Service Level Agreement

Service Level Agreement

This CloudHost- Managed Services Agreement (“CLOUDHOST”) is made this day of 1st/January / 2019 (“the CLOUDHOST Effective Date”) and superceeds all earlier Service Level agreements signed before this date between CloudHost Technology,  a company incorporated under the laws of UAE having registered office at 508 Damac Business Tower, Business Bay, Dubai UAE 30125                         (herein after referred as “CloudHost”) and, customers or partners (herein referred as “Customer”)  availing cloud or managed services from the cloudhost platform. Collectively both referred to as “Parties” and individually as “Party”.

 

This Data Centre- Managed Services Agreement is applicable only to Service Order Forms for Data Centre- Managed Services which have been subscribed by Customer and accepted by CloudHost in accordance with, and subject to the terms of the General Terms and Conditions for Delivery of Services.

 

This CLOUDHOST includes certain schedules and attachments attached hereto or to be attached in the future (together the “Schedules”). Depending on the components chosen by Customer, as indicated in the Service Order Form (“SOF”), the Data Centre- Managed Services may consist of the following components;

 

  • Schedule – A : CloudScales
    • Compute Services
    • Storage Services
  • Schedule –B : DataLife Services
  • Schedule –C : CH Assist – Managed Services and Hosting Professional Support Services
  • Schedule – D : CH Network Services
  • Schedule – E : CloudAssure – Data Centre Security Services (DCS)

In addition to the terms set forth herein, use of each Service is subject to the additional terms set out in the relevant schedules attached herewith.

 

  • Definitions: Terms used herein but not otherwise defined shall have the same meanings ascribed to them in the General Terms and Conditions for Delivery of Services.
    • Data Centre-Managed Services (CLOUDHOST) or Service” means, collectively the Data Centre – Managed Services Hosting platform (Compute / Storage / Security / Network / Professional Support Services), or independent services such as Professional Services, Security Services, as further described in Service Schedules.
    • “Hosting Infrastructure” Hosting Infrastructure shall mean physical premises controlled by CloudHost, where IT systems, devices and components are installed covering stabilized power, cooling, network and space. Customer device uptime will not be the responsibility of CloudHost unless CloudHost provides the device and CloudHost has taken the specific responsibility of managing the same.
    • “Service Window” – CloudHost will provide 24×7 support for the proposed engagement.
    • “Schedules” means the forms so entitled attached hereto, containing the specific terms and conditions that apply to each Service element.
    • “Users” means the persons authorized by the Customer to use the Service.
    • “CH Assist – CloudHost Support Portal”: CloudHost is CloudHost’s service portal offering and will be a single point for information on customer’s infrastructure that is being managed. The portal offers 24x7x365 access to trouble ticket & change management systems, events, inventory and SLA performance reports.
    • “Business Day” is any day other than Friday and Saturday, or Public Holiday on which commercial banks are generally open for business in UAE.
    • “Content” means information made available, displayed, transmitted or stored.
    • “Service Desk” means CloudHost’s Customer Support Center which will be operational 24x7x365 basis for the proposed engagement.
    • “Customer Hardware” means the hardware owned by the Customer that is acceptable to CloudHost, and is supported by CloudHost as part of its service delivery.
    • “Customer Software” means the software owned by the Customer that is acceptable to CloudHost, and is supported by CloudHost as part of its service delivery.
    • “DNS or Domain Naming System” means the systems used on the Internet to translate URL / names of host computers into IP addresses or viceversa. Customer will provide CloudHost with a list of Internet Domains for routing. Customer will ensure that the Internet Domains are correctly registered by Customer with the appropriate Internet authorities and are properly assigned. CloudHost shall have no responsibility for Internet DNS resolution for the Internet Domains or for ensuring the correct configuration of the DNS records for message routing to and from the Internet.
    • “Emergency Maintenance” means the repair or replacement of facility components or equipment requiring immediate attention because the functioning of a critical system is impaired or because health, safety or security of human life is endangered. The service unavailability during Emergency Maintenance will be excluded from the downtime calculations.
    • “Fault” means a fault, failure or malfunction in the Proper Operational Condition of the Service.
    • “Hardware” means server, switches and appliances deployed by CloudHost in providing the Service.
    • “Software Licenses” means the software used by CloudHost for rendering the DC-VAS service. The term “Software” shall also include any updates, upgrades, bug-fixes or new versions of the Software delivered by CLOUDHOST hereunder. Software licenses may include Hypervisor Layer (Vmware, HyperV, others), Microsoft OS and other software, Linux OS, etc., including any necessary updates and upgrades thereto, to be used by Customer to use the Service. CloudHost will sub-license to the Customer the right to allow its Users to use such software for the applicable Term. Customer, at its sole expense, will provide Users with the Client workstations and make such sub-licensed Client software available for use by its Users.
    • “Data Centre Network” means the portion of the CloudHost Data Centre network extending from the network egress point of customer CLOUDHOST server host to the outbound port of the Data Centre border router. The Internet access to the Customer via CloudHost’s IP backbone is further described in this Agreement.
    • Professional Support Service(s)” means any and all second-line labor or services provided by CloudHost to Customer in connection with this Agreement, including but not limited to, consultation, engineering, installation, removal, maintenance, training, and 24×7 technical support.
    • Operation Percentage / Operational Condition” means that the CLOUDHOST Service, including all CloudHost Hardware and Software, is functioning properly in accordance with the OEM’s specifications and parameters set forth in this Agreement. The Operational Percentage means the percentage of the total time during any given calendar month that the Services are not subject to a Service Outage.
    • Service Outage” An “Service Outage” means that the Service fails in accordance with Customer’s configuration selection and the parameters defined in respective schedules. Outage does not include service suspension (i) for reasons outside of CloudHost’s reasonable control or (ii) during times of maintenance. If a dispute arises about whether or not an Outage occurred, CloudHost shall make a determination in good faith based on its system logs, monitoring reports and configuration records.  The “Outage Percentage” means the total duration of an Outage during a given month divided by the total time during such month.
    • Scheduled Outage or Scheduled Maintenance” is the time window during which CLOUDHOST Service may be temporarily interrupted for any or all services, for doing upgrades or maintenance or for any other mutually agreed upon reason or purpose; in order to prevent or remedy a defect which may affect Customer’s use or access to the Services. The service unavailability during Scheduled Outage or Scheduled Maintenance will be excluded from the downtime calculations. Scheduled Maintenance will be normally be carried out between 10 p.m. Saturday and 6:00 a.m. the following Sunday. CloudHost shall give Customer at least seven (7) days’ notice of any scheduled maintenance / outage event.
    • Severity Level 1” means the severity level of a Fault (System Unusable) which critically affects the use of CLOUDHOST Service to the extent that the servers are inaccessible. Service shall be deemed unavailable if a Fault of Severity Level 1 is reported or identified, whatever is earlier.
    • Severity Level 2” means the Service is degraded where Users can access the Service but experience significant difficulties or delays. Service shall be deemed unavailable if a Fault of Severity Level 2 is reported or identified, whatever is earlier.
    • Severity Level 3” means the severity level of a Fault which does not cause major impact on the use of Service, but only minor delays. A Fault of Severity Level 3 shall not be deemed to have rendered the Service unavailable.

 

  • Authorisation and License to use the Services
  1. Customer will not nor will Customer allow any third party to (i) copy, modify, adapt, translate or otherwise create derivative works of the Services; (ii) reverse engineer, de-compile, disassemble or otherwise attempt to discover the source code of the Services; (iii) knowingly use, post, transmit or introduce any device, software or routine which interferes or attempts to interfere with the operation of the Services; (iv) use the trademarks, trade names, service marks, logos, domain names and other distinctive brand features or any copyright or other proprietary rights associated with the Services for any purpose without the express written consent of CloudHost; or (v) remove, obscure, or alter any notice or label of copyright, trademark, or other proprietary right appearing in or on any item included with the Services; provided however, this limitation does not prohibit Customer from adding its own URL, logo or entity name.
  2. Hardware/Software. If the Service includes access to or the use of hardware or software provided by CloudHost or its licensors (“CloudHost Assets”), Customer: (a) will not assert any ownership interest whatsoever in the CloudHost Assets; (b) will keep the CloudHost Assets free and clear from all liens, claims and encumbrances; (c) shall use all CloudHost Assets in accordance with the Agreement; and (d) comply with any applicable third party licensing terms or conditions and use of any such CloudHost Assets shall be deemed Customer’s acceptance of such terms. Unless Managed Operating System or Managed Application services are purchased, Customer is responsible for selecting, installing and maintaining any software used in connection with the Service including any related applications, systems, or software.

