Service Level Agreement (VMware)
1.1 Support Requests. ClearDATA live support will be available 24 hours per day, 7 days per week, year round. You may request support by opening a support ticket by sending an email to firstname.lastname@example.org or by calling ClearDATA support at 602-635-4004.
1.2 Response Times. We will use all reasonable commercial efforts to respond to your support requests made via ticket or telephone within the following time frames:
|Severity Level||Definition||Response Time|
|1 – Emergency||Down device or service with no workaround||15 minute response time|
|2 – Urgent||Degraded device or service with no workaround||60 minute response time|
|3 – Request or Question||Service or change request or question||24 hours response time|
We will respond to you via support ticket, email, telephone call, or all of these methods depending upon the severity of the situation and consistent with any procedures we have established with you for your account.
2.1 Network. The data center Network will be available 100% of the time. “Network” means the portion of the network extending from the outbound port on your edge device to the outbound port on the border router and includes our managed switches, routers, and cabling. Network availability is defined as the ability to pass TCP/IP traffic with less than 3% packet loss and less than 30ms latency across the ClearDATA Network infrastructure.
2.2 Remedy. If we fail to meet any of the guarantees stated in this paragraph 2, and the failure adversely affects your Hosted System, you are entitled to a credit in the amount of 5% of your monthly recurring fee for the affected Hosted System per half hour of power outage, HVAC outage or Network downtime, up to 100% of the monthly recurring fee for the affected components for any calendar month.
3. Hardware Replacement
For purposes of this paragraph 3, “hardware” means server hardware, firewalls, and load balancers, but not Storage Area Networks (“SAN”). See paragraph 5 for our SAN guarantee.
3.1 Hardware Repair or Replacement. We will repair or replace failed hardware components provided by us at no additional cost within one hour of problem identification by us, excluding failed replication appliances (see paragraph 3.4 below). This guarantee does not include the time required to rebuild your system, such as the time required to configure a replacement device, rebuild a RAID array, reload the operating system, reload and configure applications, and/or restore from backup (if necessary).
3.2 High Availability Network Device Solution. A “high-availability” network device solution means two devices within a single datacenter (such as a firewall, load balancer, router, or switch) configured in a fail-over configuration and tested by us for reliability as part of the implementation process for your configuration. High availability network device solutions will be available 100% of the time. At your request, and at a specific price to you, we will implement a high availability solution in a live configuration prior to testing the solution, but this guarantee will not apply until the testing is scheduled by you and successfully completed.
3.3 Remedy. If we fail to meet the guarantees stated in this paragraph 3 and the failure adversely affects your Hosted System resulting in downtime, you are entitled to a credit in the amount of 5% of your monthly recurring fee per half hour of downtime (after the one hour from problem identification for paragraph 3.1), up to 100% of the monthly recurring fee for the affected component for any calendar month.
3.4 Replication Appliance. If a replication appliance is unavailable due to a hardware failure, we will have a technical specialist and necessary parts onsite to begin repairs within six hours of problem identification. If we fail to meet this guarantee and the failure adversely affects your Hosted System resulting in downtime, you are entitled to a credit in the amount of 5% of your monthly recurring fee per half hour of delay in beginning repairs for the affected replication appliance, up to 100% of the monthly recurring fee.
4.1 Default Rule Set. Unless you ask us to implement a different rule set during implementation, we will implement our standard “default-deny” rule set upon deployment of your firewall, which means that only a select few TCP/UDP ports will be open.
4.2 Changes to Rule Set. We will open additional ports and perform other basic configuration changes within twenty four hours of the time that you open a ticket by sending an email to email@example.com requesting the change. “Basic” configuration changes are common changes that can be performed from a remote console and require no physical hardware modifications or reconfigurations.
4.3 Remedy. If we fail to meet the guarantee stated in this paragraph 4, you are entitled to a service credit of $50 per event, up to 100% of the monthly recurring fee for the affected firewall(s) for any calendar month.
4.4 Site to Site Virtual Private Networks. We will project manage the setup of a site-to-site VPN from our datacenter to your location. You will need to provide an enterprise grade layer 2/3 networking device that supports IPSEC site-to-site VPN. We will accommodate all reasonable NATing requests in the setup of the site-to-site VPN, but reserve the right to deny any request if that request will a) interfere with other customer network space, b) limit the scalability of our network, or c) result in a security risk. You will provide a suitable networking resource point of contact to us to setup the VPN. In the event you do not a) own such device and/or b) do not have a suitable networking resource, we can provide both resources to you for a fee.
4.5 SSL Virtual Private Network. We provide individual SSL VPN accounts and Two Factor Authentication for secure access to your systems. We will provide instructions and the software required to use the SSL VPN service. You will be responsible for the local install and configuration on any workstation, laptop, smartphone, tablet, or server that is outside of our cloud and datacenter.
