letters shall have the meaning set forth in Schedule 1. 2 SERVICE DESCRIPTION provides three types of Firewall Service that may be combined or purchased separately (the Service Components ): a. The Firewall Service provides the with a dedicated firewall maintained by. b. The Roaming SSL Access Service allows the s mobile workforce to securely maintain connectivity. This Service is provided to s who have End Users that require access to resources from non-fixed locations. c. The DMZ Service allows servers or hosts within the DMZ to have secure limited connectivity to specific hosts or networks in the s internal network, secure limited connectivity to the internet, and unlimited communication with other hosts in the DMZ. The DMZ Service provides a separate security zone configured on a firewall device where provides a Firewall Service. 2.1 FIREWALL SERVICE AND NEXT GENERATION FIREWALL SERVICE 2.1.1 shall provision a centrally supported Firewall Device and security policy within an Site to control and mediate the s public Internet access. 2.1.2 The Next Generation Firewall Service provides additional visibility of the firewall devices and access to a reporting management interface, separate to My Services, with customer log in. This is a read only access that also allows Next Generation Firewall Service customers to be able to construct reports based upon their parameters. Further details of the parameters will be provided by the Technical Service Manager upon request. The access and use of these reporting management services is controlled via the SOC. Page 2

2.2 ROAMING SSL ACCESS SERVICES 2.2.1 Roaming SSL Access Service may only be purchased in conjunction with the Firewall Service. 2.2.2 may provide the remote access feature using access based on SSL (Secure Socket Layer). 2.2.3 As a part of this Service, will provide support to the s IT department only. 2.3 DMZ SERVICES 2.3.1 The DMZ Service may only be purchased in conjunction with the Firewall Service, and must be directly connected to, or related to, said Firewall Service. 2.3.2 Single or multiple instances of the DMZ Service can be related to one (1) Firewall Service. 3 VENDOR CHANGE may from time to time change its third party supplier of these Services. Such change will not require the s consent except where such change is likely to have a material adverse effect on the Service Levels following its implementation. 4 CHARGES 4.1 CHARGES PAYABLE BY THE CUSTOMER Charges for the Service comprise of an initial on-boarding Installation Charge, a Fixed Rate Charge and any additional Charges set out within the Purchase Order. 4.2 ADDITIONAL CHARGES reserves the right to apply the following additional charges in conjunction with those applicable for the Services: a. Implementation of changes invoiced in accordance with a Change Order. b. Any additional work agreed to be performed outside of a Working Day, will incur Professional Service Charges. 4.3 CHARGES FOR SERVICE CHANGES 4.3.1 During the first full calendar month following the Ready for Service Date, the shall be entitled to request changes to enable the service fully. These changes will be covered by the Installation Charge. 4.3.2 Minor changes are non-chargeable for up to 3 change requests per calendar month then Professional Service Charges apply. 4.3.3 Major changes will incur Professional Service Charges. 5 SERVICE LEVELS Further to the Service Levels set out within the Schedule 2 to which this Annex is appended, Service Levels are defined for the following Service performance measurements: a. Firewall Service Availability 5.1 AVAILABILITY Service Availability SLO Firewall Service 99.95% Page 3

uses the following formula to calculate monthly Availability: Availability in % = (Minutes in Monthly Review Period Service Unavailability) Minutes in Monthly Review Period For the purpose of Availability measurement, Service Unavailability excludes any Planned Outage. 5.2 SERVICE UNAVAILABILITY The Firewall Service is considered to be Unavailable where the Firewall Device is not operational and processing network traffic. 6 SERVICE CREDITS 6.1 CLAIMING SERVICE CREDITS 6.1.1 Failure to meet a Service Level Objective (SLO) for a Service entitles the to claim Service Credits (subject to the exceptions set out herein and in Schedule 1). The must provide to all reasonable details regarding the relevant Service Credits claim, including but not limited to, detailed descriptions of the Incident, its duration and any attempts made by to resolve it. will use all information reasonably available to it to validate claims and make a good faith judgment on whether the Service Levels apply to the claim. 6.1.2 Unavailability of the Service cannot be used to claim failure of another service. shall not be responsible for any cross default. 6.2 CALCULATION OF SERVICE CREDITS Where Availability falls below target during any Monthly Review Period, the will be entitled to Service Credits as follows: Availability for each applicable firewall during Monthly Review Period falling below target by: Service Credits as % of the applicable Firewall Fixed Rate Charge Up to 1% 5% 1% 2% 10% 2% 3% 15% More than 3% 20% 6.2.1 Exclusions to Service Credits for Next Generation Firewall Service Any software supplied to enable the reporting management services for the Next Generation Firewall Service is supplied as is by third parties (e.g. distributors and or vendors of the equipment in use). will endeavour to ensure that these services are maintained and available to Next Generation Firewall Service customers. However, any failure of the reporting service will not constitute Unavailability of the Service and therefore will not accrue any Service Credits. 7 CUSTOMER RESPONSIBILITIES 7.1 TECHNICAL REPRESENTATIVES The must designate one or more qualified persons as their technical representatives and support points of contact with. These technical contacts can be updated online, by phone, or email and must be provided for both pre and post installation, and during Incident Management. 7.2 OTHER RESPONSIBILITIES undertakes that it shall: Page 4