 

  • Service Acceptance / Commencement Date.

If no Fault of Severity Level 1 is reported by Customer to CloudHost within two Business Days from the SOF Date or Actual Delivery date, the Service shall be deemed to have been accepted for the purpose of commencement of billing.

 

  • Security
  • Customer will ensure that all Content stored or transmitted via the Service complies with all applicable laws and reasonable information security practices, including without limitation those relating to the encryption of data. Customer is solely responsible for properly configuring and using the Cloud Service and taking its own steps to maintain appropriate security, protection and backup of Cloud Content and to protect Cloud Content from unauthorized access and routine archiving of Cloud Content. Given that Customer can self-provision and self-configure the Services and the Customer environment in ways that may reduce their security, Customer acknowledges that it and not CloudHost will be responsible for whether the Services and Customer environment are configured in a secure manner. In addition, Customer is solely responsible for compliance related to the manner in which the Cloud Service is used or accessed by Customer or its End Users.
  • CloudHost has adopted and implemented, and shall maintain, a corporate information security program designed to comply with applicable laws and protect Content from loss, misuse and unauthorized access or disclosure. Such program includes annual employee security awareness training and formal information security policies and/or procedures. The CloudHost information security program is subject to reasonable changes by CloudHost from time to time.
  • Notwithstanding all of the foregoing, Customer acknowledges that, in spite of commercially reasonable and industry-standard data security measures, CloudHost is unable to guarantee absolute data security and that CloudHost has no liability to Customer for any unauthorized access or use, corruption, deletion, destruction or loss of any of Content except to the extent of CloudHost’s gross negligence or willful misconduct.

 

  • Service Outage Reporting.

Customer must inform CloudHost’s Customer Support in writing, by email or by call each time it notices any Service Outage within Five (5) business days of the time it first notices or first believes that there has been an Outage.  CloudHost will provide 24x7x365 access to its Online support portal (https://support.cloudhostintl.com) for customer to report any service outage / performance issues.  CloudHost Customer Support must be provided with a 24*7*365 emergency number to reach a support person and their backup in the event of customer equipment failure or a data centre outage. Escalation matrix is also required from the Customer.

 

  • Request for Service Outage Credit.

Customer must provide CloudHost with a written request for a credit due hereunder within thirty (30) days of the applicable event giving rise to the credit.  Failure to do so will void Company’s eligibility for any credit for such event(s). This notice must include sufficient information including, without limitation, the Trouble Ticket number and the customer request and the date and time such request was made to CloudHost Datacentre, to allow the claim to be investigated.  There shall be no Third Party beneficiaries of the Service Level Agreements unless the same is agreed upon by the parties in writing.

 

  • Data Centre- Managed Services Service Availability Parameters.

For the purpose of uniformity, the Service Availability for each CLOUDHOST Service will be calculated as under. The Availability Guarantee for each component is covered in respective service schedule(s).

 

CLOUDHOST Service will be considered unavailable if the Fault reported to the CloudHost’s Support Center by Customer or identified by CloudHost itself is of Severity Level 1 or Severity Level 2 (“Service Outage”). CloudHost will calculate, on a monthly basis, the time of Service Outage experienced by each CLOUDHOST Service Component. A month shall be deemed to begin at 12:00 AM Greenwich Mean Time (GMT) on the first day of a calendar month and end 12:00 GMT on the first day of the next calendar month (“Month”). At the end of a month, CloudHost shall calculate the total amount of time the CLOUDHOST Service was unavailable measured from the time when a Fault of Severity Level 1 or 2 was reported to the CloudHost’s Customer Support or is identified by the CloudHost, whichever first occurs, until the time the Fault is repaired and the Service restored (the “CLOUDHOST Service Outage Time”). Such CLOUDHOST Service Outage Time shall be used to determine any Service Outage credit that the Customer shall be entitled to (“CLOUDHOST Service Outage Credit”). The CLOUDHOST Service Outage Credit will be a percentage of the Monthly Recurring Charge (“MRC”) for the CLOUDHOST Service as set forth in respective service schedules and will apply only to the CLOUDHOST Service(s) for which such credit was derived (“Affected CLOUDHOST Service(s)”), and the CLOUDHOST Service Outage Credit will be calculated individually for each Affected CLOUDHOST Service.

 

 

(a)        SLA Adherence Matrix and applicable Outage Duration:

 

SLA Adherence (%) Service Outage Duration  (in Hours) in a Month Rounded off to nearest hour
< 99.99% 0.072 (4.32 minutes) – 0.72 hours  (43.2 minutes)
< 99.95% 0.36 (.5) hour – .72 (1) hour
< 99.9% 0.72 (1) hour – 3.6 (4) hours
< 99.5% 3.6 (4) – 7.2 (8) hours
< 99.0% 7.2 (8) – 14.4 (15) hours
< 98.0% 14.4 (15) – 21.6 (22) hours
< 97.0% 21.6 (22) – 24 hours

 

  • Customer will not be entitled to receive any credits pursuant to the Delivery Guarantee or Service Availability Guarantee, for administrative setup delays or Service Outage experienced, which are associated with (in whole or in part):
    1. Interruption due to emergency & scheduled maintenance, alteration, or implementation;
    2. Negligence or other conduct of Customer or its agent/client including a failure or malfunction resulting from applications;
    3. A shut down due to circumstances reasonably believed by CloudHost to be a significant threat to the normal operation of the Services, the CloudHost facility, or access to or integrity of Customer IT infrastructure or its data (e.g., hacker, virus attack or cyber-attack or ransomware attack etc);
    4. Failure or malfunction of any equipment or services not provided by CloudHost;
    5. Failure of Customer to purchase minimum redundant systems necessary to support this warranty
    6. Failure of access to Customer’s network and the Internet, unless such failure is caused solely by CloudHost;
    7. Any act or omission of Customer or any of its agents, contractors or vendors, including without limitation, custom scripting or coding (for example, CGI, Perl, HTML, ASP) or Customer’s failure to follow agreed-upon procedures or to provide the requisite Client Hardware or Software in respect of the Services;
    8. Force Majeure Events (Section 13.10), including without limitation, outages on the Internet;
    9. DNS issues beyond the reasonable direct control of CloudHost; or
    10. Service Level Agreements do not apply in the event of disconnection and subsequent reconnection of the services due to non-payment of any charges payable to CloudHost.
    11. Any unavailability or other degradation of the Service which is associated with or caused by Scheduled Maintenance events on the CloudHost Facilities (which are not otherwise due to the fault or negligence of CloudHost);

 

 

 

  • Service Outage Credits

 

  • Customer must provide CloudHost with a written request for a credit due hereunder as defined in Service Outage Reporting (Section 4).

 

  • If Customer is entitled to receive credits on more than one guarantee as set forth herein due to the same service-affecting incident, Customer will only receive the credit that it would otherwise be entitled to receive under a single guaranteed criterion for service which has least guarantee.

 

  • In no event shall the total amount of Service Outage credits issued to Customer per month exceed fifty percent (50%) of the MRC invoiced to Customer for the affected Service for that month.

 

  • Credits are calculated after deduction of all discounts and other special pricing arrangements, and may not be applied to governmental fees, software licenses, taxes, surcharges, local access charges or any other charges other than monthly recurring service (MRC) charges.

 

  • Credits will generally be reflected on the subsequent invoice following the billing month in which the Service Outage occurs. The credits provided in this Service Level Agreement are Customer’s sole and exclusive remedies for all matters related to the guaranteed criteria.

 

  • Any credits accrued but remaining unused after termination of the applicable Service may only be applied to charges accruing to the affected Service or new purchases of CloudHost Services. All unused credits will expire the later of twelve months after their accrual or upon the expiration or termination of the last Order Form with CloudHost. Termination of a Service Order Form, the General Terms and Conditions due to Customer’s non-payment or other breach will immediately void all accrued, but unused credits.

 

  • Customer Obligations.

 

  1. a) Customer Undertakings. The Customer represents warrants and agrees that it will not use, nor authorize, assist or permit any User or third party to use, the Service:

 

  • In violation of any applicable laws or with all policies and instructions communicated by CloudHost.

 

  • For any unlawful, fraudulent or immoral purpose, including, without limitation, the transmission of any Content in violation of applicable laws

 

  • To tamper with, alter or change the Service or the CloudHost’s Facilities, or otherwise abuse the Service in any manner that interferes with CloudHost’s Facilities or the use of Service by any other person.

