IBM Cloud Managed Services Attachment IBM Cloud Managed Services Services Description. Table of Contents

IBM Cloud Managed Services Attachment IBM Cloud Managed Services Services Description Effective Date: 14 April, 2014 This Services Description provides the description of available Services that IBM will provide under the terms of the IBM Cloud Managed Services Agreement or SOW, including its Attachments. Capitalized terms used herein have the same meaning as set forth in the IBM Cloud Managed Services Agreement/SOW. Table of Contents 1. Definitions...2 2. Scope of Services...2 2.1 Overview...2 2.2 Service Level Agreement...2 2.3 Account Set up...4 2.4 5 2.5 Services Enablement...5 2.6 Infrastructure Services...6 2.7 Backup and Restore...7 2.8 Services Component Software Options...8 2.9 Network Services...9 2.10 Unmanaged Virtual Machine Services...10 3. Managed Services...10 3.1 Operating System...10 3.2 Customer Defined Patch Windows...11 3.3 OS Security Patch Management...11 3.4 ITIL (Information Technology Infrastructure Library) Based Managed Services...12 3.5 Standard Operational Reports...12 3.6 Security...12 3.7 Support...13 3.8 Maintenance...14 4. Additional Services Options...15 4.1 Virtual Private Network Environment Services...16 4.2 Virtual Firewall Services...17 4.3 Virtual Load Balancer Services...17 4.4 Load Balancing as a Service (LBaaS)...18 4.5 Shared Private MPLS...19 4.6 EU/Poland Labor Option...20 4.7 Application Alerts...20 4.8 Database Management...21 4.9 Middleware Management...22 4.10 Active Directory...25 4.11 High Availability Clustering...27 4.12 HIPAA Support Service Pack...28 4.13 PCI Support Service Pack...29 CMS Service Description.doc Page 1 of 39

4.14 CMS Migration Services...31 4.15 Cloud Managed Services Disaster Recovery Options...36 1. Definitions APIs application programming interfaces IBM provides as Service Component which provide programming code to interface with and utilize the Services, including requesting and ordering Services options and Service Components, which bypass Cloud Web Portal user interfaces. IBM Image a software image file containing the functionality of selected IBM software program(s) that IBM makes available as part of the Services. Image a software image file containing the functionality of the software program(s) that IBM makes available as part of the Services. An Image contains an Operating System Image by itself or in conjunction with an IBM Image or Third Party Image. OS Operating System software. Recovery Point Objective or RPO is the period in which data might be lost from an IT service due to a disaster, measured from the time of disaster occurrence. Recovery Time Objective or RTO - is the duration of time within which a business process must be restored after a disaster, measured from the time of disaster declaration. SC Image an Image IBM makes available as a Services Component. Service Catalog a view of Service Components and Service options IBM makes available for Customer selection and use within the Service. Third Party Image a software image file containing the functionality of selected third party software program(s) that IBM makes available as part of the Services. 2. Scope of Services 2.1 Overview Cloud Managed Services (CMS) Services (the Services ) are designed to provide Customers the ability to utilize virtual computing resources to support Customer s computing needs. CMS is a shared physical run environment that is administered by a common cloud management platform leveraged across multiple clients. The Services provide flexibility at the platform level, service management capabilities and security features. IBM will provide Customer access to the Cloud Web Portal using a password secured login that will enable Customer to access the Services, provision and deprovision virtual machines and associated resources, and for incident creation. IBM utilizes multiple Cloud Data Center locations to deliver the Services. Customer acknowledges that i) the central infrastructure supporting the Cloud Web Portal and Customer Account contact information and User ID information provided by Customer (Customer Account Information) is stored and delivered from the central business support system data center location in IBM's European Cloud Data Center or other locations IBM deems necessary for the delivery of the Services, and ii) Customer VMs, as defined in this Services Description, are stored and delivered from the operational support system Cloud Data Center location(s) that Customer selects when ordering Services in the Cloud Web Portal. 2.2 Service Level Agreement 2.2.1 Service Level Additional Definitions Availability Percentage the amount, expressed as a percentage, equal to the total number of minutes in the applicable calendar month minus the Qualifying Outage Minutes, divided by the total number of minutes in that month. Claimed Outage the period (measured in minutes) during which Customer claims a Service Loss during a calendar month as substantiated by Customer providing Outage Documentation. Consolidated VM Group - all Gold and Platinum VMs assigned to Customer, as long as their total number is greater than or equal to twenty-five (25) VMs. Consolidated Unmanaged VM Group all unmanaged VMs assigned to Customer, as long as their total number is greater than or equal to twenty-five (25) unmanaged VMs. CMS Service Description.doc Page 2 of 39

Services Credit - an amount equal to three percent (3%) of Customer s current monthly recurring charges (excluding any applicable taxes and fees) for each SLA measurement unit, as applicable (e.g., individual VM or Consolidated VM Group). Qualifying Outage Minutes the aggregate of all Verified Outage minutes in a calendar month, minus any Claimed Outage minutes in that month resulting from any exclusion as set forth in subsection 2.2.7 below. Verified Outage a Claimed Outage that has been verified by IBM using IBM monitoring logs of the OS instance. A Verified Outage begins at the first Claimed Outage from Customer as verified by IBM s monitoring logs as a Verified Outage and ends when the IBM monitoring log shows the Services restored. Service Loss an inability to use a VM OS as determined by the OS unable to respond to an IBM controlled monitoring agent. Outage Documentation - documented records of the dates and time of the failed Services access attempts during the applicable calendar month, measured in five (5) minute increments and used to support a Claimed Outage. Such Outage Documentation must record the outage dates and times and received error messages for the failed attempts. Scheduled Outage scheduled maintenance as set forth in Section 3.8 below. 2.2.2 Service Level Types Upon execution of this Agreement, Customer will select SLA calculation methodology (1) or (2), which will apply across all of Customer s VMs. Methodology (3) will apply to unmanaged VMs. (1) Per VM Availability Service Level Agreement (SLA) The Per VM Availability SLA applies to each individual VM for the tier which the customer has selected in the Cloud Web Portal. The table below lists the Per VM Availability SLA by Tier: Tier Bronze Silver Gold Platinum Per VM Availability SLA percentage 99.5% availability 99.7% availability 99.9% availability 99.95% availability (2) Consolidated VM Availability Service Level Agreement: The Consolidated VM Availability SLA applies to the aggregate number of minutes that the Operating Systems of an active Consolidated VM Group is available The Consolidated VM Availability SLA percentage for each Consolidated VM Group is 99.95% availability. (3) Consolidated Unmanaged VM Service Level Agreement: 2.2.3 Service Credit Process The Consolidated Unmanaged VM SLA applies to the aggregate number of minutes that the active Consolidated Unmanaged VM Group is available, up to the hypervisor level (OS and above is excluded from this SLA). The Consolidated Unmanaged VM SLA percentage for each Consolidated Unmanaged VM Group is 99.99%. This SLA applies only to Consolidated Unmanaged VM Groups. If in any calendar month the Availability Percentage is less than the applicable Availability SLA percentage, Customer is eligible to request to receive a Services Credit, subject to the following process: a. Customer may claim one (1) Services Credit per calendar month, consisting of all claims for that month. b. In order to receive a Service Credit, Customer must submit a Claimed Outage to the Cloud Services Focal Point and provide appropriate Outage Documentation by the 5th day of the calendar month following the Claimed Outage month. CMS Service Description.doc Page 3 of 39

c. IBM will review Claimed Outages against Verified Outages and calculate the Availability Percentage. d. If the Availability Percentage calculated is less than the applicable Availability SLA percentage, then Customer will be eligible to receive a Services Credit from IBM. e. Customer agrees to pay all invoices in full while any Claimed Outage is being reviewed or Service Credit is being determined. 2.2.4 Settlement of Service Level Credits IBM will issue Services Credits in the invoice for the calendar month following the month of IBM s determination of Customer s eligibility for the subject Services Credit. Should a Services Credit be earned for the final month of Services provided, IBM will apply the credit against outstanding amounts due IBM under this Agreement, and if no amounts are due, IBM will refund the Services Credit amount to Customer. 2.2.5 Commencement of Service Level Agreement Service Levels begin i) the first full calendar month following the provisioning of the applicable VM(s) for Per VM SLAs; and, ii) three (3) full calendar months following the provisioning of Consolidated VMs. 2.2.6 Exclusivity of Remedies Customer agrees that its only remedies for IBM s failure to meet service level agreements are the Services Credits set forth in this Section 2.2 Service Level Agreement. 2.2.7 Exclusions All activity above the hypervisor, including but not limited to operating system management, monitoring, and database/application management, is excluded for Unmanaged Instances. In addition, the following will be excluded from the calculation of Qualifying Outage Minutes: a. scheduled maintenance or a scheduled outage as described in Section 3.8 Maintenance; b. any event outside of IBM's control, including but not limited to the following examples: (1) periods of emergency maintenance activities; (2) problems with Customer provided Content or programming errors including, but not limited to, Content installation and integration, or failure to patch and maintain any software installed on the VM; (3) system administration, commands, file transfers performed by Customer representatives; (4) work performed at Customer request (for example technical assistance) and other activities Customer directs; (5) denial of service attacks, natural disasters, changes resulting from government, political, or other regulatory actions or court orders; (6) labor disputes or strikes, acts of civil disobedience, acts of war, acts against parties (including carriers and IBM s other vendors), and other force majeure events; (7) lack of availability or untimely response time of Customer to respond to incidents that require their participation for source identification and/or resolution, including meeting Customer responsibilities for any prerequisite Services; (8) Customer s breach of their material obligations under this Agreement; (9) Customer s performance of any technical security integrity review, penetration test, or vulnerability scan pursuant to security obligations set forth herein; (10) VMs for which Customer selects no patch options for patch management; (11) VMs for which Customer has deferred implementation of patches for longer than 90 days; and (12) For managed VMs, periods in which IBM provides customer with root/privileged access. 2.3 Account Set up Set up activities to establish and maintain Customer s Account and enable Customer s access to the Services, including set up or modification of any additional Services options as set forth in Section 4 (Additional Services Options) ordered by Customer are described below. CMS Service Description.doc Page 4 of 39

2.3.1 IBM Responsibilities a. Assign a boarding manager to assist Customer; b. Provide contact information for account management support; c. Provide the Customer with Information Security Controls for Cloud Managed Services documentation; d. Provide the Customer Enablement Questionnaire (CEQ) to be completed by Customer; e. Establish Customer s Account and enable or modify Services selected by Customer; f. Notify Customer Business Manager when Services are ready for use; g. Provide a welcome package which will include Services information, Customer Business Manager administrator ID, and applicable forms, if any, to enable configuration of specific Services (for example Enablement Form or VPN and VLAN configuration form) and email contact information for IBM s Cloud Services Focal Point(s); and h. Provide information and access identification (IDs) required to access any additional Services options ordered by Customer. 2.3.2 Customer Responsibilities a. Provide an LDAP server for VM user identity management (Active Directory must be used for Windows OS); b. Provide a resource as a single point of contact for boarding and enablement activities; c. Obtain network (VPN or MPLS) access necessary for use of the Services; d. Review welcome package and perform activities to initiate use of the Account, verify Account information and set up, perform Services enablement activities and keep all such Account and Customer s contact information current; e. Designate up to three Customer Business Managers, manage changes of Customer Business Managers assignments (including validating, managing, and authorizing administrator access and rights and informing the Cloud Services Focal Point of such changes), and ensure Customer Business Managers are aware of responsibilities with regard to the Services and the terms of the Agreement; f. Provide information required to configure any additional Services options and perform any required activities to initiate or change and manage the use of such additional Services options ordered as described herein; g. Provide valid funding authorization, such as a purchase order, if Customer requires any such authorizations for IBM to invoice charges and to keep such authorization current and provide updates on a timely basis so as not to interrupt Services; h. Monitor Customer s Services usage, coordinate, manage, educate, and be responsible for the activities of all Users and their compliance with the terms of the Agreement; and, i. Use supported browsers to access any CMS portal as referenced in the CMS user guide. 2.4 Services Enablement When Customer Account is set up, IBM will activate and make available standard Services options for use by Customer. Not all Services options may be available at the same time from all Cloud Data Centers. Customer is responsible for proper selection and use of any Services options by Users. For any improper use of a Services option (such as use of Services Component software without proper Entitlements) IBM may: i) assess additional charges that would have been due for use of the Services Component software; or ii) require Customer to obtain proper Entitlements. Receipt of a service request constitutes Customer approval for IBM to disable or enable selected Services options. CMS Service Description.doc Page 5 of 39

