Service Schedule

11:11 Systems Service Schedule

The terms and conditions set out in this 11:11 Systems Service Schedule (this “Schedule”) shall apply to each Service Order executed by the Provider and the Customer (each, a “Order”), and shall be deemed to be incorporated, the necessary changes having been made, into each Order.

Section 1: Definitions
In this Schedule: Any capitalized terms used but not defined in this Schedule or the remainder of the Agreement shall have the meanings set out in the relevant Order.
1. “11:11 Autopilot Managed Recovery for DRaaS” shall refer to a managed service offering provided by the Provider to the Customer for the purpose of managing the on-boarding, technical design, testing and operational support elements of an 11:11 Secure DRaaS for Zerto or 11:11 Secure DRaaS for Veeam service contract.
2. “11:11 Cloud” shall refer to an environment that contains the Provider’s basic cloud infrastructure features without any level of encryption or security attributes integrated into the environment and its underlying storage and/or shared Cloud Resources. Features associated with 11:11 Cloud environment are only available to Customers that elect to have those services provided to them on their Order.
3. "11:11 Cloud Console” shall refer to the cloud based management portal in which the Customer accesses and administers the Cloud Resources.
4. “11:11 DRaaS for Zerto” shall refer to an environment that contains the Provider’s basic cloud infrastructure features without any level of encryption or security attributes integrated into the environment and its underlying storage and/or shared Cloud Resources. Features associated with 11:11 DRaaS for Zerto environment are only available to Customers that elect to have those services provided to them on their Order.
5. “11:11 DRaaS for Zerto Cloud-to-Cloud” shall refer to a DRaaS environment where both the Primary Site and Recovery Site are in two (2) different Provider’s physical locations as specified in the Order. Features associated with 11:11 DRaaS for Zerto Cloud-to-Cloud environment are only available to Customers that elect to have those services provided to them on their Order.
6. “11:11 Managed Migration” shall mean the Provider’s process and service that assists the Customer with the migration of Virtual Machines and/or Physical Servers from the Customer’s Primary Site into a Provider’s Virtual Data Center, and the connectivity setup and configuration that it entails.
7. “11:11 Secure Cloud” shall refer to an environment that contains the Provider’s advanced security and encryption features and attributes integrated into the environment and its underlying storage and shared Cloud Resources. Features associated with 11:11 Secure Cloud environment are only available to Customers that elect to have those services provided to them on their Order.
8. “11:11 Secure Cloud Backup for Veeam Cloud Connect” shall mean the public Internet service delivered by the Provider that allows the Customer to backup Machine’s virtualized data into Cloud Resources. Features associated with 11:11 Secure Cloud Backup environment are only available to Customers that elect to have those services provided to them on their Order.
9. "11:11 Secure Cloud Object Storage" shall mean the public Internet service delivered by the Provider that allows the Customer to store and manage data as objects, as opposed to other storage architectures like file systems and block storage. Features associated with 11:11 Secure Cloud Object Storage environment are only available to Customers that elect to have those services provided to them on their Order.
10. "11:11 Secure DRaaS for Veeam" shall refer to an environment where the Customer uses Veeam Cloud Connect software to replicate from the Primary Site to the Provider's Recovery Site and its underlying storage and shared Cloud Resources. Features associated with 11:11 Secure DRaaS for Veeam environment are only available to Customers that elect to have those services provided to them on the Order.
11. “11:11 Secure DRaaS for Zerto” shall refer to an environment that contains the Provider’s advanced security and encryption features and attributes integrated into the environment and its underlying storage and shared Cloud Resources. Features associated with 11:11 Secure DRaaS for Zerto environment are only available to Customers that elect to have those services provided to them on their Order.
12. “11:11 Secure Private DRaaS for Zerto” shall refer to an environment that contains the Provider’s advanced security and encryption features and attributes integrated into the environment and its underlying storage and dedicated Cloud Resources. Features associated with 11:11 Secure Private DRaaS for Zerto environment are only available to Customers that elect to have those services provided to them on their Order.
13. “11:11 Secure Private Cloud” shall refer to an environment that contains the Provider’s advanced security and encryption features and attributes integrated into the environment and its underlying storage and dedicated Cloud Resources. Features associated with 11:11 Secure Cloud environment are only available to Customers that elect to have those services provided to them on their Order.
14. “11:11 Support” shall refer to the Provider’s technical support department, which acts as the primary contact for all Customer’s requests for help and assistance once the initial deployment has been completed.
15. “Appliance” shall mean a physical or virtual device or equipment designed to perform a specific IT task.
16. “Accelerated Storage” shall mean encrypted storage resources provided on a blend of traditional shelves of disks and flash storage.
17. "Acceptable Use Policy" or "AUP" shall mean the Provider's document that stipulates constraints and practices that the Customer must adhere to when utilizing any of the Provider's Cloud Services. The current AUP can be accessed at https://1111systems.com/legal/acceptable-use-policy/ provided, however, that the AUP may be modified from time to time at the Provider's sole discretion.
18. “Active Virtual Machine” shall mean a Virtual Machine that is turned on within the Virtual Data Center.
19. “Advanced Storage” shall mean storage resources provided on traditional shelves of disks.
20. “Archive Storage” shall mean storage resources provided on traditional shelves of disks.
21. “BAA” shall refer to the Business Associate Agreement held between the Customer and the Provider under the Health Insurance and Accountability Act of 1996 (HIPAA).
22. “Backup Groups” shall mean the groups of Virtual Machines defined in Advanced Backups. These groups define what Virtual Machines are backed up and how they are backed up by the applied Backup Policy.
23. “Backup Policies” shall mean the policies that define the Advanced Backup schedule of how often and when to take a backup and also the retention timeframe for that backup. The policies also define how often full backups should be taken and how often to retry in the event of backup failure.
24. “Backup Testing” shall mean the operational mode in which the data of the Machines are validated leveraging Target Site restore points during a predetermined process. “Tested Backup” shall have a correlative meaning.
25. "Bare Metal Device" shall mean a physical computer system without a base operating system (OS) or installed applications. It is a computer's hardware assembly, comprised of structure and components, that is installed with either the firmware or basic input/output system (BIOS) software utility or no software at all. The Provider service includes the colocation of this device, but no OS.
26. “Brownfield” shall mean an IT environment or deployment where the design, installation, and configuration is an upgrade or addition to an existing infrastructure using legacy components.
27. “Burst Resources” shall mean Cloud Resources that are not dedicated to the Customer but which, if available, the Customer may use to exceed its committed Reserved Resources. These are billed in arrears and are calculated by multiplying a usage over the Reserved Resources by the monthly or hourly burst rate as specified on the Order.
28. “Carrier” shall mean an organization that provides services accessing and using the Internet or any other telecommunications service that operates on its proprietary network infrastructure.
29. “Change Management” shall mean making controlled and informed changes to the operation and functionality of an eligible service or Equipment provided by the Provider.
30. “Cloud Resources” shall mean compute (CPU), memory (RAM), storage, IP address and network bandwidth that comprises a Virtual Data Center as described in the Order.
31. “Cloud Storage” shall mean storage resources within the Target Site, provided on traditional shelves of disk, accessed from the Machines.
32. “Colocation” shall mean the Provider's service related to placing and maintaining the Customer's Equipment within the same Data Center where the Provider hosts its Cloud Resources.
33. “Colocation Area” shall mean the area within the Data Center in which the Colocation Rack Space is located.
34. “Colocation Rack Space” shall mean the physical space within a rack or other location(s) within the Colocation Area of the Data Center designated by the Provider for the Customer to colocate the Equipment.
35. “Colocation Specifications” shall have the meaning set out in the relevant Colocation Order or, if no such definition is set out in the Colocation Order, the Provider's standard specifications for colocation space in the Colocation Area.
36. “Commencement Notification” shall mean an email communication from the Provider to the Customer indicating the formal hand-off of Cloud Resources and the commencement of billing under the Order.
37. “Compliance Services” shall mean a suite of tools, processes, devices and information to support the efforts of certain categories of merchants to manage compliance with the requirements of each service noted below. The delivery model for these services offered and supported by the Provider fall under two categories: General Compliance and Managed Compliance-as-a-Service.
38. “Compliance Services Matrix” shall identify and list the Provider’s Compliance Services offering.
39. “Connectivity Services” shall mean, collectively, Dark Fiber, Lit Services, Managed Firewall, SD-WAN, and Managed Connectivity.
40. “Cross Connects” shall mean physical cables that allow direct connections between two different termination locations within a Data Center.
41. “Customer-Leased Equipment” shall mean any equipment that the Customer leases or licenses from the Provider for the Customer’s exclusive use and control.
42. “Customer Premises Equipment” or “CPE” shall mean any Equipment owned or leased by Customer, including Customer-Leased Equipment, that is used to connect to the Services.
43. “Customer-Provided Equipment” shall mean any equipment owned by the Customer and listed in the Hybrid Colocation Order as equipment that may be colocated in the Colocation Rack from time to time [for the Customer’s exclusive use and control].
44. “Dark Fiber” shall mean all connectivity circuits with dark optical fiber strands in a particular network configuration leased by Provider to Customer pursuant to an Order.
45. “Dark Fiber Specifications” shall mean those specifications set forth in section 3.33.5 below.
46. “Data Center” or "Datacenter" shall mean the facility operated by the Provider designated as the Datacenter in the relevant Hybrid Colocation Order.
47. “Data Seeding” or “Seed Data” shall mean the process of exporting Virtual Machine data to removable media at the Primary Site and/or Source Site, shipping the removable media to Recovery Site and/or Target Site and importing Virtual Machine data into a Virtual Data Center at Recovery Site and/or Target Site.
48. "Dedicated Resources" shall mean Cloud Resources dedicated to a single tenant or Customer.
49. “Demarcation Point” shall mean the point located in the Data Center at which the extension from the Carrier infrastructure ends and connects with the Provider’s on-premises wiring.
50. “Deployment” shall mean the period of time beginning once the Provider has acknowledged receipt of the signed Order, and ending when the Provider satisfies all deliverables within the initial scope.
51. “Deployment Engineer” shall refer to an engineer, who is an employee of the Provider with technical knowledge and training of use and best practices of the Provider’s services, that is responsible for deploying the environment in the Provider’s infrastructure used by the Customer.
52. “Disaster” shall mean the Customer’s inability to send or receive data at the Primary Site due to unavailable compute, storage, or network resources.
53. “Disaster Recovery Runbook” shall mean a collection of Recovery Groups that are combined into a single list to simplify management of the DRaaS environment when testing failover, or in the case of performing a live failover of the environment.
54. “DRaaS” shall mean Disaster Recovery as-a-Service.
55. “DRaaS Testing” shall mean the operational mode in which the functions of the Virtual Machines in the Primary Site are validated on the Virtual Machines in the Recovery Site. Testing is a non-service impacting event and does not include modification of Primary Site resources including Virtual Machines and networking. “Tested” shall have a correlative meaning. Testing is a fully autonomous function, and can be triggered by the Customer at any time.
56. “Electricity Fee” shall mean the amount to be charged by the Provider to the Customer based upon the Customer's usage of electricity in the Colocation Area during the relevant period and the then-current standard prices charged by the Provider to its Customers for electricity, which shall be calculated on a breakered-amp-load basis, and which shall be subject to increase from time to time if the power utility or primary electricity vendor used by the Provider increases the price paid by the Provider for power provided to the Colocation Rack.
57. “Emergency” shall mean an urgent, sudden, and serious event that requires immediate action to remedy the situation.
58. “Encrypted Archive Storage” shall mean encrypted storage resources included in the Cloud Resources provided on traditional shelves of disks.
59. “Encrypted SSD Storage” shall mean encrypted storage resources provided on Solid State disks or Flash Memory.
60. "Equipment" shall mean physical computer, network and/or communications devices.
61. “Failback” shall mean the return of operational mode of the Virtual Machines in the Recovery Site back to the Virtual Machines in the Primary Site after originally becoming unavailable through either failure or scheduled downtime.
62. “Failover” shall mean the backup operational mode in which the functions of the Virtual Machines in the Primary Site are assumed by the Virtual Machines in the Recovery Site due to the Virtual Machines in the Primary Site becoming unavailable through either failure or scheduled downtime.
63. “General Compliance” shall mean ad-hoc and on demand professional Compliance Services.
64. “Greenfield” shall mean an IT environment where the design, installation, and configuration is totally new and requires development from a clean state.
65. “Governance Framework” shall mean a category of Compliance Services that define the structure of rules and procedures by which enterprises and corporations are directed and controlled.
66. “HIPAA/Pharma Compliance” shall mean a category of Compliance Services offered by the Provider that are aligned with the administrative, physical and technical safeguards set by the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
67. “Image-based Backup” shall mean a point-in-time copy of a defined collection of data.
68. “Insider Protection” shall mean the optional feature for the 11:11 Cloud Backup for Veeam Cloud Connect service delivered by the Provider that provides an off-repository storage folder into which all deleted files will be retained for a short time allowing for the restoration of those files by the Provider based on the Customer’s request. The length of time these files are stored is set in the Order.
69. “IOPS” shall mean Input/Output Operations Per Second and is a common performance measurement used to benchmark computer storage devices.
70. “Letter of Authorization” or “LOA” is a document from the Customer or Carrier authorizing the Provider to act on their behalf.
71. “Lit Services” shall mean the services provided by Provider to Customer to enable the transmission of data using one of the following methods as indicated on an Order:
  
  a. Domestic optical (lit) Wavelength and Ethernet Private Line (“EPL”) connectivity circuits—these services are a point-to-point, dedicated electrical or optical data transmission that provides a fixed capacity of bandwidth between two (2) points, specified by the Customer, for the transport of Customer’s digital communications traffic over a physical circuit;
  
  b. Ethernet Private LAN (“EPLAN”) connectivity circuit, Multi-Cloud Connect, Layer 3 VPN (L3VPN) — these services are dedicated electrical or optical data transmission that provides a fixed capacity of bandwidth between two (2) or more points, specified by the Customer, for transporting the Customer’s digital communications traffic over a physical circuit;
  
  c. Domestic Direct Internet Access — this connectivity circuit provide the Customer with connectivity to the Internet, including routing services based upon the Internet Protocol, and are typically comprised of a network Internet Port at a Provider provided POP, and a dedicated network connection between 11:11 Systems POP and the Customer location (these services do not include Internet Over Broadband or Internet Over Wireless); and
  
  d. Internet Over Broadband (Broadband) — these connectivity circuits provide the Customer with connectivity to the Internet and include:
  