 

  • Internet usage as per UAE Government Norms, Laws and Policies

 

  1. b) Rights to Suspend. If CloudHost reasonably believes that there is, or is likely to be, a breach of any of the Customer’s obligations hereunder, CloudHost may, in its sole discretion, immediately restrict or suspend all or a portion of the Service or prevent the display or transmission of Content, without any liability to the CloudHost, and then notify the Customer of such action and the reason for it. CloudHost will attempt to provide such notification to the Customer prior to taking such action if, in CloudHost’ s judgment, it can do so without interfering with its ability to prevent the breach from occurring or continuing.

 

  • Proprietary Rights

The Services, including all intellectual property rights in the Services, are and shall remain, the property of CloudHost. All rights in and to the Services not expressly granted to Customer in this Agreement are hereby expressly reserved and retained by CloudHost and its licensors without restriction. CloudHost grants Customer a limited, revocable, non-exclusive, non-sublicenseable, non-transferable and limited right to access and use the Cloud Services solely in accordance with the Agreement and any software (including related documentation) that may be provided by CloudHost or its third party licensors is neither sold nor distributed to Customer and may be used solely as part of the Cloud Services.

As between CloudHost and Customer, Customer exclusively owns all right, title and interest in and to Data. CloudHost will not disclose, modify, or access Data, except (i) if Customer expressly authorizes CloudHost to do so in connection with Customer’s use of the Services, including requests for support; or (ii) as necessary to provide the Services to Customer or to prevent or address service or technical problems, or to comply with the Agreement or the request of a governmental or regulatory body, subpoenas or court orders.

Exclusions. Confidential Information does not include the following categories of information: (a) information that at the time of disclosure to Recipient was in the public domain (other than as a result of any breach of this Agreement); (b) information that was lawfully known by Recipient prior to receipt from Discloser (as proven by Recipient’s written records); (c) information that, after disclosure to Recipient, becomes known to the general public through no breach of this Agreement by Recipient; (d) information developed independently by Recipient without use of or reference to Confidential Information; or (e) information that is disclosed to Recipient by a third party who did not acquire or disclose such information by a wrongful act.

In the event Customer elects, in connection with any of the Services, to communicate to CloudHost suggestions for improvements to the Services (“Feedback”), CloudHost shall own all right, title, and interest in and to the same, even if Customer has designated the Feedback as confidential, and CloudHost shall be entitled to use the Feedback without restriction. Customer hereby irrevocably assigns all right, title, and interest in and to the Feedback to CloudHost and agrees to provide CloudHost such assistance as it may require to document, perfect and maintain CloudHost’s rights to the Feedback.

If Customer elects to use Customer provided and/or licensed software in connection with the Cloud Services or make such software available to other users of Cloud Services, Customer is solely responsible for (i) selecting, licensing, installing and maintaining any such software, including any related applications and systems; and (ii) ensuring adherence to current technical documentation, all applicable licensing terms, requirements and/or restrictions and all applicable laws with respect to such software.

  • Non Disclosure Agreement (NDA)

 

  1. a) “Confidential Information” shall mean and encompass information, know-how and data, of a technical, commercial, financial or any other nature, disclosed to either Party by or on behalf of the other Party prior to or during the term of this agreement. Customer and CLOUDHOST each agree to retain in confidence all information disclosed by a party to the other party pursuant to this Agreement which is either designated as proprietary and/or confidential, or by the nature of the circumstances surrounding disclosure, should reasonably be understood to be confidential (the “Confidential Information”).

 

  • It shall cover all messages, documents and files or other communication in writing and marked “confidential” by the disclosing Party; (or)
  • Drawings, models, prototypes, photographs, software programs or in any machine readable form, which information is stated by the disclosing Party to be confidential; (or)
  • Orally, and identified in writing as confidential to the disclosing Party within 15 (fifteen) days from disclosure;.

 

Each party agrees to:

  1. preserve and protect the confidentiality of the other party’s Confidential Information;
  2. refrain from using the other party’s Confidential Information except as contemplated herein; and
  3. not disclose such Confidential Information to any third party except to employees as is reasonably required in connection with the exercise of its rights and performance of its obligations under this Agreement (and only subject to binding use and disclosure restrictions which are at least as protective as those set forth herein and which are agreed to in writing by such employees).

CloudHost further agrees that it will not change or copy, read or distribute Customer’s data, except as required to perform the Services.  CloudHost hereby agrees that it has implemented industry standard procedures to: (1) ensure the security and confidentiality of Customer’s Confidential Information; (2) protect against any anticipated threats or hazards to the security or integrity of such information; and (3) protect against unauthorized access to or use of such information.  The parties agree to comply with the applicable laws and shall negotiate in good faith, if necessary, to execute any other documents that may be required to comply with any applicable laws.

 

Notwithstanding the foregoing, either party may disclose Confidential Information which is:  (i)             already publicly known;

  • independently developed by the receiving party without reference to the Confidential Information of the disclosing party;
  • Otherwise known to the receiving party through no wrongful conduct of the receiving party, or required to be disclosed by law or court order.

Neither party shall disclose any of the terms of this Agreement to any third party without the prior written consent of the other party; provided, however, that either party may disclose the existence of this Agreement to any third party and either party may disclose the terms of this Agreement:

  • to legal counsel of the parties;
  • in confidence, to accountants, banks, and financing sources and their advisors solely for the purposes of a party’s securing financing;
  • in connection with the enforcement of this Agreement or rights under this Agreement; or
  • in confidence, in connection with an actual or proposed merger, acquisition, or similar transaction solely for use in the due diligence investigation in connection with such transaction.

(i) In the event that one of the Parties, or anyone to whom Confidential Information is disclosed pursuant to this agreement becomes legally compelled to disclose any of the confidential Information, such party (the “Compelled Party”) shall provide the other party with prompt notice so that such other party may seek a protective order or other appropriate remedy and/or waive compliance with the provisions of this Article. In the event that such protective order or other remedy is not obtained or in the event that the other Party waives compliance with the provisions of this Article, the compelled Party will furnish only that portion of the Confidential Information which the Compelled Party is legally required to disclose and will seek to obtain reliable assurance that confidential treatment will be accorded to the Confidential Information.

  • TERM & TERMINATION

 

  1. The term of this Agreement shall commence on the mutually signed Service Order Form or Service Start Date and shall renew automatically for successive one (1) year periods unless either party gives the other written notice of intent to terminate and not renew at least ninety (90) days prior to the end of the initial term or any renewal term.
  2. This agreement may be terminated by either party in the event that such party has the right to terminate the customer Agreement.
  3. Upon termination of this agreement, Customer shall relinquish use of the Internet protocol addresses or address blocks assigned to it by CLOUDHOST in connection with the Services.
  4. Unless and otherwise specified in the Customer Agreement, if after the termination or expiration of the Agreement, the Customer fails to remove all equipment and/or other properties belonging to them from the CloudHost Data Centre premises within 15 days of such termination or expiration, the

Customer;

  1. agrees that CloudHost Datacentre may dispose off such property as it deems appropriate and

 

  1. releases CloudHost Datacentre from any and all liability arising out of such disposal

 

  • TERMINATION TRASITION ASSISTANCE:

Upon any notice of termination of this Agreement, to the extent technically feasible, CloudHost shall assist Customer in the migration of the data of Customers that are located on CloudHost’s servers/storage, in a comma separated values file or other format reasonably requested by Customer.  If termination of this Agreement is due to CloudHost’s breach, CloudHost shall migrate Customer’s data to a setup as reasonably requested by Customer, at no cost to Customer.

 

  • WARRANTY LIMITATIONS

 

  1. Disclaimer of Actions Caused by and/or Under the Control of Third Parties Except for warranties and representations made herein, CloudHost MAKES NO REPRESENTATIONS AND DISCLAIMS ALL WARRANTIES AND LIABILITY REGARDING THE DATA, PRODUCTS, OR SERVICES OF ANY THIRD PARTY, INCLUDING THE PROVIDERS OF ELECTRICAL OR TELECOMMUNICATIONS PRODUCTS OR SERVICES. CUSTOMER ACKNOWLEDGES THAT AN INTERRUPTION IN THE HOSTING SERVICES DUE TO CIRCUMSTANCES BEYOND THE CONTROL OF CloudHost, SUCH AS A FAILURE OF TELECOMMUNICATIONS SYSTEMS, SHALL NOT BE CONSIDERED A SERVICE OUTAGE FOR PURPOSES OF ANY WARRANTY PROVIDED IN THIS CLOUDHOST.
  2. Sole Remedies to Service outage: SOLE REMEDY IN THE EVENT OF ANY SERVICE OUTAGE, INTERRUPTION OF SERVICES DUE TO OUTAGES, OR OTHER BREACH OF WARRANTY SHALL BE THE OUTAGE CREDIT PROVIDED IN THIS CLOUDHOST. CloudHost AND ITS CLOUDHOSTS DISCLAIM ANY AND ALL OTHER LIABILITIES OR REMEDIES FOR SUCH OUTAGES, INTERRUPTIONS, OR BREACH OF WARRANTY. CUSTOMER ACKNOWLEDGES AND AGREES THAT THE LIABILITY OF CloudHost AND ITS CLOUDHOSTS ARISING FROM ANY SUCH OUTAGE, INTERRUPTION, OR BREACH OF WARRANTY SHALL BE EXPRESSLY LIMITED AS SET FORTH IN THIS CLOUDHOST.

