STATEMENT OF WORK Copy
This Statement of Work describes the following services and limitations on them.
Workstation and Server Services
Patch and Update Management
Backup Services (Onsite and Offsite)
Patch and Update Management
Vendor will monitor the patch and update information for Microsoft Windows based operating systems and Microsoft Office applications. Where Vendor becomes aware of an upgrade or patch to which Vendor is aware that Customer is entitled, Vendor will cause such patches and updates to be installed on Customer’s covered workstations and servers. If Vendor is locked out of any patch or update site or other mechanism for receiving same or otherwise has reason to believe that Customer’s subscription for any such service has expired, Vendor will notify Customer of such circumstances.
Vendor will provide to those users with access to the Internet access to the Customer-provided local area network, including a basic desktop of such applications as each user normally uses to the extent that such applications are listed in this SOW as being supported. Such access begins at the outermost firewall that Vendor manages and extends inbound to Customer’s local network. Internet access to the outermost Customer firewall that Vendor manages is not included in this service. Remote access is limited to a unique session associated with each supported workstation.
Vendor will remotely, or by means of software installed on Customer’s workstation or server (as applicable) hard drives, cause each covered workstation’s and/or server’s hard drive to be defragmented with reasonable frequency.
Monitoring and Alert Services
Vendor will monitor each covered server remotely and will alert Customer by e-mail or other commercially reasonable means if any standard operating characteristic of a covered server falls out of normal ranges.
Vendor will backup data on workstations and servers that are connected to a local USB or network attached backup device. Except as otherwise agreed between the parties, Vendor will cause full backups to occur every 30 days and incremental backups to occur on other nights.
Backup services require that Customer workstations or servers be connected to local hard drives via USB or a network and available to respond to automated commands to back up as the appropriate times, usually during night time hours.
For workstation backups, Vendor will cause laptop and other portable workstations to back up as and if located at Customer’s site, powered on, and connected to local or network attached hard drives. Vendor will provide such hard drives at reasonable prices to Customer if requested. If Customer acquires such hard drives from a third party, Customer will consult with Vendor to assure that the hard drives will respond to Vendor’s backup commands, whether through software controls or otherwise.
Offsite replication requires Customer to provide a working Internet connection with static IP address and Windows based client with adequate storage for duplicated data.
Offsite backup services depend upon Customer’s Internet connection having adequate bandwidth within which to pass the backed-up data. If Customer Internet bandwidth is inadequate to pass backup data for offsite data, Vendor will use commercially reasonable prioritization, rotation, and other means to back up as much data as commercially practicable based upon Vendor’s understanding of the sensitivity, importance, and availability of data. Customer may specify priorities and rotations in advance and change such priorities and rotations from time to time and Vendor will use commercially reasonable efforts to timely implement such Customer-specified priorities and rotations.
Data stored at Vendor’s facility is priced at $1.00 per gigabyte per month based on the average volume of the backed-up data over the course of the month.
Vendor will use industry-standard software installed on individual workstations or other industry-standard measures through Customer’s firewalls (where Managed Firewall Services are provided for in this SOW) designed to detect and eliminate viruses, Trojan horses, worms, and other code intended to harm computer systems or the data stored thereon (“Malicious Code”). The obligation with regard to Anti-Virus Services is solely an obligation to use industry-standard protection and commercially reasonable efforts. Anti-Virus Services do not guaranty that no Malicious Code will reach Customer’s systems or data or that Malicious Code will not damage Customer’s systems or data.
Vendor will use industry-standard software installed on individual workstations designed to detect and eliminate computer programs resident on computer systems that are intended to provide to an unauthorized person access to such computer systems or information entered into, stored on, or output from, such computer systems (“Spyware”). The obligation with regard to Anti-Spyware Services is solely an obligation to use industry-standard protection and commercially reasonable efforts. Anti-Spyware Services do not guaranty that no Spyware will access Customer’s systems or data or that Spyware will not provide unauthorized access to any Customer system.
Managed Firewall Service
Managed Firewall Service includes device configuration, administration, monitoring, report generation, and customer support for the management of a customer-owned and maintained firewall system.
Configuration: The firewall management service will be operational once the Vendor notifies Customer of proper reception of alerts from the managed devices. Customer must ensure that each device is accessible by Vendor.
VPN Support: At Customer’s request, Vendor will configure Customer’s firewall system to allow a VPN to be established between two firewalls or between a firewall and a client.
Firewall System Monitoring. Vendor will monitor the availability and condition of the firewall system and respond in case of failure.
Security Monitoring and Log Analysis: Vendor will process incoming security alerts from the firewall to determine whether any events of significance occur. Security monitoring is limited to the information as it becomes available from, and is detected by, the firewall.
Firewall Software Upgrades. Vendor will perform major software upgrades on the Vendor-managed firewalls in order to maintain the security posture. If an upgrade is planned, Customer will be notified in advance. If possible, upgrades will be performed remotely and during routine maintenance windows.