  1. Digital Subscriber Line (“DSL”),
  
  2. Ethernet Over Copper (“EOC”),
  
  3. Internet Over Broadband (“IOB”),
  
  4. Internet Over Cable (“IOC”),
  
  5. Internet Over Fiber (“IOF”),
  
  6. Internet Over Wireless (“IOW”),
  
  7. Internet Over Fixed Wireless (“IOFW”), and
  
  8. Internet Over Satellite (“IOS”).
72. “Local Monitoring Probe” shall mean an Appliance deployed within a specific Customer’s location, such as an on-premises facility or a remote site, whose primary purpose is to collect, analyze, and report data on the performance and health of the local network or systems.
73. “Machine” shall mean the computing equipment on which the Customer is running the Veeam Cloud Connect software and the computing equipment used by the Customer to access the Cloud Resources (but excluding the Cloud Resources).
74. “Managed Compliance-as-a-Service” shall mean recurring activities and ongoing professional Compliance Services.
75. “Managed Security Portal” shall mean the site that is accessed as part of the Continuous Risk Scanning offering providing the customer visibility into the vulnerabilities within their environment, which can be accessed at https://assess.grncld.com/
76. "Microsoft 365" shall mean a Microsoft 365 end-user account that, because it is being backed up using the Provider's services, requires an 11:11 Secure Cloud Backup for Microsoft 365 license. A Microsoft 365 user account can use one or many applications such as Exchange Online, OneDrive for Business, SharePoint Online, and Microsoft Teams.
77. “Model Contract Framework” shall mean Compliance Services that falls under the Governance Framework and provides alignment with the standardized contractual clauses that European Union (EU) data protection law requires for the exchange of data.
78. “Network Support” shall mean the Provider’s process and service that assists the Customer with the initial implementation and ongoing support of Customer’s virtual network appliances and their configurations.
79. “NOC” or “Network Operation Center” shall mean a centralized function within the Provider’s organization composed of people, processes, and technologies that continuously shall mean any Connectivity Service designated as having redundancy of route and facilities and power and card protection. In the event of an equipment failure or a fiber cut, the service will automatically be re-routed to a “protected” path. Customer hand-off protection is limited to Connectivity. Services delivered over a four (4) fiber hand-off connection.
80. “Object Storage Access Credentials” are comprised by a pair of text strings (Key and Secret) used in an 11:11 Secure Cloud Object Storage environment that the Customer generates through the 11:11 Cloud Console.
81. “On-boarding Provisioning Form” shall mean a document used by the Provider for information gathering and collection of all Customer specific technical and infrastructure related details for the sole purpose of the Provider providing the on-boarding service, integration, and management services to the Customer as part of an 11:11 Secure DRaaS for Zerto or 11:11 Secure DRaaS for Veeam service contract.
82. "Onsite Backup" shall mean an archive copy of computer data stored at the same DataCenter location where the source of that data resides.
83. "Offsite Backup" shall mean an archive copy of computer data stored at another remote DataCenter location different to the one where the source of that data resides.
84. “Playbook” shall mean a set of configured instructions within the Managed Endpoint Detection and Response (EDR) service that outlines the automated steps taken following a specific alert condition.
85. “Primary Site” shall mean the Customer’s physical location in which the Customer’s Virtual Machines function in normal, non-Failover scenarios in a DRaaS environment.
86. “Product Compatibility Matrix” shall identify the requirements that the Customer's systems and software must meet in order for them to be compatible with the Provider's offerings. The Customer can access the Matrix by accessing our Success Center at https://success.1111systems.com/hub.
87. "Recovery Group" shall mean one or more Virtual Machines grouped together for replication purposes.
88. “Recovery Plan” shall mean the detailed steps involved in how a Customer’s Virtual Machines will be recovered into the Provider’s Recovery Site.
89. “Recovery Point Objective” or “RPO” shall mean the maximum acceptable amount of data loss, measured in time, between the last point-in-time that IT services (applications and data) can be restored to during a Disaster.
90. “Recovery Site” shall mean the Provider’s physical location as specified in the Order to which the Virtual Machines located in the Primary Site will be replicated.
91. “Recovery Time Objective” or “RTO” shall mean the maximum desired length of time allowed between an unexpected failure or Disaster and the recovery of the IT services (applications and data).
92. “Replica Seeding” or “Seed Replica” shall mean the process of exporting Virtual Machine data from an 11:11 Secure Cloud Backup Target Site repository, and importing Virtual Machine data into a Virtual Data Center at Recovery Site and in the same Data Center location.
93. “Reserved Resources” shall mean Cloud Resources that are dedicated to the Customer.
94. “RMA” shall mean Return Merchandise Authorization, which is a form of approval issued to Customers who have requested to return or exchange an appliance after experiencing a failure and validated by the Provider.
95. “SD-WAN” or “Software-Defined Wide Area Network” shall mean a virtual WAN architecture that allows communication between networks over the Internet using software-defined technology and encryption.
96. “Service Demarc” shall mean the network interface point specified in an Order where Provider hands off the Connectivity Services to Customer;
97. “Shared Resources” shall mean a pool of Cloud Resources shared across multiple Customers in a multi-tenant environment.
98. “Site Environmental Specifications” shall mean the requisite space, racks, power, security and other facilities and other environmental conditions necessary to support and operate the Provider Network and telemetry to support out of band management. Unless specified in the Order, Customer shall be responsible for providing the conditions set forth above.
99. “SOC” or “Security Operation Center” shall mean a centralized function within the Provider’s organization composed of people, processes, and technologies that continuously monitor and improve the Customer’s security posture by detecting, analyzing, and responding to cybersecurity incidents.
100. “SSD Storage” shall mean storage resources provided on Solid State disks.
101. “Statement of Work” or “SOW” shall mean a document defining the project specific activities, requirements, considerations, deliverables and timelines between the Customer and the Provider, conjunction with the specifications of the relevant Order
102. “Success Center” shall refer to the digital site provided by the Provider that consists of a knowledge-base that contains product documentation, user guides, and technical articles related to the Provider’s portfolio of services located at https://success.1111systems.com/hub.
103. “Source Site” shall mean the Customer’s physical location from which the Customer’s Virtual Machines will be backed up in an 11:11 Secure Cloud Backup environment.
104. “Target Site” shall mean the Provider’s physical location as specified in the Order to which the Machines will be backed up in an 11:11 Secure Cloud Backup environment.
105. “Unified Threat Management” or “UTM” is an information security term that refers to a single hardware or software installation that provides multiple security functions at a single point on the network.
106. “Users Authorized to Declare Disasters” shall mean users defined on the Customer Contact form which have the Customer’s authorization to declare a Disaster. If Cloud Resources are available at the time-of-Disaster, the Customer pre-authorizes Users Authorized to Declare Disasters the option to expand its Reserved Resources up to the Disaster Resource Limit specified in the Order. These resources are billed on a monthly basis with a minimum of one-month commitment. The Customer’s Resource Burst Limit will not be modified. At the end-of-Disaster, the Customer has the option to revert to the original Reserved Resource quantity.
107. “vApp” shall mean a collection of pre-configured Virtual Machines that combine applications with the operating systems that they require allowing them to work together in a stack as an application.
108. “Virtual Machine” or '"VM" shall mean a guest operating system such as Windows or Linux that can run or be stored as an isolated entity on a host and is separated from the physical resources it uses such that the host environment is able to dynamically assign those resources among several Virtual Machines.
109. “Virtual Data Center” shall mean self-contained infrastructure including, compute, memory, and storage that is pooled, aggregated, virtualized and delivered as-a-service.
110. “Workload” shall mean a logical Virtual Machine or physical server instance used for the purposes of hosting one or more applications and / or data set instances.
111. "Zerto Journal" or "Journal" shall mean the collection of replicated data and checkpoints defined as part of the Virtual Protection Group (VPG) configuration. The Journal lives in the Recovery Site and it determines the maximum amount of history, in hours or days, that can be saved and leveraged during a failover event.
Section 2: Universal Service Terms (Applicable to All Services)
1. Service Commencement Date. For all the Provider’s Services, the Service Commencement Date of services shall be defined on the applicable Order.
2. Provider's Obligations. The Provider is responsible for the following in accordance with industry best practices:
  1. Testing and placing into production any software updates on the Provider’s systems in relation to the third party software on the Provider’s then-current Product Compatibility Matrix, which is updated from time to time to reflect new software updates that have been placed into production. The Provider shall not be liable to the Customer and the Customer can neither cancel nor withhold payment for an Order outside of the requirements set forth in the Master Service Agreement, Service Schedule, or Order if the Customer’s systems or software were not compatible with this Matrix prior to the commencement of an Order or if the Customer installs a software update before that update is reflected in the Provider’s then-current Product Compatibility Matrix. In addition, while the Provider may test third party software updates before listing them on the Provider’s then-current Product Compatibility Matrix, those tests are solely designed to ensure that the third party software updates will not have a negative effect on the Provider’s ability to provide agreed upon services to the Customer and the Provider presents those updates listed as being compatible “as is” with no warranties of any kind, express or implied, including, but not limited to, warranties for fitness of purpose in regard to the third party software.
3. Customer's Obligations. The Customer is responsible for the following in accordance with industry best practices:
  1. Supplying the Provider with information reasonably required to fulfill its obligations;
  2. Promptly notifying the Provider if the Cloud Resources are compromised, accessed by a person lacking permission to access the Cloud Resources, or infected with a virus, worm or similar malicious code; and
  3. Reviewing the Provider’s then-current Product Compatibility Matrix before procuring the Provider's services and before installing any software updates in order to ensure that the Customer’s systems are compatible with the Provider’s system. The Provider shall not be liable to the Customer and the Customer can neither cancel nor withhold payment for an Order outside of the requirements set forth in the Master Service Agreement, Service Schedule, or Order if the Customer’s systems or software were not compatible with this Matrix prior to the commencement of an Order or if the Customer installs a software update before that update is reflected in the Provider’s then-current Product Compatibility Matrix. In addition, while the Provider may test third party software updates before listing them on the Provider’s then-current Product Compatibility Matrix, those tests are solely designed to ensure that the third party software updates will not have a negative effect on the Provider’s ability to provide agreed upon services to the Customer and the Provider presents those updates listed as being compatible “as is” with no warranties of any kind, express or implied, including, but not limited to, warranties for fitness of purpose in regard to the third party software;
  4. Configure the appropriate organization access including the creation, modification, and deletion of end-user 11:11 Cloud Console account(s).
  5. If the Customer is providing operating system or application licenses:
    1. Adhering to the relevant software vendor’s licensing agreements;
    2. Implicitly consenting to the transferring of limited Customer data (i.e. such as Customer contact information) by the Provider to third party licensors providing licenses to the Customer for the purpose of verifying and monitoring compliance and usage with the terms associated with those licenses;
    3. Maintaining, updating and keeping current license information (as interruption of services may result if such licenses are not maintained). This includes ensuring that the quantity and type of licenses do not exceed the Customer-provided licenses. If the Provider determines (in its sole discretion) that the Customer has exceeded the Customer-provided quantity of licenses, the Provider will (1) notify the Customer of such usage, (2) advise the Customer to upgrade its Order in order to reflect the additional license usage, and (3) invoice the Customer for the costs associated with the additional license usage during the corresponding period. If the Provider advises the Customer to upgrade its Order in the preceding sentence and the Customer does not upgrade its Order within 30 days after receiving that notice, the Provider reserves the right to unilaterally increase the number of licenses on the Customer Order in order to true up the licensed endpoints. The Customer agrees to pay any invoices or charges for any additional licenses or back charges allowed under this Section;
    4. Building Virtual Machine templates using Customer-provided operating system licenses;
    5. Not utilizing Microsoft operating system original equipment manufacturer (OEM) licenses as they are not allowed;
    6. Adhering to the Provider’s then-current Acceptable Use Policy as defined in the Definitions Section 1.2 at all times; and
  6. If the Customer is consuming Provider-provided licenses:
    1. Adhering to the relevant software vendor’s licensing agreements;
    2. Implicitly consenting to the transferring of limited Customer data (i.e. such as Customer contact information) by the Provider to third party licensors providing licenses to the Customer for the purpose of verifying and monitoring compliance and usage with the terms associated with those licenses;
    3. Maintaining, updating and keeping current license information (as interruption of services may result if such licenses are not maintained). This includes ensuring that the quantity and type of licenses do not exceed the contracted amount as described in the Order. If the Provider determines (in its sole discretion) that the Customer has exceeded the contracted quantity of licenses, the Provider will (1) notify the Customer of such usage, (2) advise the Customer to upgrade its Order in order to reflect the additional license usage, and (3) invoice the Customer for the costs associated with the additional license usage during the corresponding period. If the Provider advises the Customer to upgrade its Order in the preceding sentence and the Customer does not upgrade its Order within 30 days after receiving that notice, the Provider reserves the right to unilaterally increase the number of licenses on the Customer Order in order to true up the licensed endpoints. The Customer agrees to pay any invoices or charges for any additional licenses or back charges allowed under this Section; and
4. Customer Data.
  1. By purchasing the Provider’s Services, the Customer acknowledges that the Provider could potentially be exposed to Customer data which shall not be utilized by the Provider for any purpose other than the purpose of carrying out the Provider’s Obligations specified under Sections 2 and 3 of this Service Schedule. By purchasing Provider Services, the Customer expressly acknowledges that it understands and accepts this possibility and the Customer further agrees to not hold the Provider liable in the event that such an exposure occurs.
  2. After the signing of an Order, the Customer and the Provider may mutually agree to move or redirect the Customer’s data from the Data Center identified on an Order to a different Data Center located in the same country. In the event that the Customer and the Provider come to such an agreement, the Customer shall not be required to sign a replacement Order in order to effect that change and the Provider shall not be in breach of the Agreement or any Order if it moves or redirects the Customer’s data in accordance with that agreement.
5. Service Level Agreement. Infrastructure and Service Availability, Service Performance, and Response times are available on the Service Level Agreement accessible at https://www.1111systems.com/legal/sla
6. Disabling Cloud Resources. If the Cloud Resources get infected, hacked, or are compromised in any way, or if it is determined by the Provider that there is a potential threat to the Provider's network or any of the Provider's other customers, the Provider will make commercial best efforts to notify the Customer and may in its sole discretion disable the Cloud Resources until the Customer can take the appropriate actions to resolve the issue or contact the Provider to resolve the issue. The Provider may disable the Cloud Resources at any time if the Provider reasonably believes that the Customer has violated the Provider's then-current Acceptable Use Policy.
7. Beta Service Participation. This section describes the terms and conditions under which the Customer may access certain services or features available by the Provider that are not considered Generally Available. Services or features labeled "beta" (each, a "Beta Service"), or access and use of the Provider's Services available in Data Centers that are also labeled as "Beta Location".
  1. Customer may access the applicable Beta Service used in a generally available Data Center, or in a Beta Location during the term specified by the Provider;
  2. Customer shall not grant access to any Beta Service by any third party other than the Customer's employees and contractors that have executed written non-disclosure agreements with the Provider;
  3. Customer shall not advertise or publicly disclose any of the features, services or performance of the Beta Services without the written approval from the Provider;
  4. The Customer shall utilize the applicable Beta Service used in a generally available Data Center, or in a Beta Location only for internal evaluation purposes or to provide feedback to the Provider;
  5. The Customer shall comply with the Provider's then-current Acceptable Use Policy when accessing and using the Beta Service or the Provider's Services in a Beta Location;
  6. The Provider may suspend or terminate Customer's access to or use of Beta Service or the Provider's Services available in Beta Locations;
  7. The Customer shall provide reasonably-requested information related to access, use, testing, or evaluation results of the Beta Services to the Provider;
  8. The Customer agrees that the Provider does not guarantee any Service Level, performance or stability of the Beta Service or any of the Provider's Services in Beta Locations;
  9. Access or use of the applicable Beta Services or the Provider's Services in the Beta Location will automatically terminate upon the release of a generally available version;
  10. The Customer agrees that after termination of
    1. The applicable Beta Service, or
    2. Access to a Provider's Service in a Beta Location,
    there will be a decommissioning process that will include the erasure of all the Customer's data;
  11. The Customer agrees that the Provider does not guarantee that any Beta Service or the Provider's Services in any Beta Location will ever be made generally available, or that the generally available version will be the same or similar as the version made available by the Provider during the term of the Beta Service or Beta Location, as applicable; and
  12. THE PROVIDER EXCLUDES ALL WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, WITH RESPECT TO ANY SERVICE PROVIDED AS PART OF THE BETA SERVICE OR BETA LOCATION, AS APPLICABLE, INCLUDING WARRANTIES FOR MERCHANTABILITY, FITNESS FOR ANY PARTICULAR PURPOSE, OR SATISFACTORY QUALITY OR WHETHER AT COMMON LAW OR CONTRACT OR TORT OR BY STATUTE, OR OTHERWISE. THE BETA SERVICES AND THE PROVIDER'S SERVICES IN ANY BETA LOCATION ARE OFFERED ON AN AS-IS, WHERE IS BASIS, WITH ALL FAULTS, AND ARE NOT SUBJECT TO ANY OF THE WARRANTIES SET OUT IN THE AGREEMENT.
8. Inbound and Outbound Shipping Policy to/from any of the Provider's Data Center. The terms and conditions of this Section 2.8 shall be applicable if the Customer-Provided Equipment needs to be shipped from the Customer to the Provider or from the Provider to the Customer.
  1. Responsibility and Liability. It is the Customer's sole responsibility to arrange the packaging and shipping of the Customer-Provided Equipment, as the Provider does not provide those services. Because the Provider does not provide those services, the Provider accepts no liability or responsibility in regard to the Customer-Provided Equipment being damaged or mishandled in the packaging and shipping process. Any Customer-Provided Equipment or property not removed within thirty (30) days after the expiration or termination of service agreement(s) will be deemed abandoned and become the property of the Provider. The Customer will be liable for all costs incurred by the Provider as a direct result of removal and disposal of any abandoned Customer-Provided Equipment.
  2. Usage of Carriers. Should the Customer utilize a Carrier for this service, the Customer shall coordinate with that Carrier directly in order to address the variables that arise during shipping, such as shipping internationally or any applicable tax or tariff related requirements; and
  3. Provider's Shipping Process. The Customer is required to contact the Provider's project manager for specific details on the Provider's Inbound and Outbound Shipping Process. The Customer shall be charged the applicable Remote Hands and/or iTech fees for the Provider's assistance.
9. Statement of Work (SOW). The terms and conditions of this Section 2.9 are applicable to all Statement of Work documents that shall be required prior to the Deployment of a Provider’s specific Service.
  1. Provider’s Obligations. The Provider is responsible for the following in accordance with industry best practices:
    1. Providing the Customer with a team to ensure the successful completion of the project. This team will include a project manager and a qualified deployment engineer to perform the services purchased; the Provider’s standard support will be available upon completion of the project;
    2. Ensuring that resources are available to complete the tasks and hold meetings per the project timeline;
    3. Providing all deliverables described in the SOW;
    4. Providing written communication and documents through the project tickets;
    5. Adhering to the project schedule and milestone projections. The Provider will notify the Customer as soon as possible if a need to reschedule should arise; and
    6. Providing a method of feedback for each project.
  2. Customer’s Obligations. The Customer is responsible for the following in accordance with industry best practices:
    1. Designating one Technical Contact as the primary contact who will be responsible for the project, acting as the Customer’s project manager;
    2. Reviewing all the documentation the Provider shares with the Customer and asking for clarification when needed;
    3. If required, ensuring that there is enough bandwidth at the Primary Site to enable initial replication of data and successive incremental changes of data to the Recovery Site;
    4. Reviewing the Provider’s online product documentation and user guides located on the Provider’s Success Center;
    5. Providing ample time for the Customer’s project manager to maintain communication with the Provider’s project manager to complete the project requirements;
    6. When possible, providing at least one (1) business day written notice to reschedule any meeting. The Provider understands that emergency circumstances come up as is the nature of the IT services business and that, as a result, one day advance notice is not always possible; and
    7. Missed meetings are defined as being absent from a scheduled meeting by 15 minutes or more after the start time without notifying the Provider in writing in advance. If three (3) meetings are missed, then the project may be placed “On Hold” at the Provider’s sole discretion, and a project placed on “On Hold” status will be rescheduled to the Provider’s next availability. There is no guarantee that a project rescheduled due to “On Hold” status will be assigned to the same Provider’s project manager.
  3. Risks. The SOW and Order were designed and built according to specific information identified during the discovery phase. If that information is incorrect or has changed, the timeline and cost of this project could change.
    1. Compatibility. The Provider publishes the Product Compatibility Matrix which details the current requirements for a Customer’s system and it's compatibility with the Provider’s system as specified under Section 2.3.3 of this Service Schedule. For DRaaS and/or Migration Services, the Provider makes every effort to ensure that the Customer’s Primary Site or Source Site meets the requirements during the pre-sales process, but in the event something in the Customer’s environment is not compatible with the Provider’s solution, the Provider shall make every reasonable effort to provide assistance to accommodate the Customer. The most common incompatibilities are:
      1. Customer is running VMs with a VM hardware version which is not supported by the Provider,
      2. Customer is running a version of the replication software that the Provider does not support,
      3. Customer is using Guest Operating Systems that the replication software does not support;
    2. Storage. Storage requirements can change quickly. During the kick-off call, the Provider’s project manager will confirm the amount of storage you need and the amount of storage you purchased. If more storage is needed, the Provider’s project manager will work with the Provider’s sales representative to increase storage;
    3. Bandwidth. If required, the amount of bandwidth the Customer allocates for replicating the data directly correlates with how long replication will take. The Provider recommends providing as much bandwidth as possible during and after the Customer’s office hours. This will ensure the Customer’s data is replicated as quickly as possible without affecting the Customer’s day-to-day operations;
    4. Shared Disks. For DRaaS and/or Migration Services, the Customer understands that any shared disks used across multiple VM’s need to be converted to a single VMDK and used from a single VM. Clustered servers or shared disks are not supported within this SOW Section and would require alternate planning. This solution only supports SCSI based disks. CIFS, IDE, or any other disk types are not supported; and
    5. Active Directory replication. For DRaaS, the Customer understands that in some cases a live Active Directory server is needed for replication and should be connected to the Customer’s internal network for quicker and more seamless recovery of the solution.

