Datasheet
INTC-7816-01 02/2008 Page 14 of 18
The Customer is responsible for maintaining current hardware and software maintenance contracts.
Physical Environment
The Customer must provide a secure, physically controlled environment for the Agent.
Customers at the Standard service level who choose not to deploy an OOB solution may be required to
provide hands-on assistance with the Agent for the purposes of troubleshooting and/or diagnosing
technical difficulties.
Customers at the Select and Premium service levels must deploy an OOB solution.
On an annual basis, the Customer agrees to work with IBM to review the current hardware configuration
of the managed devices and identify required updates. These updates will be based on identified
changes to the OS and application requirements.
Network Environment
The Customer is responsible for making agreed-to changes to the network environment based upon IBM
recommendations.
The Customer is required to maintain an active and fully functional Internet connection at all times, and
must ensure the Agent is Internet-accessible via a dedicated, static IP address. Internet access service
and telecommunications transport circuits are solely the Customer’s responsibility.
The Customer is responsible for ensuring the desired network traffic and applicable segments are
configured to route network traffic through the Agent.
Management Platforms
Customers hosting their own SiteProtector infrastructure:
a. must set up an event stream to IBM, via the Internet;
b. must ensure their Event Collectors have unique, routable IP addresses to forward events to IBM;
c. must have an Event Collector dedicated to the devices IBM will be monitoring on behalf of the
Customer. Such Event Collector may not receive events from devices for which the Customer has
not contracted for management or monitoring;
d. must provide IBM with full administrative access to the SiteProtector application server, via the
SiteProtector console, for the purpose of pushing updates and controlling policy;
e. may be required to upgrade their SiteProtector infrastructure in order to transfer data to the IBM
Managed Security Services infrastructure; and
f. must not alter the Agent’s policy or configuration outside of the established policy change request
procedure.
3.2.3 VPN Support
For VPN connections to sites that are not being managed by IBM, the Customer must provide a
completed “VPN Site Configuration” form. The VPN will be configured in accordance with the information
provided. Troubleshooting of remote site connectivity is strictly limited to IBM managed sites.
3.2.4 Data Gathering
The Customer consents to IBM gathering security event log data to look at trends, and real or potential
threats. IBM may gather this security event log data with similar data of other clients so long as such data
is gathered in a manner that will not in any way reveal the data as being attributable to the Customer.
4. Service Level Agreements for MSS for UTM for Standard, Select, and Premium
Service Levels
IBM SLAs establish response time objectives and countermeasures for Security Incidents resulting from
MSS for UTM. The SLAs become effective when the deployment process has been completed, the
device has been set to “live”, and support and management of the device have been successfully
transitioned to the SOC.
The SLA remedies are available provided the Customer meets its obligations as defined in this Service
Description.