Firewall Software Patches: Vendor monitors for new security threats, corresponding patches, and software upgrades. If a potentially critical security patch is discovered, Vendor will inform Customer within a commercially reasonable time after becoming aware of the availability of the patch. If Vendor reasonably determines that a patch is non-critical, Vendor will schedule installation of the patch for routine installation.
Support: Customer will transfer all management of the devices to Vendor. With respect to the firewall only, Vendor will provide the following support services (“Support Services”): (a) Use commercially reasonable efforts to isolate any problems with the firewall and send a technician to the Customer site if necessary; and (b) if Vendor, in its reasonable discretion, determines that any component of a firewall that resides on Customer’s premise needs to be replaced, Customer will replace such component with a component in good working order and of like kind and functionality from a Vendor-approved manufacturer at the time of replacement. Support Services only apply to problems arising from the normal use of a firewall and does not apply if the firewall is damaged as a result of the negligence or willful misconduct of Customer. Vendor will support the vendor-released-and-approved current major version and the major version immediately preceding the current major version of device(s), including software, being managed. Customer will upgrade device(s) to conform to the policy within 30 days of such notification.
Specific Customer Obligations: If a Customer firewall ceases to be fully supported by the manufacturer(s) thereof, Customer will convert to a current model within the timeframe requested by Vendor. Changes, such as adding or removing servers, adding new applications, and applying changes to the firewall policies will affect the alarm policy of the firewall. Customer will notify Vendor of all planned changes. Customer acknowledges and agrees that (a) Vendor’s firewall management services service constitutes only one component of Customer’s overall security program and is not a comprehensive security solution; (b) there is no guarantee that Vendor’s firewall-related services will be uninterrupted or error-free, that networks or systems connected to or supported by Vendor will be secure, or that Vendor’s services will meet Customer’s requirements; and (c) there is no guarantee that any communications sent by means of Vendor-managed firewalls will be private.
Equipment: Customer will (a) maintain the Customer’s firewall and any associated software, systems, cabling and facilities in accordance with the reasonable instructions of Vendor and (b) not modify, relocate, or in any way interfere with Vendor’s firewall-related service unless expressly authorized by a representative of Vendor to do so. Customer will furnish electrical power in the form of a 120V outlet, including backup power, and such other facilities as are required in order to accommodate the firewall management service. To the extent that Vendor uses Customer-owned or provided hardware and/or software, Customer will provide any license, approvals, or consents reasonably required for Vendor to access or use Customer’s equipment.
Security: Customer will, at its own expense, take all reasonable physical and information systems security measures necessary to protect all equipment, software, data and systems located on Customer’s premises or otherwise in Customer’s control and used in connection with Vendor’s firewall management services, whether owned by Customer, Vendor, or Vendor’s subcontractors. Vendor will not be liable for any loss resulting from any unauthorized access to or alteration of, theft, destruction, corruption, or use of, facilities used in connection with Vendor’s firewall-related service. All security policies, including, but not limited to, firewall security policies, are the responsibility of Customer even if Customer uses a third party (or Vendor) to configure and implement such policies.
Managed Network Switch Service
Managed Network Switch Service includes device configuration, administration, monitoring, report generation, and customer support for the management of customer-owned and maintained network switches.
Equipment: Customer will (a) maintain the Customer’s network switches and any associated software, systems, cabling and facilities in accordance with the reasonable instructions of Vendor and (b) not modify, relocate, or in any way interfere with Vendor’s network switch-related service unless expressly authorized by a representative of Vendor to do so. Customer will furnish electrical power in the form of a 120V outlet, including backup power, and such other facilities as are required in order to accommodate the firewall management service. To the extent that Vendor uses Customer-owned or provided hardware and/or software, Customer will provide any license, approvals, or consents reasonably required for Vendor to access or use Customer’s equipment.
- Server, Workstation, Firewall, and Network Switch Support
Telephone and other remote support during the Support Hours with commercially reasonable efforts by Vendor to meet the Support Response Times for at least 90% of all trouble tickets.
- Support Response Times
Vendor will use commercially reasonable efforts to meet the following service levels with the frequency stated in the specification above.
- Matters Supported
Vendor will provide basic first-level support with regard to the use of, and troubleshooting of problems with Customer line of business applications. Vendor will have no obligation to support any operating system or application that is more than one major release older than the then-most-current major release.
Enterprise Usage Requirement
When purchasing services, Customer must purchase services for every workstation, server, firewall, and network switch at the served location. Customer will pay to Vendor the then-current
amount for services for each new workstation, server, firewall, or network switch (“Network Devices”) that Customer adds to Customer’s network.
Customer will report to Vendor the addition of each new workstation to the served location. Customer may swap out workstations for the same services, provided that the old Network Device is no longer operated at the served location and Customer notifies Vendor of the swap.
If a problem upon which Vendor expends effort or in connection with which Vendor renders services is caused by, or associated with, a non-supported workstation or a non-supported server, Vendor will have no obligation to provide any services or meet any service levels associated with such devices and Customer will pay Vendor for such work at $120 per hour.