Section 3: Service-Specific Terms

11:11 Cloud. The terms and conditions of this Section 3.1 are applicable to each Order that includes 11:11 Cloud services.
1. Resources.
  1. Storage;
    1. Public. These Cloud Resources are available as Shared Resources with Advanced and/or SSD storage types as specified in the Order,
    2. Dedicated. These Cloud Resources are available as Dedicated Resources with Accelerated and/or SSD storage types as specified in the Order with varying parameters:
      1. Capacity. Dedicated Storage is sold in preconfigured sizes, each size providing different usable capacity as specified in the Order, which is determined by the maximum recommended usable capacity for the underlying storage component that accounts for the average deduplication and compression ratios.
      2. Performance. Performance for each preconfigured size is specified in the Order.
      3. Interoperability. Dedicated Storage resources are only supported under Private Virtual Data Centers, which should only be comprised of resources with similar capacity and performance. Mixing Public and Dedicated storage under the same Private Virtual Data Center is not supported.
  2. CPU & RAM;
    1. Public. These Cloud Resources are available as Shared Resources as specified in the Order,
    2. Private. These Cloud Resources are available as Dedicated Resources as specified in the Order. The Provider is responsible for architecting and deploying CPU & RAM in a high availability configuration;
  3. Bandwidth (Public or Private). Bandwidth is available as a Shared Resource as specified in the Order. On Orders where network bandwidth is not specified, it is included, abiding by the Excessive Use Section on the Acceptable Use Policy;
  4. Business Models (Public or Private). Cloud Resources are available in either Reserved, Burst, or Reserved plus Burst models as specified in the Order; and
  5. Overhead (Private only). The Customer acknowledges that all applications and hypervisors require some amount of overhead resource capacity in order to run optimally. The Customer agrees that the Dedicated Resources on the Order will be used for the overhead capacity of the Customer’s applications/hypervisor and that it is the sole responsibility of the Customer to ensure sufficient Cloud Resources exist.
2. Provider's Obligations. The Provider is responsible for the following in accordance with industry best practices:
  1. Onboarding the Customer into the Provider's Cloud Services by giving access to the service and guiding the Customer through the process of deploying the service;
  2. Provide documentation, project management, and guiding the Customer through an initial set up;
  3. Provide ongoing support and education on the service at the Customer's request;
  4. Creating Virtual Data Center(s) consisting of compute, memory, storage infrastructure, and network bandwidth per specifications detailed in the Order;
  5. Maintaining the underlying cloud infrastructure components such as compute, memory, storage and networking by following the Provider’s guidelines for managing these environments;
  6. Providing the Customer with the URL and authentication credentials to access the Customer’s Cloud Resources;
  7. Assigning external and internal IP addresses for the virtual router per the Customer-provided requirements; and
  8. Providing VM templates with Microsoft Windows Data Center Licensing.
3. Customer's Obligations. The Customer is responsible for the following in accordance with industry best practices:
  1. Unless specified on the Order, implementing dedicated physical or virtual network security appliance, managing Firewall(s) including but not limited to the configuration of Network Address Translation (NAT) Access List, Virtual Private Network (VPN), Dynamic Host Configuration Protocol (DHCP), Load Balancing, and static routing;
  2. If the Customer chooses to Seed Data, then the Customer must follow the Provider’s then-current Data Seeding Guidelines;
  3. Ensuring Virtual Machines match specifications as defined in the Provider’s then-current Product Compatibility Matrix;
  4. Maintaining operating systems and applications installed on the Customer's Virtual Machines or in the Customer's Virtual Data Center, including, but not limited to, patching, upgrades, updates and anti-virus software in accordance with industry best practices;
  5. Fixing any problems resulting from upgrades to the Virtual Machines operating system;
  6. Providing Virtual Machine and application log monitoring;
  7. Providing support for operating systems and applications installed on the Customer-Managed Virtual Machines; and
  8. If the Customer provisions Reserved Resources in excess of the specifications set out on the Order, the Customer hereby acknowledges that the Provider is not responsible for any performance degradation or errors caused by over allocation.
4. Encryption.
  1. VM Encryption.
    1. The Provider offers encryption on a per VM or per volume basis, and is available to the Customer if purchased on the Order,
    2. The Customer agrees and understands that when running VM Encryption some features in the 11:11 Cloud Console that require access to the Customer's VMs may not function or provide information, since the Customer's VM will be encrypted, and
    3. VM Encryption encrypts data using AES-128/256 algorithms and allows the Customer to manage the encryption keys. The Customer understands that the Provider has no access to encryption keys.
5. Security Features.
  1. The 11:11 Cloud Console performs the following function:
    1. Vulnerability Scanning. Assesses systems, networks and applications for weaknesses and detects known and zero day attacks. Examines all incoming and outgoing traffic for protocol deviations, policy violations, or content that signals an attack. The weekly predefined scan generates a report which is added to the historical data.
11:11 Secure Cloud. The terms and conditions of this Section 3.2 are applicable to each Order that includes 11:11 Secure Cloud services.
1. Resources.
  1. Storage;
    1. Public. These Cloud Resources are available as Shared Resources with Advanced and/or SSD storage types as specified in the Order; and
    2. Dedicated. These Cloud Resources are available as Dedicated Resources with Accelerated and/or SSD storage types as specified in the Order with varying parameters:
      1. Capacity. Dedicated Storage is sold in preconfigured sizes, each size providing different usable capacity as specified in the Order, which is determined by the maximum recommended usable capacity for the underlying storage component that accounts for the average deduplication and compression ratios.
      2. Performance. Performance for each preconfigured size is specified in the Order and it’s defined based on the underlying storage component’s total IOPS based on 50/50 Read/Write and using 4K random block size.
      3. Interoperability. Dedicated Storage resources are only supported under Private Virtual Data Centers, which should only be comprised of resources with similar capacity and performance. Mixing Public and Dedicated storage under the same Private Virtual Data Center is not supported.
2. Encryption.
  1. Storage Encryption. Storage is encrypted at rest with AES-256 in XTS cipher mode with FIPS 140-2 approved algorithms;
3. Security Features.
  1. The Provider offers internal and external vulnerability scanning and reporting on the Customer's public Internet facing IPv4 address blocks and presents the information in the 11:11 Cloud Console;
  2. The 11:11 Cloud Console performs the following functions, if enabled, and displays them in reports. In order to enable some features, a software agent may be required to be loaded on the Virtual Machine:
    1. Vulnerability Scanning. Assesses systems, networks and applications for weaknesses and detects known and zero day attacks. Examines all incoming and outgoing traffic for protocol deviations, policy violations, or content that signals an attack. There are 2 types of scanning available:
      1. Weekly predefined scan and report, and
      2. On-demand scan that generates new reports ad-hoc.
    2. Malware Detection. Detects malware, viruses, spyware, trojans, and other malware,
    3. Firewall. Bidirectional host-based stateful firewall that audits all traffic incoming and outgoing from the VM,
    4. Configuration Auditing. Checks that IT assets are compliant with the Provider’s policies and standards,
    5. Compliance Reports. Provides logs and data necessary to fulfill audit requirements,
    6. Web Application Scanning. Discovers web server and services weaknesses and OWASP vulnerabilities, and
    7. Integrity Monitoring. Monitors critical operating system and application files, such as directories, registry keys, and values, to detect and report malicious and unexpected changes in real time; and
  3. The information contained within the reports are intended solely to identify threats, vulnerabilities, and statuses of the Cloud environment components, and is provided “as is” without warranty of any kind, express or implied, including but not limited to warranties for fitness of purpose. The Provider does not warrant the completeness of accuracy of the report, nor does it make any recommendations based on the findings noted herein.
Standard Backups. The terms and conditions of this Section 3.3, are applicable to each Order that includes both the Provider's Standard Backups and at least one of the Providers services that are described in any of the following Sections: Section 3.1 (11:11 Cloud), Section 3.2 (11:11 Secure Cloud), 11:11 Secure Private Cloud, Section 3.6 (11:11 DRaaS for Zerto Cloud-to-Cloud), Section 3.10 (11:11 DRaaS for Zerto), and Section 3.11 (11:11 Secure DRaaS for Zerto) of this Schedule.
1. Resources.
  1. Storage. The amount of storage available for backups as specified by the Order;
  2. Licensing. All required licensing is included in the service on the Target Site;
  3. Business Models. Storage is available in a Reserved plus Burst model;
2. Provider’s Obligations. The Provider is responsible for the following in accordance with industry best practices:
  1. Providing the pool of storage as specified by the Order;
  2. Creating initial backup jobs with the number and frequency of the backup restore points on the target location as specified by the Order;
  3. Provide ongoing support and education on the Service at the Customer's request;
  4. Maintaining the underlying cloud infrastructure components such as compute, memory, storage and networking by following Provider's guidelines for managing these environments;
  5. Providing storage pool modification options to the Order as required by the Customer, which is directly linked to the amount of production storage;
  6. In case of Provider-assisted restoration, assisting the Customer with initiating the restore at-time-of-Disaster; and
  7. In the event of Disaster and restoration from the Target Site, the Provider can, if needed, assisting the Customer with restoration from Disasters to the Customer's Source Site for additional iTech fees.
3. Customer’s Obligations. The Customer is responsible for the following in accordance with industry best practices:
  1. Providing the Provider with information reasonably request to fulfill its obligations, including without limitation backup requirement details;
  2. At the Customer’s discretion, restoring backups either through the self-service 11:11 Cloud Console or by requesting support from the Provider in restoring backups;
  3. Performing agent-based application aware backups and restores, as the Provider does not guarantee the recoverability of individual applications running on the Virtual Machines, such as databases or email messaging systems. The Customer is also responsible for performing granular recovery of individual items from agent based application aware backups;
  4. Promptly notifying the Provider if the Cloud Resources are hacked, accessed by a person lacking permission to access the Cloud Resources, or infected with a virus, worm or similar code;
  5. If the Customer provisions Reserved Resources in excess of the specifications set out on the Order, the Customer hereby acknowledges that the Provider is not responsible for any performance degradation, loss of backup data, or errors caused by over allocation, this includes the storage necessary for processing the snapshot-based backups, which could result in production storage Burst charges; and
  6. In order for the Customer to restore Virtual Machine data, the Customer must have sufficient storage available. If the Customer does not have sufficient storage available, the Customer may have to purchase more storage to make the restore possible.
4. Risks.
  1. There may be times where the Provider’s service is unable to perform daily backups. Reasons for a backup job failure include, but are not limited to, situations where a job is unable to start during retry windows, services are temporarily unavailable, conflicts occur between resources, etc. Where such failure occurs, the Provider will use reasonable efforts to attempt to remedy any potential backup job failures, and the Customer shall hold the Provider harmless in the event that a backup job did not occur successfully.
Advanced Backups. The terms and conditions of this Section 3.4, are applicable to each Order that includes both the Provider's Advanced Backups and at least one of the Providers services that are described in following Sections: Section 3.1 (11:11 Cloud), Section 3.2 (11:11 Secure Cloud), Section 3.6 (11:11 DRaaS for Zerto Cloud-to-Cloud), Section 3.8 (11:11 DRaaS for Veeam), Section 3.9 (11:11 Secure DRaaS for Veeam), Section 3.10 (11:11 DRaaS for Zerto), and Section 3.11 (11:11 Secure DRaaS for Zerto) of this Schedule.
1. Resources
  1. Backup Policies. The policies that define the Advanced Backup schedule of how often and when to take a backup and also the retention timeframe for that backup. The policies also define how often full backups should be taken and how often to retry in the event of backup failure;
  2. Backup Groups. Groups define what Virtual Machines are backed up and assigns defined Backup Policy to those virtual machines;
  3. Licensing. All required licensing is included in the service on the Target Site; and
  4. Business Models. Storage is available in a Reserved plus Burst model.
2. Provider's Obligations. The Provider is responsible for the following in accordance with industry best practices:
  1. Providing the pool of Storage as specified by the Order;
  2. Providing documentation and guide the Customer through an initial setup;
  3. Providing ongoing support and education on the Service at the Customer's request;
  4. Maintaining the underlying cloud infrastructure components such as compute, memory, storage and networking by following Provider's guidelines for managing these environments;
  5. Providing storage pool modification options to the Order as required by the Customer;
  6. In case of Provider-assisted restoration, assisting the Customer with initiating the restore at-time-of-Disaster; and
  7. In the event of Disaster and restoration from the Target Site, the Provider can, if needed, assist the Customer with restoration from Disasters to the Customer's Source Site for additional iTech fees.
3. Customer's Obligations. The Customer is responsible for the following in accordance with industry best practices:
  1. Providing the Provider with information reasonably request to fulfill its obligations, including without limitation backup requirement details;
  2. Creating and Maintaining the Backup Policies and Backup Groups through the self-service 11:11 Cloud Console. The Customer is responsible to ensure that their Virtual Machines are in the appropriate Backup Groups and have the appropriate Backup Policies applied to meet the Customer's desired RPO and retention times;
  3. Performing agent-based application aware backups and restores, as the Provider does not guarantee the recoverability of individual applications running on the Virtual Machines, such as databases or email messaging systems. The Customer is also responsible for performing granular recovery of individual items from agent based application aware backups;
  4. At the Customer’s discretion, restoring backups either through the self-service 11:11 Cloud Console or by requesting support from the Provider in restoring backups;
  5. Promptly notifying the Provider if the Cloud Resources are hacked, accessed by a person lacking permission to access the Cloud Resources, or infected with a virus, worm or similar code;
  6. If the Customer provisions Reserved Resources in excess of the specifications set out on the Order, the Customer hereby acknowledges that the Provider is not responsible for any performance degradation, loss of backup data, or errors caused by over allocation, this includes the storage necessary for processing the snapshot-based backups, which could result in production storage Burst charges; and
  7. In order for the Customer to restore Virtual Machine data, the Customer must have sufficient storage available. If the Customer does not have sufficient storage available, the Customer may have to purchase more storage to make the restore possible.
4. Risks.
  1. Customer acknowledges that Provider is not responsible for monitoring backup job performance and status. Customer is fully responsible for the monitoring of job performance, SLAs, Backup Policies and Backup Groups. Customer may engage Provider in assistance in monitoring such items for additional iTech fees; and
  2. There may be times where the Providers service is unable to perform daily backups. Reasons for a backup job failure include, but are not limited to, situations where a job is unable to start during retry windows, services are temporarily unavailable, conflicts occur between resources, etc. Where such failure occurs, the Provider will use reasonable efforts to attempt to remedy any potential backup job failures, and Customer shall hold Provider harmless in the event that a backup job did not occur successfully.
11:11 Managed Migration. The terms and conditions of this Section 3.5 are applicable to each Order that includes the Provider’s Managed Migration in combination with either 11:11 Cloud or 11:11 Secure Cloud.
1. Assets & Deliverables.
  1. Connectivity Design Documentation. Technical documents and/or diagrams providing engineering level information and configuration details for the purpose of interconnecting the Customer Primary Site(s) to the designated Provider Site(s) delivering the service capabilities to the Customer;
  2. On-boarding Project Plan A documented overview of all tasks associated with the Provider’s on-boarding process for interconnectivity and delivery of the Managed Migration from the Customer Primary Site(s) Workloads within scope of the mutually agreed upon service contract. The purpose of this document is to track ownership, progress and completion of all applicable on-boarding tasks in collaboration between the Customer and the Provider; and
  3. Migration Workbook. A detailed discovery document used to collect all of the Customer specific technical and infrastructure related information for the sole purpose of the Provider providing the Managed Migration as part of the service contract.
2. Migration Project Management.
  1. Project managers. Both the Provider and the Customer shall appoint a project manager each who will serve as the primary contact point; and
  2. Migration Project Management Engagement. The Provider’s project manager and the Customer’s project manager shall meet as required for the duration of the migration process for the purposes of facilitating a successful relationship and overseeing the implementation of all Cloud Resources and Managed Migration outlined in the Order and the Migration Provisioning Form, including but not limited to, (a) tracking the progress of the migration and implementation process and all associated tasks; (b) reviewing other current or future projects or business plans that may impact the Managed Migration, (c) reviewing weekly status reports in order to review the Provider’s performance in execution of the project for delivery of all Managed Migration Services, (d) coordinating and planning for any new equipment or software acquisitions specific to supporting the completion of the Managed Migration.
3. Provider’s Obligations. The Provider is responsible for the following in accordance with industry best-practices:
  1. Providing enhanced onboarding project management deliverables, to include:
    1. Status call between the Provider’s migration personnel and the applicable Customer’s contacts, and
    2. Status report summarizing project tasks progress, project milestones, estimated and actual durations/completion dates and critical path items;
  2. Providing and managing supporting service documentation to include:
    1. Inventory and workload specifications (e.g. compute, storage, networking) of all Workloads within scope of the Order, and
    2. L2/L3 network design for compatibility and integration between the Customer’s Primary Site(s) and the Provider’s networking services and design guidelines;
  3. If applicable, providing installation, configuration and management of all services components required for the Managed Migration, to include:
    1. Replication software installation, guiding the Customer through setup and configuration both in the Customer on-premise and the Provider’s cloud data center environments (where applicable),
    2. Setup and configuration of VPN connections (where applicable), and
    3. Setup and configuration of all Provider’s side networking components support dedicated circuits for WAN connectivity (where applicable);
  4. Providing full setup and configuration for replication of the Workloads within scope and applicable to the Order and the Migration Workbook.
4. Customer’s Obligations. The Customer is responsible for the following in accordance with the Provider’s delivery of the 11:11 Managed Migration and industry best-practices:
  1. Ensure all Customer-owned software, applications, devices, systems, processes, and services that maintain the Customer’s data to be migrated as part of the Order are covered as specified under Section 2.3.5 of this Service Schedule for the purposes of fulfilling the Order;
  2. Where applicable, the Customer shall maintain all firmware or software updates to all Customer-owned hardware, software, applications, devices, and systems in use with or protected by services provided by the Provider;
  3. Where applicable: contact all software, application, device, system, service, and service providers covered under the Order and add appropriate Provider’s personnel as approved contacts for the purposes of fulfilling this Service Schedule;
  4. Complete the Migration Provisioning Form provided by the Provider;
  5. Provide all current and existing documentation of the Customer’s Primary Site(s) to include; environment “as-built” documentation, application contact information, application dependencies, current backup strategy, and disaster recovery plans if applicable;
  6. Provide the Provider’s personnel with Customer’s asset discovery and documentation where applicable;
  7. Where applicable; provide all current process documentation in support of the Managed Migration outlined in the Order and provide all assistance necessary to modify existing or implement new processes to streamline the delivery of services;
  8. Where applicable, the Customer shall maintain all software and other devices or items provided to the Customer by the Provider located within the Customer’s Primary Site(s) in direct support of the delivery of the Managed Migration Service outlined in the Order (the “Equipment’) in good working order and in accordance with applicable manufacturers’ specifications. The Customer shall notify the Provider immediately upon determination that any Equipment is not in compliance with the foregoing, or is in material breach of the terms and conditions set forth in this Service Schedule; and
  9. The Customer shall cooperate with the Provider with regard to the performance of the Provider’s obligations hereunder, including (without limitation):
    1. Providing the Provider with the required remote access to Customer’s Equipment, as may be reasonable to permit the Provider to perform its obligations hereunder, and
    2. Notifying the Provider of any changes to its configurations that could potentially impact the Managed Migration.
11:11 DRaaS for Zerto Cloud-to-Cloud. The terms and conditions of this Section 3.6 are applicable to each Order for 11:11 DRaaS for Zerto Cloud-to-Cloud services.
1. Resources. The Cloud Resources used in the Recovery Site mimic the Cloud Resources used in the Primary Site, hence the available features will be the same as the Cloud Resources specified in the Order for the Primary Site.
  1. Storage. The types of storage available are Advanced, Accelerated, and/or SSD. Storage purchased by the Customer includes both protected data and Zerto Journal data; Zerto Journal data may not be displayed on the 11:11 Cloud Console, but the Customer is still responsible for paying for this storage and may request a report from the Provider if required. Storage types comprising the environment are specified in the Order;
  2. CPU & RAM. These Cloud Resources are available as Shared Resources. CPU & RAM comprising the environment are specified in the Order;
  3. Bandwidth. Bandwidth is available as a Shared Resource as specified in the Order. On Orders where network bandwidth is not specified, it is included, abiding by the Excessive Use Section on the Acceptable Use Policy;
  4. Replication License. Replication licensing per protected Virtual Machine as specified in the Order; and
  5. Business Models. Storage is available in a Reserved plus Burst model. CPU, RAM and Bandwidth are available in a Burst model.
2. Provider's Obligations. The Provider is responsible for the following in accordance with industry best practices:
  1. Onboarding the Customer into the Provider's Cloud Services by giving access to the service and guiding the Customer through the process of deploying the service;
  2. Provide documentation, project management, and guiding the Customer through an initial set up;
  3. Provide ongoing support and education on the Service at the Customer's request;
  4. Creating Virtual Data Center(s) consisting of compute, memory, storage infrastructure, and network bandwidth per specifications detailed in the Order;
  5. Maintaining the underlying cloud infrastructure components such as compute, memory, storage and networking by following Provider’s guidelines for managing these environments;
  6. Providing the Customer with the URL and authentication credentials to access the Customer’s Cloud Resources;
  7. Assigning external and internal IP addresses for the Primary Site virtual router per Customer-provided requirements;
  8. Assigning external and internal IP addresses for the Recovery Site virtual router per Customer-provided requirements;
  9. Providing replication licensing and replication management for Virtual Machines as described in the Order as completed by the Customer;
  10. Configuring protection at the Primary Site using the 11:11 Cloud-to-Cloud Recovery replication and retention policy of 24 hours of data retention for replicated servers at Recovery Site with replication frequency occurring once or more per hour between sites;
  11. Creating Virtual Protection Groups, per environment, per vApp, and initiate replication on Virtual Machines selected for replication;
  12. In case of Provider-assisted Failover, assisting the Customer with initiating Failover at-time-of-Disaster;
  13. Maintaining exclusive control of system administration security (e.g. administrator or root) level access for Provider-managed firewall or load balancing infrastructure;
