Pitt IT Terms and Conditions | Information Technology | University of Pittsburgh
!

You are here

Pitt IT Terms and Conditions

Service Level Agreements: Cloud Services | Enterprise Storage | Server Hosting

Cloud Services

a) Availability

A minimum percentage of guaranteed uptime for coud availability and connectivity will be provided for each specific cloud service. The SLAs for the supported services are governed by the cloud vendor and are as follows:

b) Alerts

Resource consumption notification alerts are triggered when a percentage of preset thresholds are reached. Standard notifications are provided via email to the designated departmental contact(s) when 85% of the budget threshold is reached. Additional notifications provided with each 5% increment above 85% up to and including 100%. Emergency notifications are provided when 50% of budget quota reached in less than three days and sent daily for the next five days. A custom alert threshold is available upon request.

c) Billing Disputes

Pitt Information Technology will work with the department, and with vendors if necessary, to resolve any billing issues. Department is fully responsible for the costs of their cloud usage. Cost estimates are based on the data that Pitt IT was provided by the vendor and department at the time of onboarding. They are subject to change based on actual usage and/or price fluctuations.

d) Cancellation

In the event that department makes the decision to cancel the cloud subscription, the department shall notify the 24/7 IT Help Desk. The Network Operations Center shall provide support to the department as necessary. The department is responsible for all charges up to the termination of their access.

Enterprise Storage

a) EULA

b) Back-Ups

Pitt Information Technology will work with department to define a policy for backing up its data.

c) Support

The initial response objective by Dell EMC, based upon Severity Level, is within the following time period after receipt of notification: a) the objective for Severity Level 1 is a one-hour response time and working on the issue on a 24x7 basis until resolution; b) the objective for Severity Level 2 is three-hour response time and working on the issue on a 24x7 basis; and c) the objective for Severity Level 3 is four local business hours. Severity Levels are defined as follows:

  • Severity 1—Critical: Loss of ability to perform critical business functions and requires immediate response
  • Severity 2—High: Able to perform business functions, but performance/capabilities are degraded or severely limited
  • Severity 3—Medium/Low: Minimal or no business impact.

Server Hosting and Support

Pitt Information Technology will assist the department in its effort to plan and implement a virtual server infrastructure or physical server equipment. Please refer to your invoice, provided separately by the NOC, for specifications and costs associated with NOC hosting services. Pitt IT will install the physical and/or virtual server(s). In addition, the NOC will install the monitoring agent, the backup agent, and antivirus software required for around-the-clock operational and performance monitoring according to NOC and Information Security standards to all servers.

The NOC will provide server rack space in the enterprise server facility and/or the VMware infrastructure in the enterprise server facility, which is serviced with dual electrical power feeds with UPS and backup generator support, redundant network connections to the Pittsburgh campus, and around-the-clock monitoring. The NOC provides the same level of physical security that is in place for University enterprise services.

a) Installation Services

The NOC will provide the installation and monitoring setup for the department server(s) and related equipment. Additional tasks may be added, and unnecessary ones deleted by mutual agreement of the department and Pitt IT as the implementation plan is refined.

b) Monitoring

IBM Netcool agents will be used to provide the following base monitoring:

Component Threshold Alert Type
Application Event Log Error level Non-critical, do not alert System Contacts
System Event Log Error level Warning, send email alert to all System Contacts
Server Availability from Network perspective    5 minute ICMP polls- 2 immediate retries upon timeout using Precision or ISM-Ping-Monitor.     CRITICAL, contact one System Contact by phone immediately, starting with the Human Engineering Research Laboratory technical contact.
Server Availability from SSM-Agent perspective    SSM-agent heartbeat sent every 5 minutes    CRITICAL, contact one System Contact by phone immediately
CPU-UsageAverage 90% for 10 minutes. Warning, send email alert to all System Contacts
Page File Utilization 70% in-use Warning, send email alert to all System Contacts
Filesystem Capacity (All) 90% in-use Warning, send email alert to all System Contacts

Customized monitoring can be configured using specialized agents if desired. All customized monitoring will be determined jointly by the department and Pitt IT.

c) Maintenance

The NOC is responsible for the patching of operating system and maintenance of the monitoring tools. The department is responsible for applying patches and upgrades for any installed applications. Servers are patched automatically, once a month, according to a pre-defined schedule, unless Information Security determines that a patch is needed for a zero day vulnerability. In this instance, all servers will be patched as soon as possible. The department is responsible for the ongoing maintenance of all applications—including databases—that are installed on the server. Security scans will be performed on the system by the Informaion Security team. Pitt IT will assist in remediating OS vulnerabilities for supported operating systems.

d) NOC Responsibilities

  • Assign IP addresses to the virtual server as required
  • Create network VLANs for the server
  • Create firewall zones and rule sets
  • Configure remote console connectivity
  • Complete build sheets to document the server configuration
  • Install base operating system according to NOC standards
  • Install operating system service packs and patches if applicable
  • Perform baseline security scan on all equipment
  • Install IBM Netcool monitoring agent and provide monitoring agent configuration
  • For systems using internal or Enterprise Storage, install backup agent, and create system and data backup policies; for systems using StorSimple, configure daily snapshots of the server (60 days of backups are kept for internal, Enterprise, or StorSimple storage)
  • Install and configure antivirus agent on the server
  • Add equipment information to NOC asset database
  • Create NOC knowledgebase articles to document troubleshooting and escalation procedures that have been agreed upon by the NOC and the department

e) Department Responsibilities

  • The department is responsible for remediating application vulnerabilities and vulnerabilities on unsupported operating systems
  • Department will test file access to ensure that required functionality is available and firewall rule sets are accurate; the NOC will test all monitoring tools to ensure that the server and applications can be monitored according to NOC standards. The antivirus software will be checked to ensure files and system scans occur at regular intervals and that all files are scanned correctly. Backup policies will be tested.
  • The Department must notify the NOC in writing any request for changes to technical contact information, billing information, administrative contacts, and escalation procedures within 30 days of the change; changes to department or billing information may require a new contract
  • Purchase software for application software used on department server (The NOC will provide licenses for operating system, monitoring, backup (if applicable), and antivirus agents at no additional cost)