2.5 Infrastructure Services This Section describes the CMS Infrastructure Services. 2.5.1 Virtual Machine Compute Resources Customer may select any of the following VM compute resource configurations consisting of the specified number of virtual central processing units ( Virtual CPUs or vcpus ) in either 32-bit or 64-bit configuration, Virtual Memory, and Virtual Storage. The compute resource configurations are: 32-bit VM configuration available in for System x ( Windows or Linux) Small Medium Large Maximum Configuration Virtual CPUs 1 2 4 8 * Virtual Memory (GB) 1 2 4 4 Virtual (root/os) Storage (GB) 64 64 64 64 Additional Disks Up to 24 disks, up to 2 TB each * A maximum of eight (8) for Window DataCenter Edition only. Four (4) Virtual CPUs is the maximum configuration for Windows Standard Edition. 64-bit VM configuration Small Medium Large Extra Large Jumbo Maximum Config AIX Maximum Config Linux Maximum Configuration Windows Virtual CPUs 1 2 4 8 16 64 64 4 (SE), 8 (EE), 64 (DC) Virtual Memory (GB) 2 4 8 16 32 256 128 32 (SE), 128 (EE,DC) Virtual (root/os) Storage 64 64 64 64 64 64 64 64 Additional (GB) Disks Up to 24 at up to, NA 2 TB ea** IBM may, at its sole discretion, provide a larger amount of storage for root disk than specified by the tables above. In this case, there is no additional charge to Customer and Customer is not entitled to additional storage on the root disk for any VMs provisioned in the future. Root disk for Platinum images is mirrored. Customer may request modifications to a VM by requesting changes to vcpu or Virtual Memory via the Cloud Web Portal. A Virtual Machine configuration may not be reduced below/made smaller than its original configuration. IBM reserves the right to modify Virtual Machine configuration options and maximums available to Customer. Completion of a change request to vcpu or Virtual Memory will immediately reboot a VM. Customer should submit a Service Request for VM provisioning requests over one hundred (100) VMs in a single month. Estimated time from start of provisioning request until turn over to customer of VM: Bronze and Silver level VMs: 24 Hours or less Gold level VMs: 48 hours or less Platinum level VMs: 72 hours or less. Provisioning of additional features such as additional storage, clustering, etc. may extend these objectives. 2.5.2 Additional Storage Attribute Options The following storage attribute options are available via the Cloud Web Portal when adding disk to the VM. Some options may not be modified after provisioning. a. Disk Size: Customer may select additional disk in any increment from 1 GB to 2048 GB CMS Service Description.doc Page 6 of 39

b. Storage Availability Zone: Customer may choose whether disk shall be collocated (for FlashCopy System P) or anti-collocated (for HA) on the storage pool. This attribute cannot be modified once selected. c. Mirroring: Customer may select whether to mirror disk. This attribute may by modified by Customer. d. Storage Tier: Customer may select the preferred storage tier for the data disks (base or performance). This attribute may be modified by Customer. e. Disk Type: Customer may choose the manner in which a data disk is provisioned from the storage pool. This attribute cannot be modified once selected. f. Customer may choose FlashCopy for System p VMs, which allows Customer to create copies of production data for development and test purposes and create point-in-time copies for recovery purposes. Customer is responsible for creation and management of any scripts required before and after (pre and post scripts) the FlashCopy executions which remain under control and responsibility of the customer. Customer is also responsible to check and setup encrypted volumes, when desired. IBM may, at its sole discretion, provision storage at a higher performance tier or disk type than Customer has selected, at no additional charge. IBM may also move the storage to the original selected tier or disk type at a future date. 2.5.3 Additional Virtual Machine Capabilities A customer may request the following for a Virtual Machine via the Cloud Web Portal. Fulfillment of the request may be subject to additional charges as specified in the Charges Schedule, and availability of capacity: (1) VM location of the Cloud Data Center for deployment provided that Customer has been boarded in that location and has connectivity with the Cloud Data Center selected. (e.g. Ehningen, Germany). (2) For a Windows/Linux VM, Customer may request suspension of a running VM. A suspended VM can be reactivated on an on-demand basis up to a maximum of 30 days from the suspend date without having to reinstall or reconfigure that VM. If the VM is not reactivated within the 30 day suspension period, the VM and all data within it will be immediately deleted/destroyed and the allocated disk will be released for reuse to the general pool. Customer is responsible for otherwise deleting or securing Customer Content/data prior to such VM deletion. Refer to the Charges Schedule for specific billing during this period. (3) The ability to start, stop and restart a VM via the Cloud Web Portal. If a VM is stopped while IBM is executing normal patch and backup functions, Customer VM(s) will not receive patch and/or backup Service. Customer alone is responsible for managing VMs availability for receipt of these Services. (4) If a VM is suspended while IBM is executing services such as OS patching, health checking, Systematic Attack Detection or backup functions, Customer VMs will not receive these services and other services which depend on VMs being active. (5) Upon receipt of Customer request to Remove Server Now, the VM will be immediately destroyed and the allocated disk will be released to the general pool for reuse. Customer is responsible for deleting or otherwise securing Customer Content/data prior to VM deletion. 2.6 Backup and Restore 2.6.1 IBM Responsibilities CMS provides a multi-tenant backup designed to provide Customer with file system backup and restore services, and as an optional Service and for an additional fee, Customer designated databases. This does not include the ability for complete restore of a VM s OS and is not a substitute for a disaster recovery solution. Backup can be performed for databases up to 30 TB in size, provided that the maximum table space in the database is under 8TB. CMS Service Description.doc Page 7 of 39

a. Perform and store data file backups (process of duplicating the customers to-be-backed-up Target Data ) with the intent of storing the data on a tape, consisting of a initial full back up with daily incremental back ups for files; b. For Customer selected DB2, Oracle, Sybase and MS SQL, perform a twice weekly full database backup, with a three times daily backup of database log files; c. Encrypt all tapes and manage encryption keys. Tapes and keys are not available to Customer; d. Monitor and manage backup activity; e. Move a copy of each tape containing encrypted data off-site to an IBM selected vault location once daily; f. Restore the requested data with the objective to initiate a minimum of 95 percent of the total number of restore requests per calendar month within a two hour timeframe for data that can be restored from a local copy; g. Retain inactive versions of backed up flat files for 30 days and the last version of a deleted file for 60 days; h. Retain database backups for thirty (30) days; i. Perform administration, tuning, optimization, planning, maintenance, and operations management for backup and restore; j. Provide and install additional infrastructure capacity for backup and restore, as required and as determined by IBM; and, k. Any scheduling conflicts between backup and patch management will result in the backup being performed on the next scheduled backup window. 2.6.2 Customer Responsibilities: a. b. Submit a request via the Cloud Web Portal identifying each database to be backed up; c. Submit a request to restore data from backup media. Through the Cloud Web Portal Customer may request restore of the latest version of a single file using the full path name of the file. For all other restores Customer must submit a Service Request; and, d. Provide all logical database administration, and physical database administration excluding backup and restore. User requested on-demand unscheduled incremental local data backup/restore capability is also available by submitting a Service Request via the Cloud Web Portal. 2.6.3 VM Image Capture For Windows or Linux VMs with no additional disks over base disk, Customer may perform an Image backup of Customer VM Image information via the Cloud Web Portal. The VM will be unavailable for use during the save process. The Cloud Web Portal will show a saving status of the VM while the Image is being created. The time it takes to save an Image will be affected by the size of the VM and Content within the VM. Restore is to the running VM from which the backup/image capture was taken. If a VM is deprovisioned all Images will be removed. If the VM from which the Image was captured later adds additional disks, the Image will no longer be available for that VM. 2.7 Services Component Software Options Each VM will be provisioned with an SC Operating System Image of Customer s selection from the OS image list made available at VM provisioning (UI or API). SC Images may contain software licensed by IBM or licensed by third party software providers. Specific terms below may apply depending on the software licensor. 2.7.1 SC Operating Systems IBM will provide all SC Operating System software for virtual machines used by Customer. The actual run time libraries / code will be an IBM provided OS Image. Customer legacy Operating System Images may not be used in the Service. CMS Service Description.doc Page 8 of 39

Use of a Microsoft SC Operating System is provided as described in Section 3.3 of the Agreement/SOW (Third Party Services Component Software). For Microsoft SC Operating System software, the applicable Third Party Agreement/ additional license terms are: Microsoft Server software (all available versions) is licensed from Microsoft under the additional license terms for Microsoft Volume License found at http://www- 935.ibm.com/services/us/gts/html/microsoft_volume_licensing.html. There is a No High Risk Use requirement that the User may not use the Microsoft software ( Product ) in any application or situation where the Product(s) failure could lead to death or serious bodily injury of any person, or to severe physical or environmental damage ( High Risk Use ). Examples of High Risk Use include, but are not limited to: aircraft or other modes of human mass transportation, nuclear or chemical facilities, life support systems, implantable medical equipment, motor vehicles, or weaponry systems. High Risk Use does not include utilization of Products for administrative purposes, to store configuration data, engineering and/or configuration tools, or other non-control applications, the failure of which would not result in death, personal injury, or severe physical or environmental damage. These non-controlling applications may communicate with the applications that perform the control, but must not be directly or indirectly responsible for the control function. 2.7.2 Customer Provided Software Customer is permitted to bring and upload its own properly licensed non-operating system software (sometimes referred to as bring your own software and license or BYOSL ) for use within the Services by installing it directly on a VM. Any such Customer provided software Customer brings and uploads in connection with the Services is considered Content as defined in the Agreement. Customer is responsible to ensure Customer has the necessary licenses, Entitlements, and approvals for adding, installing, uploading, transferring, and using such software with the Services. For software Customer has licensed separately from IBM Corporation ( IBM Software ) only those that are listed as eligible in the Table of Eligible BYOSL Software Programs on the PA Website may be uploaded as BYOSL software for use in the Services. For such IBM Software, Customer is responsible to: a. have accepted and remain in compliance with all terms of the applicable PA Agreements covering the Entitlements; b. have accepted and remain in compliance with the PA Attachment for Sub-Capacity Licensing Terms; and, c. maintain a written record of any use of Entitlements with the Services. Customer is responsible to have acquired sufficient Entitlements to cover Customer s use of such IBM Software on a selected VM compute resource size in accordance with requirements set forth on the PA Website. 2.8 Network Services IBM will provide a redundant local area network (LAN) infrastructure and static IP addresses from customer IP pool or private non internet routable addresses from IBM IP pool. IBM will provide up to five (5) internet routable IP addresses in support of network address translation if required. Requests for more than 5 IPs are granted in IBM s sole determination. Additional requests will be individually assessed. Customer can deploy VMs in multiple security zones, as defined by network isolation layers in the Customer s local network topology. A design point of three (3) VLANs is standard in the Service, Requests for more than three (3) VLANs are granted in IBM s sole determination. Additional requests will be individually assessed. Internet bandwidth is provided in support of customer environments, and may be metered and charged on a per GB rate based upon Customer usage. IBM strongly recommends that Customer obtain Internet-based TCP/IP vulnerability scanning services from IBM or from another vendor. This is not provided as part of the Cloud Managed Services. Customer s IBM Cloud Services Focal point can assist Customer with obtaining information on IBM vulnerability scanning services. Vulnerability scanning provides Customer with the ability to identify exposed vulnerable code and configurations. Once identified vulnerabilities can be resolved by any CMS Service Description.doc Page 9 of 39