  14. In the event of a Disaster and Failover to the Recovery Site, the Provider can, if needed, assist the Customer with Failback from Disasters to the Customer's Primary Site for additional iTech fees;
  15. Re-advertise the Customer’s IP Address Block from in case of Disaster; and
  16. If the Customer is running the Standard Backups service defined in Section 3.1, in the event of either a failover or of a VM being active in the Recovery Site’s virtual environment, the Provider will automatically begin backing up the Customer’s live workloads within 24 hours.
3. Customer's Obligations. The Customer is responsible for the following in accordance with industry best practices:
  1. Unless specified on the Order, implementing dedicated physical or virtual network security appliance, managing Firewall(s) including but not limited to the configuration of Network Address Translation (NAT) Access List, Virtual Private Network (VPN), Dynamic Host Configuration Protocol (DHCP), Load Balancing, and static routing;
  2. Providing compute, memory, storage and network requirements for each Virtual Data Center and creating Virtual Data Center network and role-based security policies;
  3. If the Customer chooses to Seed Data, then the Customer must follow the Provider’s then-current Data Seeding Guidelines;
  4. Ensuring Virtual Machines match specifications as defined in the Provider’s then-current Product Compatibility Matrix;
  5. Maintaining operating systems and applications installed on the Customer's Virtual Machines or in the Customer's Virtual Data Center, including, but not limited to, patching, upgrades, updates and anti-virus software in accordance with industry best practices;
  6. Fixing any problems resulting from upgrades to the Virtual Machines operating system;
  7. Providing Virtual Machine and application log monitoring;
  8. Providing support for operating systems and applications installed on the Customer-Managed Virtual Machines;
  9. Informing the Provider at the time any of these changes occur in the Primary Site:
    1. Adding a disk to a Virtual Machine or adding a Virtual Machine to a replicated vApp,
    2. Shutting down Virtual Machine in a protected vApp for an extended period (< 5 minutes),
    3. Deleting a Virtual Machine from a protected vApp, and
    4. Increasing resource capacity in Primary Site in relation to replicated Virtual Machines without increasing Cloud Resources at Recovery site;
  10. Initiating failover at-time-of-test and at-time-of-Disaster using the 11:11 Cloud Console;
  11. In case of Provider-assisted Failover, declaring a Disaster affecting the Primary Site following the Provider’s guidelines; and
  12. If the Customer provisions Reserved Resources in excess of the specifications set out on the Order, the Customer hereby acknowledges that the Provider is not responsible for any performance degradation or errors caused by over allocation.
4. Service Levels. Recovery Time Objective (RTO) and Recovery Point Objective (RPO) SLAs are accessible at https://www.1111systems.com/legal/sla.
11:11 Cloud Backup for Veeam Cloud Connect. The terms and conditions of this Section 3.7 are applicable to each Order that includes 11:11 Cloud Backup for Veeam Cloud Connect services.
1. Resources.
  1. Storage and Bandwidth. The Cloud Resources that comprise the 11:11 Cloud Backup for Veeam Cloud Connect service include Archive Storage along with embedded unlimited incoming and outgoing network bandwidth as described in the Order;
  2. Licensing. Veeam Cloud Connect licensing is included in the service on the Target Site;
  3. Insider Protection. The Provider offers Veeam Insider Protection service to the Customer if purchased on the Order. This service feature is not available for service subscription Item Numbers and/or Data Centers identified in the Order with the reference “PC1”; and
  4. Business Models. Storage is available in a Reserved model only.
2. Provider's Obligations. The Provider is responsible for the following in accordance with industry best practices:
  1. Providing pool of Cloud Storage, Veeam Cloud Connect licensing, and network bandwidth at Target Site per specifications detailed in the Order;
  2. Maintaining Target Site Cloud Storage infrastructure including patching, upgrades and updates;
  3. Creating Cloud Resources per specifications detailed in the Order;
  4. Providing Customer the URL and authentication credentials to access the Customer’s Cloud Resources;
  5. Providing storage pool modification options to the Order as required by the Customer;
  6. Providing up to two active connections between the backup server at the Source Site and the Cloud Resources at the Target Site per set of credentials. Additional active connections can be requested with the Provider's approval. All other jobs running concurrently will sit idle until the job using the connection completes. The same set of credentials can be used to send to concurrent backups from different locations, or Source Sites to the same Target Site Alternatively, two different sets of credentials can be used to send backups concurrently from the same backup server at the Source Site;
  7. Insider Protection. Providing the Customer with Insider Protection if purchased on the Order with the following parameters:
    1. Retention. Insider Protection retention shall be set at 7 calendar days for the entire cloud repository,
    2. Backup repository. After the Customer deletes a backup on a cloud repository, regardless if this was intentional, accidental or caused by malware, the backup file(s) will be moved from the cloud repository to a "recycle bin" folder on the Provider backup repository that's not accessible by the Customer. While backup metadata files are deleted from disk immediately, the Provider will retain only full and incremental backup files,
    3. Repository quota. Backup files retained by the Provider shall not consume the Customer's cloud repository quota, as they are stored in a different folder only accessible by the Provider,
    4. Backup recovery. Should the Customer submit a request to the Provider to recover a backup via a support ticket along with the iTech fees for the professional services to perform the restoration tasks, the Provider shall locate the backup file(s) required for data restore in the "recycle bin" and pass it/them to the Customer over the network or on a portable drive on a best-effort basis; Once the support ticket is closed, the Provider shall delete the temporary copies of the backup files; and
  8. Cloud Backup Restore to 11:11 Cloud Services. Providing the Customer with the option to purchase a best-effort cloud restoration service of VMware backups to 11:11 Cloud Services at an additional cost using the backup file chain stored at the Target Site with the following parameters:
    1. The accuracy and success of the restoration depends on the reliability of the backup file chain backed up by the Customer,
    2. The creation of Virtual Data Center(s) will consist of the specifications detailed in the relevant Order,
    3. The network connectivity to the restored environment will be provided by the Provider,
    4. The restoration shall be limited to repositories smaller than 20,000 GB,
    5. The restoration shall be limited to VMware based environments, and
    6. The Provider will start the restoration process within 24 hours after the Customer has both declared a Disaster by notifying the Provider and approved the new Order that contains the cloud resources required to run the workloads along with the iTech fees for the professional services required to perform the restoration tasks.
    This service feature is not available for service subscription Item Numbers and/or Data Centers identified in the Order with the reference “PC1”
3. Customer's Obligations. The Customer is responsible for the following in accordance with industry best practices:
  1. Providing the Provider with information reasonably required to fulfill its obligations, including without limitation backup requirement details;
  2. Procuring, implementing, and configuring of the correct licensed versions of Veeam Cloud Connect software on the Machines as specified in the Provider's then-current Product Compatibility Matrix;
  3. Configuring and performing of backups, recovery tasks, and Testing within the Veeam software installation;
  4. Managing applicable Customer-controlled firewall(s) including but not limited to the configuration of Network Address Translation (NAT), Access List, Virtual Private Network (VPN), Dynamic Host Configuration Protocol (DHCP), and static routing in relation to the Customer's connectivity to the Target Site;
  5. Fixing any problems resulting from upgrades to the Veeam Cloud Connect software;
  6. Maintaining software (including without limitation the Veeam Cloud Connect software) on the Customer's machines including, but not limited to, patching, upgrades, updates and anti-virus software in accordance with industry best practices;
  7. Ensuring the functioning of services or software running on the Customer’s machines;
  8. Providing support for operating systems and applications installed on the Customer’s machines;
  9. Promptly notifying the Provider if the Cloud Resources are hacked, accessed by a person lacking permission to access the Cloud Resources, or infected with a virus, worm or similar code;
  10. Ensuring that during the term of the Order the Customer maintains enough bandwidth to ensure the continued successful backup of the data. The Customer acknowledges that the Provider is not in breach of the agreement if there is not enough bandwidth available at Source Site;
  11. If the Customer provisions backup jobs in excess of the specifications set out on the Order, the Customer hereby acknowledges that the Provider is not responsible for any performance degradation, loss of backup data, or errors caused by over allocation;
  12. Insider Protection. In case of requesting the Provider to recover a deleted backup:
    1. Making the request via a support ticket,
    2. Providing the Provider with the sufficient information about the deleted backup data so the Provider can locate the backup file(s) required for data restore,
    3. Importing the full backup file(s) to the backup server on the Customer side, and
    4. Restoring the data from the backup after successfully importing the backup file(s);
  13. Cloud Backup Restore. In case of requiring a cloud backup restore:
    1. Declaring a Disaster by notifying the Provider and approving the Order that contains the cloud resources required to run the workloads along with the iTech fees for the professional services required to perform the restoration tasks; and
    2. The Customer understands that restoring the environment from cloud backup files is a best-effort service and acknowledges that the Provider is not responsible for any performance degradation, loss of data, or errors on the VMware-based restored environment as the success of the restoration depends on the reliability of the backup file chain;
    This service feature is not available for service subscription Item Numbers and/or Data Centers identified in the Order with the reference “PC1”; and
  14. Encryption at Rest. The Customer may optionally configure encryption for backup data using the Veeam software prior to transmitting the data to the Provider. Encryption of backup data shall be automatically enforced for service subscription Item Numbers and/or Data Centers identified in the Order with the reference "PC1".
11:11 DRaaS for Veeam. The terms and conditions of this Section 3.8 are applicable to each Order that includes 11:11 DRaaS for Veeam services, regardless as to whether the Order for public or private cloud services.
1. Resources.
  1. Storage and Bandwidth (Public or Private). The Cloud Resources that comprise the 11:11 DRaaS for Veeam service include Accelerated and/or SSD Storage along with embedded unlimited incoming and outgoing network bandwidth as described in the Order;
  2. CPU & RAM;
    1. Public. These Cloud Resources are available as Shared Resources as specified in the Order; and
    2. Private. These Cloud Resources are available as Dedicated Resources as specified in the Order. The Provider is responsible for architecting and deploying CPU & RAM in a high availability configuration;
  3. Licensing (Public or Private). Veeam Cloud Connect licensing is included in the service on the Recovery Site;
  4. WAN Accelerator (Public or Private);
    1. Provider offers WAN Accelerator service available to Customer if purchased on the Order, and
    2. WAN Accelerator VM and cache use SSD storage;
  5. Business Models (Public or Private). Cloud Resources are available in either Reserved, Burst, or Reserved plus Burst models as specified in the Order. The business model available depends on whether the Customer has a vCenter based environment or a vCloud Director based environment;
    1. vCenter based environments (legacy) – Storage is available in a Reserved model only. CPU and RAM are available in Burst model only, and
    2. vCloud Director based environments – shared Cloud Resources (including Storage, CPU, and RAM) are available in either Reserved or Reserved plus Burst models; and
  6. Overhead (Private only). The Customer acknowledges that all applications and hypervisors require some amount of overhead resource capacity in order to run optimally. The Customer agrees that the Dedicated Resources on the Order will be used for the overhead capacity of the Customer’s applications/hypervisor and that it is the sole responsibility of the Customer to ensure sufficient resources exist.
2. Provider's Obligations. The Provider is responsible for the following in accordance with industry best practices:
  1. Onboarding the Customer into the Provider’s Cloud Services by giving access to the service and guiding the Customer through the process of deploying the service;
  2. Provide documentation, project management, and demonstrate the failover steps for a full site failover to the Customer on the Provider’s test environment. In the event that a Customer would like the Provider to assist with design, implementation or testing of a partial site failover, additional i-Tech fees will apply;
  3. Provide ongoing support and education on the service at the Customers’ request;
  4. Creating Virtual Data Center(s) for recovering VMware based workloads, consisting of compute, memory, storage infrastructure, per specifications detailed in the Order;
  5. Maintaining the underlying cloud infrastructure components such as compute, memory, storage and networking by following the Provider’s guidelines for managing these environments;
  6. Assigning external and internal IP addresses for the Recovery Site virtual router per the Customer-provided requirements;
  7. Providing the Customer the URL and authentication credentials to access the Customer’s Cloud Resources;
  8. Providing up to two active connections between the replication server at the Primary Site and the Cloud Resources at the Recovery Site per set of credentials. Additional active connections can be requested with the Provider’s approval. All other jobs running concurrently will sit idle until the job using the connection completes;
  9. In case of Provider-assisted Failover, assisting the Customer with initiating Failover at-time-of-Disaster; and
  10. In the event of a Disaster and Failover to the Recovery Site, the Provider can, if needed, assist the Customer with Failback from Disasters to the Customer’s Primary Site for additional iTech fees.
3. Customer's Obligations. The Customer is responsible for the following in accordance with industry best practices:
  1. Procuring, implementing, and configuring of the correct licensed versions of Veeam Cloud Connect software on the Machines as specified in the Provider’s then-current Product Compatibility Matrix to enable the Secure DRaaS for Veeam Service from the Customer’s Premises;
  2. Ensuring that only VMware based workloads are replicated to the Provider and that the Virtual Machine environment matches specifications as defined in the Provider’s then-current Product Compatibility Matrix;
  3. Configuring compute, memory, storage and network requirements for each Veeam Hardware Plan and/or Veeam Failover Plan(s), and initiating Veeam replication jobs to the Provider;
  4. Unless specified on the Order, implementing dedicated physical or virtual network security appliance, managing Firewall(s) including but not limited to the configuration of Network Address Translation (NAT) Access List, Virtual Private Network (VPN), Dynamic Host Configuration Protocol (DHCP), Load Balancing, and static routing;
  5. Notifying the Provider before making any changes to the Primary site that might affect the DRaaS service, including, but not limited to, any upgrades or patches to Veeam, the underlying virtualization layer, or the network. The Customer notes that any such actions could break the ability of the Service to function;
  6. If the Customer chooses to Seed Data from the Primary site, following the Provider’s then-current Data Seeding Guidelines;
  7. Creating and testing Recovery Plan;
  8. Initiating Failover at-time-of-test and at-time-of-Disaster;
  9. In case of Provider-assisted Failover, declaring a Disaster via a support ticket;
  10. Monitoring available storage in Veeam Cloud Connect Repository to ensure the Service will continue to function properly;
  11. Maintaining operating systems and applications installed on the Customer’s Virtual Machines or in the Customer’s Virtual Data Center, including, but not limited to, providing support, patching, upgrades, updates and anti-virus software in accordance with industry best practices;
  12. Providing Virtual Machine and application log monitoring;
  13. The Customer understands that Testing can be stopped by the Provider in the event that a Testing event has run long enough to impact replication or the underlying infrastructure;
  14. In the event of a Disaster and Failover to the Recovery Site, in order for the Customer to Failback to the Primary Site, the Customer needs to recreate the original environment in the Primary Site by providing similar compute, memory, storage and network resources, and Virtual Machines on the Customer’s hosts, enable site peering to Recovery Site, set up and configure Recovery Groups before replicating data from Recovery Site. The Customer is responsible for paying the associated iTech fees if assistance from the Provider is required;
  15. Promptly notifying the Provider if the Cloud Resources are compromised, accessed by a person lacking permission to access the Cloud Resources, or infected with a virus, worm or similar malicious code;
  16. Ensuring that there is enough bandwidth at Primary Site to enable initial replication and successive incremental changes of data to Recovery Site;
  17. Ensuring that there are enough Cloud Resources at Recovery site in relation to replicated Virtual Machines from Primary Site;
  18. In case of utilizing a WAN Accelerator, the Customer shall deploy a WAN Accelerator appliance at the Customer’s Primary Site with the same storage type used by the Provider on the Recovery Site;
  19. If the Customer provisions replication jobs in excess of the specifications set out on the Order, the Customer hereby acknowledges that the Provider is not responsible for any performance degradation or errors caused by over allocation; and
  20. Defining, configuring and managing the required number of restore points stored as part of each replication job.
4. Encryption. Providing the Customer with Storage Encryption with the following parameters:
  1. Storage Encryption. Storage is encrypted at rest with AES-256 in XTS cipher mode with FIPS 140-2 approved algorithms;
  2. VM Encryption;
    1. The Provider offers encryption on a per VM or per volume basis, and is available to the Customer if purchased on the Order,
    2. The Customer agrees and understands that when running VM Encryption some features in the 11:11 Cloud Console that require access to the Customer’s VMs may not function or provide information, since the Customer’s VM will be encrypted, and
    3. VM Encryption encrypts data using AES-128/256 algorithms and allows the Customer to manage the encryption keys. The Customer understands that the Provider has no access to encryption keys.
5. Security Features (applicable to vCloud director based environments only). The 11:11 Cloud Console performs the following function:
  1. Vulnerability Scanning. Assesses systems, networks and applications for weaknesses and detects known and zero day attacks. Examines all incoming and outgoing traffic for protocol deviations, policy violations, or content that signals an attack. The weekly predefined scan generates a report which is added to the historical data; and
6. Service Levels Recovery Time Objective (RTO) and Recovery Point Objective (RPO) SLAs are accessible at https://www.1111systems.com/legal/sla.
11:11 Secure DRaaS for Veeam. The terms and conditions of this Section 3.9 and, to the extent not inconsistent with this Section 3.9, Section 3.8, are applicable to each Order that includes 11:11 Secure DRaaS for Veeam services, regardless as to whether the Order for public or private cloud services.
1. Security Features (applicable to vCloud director based environments only). Providing the Customer with the following Security Features:
  1. The Provider offers internal and external vulnerability scanning and reporting on the Customer’s public Internet facing IPv4 address blocks and presents the information in the 11:11 Cloud Console;
  2. The 11:11 Cloud Console performs the following functions, if enabled, and displays them in reports. In order to enable some features, a software agent may be required to be loaded on the Virtual Machine:
    1. Vulnerability Scanning. Assesses systems, networks and applications for weaknesses and detects known and zero day attacks. Examines all incoming and outgoing traffic for protocol deviations, policy violations, or content that signals an attack. There are 2 types of scanning available:
      1. Weekly predefined scan and report, and
      2. On-demand scan that generates new reports ad-hoc,
    2. Malware Detection. Detects malware, viruses, spyware, trojans, and other malware,
    3. Firewall. Bidirectional host-based stateful firewall that audits all traffic incoming and outgoing from the VM,
    4. Configuration Auditing. Checks that IT assets are compliant with the Provider’s policies and standards,
    5. Compliance Reports. Provides logs and data necessary to fulfill audit requirements,
    6. Web Application Scanning. Discovers web server and services weaknesses and OWASP vulnerabilities, and
    7. Integrity Monitoring. Monitors critical operating system and application files, such as directories, registry keys, and values, to detect and report malicious and unexpected changes in real time; and
  3. The information contained within the reports are intended solely to identify threats, vulnerabilities, and statuses of the Cloud environment components, and is provided “as is” without warranty of any kind, express or implied, including but not limited to warranties for fitness of purpose. The Provider does not warrant the completeness of accuracy of the report, nor does it make any recommendations based on the findings noted herein.
11:11 DRaaS for Zerto. The terms and conditions of this Section 3.10 are applicable to each Order that includes 11:11 DRaaS for Zerto services, regardless as to whether the Order for public or private cloud services.
1. Resources.
  1. Storage (Public or Private). The types of storage available are Advanced, and/or SSD. Storage purchased by the Customer includes both protected data and Zerto Journal data; Zerto Journal data may not be displayed on the 11:11 Cloud Console, but the Customer is still responsible for paying for this storage and may request a report from the Provider if required. Storage types comprising the environment are specified in the Order;
  2. CPU & RAM.
    1. Public. These Cloud Resources are available as Shared Resources as specified in the Order; and
    2. Private. These Cloud Resources are available as Dedicated Resources as specified in the Order. The Provider is responsible for architecting and deploying CPU & RAM in a high availability configuration;
  3. Bandwidth (Public or Private). Bandwidth is available as a Shared Resource as specified in the Order. On Orders where network bandwidth is not specified, it shall be considered to be embedded in storage;
  4. Replication License (Public or Private). Replication licensing per protected Virtual Machine as specified in the Order. On Orders where replication licensing is not specified, it shall be considered to be embedded in storage;
  5. Business Models (Public or Private). Cloud Resources are available in either Reserved or Reserved plus Burst models as specified in the Order; and
  6. Overhead (Private only). The Customer acknowledges that all applications and hypervisors require some amount of overhead resource capacity in order to run optimally. The Customer agrees that the Dedicated Resources on the Order will be used for the overhead capacity of the Customer’s applications/hypervisor and that it is the sole responsibility of the Customer to ensure sufficient resources exist.
2. Provider's Obligations. The Provider is responsible for the following in accordance with industry best practices:
  1. Onboarding the Customer into the Provider's Cloud Services by giving access to the service and guiding the Customer through the process of deploying the service;
  2. Provide documentation, project management, and demonstrate the failover steps for a full site failover to the Customer on the Provider's test environment. In the event that a Customer would like the Provider to assist with design, implementation or testing of a partial site failover, additional i-Tech fees will apply;
  3. Provide ongoing support and education on the Service at the Customers’ request;
  4. Creating Virtual Data Center(s) consisting of compute, memory, storage infrastructure, and network bandwidth per specifications detailed in the Order;
  5. Maintaining the underlying cloud infrastructure components such as compute, memory, storage and networking by following the Provider’s guidelines for managing these environments;
  6. Providing the Customer with the URL and authentication credentials to access the Customer’s Cloud Resources;
  7. Assigning external and internal IP addresses for the Recovery Site virtual router per the Customer-provided requirements;
  8. Providing Zerto Cloud Connector;
  9. Providing Zerto replication licensing for Virtual Machines as defined in the Provider's then-current Product Compatibility Matrix;
  10. In case of Provider-assisted Failover, assisting Customer with initiating Failover at-time-of-Disaster;
  11. In the event of a Disaster and Failover to the Recovery Site, the Provider can, if needed, assist the Customer with Failback from Disasters to Customer Primary Site for additional iTech fees; and
  12. If the Customer is running the Standard Backups service defined in Section 3.1, in the event of either a failover or of a VM being active in the Recovery Site’s virtual environment, the Provider will automatically begin backing up the Customer’s live workloads within 24 hours.
3. Customer's Obligations. The Customer is responsible for the following in accordance with industry best practices:
  1. Unless specified on the Order, implementing dedicated physical or virtual network security appliance, managing Firewall(s) including but not limited to the configuration of Network Address Translation (NAT) Access List, Virtual Private Network (VPN), Dynamic Host Configuration Protocol (DHCP), Load Balancing, and static routing;
  2. Providing compute, memory, storage and network requirements for each Virtual Data Center and creating Virtual Data Center network and role-based security policies;