MISCELLANEOUS SERVICE MATTERS
The following are Vendor holidays
New Year's Day
Friday after Thanksgiving
Vendor may place hardware and other goods on Customer’s site for the purpose of facilitating the provision of the Services. Customer will provide appropriate power, placement, environment, connections, and cabling, all to the extent necessary or expedient to facilitate Vendor’s rendering of the Services. Such hardware and other goods will remain the property solely of Vendor and, upon Vendor’s request; Customer will permit Vendor to remove such hardware and other goods from Customer’s premises. To the extent that Customer, by operation of law or otherwise, gains any interest in or to such hardware or other goods, Customer hereby grants to Vendor a security interest in such hardware and other goods and all interests of Customer therein of every nature and further grants to Vendor the right to file financing statements and other documents to the extent that Vendor deems them necessary or beneficial to the protection and perfection of Vendor’s interests in the hardware and other goods.
Total Care Equipment Replacement
- Advanced Technology Replacement: Vendor will take the total number of workstations under contract, at the time the contract was written, and divide 48 months (the contract period), by the number of workstations under contract at the beginning of the agreement to set a replacement interval, and replace one desktop system under contract with a new system of the "current technology" at no charge per that interval. The details of the replacement system are defined below. All labor for moving user applications and data is included as part of the managed service.
The system brand will be Dell unless another brand is requested by customer.
The replacement system is for hardware, Microsoft desktop operating system, Microsoft Office Basic, but does not include any other applications. We will reload the system with the customer's existing applications. The customer may choose to upgrade the applications through Vendor at that time.
At any one time, there is a range of processor speeds that is deemed current by the industry. Vendor will replace the system with a speed of processor that is two releases behind the then latest release and configured with our standard base configuration. Example. If the current releases of the Pentium 4 processor were the 2.4GHz, 2.66GHz, 2.8 GHz, 3.0 GHz, 3.06GHz, 3.2GHz, 3.4GHz and the 3.6GHz, the replacement would be an Intel 3.2GHz processor system with 250GB plus hard drive, 4096MB of ram, include speakers, keyboard, mouse, and DVD-ROM. The specifications will always meet or exceed the recommended specifications as published by Microsoft for their current operating release of desktop operating system.
One 22” LCD monitor will be part of the replacement package.
Client has the option of paying the difference to upgrade any feature of the system.
Vendor takes title of the old system being replaced after performing a security erase of all data on the system.
Client has the option of selecting the order of replacements. If the client has no preferences, Vendor will replace the systems having the greatest problem or speed issues, which is usually the oldest system, but not always.
Customer will, at Customer’s expense, provide a connection to Customer’s systems for the purposes of monitoring Customer’s systems or otherwise performing the Services. Such connection may be access through Customer’s existing Internet connection, a separate cable modem, DSL, or T1 line.
Workstation Configuration Lockdown
At Vendor’s discretion, Vendor will enforce a uniform configuration across the workstations subject to support under this SOW and will prohibit by policy the introduction or loading of nonstandard software or other applications onto supported workstations. Customer will permit Vendor to load and operate software on the supported workstations designed to prevent the operation of unauthorized or nonstandard software or other applications on each supported workstation. Customer and Vendor will agree in good faith on a standard configuration and pre-approve any departures from the standard configuration (such as the operation of job-specific applications on designated workstations). Vender will have no obligation to support any workstation that materially departs from the standard configuration and Customer will pay Vendor at $120 per hour for any services that Vendor actually renders in connection with any workstation whose configuration departs from the standard configuration. Customer will notify Vendor of any proposed change to the standard configuration and any proposed departures from the standard configuration with regard to any supported workstation.
Authority to Manage Other Vendors
To the extent that the Services reasonably require that Vendor manage, or direct the scheduling or other performance of, third-party vendors, Customer hereby authorizes Vendor to do so. Vendor may show to third-party vendors this SOW as proof of Vendor’s authority and Customer authorizes each third-party vendor to rely upon this authorization.
If Customer requires that a new device be connected to Customer’s network, Customer will open a ticket for such installation and schedule the installation a reasonable time in advance. Minor device additions are expected to require at least one business day’s advance notice. Major additions may require additional notice and Customer and Vendor will coordinate such installations with commercially reasonable lead times.
All time commitments contained in this SOW assume reasonable access and Customer assistance when requested and/or necessary. Failure of Customer to grant reasonable access or render reasonable assistance will delay the time for performance by Vendor for the duration of Customer’s failure.
The Services provided under this SOW are intended to cover ongoing normal operations of Customer’s business as specified at the inception of services. Any development, substantial migration, substantial conversion, or similar activity is not covered by the Services provided for in this SOW. If customer requires such Services, the Parties will negotiate a separate SOW.
Revisions to Pricing
The prices in this SOW are subject to change after the term of this SOW upon at least 30 days’ notice by Vendor to Customer.