numbers of means; applying patches, modifying an application configuration, or implementing mitigating controls. 2.9 Unmanaged Virtual Machine Services The Unmanaged Virtual Machine Services ( UVM ) allows Customer to provision unmanaged Windows, Linux and AIX VMs in the sizes set forth in subsection 2.5.1 above. The unmanaged VMs are provided without IBM OS management and IBM is responsible only for the operation of the CMS infrastructure upon which the unmanaged VMs are running (this is also referred to as below the hypervisor ). Customer has root access and all administrative responsibility for such unmanaged VMs, including maintenance and security (also referred to as above the hypervisor ). SC Operating Systems subsection 2.7.1 applies to the OS Images installed on unmanaged VMs and IBM will perform tracking and license management for Operating System software, Customer is responsible for all other software asset tracking and reporting responsibilities that Customer may have. No other software will be made available by IBM for unmanaged VMs, and Customer may not use Customer Images from managed VMs on unmanaged VMs The Additional Virtual Machine Capabilities set forth in subsection 2.5.3 are available for unmanaged VMs, with the exception of 2.5.3 (4). Some services that are available for managed VMs may not be available for UVMs. IBM may provide these additional services at its sole discretion and may incur an additional charge to Customer. Application Alerts, Additional Service Options and Support Services are not available for unmanaged VMs. Additional examples of managed services that are unavailable for unmanaged VMs are: i) no support for the setup of HA clusters; ii) no option to specify a placement constraint; iii) shared disks can not be requested; and iv) alert generation, database or middleware/application support are not available. Customer is required to provide all support for unmanaged VMs above the hypervisor, including but not limited to OS, database, application management and monitoring. However, although support for above the hypervisor is not provided as a standard service for unmanaged VMs, Customer may submit a Service Request via the Cloud Web Portal for above the hypervisor assistance. Such assistance will be subject to additional charges, which will be communicated for Customer acceptance prior to these assistance services being performed. Such assistance will be provided at IBM s sole discretion. Customer will be able to optionally request Backup Services via the Cloud Web Portal after an unmanaged VM has been provisioned and turned over to Customer for use. Backup services for unmanaged VMs will be provided in the same way as for managed VMs, with the exception that the Customer maintains primary responsibility for resolution of any issues that occur. Customer will be responsible for all patch management, and the ability to perform patch management will be made available to the Customer as a self-service feature. Unmanaged VMs can not be converted to managed VMs. 3. Managed Services 3.1 Operating System 3.1.1 IBM Responsibilities IBM will provide the following Operating System managed Services: a. Monitoring VM up/down status and resource utilization; b. Management of the OS processes and log files including security logs retained in guest VMs; c. Provide anti-virus protection for Windows only; d. Provide OS level security as per IBM standard operational procedures as defined in the Information Security Controls for Cloud Managed Services and supporting documentation; and e. Forwarding of one way trust relationship from IBM active directory into Customer s active directory (for Windows VM s). 3.1.2 Customer Responsibilities a. Maintain the application, middleware and any database software installed on the Services; CMS Service Description.doc Page 10 of 39

b. Manage all production systems applications, including start, stop, restart and recovery, batch flows, logical and physical database administration, promote to production, disaster recovery plan development and testing; c. Manage Customer User ID administration; d. Initiate service requests and changes through the Cloud Web Portal (e.g. VM activation) when available, and order Additional Services Options via completion and submission of the Additional Services Order Form to the IBM Cloud Focal Point; e. Not delete security logs retained in VMs; and, f. Provide an active directory for Customer s Windows VMs. 3.2 Customer Defined Patch Windows Upon boarding Customer will select a patch window start time, subject to availability. 3.2.1 IBM Responsibility for Customer Defined Patch Windows a. Apply OS Security patches automatically at the customer defined time and day of week. 3.2.2 Customer Responsibility for Customer Defined Patch Windows a. Select day of week and start time and timezone for maintenance windows 3.3 OS Security Patch Management For each Customer designated VM server type (Development, Test, Production 1, Production 2), patches included in this service are security or the OS. Application patches and upgrades are not included in this service. Upon provisioning a new VM, Customer may select automated patching, manual patching or no patch. Automated patching is the default setting and is the recommended setting for all VMs. For automated patching Customer will be alerted to the upcoming patches via email, and will be able to defer or reject patches before they are applied in the next patch cycle. For manual or no patch options there is an additional charge upon provisioning of a VM. SLA s are suspended for the no patch option. If manual patching results in a security exposure of a VM resulting in an outage then an SLA penalty will not be incurred. 3.3.1 IBM Responsibilities for Automated Patching IBM will provide the following operating system patch management services: a. Provide an email notification to Customer designated email address when patches exist for Customer review and approval in the Cloud Web Portal, with patch management window cut-off dates noted; b. Patch VMs based on Customer approvals on the next available patch management change window; c. Application of automated OS security, unless deferred or rejected by customer. 3.3.2 IBM Responsibilities for Manual Patch or No Patch Option IBM will provide the following operating system patch management services: a. Send regular approval reminders to Customer designated email address 2 and 5 days prior to patch cut-off dates; and, b. Install patches as designated by customers selecting the manual patch option. 3.3.3 Customer Responsibilities for Automated Patching a. Provide to the IBM Cloud Focal Point an email address to which pending patch approvals are sent; b. Defer or reject any patch before the patch cutoff date; c. Test the application, middleware and any database software installed on the Services after any patch is applied; and, d. Accept full responsibility for any patches deferred or rejected. CMS Service Description.doc Page 11 of 39

3.4 ITIL (Information Technology Infrastructure Library) Based Managed Services IBM will perform/provide the following ITIL based managed Services for CMS VMs: a. Asset management: IBM will track the status, location and usage ownership of Services Component hardware and software, including tracking and monitoring of IBM provided OS licenses. IBM will also track Customer owned/licensed software assets only if the Services recognize the signature file of such Customer software assets. Customer may request a list of assets utilization from their IBM Cloud Services Focal Point; b. Event management: IBM will provide management of events, excluding application/database alerting, though out their life cycle including auto ticketing with monitoring integrated into event management and event management integrated into Incident, problem and change system. Events may be changes of state that have significance for the management of a customer VM or for an element of the Services; c. Incident Management: IBM will provide management of the lifecycle of all unplanned interruptions and reductions of Services quality (incidents). The primary objective of Incident Management is to return the Customers Services to full operation; d. Problem Management: IBM will provide support for the detection, reporting, and correction of problems (causes of one or more incidents) that impact CMS and customer resources. Once problems have been rectified, root cause analysis is performed and appropriate adjustments are recommended and implemented; and, e. Service Request Management: IBM will provide a Service Catalog and allow for automated service requests and change management via the Cloud Web Portal. 3.5 Standard Operational Reports IBM will provide operational status and the following reports via a portal. IBM will provide summary and detailed reports in the following areas: Incident, Problem and Change Services Activation and Deletion Virtual Machine Configuration Usage and Charges 3.6 Security 3.6.1 IBM Security Responsibilities IBM will provide the following security related Services for the Cloud Data Center base infrastructure and Customer VMs: a. Provide Information Security Controls for Cloud Managed Services documentation to customer; b. Physical access security to the Cloud Data Center; c. Secure access to Cloud Web Portal and APIs via Secure Sockets Layer (HTTPS); d. Discrete Customer Cloud Web Portal authentication. Customer controlled authorization of User access to functions provided by the Cloud Web Portal; e. OS security related patches; f. Configuration and management of the OS images and VMs to the stated Information Security Controls for Cloud Managed Services policy; and, g. Perform system security checks per the Information Security Controls for Cloud Managed Services policy. IBM is not obligated to perform any Customer requested security audits or other audits. If IBM, in its sole discretion, agrees to perform any custom audit requested by Customer, such audit will be performed under a separate statement of work and at Customer s sole expense. CMS Service Description.doc Page 12 of 39

3.6.2 Customer Security Responsibilities a. Customer will follow IBM s Information Security Controls for Cloud Managed Services policies. b. Customer agrees, when Customer is performing any technical security integrity review, penetration test, or vulnerability scan, to: (1) only test, scan or review the Customer IP addresses that are part of the Services; (2) only test, scan, or review the Customer virtual computing resource instances and not shared portions of the Cloud Data Center; (3) provide advance notice to IBM of penetration test or vulnerability scan and agree to perform in a mutually upon change window, governed by the IBM change management process; (4) not perform such reviews more than once per calendar quarter; and (5) not perform or simulate denial-of-service attacks. c. (1) Manage and maintain the security settings of any application, middleware and any database software installed on the Customer VMs; (2) Manage User and Solution Recipient credentials for access to VMs and any Services; (3) Initiate service requests for VM activation and changes through the Cloud Web Portal or APIs for VM creation, modification, deletion; backup, status, usage and VM capture for x Series VMs; (4) Use VMs in accordance with the Acceptable Use Policy which includes not using the Services in a malicious manner, including but not limited to botnet or malware hosting; (5) Perform post activation middleware and database configuration; and (6) Identify and interpret legal, regulatory or contractual security requirements that are applicable to its business. d. During periods when a customer has 'root' or 'Administrator' access to an IBM managed system, the customer will: (1) not delete or modify system access or security logs; (2) not delete or modify the unix sudoers file; (3) not modify the Windows local or Group Policy configuration; (4) not modify IBM managed system or application services; (5) not remove or modify security hardening configurations defined in the governing CMS technical specification(s); (6) not remove or modify IBM software agents; (7) not remove or modify a system's computer name, domain membership, or ldap configuration; (8) notify IBM of any configuration changes made, which could impact the integrity of the IBM managed system; (9) notify IBM of any configuration changes made, which could expose the IBM Managed system to threats from the Internet; and, (10) accept full responsibility for the security integrity, availability, and confidentiality of the system and its data. 3.7 Support 3.7.1 Account Management and Service Requests Customer initiates a Service Request in two ways, a) via the Cloud Web Portal (some Cloud Web Portal Service Requests are predefined and pre-priced, others must be requested via a free form Service Request submission), or b) via email request for instance by submitting to IBM the Additional Services Order Form to the email address provided by IBM for such Service Request. Upon receipt of a request, the IBM Cloud Services Focal Point will take the appropriate actions, including contacting the Customer by email or phone for further information. Upon IBM s completion of Customer s Service Request, the Customer will receive an email notification, or if the Service Request was initiated through the Cloud Web CMS Service Description.doc Page 13 of 39

Portal, the only notice to the customer may be that the Service Request is flagged as complete in the Cloud Web Portal. The IBM CMS Cloud Services Focal Point general support responsibilities are to: 3.7.2 Request For Support: Serve as Customer interface for all escalations and communications Manage incidents Participate in change approval process Manage SLA attainment and issues Manage audits and compliance activities Participate in major incident management Coordinate and manage complex changes Manage minor steady state projects Manage Root Cause Analysis process for VMs up through the OS. The Cloud Web Portal will provide Customer with the ability to submit a request for support of the Services. Upon submission of the request, the Customer will provide information regarding the scope and impact. Based on the input from the Customer, IBM will assign a severity to the incident created and notify the customer via the Cloud Web Portal or email to the submitter. The criteria for assigning a Severity to the incident and the target resolution and response times are as follows: Severity Severity 1 Resolution time 90% within 4 hours Description Total loss of production Services to entire customer set. OS outage with critical impact on service delivery. Revenue or delivery schedule impact. No bypass or alternative is available, Problems or questions opened as Severity 1 may be downgraded if a viable workaround with a positive cost/benefit analysis is identified Severity 2- Resolution time 90% within 24 hours Severity 3 Response time 7 calendar days Severity 4 Response time 30 calendar days Key component, application is down, degraded, or unusable. Potential critical impact on service delivery. Services performance degradation; service delivery impacted. Partial Customer set affected. No acceptable alternative or bypass is available. A component, minor application or procedure is down, unusable, or difficult to use. Some operational impact, but no immediate impact on service delivery. Services outage but alternative workaround available. Potential exposure to ability to delivery of service. Scattered customers affected. Component, procedure, not critical to customer is unusable. Alternative is available; deferred maintenance is acceptable. No impact to Services. No production affected. Individual customer affected. Updates to the incident will be provided via the Cloud Web Portal or via email to submitter of the incident. There is no Service Level Agreement/Service Credit associated with the above response times. 3.8 Maintenance IBM will maintain and install updates and fixes as IBM deems appropriate to the Cloud Data Center base infrastructure and any of the standard Images. Services may not be available during these times. IBM reserves the right to interrupt Services to perform emergency maintenance as needed. IBM may change scheduled maintenance hours and will post to the Cloud Web Portal any such changes, as well as any emergency maintenance information. CMS Service Description.doc Page 14 of 39