5. Storage Area Network and Archive Storage
5.1 Availability. We guarantee that your Storage Area Network (“SAN”) and Archive Storage service will be available 100% of the time in a given calendar month, excluding scheduled maintenance and downtime or degradation due to hardware failure. Your SAN is unavailable if your SAN connected servers do not have access to the data stored on the SAN, and is measured from the time a trouble ticket is opened (either by you or by ClearDATA) until access to the data is restored. If the SAN is unavailable due to a hardware failure, we will have a technical specialist and necessary parts onsite to begin repairs within six hours of problem identification.
5.2 SAN SLA Remedy. If we fail to meet the guarantee stated in this paragraph 5, and the failure adversely affects your Hosted System, you are entitled to a credit in the amount of 5% of your monthly recurring fee per half hour of downtime (after the initial thirty minutes of downtime) or delay in beginning repairs, as applicable, for the affected service and each server directly connected to the SAN, up to 100% of the monthly recurring fee for the SAN service and those servers for any calendar month.
5.3 Archive Storage Remedy. If we fail to meet the guarantee stated in this paragraph 5 as a result of the Archive Storage Platform failure, and the failure adversely affects your Hosted System, you are entitled to a credit in the amount of 5% of your monthly recurring fee per half hour of downtime (after the initial thirty minutes of downtime) or delay in beginning repairs, as applicable, for the affected service, up to 100% of the monthly recurring fee for the Archive Service for any calendar month.
6. Restoration of Backed Up Data
We will back up your data only if you have purchased data backup services or if they are included in your Services solution.
6.1 Data Backup. Unless another schedule is agreed to in advance, backups will be performed on a weekly full and daily differential basis to a ClearDATA storage repository as appropriate. Backups will be retained for the time agreed in the Service Description or other written agreement.
6.2 Data Restoration
6.2.1 Customer Prem to Cloud Backup Service. We will initiate restoration of your data stored in ClearDATA’s Cloud within two hours of the time that you request the restore via a support ticket either back to your location or another location of your choosing. Our standard backup rotation schedule is a full backup once a week and daily incremental backups.
6.2.2 Managed Hosted Backup Service. We will initiate restoration of your data within two hours of the time that you request the restore via a support ticket. We will restore the backup to either the production Hosted Solution or another destination of your choice, provided that the location is secure and within ClearDATA’s Cloud environment. Our standard backup rotation schedule is a full backup once a week and daily incremental backups.
6.2.3 Backup Management Service. In the event of a failed or corrupted backup or the backup service interfering with the operations of your Hosted Solution, you will work with us towards a resolution to the issue. A failed or corrupted backup, or performance impact as a result of the Backup Service, does not constitute a violation of an SLA unless the failure or corruption results in your inability to receive a restore that impacts your production environment.
6.3 Remedy. If we fail to restore the data that you have selected for backup in accordance with the standards stated in this paragraph 6, you are entitled to a service credit of 100% of your monthly recurring fee for the affected configuration for any calendar month.
7. Cloud Replication Services
We will work with you to set up the Cloud Replication Service, maintain the Cloud Recovery IaaS as well as provide visibility as to the current state of Recovery Point Objective (“RPO”) and how it compares to the contracted RPO. If the RPO state falls out of the contracted RPO, we will work with you in good faith to determine the cause and either remediate or determine a new RPO. You will be required to maintain sufficient bandwidth, throughput and replication traffic QOS to facilitate the contracted RPO based on our recommendations. ClearDATA will not be able to maintain an RPO if the source rate of change exceeds that of the replication technology and/or the available bandwidth to facilitate the replication. We reserve the right to change the RPO based on these variables. In the event we determine that the contracted RPO cannot be achieved, you will have the right to cancel the service or accept the different RPO at the lower MRC. In the event the root cause of the failure to meet the RPO is insufficient customer bandwidth or failure to change traffic QOS, an early termination fee may apply if you decide to cancel the service. If you are unable or unwilling to make network, firewall or VMware software upgrades and/or configuration changes on and within the source environment, we will cancel the service without refund and an early termination fee may apply. You will need to inform us of any changes (VM disk size, removal or addition of VMs) made by you to the Source environment. We will not provide any SLA for any VM’s added or changes if you do not inform us via a ticket and acknowledgement by ClearDATA followed by reasonable time for us to make the needed changes to the recovery site. Only after we have informed you that the recovery site is synched to the changes made at the source site, and the Disaster Recovery Run Book has been updated with the changes with your approval of the changes, will the changed or added devices will be covered by the SLA.
7.1.1 We will provide at 72-hour Recovery Time Objective (“RTO”) for all protected devices under the Cloud Replication Service. You will need to declare to us a “Failover Event” as established within your Disaster Recovery Run Book. Once we have responded to you acknowledging the request to Failover to the Recovery Platform, we will execute the Disaster Recovery Run Book procedures to initiate a failover. You will provide the needed resources to facilitate testing and any additional configuration changes that will need to be made to make the applications or devices available. We will be responsible for insuring that the devices start and are in a usable state. You will also participate in the creation and approval process of the Disaster Recovery Run Book. The Service will not be considered implemented until the Disaster Recovery Run Book has been created by us, with your input, and approved by you.