 

  • MISCELLANEOUS PROVISIONS

 

  • NOTICES

Any notice or other communication required or permitted hereunder shall be sufficiently given if manually delivered or sent by registered or certified airmail or fax or E-mail, and, in the case of airmail, prepaid and directed to the other party at its mailing address first set forth above.  Any party may, by giving notice as provided sent by registered or certified airmail shall be deemed to have been given ten (10) days after the date on which it is proved to have been so mailed.  Any such notice or communication sent by fax or e-mail shall be deemed to have been given one (1) day after the date on which it is sent and receipt has been confirmed.

 

  • GOVERNING LAW

This Agreement and the obligations of the parties hereto shall be interpreted, construed and enforced in accordance with the internal laws of UAE, without giving effect to the conflict of laws / principles thereof.  The Courts at Dubai shall have exclusive jurisdiction over all matters connected with this agreement.

 

  • WAIVER

No express or implied consent to or waiver of any breach or default by any party hereto in the performance by the other parties of its obligations under this Agreement shall be deemed or construed to be a consent to or waiver of any other breach or default in the performance by such party of the same or any other obligations of such party under this Agreement. Failure on the part of any party to complain of any act or failure to act or to declare the other party as defaulting, irrespective of how long such failure continues, shall not constitute a waiver against such failing party of the rights of the other party under this Agreement.

 

  • SEVERABILITY

If any provision of this Agreement or the application thereof to any person or circumstance shall be invalid or unenforceable to any extent, the remainder of this Agreement and the application of such provisions to any other person or circumstance shall not be affected thereby and shall be enforced to the greatest extent permitted by law.

 

  • ENTIRE AGREEMENT – AMENDMENT

This agreement constitutes the entire agreement of the parties hereto with respect to the subject matter hereof.  Except as specifically provided herein, neither this agreement nor any provision hereof can be changed, waived, discharged or terminated orally, but only by an instrument in writing signed by all of the parties

 

 

  • TERMINOLOGY

All personal pronouns used in this Agreement, whether used in the masculine, feminine or neuter gender, shall include all other genders; the singular shall include the plural; and the plural shall include the singular. Titles of articles, sections, subsections and paragraphs in this Agreement are for convenience only, and neither limit nor amplify the provisions of this Agreement

 

  • COUNTERPARTS

This Agreement can be executed in any number of counterparts, each of which shall be deemed to be an original and all of which together shall comprise but a single instrument

 

  • ASSIGNMENT

This Agreement cannot be assigned by any party hereto without the express written consent of the other two parties

 

  • LEGAL FEES

In any legal action brought in connection with this agreement for the operations of the Customer, the prevailing party shall be entitled to recover its legal fees from the non-prevailing parties

 

  • FORCE MAJEURE

If the performance of any obligation of any of the parties is prevented or restricted or interfered with by reason of fire, explosion, strike, labor dispute, casualty, riots, sabotage, accident, lack or failure of transportation facilities, flood, war, civil commotion, terror attack, lightning,  acts of God, any law, order or decree of any government or subdivision thereof or any other cause similar to those above enumerated, beyond the reasonable control of the party, the party so affected shall, upon the giving of prompt notice to the other parties, be excused from performance hereunder to the extent and for the duration of such prevention, restriction or interference.

 

  • INTERPRETATION

No provision of this Agreement shall be construed against or interpreted to the disadvantage of any party by any court or other governmental or judicial authority by reason of such party having or being deemed to have structured or drafted such provision

  • ARBITRATION:

Any dispute and/or difference that may arise between the Parties hereto in regard to this Agreement and/or the arrangement there under, the carrying out of its terms and conditions and/or the interpretation thereof in any way whatsoever shall be referred to the conciliation of any authorized representative of the Parties and a solution shall be sought within 15 days of such referral. In the event of any resolution not being found despite conciliatory efforts, the dispute and/or difference shall be referred to a sole Arbitrator to be mutually appointed by the Parties. In the event of differences on appointment of a sole arbitrator, the Parties agree to appoint three arbitrators, one to be appointed by Customer and another to be appointed by CLOUDHOST. The two arbitrators shall appoint the third arbitrator who shall act as the governing arbitrator.  The Arbitration proceedings shall be governed by the UAE Law for Arbitration and Conciliation and its statutory modification in force for the time being. Language of arbitration shall be English. Place of Arbitration shall be Dubai UAE.

 

 

SCHEDULE – A : CloudScales

On-Demand Compute

 

  1. Definitions. In addition to the other terms defined in the General Terms and Conditions for Delivery of Services and the Service Schedule, the following capitalized terms shall have the following meanings:

 

  • Service Overview: CloudHost will provide the On-Demand Compute Service which includes Virtual Machines, Dedicated Hardware, Software Licenses, Network, Security, Storage and various optional services as selected by customer. The Setup is located at one or more of the Data Centres, which location can be changed at the sole discretion of the CloudHost.

 

  • “Host Hardware / Server (Host)” means a physical hardware running Hypervisor software to run multiple virtual machines / instances. Host provides the CPU and memory resources to virtual machines running on it as well enable virtual machines access to storage and networks.

 

  • “Managed Dedicated Server (MDS)”: CloudHost shall provide the dedicated physical server of subscribed configuration (equivalent or better), defined as the Processor(s), RAM, and other related hardware as well as access to storage, network with perimeter security, Hosting infrastructure, included under the server lease.

 

  • “InstaCloud”: CloudHost shall provide the Virtual Machine / Instance defined as the virtual Processor(s), RAM, connectivity fabric, and other related components included under the subscribed plan. InstaCloud is powered by Open Source Technology.

 

  • “BlazeCloud”: means a Virtual Machine / Instance in High Availability architecture. Virtual Private Instance is defined as the virtual CPU/Processor(s), RAM, connectivity fabric, Hosting infrastructure, and other related components included under the subscribed plan. High Availability architecture is defined by minimum system configuration to ensure redundancy at each layer for no single point of failure at site level. High Availability is applicable for single Data Centre facility, and does not include the site level redundancy.

 

  • Network Connection: Customer will have access to the Service through the Internet or the Customer’s VPN. CloudHost will provide bandwidth between the Hosting Centres for purposes of Customer’s system administration. However Customer will provide, at its sole expense, all connections and bandwidth needed in order to enable it to interconnect with and use the Service.

 

  • Firewall Protection: CloudHost will provide adequate perimeter firewall protection to ensure that the Service operates in a secure environment. CloudHost will implement and manage firewall policy / security rules to protect the Service from inappropriate use by Users and third parties, as per the filtering rules set by Customer.

 

  • Self-Service Administration Portal: CloudHost will provide secure web-based online self-service administration portal that enables authorized Customer administrators to perform certain administration tasks with respect to the Service.
  • CloudHost Platform System Back-up: CloudHost will perform backup of complete setup as per the defined policy to ensure the availability of Systems. The backup policy is to take an incremental daily back-up, and retain the daily back-up for one week. In addition to the incremental daily back-up, a full back-up will be performed on a weekly basis and retained by CloudHost for two weeks. A monthly back-up will also be performed and will be retained for one month. System Backup is undertaken by CloudHost to ensure high availability of infrastructure.

 

  • Restoration Services: The restoration of System Back-up will be provided in following manner.
    1. Restoration activity required due to failure of CloudHost’s systems or any component offered by CloudHost as part of the service. All such restoration will be done by CloudHost at no cost to customer and will be considered as System Restoration Activity.
    2. Any Restoration of data required at customers request for component failure or data loss arising out of customer specific issue / negligence. Customer specific restoration will be undertaken on the receipt of customer request for such activity and will attract nominal Restoration Fee.
  • CloudHost does not guarantee Restoration of data outside of its backup retention periods.
  1. The Restoration of data is provided on best effort basis whether within retention period or outside retention.
  2. Customers, who wish to take separate backup on Tapes for longer retention or Host level backup, needs to subscribe Backup Services as Add-on component.