3.8.1 Standard Maintenance Windows The Services will utilize pre defined and standard maintenance windows, some of which may cause the Services to be unavailable to the Customer. IBM will not seek Customer approval to execute maintenance, but will attempt to minimize impact to Customer s Services. IBM will make commercially reasonable attempts to communicate via a broadcast message to customer administrators the changes planned for each maintenance window, via the Cloud Web Portal, email, or other methods. 3.8.2 Daily Change Window The Services supports a daily change window that is designed to support Customer initiated change requests via the Cloud Web Portal. Customer initiated change requests may be made twenty four (24) hours per day, seven (7) days per week, exclusive of scheduled maintenance windows. Submission by Customer of a change request may require a restart, or reboot of Services Components, such as VMs, following performance of the change. 3.8.3 Patch Category The patching process is automated and bound by the type of server and criticality of the patch. When a VM is requested by Customer, one of the following server designations must be selected: (i) (ii) (iii) (iv) (v) (vi) Development Patches apply in Development maintenance cycle the first week of each month. Test - Patches apply in Test maintenance cycle, which is the second week of each month. Production 1 - Patches apply in Production maintenance cycle, which is the third week of each month. Production 2 - Patches apply in Production maintenance cycle, which is the fourth week of each month. Do not patch - Patches will be applied at the time of VM provisioning only. This selection is subject to an additional charge as outlined in the Charges Schedule. Manual patch - Patches will be applied during VM provisioning to bring the instantiated image up to date. Subsequent patches will be applied at customer request. This selection is subject to an additional charge, as outlined in the Charges Schedule. IBM, in its sole determination, may modify the patching schedule on an as needed basis. 3.8.4 Monthly Change Window The monthly maintenance window is the third Saturday of each month, 12 pm local time of the Cloud Data Center to 8 pm local time of the Cloud Data Center. Monthly change windows are not expected to impact the running VMs. The Cloud Web Portal may be unavailable during this period. 3.8.5 Other Change Windows IBM s intent is to contain all maintenance that may impact Customer services, in particular the availability of VMs, storage, network and other services, to the weekly and monthly change windows set forth above. Other change windows may be used on an exception basis for management of the environment. IBM will make commercially reasonable efforts to minimize Customer impact during such change windows and will notify Customer in advance. 4. Additional Services Options Additional Services options, as described in this Section 4 (Additional Services Options), may require extended scheduling and set up activities. Each Additional Service Option will identify if Customer must order or change options by completing an Additional Services Order Form Attachment and submitting it to IBM, or by submitting a Service Request via the Cloud Web Portal. Upon acceptance of an order by IBM for Additional Services Options, IBM will contact Customer for any scheduling or set up activities as required and will notify Customer when such additional Services are available for use. Customer agrees to pay for all Additional Service Options ordered, regardless of the order mechanism used by Customer. CMS Service Description.doc Page 15 of 39

4.1 Virtual Private Network Environment Services Customer may order one virtual private network environment ( VPNE ) per Cloud Data Center and up to three private virtual local area networks/security zones ( Private VLAN ) per Cloud Data Center via an Additional Services Order Form Attachment. As described in Sec 2.8, requests for more than three (3) VLANs are granted in IBM s sole determination and in no circumstance will more than twelve (12) VLANs be allocated to any single Customer in a Cloud Data Center. Customer may associate a Private VLAN to a VPNE, or the Private VLAN can be standalone and not associated with a VPNE. Each VPNE is required to have at least one but no more than forty VPN tunnels ( VPN Tunnel ). A VPN Tunnel is an encrypted communication path between a unique remote customer computing VPN gateway endpoint and a single IBM VPN gateway endpoint in a Cloud Data Center. VPN Services include support to connect to the IBM VPNE over the Internet using Internet protocol security extensions ( IPsec ) VPN Tunnels only. Customer will specify one unique IP subnet range representing the Customer VPN endpoint connection for each VPN Tunnel requested. Network configuration support for Customer s endpoint connection of a VPN Tunnel remains a Customer responsibility. A monthly recurring charge for the VPN service and a one time charge for each VPN tunnel defined will be due upon acceptance of Customer s order. Additional VPN tunnels, up to 40, can be requested at any point during the term of the agreement. After an initial order and set up of a VPNE within a Cloud Data Center, Customer can request changes to the VPNE by submitting a Cloud Web Portal Service Request. Other examples requiring change scheduling include change the number or configuration of any VPN Tunnels or the number or configurations of any associated Private VLANs. Deletion of the last VPN Tunnel in a Cloud Data Center will remove the VPNE for that Cloud Data Center. Customer understands that prior to ordering deletion of a VPNE the Customer must have deleted all VMs provisioned in those environments. Customer is responsible to save any such VM so they may be later provisioned as a new VM. 4.1.1 Set-up Responsibilities a. IBM will, for initial setup and as required for any additional VPN tunnels and VPN related changes requested after initial set up: b. provide a VPN set-up information form for each VPNE, which will include VPN Tunnel configuration or change request within each Cloud Data Center, c. upon receipt of the completed set-up form, set up the VPNE including the VPN Tunnel in the selected Cloud Data Center using information provided by Customer, d. provide Customer network representative with information regarding the VPN configuration needed to connect to an IBM VPN gateway endpoint; e. and Schedule and conduct an activation call with Customer s network representative at a mutually agreed to time to jointly activate VPN Tunnel(s) for the VPNE. Customer will, for initial setup and as required for any additional VPN tunnels and VPN related changes requested after initial set up: (1) designate a technically qualified network representative that can represent Customer and provide required configuration and set up information to IBM; (2) provide configuration information by completing and returning to IBM the VPN set-up information form for each Cloud Data Center where a VPNE is to be established; (3) configure and maintaining access from Customer s computing environment to each IBM s VPN Tunnel gateway; (4) perform initial preliminary set up activities related to the Customer s managed VPN end points prior to the joint activation call; (5) have Customer network representative participate in the call to jointly activate each VPN Tunnel connection; CMS Service Description.doc Page 16 of 39

(6) perform troubleshooting and correction of any issues with the configuration of Customer s VPN end point, any routing issues within Customer s network or any routing issues between Customer s network and the IBM VPN gateway; (7) initiate and maintain proper security controls for communications related VPN Services including but not limited to any desired protections at the entry into Customer s data center through the Customer provided VPN gateway; and, (8) provide Internet bandwidth at their site in support of the VPN. If during set up activities, Customer makes any change from what was specified on the Additional Services Order from, IBM reserves the right to reconcile and charge Customer based upon actual Services provided. 4.2 Virtual Firewall Services Managed virtual firewall provisioning between multiple VLANs is available for an additional monthly recurring charge. Customers may request configuration of firewall settings for one or for a group of VM via the Additional Services Order Form. There is a limit of 5 Firewall Configuration Change requests per month included in this service. Additional changes are available for an additional charge 4.2.1 IBM Responsibilities a. Provide a secure, hardened, redundant IBM Managed Firewall platform; b. Implement a default DENY ALL firewall policy configuration; and c. Upon receiving a written request from an authorized customer contact IBM will provide: (1) Export of the firewall policy. (2) Export of firewall logs. 4.2.2 Customer Responsibilities a. Submit firewall rule requests to IBM via the Cloud Web Portal; b. Complete an internal security evaluation of each firewall policy request prior to it being submitted to IBM for implementation; c. Complete an impact assessment or use case for each policy request prior to it being submitted to IBM for implementation; and d. Approve problem and change management requests, which permit IBM to maintain the stability and integrity of the managed firewall platform. 4.3 Virtual Load Balancer Services Customer may order software based virtual load balancer Services (VLBS) by completing and submitting an Additional Services Order Form. Load balancer Services gives Customer the ability to associate to VMs to be load balanced. The load balancing component is a server that is able to dynamically monitor and balance TCP servers and applications in real time. Load Balancing is limited to within a single CMS site. There is a limit of five (5) load balancing configuration changes a month included in this service. Additional changes are available for an additional charge. 4.3.1 IBM Responsibilities a. Provide a secure, hardened, redundant IBM Managed Virtual Load Balancer platform; b. Implement a default, secure policy configuration; and c. Upon receiving a written request from an authorized customer contact IBM will provide: (1) Export of the load balancer policy. 4.3.2 Customer Responsibilities CMS Service Description.doc Page 17 of 39

a. Submit load balancer policy requests to IBM via the Cloud Web Portal; b. Complete an internal security evaluation of each load balancer policy request prior to it being submitted to IBM for implementation; c. Complete an impact assessment or use case for each load balancer policy request prior to it being submitted to IBM for implementation; and d. Approve problem and change management requests, which permit IBM to maintain the stability and integrity of the managed load balancer platform. 4.4 Load Balancing as a Service (LBaaS) Customer may order hardware based Load Balancing as a Service (LBaaS) by completing and submitting an Additional Services Order Form. LBaaS is a multi-tenant, platform operating in a highly available design to provide stateful failover and enable Customers to distribute traffic load across multiple servers. Customer may select multiple VIPs, with each VIP having a maximum pool size and number of concurrent connections as listed in the Additional Services Order Form. Customer will be charged a monthly recurring charge based on the highest tier used, and for each VIP. Customer may change tiers at no charge up to once per calendar month by submitting a service request. 4.4.1 IBM Responsibilities a. For public address space, provide VIP(s) assigned by IBM's public internet address space pool; b. Configure the shared local load balancing infrastructure as part of the high availability load balancing cluster; c. Configure a local load balancing pool to distribute incoming network traffic for a specific network IBM destination (defined as an IP address and a port number) among a logical group of server instances defined as a load balancing pool using a load balancing method and persistence method specified in the Additional Services Order Form and Charges Attachments; d. When the local load balancing SSL acceleration option is selected by Customer, configure local load balancing SSL acceleration services for a load balancing pool at the IBM data center collocated with Customer VMs; e. Install SSL certificate on local load balancing operational infrastructure; f. Implement a set of IBM predefined irules to manage session persistence; g. Provide management and support of local load balancing pools including operational infrastructure troubleshooting, patching, administrative account management and configuration changes; h. Perform management (check for network response) to determine whether server instance in the local load balancing pool is up or down ; i. Provide backup and restore services for local load balancing operational infrastructure configuration settings; and j. Back up local load balancing operational infrastructure configuration settings and restore those settings in the event of a failure. 4.4.2 Customer Responsibilities a. Select the desired package in the CMS Additional Services Order Form Attachment; and b. Procure and provide the SSL certificate/key pair from a trusted certificate authority including annual renewals c. Select the load balancer method: Round Robin new connections are assigned to servers in rotation Least Connections New connections are assigned to the service with the fewest connections to it; d. Provide all naming and addressing data required by IBM to initiate the Service; e. Specify the type of health check to use to determine whether or not a load balanced server is operational. CMS Service Description.doc Page 18 of 39