a. Own the Firewall Policy and undertakes to keep fully informed of the Firewall Policy and to notify of any changes to it as soon as reasonably practical. Where requested by, the shall provide a copy of the said Firewall Policy to. i. The acknowledges and accepts that shall not be responsible for or liable for any security breach or failure resulting from the Firewall Policy and shall not be obliged to supply or advise on the Firewall Policy. ii. Where a has purchased the DMZ Service, it is the s responsibility to ensure that the Firewall Policy takes into account the presence of a DMZ Service and that the same conditions of implementation, record keeping and security control incumbent on the apply when a DMZ Service is present within the Firewall Policy. iii. Further to this, reserves the right not to implement the Firewall Policy where such implementation may result in an Incident on the Service, or impair the integrity of the Network or impact any customer. b. Perform an assessment to determine whether the Firewall Service is suitable for its requirements. does not warrant that the Firewall Service or the Next Generation Firewall Service will meet such requirements or that the Firewall Service or the Next Generation Firewall Service will operate in the particular circumstances in which it is used by the or that any use will be uninterrupted or error free. c. report any Incidents or problems with the Services to the Contact Centre as soon as such problems have been identified; d. provide feedback on any maintenance approval requests passed to the within the reasonable times specified within such requests; e. do such other things and provide such information as may reasonably request in order for to provide the Service; f. not initiate a penetration test without agreeing and complying to the current Penetration Test Agreement. In case a penetration test is undertaken and no respective Penetration Test Agreement was signed, herby agrees that the Penetration Test Agreement is deemed to have been signed and that its stipulations bindingly apply. 8 SERVICE OPERATION 8.1 SERVICE CHANGES Where the requests a minor change to be carried out on the Service, and where all of the relevant information is provided by the to, will endeavour to complete all minor changes within one (1) Working Day from receiving such requests. 8.1.1 Firewall Service Any and all changes to the Service are considered as a minor change. 8.1.2 Roaming SSL The following changes are major changes: a. Firewall changes due to a request for Two-Factor Authentication Tokens, b. Add SSL configuration file/tunnel group, Any other change is a minor change. 8.2 INCIDENT MANAGEMENT 8.2.1 Depending on the impact an Event or Incident has on the Service, each Event or Incident is categorized pursuant to paragraph 8.2.2 into one of three priority levels: priority level 1 (Critical), priority level 2 (Major) or priority level 3 (Standard). Page 5

8.2.2 Any Events or Incidents relating to a security incident which requires post-restoration investigation are considered out of scope for the Incident Management Service and will incur Professional Service Charges. Priority Description Hours of Operation Response Time Critical (1) When the Service is Unavailable. 24/7 30 minutes Update Frequency Major (2) Standard (3) The performance of the Service is degraded, but it is still Available A system or component of the Service is not available and a temporary fix may be available. Where there is not a critical need and no impact to the delivery or use of the Service. Working Day 2 hours 2 hours 4 hours N/A If responds to and works on a reported Incident and it is subsequently found not to be an Incident with the Service then Professional Service Charges will apply. 8.3 EXCLUSIONS does not provide any analysis of Incidents and Events on the Service, including analysis or support of information generated by the Next Generation Firewall reporting management interface. Log files are stored for 90 days, and can be made available on request. Page 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information