 

  • On-Demand Storage: CloudHost will provide storage on its Enterprise grade unified (SAN / NAS) storage platform with enterprise security and associated storage fabric connectivity. On-Demand Compute setup is pre-configured and pre-built to offer highly redundant, unified SAN / NAS storage environment to MDS / InstaCloud / BlazeCloud.

 

  • Managed Switch: CloudHost will offer managed switch as part of On-Demand Compute setup to provide controlled access to servers, storage, and networks. The managed switch offering includes security and configuration flexibility specific to customer requirements, as defined in the subscribed plan.

 

  • Managed Connectivity: CloudHost will offer managed router interface both on Virtual Dedicated as well as Logical Segregated mode for termination of Customer VPN, Leased Line or other network connections. The Managed Router offering supports multiple network interface and throughput levels, as per the subscribed plan.

 

  • Monitoring and Management: CloudHost will perform proactive monitoring of complete On-Demand Compute setup.

 

 

  1. Service Availability Guarantee. The Availability Guarantee for On-Demand Compute shall be as follows:

 

Availability Guarantee Service Outage Duration  (in Hours) in a month CloudScales

Service Outage  Credit

 > 99.5%  Less than 4 Hours No Credit
< 99.5% 4 – 8 Hours 5% of MRC
< 99.0% 8 – 15 Hours 10% of MRC
< 98.0% 15 – 22 Hours 15% of MRC

 

  1. Ownership of Software Licenses. The Software Licenses are licensed to CloudHost by respective OEM partners for rendering the CloudScale services.  All title and intellectual property rights in and to the SOFTWARE Licenses (and the constituent elements thereof, including but not limited to any images, photographs, animations, video, audio, music, text and “applets” incorporated into the SOFTWARE LICENSES) are owned by OEM PARTNERS or its suppliers.  The SOFTWARE LICENSES are protected by copyright laws and international copyright treaties, as well as other intellectual property laws and treaties.  Your possession, access, or use of the SOFTWARE LICENSES does not transfer any ownership of the SOFTWARE LICENSES or any intellectual property rights to you.  You agree not to remove, modify or obscure any copyright, trademark, or other proprietary rights notices that appear on the SOFTWARE LICENSES or that appear during the use of the SOFTWARE LICENSES.

 

  1. Installation Location. The majority of all Software Licenses shall always be installed and used solely at CloudHost Data Centres. The Software Licenses may only be installed on Customer (End User) premises so long as: (1) access by Customer does not expand the use of the Software Licenses beyond what CloudHost has permitted; and (2) CloudHost has physical access to the Software Licenses and authority to control the Software Licenses, and (3) CloudHost can monitor and manage the on premise infrastructure for licenses.

 

 

SCHEDULE A – CloudScales

ON-DEMAND STORAGE

 

  1. Definitions. In addition to the other terms defined in the General Terms and Conditions for Delivery of Services and the Service Schedule, the following capitalized terms shall have the following meanings:

 

  • Service Overview : CloudHost On-Demand Storage Service offers unified (SAN/NAS), integrated, information-focused, storage infrastructure on flexible need based cost, with enterprise security and high availability guarantee.

 

  • “Host Setup (Host)” refers to customers server hardware with compatible HBAs (Host Based Adapters), which requires to connect to CloudHost On Demand Storage setup. The Host Setup may operate diverse environment, including Windows, VMware ESX, Citrix Xen Server, UNIX flavors (HP-UX, IBM AIX, Sun Solaris), Linux (Red Hat Linux) and other industry standard operating systems. Application or Database running on above Operating Systems can also avail the On-Demand-Storage services.

 

  • “Unified Storage Fabric (Fabric)” means unified, redundant connectivity fabric which enables customers host setup to connect with On-Demand Storage platform. The Unified Storage Fabric offers combination of fully redundant 4/8 Gbps FC (Fiber Channel) fabric, a multi-Gbps iSCSI Ethernet fabric, and FCOE fabric, as per customer choice and plan subscription. Customer is responsible for providing the compatible HBA for connecting the Host Setup with requisite Storage Fabric interface.

 

  • “Network Attached Storage (NAS)” – The Network Attached Storage solution offers file level access through NFS / CIFS shares mounting to the Host through Storage Fabric connectivity. End-to-end redundant path shall be offered to match the assured high-availability.

 

  • “On-Demand Storage Pool” – The storage capacity will be provisioned to the Host from the dynamic storage pool as per the subscribed plan. Storage capacity can be added as well as removed, as per business need. Adequate storage security measures are undertaken by applying customized security policies, zoning, user authentication & auditing mechanisms. Reporting of allocated volume size and file / directory utilization is offered through on-line customer portal.

 

  • “Storage Tiers” – refers to the four packages (Performance, Enhanced, Standard, Economy) available under On-Demand Storage Service, with customized specifications to meet different data storage needs.

 

  • Performance Tier – offers storage capacity on high available, enterprise grade SAN Storage platform delivering more than 1500 I/O Per Second (IOPS) per terabyte, with fully redundant FC / FCOE fabric.
  • Standard Tier – offers storage capacity on high available, enterprise grade SAN Storage platform delivering more than 500 I/O Per Second (IOPS) per terabyte, with fully redundant FC / iSCSI fabric.
  • Economy Tier – offers storage capacity on high available, enterprise grade SAN Storage platform delivering more than 250 I/O Per Second (IOPS) per terabyte, with fully redundant iSCSI fabric.

 

  • Hardware (iSCSI HBA) and Software iSCSI Initiator support – means support for standard hardware iSCSI Initiators as listed in the CloudHost’s HBA compatibility matrix and also support for software iSCSI Initiator supplied by the operating system vendors.

 

  • Cross Tier Storage Migration – Allows customer to migrate the storage between Tiers based on the performance needs.

 

  • Storage Monitoring & Management – The entire storage platform is monitored and managed by a dedicated team of storage administrators 24/7 – 365 days assuring response and resolutions as per the SLA.

 

  • Storage Reporting – additional Service needs to be subscribed for service which includes periodic performance and utilization reports and incase of any threshold violations instant notifications shall be notified to the customer.

 

  • Firewall Protection: CloudHost will provide adequate perimeter firewall protection to ensure that the Service operates in a secure environment. CloudHost will implement and manage firewall policy / security rules to protect the Service from inappropriate use by Users and third parties, as per the filtering rules set by Customer.

 

  • Self-Service Administration Portal: CloudHost will provide secure web-based online self-service administration portal that enables authorized Customer administrators to perform certain administration tasks with respect to the Service.

 

  1. Service Availability Guarantee. The Availability Guarantee for On-Demand Storage (ODS) is as follows:

 

  • For Severity Level 1:
Availability Guarantee Service Outage Duration  (in Hours) in a month ODS Service Outage  Credit
 > 99.95%  Less than 0.30 Minutes No Credit
 < 99.95%  30 Minutes – 1 Hour 5% of MRC
 < 99.9% 1 – 4 Hours 10% of MRC
< 99.5% 4 – 8 Hours 15% of MRC

 

 

SCHEDULE B – DataLife Services

Vault Services

 

 

Vault Services Provided by CloudHost hat you are a paid Subscriber (as defined in the current Backupify Terms of Service, the “ToS’) and comply with the ToS, we will:

  1. make and store a copy of your Backedup Data at least once each calendar day starting the day after your Initial Backup is complete, and
    2. the Vault Service web interface will be operational and available to Customer at least 99.9% of the time in any calendar month

If Vault Services does not meet the DataLife SLA, Customer will be eligible to receive the Service Credits described below. This Vault SLA states Customers sole and exclusive remedy for any failure by Vault to meet the Vault SLA.

Definitions:

Backedup Data
means to save a copy of your data and other files that exist on third-party websites that you designate within the Service for backup and are available through externally facing APIs.

Initial Backup
means the first full copy and storage of your Backedup Data.

Downtime
means the Service is unavailable for a customer, exclusive of Permitted Downtime.

Permitted Downtime
means the Service is unavailable for customer use during a prescheduled period which has been announced at least 72 hours in advance.

Monthly Uptime Percentage
means total number of minutes in a calendar month minus the number of minutes of Downtime suffered in a calendar month, divided by the total number of minutes in a calendar month.

Sequential Days Without Backedup Data
means the number of sequential calendar days where we have failed to make and store a copy of your Backedup Data.

Service
means the Vault and recovery service provided by DataLife to Customer under the Agreement.

Service Credit
means either Access Related Service Credit or Performance Related Service Credit.