TCP-half - Verifies the Transmission Control Protocol (TCP) service HTTP - Verifies the Hypertext Transfer Protocol (HTTP) service by attempting to receive specific content from a web page. f. Specify the type of persistence: NONE - No persistence is required Cookie persistence - Uses an HTTP cookie stored on a client s computer to allow the client to reconnect to the same server previously visited at a web site. Source address affinity persistence - Also known as simple persistence, source address affinity persistence supports TCP and UDP protocols, and directs session requests to the same server based solely on the source IP address of a packet 4.5 Shared Private MPLS The Shared Private MPLS is a service that provides private connectivity between a customer s network and CMS. This service can be ordered via the Cloud Web Portal, and a one time charge and monthly recurring charges will apply. Shared Private MPLS is a service based upon a customer provided, highly available, dedicated Wide Area Network (WAN) connection to the CMS provided carrier hotel or Point of Presence (POP). CMS then routes the private customer connection to the CMS datacenter through a private Virtual Local Area Network (VLAN) to the Customer s private VLAN(s) in CMS. This solution allows a private connectivity in the CMS datacenters without having to install additional hardware in the CMS Datacenter. Any physical interconnection is accomplished at a carrier hotel where many Customer service providers already have a point of presence. 4.5.1 IBM Responsibilities a. Provide a set of carrier hotel Point of Presence locations for Customer to terminate their MPLS network; b. Provide a set-up information form for shared private connection; c. Upon receipt of the completed set-up form, set up the shared private connection using information provided by Customer and their carrier; d. Schedule and conduct an activation call with Customer s network representative at a mutually agreed to time to jointly activate the shared private connectivity; and, e. Provide shared connectivity from the point of presence to the CMS datacenter, where Customer data is privately isolated from other data. 4.5.2 Customer Responsibilities a. Provide two WAN connections to the CMS designated carrier hotel POP or POPs within a region; b. Designate a technically qualified network representative that can represent Customer and provide required configuration and set up information to IBM; c. Provide configuration information by completing and returning to IBM the shared private set-up information form for each Cloud Data Center where a connectivity is to be established; d. Configure and maintain access from Customer s computing environment to each carrier hotel POP; e. Perform initial preliminary set up activities related to the Customer s shared private connection prior to the joint activation call; f. Have Customer network representative participate in the call to jointly activate each shared private connection; g. Perform troubleshooting and correction of any issues with the configuration of Customer s WAN connection, any routing issues within Customer s network or any routing issues between Customer s network and the CMS data center; and, CMS Service Description.doc Page 19 of 39

h. Initiate and maintain proper security controls for communications related shared private connection including but not limited to any desired protections at the entry into Customer s data center. i. If during set up activities, Customer makes any change from what was specified on the Additional Services Order from, IBM reserves the right to reconcile and adjust the Additional Services Order Form and charge Customer based upon actual Services provided. 4.6 EU/Poland Labor Option IBM will provide support for the Services from any geographic location deemed necessary. However, Customer may purchase above the hypervisor OS support labor which provides European Union based personnel for the areas of Systems Administration/Operating System Support via the Additional Services Order Form. 4.7 Application Alerts For certain commercially available software Customer may order the Application Alert Generation Service (AAG) for an additional fee via the Cloud Web Portal. Customer may request the current list of software for which this service is available from their IBM Cloud Focal Point, and must confirm availability at the time of ordering. The AAG Service provides Customer with notification of certain conditions triggered by pre-established thresholds. This is an optional Service which is selected on a per application/middleware product per vcpu basis. A one time setup charge per installation, and a monthly recurring charge per vcpu on the selected VM will be charged. A standard set of alert triggers is included, and Customer may not modify the standard alerts provided. Customer must specify i) the virtual machine the monitoring agent is to be installed on; ii) the specific software to generate alerts on, and iii) the Customer email ID to which alerts should be sent. The application/middleware to be monitored must already be installed on Customer s VM, and the AAG Service does not include the license, installation or management of the middleware/application. Requests to generate alerts on products no longer supported by the vendor are submitted to the Cloud Services Focal Point for assessment and, if accepted, may be subject to additional charges and terms and conditions. 4.7.1 IBM Responsibilities a. Provide the alert agent software and any required licensing for the alert agent ; b. Install and configure the alert agent; c. Define the standard alert triggers; d. Determine that alerts are being generated based on pre-set thresholds; e. Forward alert notice(s) to Customer designated email contact; f. Provide ongoing maintenance of the agent in the operating environment; and, g. Update the agent with version and maintenance release upgrades at IBM s sole discretion. 4.7.2 Customer Responsibilities a. b. Enter a Service Request in the Cloud Web Portal stating request for the Service; c. Specify the middleware/application software for which alerts are to be generated, based on current available software for which AAG applies, and on which VMs; d. Provide an email ID to which alerts are to be sent; e. Make any and all decisions regarding response to alerts. Customer has sole responsibility for all action and inaction related to alerts generated; and, f. Terminate AAG Services via a Service Request to the Cloud Web Portal when this Service is no longer needed. CMS Service Description.doc Page 20 of 39

4.8 Database Management For certain Services Component Software or Customer Provided Software database products, Customer may order, for an additional charge, Database Management Services (DBMS). Customer may request the current list of database software for which this service is available from their IBM Cloud Focal Point, and must confirm availability at the time of ordering. DBMS provides physical database administration (DBA) services and includes installation, tuning and physical DBA functions for the database selected by Customer. For each VM/database for which Customer selects DBMS, Customer will be charged a one time setup fee and a monthly recurring charge, specific to the size of the database being managed as specified in the Charges Schedule, for the term of DBMS. Databases larger than 5 TB require custom solution design and pricing. Monthly recurring charges for DBMS are based on database size as measured during the last week each month, and according to the tiers set forth in the Charges Attachment. DBMS is provided only as long as the product selected by Customer is supported by the software manufacturer. Continued support requests for database products which go out of support by the product owner must be approved by IBM, and are subject to unique pricing, terms and conditions. 4.8.1 IBM Responsibilities For DBMS security services: a. Comply with Information Security Controls for Cloud Managed Services for high severity database fixes; b. Comply with Information Security Controls for Cloud Managed Services base database technical specification; c. Perform Information Security Controls for Cloud Managed Services database health checking; For DBMS access services: d. Maintain program product software security accesses; e. Maintain DBMS System Administration ID & privileges; f. Maintain database security accesses at database level; g. Maintain database security accesses at object level; For DBMS availability services: h. Provide 24x7 severity 1 & 2 DBMS support; i. Perform major incident reviews; j. Manage DBMS error logging; k. Utilize appropriate problem management processes and tools; l. Perform DBMS problem determination and resolution; m. Monitor, alert and take corrective action for physical DBMS resources; n. Monitor, alert and take corrective action for DBMS space; o. Monitor, alert and take corrective action for database transaction logs; p. Perform DBMS support using IBM defined DBMS tools; q. Assist in the support of application problems, For DBMS system maintenance services: r. Support DBMS software (Customer initiated fix packs / patches); s. Manage and perform physical DBMS maintenance; For DBMS capacity and performance services: t. Provide data to a database capacity and performance plan; u. Monitor physical K.P.I. for DBMS capacity and performance; v. Implement physical DBMS improvements to meet K.P.I. objectives; w. Implement physical DBMS changes in support of normal data growth; CMS Service Description.doc Page 21 of 39

x. Monitor the size of the physical database objects; y. Perform database reorganization for performance, reclaim space, etc.; For DBMS change services: z. Execute physical DBMS changes; aa. Utilize appropriate change management process and tools; bb. Perform DBMS change management; cc. Execute DBMS system tasks to manage application database objects; dd. Execute object DDL to create database objects; ee. Provide project time estimates for DBMS related tasks within change plans; ff. Assess all changes for technical impact and sign-off changes; For DBMS generic support services: gg. Attend regularly scheduled account meetings; hh. Report problems and liaise with DBMS vendor and DBMS-tools vendors for support; ii. Maintain operational database documentation; For DBMS database creation services: jj. Maintain operational database documentation; kk. Install DBMS software; ll. Provide input to storage team for space allocation; mm. Create Instance; and nn. Create database. 4.8.2 Customer Responsibilities: a. Have ordered AAG and database backup services as prerequisites, and keep such services active for the term of the DBMS; b. Provide all database licenses, and purchase and\maintain a database support agreement with the database vendor for the term of DBMS, with IBM listed as an agent to allow IBM access to the database Level 3 support; c. Provide support for application code above the DB table structure (including all logical DBA support services); d. Maintain the database software to N or N-1 currency levels; and e. Terminate DBMS via a Service Request to the Cloud Web Portal when this Service is no longer needed. 4.9 Middleware Management For certain Services Component Software or Customer Provided Software middleware/application products, Customer may order, for an additional charge, Middleware Management Services (MMS). Customer may request the current list of middleware/application software for which this service is available from their IBM Cloud Focal Point, and must confirm availability at the time of ordering. MMS includes installation, configuration and management of the selected middleware/application software. Customer will be charged a one time setup fee and a monthly recurring charge per running instance of the selected middleware/application (not per VM). Customer may order MMS via a Service Request submitted on the Cloud Web Portal. MMS is provided only as long as the product selected by Customer is supported by the product owner. Continued support requests for middleware/application products which go out of support by the product owner must be approved by IBM, and are subject to unique pricing, terms and conditions. CMS Service Description.doc Page 22 of 39

4.9.1 IBM Responsibilities a. Install, configure and manage the middleware application; b. Work with Customer or Customer s application developer to tune the middleware stack for their application needs; For initial MMS functions: c. Review server/software configurations with customer assistance d. Install application server code e. Configure application server code f. Configure application server clusters g. Configure HTTP communication between web server and app server h. Configure Web applications with customer assistance i. Create application directory structure with customer assistance j. Create data connections with customer assistance k. Configure servlets (CLASSPATHs, init parms, etc.) with customer assistance l. Configure datasources with customer assistance m. Configure JVM arguments with customer assistance n. Configuration of Web Server plugin o. Generation of certificate requests with customer assistance p. Installation of server certificates For ongoing middleware support activities: q. Perform application server problem determination r. Perform minor version upgrades s. Install PTFs, patches and security fixes t. Modify Configurations u. Validation of customer change requests v. Container management For WebSphere MQ: w. Define and maintain WMQ Application Objects in the production environment including SSL parameters as requested. (Application Objects include processes, namelists, local queues (excluding xmit queues and system cluster queues), remote queues, and model queues.) x. Define and maintain WMQ Application Objects in test and development environments including SSL parameters as requested (Application Objects include processes, namelists, local queues (excluding xmit queues and system cluster queues), remote queues, and model queues. y. Configure WMQ System and system resources for test/development/production z. Support the system dead letter queue and system DLQ Handler aa. bb. cc. dd. ee. Monitor and manage any messages remaining in the system Dead Letter Queue after DLQ Handler processing Monitor and manage any messages remaining in the application Dead Letter Queue after DLQ Handler processing For Certificate Authority (CA) implementations: Generate the Certificate Signer Request (CSR) as requested for the distributed platform queue managers only (windows, Unix) Administer the SSL Key Database on the distributed platform (windows, Unix) For Self-Signed implementations: CMS Service Description.doc Page 23 of 39

ff. gg. Generate the Self-Signed Certificate as requested for the distributed platform queue managers only (windows, Unix) Administer the SSL Key Database on the distributed platform (windows, Unix) 4.9.2 Customer Responsibilities: a. Have ordered AAG as a prerequisite, and keep such service active for the term of the MMS; b. Order MMS services via an Additional Services Order Form; c. Provide all application/middleware licenses, and purchase and maintain a support agreement with the application/middleware vendor for the term of MMS, with IBM listed as an agent to allow IBM access to the vendor Level 3 support; d. Maintain the application/middleware software to N or N-1 currency levels; and e. Terminate MMS via a Service Request to the Cloud Web Portal when this Service is no longer needed. The following WebSphere MQ functions are not provided as part of Middleware Management Services and may be requested by Customer as a custom solutioned service for an additional fee: Provide diagram of connections of servers as related to Messaging Integration Middleware products Identify and describe application objects Support, maintain and recover application code Provide operational documentation relating to Messaging Integration Middleware (and related) applications Provide documentation and demonstration on how application(s) work Provide detailed instructions for application deployments, configuration changes, and/or other changes associated with the applications. Provide problem determination and resolution for application related problems Support and maintenance of Customer provided application tools and monitors Monitor Customer applications Support, maintain and provide problem determination for application load modules at exit points Implement data conversion for messages between platforms It is recommended that applications always do the data conversion on the MQGET of the message since the message may take many hops across different platforms on its way to its destination, and doing data conversion on each hop is a waste of resources Establish Specifications for the application Dead Letter Queue Handler Monitor and manage any messages remaining in the application Dead Letter Queue after DLQ Handler processing Determine if SSL will fulfill the authentication, integrity and privacy needs of this application Determine if CA (Certificate Authority) or Self-signed Certificates will be used Get the CSR signed by the customer s CA Monitor the certificate so that a new one can be ordered and added to the key repository before it expires Determine channel settings (SSLCIPH, SSLPEER, SSLCAUTH) to use Create, Configure, Update, and Migrate custom Adapters Support message flows once they are deployed Provide automation support for applications Provide performance tuning for messaging integration CMS Service Description.doc Page 24 of 39