7.1.2 In the event we cannot bring up a device(s) within the RTO, with the exception of where Cloud Replication Services were stopped, failing, or unable to maintain the established RPO due to issues outside of our network or if you failed to notify us of any changes to, or additions of, devices that required Cloud Replication Service, we will credit back to you one time the MRC for each device that was not recovered within the RTO and/or 2x the timespan of the RPO.
7.1.3 In the event there is an Application and/or Device that cannot be replicated due to limits of the device or the software using our chosen replication technologies, that Application and/or Device will be excluded from the Cloud Replication Services SLA.
8. Monitoring and Response
8.1.1 Availability Monitoring. We will monitor via TCP and SNMP for service availability and capacity. Monitoring templates are designed based on Server function and installed services. You will have the option to review these templates with your implementation team. You are allowed to add up to three custom monitors per server. You will be alerted via ticket if any monitors fail three consecutive times. In the event of a capacity alert, you will have the option to reduce your usage or increase your purchased capacity. It will not be an SLA violation if a downtime event occurs as a result of insufficient capacity, provided we provided you prior notification of the capacity issue.
8.1.2 Fault Monitoring. We monitor status events on servers and network devices including network availability, process status, file system capacity, and backup success/failure. We also monitor core OS and application log files for critical/warning application and system events.
8.1.3 Performance Monitoring. We monitor key performance metrics for the operating system (i.e., CPU, RAM, and Disk), and select applications (i.e., process statistics, users, throughput) and databases (i.e., caching, performance, transaction success).
8.1.4. Anti-virus. We will install, monitor, update and manage anti-virus software on your Hosted Solution. In the event the anti-virus monitoring is triggered, we will notify you as well as mitigate the event. In the event that the infected server contains ePHI, we will initiate an investigation to determine if a breach occurred. In the event of a breach you will be notified in accordance of the Master Agreement. It will not be considered an SLA violation in the event the anti-virus service blocks or disables any access to your servers and/or any function of your applications, however, we will work with you to adjust the anti-virus definitions to prevent any re-occurrence.
8.1.5. Security Information and Event Management (SIEM). We will install, monitor, update and manage SIEM Services your Hosted Solution. In the event an event is triggered, we will notify you as well as mitigate the event. In the event that the targeted server contains ePHI, we will initiate an investigation to determine if a breach occurred. In the event of a breach you will be notified in accordance of the Master Agreement.
8.2 Notification of Monitoring Alerts. We will notify you of monitoring alerts within the time frames stated in paragraph 1 above.
9. Limitations on Credits
9.1 Cumulative Dollar Amount. Notwithstanding anything in this Agreement to the contrary, the maximum total credit for any calendar month for a credit set out in this SLA shall not exceed 100% of your monthly recurring fee for the affected Hosted System. Credits that would be available but for this limitation will not be carried forward to future months, paid in case, aggregated or applied to other Services.
9.2 Maintenance. Periodically, we will conduct scheduled maintenance procedures as part of our routine and ongoing maintenance of systems, which is critical to the proper and reliable operation of such resources. You are not entitled to a credit for downtime or outages resulting from Maintenance. “Maintenance” means: a) ClearDATA maintenance windows – upgrades or repairs to shared infrastructure, such as core routing or switching infrastructure that we scheduled at least 72 hours in advance and that occurs during off peak hours in the time zone where the data center is located; b) scheduled customer maintenance – maintenance of your configuration that you request and that we schedule with you in advance (either on a case by case basis, or based on standing instructions), such as hardware or software upgrades; or c) emergency maintenance – critical unforeseen maintenance needed for the security or performance of your configuration or our network.
9.3 Extraordinary Events. You are not entitled to a credit for downtime or outages resulting from force majeure events.
9.4 Your Breach of the Agreement. You are not entitled to a credit if you are in breach of this Agreement (including your payment obligations to us) at the time of the occurrence of the event giving rise to the credit. You are not entitled to a credit if the event giving rise to the credit would not have occurred but for your breach of this Agreement.
9.5 Disabling or Removing of Monitoring or Security Services, Interference with Services. You must notify us in advance if you plan to disable, block, or remove any monitoring or security element of your Service(s) for more than thirty minutes. We will not issue you any credit for events that might have been avoided or mitigated if you had not disabled, blocked or removed our monitoring or security elements or otherwise interfered with our ability to provide the Services.
9.6 Logical Access. The SLA is contingent on ClearDATA having full logical access to your configuration. No credit will be due if the credit would not have accrued but for your restriction of our logical access to your configuration.
10. Measurement of Time Periods
For the purpose of determining whether a credit is due, time periods will be measured from the time stamp generated by our ticket system, or the time an interruption is recorded in our monitoring system, as applicable. You may open a support ticket to document the start time for a support request or other incident, or, if you contact us by telephone to request support, we will open a ticket. If you contact us by phone, there may be a delay between the time of the call and the time we open a ticket.
You must request a credit in writing by sending an email to firstname.lastname@example.org no later than seven days following the occurrence of the event giving rise to the credit. We will contact you within thirty days to approve or reject the claim or to request more information. If the claim is approved, the credit will appear on your monthly invoice following approval.