Performance Related Service Credit
means the following:

Sequential Days Without Backedup Data Days of Service added to the end of the Service term at no charge to Customer
1 3
2 7
5 15

Access Related Service Credit
means the following:

Monthly Uptime Percentage Days of Service added to the end of the Service term at no charge to Subscriber
< 99.9% – >= 99.0% 3
< 99.0% – >= 95.0% 5
< 95.0% 7

Update Notification.
DataLife reserves the right to alter this Service Level Agreement without advanced notice.  Enforcement of the new agreement will begin 30 days after the change. Changes with a significant impact will be communicated to paid Subscribers to the email address provided.

DataLife SLA Exclusions.
The DataLife SLA does not apply to any services that expressly exclude this SLA (as stated in the documentation for such services) or any performance issues that: (i) are related to acts of nature, forces or causes beyond our reasonable control, strikes, labor disputes, riots, insurrections, civil disturbances, explosions, acts of god, war, governmental actions, or orders of domestic or foreign courts or tribunals; (ii) result from availability of third-party APIs, or, (iii) result from Subscriber’s equipment.

 

SCHEDULE – C

CH Assist – Managed Hosting Professional Support Services

 

CH Assist is CloudHost Managed service offerings for Data Centre customers includes Operating Systems Management, Database Management, Managed Security Services, Network Management Services, Mail Management Services, Backup and Disaster Recovery Services and Technical Support Services.

 

This CH Assist Plans and Services are applicable only to Service Order Forms for Data Centre- Managed Services which have been subscribed by Customer and accepted by CloudHost in accordance with, and subject to the Terms and Conditions for Delivery of Services.

 

  • “Service Window”: CloudHost will provide 24×7 support for the proposed engagement.

 

  • “CloudHost Portal and Monitoring”: CloudHost is CloudHost’s service portal offering and will be a single point for information on customer’s infrastructure that is being managed. The portal offers access to trouble ticket & change management systems, events, inventory and SLA performance reports.

.

  • “Proactive Monitoring”: CloudHost will provide Customer with proactive monitoring services out of its Global Management Operations Center (GMOC). Key tasks executed part of the proactive monitoring services include: a) Monitoring of the in-scope infrastructure.
    1. Recording of incidents and problems reported by users and the monitoring tools on the trouble ticket system available on CLOUDHOST.
    2. Monitoring the progress of the incidents and problems recorded and ensuring that they are resolved on time.
    3. Carrying out incident notification and escalations to defined designated contacts.
    4. Periodic trend analysis and capacity requirement identification and notifications.

 

  • “Technical support Services”: CloudHost will ensure availability of technical support services for managing incident, problem and change management processes. Skilled resources relevant to Customer’s environment will be made available.

 

  • Scope of Hosting Professional Support Service: The Service consists of the following components as per the subscribed plan, as specified in the Order Form. The detailed management task list is captured in Hosting Professional Support Service Descriptor and is subject to change as defined by CloudHost time to time.

 

  • “Management Tasks”: means the tasks and schedule of activities covered under specific service management. The detailed management task list is captured in Hosting Professional Support Service Descriptor and is subject to change as defined by CloudHost time to time.

 

  • “Server and OS Management”: CloudHost will provide technical support for Customer’s server hardware and operating system. CloudHost will also monitor the server and critical availability and performance attributes.

 

  • “Database Replication, Monitoring and Management”: CloudHost will provide technical support for database management, availability and performance attributes, as per the plan subscribed and defined in Hosting Professional Support Service Descriptor.

 

  • “Backup and Restore Services”: CloudHost will provide support for monitoring and managing server backup processes. CloudHost will be responsible for the following as part of the backup management process:
    1. Monitor successful completion of backup processes based on a defined policy provided by Customer
    2. Fix backup errors and re-run or re-schedule at later times
    3. Configure backup policy changes as required by Customer
    4. Onsite backup media management
    5. Provide offsite tape movement services
    6. Carry out periodic restorations based on the restoration policy defined by Customer

 

  • “Mail Management Services”: CloudHost will provide mail management services whereby CloudHost will be responsible for managing availability and performance of the e-mail infrastructure. CloudHost will also provide end-to-end support, right from resolving problems to managing the e-mail infrastructure. The indicative list of management tasks is provided in CH Assist – Messaging Plan.

 

  • “Network and Security Management Services” CloudHost will provide support for network and security management and ensure maximum availability and performance and ensuring proper coordination for resolving WAN related problems. The scope may include:
  1. a) Maintaining an up to date network diagram
    1. Maintaining LAN device configuration and backup
    2. Applying security patches to the operating system, database and network devices

 

  • “Antivirus Management” CloudHost will perform the activities related to the scope of service for Anti Virus Management services. CloudHost will also act as the single point of contact for vendor co-ordination to resolve failures, provide support for upgrades and new installations.

 

  • “Incident and Problem Management Process”: CloudHost will follow the problem management process and provide level II support for resolving problems identified in the in-scope infrastructure. As part of the problem management process CloudHost will: Investigate and diagnose the problems reported.
  1. a) Perform root cause analysis.
    1. Provide temporary fixes to problems and also work on permanent solutions.
    2. Raise changes requests for providing permanent solutions to problems identified on the in-scope security infrastructure.

 

  • “Change Management Process”: CloudHost will raise change requests for carrying out configuration changes and maintenance of the in-scope infrastructure. CloudHost will obtain the approval from a predefined distribution list at Customer, before carrying out any changes. CloudHost will use the change management system available on CloudHost.

 

  • “Reporting”: Weekly and monthly reports on the events that have occurred, fixed and information on the response, resolution including SLA performance reports will be made available online on CloudHost. CloudHost will during the transition phase agree on the reporting requirements and methods with Customer.

 

  • “Service Availability Guarantee”: The Maximum Service Level Attributes shall be as follows:

 

SLA Adherence (%) SLA Attribute SLA Indicators Description
 > 99.5% Incident response time (Mean Time To Respond) Severity 1 – 15 min

Severity 2 – 30 min

Severity 3 – 120 min

Response Time
Incident / Problem resolution (Mean Time To

Resolve)

Severity 1 – 2 hours

Severity 2 – 8 hours

Severity 3 – 16 hours

Resolution Time

 

 

 

SCHEDULE – D

CH Network – Data Centre Network Services

 

 

CloudHost’s Data Centre Network (DCN) service offerings for hosting customers includes Internet Connectivity, Routing or WAN Edge layer, and Application Network Acceleration Services layer.

 

This Data Centre Network service is applicable only to Service Order Forms for Data Centre- Managed Services which have been subscribed by Customer and accepted by CloudHost in accordance with, and subject to the Terms and Conditions for delivery of services.

 

  • “Data Centre Network (DCN) Services”: DCN services collectively includes Virtualized Network elements for the WAN edge, and the Application Network Acceleration layer. The service is offered on CloudHost’s carrier grade routing, UTM and Acceleration platform with both managed as well virtualized option.

 

  • “Managed Router Services (mRouter)”: provides means for terminating customer’s own intranets and extranets through VPN, Internet or direct leased lines at CloudHost Data Centre. The service supports termination of Ethernet media and different layer 2 modes – PPP, HDLC, FR and Ethernet [with 802.1q] circuits. The service is managed by CloudHost Technical team.

 

  • “Virtualized Router Services (vRouter)”: provides virtual dedicated instance of routing setup for terminating customer’s own intranets and extranets through VPN, Internet or direct leased lines at CloudHost Data Centre. The service supports termination of Ethernet media and different layer 2 modes – PPP, HDLC, FR and Ethernet [with 802.1q] circuits. CloudHost Technical team manages the setup, and customer has logical access to the system resources.

 

  • “Managed Local Load Balance (mLLB) Services”: provides means for automatically distributing incoming application traffic across multiple compute instances. Load Balancing detects the health of pre-configured Compute instances and spreads the load across the Compute instances based on various parameters (health, IP, etc.), as defined by customer.

 

  • “Virtualized Local Load Balance (vLLB) Services”: provides virtual dedicated instance of Local load balance service for automatically distributing incoming application traffic across multiple compute instances. Load Balancing detects the health of pre-configured Compute instances and spreads the load across the Compute instances based on various parameters (health, IP, etc.), as defined by customer. The service offers logical access to the configured infrastructure to customer.

 

  • “Virtualized SSL Acceleration (vSSLACCL) Services”: provides virtual dedicated instance of SSL Off-load for offloading the encryption and decryption of SSL traffic from compute resources.

 

  • “Data Centre Internet (IP) Services”: means Data Centre Network backbone to offer Internet connectivity to customer setup for providing Public IP connectivity. The Data Centre network backbone is built around high capacity, redundant and robust multiple carrier links to offer seamless access to hosted setup. The Data Centre network backbone also interconnects with all the CloudHost Data Centre’s and peering relationships with other service providers in UAE. The Internet connectivity to Data Centre customers is provided via Ethernet drop connecting to Data Centre Internet Connectivity through access switches.