4.10 Active Directory If the Active Directory Service is ordered by Customer, CMS will be capable of integration between Customer's Active Directory environment(s). AD Scenario 1 is provided to all Windows OS customers. Customer may select AD Scenario 2 and 3 via an Additional Services Order Form for a one time setup fee and a monthly recurring charge for each Scenario 2 and 3 Active Directory feature selected. Only migrations between Scenario 1 and 2 are supported without any existing Windows guests being deprovisioned prior to this change. Customers can use local IDs on the guests, or Customer domain IDs from the Customer domain to access the CMS guests. This is facilitated through a trust relationship. SCENARIO 1: IBM Managed AD Light For ADS Scenario 1 Customer can optionally maintain its existing Customer site Active Directory environment. CMS guests are provisioned into CMS dedicated Active Directory environment. This Scenario uses Single Sign On with simple credentials (user/password). 4.10.1 IBM Responsibilities for AD Scenario 1 a. Configure the CMS dedicated Active Directory to trust a single Customer s Active Directory domain located at Customer s site If Customer requires domain based Customer IDs to access the guests; b. Provide for single-sign-on to access guest VMs using Customer managed IDs (AD trust required); c. Install and configure one (2) VM (Medium, 64 bit, Windows OS, Silver) to act as Domain Controllers for the CMS domain within Customer s CMS VM space; d. Provide guidance to Customer with configuring the Customer site Active Directory; e. Configure internal and external firewalls 4.10.2 Customer Responsibilities for AD Scenario 1 a. Configure the Customer site Active Directory/Trust as required; b. Configure the Customer DNS forwarding as required. SCENARIO 2: IBM Managed Active Directory For ADS Scenario 2 Customer must maintain an Active Directory environment (either hosted within CMS, or extended into CMS from Customer site). CMS guests are provisioned into CMS Dedicated Active Directory environment. In addition: Active Directory Schema can be extended to support Active Directory based applications. The Kerberos authentication protocol can be used between the Customer and Customer VMs environments (through a Forest Trust). Certificate based logon/custom authentication providers can be enabled by Customer. Single Customer specific Domain Security Policy (GPO) can be enabled (this is stronger than default). 4.10.3 IBM Responsibilities for AD Scenario 2 a. Configure the CMS dedicated Active Directory to trust a single Customer Active Directory domain located at the Customer s site, if the Customer would like to use domain based Customer IDs to access the guests; b. Provide for single-sign-on to access guest VMs using Customer managed Customer IDs (AD trust required); c. Install and configure two (2) VM (Medium, 64 bit, Windows OS, Silver) to act as a Domain Controllers for the CMS domain within Customer s CMS VM space; CMS Service Description.doc Page 25 of 39

d. Install and configure two (2) Unmanaged VM (Medium, 64 bit, Windows OS, Silver) to act as a Customer managed Domain Controllers for the Customer domain within Customer s CMS VM space; e. Provide guidance to Customer with configuring the Customer site Active Directory; f. Configure internal and external firewalls. 4.10.4 Customer Responsibilities for AD Scenario 2 a. Configure the Customer site Active Directory/Trust as required; b. Configure the Customer DNS forwarding as required; c. Assist in configuring Customer Active Directory Domain Controllers on 2 Unmanaged VMs; d. Manage SSL certificates where required; and, e. Manage/Monitor/Maintain the unmanaged VM s that are extensions of the customer s AD forest into the CMS cloud environment. Customer will not make any changes (including start/stop/deprovision) to the IBM Managed Domain Controllers through the Cloud Web Portal/API functions. SCENARIO #3: Customer Managed Active Directory For ADS Scenario 3 Customer must maintain an Active Directory environment (either hosted purely in CMS, or extended into CMS from the Customer site). CMS guests are provisioned into existing Customer Active Directory In addition: Active Directory Schema can be extended to support Active Directory based applications. The Kerberos authentication protocol can be used between the Customer and Customer VMs environments. Guests can be migrated from the Customer site to Customer s CMS VMs without a change in Active Directory domain membership, reducing impact to existing applications. Certificate based logon/custom authentication providers can be enabled by Customer. VMs can be provisioned into ten different organizational units per domain. Customer specific Domain Security Policy (GPO) can be enabled (stronger than the default). One GPO per organizational unit is supported and must be pre-approved by IBM. 4.10.5 IBM Responsibilities for AD Scenario 3 a. Configure the CMS management Active Directory trust with the Customer s Active Directory domain located at the Customer s site; b. Provide for single-sign-on to access guest VMs using Customer managed Customer IDs; c. Install and configure two (2) VM (Medium, 64 bit, Windows OS, Silver) to act as a Domain Controllers for the CMS domain within Customer s CMS VM space; d. Install and configure two (2) Unmanaged VM (Medium, 64 bit, Windows OS, Silver) to act as a Customer managed Domain Controllers for the Customer domain within Customer s CMS VM space; e. Provide guidance to Customer with configuring the Customer site Active Directory; and, f. Configure internal and external firewalls. 4.10.6 Customer Responsibilities for AD Scenario 3 a. Configure the Customer site Active Directory/Trust as required; b. Configure the Customer DNS forwarding as required; CMS Service Description.doc Page 26 of 39

c. Assist in configuring Customer Active Directory Domain Controllers on 2 Unmanaged VMs; d. Manage SSL certificates where required; and, e. Manage/Monitor/Maintain the unmanaged VM s that are extensions to the customer AD forest into the CMS cloud environment. Customer will not: (1) Allow changes/failures in their Active Directory environment to apply Group Policy to CMS guests, unless otherwise directed by CMS (policy inheritance must be disabled). (2) Allow changes/failures in their Active Directory environment inhibit IBM s ability to provision guests into the IBM Cloud organizational unit and its child organizational units. (3) Allow changes/failures in their Active Directory environment inhibit IBM s ability to manage guests. (4) Attempt to gain privileged/administrative access to CMS guests without following IBM privileged access processes. (5) Attempt to move computer account objects out of the organizational unit and its child organizational units. (6) Relocate the organizational unit without written notification to IBM seven (7) days in advance of the change. (7) Make any changes (including start/stop/deprovision) to the IBM Managed Domain Controllers through the Customer portal/api functions. 4.11 High Availability Clustering As an optional service Customer may order High Availability Clustering Services ( HACS ) for RedHat Linux SC Operating Systems, Windows SC Operating Systems, and AIX SC Operating Systems via the Cloud Web Portal. HACS is designed to increase the resiliency of the operating environment for the VMs for which the service is selected. Customer will be charged a one time setup fee and a monthly recurring charge for each VM for which Customer orders HACS. A high availability cluster is composed of multiple operating system instances/vms with optional shared storage and shared service IP. No two members of a high availability cluster reside on the same physical server to prevent a single physical failure from disabling an entire high availability cluster. A high availability cluster is contained within a single point of delivery in a Cloud Data Center. IBM provides support for OS clustering only. Application and database clustering is Customer s responsibility. Customer can create a high availability cluster from selected sizes and OS images as indicated in the Cloud Web Portal Service Catalog. HACS will support the following functions: VM anti-collocation control Cross-VM shared storage Shared Service IP numbers High availability clustering software for the OS installation 4.11.1 IBM Responsibilities for HACS a. Provide operational support and system administration for the HAC; b. Provide the license for, and install the HA software below the hypervisor; c. Configure the HA software above the hypervisor; d. Provide Customer with the ability to reserve a Service IP for use by the HA Clustering software; and, e. Enable Customer to delete the VMs and all storage associated with the HA Cluster. CMS Service Description.doc Page 27 of 39

4.11.2 Customer Responsibilities for HACS a. Provision two identical VMs residing on different physical servers for fault containment; b. Provision additional storage identically to the two VMs. This does not prevent Customer from making changes to these VMs following their original provision; c. Follow steps and restrictions for setting up, managing, changing, and deleting the HA Cluster; d. Ensure that changes to a HA Cluster are correctly rolled out across the Cluster and that the two VMs the Cluster are kept identical; e. Ensure that only one Portal operation is being performed on the Cluster at a time; and, f. Configure the HA Clustering software for the specific application being protected. The PE/DPE must contact HIPAA Risk Assessments/ATLANTA/Contr/IBM for validation and assessment of HIPAA scope applicability when selling the HIPAA Support Service Pack to ANY CUSTOMER. 4.12 HIPAA Support Service Pack Customer can order the HIPAA Support Service Pack (HIPAA-SSP) via the Cloud Web Portal. This Service is limited to CMS accounts deployed in Raleigh, Boulder, Ehningen, and Montpellier. HIPAA-SSP is available only on newly provisioned Managed VMs, and once applied cannot be removed. HIPAA-SSP is available for VMs with Operating Systems that have been migrated into CMS (retrofit for artifacts from migration activity is not included), and applies only up through and including the VM operating system. IBM anticipates that the implementation of technical tools and associated processes to address HIPAA related requirements will occur during the first three months of 2014. Upon implementation of the tools, processes and applicable solutions, IBM will complete a risk assessment to discover gaps, if any, which will need to be remediated. IBM will use reasonable efforts to complete the implementation of any tools, processes, applicability solutions, and the remediation of any gaps as early as possible. In the event that IBM is unable to complete the implementation, subsequent risk assessment and remediation of gaps, if any, before the completion of transition for the Customer s CMS environment, or an alternate time period as mutually agreed between the parties, IBM and Customer will re-negotiate, in good faith, an amendment to the current ordered CMS Services. HIPAA-SSP is priced per VM with a monthly recurring charge, by the CMS size designation of the VM, independent of architecture or Operating System. In addition there is a one time charge for each Vormetric key management appliance the Customer specifies (1 is absolute minimum). To stop the HIPAA-SSP charges, the VM must be deleted. Charges continue for VMs with the HIPAA-SSP installed while those VMs are suspended, or while the VMs are active having failed over as part of a disaster recovery event. Customer acknowledges that the HIPPA-SSP: a. does not make a Customer HIPAA compliant b. does not make the CMS services or IBM HIPAA certified c. does not make the Customer PHI applications HIPAA compliant d. does not include HIPAA program compliance consulting e. does not include support of health care clearinghouse functions f. does not include Customer requested audit participation. Customer requested audit participation must be initiated by a Customer audit assistance request, and if this request is accepted by IBM will be conducted under a separate SOW and for an additional cost. 4.12.2 IBM Responsibilities a. Install the agents and tooling, and address alerts or service indications the Service Pack tooling may generate; b. For At rest data encryption: CMS Service Description.doc Page 28 of 39

