Body
Overview
See below for service level information related to cloud services, enterprise storage, and server hosting.
Detail
Cloud Services
a) Availability
A minimum percentage of guaranteed uptime for coud availability and connectivity will be provided for each specific cloud service. The SLAs for the supported services are governed by the cloud vendor and are as follows:
b) Alerts
Resource consumption notification alerts are triggered when a percentage of preset thresholds are reached. Standard notifications are provided via email to the designated departmental contact(s) when 85% of the budget threshold is reached. Additional notifications provided with each 5% increment above 85% up to and including 100%. Emergency notifications are provided when 50% of budget quota reached in less than three days and sent daily for the next five days. A custom alert threshold is available upon request.
c) Billing Disputes
Pitt Information Technology will work with the department, and with vendors if necessary, to resolve any billing issues. Department is fully responsible for the costs of their cloud usage. Cost estimates are based on the data that Pitt IT was provided by the vendor and department at the time of onboarding. They are subject to change based on actual usage and/or price fluctuations.
d) Cancellation
In the event that department makes the decision to cancel the cloud subscription, the department shall notify the Technology Help Desk. The Network Operations Center shall provide support to the department as necessary. The department is responsible for all charges up to the termination of their access.
Enterprise Storage
a) EULA
b) Back-Ups
Pitt Information Technology will work with department to define a policy for backing up its data.
c) Support
The initial response objective by Dell EMC, based upon Severity Level, is within the following time period after receipt of notification: a) the objective for Severity Level 1 is a one-hour response time and working on the issue on a 24x7 basis until resolution; b) the objective for Severity Level 2 is three-hour response time and working on the issue on a 24x7 basis; and c) the objective for Severity Level 3 is four local business hours. Severity Levels are defined as follows:
- Severity 1—Critical: Loss of ability to perform critical business functions and requires immediate response
- Severity 2—High: Able to perform business functions, but performance/capabilities are degraded or severely limited
- Severity 3—Medium/Low: Minimal or no business impact.
Server Hosting and Support
Pitt Information Technology will assist the department in its effort to plan and implement a virtual server infrastructure or physical server equipment. Please refer to your invoice, provided separately by the NOC, for specifications and costs associated with NOC hosting services. Pitt IT will install the physical and/or virtual server(s). In addition, the NOC will install the monitoring agent, the backup agent, and antivirus software required for around-the-clock operational and performance monitoring according to NOC and Information Security standards to all servers.
The NOC will provide server rack space in the enterprise server facility and/or the VMware infrastructure in the enterprise server facility, which is serviced with dual electrical power feeds with UPS and backup generator support, redundant network connections to the Pittsburgh campus, and around-the-clock monitoring. The NOC provides the same level of physical security that is in place for University enterprise services.
a) Installation Services
The NOC will provide the installation and monitoring setup for the department server(s) and related equipment. Additional tasks may be added, and unnecessary ones deleted by mutual agreement of the department and Pitt IT as the implementation plan is refined.
b) Monitoring
IBM Netcool agents will be used to provide the following base monitoring:
Component |
Threshold |
Alert Type |
Application Event Log |
Error level |
Non-critical, do not alert System Contacts |
System Event Log |
Error level |
Warning, send email alert to all System Contacts |
Server Availability from Network perspective |
5 minute ICMP polls- 2 immediate retries upon timeout using Precision or ISM-Ping-Monitor. |
CRITICAL, contact one System Contact by phone immediately, starting with the Human Engineering Research Laboratory technical contact. |
Server Availability from SSM-Agent perspective |
SSM-agent heartbeat sent every 5 minutes |
CRITICAL, contact one System Contact by phone immediately |
CPU-UsageAverage |
90% for 10 minutes. |
Warning, send email alert to all System Contacts |
Page File Utilization |
70% in-use |
Warning, send email alert to all System Contacts |
Filesystem Capacity (All) |
90% in-use |
Warning, send email alert to all System Contacts |
Customized monitoring can be configured using specialized agents if desired. All customized monitoring will be determined jointly by the department and Pitt IT.
c) Maintenance
The NOC is responsible for the patching of operating system and maintenance of the monitoring tools. The department is responsible for applying patches and upgrades for any installed applications. Servers are patched automatically, once a month, according to a pre-defined schedule, unless Information Security determines that a patch is needed for a zero day vulnerability. In this instance, all servers will be patched as soon as possible. The department is responsible for the ongoing maintenance of all applications—including databases—that are installed on the server. Security scans will be performed on the system by the Informaion Security team. Pitt IT will assist in remediating OS vulnerabilities for supported operating systems.
d) NOC Responsibilities
- Assign IP addresses to the virtual server as required
- Create network VLANs for the server
- Create firewall zones and rule sets
- Configure remote console connectivity
- Complete build sheets to document the server configuration
- Install base operating system according to NOC standards
- Install operating system service packs and patches if applicable
- Perform baseline security scan on all equipment
- Install IBM Netcool monitoring agent and provide monitoring agent configuration
- For systems using internal or Enterprise Storage, install backup agent, and create system and data backup policies; for systems using StorSimple, configure daily snapshots of the server (60 days of backups are kept for internal, Enterprise, or StorSimple storage)
- Install and configure antivirus agent on the server
- Add equipment information to NOC asset database
- Create NOC knowledgebase articles to document troubleshooting and escalation procedures that have been agreed upon by the NOC and the department
e) Department Responsibilities
- The department is responsible for remediating application vulnerabilities and vulnerabilities on unsupported operating systems
- Department will test file access to ensure that required functionality is available and firewall rule sets are accurate; the NOC will test all monitoring tools to ensure that the server and applications can be monitored according to NOC standards. The antivirus software will be checked to ensure files and system scans occur at regular intervals and that all files are scanned correctly. Backup policies will be tested.
- The Department must notify the NOC in writing any request for changes to technical contact information, billing information, administrative contacts, and escalation procedures within 30 days of the change; changes to department or billing information may require a new contract
- Purchase software for application software used on department server (The NOC will provide licenses for operating system, monitoring, backup (if applicable), and antivirus agents at no additional cost)