 

Customer must commit to a minimum bandwidth or Committed Information Rate (CIR) in Mbps or minimum data transfer per month. CloudHost may elect to apply rate-limiting technology, if required, to restrict bandwidth of burstable or volume based subscription, in order to prevent negative impact to other customer’s network availability.

 

  • Fixed bandwidth Internet Service: provides capped bandwidth in per Mega bits per second (Mbps) to connect customers hosted setup to the public Internet. Customer must commit to a minimum bandwidth or Committed Information Rate (CIR) in Mbps. Bursting bandwidth is supported upto 4 times over the CIR provided the Ethernet media is supporting. Burstable bandwidth will be charged based on 95th percentile charging method, as further described.

 

8.1 95th Percentile: CloudHost will collect the sample of bandwidth used in defined time intervals (in five (5) minute intervals) for both inbound and outbound traffic. The top 5% of the sample size of the total sample size over calendar month is removed. The next highest sample after

the removal of top 5% is the 95th percentile sample for the month. The highest 95th percentile sample between inbound and outbound samples is considered the sustained usage level for billing purpose.

 

  • Volume based Internet Service – provides Internet connectivity to customers servers on data transfer model where data volume is measured as traffic per Giga Byte (GB) per month from the server segment to Internet (Outbound) and Internet to server segment (Inbound). Customer must commit to a minimum amount of data transfer per month in GB. Volume based bandwidth will be charged based on the cumulative amount of Inbound and Outbound data transferred in a month.

 

  • Data Centre Internet “Outage”– The Data Centre network outage is defined as any occurrence within the CloudHost Data Centre Backbone or CloudHost Datacenter Infrastructure that results in 100% packet loss to the Customer for more than 5 minutes out of any 24 hour period. The demarcation for Internet network is the port on the CloudHost Datacenter Access Switch on the customer side and CloudHost peering edge on the Internet side. The SLA includes all of the Datacenter Infrastructure including Managed Virtualized Router and Acceleration service, as well as the CloudHost IP Backbone including provider routers, switches, local loops and cabling. Network downtime exists when a particular customer is unable to transmit and receive data and CloudHost records such failure in the CloudHost trouble ticket system. Any malfunctioning of customer equipment or abnormal traffic generated from customer network that causes the outage shall not be covered in the SLA.

 

  • “Technical support Services”: CloudHost will ensure availability of technical support services for managing incident, problem and change management processes. Skilled resources relevant to Customer’s environment will be made available.

 

  • “Reporting”: Weekly and monthly reports on the events that have occurred, fixed and information on the response, resolution including SLA performance reports will be made available online on CloudHost. During the transition phase, CloudHost will agree on the reporting requirements and methods with Customer.

 

  • Service Availability Guarantee. The Availability Guarantee for Data Centre Network Services is as follows:

 

Availability Guarantee Service Outage Duration  (in Hours) in a month ODS Service Outage  Credit
 > 99.95%  Less than 0.30 Minutes No Credit
 < 99.95%  30 Minutes – 1 Hour 5% of MRC
 < 99.9% 1 – 4 Hours 10% of MRC
< 99.5% 4 – 8 Hours 15% of MRC

 

 

SCHEDULE – E

CloudAssure Services

 

 

CloudHost’s Data Centre Security (DCS) service includes perimeter security (firewall / UTM), DDoS, Web Integrity Checking and CloudAssure Services (including OS hardening, VA/PT, etc.).

 

This Data Centre Security service is applicable only to Service Order Forms for Data Centre- Managed Services which have been subscribed by Customer and accepted by CloudHost in accordance with, and subject to the Terms and Conditions for delivery of services.

 

  • “Data Centre Security (DCS) Services”: DCS service provides end-to-end security of customer’s hosted setup in CloudHost Data Centre from perimeter (Managed / Virtualized Firewall/UTM) up to Host level. The service offering includes wide range of security offering to detect and mitigate vulnerability across the environment, as defined below.

 

  • “Managed Firewall Services (mFirewall)”: provides a zone based stateful firewall/UTM service to the hosted setup of customer in CloudHost Data Centre. The service is based on carrier grade Unified Threat Management (UTM) infrastructure in high availability mode and includes inspection of inbound and outbound data traffic flow of servers with rule sets (policy) that restricts or allows the access, and correspondingly logging the traffic flow information and decision made as per the rule set or policy.

 

  • “Virtualized Firewall Services (vFirewall)”: provides virtual dedicated instance of stateful firewall service to the hosted setup of customer in CloudHost Data Centre. The service is delivered on carrier grade Unified Threat Management (UTM) infrastructure in high availability mode and includes inspection of inbound and outbound data traffic flow of servers with rule sets (policy) that restricts or allows the access, and correspondingly logging the traffic flow information and decision made as per the rule set or policy.

 

  • “Distributed Denial of Service (DDoS)” means attacks that target customers web sites, hosted applications, systems and network infrastructure with the intent to absorb all available bandwidth, thereby disrupting legitimate network services to customers, partners and employees. This service has to opted additionally for it to be applicable.

 

  • “Distributed Denial of Service “DDoS” Detection and Mitigation Service “DDoS-D&M”: provides network-based DDoS anomaly identification, notification and mitigation protection. CloudHost Detection Service layer examines Customer’s traffic flow data across the CloudHost network for each address identified by Customer. If a DDoS attack is detected, the traffic is routed to a set of DDoS mitigation devices where the DDoS attack packets are identified and dropped while the valid traffic is passed to Customer. CloudHost Security Operations Center (SOC) in Chennai, UAE, monitors customer Internet traffic on a 24×7 basis. The Detection service analyses IP backbone traffic patterns and creates a “baseline” or threshold of expected traffic patterns and values. The Detection service can then differentiate anomalous traffic in relation to the established values and provide reports and alerts accordingly.

 

  • Security Incident Notification: means identification and notification of security incidents that CloudHost SOC team will identify based on the customer’s business requirements, network configuration, and security agent configuration. All events are classified as Severity 1, 2 and 3 level Security Incidents based on security agent event data received by the S-SOC.

 

  • Security Incident Response: means timely response to Security Incidents for all identified Security Incidents of within defined time frame. CloudHost SOC team will contact the customer’s Security Contact(s) by telephone for Severity 1 Incidents and via email for Priority 2 and 3 Incidents. During a Severity 1 Incident escalation, CloudHost will continue attempting to contact the Security Contact(s) until a contact is reached or all escalation contacts have been exhausted.

 

  • “CloudAssure Service”: provides suite of security service package bundled to deliver a comprehensive security review and assessment of customer environment hosted in CloudHost Data Centre. Security exposures and risks are identified within a customer’s network and system using industry standard tools. The Fort Knox service package comprises of the following services:
    1. Operating System Hardening
    2. Vulnerability Assessment
    3. Port Scanning
    4. Patch Management
    5. IDS / IPS Monitoring
    6. Syslog Monitoring
    7. Configuration checks
    8. Conduit review
    9. Penetration Testing

 

  • “Operating System ‘OS’ Hardening”: provides the comprehensive security check of the operating system environment against the best practices mentioned in the advisories released by CERT (Computer Emergency Response Team) and other well-known vendors. CloudHost SOC team engages with customer to ensure that the system is hardened and is not venerable to any loopholes. The process of hardening will be carried out with the customer approval on the Initial Recommendations report, which details all vulnerable ports or services running in the server. Reports on patch status and vulnerability assessment will also be sent to the customer as they form an integral part of the hardening technique. OS Hardening is a onetime activity done on the server before it moves into production and is undertaken with each reinstallation or new server movement.

 

  • Vulnerability Assessment “VA”: provides comprehensive vulnerability discovery, prioritization, remediation, dynamic protection, verification, and customizable reporting via internal/external scanning combined with Web-driven case management workflows. CloudHost SOC team will undertake Vulnerability Assessment of customer environment on monthly basis. After the analysis of the vulnerabilities, recommendations are communicated to the customer on a monthly* basis as part of the Executive Summary Report “ESR” schedule through email.

 

  • Port Scanning: provides discovery, remediation of threats associated with the applications or services running using the ports on the server. Server port scanning process is carried out once in 7 days after previous port scan activity. The customer would be communicated immediately if there are any vulnerable ports are open. The port scan report will be part of the executive summary report; which is sent to the customer on a monthly* basis through e-mail.

 

  • Patch Management: provides systems management that involves acquiring, testing, and installing multiple patches to an administered computer system. Patch management tasks include: maintaining current knowledge of available patches, deciding what patches are appropriate for particular systems, ensuring that patches are installed properly, testing systems after installation and maintaining a patch test report.