(1) Provide an encryption appliance (physical or logical) to Customer; (2) Provide Customer start-up education including the topics of encryption key assignment, management, and building of customized encryption key definitions; (3) Maintain all support and licensing for the appliance for the term of the HIPAA-SSP to allow Customer use. c. Provide centralized log management system and retain logs for a period of nine (9) months; d. Monitor and control IBM managed system IDs so that IDs can be traced to a single owner for individual accountability; e. Monitor and review administrator user activity at the system level for failed login attempts and unauthorized access to logs; and, f. Enter into the Business Associate Agreement which when completed is to be attached hereto as Exhibit 1. 4.12.3 Customer Responsibilities a. Order the HIPAA-SSP; b. For At rest data encryption: (1) Order a minimum of 1 physical or virtual key management appliance, (minimum of 2 are recommended by IBM); (2) Set up the encryption appliance and provide all operational support for the encryption appliance; (3) Retain and manage the encryption keys for data storage; (4) Perform all encryption key definition and assignment; (5) Define and maintain encryption policy; (6) House and operate the physical or logical appliance so that IBM resources cannot, by any means, obtain access to Customer data defined as Protected Health Information; (7) Provide appropriate personnel and require participation in start-up education including encryption key assignment, management, and building customized encryption key definitions; (8) Manage encryption profile(s) at individual file levels, deploy user access controls; (9) Encrypt content in transit between Customer applications and IBM; (10) Back up the encryption key server; (11) Restore encryption key and policy at Customer disaster recovery site; The appliance(s) remain with the Customer at contract termination so that Customer can continue to manage the encryption keys; and, c. Enter into the Business Associate Agreement which when completed is to be attached to this Service Description as Exhibit 1. 4.13 PCI Support Service Pack Customer can order the PCI Support Service Pack by via portal. The PCI-SSP is available for ordering by Customers located at the Raleigh, Boulder, Ehningen, and Montpellier Data Center sites for newly provisioned, managed virtual machine (VM), of any OS or architecture. Existing VMs cannot be retrofitted, nor can the PCI Service Pack be removed from a VM once applied. If the Service is no longer desired, the VM must be deleted. An annual attestation of compliance will be documented and signed by a Qualified Security Assessor. PCI-SSP is priced per VM with a monthly recurring charge, by the CMS size designation of the VM, independent of architecture or Operating System. In addition there is a one time charge for each Vormetric key management appliance the Customer specifies (1 is absolute minimum). To stop the PCI- SSP charges, the VM must be deleted. CMS Service Description.doc Page 29 of 39

The encryption appliance(s) remain with the Customer at contract termination so that Customer can continue to manage the encryption keys in the new service location. Customer acknowledges that: a. CMS services do not make a Customer comply with PCI requirements b. CMS services do not make the Customer applications comply with PCI requirements c. The Service does not include PCI compliance consulting services. d. does not include Customer requested audit participation. Customer requested audit participation must be initiated by a separate Customer request, and if approved by IBM will be conducted under a separate SOW and for an additional cost. 4.13.2 IBM Responsibilities a. Beginning 4Q 2014, provide to Customer an annual Attestation of Compliance (AOC) report that affirms the Service is engineered and delivered in a manner meeting the standard against PCI-DSS version 2.0; b. Install the agents and tooling, and address alerts or service indications the Service Pack tooling may generate; c. For At rest data encryption: (1) Provide an encryption appliance (physical or logical). (2) Provide Customer start-up education including the topics of encryption key assignment, management, and building of customized encryption key definitions. (3) Maintain all support and licensing for the appliance for the term of the HIPAA-SSP to allow Customer use. d. Provide a centralized log management system and retain logs for a period of twelve (12) months; e. Disable IBM and Customer Administration user ID accounts that remain inactive for 90 days; f. Provide two methods of identification for proper authentication for all administrators for remote access and systems; g. Monitor and control IBM managed system IDs so that IDs can be traced to a single owner for individual accountability; h. Use monitoring software to examine system settings and monitor log files to ensure changes and upgrades are properly tracked; and, i. Monitor and review administrator user activity at the system level for failed login attempts, unauthorized access to logs, and other activities. 4.13.3 Customer Responsibilities: a. Order the PCI-SSP (1) Order a minimum of 1 physical or virtual key management appliance, (minimum of 2 are recommended by IBM); (2) Set up the encryption appliance and provide all operational support for the encryption appliance; (3) Retain and manage the encryption keys for data storage; (4) Perform all encryption key definition and assignment; (5) Define and maintain encryption policy; (6) House and operate the physical or logical appliance so that IBM resources cannot, by any means, obtain access to Customer data defined as cardholder data; (7) Provide appropriate personnel and require participation in start-up education including encryption key assignment, management, and building customized encryption key definitions; CMS Service Description.doc Page 30 of 39

(8) Manage encryption profile(s) at individual file levels, deploy user access controls; (9) Encrypt content in transit between Customer applications and IBM; (10) Back up the encryption key server; and, (11) Restore encryption key and policy at Customer disaster recovery site. Customer provides disaster recovery subscriptions for PCI workloads, whether IBM s solution or by another solution provider. The appliance(s) remain with the Customer at contract termination so that Customer can continue to manage the encryption keys. 4.14 CMS Migration Services Cloud Managed Services Migration Services can be ordered via the Additional Services Order Form. Cloud Managed Services Migration Services (CMSMS) provides the services to migrate Customer s physical or virtual images (Windows, Linux or AIX) into the Cloud Managed Services environment according to the results of the planning activities performed by the Customer. CMSMS will be executed on an iterative, Wave-by-Wave basis. Each of the major activities described will be repeated based on the number of Waves and physical or virtual images within each wave. A migration wave consists of a subset of the total images to migrate. The wave typically consists of images that should logically quiesce and move together during a Customer change window and usually has a maximum of 25 instances. For each wave, the migration engineer will transport the Customer images and data to the target Customer directory using scp or rsync. The files will include: OVF files and associated VMDKs (root and data disks) for each customer image to be migrated (Windows / Linux) mksysb / datavg images (AIX) Required source environment data per the CMSMS Customer Support and Data Document Customer specific adjustment plans CMSMS is available for Managed and Unmanaged Virtual Machines, for all operating systems supported by the CMS environment. The Base CMSMS Service supports one (1) attached logical Disk with 250 GB for each image. Additional logical Disks and Data Volumes above 250 GB must be ordered by Customer and will be charged as a separate order. IBM will provide the CMSMS Services during an 8 hour business day in Customer s time zone, unless another time zone is mutually agreed upon by Customer and IBM. Production cutovers may be scheduled outside of normal weekday business hours, over the weekend or during designated holiday periods as agreed upon by IBM and Customer. IBM work in their home location will be performed during their home location normal 8 hour business day, unless differently agreed upon by Customer and IBM. 4.14.1 Pre-Migration a. IBM Responsibilities: Before beginning migration (1) Review the Services Order Form and confirm migration scope with customer; (2) Determine and validate if images selected meet CMS environment requirements; (3) Enable the Migration tool for the customer environment; (4) Facilitate a readiness assessment session for the Customer assigned migration personnel; (5) Check the completion and availability of all necessary information in the CMSMS Customer Support and Data Document modules: (a) (b) (c) Pre-engagement Checklist; Required Data Elements XLS; and Migration Runbook. (6) Conduct a project kick-off meeting. b. Customer Responsibilities: CMS Service Description.doc Page 31 of 39

(1) Make sure Customer resources are named and available; (2) Complete the CMSMS Customer support and Data Document ; and (3) Participate in the readiness assessment and the project kick-off meeting. 4.14.2 Migration Task 1: Establishment of Migration Baseline a. IBM will establish unit baseline test cases and criteria for each Customer application/workload within a physical or virtual image in order to measure/validate that the workload is functioning properly for acceptance and cutover into production. The source/baseline system will be 'locked down' and become the reference against which updated, ported or consolidated application(s) will be comparison tested throughout the project. b. IBM Responsibilities: (1) Assist Customer in defining user acceptance test criteria. c. Customer Responsibilities: (1) Provide the environment, test materials (cases, scripts, data), and resources required to execute baseline and subsequent test activities. 4.14.3 Migration Task 2: Migration Target System(s) / Image(s) Build IBM will configure the target environment to run Customer applications listed in the migration plan. In preparation for migration and User Acceptance Testing; e.g. the directory structure of a Customer production system will be replicated and the necessary user accounts will be created. a. IBM Responsibilities: (1) Verify, determine, and document that the installation of required software has been completed as documented in the migration plan; (2) Create an instance in the CMS target environment for the migrated customer images; (3) Ensure that capacity in the CMS environment will be available; (4) Ensure that the following infrastructure components are in place and ready for use at the start of the migration project: (a) (b) (c) b. Customer Responsibilities: Physical / virtual servers for the Migration tool; Data center infrastructure services such as Backup, Monitoring and Anti-Virus; and Automated software products utilized in this project unless stated otherwise. (1) Allow root access to IBM to all source servers that are candidates for migration; (2) Help coordinate access management to customer environment as required; (3) Install all required software related to the running of Customer s workload as agreed to with IBM; (4) Create an image for the Migration workloads; (5) Supply the VCenter license and console for the creation of any Windows s images; (6) Be responsible for Windows infrastructure such as DNS, AD and/or Domain Controllers; (7) Be required to supply Customer storage between 1 TB and 2 TB prior to migration to hold images for conformance testing; (8) Be responsible for Customer storage provisioned to the source environment; and (9) Manage all Firewalls and Network fabric such as: min. 1 GigE; VLAN tagging. CMS Service Description.doc Page 32 of 39

4.14.4 Migration Task 3: Migration Consolidation Activities This task involves working with Customer to make the necessary updates to move Customer s workloads (applications, files and databases) to the target CMS environment. a. IBM Responsibilities: (1) Move O/S Images using Migration tool; (2) Perform post migration validation checks; (3) Perform adjustments on migrated target O/S images and handover to Customer for User Acceptance Testing; (4) Perform testing by confirming that all processes have started successfully; and (5) Confirm ability to log into the server; and, (6) Hand over migrated images to Customer. b. Customer Responsibilities: (1) If required, upgrade Application source code for operating under new target IBM Cloud Managed Services (CMS) environment prior to consolidation; and, (2) On migrated target O/S Image, assist IBM with adjustments tasks. 4.14.5 Migration Task 4: Migration User Acceptance Testing a. IBM responsibilities (1) Confirm that the acceptance criteria tests produce the same results on both Customer s source and target systems. b. Customer Responsibilities (1) Perform test execution and problem resolution; (2) Make application testers available during testing; (3) Execute the data migration checksums and remediate; and (4) Confirm to IBM that User Acceptance Testing is completed. 4.14.6 Additional Customer Migration Responsibilities - Network, Servers, Workstations, Software a. Customer Responsibilities (1) Be responsible for acquisition, installation, configuration, tuning, connectivity, management, relocation and support of the following, in such a way that will ensure proper throughput and uptime performance, and so as not to negatively impact/degrade the schedule of the project: (a) (b) Network infrastructure; and Storage. (2) Be responsible for the selection, acquisition, installation, configuration, tuning, porting, management, support and/or debugging/validation of all open source components used by the application(s) required to fulfill the objectives of this project; (3) Ensure minimum one dedicated OC3 network is available to meet consolidation target environment and application requirements; (4) Ensure required storage in source environment is procured and installed to meet schedule commitments; (5) Ensure change management and asset management systems are in place to successfully implement consolidation Waves; and CMS Service Description.doc Page 33 of 39

(6) Ensure required hardware and software is ordered in time to meet schedule commitments. 4.14.7 CMSMS Additional Options: Test and Cutover support For an additional charge Customer may order Test and Cutover Support for IBM to assist Customer with test and cutover to the CMS environment and document the completion of the cutover to production. Customer may order either five (5) and ten (10) hours of Test and Cutover Support (Standard or Enhanced respectively). a. IBM Responsibilities IBM will provide hours of support, as ordered by Customer, to deliver support activities such as: (1) Assistance with creation and removal of user IDs; (2) Partial re-migration of a server; and (3) Assisting customer with troubleshooting in regards to CMS environment. b. Customer Responsibilities (1) Define baseline user acceptance test criteria; (2) Perform user acceptance testing; (3) Verify that the target CMS environment is properly configured prior to execution the target system User Acceptance test; (4) Be responsible for execution of user acceptance testing task within two(2) days of delivery on the target system(s); and (5) Sign the certificate of completion and hand over to IBM. 4.14.8 CMSMS Additional Options: Data Synchronization For an additional charge IBM will perform migration of source virtual systems to the target, with the ability to perform data synchronization of the data for the final cutover. a. IBM Responsibilities (1) Install the data synchronization software on compatible source and target server; (2) Configure the data synchronization software to execute data transfer on the network; and (3) Perform final data synchronization after image migration which will need source server to be shut down. b. Customer Responsibilities (1) Provide data synchronization console. The data synchronization console can be run from a source, target or any server or Customer provided machine. It can be run from a 32-bit or 64- bit physical or virtual machine running Windows 7, Windows Vista, or Windows XP Service Pack 2 or later and must have Microsoft.NET Framework version 3.5 Service Pack 1 installed; (2) Grant access to install data synchronization agents on source/target server; (3) Ensure ports are open bi-directionally on the in-scope servers for the data synchronization to function; (4) Make sure remote connectivity (e.g. VPN access) is in place to support offsite migrations; (5) Ensure provision of adequate downtime for data synchronization & cutover to production; and, (6) Perform verification of the data, and insure integrity of the data cutover to production. CMS Service Description.doc Page 34 of 39

