Datasheet
INTC-7816-01 02/2008 Page 7 of 18
● CPU utilization;
● memory utilization; and
● process availability.
In addition to system health metrics, IBM will monitor device availability. If contact with a managed device
is lost, additional time-based checks will be initiated to verify a valid outage has been identified.
In the event system health problems or an outage has been confirmed, a trouble ticket will be created and
an IBM security analyst will be notified to begin research and investigation. The status of all system
health tickets is available through the Virtual-SOC.
Outage Notification
If the Agent is not reachable through standard in-band means, the Customer will be notified via telephone
using a predetermined escalation procedure. Following telephone escalation, IBM will begin investigating
problems related to the configuration or functionality of the managed device.
Application/Operating System Updates
Periodically, it will be necessary for IBM to install patches and software updates to improve device
performance, enable additional functionality, and resolve potential application problems. The application
of such patches and updates may require platform downtime or Customer assistance to complete. If
required, IBM will declare a maintenance window in advance of any such updates, and the notification will
clearly state the impacts of the scheduled maintenance and any Customer-specific requirements.
Security Content Updates
To help ensure that the most current threats are properly identified, IBM will periodically update security
platforms with the most current Security Content. Security Content, delivered in the form of new checks
or signatures for the IPS, antispam and antivirus modules, and new URL listings for the Web filtering
module, enhances the Agent’s security capabilities.
At the discretion of IBM, Security Content updates may be downloaded and installed onto the security
platform at any time. Such an operation is transparent to users.
Device Troubleshooting
If the Agent does not perform as expected, or is identified as the potential source of a network-related
problem, IBM will examine the device configuration and functionality for potential issues. Troubleshooting
may consist of an offline analysis by IBM, or an active troubleshooting session between IBM and the
Customer. IBM will attempt to resolve any technical issues as expediently as feasible. If the Agent is
eliminated as the source of a given problem, no further troubleshooting will be performed by IBM.
Out-of-Band Access
Out-of-band (“OOB”) access is a highly recommended feature that assists the SOC in the diagnosis of
potential device issues. Implementing OOB requires the Customer to purchase an IBM-supported OOB
device and provide a dedicated analog phone line for connectivity.
OOB is an optional feature at the Standard level of service, but required for the Select and Premium
levels.
If the Customer has an existing OOB solution, IBM will use this solution for OOB access to managed
devices, provided:
● the solution does not allow IBM access to any non-managed devices;
● using the solution does not require installation of any specialized software;
● the Customer provides detailed instructions for accessing IBM-managed devices; and
● the Customer is responsible for all aspects of managing the OOB solution.
2.2.3 Vulnerability Management
The vulnerability management service is a remotely delivered, electronic service that regularly and
automatically scans the Customer’s Internet perimeter devices for known vulnerabilities. Each scan
results in several comprehensive reports that are designed to identify potential weaknesses, assess
relative network risk, and provide recommendations to manage identified vulnerabilities. IBM will require
the Customer to validate they are the owner of the IP address range to be scanned, prior to the initial
scan of such IP address range being performed. For each Agent purchased, the Customer will receive
quarterly remote vulnerability assessment scanning for one IP address.