  3. Ensuring that only VMware based Workloads are replicated to the Provider and that the Virtual Machine environment matches specifications as defined in the Provider’s Product Compatibility Matrix. By purchasing this product, the Customer specifically acknowledges that Hyper-V Workloads are not supported;
  4. Creating Virtual Machines for Zerto Virtual Manager (ZVM), downloading and installing ZVM software and Zerto Virtual Replication Appliance (ZvRA) on Customer hosts;
  5. Configuring Zerto Protection at the Primary Site; Creating Recovery Groups and initiating replication on Virtual Machines selected for replication;
  6. Notifying the Provider before making any changes to the Primary site that might affect the DRaaS service, including but not limited to, any upgrades or patches to Zerto, the underlying virtualization layer, or the network. The Customer hereby acknowledges that any such actions could break the ability of the Service to function;
  7. If the Customer chooses to Seed Data, then the Customer must follow the Provider’s then-current Data Seeding Guidelines;
  8. Ensuring Virtual Machines match specifications as defined in the Provider’s then-current Product Compatibility Matrix;
  9. Creating and testing Recovery Plan;
  10. Initiating Failover at-time-of-test and at-time-of-Disaster;
  11. In case of Provider-assisted Failover, declaring a Disaster following the Provider’s guidelines;
  12. Ordering additional Zerto licenses when new VMs are added;
  13. Maintaining operating systems and applications installed on the Customer's Virtual Machines or in the Customer's Virtual Data Center, including, but not limited to, providing support, patching, upgrades, updates and anti-virus software in accordance with industry best practices;
  14. Providing Virtual Machine and application log monitoring;
  15. The Customer understands that Testing can be stopped by the Provider in the event that a Testing event has run long enough to impact replication or the underlying infrastructure;
  16. In the event of a Disaster and Failover to the Recovery Site, in order for the Customer to Failback to the Primary Site, the Customer needs to recreate the original environment in the Primary Site by providing similar compute, memory, storage and network resources, Virtual Machines, Zerto Virtual Manager (ZVM) and Zerto Replication Appliance (ZvRA) on the Customer's hosts, enable site peering to Recovery Site, set up and configure Recovery Groups before replicating data from Recovery Site. The Customer is responsible for paying the associated iTech fees if assistance from the Provider is required;
  17. Promptly notifying the Provider if the Cloud Resources are compromised, accessed by a person lacking permission to access the Cloud Resources, or infected with a virus, worm or similar malicious code;
  18. Informing the Provider at the time any of these changes occur in the Primary Site:
    1. Adding a Virtual Machine to a replicated vApp that exceeds the maximum number of Zerto replication licensing specified on the Order;
    2. Increasing resource capacity in Primary Site in relation to replicated Virtual Machines without increasing Cloud Resources at Recovery site; and
    3. Defining, configuring and managing the required journal retention setting within each VPG.
  19. Ensuring that there is enough bandwidth at Primary Site to enable initial replication and successive incremental changes of data to Recovery Site;
  20. If the Customer provisions Reserved Resources in excess of the specifications set out on the Order, the Customer hereby acknowledges that the Provider is not responsible for any performance degradation or errors caused by over allocation; and
  21. Defining, configuring and managing the required journal retention setting within each VPG.
4. Encryption.
  1. VM Encryption.
    1. The Provider offers encryption on a per VM or per volume basis, and is available to the Customer if purchased on the Order,
    2. The Customer agrees and understands that when running VM Encryption some features in the 11:11 Cloud Console that require access to the Customer's VMs may not function or provide information, since the Customer's VM will be encrypted, and
    3. VM Encryption encrypts data using AES-128/256 algorithms and allows the Customer to manage the encryption keys. The Customer understands that the Provider has no access to encryption keys.
5. Security Features. The 11:11 Cloud Console performs the following function:
  1. Vulnerability Scanning. Assesses systems, networks and applications for weaknesses and detects known and zero day attacks. Examines all incoming and outgoing traffic for protocol deviations, policy violations, or content that signals an attack. The weekly predefined scan generates a report which is added to the historical data.
6. Service Levels. Recovery Time Objective (RTO) and Recovery Point Objective (RPO) SLAs are accessible at https://www.1111systems.com/legal/sla.
11:11 Secure DRaaS for Zerto. The terms and conditions of this Section 3.11 and, to the extent not inconsistent with this Section 3.11, Section 3.10, are applicable to each Order that includes 11:11 Secure DRaaS for Zerto services, regardless as to whether the Order for public or private cloud services.
1. Resources.
  1. Storage. The types of storage available are Accelerated, and/or SSD. Storage purchased by the Customer includes both protected data and Zerto Journal data; Zerto Journal data may not be displayed on the 11:11 Cloud Console, but the Customer is still responsible for paying for this storage and may request a report from the Provider if required. Storage types comprising the environment are specified in the Order.
2. Encryption.
  1. Storage Encryption. Storage is encrypted at rest with AES-256 in XTS cipher mode with FIPS 140-2 approved algorithms.
3. Security Features.
  1. The Provider offers internal and external vulnerability scanning and reporting on the Customer's public Internet facing IPv4 address blocks and presents the information in the 11:11 Cloud Console;
  2. The 11:11 Cloud Console performs the following functions, if enabled, and displays them in reports. In order to enable some features, a software agent may be required to be loaded on the Virtual Machine:
    1. Vulnerability Scanning. Assesses systems, networks and applications for weaknesses and detects known and zero day attacks. Examines all incoming and outgoing traffic for protocol deviations, policy violations, or content that signals an attack. There are 2 types of scanning available:
      1. Weekly predefined scan and report, and
      2. On-demand scan that generates new reports ad-hoc,
    2. Malware Detection. Detects malware, viruses, spyware, trojans, and other malware,
    3. Firewall. Bidirectional host-based stateful firewall that audits all traffic incoming and outgoing from the VM,
    4. Configuration Auditing. Checks that IT assets are compliant with the Provider’s policies and standards,
    5. Compliance Reports. Provides logs and data necessary to fulfill audit requirements,
    6. Web Application Scanning. Discovers web server and services weaknesses and OWASP vulnerabilities, and
    7. Integrity Monitoring. Monitors critical operating system and application files, such as directories, registry keys, and values, to detect and report malicious and unexpected changes in real time; and
  3. The information contained within the reports are intended solely to identify threats, vulnerabilities, and statuses of the Cloud environment components, and is provided “as is” without warranty of any kind, express or implied, including but not limited to warranties for fitness of purpose. The Provider does not warrant the completeness of accuracy of the report, nor does it make any recommendations based on the findings noted herein.
11:11 Secure DRaaS with DoubleTake. The terms and conditions of this Section 3.12 are applicable to each Order for 11:11 Secure DRaaS with DoubleTake. The Customer acknowledges that this product requires that the services listed in Section 3.1 or 3.2 to be deployed in conjunction with it.
1. Resources.
  1. Replication License. Either Physical or Virtual Edition Replication Licenses as described in the Order;
  2. Business Models. Replication licenses are available in a per job Reserved model with two options as described in the Order:
    1. Constant replication, or
    2. Migration only.
2. Provider’s Obligations. The Provider is responsible for the following in accordance with industry best practices:
  1. Onboarding the Customer into the Provider’s DRaaS with DoubleTake service by guiding the Customer through the process of deploying the service;
  2. Building target VMs for each server requiring replication with DoubleTake;
  3. Deploying the DoubleTake agent and DoubleTake Metered Usage (DTMU) on each target VM for licensing purposes;
  4. Deploying a DoubleTake management server in the Provider's hosted infrastructure to act as the management console for the customer;
  5. Providing the Customer with a URL to download the DoubleTake agent and the corresponding license keys;
  6. Assisting the Customer in setting up replication jobs utilizing the DoubleTake management server;
  7. Providing documentation, project management, and demonstrate the DR failover steps to the Customer and successfully test failover;
  8. In case of Provider-assisted Failover, assisting the Customer with initiating Failover at-time-of-Disaster; and
  9. In the event of a Disaster and Failover to the Recovery Site, the Provider can, if needed, assist the Customer with Failback from Disasters to the Customer's Primary Site for additional iTech fees.
3. Customer’s Obligations. The Customer is responsible for the following in accordance with industry best practices:
  1. Providing the Provider with information reasonably required to fulfill its obligations, including without limitation backup requirement details;
  2. Ensuring that only VMware based workloads are replicated to the Provider and that the Virtual Machine environment matches specifications as defined in the Provider’s then-current Product Compatibility Matrix. By purchasing this product, the Customer specifically acknowledges that Hyper-V workloads are not supported;
  3. Downloading and installing the DoubleTake agent on each of the source servers that require replication;
  4. Working with the Provider to set up replication jobs utilizing the DoubleTake management server;
  5. Unless specified on the Order, implementing dedicated physical or virtual network security appliance and managing Firewall(s) including, but not limited to, the configuration of Network Address Translation (NAT) Access List, Virtual Private Network (VPN), Dynamic Host Configuration Protocol (DHCP), Load Balancing, and static routing;
  6. Notifying the Provider before making any changes to the Primary site that might affect the DRaaS service, including any upgrades or patches to DoubleTake, the underlying virtualization layer, the replication jobs, or the network. The Customer hereby acknowledges that any such actions could break the ability of the Service to function;
  7. Initiating Failover at-time-of-test and at-time-of-Disaster;
  8. In case of Provider-assisted Failover, declaring a Disaster via a support ticket;
  9. Monitoring available storage in the hosted environment to ensure the Service will continue to function properly;
  10. Maintaining operating systems and applications installed on the Customer’s Virtual Machines or in the Customer’s Virtual Data Center, including, but not limited to, patching, upgrades, updates and anti-virus software;
  11. Promptly notifying the Provider if the Cloud Resources are compromised, accessed by a person lacking permission to access the Cloud Resources, or infected with a virus, worm or similar malicious code;
  12. Ensuring that there is enough bandwidth at Primary Site to enable initial replication and successive incremental changes of data to Recovery Site;
  13. Ensuring that during the term of the Order the Customer maintains enough bandwidth to ensure the continued successful replication of the data. The Customer acknowledges that the Provider is not in breach of the agreement if there is not enough bandwidth available at Primary Site; and
  14. If the Customer provisions replication jobs in excess of the specifications set out on the Order, the Customer hereby acknowledges that the Provider is not responsible for any performance degradation or errors caused by over allocation and the Customer may incur in additional costs to cover the additional licenses.
Bare Metal Infrastructure. The terms and conditions of this Section 3.13 are applicable to each Order that includes 11:11 Bare Metal Infrastructure.
1. Resources.
  1. Bare Metal Resources. CPU, RAM, Local Storage, Networking Backplane and Redundant Power comprise the Bare Metal server in the form of a blade or physical appliance as described in the Order; and
  2. Business Models. Bare Metal resources are available in Reserved model.
2. Provider's Obligations. The Provider is responsible for the following in accordance with industry best practices:
  1. Providing Bare Metal resources as specified on the relevant Order;
  2. Providing to the Customer Root Administrator access to the Bare Metal Server;
  3. Providing to the Customer, upon request via support ticket, Graphic Console access;
  4. Using commercially reasonable efforts to power on and ensure connectivity to the Bare Metal resources before handoff to the Customer; and
  5. Using commercially reasonable efforts to provide first and second tier support to ensure the connectivity of the Bare Metal resources.
3. Customer’s Obligations. The Customer is responsible for the following in accordance with industry best practices:
  1. Unless specified on the Order, implementing dedicated physical or virtual network security appliance, managing Firewall(s) including but not limited to the configuration of Network Address Translation (NAT) Access List, Virtual Private Network (VPN), Dynamic Host Configuration Protocol (DHCP), Load Balancing, and static routing;
  2. Selecting and securing the appropriate authentication procedures to allow access to the Bare Metal server OS and applications residing in it;
  3. Following the Provider's then-current Data Seeding Guidelines if the Customer chooses to seed data;
  4. Maintaining operating systems and applications installed on the Bare Metal server(s), including, but not limited to, patching, upgrades, updates and anti-virus software in accordance with industry best practices;
  5. Fixing any problems resulting from upgrades to the Bare Metal server operating system;
  6. Providing Bare Metal server and application log monitoring;
  7. Providing support for operating systems and applications installed on the Bare Metal server(s);
  8. Maintaining all backups for all Customer data residing on the Bare Metal servers; and
  9. If the Customer provisions Reserved Resources in excess of the specifications set out on the Order, the Customer hereby acknowledges that the Provider is not responsible for any performance degradation or errors caused by over allocation.
11:11 Cross Connects. The terms and conditions of this Section 3.14 are applicable to each Order that includes 11:11 Cross Connect services.
1. Resources
  1. Cross Connect Resources. Copper or Fiber Cross Connects as described in the Order; and
  2. Business Models. Colocation resources are available in Reserved model.
2. Provider's Obligations.
  1. Patch in the Provider’s side of the cross connect up to the Demarcation Point:
    1. On Cross Connects which media type is fiber, the Provider will supply a single-mode fiber optic patch cable to connect the cross connect to the Provider's switching infrastructure, unless otherwise specified on the Order, or
    2. On Cross Connects which media type is copper, the Provider will supply a 1000Base-LX patch cable to connect the cross connect to the Provider's switching infrastructure;
  2. Support port configurations of 1 GB or 10 GB; and
  3. The Provider does not include any rack space as part of the cross connect service;
3. Customer's and/or Carrier’s Obligations. The Customer is responsible for the following in accordance with industry best practices:
  1. The Customer shall ensure that the Carrier has a presence in the specific Provider’s Data Center where the Cross Connect will be deployed as described in the Order. The Carrier’s presence should be within the acceptable range of the media type relative to the Provider’s presence within the Data Center;
  2. The Customer shall manage the relationship with the Carrier;
  3. The Customer shall provide the Provider with a signed Letter of Authorization (LOA), using the Carrier’s letterhead, authorizing the Provider and the Data Center to connect the Carrier's Equipment to the cross connect with the following information:
    1. Data Center address,
    2. Authorization excerpts – referencing the Provider to complete the work,
    3. Demarcation location (ports included),
    4. Media type, and
    5. Connector type;
  4. The Customer and the Customer’s Carrier shall be responsible for all circuit provisioning up to the Carrier Demarcation Point. This includes but is not limited to all the necessary access, timelines for completion, installation, and any other relevant items; and
  5. The Customer shall follow up with their Carrier and request that the cross connect be patched in.
11:11 Shared Colocation. The terms and conditions of this Section 3.15 are applicable to each Order that includes 11:11 Shared Colocation services.
1. Resources.
  1. Colocation Resources. Cabinet or Rack Units, Power, Bandwidth and Networking components comprise the Colocation service as described in the Order; and
  2. Business Models. Colocation resources are available in Reserved model.
2. Grant of License. The Provider hereby grants to the Customer the right to use the Colocation Rack Space for the placement of Customer-Leased Equipment and/or Customer-Provided Equipment during the term of the Order on the terms and subject to the conditions set out in this Schedule, provided that the Provider retains the right to access the Colocation Rack Space for any legitimate business purpose at any time.
3. Provider's Obligations. The Provider is responsible for the following in accordance with industry best practices:
  1. Use commercially reasonable efforts to prepare any Colocation Rack Space to the relevant Specifications set in the Statement of Work (SOW) and/or the Order on or before the relevant Commencement Date;
  2. Once the Customer provides the tracking information for the Equipment upon shipment, the Provider will alert the Data Center of the shipment to ensure acceptance;
  3. Install the Equipment after it has arrived at the Data Center according to the cabling diagram provided by the Customer;
  4. Using commercially reasonable efforts to power on and ensure connectivity to the Equipment. On Customer-Provided Equipment, issues on the preconfiguration shall result in project timeline delays and the Customer may incur in additional costs to cover the additional time;
  5. The Provider shall not in any case be liable for any type of downtime, connectivity failure, or service interruption and SLA shall not be applied for any of the following:
    1. Full or partial failure in the Customer-Provided Equipment,
    2. Misconfiguration of the Customer-Provided Equipment, and
    3. Failure in any external Customer-Provided Carrier;
  6. To the extent legally practicable, assign to the Customer any warranty received by the Provider from the manufacturer of the Customer-Leased Equipment to allow the Customer to pursue a remedy from such manufacture in respect of defects in the Customer-Leased Equipment. Other than as set out in the previous sentence, the Customer-Leased Equipment shall be provided for Customer’s use "as is", with all faults and the Provider hereby disclaims all implied warranties including, without limitation, warranties of merchantability, fitness for a specific purpose, and warranties of satisfactory quality in respect of the Customer-Leased Equipment; and
  7. The Provider shall not grant physical access to the Customer into the Data Center. Shall the Customer require physical access to the Equipment, the Provider will coordinate with the Customer and schedule remote hands services to gain physical access.
4. Customer's Obligations. The Customer is responsible for the following in accordance with industry best practices:
  1. Ensure that any Customer-Provided Equipment sent out to the Provider is in good working conditions in accordance with prevailing industry standards throughout the term of the relevant Colocation Order such that the Customer-Provided Equipment does not damage any other property within the Colocation Rack Space, Colocation Area or Data Center. The Provider shall have the right to take such actions, without liability under this Schedule, the Agreement or the Colocation Order, as are reasonably necessary to protect property in the Data Center from harm caused by the Customer-Provided Equipment, including without limitation by disconnecting the Equipment, if the Provider in its reasonable discretion believes that the Equipment poses a threat of damage to property within the Data Center;
  2. Ensure that any Customer-Provided Equipment sent out to the Provider is preconfigured with relevant information in such a way that the Customer can access them remotely as they are racked and cabled;
  3. Ensure that the Customer-Provided Equipment does not rely on Wi-Fi or radio frequency (RF) as it is not permitted;
  4. Ensure that the Customer-Provided Equipment supports dual power connected to redundant A+B power circuits. In the event of a power outage, the Provider shall not be liable for any power failure to the Customer-Provided Equipment if such Customer-Provided Equipment does not support redundant power supply or if the Customer does not provide the necessary cables to connect the redundant power supply;
  5. Provide a cabling diagram that includes a physical view of each port of the Equipment that needs to be plugged;
  6. Ensure that the Customer-Provided Equipment is properly labeled;
  7. Provide all the necessary network patch and power cables;
  8. Provide the tracking information for the Customer-Provided Equipment upon shipment;
  9. In the event that the Customer-Provided Equipment fails:
    1. The Customer is responsible for troubleshooting the Equipment,
    2. The Customer is responsible for applying any warranty with the manufacturer to pursue a remedy from such manufacture in respect of defects in the Customer-Provided Equipment, and
    3. If a replacement is required, the Customer shall be responsible for, but not limited to, the costs and management of the removal, packaging, and logistics of the Customer-Provided Equipment and the corresponding replacement. The Provider shall not be liable for any loss of data or hardware, or damage incurred by the Customer arising out of the Provider’s disconnection, removal, or disposal of the Customer-Provided Equipment if the Customer fails to respond after several communication attempts from the Provider. The obligations of this Section 3.14.4 are applicable to the Customer-Provided Equipment that shall act as a replacement and managed under a new Order.
  10. In the event that a Colocation Order is terminated, the Customer shall be financially responsible for the disconnection, removal, packaging, logistics, and/or disposal of Customer-Provided Equipment. If the Customer leaves Customer-Provided Equipment in the Provider's Data Center for thirty (30) days after the termination of a Colocation Order, the Provider reserves the right to dispose of any such hardware and shall not be liable to the Customer for any associated loss of data or hardware.
5. Risks.
  1. Power. If the Customer does not purchase redundant power or if any of the Customer-Provided Equipment does not support redundant power, the Customer is at risk if a power failure occurs. Provider’s best practice recommendation is to purchase redundant power and to utilize the Customer-Provided Equipment that supports redundant power;
  2. Rack Mounting. The Equipment cannot be racked back to back, such that the rear of two devices are facing each other in the middle of a rack. Only one device shall be used per shelf or unit (U). If the Provider finds that the Customer did not supply the rack-mounting materials, or the Customer-Provided Equipment is not rack-mountable and an additional shelf or tray is needed to securely mount the Equipment to the rack, the Customer shall incur an additional cost to correctly rack the equipment and the project timeline may be delayed while additional colocation space is allocated;
  3. Shelves. If the Customer uses a shelf and the combined height of the Customer-Provided Equipment and shelf use more than the allotted space, the Customer shall incur an additional cost for additional U(s). The project timeline shall also be delayed while additional colocation space is allocated;
  4. Shipping. All Customer-Provided Equipment that is shipped must follow the Provider’s Shipping Process and must be handled through the Provider's project manager. This ensures the Provider's ability to effectively track the Equipment to ensure it does not get lost. If the Equipment is shipped without following the Provider’s shipping requirements or without the Provider's project managers involvement, the likelihood the Equipment is lost is increased;
  5. Reject Equipment. Provider reserves the right to reject any Customer-Provided Equipment that appears unsafe. In this event, the Customer-Provided Equipment will be shipped back to Customer and the project timeline shall be delayed while new hardware is shipped or a new solution is devised;
  6. Equipment Size. If the Customer-Provided Equipment is larger than the space allocated, Provider shall increase the monthly cost and the project timeline may be delayed while additional colocation space is allocated;
  7. Required Cables. It is the Customer's responsibility to ship the Customer-Provided Equipment with all required cables and to test the cables prior to shipping, ensuring they work as intended. If the Equipment is shipped with missing or defective cables, Customer shall be charged for the required cables and the corresponding Provider’s i-Tech fee for any additional time required to install the cables, and the project timeline shall be delayed; and
  8. Shipping Materials. All shipping and packaging materials are destroyed once equipment arrives at the Data Center. The Provider will not return any boxes, manuals, packing materials, or any other items that are shipped.
6. Storage of Equipment. Following the request of the Customer, the Provider may, at its option, store Customer-Provided Equipment that the Customer intends to colocate in the Colocation Rack for not more than five days prior to the Commencement Date as a courtesy incidental to the license granted to the Customer by the Provider under this Schedule. The Provider will not charge the Customer a fee for such storage. Absent the Provider's gross negligence or intentional misconduct, the Provider shall have no liability to the Customer or any third party arising from such storage services. If the Customer stores Customer-Provided Equipment for longer than ten days, the Provider may, but shall not be obligated to, return the Customer's equipment to the Customer without liability, at the Customer's sole cost and expense.
7. Changes. The Provider reserves the right to change from time to time, and at the Provider's cost, the location or configuration of the Colocation Rack Space in which the Customer-Provided Equipment and/or the Customer-Leased Equipment is located, provided that the Provider shall not arbitrarily require such changes. The Provider and the Customer shall work in good faith to minimize any disruption in the Customer's services that may be caused by such changes in location or configuration of the Colocation Rack Space.