4.14.9 CMSMS Additional Options: Migration Project Management Services IBM will provide project management for the IBM responsibilities of the Migration Service. The purpose of this activity is to provide technical direction and control of IBM project personnel and to provide a framework for project planning, communications, reporting, procedural and contractual activity. a. IBM Responsibilities (1) Review the Service Description Attachment, the Order Form and the contractual responsibilities of both parties with the Customer project manager; (2) Establish and maintain project communications through the Customer project manager; (3) Provide project management lead for the contracted standard migration service; (4) Manage the delivery of the CMS Services; (5) Coordinate the establishment of the project environment; (6) Prepare and maintain an project plan for the contracted standard migration service; (7) Review with the Customer project manager the project tasks, schedules, and resources and make changes or additions, as appropriate and work to address and resolve deviations; (8) Conduct regularly scheduled project status meetings; (9) Prepare and submit weekly status reports to the Customer project manager; (10) Report to the Customer project manager any problems and issues impacting provision of the Services that require Customer s attention / resolution; (11) Coordinate resolution of issues raised by the Customer project manager and, as necessary, escalate such issues within the IBM organization; and (12) Coordinate and manage the technical activities of IBM project personnel. b. Customer Responsibilities (1) Prior to the start of the migration project, designate a project manager who will also be the Single Point of Contact (SPOC) for Customer relative to this project and who will have the authority to act on behalf of Customer in all matters regarding this project. The Customer project manager/spoc responsibilities include the following: (a) (b) (c) (d) (e) (f) (g) (h) (i) Provide IBM access to Customer s systems and facilities, as reasonably required; Administer any Customer requested changes to the Services and Agreement; Communicate to the IBM project manager any changes that may materially affect IBM s provision of the Services; Manage the Customer personnel and responsibilities for this project including assistance with planning, scheduling meetings and milestone reports support; Serve as the interface between IBM and all Customer departments participating in the project; Participate in project status meetings; Obtain and provide information, data, and decisions within three working days of IBM's request unless Customer and IBM agree in writing to a different response time; Coordinate resolution of project issues raised by the IBM project manager, and escalate issues within Customer s organization, as necessary; Ensure that Customer s staff is available to provide such assistance as IBM reasonably requires and that IBM is given reasonable access to Customer senior management, as well as any members of its staff to enable IBM to provide the Services; (2) Provide Reasonable Customer resources to fulfill the needs of this project such that: (a) (b) Customer s resources will complete all project tasks and requirements according to the project schedule; Customer s provided resources should have sufficient skills, expertise, and experience to effectively aid in the progression of the project; CMS Service Description.doc Page 35 of 39

(3) Make available all required Customer project information (e-mail, correspondence, meetings, application interviews, teleconferences, application documentation, application code, test products, deliverables, etc.) in US English; (4) Ensure Customer assigned resources are available to work outside of normal weekday business hours, weekends or during designated holiday periods when required to support IBM project activities such as testing or production cutovers during downtime; (5) Provide local and/or remote access to facilities, systems, applications and data as required by IBM to fulfill the objectives of this project. Should remote connectivity and/or access to the source and target systems(s) be denied or be unavailable for extended periods, this may require that IBM relocate project resources to a designated Customer location to perform work at an additional cost; (6) Provide IBM with access and credentials to all required Customer network infrastructure, servers and storage in both the source and target environments at the start of the project; and (7) Ensure credentials have sufficient privileges for performing the necessary tasks required by this project. If for any reason Customer s resources cannot participate based on the agreed timeline, and there is a delay in delivering the required information or delay in performance of tasks for which Customer is responsible, it is acknowledged by Customer that such delays may impact the project and the cost of the project management services. 4.15 Cloud Managed Services Disaster Recovery Options Cloud Managed Services offers two disaster recovery options for Customer selection and for an additional charge. 4.15.1 Cloud Managed Services Disaster Recovery Option 1 (CMSDR1) a. Overview CMSDR1 provides the ability to recover workloads for Managed VM s in the event of a disaster. The system shall provide, manage, monitor and secure priced data replication services for asynchronous replication and VM recovery from an IBM CMS data center to another IBM CMS data center to support disaster recovery efforts. Infrastructure Recovery Time Objective (RTO) is 4 hours and Recovery Point Objective (RPO) is 15 minutes. Infrastructure RTO means the time required by the infrastructure to recover from the disaster to the extent that the application recovery can begin. Application RTO means the time required to complete application-level disaster recovery processing and deliver the application to the customer. This option provides Infrastructure RTOs only. Disaster declaration is the responsibility of IBM as per the disaster recovery plan which will be provided to Customer following disaster recovery option enablement. The Customer contact information and the communication process between IBM and Customer is defined in the disaster recovery plan. b. Disaster Recovery Testing One disaster recovery test per year is included in the charges for CMSDR1. Customer has the option to purchase additional tests by submitting a Service Request on the Cloud Web Portal. The test only tests of the recovery the Customer workload, and is not a point of delivery wide test. Customer may select some or all of the VMs that are disaster recovery protected at the time of the Customer test. This test will be non-disruptive. IBM will establish a test period each quarter and provide the schedule to the Customer. The standard test schedule is recommended by IBM, and is coordinated with the Customer. Customer will receive a copy of the test plan with procedures on how to and when to prepare the environment. Customer will be provided a fourteen (14) day window to prepare the virtual environment. The test will be conducted over a seven (7) day period. Customer must remove the test environment within seven (7) days of test completion, or will be charged for the test environment resources. IBM offers two additional test options for an additional charge; 1) additional standard non-disruptive test that does not shut down primary workload; 2) a test that does failover the production workload. c. Failback CMS Service Description.doc Page 36 of 39

Failback shall be supported from the disaster recovery site to the original or rebuilt primary site with an RPO=0 and RTO=4 hours. IBM Responsibilities (1) Onboard and set up Secondary Networking Environment at DR Site and provision the site to site link, (2) Set up Replication Networking Path between Primary and Secondary VM Environments (3) but IBM will auto provision the target VM (4) implement SAN data replication between primary and secondary VM (5) schedule annual disaster recovery test (6) make the decision to declare disaster (7) recover data and virtual infrastructure (8) restore physical primary site (9) monitor data replication Customer Responsibilities (10) Initiate the CMSDR via the Cloud Web Portal (11) Be responsible for the Customer site link at both CMS data centers (12) Define SAN data replication between primary and secondary VM (13) Set up and implement application data replication between primary and secondary VM (14) Provision Test VM, Flash Copy, and assist in performing DR Test (15) de-activate test environment within seven (7) days following test completion (16) Recover application (17) Add disk as needed to primary and secondary VMs In the event of declaration of a disaster, SLA s for availability will be set to a Bronze Level VM. 4.15.2 CMS Disaster Recovery Option 2 a. Overview CMSDR2 service provides recovery utilizing Virtualized Server Recovery (VSR) replication and hosting technology with services to support additional Customer selected servers. Customer may select CMSDR2 for designated servers through the CMS portal. Customer must select this option in the initial account setup phase to set disaster recovery entitlement and have the CMSDR2 option available through the Cloud Web Portal. Once enabled Customer selects disaster recovery for designated servers through the Cloud Web Portal. If Customer does not select the disaster recovery option in the initial account setup phase, Customer can enable CMSDR2 for designated servers by completing an Additional Services Order Form or a project change request. CMSDR2 is only available for managed VMs. Customer will be charged a Monthly Recurring Charge based on the VM type and size for each VM for which disaster recovery is selected. Each primary site is assigned to a recovery site. IBM will make the declaration of a disruption/disaster. The Recovery Point Objective (RPO) is 15 minutes and the Recovery Time Objective(RTO) is 4 hours. The recovery server configuration is initially the same as the primary VM (vcpu, memory, disk, etc). As changes are made to the primary VM configuration those changes are mirrored to the recovery VM. IBM will install and configure the VSR agent on the customer selected VMs. The VSR agent will provide asynchronous replication to the recovery site. Customer will need to establish via a documented process (which will be included in the user guide) an IPSEC or MPLS VPN for the replication from the primary site to the recovery site. Customer will access their protected servers at the recovery site via VPN. CMS Service Description.doc Page 37 of 39

Once at the recovery site, the client will have minimal tools available to them For example, the Cloud Web Portal will not be available and the Customer can not add / delete / change servers. Functionality will become available as listed below: (a) (b) (c) Available immediately: The Active Directory, LDAP, and SOBOX servers will be replicated to the recovery site to enable customer access. For Database and/or Middleware Managed Services customers, IBM will bring up the applications once the servers are recovered at the recovery site. IBM will have management access to the servers at the BCRS site. Available within 7 days of declaration: Daily backups will begin within 72 hours at the recovery site. The offsite tapes will be moved to the recovery site to make previous backups available. Virus Scanning Customer VM Monitoring Emergency security patching Emergency provisioning Available within 90 days of declaration: Based on the level of the disaster, IBM will determine whether the complete suite of managed services will be built in the recovery location or recovery back to the primary site can be achieved. In the event that Customer remains in the recovery location the following services will be made available: (i) (ii) (iii) Complete Patching Complete Provisioning Load Balancing b. Disaster Recovery Testing One disaster recovery test per year is included in the charges for CMSDR2. Customer has the option to purchase additional tests by submitting a Service Request on the Cloud Web Portal. The test only tests of the recovery the Customer workload, and is not a point of delivery wide test. Customer may select some or all of the VMs that are disaster recovery protected at the time of the Customer test. This test will be non-disruptive. IBM will establish a test period each quarter and provide the schedule to the Customer. The standard test schedule is recommended by IBM, and is coordinated with the Customer. Customer will receive a copy of the test plan with procedures on how to and when to prepare the environment. Customer will be provided a fourteen (14) day window to prepare the virtual environment. The test will be conducted over a seven (7) day period. Customer must remove the test environment within seven (7) days of test completion, or will be charged for the test environment resources. IBM offers two additional test options for an additional charge; 1) additional standard non-disruptive test that does not shut down primary workload; 2) a test that does failover the production workload. c. Failback After the disruption/disaster is resolved at the primary site, IBM will coordinate with Customer to initiate failback using VSR. The data from the recovery site will replicate back to the primary site. Once complete, the server at the recovery site will be stopped and Customer will switch network access back to the primary site. Failback shall be supported from the DR site to the original or rebuilt Primary Site with an RPO=0 and RTO=4 hours. IBM Responsibilities (1) Perform deployment of Service Components at the Cloud Data Recovery Center site for Customer VMs; (2) Perform disaster recovery declaration; CMS Service Description.doc Page 38 of 39

(3) Perform enablement of disaster recovery orchestration; (4) Assist in enabling Customer connectivity to the Cloud Data Recovery Center site at the establishment of the DR relationship; (5) Perform management of Service Components in the Cloud Data Recovery Center site prior to failover; (6) Perform disaster recovery failover orchestration to the Cloud Data Recovery Center site; (7) Follow reasonable security practices and procedures at the Cloud Data Recovery Center (8) Perform management of VMs at the Cloud Data Center Recovery site following failover; (9) Perform daily backups and offsite tape storage for VM s at the Cloud Data Recovery Center within 72 hours. (10) Perform rebuild of Cloud Data Center site Service Components and VMs; (11) Perform and verify restores of customer VMs at the Cloud Data Center site for failback; (12) Perform an annual DR test. Customer Responsibilities (13) Select the disaster recovery option upon account setup or by initiating a Service Request via the Cloud Web Portal or a project change request (14) Enable disaster recovery at the server level via the Cloud Web Portal (15) Provide network link to recovery site for access during a disruption at the primary site In the event of declaration of a disaster, SLA s for HA and availability will be suspended until failback to the original or new primary production location has completed. CMS Service Description.doc Page 39 of 39