 

  • Intrusion Detection / Prevention Service “IDPS”: provides organizations with 24×7 monitoring of logs generated by IDPS to detect any malicious or illegal network traffic or attacks. CloudHost SOC teams monitoring and support of the network intrusion detection and protection devices early-warning global threat visibility, event monitoring, correlation and attack recognition to provide thorough and accurate incident detection and escalation. The traffic pattern is analyzed 24 x 7 to differentiate between the false positives and the real alerts. CloudHost SOC team intimates customers about any unusual traffic pattern and as a security measure it is blocked at the firewall level.

 

  • Syslog Monitoring: Syslog monitoring is the real time monitoring of events generated. The events or logs include system, security and application logs. CloudHost SOC team will perform analysis of logs during monitoring and will communicate to the customer, if any critical events are found. Critical syslog event and recommendation are sent in e-mail during the months ESR.

 

  • Configuration Checks: provides an ongoing server assessment in terms of change management and tracking deficiencies or weaknesses within the target server. Configuration check is carried out every fortnight to track any change in the servers. Configuration check report generated contains configuration of server audit which was done during the server hardening process, OS details, System Configurations, IP configurations, Active port connections, Open services, user accounts, and list of processes, admin shares, applications and patch status. If any changes are detected while comparison of the configuration checks report then it is communicated to the customer.

 

  • Conduit Review: provides verification of the firewall policies applied in the firewall for a customer. The conduit review is done on a monthly basis to identify the changes which might have taken place after the last review. The customer is notified for any critical findings during the review.

 

  • Penetration Testing “PT”: provides localized, time-constrained and authorized attempt to breach the architecture of a network and system using attacker techniques. Our Penetration Testing relates the most accurate and comprehensive view of an organization’s information security stance, as it evaluates the entire system, exploiting vulnerabilities to determine how an unauthorized user can gain control of information assets. Penetration test is carried out in the customer servers once in a quarter with prior customer consent.

 

  • Web Integrity: provides security to the web servers exposed to public network by checking various parameters of web servers on periodic basis. The Web Integrity protection service is based on leading tools to do comprehensive security review of web server stance and CloudHost SOC teams expertise to analyze and exploit any vulnerability in the code of web application. The service offers comprehensive checking of various parameters including Version Check, CGI Tester, Parameter manipulation, Mulitrequest parameter manipulation, File checks, File uploads, Directory checks, Text search, Weak passwords, GHDB Google Hacking Database, and Port scanner and network alerts.,

 

  • Executive Summary Report “ESR”: The Fortknox Executive summary report is a report on the services offered to a customer on a monthly basis. The report is a comprehensive report of all the Fortknox services (activities) performed on the customer server in a month.

 

  • Security Incident Notification: means identification and notification of security incidents that CloudHost SOC team will identify based on the customer’s business requirements, network configuration, and security agent configuration. All events are classified as Severity 1, 2 and 3 level Security Incidents based on security agent event data received by the S-SOC.

 

  • Security Incident Response: means timely response to Security Incidents for all identified Security Incidents of within defined time frame. CloudHost SOC team will contact the customer’s Security Contact(s) by telephone for Severity 1 Incidents and via email for Priority 2 and 3 Incidents. During a Severity 1 Incident escalation, CloudHost will continue attempting to contact the Security Contact(s) until a contact is reached or all escalation contacts have been exhausted.

 

  • Policy Change Request Acknowledgement: means the acknowledgement of receipt of customer’s policy change request.

 

  • Policy Change Request Implementation: means the timely implementation of customer’s change request, subject to availability of information required to effect the changes.

 

  • “Reporting”: Daily, weekly and monthly reports on the events that have occurred, fixed and information on the response, resolution including SLA performance reports will be made available online on CloudHost. Executive Summary Report will be sent via email to the customers designated contacts.

 

  • CloudHost Infrastructure Security measures: CloudHost carries out regular network / Infrastructure vulnerability assessments, covering all aspects of the network and platform elements. Internal mechanism is in place to test the adequacy of security controls in the transmission environment.

 

  • Physical Infrastructure Security: All our network and Data Centre facilities are monitored through security cameras and CCTV consoles and are guarded 24×7 by trained security personnel. Proximity controllers are deployed at different access points like facility entrance, network/communication areas and employee work areas. Biometric access controllers are deployed at high security zones. Access restrictions to Network and IT services are deployed.  Only authorized personnel with business needs are granted access, through proper login procedures.

 

  • Logical Infrastructure Security: CloudHost has controls deployed on all of its Data Centre- Managed Services platform and networks. Privileges for configuring VAS components are limited to authorized personnel within network operations centres. All events are logged and reviewed periodically.

 

  • Service Availability Guarantee: The Availability Guarantee for Data Centre Security Services is as follows:

 

  • For Data Centre Security Service: Response Time and Resolution Time

 

Service Parameter SLA Attribute SLA Indicators Guarantee
CLOUDHOST Portal Availability Guarantee CLOUDHOST Web portal availability 24×7 24×7 on the web
Data Centre Security Services Security Incident Notification Severity 1 Within 15 minutes of incident identification
Severity 2 Within 30 minutes of incident identification
Severity 3 Within 1 Hour of incident identification
Security Incident Response Time Severity 1 15 minutes
Severity 2 30 minutes
Severity 3 120 Minutes
Proactive System Monitoring 24×7 Real time – 24×7
Policy Change Request

Acknowledgement Guarantee

24×7 Within 2 hours of request receipt
Policy Change Request Implementation Guarantee Severity 1 Severity 2 / 3 Within 8 hours of receipt Within 24 hours of receipt
CloudAssure ESR (Executive Service Report) Monthly Every Month
Operating System Hardening One time First time and as and when new system is added
Vulnerability Assessment Monthly Every Month as defined
Port Scanning Weekly Once in every 7 days or as specified in schedule
Patch Management Monthly Once in a month and as and when patches are applied
IDS / IPS Monitoring 24×7 Real time – 24×7
Syslog Monitoring Incident Notification Mitigation As per matrix defined
Configuration checks Fortnight Every 15 days
Conduit review Monthly
Penetration Testing Quarterly Once in every 3 months as per customer consent
Dedicated Security Appliances / Components Response / Resolution Time 24×7 As specified in matrix above

 

 

Note:

  1. The Security Contact(s) of customers on Severity Level 1 will be notified within fifteen (15) minutes.
  2. CloudHost will contact the customer’s Security Contact(s) by a method elected by CloudHost (telephone, email, or electronic response via the CLOUDHOST Portal).

 

  • For Distributed Denial of Service “DDoS” Detection and Mitigation Service:

 

There are three different SLAs which apply to the DDoS D&M service.  These are:

  • Monitoring and Attack Notification
  • Service Availability Guarantee for Mitigation Protection

 

Service Parameter SLA Attribute SLA Indicators Availability Guarantee
Distributed Denial of Service “DDoS” Detection and Mitigation Service Monitoring 24×7 real time monitoring >  99.5%
Attack Notification 15 minutes after a successful DDoS detection >  99.5%

 

Note:

  1. The Service Availability Guarantee for Scrubbing Device(s) SLA ensures the Availability of the Scrubbing Device(s) to mitigate DDoS Attacks ensuring customer’s network function correctly. .

 

Service Availability Guarantee for Mitigation Protection

If in any month Service Availability is not fully available for a particular Qualifying Site, the customer will be eligible to a Service Credit equal to the percentage of the Monthly Recurring Charge (“MRC”) for the Service at the affected Qualifying Site

The Time to Mitigate SLA is intended to guarantee that identified DDoS attack(s) is mitigated timely.  This ensures that the customer’s network suffer minimal disruption and is able to recover from an attack promptly.

 

Service Parameter SLA Attribute SLA Indicators Availability Guarantee
Mitigation Protection Availability of Scrubbing Device 24×7 >  99.5%
Threat Mitigation

(High/Critical Alerts)

Mitigation will begin within 30 minutes of

Customer concurrence on a detected DDoS threat

>  99.5%

 

  • For Data Centre Security Service: Availability and Service Credit

Below Availability Guarantee and Service Outage credit applies to all the services covered under Data Centre Security Services. The availability guarantee will apply as specified for specific components.

 Availability Guarantee Service Outage Duration  (in Hours) in a month ODC Service Outage  Credit
 > 99.5%  Less than 4 Hours No Credit
< 99.5% 4 – 8 Hours 5% of MRC
< 99.0% 8 – 15 Hours 10% of MRC
< 98.0% 15 – 22 Hours 15% of MRC