11:11 Dedicated Colocation. The terms and conditions of this Section 3.16 are applicable to each Order that includes 11:11 Dedicated Colocation services and are accessible at https://1111systems.com/legal/1111-colocation-service-terms/

Zipline. The terms and conditions of this Section 3.17 are applicable to each Order that includes Zipline services.
1. Resources.
  1. Zipline Resources. Bandwidth, access to the elastic interconnection fabric based on a Software Defined Network, and a shared physical Cross Connect in the Provider's Data Center comprise the Zipline connection as described in the Order; and
  2. Business Models. Zipline resources are available in a Reserved model.
2. Provider's Obligations.
  1. Patching in the Provider’s side of the Cross Connect up to the Demarcation Point;
  2. Creating and maintaining a subscription to the elastic interconnection fabric based on a Software Defined Network service;
  3. Creating and maintaining the required number of virtual Cross Connects to support Zipline connectivity as defined in the Order;
  4. Using commercially reasonable efforts to provide first and second tier support to ensure the performance and connectivity of the Zipline resources; and
  5. Escalating support request(s) on the Customer's behalf for tier 3 support, if performance or connectivity issues are determined to be on the Provider's side.
11:11 Secure Cloud Backup for Microsoft 365. The terms and conditions of this Section 3.18 are applicable to each Order that includes 11:11 Secure Cloud Backup for Microsoft 365 services. The terms Office 365 and Microsoft 365 can be used interchangeably as they refer to the same service.
1. Resources.
  1. Storage and Bandwidth. The Cloud Resources that comprise the Secure Cloud Backup for Microsoft 365 service include unlimited shared storage per user account along with embedded unlimited incoming and outgoing network bandwidth used for backup purposes;
  2. Licensing. Veeam Backup for Microsoft Office 365 licensing is included in the service on the Provider's site, unless explicitly specified in the Order;
  3. Business Models. All subscription licenses are sold per user account in a Reserved plus Burst model as described in the Order according to the minimum license commitment and incremental guidelines specified by the Provider; and
  4. Secondary Copies. In addition to the standard subscription licenses, Customers could opt in for secondary copies of the data as described in the Order. Where applicable, location pairings between primary and secondary copies can be found in the Success Center article available at https://success.1111systems.com/article/xUJlTC. This service feature is only available for service subscription Item Numbers and/or Data Centers identified in the Order with the reference “PC1”.
2. Provider's Obligations. The Provider is responsible for the following in accordance with industry best practices:
  1. Providing a user based cloud backup service comprised of cloud storage, Veeam Backup for Microsoft Office 365 licensing, unless explicitly specified in the Order and network bandwidth at the Provider's Site to store Microsoft 365 data per user account as specified in the Order;
  2. Maintaining the Provider's Cloud Storage infrastructure including patching, upgrades and updates;
  3. Providing the Customer the URL and authentication credentials to access the Microsoft 365 user's data via the Veeam Explorer applications through Veeam Cloud Connect;
  4. During initial setup, assisting the Customer in creating an inclusion and exclusion groups that can be used in the backup jobs to manage user license counts;
  5. Backing up Exchange Online mailbox items (email, calendar and contacts), as well as OneDrive for Business, SharePoint Online files and folders, and Teams data on the Microsoft 365 organization that hosts the licensed Microsoft 365 user accounts for, as specified by the Customer, either (a) the entire Microsoft 365 organization, or (b) a subset of Microsoft 365 users via an Active Directory security group. Each Microsoft 365 user account consist of the following objects:
    1. A personal mailbox,
    2. An online Archive mailbox,
    3. OneDrive documents,
    4. Personal SharePoint sites, and
    5. Teams data;
  6. Backing up Microsoft 365 items for shared and group mailboxes, group SharePoint sites, as well as user objects that do not have a Microsoft 365 license applied, without requiring an 11:11 Secure Cloud Backup for Microsoft 365 license, as specified by the Customer;
  7. The Provider considers licensed users based on the requirements by object type as described in the Success Center article accessible at https://success.1111systems.com/article/YPXbCN. The Customer can designate specific user accounts for deletion from backups from the Provider’s infrastructure; once all backups have been deleted for an account designated for deletion, the licenses associated with such deleted accounts can be reassigned by the Customer.
  8. During initial setup, configuring and performing backups, that shall occur at least once a day;
  9. Retaining backups while a Veeam Backup for Microsoft Office 365 license is assigned to a Microsoft 365 user according to the Customer's required retention policy during onboarding, for the primary and secondary copies, if applicable, and such retention policy will not affect the price specified in the Order. Shall the Customer require immutability for the secondary copy, its retention shall be linked directly to the retention policy since they are the same; and
  10. Providing the following recovery options to the Customer:
    1. Restoring Organization Mailbox, OneDrive, SharePoint, or Teams data,
    2. Exporting Exchange mailbox objects to a PST file,
    3. Saving Exchange email items as a Microsoft Exchange Mail Document (.msg) file,
    4. Saving items as HyperText Markup Language (.html) files,
    5. Sending items as attachments to specified recipients, and
    6. Saving OneDrive, SharePoint, or Teams files and folders as a ZIP file.
3. Customer's Obligations. The Customer is responsible for the following in accordance with industry best practices:
  1. Providing a list of either (a) the entire Microsoft 365 organization’s users, or (b) a subset of Microsoft 365 users via an Active Directory security group in addition to a list of Group SharePoint sites, and/or a list of Teams' teams that are to be protected by the Provider with 11:11 Secure Cloud Backup for Microsoft 365 licenses. If the Customer provides a subset of Microsoft 365 users in accordance with part (b) of the preceding sentence, the Customer shall be responsible for any charges associated to the mailboxes, documents, sites, and/or items selected explicitly or implicitly under the security group;
  2. Providing the Provider with information reasonably required to fulfill its obligations, including, but not limited to, the Microsoft 365 organization name that contains the user accounts to back up, and a Microsoft 365 account with the following criteria and rights:
    1. An account that belongs to the Microsoft 365 organization that shall be backed up. Having a mailbox in that organization is optional,
    2. Role Management role. To grant ApplicationImpersonation role,
    3. ApplicationImpersonation role. To allow this role assignment, the account must be granted the Organization Management permission,
    4. Organizations Configuration role. To manage role assignments,
    5. View-Only Configuration role. To obtain the necessary organization configuration parameters,
    6. View-Only Recipients role. To view mailbox recipients (required for job creation),
    7. MailboxSearch or MailRecipients. To backup groups,
    8. Global Administrator role, or the SharePoint Administrator role. To connect to the Microsoft SharePoint organization,
    9. This account may optionally use modern authentication including app ID, client secret and app password, and
    10. Or this account may optionally use modern application authentication which will automatically configure the proper roles needed to connect to the service;
  3. Procuring, implementing, and configuring of the correct licensed versions of Microsoft 365;
  4. Procuring, implementing, and configuring an appropriate method of payment against the customer's Azure subscription to support any additional costs incurred by accessing data through Microsoft Graph API calls. Microsoft Teams channel chat data will include an additional charge imposed and collected by Microsoft. For more information please review our Success Center article available at https://success.1111systems.com/article/KcGTRO;
  5. Ensuring the functionality of Microsoft 365 services and contacting Microsoft, or the Microsoft 365 reseller, for any type of support related to the Microsoft 365 service as the Provider is not responsible for this service including, but not limited to, performance, malfunction, or downtime;
  6. During initial setup, informing the Provider if Teams channel chats are required to be backed up, as those are not backed up by default;
  7. During initial setup, informing the Provider about the retention policy, and, when applicable, immutability;
  8. Utilizing its own Microsoft 365 credentials, with the appropriate administration and impersonation permissions, to access the organization's data backups via the Veeam Explorer applications through Veeam Cloud Connect. This account shall use modern application authentication;
  9. Configuring and performing self-service recovery tasks based on the recovery options listed by the Provider;
  10. Promptly notifying the Provider if the Microsoft 365 service has been hacked, accessed by a person lacking permission to access the Microsoft 365 and/or the Microsoft 365 cloud backups stored at the Provider's site, or infected with a virus, worm or similar code;
  11. Informing the Provider when a retention policy change needs to be made, except when immutability is present, since retention period and immutability period are the same, and cannot be changed once set;
  12. Unless immutability is present, removing specific user accounts from backups and purging the user accounts from the Provider’s infrastructure, so that the licenses associated with such deleted accounts can be revoked and potentially reassigned in order for the Customer to avoid incurring Burst charges for the then-current month. The Customer shall reduce license count prior to the end of the month or the Customer will be responsible for any applicable Burst Resource charges incurred for the then-current month;
  13. Sorting specific user accounts into inclusion or exclusion groups as appropriate to manage licenses and prevent exceeding the contracted license count;
  14. Monitoring daily service summary e-mails which may include information about backup job failures;
  15. Rectifying any job failures related to something outside of the Providers control, which shall include, but not be limited to, credentials issues for accessing Microsoft 365. The Customer may contact the Provider for assistance in rectifying backup job failures; and
  16. Updating existing backup job(s) or creating new ones subsequent to the initial setup.
4. Risks.
  1. Redundant Backups. If the Customer is running multiple backups of their Microsoft 365 environment, either on-prem or with another cloud provider, the Customer acknowledges that there could be performance and/or data loss situations. These situations arise due to connectivity restrictions and rate limiting throttling that is set outside of the Provider’s control.
5. Immutability.
  1. This service feature is only available for service subscription Item Numbers and/or Data Centers identified in the Order with the reference “PC1”;
  2. By configuring immutability on backup jobs, data stored by such jobs won't be susceptible to alteration or deletion by neither the Customer nor the Provider during its retention period. The exception would be applicable only when the Customer wishes to stop consuming the services under this Section 3.17, by cancelling the corresponding Order, resulting in the removal of the entire Customer data associated to these services;
  3. Immutability is optional, and shall be configured during the initial setup as requested by the Customer. Immutability shall only be applicable to secondary copies;
  4. The immutability period is determined by the retention period, which is linked to the retention period. Once it is set, it cannot be changed, or removed;
  5. Unlimited retention for data that has been configured to be immutable is not supported; and
  6. The ability to delete and purge users or data when immutability is present is not supported as it defeats the purpose.
11:11 Secure Cloud Object Storage. The terms and conditions of this Section 3.19 are applicable to each Order that includes 11:11 Secure Cloud Object Storage services.
1. Resources.
  1. Storage, Bandwidth, and Operations on objects. The Cloud Resources that comprise the Secure Cloud Object Storage service include shared Encrypted Archive Storage along with embedded unlimited incoming and outgoing network bandwidth and unlimited operations on objects as described in the Order; and
  2. Business Model. Object Storage is available in a Reserved model, with the exception of service subscription Item Numbers and/or Data Centers identified in the Order with the reference “PC1” where the model is Reserved plus Burst.
2. Provider’s Obligations.
  1. Providing pool(s) of Cloud Storage and network bandwidth at Target Site as per specifications detailed in the Order;
  2. Maintaining Target Site Cloud Storage infrastructure including patching, upgrades and updates;
  3. Creating Cloud Resources as per specifications detailed in the Order;
  4. Providing Customer the initial URL and authentication credentials to access the Customer’s Cloud Resources upon completion of the Order;
  5. Providing storage pool modification options to the Order as required by the Customer; and
  6. Providing an industry-standard method of protecting, either through replication or erasure coding, of Customer data uploaded to the Provider's Secure Cloud Object Storage at the Data Center described by the Order.
3. Customer’s Obligations. The Customer is responsible for the following in accordance with industry best practices:
  1. Management and creation of all data stored and consumed on the Provider’s Secure Cloud Object Storage;
  2. Consuming only the resources reserved as described in the Order;
  3. Verifying and adhering to all S3-compatibility requirements for all 3rd-party applications or client software used to connect, store and consume the Customer's data on the Provider’s Secure Cloud Object Storage;
  4. Installation, version control, patching and updates on all 3rd-party applications or client software used to connect, store and consume the Customer's data on the Provider’s Secure Cloud Object Storage;
  5. Creating and managing of all subsequent security rights, access controls, S3-credentials and retention policies for the Customer's data stored and consumed on the Provider’s Secure Cloud Object Storage once the Customer has been provided initial URL and authentication credentials from the Provider;
  6. Performance response of any and all 3rd-party applications used to connect, store and consume the Customer's data on the Provider's Secure Cloud Object Storage;
  7. Tracking and maintaining all Object Storage Access Credentials used to store and consume the Customer's data on the Provider’s Secure Cloud Object Storage;
  8. Encrypt and maintain encryption keys for any data uploaded to the Provider’s Secure Cloud Object Storage; and
  9. If available, understanding the implications that enabling immutability and data versioning might impact the total consumed storage.
4. Service Support.
  1. Storage Encryption. All Secure Cloud Object Storage support for clients is provided as “best effort” as there are many clients that all implement Object Storage functionality in different ways. The Provider can demonstrate functionality with known clients, but individual implementations may vary.
Veeam Licensing. The terms and conditions of this Section 3.20 are applicable to each Order that includes Veeam Licensing.
1. Resources.
  1. License Key. A digital key that defines the scope of the license, terms and options for Agent or Backup & Replication Edition rental licenses as described in the Order. The license unit options are:
    1. VM. A protected Virtual Machine that is backed up, replicated, copied or otherwise consumed by the software,
    2. Server. A physical or virtual host, that contains an application or applications that serves one or more client workstations, where the software is installed. Each node of a clustered setup needs to be licensed separately, or
    3. Workstation. A physical or virtual host, typically used as a personal computer, where the software is installed. Each node of the clustered setup needs to be licensed separately.
2. Provider’s Obligations. The Provider is responsible for the following in accordance with industry best practices:
  1. Creating and Deleting the corresponding Veeam Cloud Connect Tenant(s) that links the license key(s) to specific Customer(s);
  2. Provide the security credentials to the Customer for pairing with the Provider’s cloud infrastructure for delivery of the license key(s);
  3. Procuring the license key(s) associated to the Veeam products as described in the Order;
  4. Maintaining the cloud infrastructure needed to deliver the Veeam licenses to the Customer; and
  5. Troubleshooting and Supporting issues related to both the procured Veeam license and the corresponding Veeam software using it. Provider shall not troubleshoot or support issues related to other licenses not procured by the Provider, including, but not limited to, Evaluation, "Not for Resale", Free, and Community Licenses.
3. Customer’s Obligations. The Customer is responsible for the following in accordance with industry best practices:
  1. Verifying the system requirements for both hardware and software compatible with Veeam's compatibility matrix available at www.veeam.com;
  2. Installing and updating the Veeam software on the corresponding workstations, servers, or Virtual Machines;
  3. Pairing the Veeam Agent(s) and/or Backup & Replication server(s) to the Provider in order to receive and maintain the license key(s);
  4. Managing and monitoring any alarms, reports, audits, and logs generated by the Veeam software and its configuration;
  5. Providing the information to the Provider necessary for troubleshooting the Veeam license and the corresponding Veeam software using it; and
  6. With the exception of Evaluation, "Not for Resale", Free, and Community Licenses, adhering to Veeam's End User License Agreement (EULA) found at https://www.veeam.com/eula.html
11:11 Autopilot Managed Recovery for DRaaS. The terms and conditions of this Section 3.21 are applicable to each Order that includes 11:11 Autopilot Managed Recovery for DRaaS in combination with 11:11 Secure DRaaS.
1. Assets & Deliverables.
  1. Connectivity Design Documentation. Technical documents and/or diagrams providing engineering level information and configuration details for the purpose of interconnecting the Customer's Primary Site(s) to the designated Provider's Recovery Site(s) delivering the DRaaS service capabilities;
  2. On-boarding Project Plan A documented detailed overview of all tasks associated with the Provider on-boarding process for interconnectivity and delivery of the services protecting Workloads replicated from the Customer's Primary Site(s) Workloads within scope of the mutually agreed upon service contract. The purpose of this document is to track ownership, progress and completion of all applicable on-boarding tasks in collaboration between the Customer and the Provider;
  3. On-boarding Provisioning Form. A detail discovery document used for information gathering and collection of all Customer specific technical and infrastructure related information for the sole purpose of the Provider providing the onboarding service, integration, and management services to the Customer as part of the Secure DRaaS service contract;
  4. Recovery Action Plan. A disaster recovery process document providing enhanced details for all steps and tasks required for proper failover or failback of the Customer's replicated Workloads to the designated Provider's Recovery Site(s). Additional details include task ownership, estimated/actual task duration times, and Customer's specific and managed application acceptance criteria testing processes. This document is developed and managed in collaboration between the Customer and the Provider; and
  5. Recovery Service Guide. A process document providing a business level view of the DRaaS solution. Key content includes general service description, service capabilities, the Customer's Primary Site(s) and the designated Provider's Recovery Site(s) location information, recoverable application service catalog, protected workload inventories, and failover process overview with key metrics (RTO / RPO).
2. On-boarding Project Management.
  1. Project managers. Both the Provider and the Customer shall appoint a project manager each who will serve as the primary contact point; and
  2. On-boarding Project Management Engagement. The Provider's project manager and the Customer's project manager shall meet as required for the duration of the on-boarding process for the purpose of facilitating a successful relationship and overseeing the implementation of all Cloud Resources and services outlined in the Order and the On-boarding Provisioning Form, including but not limited to, (a) tracking the progress of the on-boarding and implementation process and all associated tasks; (b) reviewing other current or future projects or business plans that may impact the onboarding of the Cloud Resources and services, (c) Weekly status reports to review the Provider’s performance in execution of the on-boarding project for delivery of all Cloud Resources and services, (d) coordinating and planning for any new equipment or software acquisitions specific to supporting the completion of on-boarding all Cloud Resources and services.
3. On-Boarding Acceptance Test.
  1. The On-Boarding Acceptance Test consists of non-service impacting Failover Test operation performed by Provider, as well as Application Testing And Verification performed by Customer. Fully committed Failover and Failback are not supported. The Test does not include modification of Primary Site resources including Virtual Machines and networking;
  2. The On-Boarding Acceptance Test is performed during the Provider’s normal business hours of Monday-Friday 8:00 am – 5:00 pm with the time zone being based on data center location where services are located;
  3. Onboarding Acceptance Test Scheduling. Upon completion of the on-boarding project tasks required for implementing the Cloud Resources within the scope identified in the Onboarding Provisioning Form, the Customer will be notified and will have fourteen (14) days from the day of notice in which to schedule a final On-Boarding Acceptance Test;
  4. On-Boarding Acceptance Test Success Criteria. Successful completion of the On-boarding Acceptance Test shall be determined by validation of the Provider’s ability to meet the RTO agreed during the planning phase of the onboarding project. The Target Objectives will be documented in the Recovery Action Plan and Recovery Service Guide. In the event that the On-Boarding Acceptance Test exceeds the RTO agreed in the planning phase, the Customer agrees to provide the Provider with any data or information reasonably requested by the Provider in order to enable the Provider to diagnose and resolve any problems associated with any failure to meet that RTO in the On-Boarding Acceptance Testing. The Provider project manager will notify the Customer via email or phone upon resolution of any such issues. After the Provider has notified the Customer that the problem has been resolved, the Customer and the Provider will promptly conduct a follow-up On-Boarding Acceptance Test to validate that the RTO with such follow-up test no longer exceeds the RTO provided in the original the On-Boarding Acceptance Test. This process will continue, if necessary, until the On-Boarding Acceptance Test Criteria meets the required success criteria. Notwithstanding anything to the contrary in this Service Schedule, if the Customer fails to respond to the On-Boarding Acceptance Test reschedule notice within fourteen (14) days of the date of notification, then the Provider shall consider the on-boarding completed and will have no further obligations to the Customer in regard to the On-Boarding Acceptance Test. Under these circumstances in which the Provider deems on-boarding completion due to failure of response by the Customer, the Customer shall reserve the right to exercise unlimited self-service testing or the allocated (2) Recovery Test per 12-months as outlined in Section 1.5 of the Autopilot Managed Recovery for DRaaS SLA for completion of the On-Boarding Acceptance Testing; and
  5. On-boarding Acceptance Test Failure. Failure of the Onboarding Acceptance Testing shall be defined as the inability for the Provider to meet the RTO SLA target objectives as outlined in Section 1.2.1 of the Autopilot Managed Recovery for DRaaS SLA. The Customer agrees to provide the Provider with any data or information reasonably requested by the Provider in order to enable the Provider to diagnose and resolve any problems associated with a failure in the On-boarding Acceptance Testing. The Provider project manager will notify the Customer via email or phone upon resolution of any such issues. After the Provider has notified the Customer that the problem has been resolved, the Customer and the Provider will promptly conduct a follow-up On-boarding Acceptance Test to validate that all test criteria associated with the On-boarding Acceptance Test have now been met. This process will continue, if necessary, until the On-boarding Acceptance Test Criteria meets the required success criteria. Notwithstanding anything to the contrary in this Service Schedule, if the Customer fails to respond to the On-boarding Acceptance Test reschedule notice within fourteen (14) days of the date of notification, then the Provider shall consider the on-boarding completed and will have no further obligations to the Customer in regard to the On-boarding Acceptance Test. Under these circumstances in which the Provider deems on-boarding completion due to failure of response by the Customer, the Customer shall reserve the right to exercise unlimited self-service testing or the allocated (2) Recovery Test per 12-months as outlined in Section 1.5 of the Autopilot Managed Recovery for DRaaS SLA for completion of the Onboarding Acceptance Testing.
4. Service Delivery Management.
  1. Service Delivery Management Contacts. The Customer shall appoint an individual who will serve as the primary contact point for the Provider in connection with ongoing lifecycle management and delivery of the services (the “Customer Primary Contact”), and the Provider shall appoint a project manager (the “Technical Account Manager”); and
  2. Service Delivery Management Engagement. The Provider and the appointed Customer's project contact shall meet as required during the term of each service for the purpose of facilitating a successful relationship and overseeing the delivery and performance of each service, including but not limited to, (a) tracking the progress of the on-boarding and implementation process and all associated tasks, (b) reviewing other current or future projects or business plans that may impact all services and/or delivery of all services, (c) reviewing the Provider’s performance in the delivery of the service levels set forth in the Service Level Agreement, (d) coordinating and planning for any new equipment or software acquisitions or needs, (e) reviewing strategic and tactical decisions for the Customer in respect of the establishment, budgeting and implementation of the Customer’s priorities and plans for information technology that may impact services and/or delivery of all services, (f) monitoring and resolving concerns that may arise regarding the provision of all services, this SLA and/or the Service Schedule;
5. Provider’s Obligations. The Provider is responsible for the following in accordance with industry best-practices:
  1. Providing enhanced onboarding project management deliverables, to include:
    1. Weekly status call between the Provider on-boarding personnel and applicable Customer's contacts, and
    2. Weekly status report summarizing project tasks progress, project milestones, estimated and actual durations/completion dates and critical path items;
  2. Providing and managing all supporting Service documentation to include:
    1. Documented inventory and workload specifications (e.g. compute, storage, networking) of all Workloads within scope of the Order,
    2. Documented L2/L3 network design for compatibility and integration between the Customer Primary Site(s) and 11:11 Secure DRaaS networking services and design guidelines, and
    3. Documented Customer network security configurations, including firewall security policies, NAT policies and network security segmentation design;
  3. Providing full installation, configuration and ongoing management of all services components required for delivery of 11:11 Secure DRaaS, to include;
    1. Replication software installation, setup and configuration both in the Customer's premises and the Provider’s cloud data center environments,
    2. Setup and configuration of VPN connections (where applicable),
    3. Setup and configuration of all the Provider's side networking components support dedicated circuits for WAN connectivity (where applicable), and
    4. Setup & configuration of any cross-connects to support networking connectivity in accordance with Section 3.13 of this Service Schedule;
  4. Providing full setup and configuration for replication of the Recovery Groups for all Workloads within scope and applicable to the Order and the Onboarding Provisioning Form;
  5. Providing full assistance with development and creation of the Customer’s Disaster Recovery Runbook(s) within the 11:11 Cloud Console;
  6. Providing full assistance with development and creation of the Customer’s Recovery Activation Plan;
  7. Providing managed failover testing and live failover/fallback declaration events. Managed failback operations are only provided for live declaration events when required;
  8. Providing a completed Recovery Service Guide at the completion of the on-boarding process and manage all ongoing updates;
  9. Providing managed provisioning of new Recovery Groups, capacity additions, VPN connections and other change requests submitted by the Customer; and
  10. Providing ongoing updates, patching and maintenance for all the Provider provided service components required for delivery of the 11:11 Secure DRaaS, to include:
    1. Replication software, and
    2. Network virtual appliances sold and provided on the Order.
6. Customer’s Obligations. The Customer is responsible for the following in accordance with Provider’s delivery of the Autopilot Managed Recovery for DRaaS and industry best-practices:
  1. Ensure all Customer-owned software, applications, devices, systems, processes, and services that maintain Customer Data to be protected by the services delivered as part of this Agreement are covered as specified under Section 2.3.5 of this Service Schedule for the purposes of fulfilling this Agreement;
  2. Where applicable, the Customer shall maintain all firmware or software updates to all Customer-owned hardware, software, applications, devices, and systems in use with or protected by Cloud Resources provided by the Provider;
  3. Where applicable, contact all software, application, device, system, service, and service providers covered under this Agreement and add the appropriate Provider’s personnel as approved contacts for the purposes of fulfilling this Service Schedule;
  4. Complete the On-boarding Provisioning Form provided by the Provider;
  5. Provide all current and existing documentation of the Customer Primary Site(s) to include; environment “as-built” documentation, application contact information, application dependencies, current backup strategy, and disaster recovery plans if applicable;
  6. Provide the Provider’s personnel with the Customer's asset discovery and documentation where applicable;
  7. Where applicable; provide all current process documentation in support of the services outlined in this Agreement and provide all assistance necessary to modify existing or implement new processes to streamline the delivery of services;
  8. Where applicable, the Customer shall maintain all software and other devices or items provided to the Customer by the Provider located within the Customer's Primary Site(s) in direct support of the delivery of Cloud Resources outlined in the Order (the “Equipment’) in good working order and in accordance with applicable manufacturers’ specifications. The Customer shall notify the Provider immediately upon determination that any Equipment is not in compliance with the foregoing, or is in material breach of the terms and conditions set forth in this Service Schedule; and
  9. The Customer shall cooperate with the Provider with regard to the performance of the Provider’s obligations hereunder, including (without limitation):
    1. Providing the Provider with the required remote access to the Customer’s Equipment, as may be reasonable to permit Provider to perform its obligations hereunder, and
    2. Notifying the Provider of any changes to its configurations that could potentially impact the services.
7. Service Levels. All applicable SLAs are defined in the Autopilot Managed Recovery for DRaaS Service Level Agreement.
11:11 Network Support. The terms and conditions of this Section 3.22 are applicable to each Order that includes both the Provider’s Network Support and at least one of the Providers services that are identified in Section 3.1, Section 3.2, Section 3.8, Section 3.9, Section 3.10, and Section 3.11 of this Schedule, regardless as to whether the Order is for public or private cloud services.
1. Assets & Deliverables.
  1. On-boarding Provisioning Form. A documented overview of the network details associated with the Provider’s network on-boarding process for delivery of the Network Support within scope of the mutually agreed upon SOW. The purpose of this document is to document applicable on-boarding network details in collaboration between the Customer and the Provider; and
  2. Network Diagram. Technical diagrams providing engineering level information and configuration details for the purpose of detailing network connectivity within the Provider Site(s) delivering the service capabilities to the Customer within scope of the mutually agreed upon SOW.
2. Provider’s Obligations. The Provider is responsible for the following in accordance with industry best-practices:
  1. Providing and managing all supporting service documentation to include:
    1. Documented L2/L3 network details within the Provider’s networking services and design guidelines;
  2. Providing full installation and configuration of virtual network components, as described in the Network Support components on the Order, to include:
    1. Setup, licensing and configuration of virtual network device(s), and
    2. Setup, licensing and configuration is limited to no more than 5 hours in aggregate to plan, implement and test; and
  3. Ongoing support of virtual network components, as described in the Order, to include technical support as initiated by the Customer for routine configuration changes and basic troubleshooting activities; and
  4. Individual support activities which take the Provider more than two hours to plan and execute are out of scope for this service and are considered projects. Project work will require a separate SOW and may result in additional fees.
3. Customer’s Obligations. The Customer is responsible for the following in accordance with Provider’s delivery of the 11:11 Network Support and industry best-practices:
  1. The Customer shall complete the On-boarding Provisioning Form provided by the Provider;
  2. The Customer shall cooperate with the Provider with regard to the performance of the Provider’s obligations hereunder, including (without limitation):
    1. Providing the Provider with the required remote access to the Customer’s Equipment and/or Workloads, as may be reasonable to permit the Provider to perform its obligations hereunder, and
    2. Notifying the Provider of any changes to its configurations that could potentially impact the 11:11 Network Support; and
  3. The Customer shall sign a confirmation that it accepts the potential risks for any Customer requests that fall outside of industry and security best-practices.
4. Service Levels.
  1. The Provider shall use commercially reasonable efforts to make sure that the Technical Ticket Response Management process adheres to the Targets set out in the current Service Level Agreement accessible at https://www.1111systems.com/legal/sla.
11:11 Backup Deployment. The terms and conditions of this Section 3.23 are applicable to each Order that includes the Provider’s Backup Deployment Service in combination with 11:11 Cloud Backup for Veeam Cloud Connect.
1. Assets & Deliverables.
  1. Statement of Work. Overall project document defining the terms of the engagement, steps and expected outcomes with sign-off by the Customer;
  2. Kick-off Call. Initial project call for introductions, defining timeframes and ensuring project alignment from Provider and Customer;
  3. Onboarding Provisioning Form. Documentation of existing environment including list of servers, VMs and backup jobs;
  4. Backup Deployment Service Guide. As-built documentation provided at the end of the engagement describing the architecture and environment that has been designed and deployed on the Customer site by the Provider; and
  5. Sign-off document validating knowledge transfer. Sign-off documentation validating that the Customer has received adequate instruction and education on the Provider-built environment.
2. Backup Deployment Project Management.
  1. Project managers. Both the Provider and the Customer shall appoint a project manager each who will serve as the primary contact point; and
  2. Backup Deployment Project Management Engagement. The Provider’s project manager and the Customer’s project manager shall meet as required for the duration of the migration process for the purposes of facilitating a successful relationship and overseeing the implementation of all tasks outlined in the Statement of Work, including but not limited to, (a) tracking the progress of the implementation process and all associated tasks; (b) reviewing other current or future projects or business plans that may impact the Backup Deployment Service, (c) reviewing weekly status reports in order to review the Provider’s performance in execution of the project for delivery of all Backup Deployment Service, (d) coordinating and planning for any new equipment or software acquisitions specific to supporting the completion of the Backup Deployment Service.
3. Provider’s Obligations. The Provider is responsible for the following in accordance with industry best-practices:
  1. Providing enhanced onboarding project management deliverables, to include:
    1. Statement of Work documentation at the beginning of the project,
    2. Kick-off Call call between the Provider’s deployment personnel and the applicable Customer’s contacts, and
    3. Backup Deployment Service guide at the end of the engagement to the applicable Customer's contacts;
  2. Providing and managing supporting service documentation to include the Onboarding Provisioning Form detailing inventory and job specifications of all Workloads to be protected within scope of the Order;
  3. Providing installation, configuration and management of all services components required for the Backup Deployment Service, to include:
    1. Backup software installation, guiding the Customer through setup and configuration both in the Customer on-premise and to the Provider’s cloud data center environments,
    2. Setup and configuration of backup jobs and schedules, and
    3. Setup and configuration of all Provider’s side software components to support Customer's backup jobs.
4. Customer’s Obligations. The Customer is responsible for the following in accordance with this Section 3.23 and industry best-practices:
  1. Ensuring that all required assets and services are obtained, and, where applicable, installed on the Customer’s environment that are needed as part of the Order to include software, licenses, operating systems, bandwidth, hardware, storage, etc;
  2. Ensuring that all required assets and services are deployed and configured in accordance with the applicable manufacturers' specifications and supportability requirements;
  3. Providing and managing supporting service documentation to include the Onboarding Provisioning Form detailing inventory and job specifications of all Workloads to be protected within scope of the Order;
  4. Ensuring all Customer-owned software, applications, devices, systems, processes, and services that maintain the Customer’s data to be protected as part of the Order are documented as part of the Onboarding Provisioning Form;
  5. Providing all current and existing documentation of the Customer’s Site(s) to include; environment “as-built” documentation, application contact information, application dependencies, current backup strategy, and disaster recovery plans if applicable;
  6. Providing the Provider’s personnel with Customer’s asset discovery and documentation where applicable;
  7. Where applicable, maintaining all software and other devices or items provided to the Customer by the Provider located within the Customer’s Site(s) in direct support of the delivery of the Backup Deployment Service outlined in the Order (the “Equipment’) in good working order and in accordance with applicable manufacturers’ specifications. The Customer shall notify the Provider immediately upon determination that any Equipment is not in compliance with the foregoing, or is in material breach of the terms and conditions set forth in this Service Schedule; and
  8. Cooperating with the Provider with regard to the performance of the Provider’s obligations hereunder, including (without limitation):
    1. Providing the Provider with the required remote access to Customer’s Equipment, as may be reasonable to permit the Provider to perform its obligations hereunder, and
    2. Notifying the Provider of any changes to its configurations that could potentially impact the Backup Deployment Service.
11:11 DRaaS Deployment. The terms and conditions of this Section 3.24 are applicable to each Order that includes 11:11 DRaaS Deployment in combination with 11:11 Secure DRaaS.
1. Assets & Deliverables.
  1. Connectivity Design Documentation. Technical documents and/or diagrams providing engineering level information and configuration details for the purpose of interconnecting the Customer’s Primary Site(s) to the designated Provider’s Recovery Site(s) delivering the DRaaS service capabilities;
  2. On-boarding Project Plan. A documented detailed overview of all tasks associated with the Provider on-boarding process for interconnectivity and delivery of the services protecting Workloads replicated from the Customer’s Primary Site(s) Workloads within scope of the mutually agreed upon service contract. The purpose of this document is to track ownership, progress and completion of all applicable on-boarding tasks in collaboration between the Customer and the Provider;
  3. On-boarding Provisioning Form. A detail discovery document used for information gathering and collection of all Customer specific technical and infrastructure related information for the sole purpose of the Provider providing the onboarding service, integration, and management services to the Customer as part of the Secure DRaaS service contract;
  4. Recovery Action Plan. The initial disaster recovery process document developed between the Customer and the Provider which provides enhanced details for all steps and tasks required for proper failover or failback of the Customer’s replicated Workloads to the designated Provider’s Recovery Site(s). The Customer will own any changes after the initial development of the document; and
  5. Recovery Service Guide. A process document providing a business level view of the DRaaS solution. Key content includes general service description, service capabilities, the Customer’s Primary Site(s) and the designated Provider’s Recovery Site(s) location information, recoverable application service catalog, protected workload inventories, and failover process overview with key metrics (RTO / RPO).
2. On-boarding Project Management.
  1. Project managers. Both the Provider and the Customer shall appoint a project manager each who will serve as the primary contact point; and
  2. On-boarding Project Management Engagement. The Provider’s project manager and the Customer’s project manager shall meet as required for the duration of the on-boarding process for the purpose of facilitating a successful relationship and overseeing the implementation of all Cloud Resources and services outlined in the Order and the On-boarding Provisioning Form, including but not limited to, (a) tracking the progress of the on-boarding and implementation process and all associated tasks; (b) reviewing other current or future projects or business plans that may impact the onboarding of the Cloud Resources and services, (c) Weekly status reports to review the Provider’s performance in execution of the on-boarding project for delivery of all Cloud Resources and services, (d) coordinating and planning for any new equipment or software acquisitions specific to supporting the completion of on-boarding all Cloud Resources and services.
3. On-boarding Acceptance Test.
  1. The On-Boarding Acceptance Test consists of non-service impacting Failover Test operation performed by Provider, as well as Application Testing And Verification performed by Customer. Fully committed Failover and Failback are not supported. The Test does not include modification of Primary Site resources including Virtual Machines and networking;
  2. The On-Boarding Acceptance Test is performed during the Provider’s normal business hours of Monday-Friday 8:00 am – 5:00 pm with the time zone being based on data center location where services are located;
  3. On-Boarding Acceptance Test Scheduling. Upon completion of the on-boarding project tasks required for implementing the Cloud Resources within the scope identified in the Onboarding Provisioning Form, the Customer will be notified and will have fourteen (14) days from the day of notice in which to schedule a final On-Boarding Acceptance Test;
  4. On-Boarding Acceptance Test Success Criteria. Successful completion of the On-boarding Acceptance Test shall be determined by validation of the Provider’s ability to meet the RTO agreed during the planning phase of the onboarding project. The Target Objectives will be documented in Recovery Action Plan and Recovery Service Guide; and
  5. In the event that the On-Boarding Acceptance Test does not meet the RTO agreed in the planning phase, the Customer agrees to provide the Provider with any data or information reasonably requested by the Provider in order to enable the Provider to diagnose and resolve any problems associated with any failure to meet that RTO in the On-Boarding Acceptance Testing. The Provider project manager will notify the Customer via email or phone upon resolution of any such issues. After the Provider has notified the Customer that the problem has been resolved, the Customer and the Provider will promptly conduct a follow-up On-Boarding Acceptance Test to validate that the RTO associated with the On-Boarding Acceptance Test have now been met. This process will continue, if necessary, until the On-Boarding Acceptance Test Criteria meets the required success criteria. Notwithstanding anything to the contrary in this Service Schedule, if the Customer fails to respond to the On-Boarding Acceptance Test reschedule notice within fourteen (14) days of the date of notification, then the Provider shall consider the on-boarding completed and will have no further obligations to the Customer in regard to the On-Boarding Acceptance Test.
4. Provider’s Obligations. The Provider is responsible for the following in accordance with industry best-practices:
  1. Providing enhanced onboarding project management deliverables, to include:
    1. Weekly status call between the Provider on-boarding personnel and applicable Customer’s contacts, and
    2. Weekly status report summarizing project tasks progress, project milestones, estimated and actual durations/completion dates and critical path items;
  2. Providing all supporting Service documentation to include:
    1. Documented inventory and workload specifications (e.g. compute, storage, networking) of all Workloads within scope of the Order,
    2. Documented L2/L3 network design for compatibility and integration between the Customer Primary Site(s) and 11:11 Secure DRaaS networking services and design guidelines, and
    3. Documented Customer network security configurations, including firewall security policies, NAT policies and network security segmentation design;
  3. Providing full installation and configuration of all services components required for delivery of 11:11 Secure DRaaS, to include:
    1. Replication software installation, setup and configuration both in the Customer’s premises and the Provider’s cloud data center environments,
    2. Setup and configuration of VPN connections (where applicable),
    3. Setup and configuration of all the Provider’s side networking components support dedicated circuits for WAN connectivity (where applicable), and
    4. Setup & configuration of any cross-connects to support networking connectivity in accordance with Section 3.13 of this Service Schedule;
  4. Providing full setup and configuration for replication of the Recovery Groups for all Workloads within scope and applicable to the Order and the Onboarding Provisioning Form;
  5. Providing full assistance with development and creation of the Customer’s Disaster Recovery Runbook(s) within the 11:11 Cloud Console;
  6. Providing full assistance with development and creation of the Customer’s Recovery Activation Plan;
  7. Providing the initial managed failover test; and
  8. Providing a completed Recovery Service Guide at the completion of the on-boarding process.
5. Customer Obligations. The Customer is responsible for the following in accordance with Provider’s delivery of the 11:11 DRaaS Deployment and industry best-practices:
  1. Ensure all Customer-owned software, applications, devices, systems, processes, and services that maintain Customer Data to be protected by the services delivered as part of this Agreement are covered as specified under Section 2.3.5 of this Service Schedule for the purposes of fulfilling this Agreement;
  2. Where applicable, the Customer shall maintain all firmware or software updates to all Customer-owned hardware, software, applications, devices, and systems in use with or protected by Cloud Resources provided by the Provider;
  3. Where applicable, contact all software, application, device, system, service, and service providers covered under this Agreement and add the appropriate Provider’s personnel as approved contacts for the purposes of fulfilling this Service Schedule;
  4. Complete the On-boarding Provisioning Form provided by the Provider;
  5. Provide all current and existing documentation of the Customer Primary Site(s) to include; environment “as-built” documentation, application contact information, application dependencies, current backup strategy, and disaster recovery plans if applicable;
  6. Provide the Provider’s personnel with the Customer’s asset discovery and documentation where applicable;
  7. Where applicable; provide all current process documentation in support of the services outlined in this Agreement and provide all assistance necessary to modify existing or implement new processes to streamline the delivery of services;
  8. Where applicable, the Customer shall maintain all software and other devices or items provided to the Customer by the Provider located within the Customer’s Primary Site(s) in direct support of the delivery of Cloud Resources outlined in the Order (the “Equipment’) in good working order and in accordance with applicable manufacturers’ specifications. The Customer shall notify the Provider immediately upon determination that any Equipment is not in compliance with the foregoing, or is in material breach of the terms and conditions set forth in this Service Schedule;
  9. The Customer shall cooperate with the Provider with regard to the performance of the Provider’s obligations hereunder, including (without limitation):
    1. Providing the Provider with the required remote access to the Customer’s Equipment, as may be reasonable to permit Provider to perform its obligations hereunder, and
    2. Notifying the Provider of any changes to its configurations that could potentially impact the services;
  10. Manages and updates to any documentation after the initial handoff of the documentation to the Customer; and
  11. All other obligations as outlined in Section 3.10.3
Managed Appliance. The terms and conditions of this Section 3.25 are applicable to each Order that includes the Provider’s Managed Appliance Services as described in the Order.
1. Service options (applicable only to Managed Firewalls). Either Managed Firewall service offering can be delivered to physical or virtual firewalls running on premises or cloud infrastructure. Firewall management service options encompass net new firewall deployments for greenfield environments, firewall replacement for existing brownfield environments, and management takeover of existing brownfield environments. Major re-architectures and redesigns, as identified at Provider’s discretion, are out of scope for Basic and Advanced management service options and would require a separate Professional Services engagement with Provider.
  1. Basic. The Basic Management Firewall provides basic management of the firewall appliance without the SOC monitoring or reporting;
  2. Advanced. The Advanced Managed Firewall provides management, monitoring and reporting utilizing the full Unified Threat Management (UTM) capabilities of the firewall appliance and includes monitoring by the SOC. Additional Managed Device(s) under this service option include Fortinet switch(es), wireless access point(s), WAN wireless extender(s), and SD-WAN; and
  3. SD-WAN. SD-WAN expands the traditional basic management of the firewall appliance to include configuration and implementation assistance, and device administration when such device(s) is/are part of an SD-WAN architecture. The SD-WAN service definition is further explained in Section 3.36.
2. Provider’s Obligations. The Provider is responsible for the following in accordance with industry best practices:
  1. If specified in the Order as part of Provider provided hardware, procurement of the appliance hardware, licensing, and/or support;
  2. Onboarding Managed Device(s) into the Provider’s infrastructure;
  3. Providing recommended firmware upgrades based on critical Common Vulnerabilities and Exposures (CVEs) ratings, which may not always align with the most recent firmware from the vendor;
  4. Firmware upgrades will be completed as deemed appropriate and necessary by the Provider;
  5. The Provider will attempt to coordinate all firmware upgrades with the Customer prior to completion of the upgrade;
  6. The Provider will make commercial best efforts to provide Change Management support;
    1. The Provider will make reasonable attempts to discuss and notify the Customer of any changes prior to making changes to the configuration of the appliance, and
    2. In the case of an Emergency, where the Provider determines (in its sole discretion) that the security, confidentiality, integrity, or availability of the switch is at risk, changes may be made without prior notification to the Customer in order to attempt to mitigate the risk;
  7. Maintaining backup configurations after changes are made to the supported appliance to ensure rollback and recovery capability; and
  8. Supporting Next Business Day (NBD) or Premium 4-hour replacement for the Provider’s provided equipment, as specified in the Order. RMA delivery may be impacted by customer location. Provider is not liable for RMA gear not delivered late due to delays caused by location constraints and/or shipping and receiving issues;
  9. For Managed Firewalls.
    1. As supported by hardware, software, and licensing specified in Order, configuration of zones, rules, objects, NATs, site-to-site VPNs, user access VPNs, routing, and UTM configuration in accordance with Customer’s completed Customer Design Requirements (CDR) form,
    2. Basic configuration review of NGFWs for high level best practices around zones and rules. This does not include automated rule analysis via tools, or manual line by line review of the entire ruleset, which remains Customer’s obligation in absence of a separated professional services agreement between Customer and Provider,
    3. Configuring remote access VPN to provide Customer’s end-user access to the internal network requested by Customer in accordance with CDR form. This includes local user setup or Lightweight Directory Access Protocol (LDAP). The Provider will make commercial best efforts to configure VPN client connectivity, however VPN connectivity is subject to a variety of factors, including, but not limited to, local ISP issues, local or home office network issues, and public WiFi port blocking,
    4. Providing seven (7) days of active log retention from each supported NGFW.
      1. When the specified seven (7) day log limit is exceeded, the oldest logs shall be overwritten to make room for new logs.
      2. Destruction of logs upon termination in accordance with the terms of the Agreement; and
    5. Exclusively for the Advanced Managed Firewall:
      1. Providing UTM feature configuration and optimization as per the Provider’s then current Product Compatibility Matrix, including but not limited to:
        
        1. IDS/IPS. Configuring Intrusion Detection and Prevention Services (IDS/IPS) to detect and block traffic patterns that contain malicious threats on Equipment.
        
        2. Application Control. Configuring application control to provide detailed visibility into user traffic.
        
        3. Web Filtering. Configuring web content filtering to monitor and block websites based on category.
      2. Performing UTM security updates.
      3. Providing performance & utilization monitoring.
      4. Analyzing suspicious activity and traffic with notifications to Customer.
      5. Providing a monthly activity report.
      6. Supporting High Availability (HA) deployments.
      7. Providing a ninety (90) day active log retention.
      8. Specific to Fortinet firewalls, providing a one (1) year long archive.
  10. For Managed Routers. As supported by hardware, software and licensing specified in Order, configuration support for interfaces, routing, route maps, ACLs, Zone Based Firewall (ZBFW), Dynamic Multipoint VPN (DMVPN), and IPSec VPNs; and
  11. For Managed Switches. As supported by hardware, software and licensing specified in Order, configuration support for VLANs, access ports, trunks, LACP, vPC, HSRP/VRRP, layer 3 SVIs, VRFs, static routes and dynamic routing.
3. Customer’s Obligations. The Customer is responsible for the following in accordance with Provider’s delivery of the Managed Appliance services and industry best practices:
  1. Promptly providing all information requested by Provider’s technical team related to existing network policies and configurations associated with the old equipment, if applicable, to ensure a seamless migration process and to minimize any potential conflicts or challenges that may arise during the transition. In the event Customer requires additional assistance or expertise for the actual transfer of rules from the old equipment to the new SD-WAN infrastructure, then Provider is prepared to offer such services as part of a separate paid professional services engagement the terms of which will be mutually agreed to in writing signed by the Parties;
  2. Providing architectural design for network and applications;
  3. Installing and cabling the Provider's Equipment at the Customer’s location(s). Upon request, the Provider offers installation services as an add-on, based on availability at the respective location(s);
  4. For Customer-provided appliances, either physical or virtual, ensuring that the hardware is supported by the Provider’s then-current Product Compatibility Matrix.
    1. For Customer-provided Managed Firewalls, either physical or virtual, ensuring that the NGFW(s) is exclusively powered by Fortinet FortiGate or Cisco Firepower and supported by the Provider’s then-current Product Compatibility Matrix;
  5. For Customer-provided appliances, either physical or virtual, ensuring that up-to-date vendor support is attached to all applicable hardware, software and licensing;
  6. Providing an approved network diagram;
  7. Providing access to existing appliance configuration;
  8. Providing applicable specifications to the Provider to allow for configuration of network interfaces, VLANs, access ports, trunks, LACP, vPC, HSRP/VRRP, layer 3 SVIs, VRFs, static routes and dynamic routing;
  9. Providing access to the customer’s internal network to allow provider to configure remote access VPN;
  10. Providing a technical resource for the duration of the implementation project;
  11. Providing coordination for scheduling necessary maintenance windows to complete the implementation;
  12. Providing a technical resource to assist in troubleshooting issues for hardware at customer premises as Provider does not provide on-site support for physical appliance;
  13. Notifying the Provider with Change Management requests;
  14. Notifying the Provider in the event of any major changes that may potentially impact the Managed appliance service, including, but not limited to:
    1. Changing Internet service at the location where the appliance resides,
    2. Changing internal networking scheme,
    3. Moving the appliance to a different location,
    4. For Managed Firewalls, significantly increasing the users of SSL VPN (as determined by the Provider at the Provider’s sole discretion),
    5. For physical appliances only:
      1. Ensuring proper power is available at the location where the appliance resides.
      2. Ensuring that the necessary rack space has been allocated.
      3. Ensuring that proper environmental requirements are met for any new Equipment installations.
      4. Providing the physical address of the appliance to the Provider.
    6. For virtual appliances only:
      1. Providing all vCPU, RAM, and storage resources to host the virtual appliance.
      2. If deployed on a Customer-managed cluster or cloud environment, Customer is responsible for virtual appliance deployment and providing console access to Provider
  15. For Managed Firewalls.
    1. Filling out the Customer Design Requirements (CDR) form in its entirety to capture all firewall configuration requirements, including but not limited to: zones, rules, objects, NATs, site to site VPNs, user access VPNs, routing, and UTM configuration;
    2. If migrating from a different vendor platform, Customer is responsible for translating existing configuration to populate in the Customer Design Requirements (CDR) form;
    3. Providing applicable specifications to the Provider to allow for configuring Network Address Translation (NAT) and inbound and outbound stateful firewall rules; and
  16. For Managed Routers and Switches. Providing applicable specifications to the Provider to allow for configuration of network interfaces, VLANs, access ports, trunks, LACP, vPC, HSRP/VRRP, layer 3 SVIs, VRFs, static routes and dynamic routing.
Managed SIEM (Security Information and Event Management). The terms and conditions of this Section 3.26 are applicable to each Order that includes Managed SIEM services.
1. Provider’s Obligations. The Provider is responsible for the following in accordance with industry best practices:
  1. Assisting the Customer in deploying the collector and/or agent on the agreed Customer locations;
  2. Ensuring that all event sources are properly sending logs to the SIEM;
  3. Optimizing the data collection and tuning of alerts;
  4. Creating custom alerting and notifications;
  5. Log Ingestion:
    1. Log files will be subjected to automated analysis procedures designed to identify attacks, operational problems, or compromises,
    2. Anomalies discovered by this process shall be communicated to the Customer, and
    3. A ticket with a monthly report shall be provided to the Customer summarizing the results of the analysis and any applicable network traffic trends;
  6. Log File Analysis:
    1. Log files will be subjected to automated analysis procedures designed to identify attacks, operational problems, or compromises,
    2. Anomalies discovered by this process shall be communicated to the Customer, and
    3. A ticket with a monthly report shall be provided to the Customer summarizing the results of the analysis and any applicable network traffic trends; and
  7. Log Retention:
    1. Providing a ninety (90) day active log retention. When the specified ninety (90) day limit is exceeded, the oldest logs will be overwritten to make room for new logs,
    2. Providing a one (1) year archive of log files, and
    3. Destruction of logs upon termination in accordance with the terms of the Agreement.
2. Customer's Obligations. The Customer is responsible for the following in accordance with Provider’s delivery of the Managed SIEM services and industry best practices:
  1. Populating Provider provided security questionnaire;
  2. Providing an approved network diagram and any other information relevant to the security of the environment that will aid the Provider in security monitoring;
  3. Providing a technical resource for the duration of the implementation project, including, but not limited to, installing and uninstalling the collectors and/or agents, and configuring log sources;
  4. Providing hardware to collect event logs. In the event that the collector is part of the Customer’s virtual Data Center, providing virtual resources to deploy the collector;
  5. As needed for certain deployments, providing the Provider with an admin account to pull information from the environment;
  6. Providing a list of log sources on the Customer’s network;
  7. Configuring the event sources for log data ingestion based on the Provider’s instructions;
  8. Notifying the Provider in the event of any changes to the list of log sources or if the network environment changes, including, but not limited to, adding or removing devices; and
  9. Responding in a timely manner to Provider’s incident escalations and any other issues that arise related to the health of the system or the health of any data sources.
Managed CRS (Continuous Risk Scanning). The terms and conditions of this Section 3.27 are applicable to each Order that includes Managed CRS services.
1. Provider’s Obligations. The Provider is responsible for the following in accordance with industry best practices:
  1. Providing network discovery and asset prioritization;
  2. Identifying critical vulnerabilities;
  3. Providing a remediation workflow engine;
  4. Performing distributed scanning;
  5. Providing visibility to reporting and scorecards;
  6. Creating tenant in the Managed Security Portal;
  7. Setting up Customer’s user(s) in the Managed Security Portal;
  8. Creating an agent installer and supporting the Customer in the deployment of the scanning agent. Agent support shall be limited to Windows OS;
  9. If necessary, assisting the Customer in the deployment of the virtual scanning appliance; and
  10. Setting up the external cloud scanner for external asset scanning.
2. Customer's Obligations. The Customer is responsible for the following in accordance with Provider’s delivery of the Managed CRS services and industry best practices:
  1. Providing all documented IP space (including subnets);
  2. Providing any changes to the network;
  3. Providing an Access Control List (ACL) to allow the Provider’s scanner to reach all devices;
  4. Maintaining proper access to the network and assets being scanned by the Provider;
  5. Assisting the Provider in the deployment of the agenda and/or virtual scanner;
  6. Assisting the Provider in the grouping of assets into business contexts;
  7. Remediating threats and vulnerabilities; and
  8. Notifying the Provider in the event of any major changes that could potentially impact the service, including, but not limited to:
    1. Changing Internet service at the Customer location,
    2. Changing internal networking scheme,
    3. Moving to a different location,
    4. Removing agents,
    5. Adding new endpoints, and
    6. Replacing endpoints.
Managed EDR (Endpoint Detection and Response). The terms and conditions of this Section 3.28 are applicable to each Order that includes Managed EDR services.
1. Provider’s Obligations. The Provider is responsible for the following in accordance with industry best practices:
  1. Guiding the Customer in the deployment of the agent(s), which shall be limited to Fortinet FortiEDR agents;
  2. Creating and optimizing the policies and tuning alerts;
  3. Creating and optimizing the Playbook according to threat data and Customer’s business requirements;
  4. Analyzing logs and notifying the Customer of suspicious activity or identified threats;
  5. Creating custom alerting and notifications;
  6. Providing a six (6) month log retention;
    1. When the specified six (6) month log limit is exceeded, the oldest logs shall be overwritten to make room for new logs, and
    2. Destruction of logs upon termination in accordance with the terms of the Agreement;
  7. Optionally, configuring the following external integrations:
    1. Custom SIEM target(s), upon Customer’s reasonable request, that are publicly accessible.
2. Customer's Obligations. The Customer is responsible for the following in accordance with Provider’s delivery of the Managed EDR services and industry best practices:
  1. Providing an approved network diagram;
  2. Providing a technical resource for the duration of the implementation project;
  3. Assisting the Provider in deployment of agents on endpoints;
  4. Ensuring that the endpoints, on which the Fortinet FortiEDR agents are deployed, match the specifications as defined in the Provider’s then-current Product Compatibility Matrix;
  5. Assisting the Provider in the customization of Playbooks and policies during the tuning period and ongoing;
  6. Providing incident response and remediating threats; and
  7. Notifying the Provider in the event of any major changes that could potentially impact the service, including, but not limited to:
    1. Changing Internet service at the Customer location,
    2. Changing internal networking scheme,
    3. Moving to a different location,
    4. Removing agents,
    5. Adding new endpoints, and
    6. Replacing endpoints.
Professional Security Services. The terms and conditions of this Section 3.29 are applicable to each Order that includes Professional Security services.
1. Service options.
  1. Network Architecture Review and Design. This service includes professional services by the Provider’s security professionals to review the Customer’s existing architecture, and design a network solution driven by both security and business objectives;
  2. Appliance Configuration and Implementation. This service includes professional services by the Provider’s security professionals to configure and optimize the Customer’s Fortinet FortiGate appliance(s), and test the Customer’s Equipment for readiness and quality before deployment. This service is limited to Fortinet products only; and
  3. Health Check. This service includes professional services by the Provider’s security professionals to perform a detailed review of the Customer’s security solution and identify potential areas of improvement within the scope of the mutually agreed upon SOW.
2. Provider’s Obligations. The Provider is responsible for the following in accordance with commercially reasonable efforts:
  1. Developing a Statement of Work based on Customer’s provided business objectives and/or goals; and
  2. Performing duties necessary to deliver the service as defined in the Statement of Work.
3. Customer's Obligations. The Customer is responsible for the following in accordance with Provider’s delivery of the Professional Security services and industry best practices:
  1. Providing a technical resource for the duration of the engagement;
  2. Providing an approved network diagram;
  3. Providing business objectives and/or goals for the engagement;
  4. Acknowledging that the Provider does not guarantee prevention of security breaches;
  5. Exclusively for the Appliance Configuration and Implementation service, accurately identifying the Equipment that needs to be replaced and provide the Provider with the current configuration for the Equipment; and
  6. Exclusively for the Health Check service, providing the Provider with all relevant and necessary details for the Customer’s current security posture and existing system controls.
Managed Backup for Cohesity. The terms and conditions of this Section 3.30 are applicable to each Order that includes the Provider's Managed Backup for Cohesity service.
1. Resources.
  1. Storage. The resources that comprise the Managed Backup for Cohesity service include dedicated Equipment that provide storage capacity in pre-determined cluster sizes as specified in the Order;
  2. Licensing. All required licensing is included in the Managed Backup for Cohesity service; and
  3. Business Models. Capacity is available in a reserved business model as specified in the Order.
2. Assets & Deliverables. The Provider is responsible for the following in accordance with commercially reasonable efforts:
  1. On-Boarding Project Plan. A documented detailed overview of all tasks associated with the Provider on-boarding process defined within scope of the mutually agreed upon Statement of Work. The purpose of this document is to track ownership, progress and completion of all applicable on-boarding tasks in collaboration between the Customer and the Provider;
  2. On-Boarding Provisioning Form. A detailed discovery document used for information gathering and collection of all Customer-specific technical and infrastructure-related information for the sole purpose of the Provider providing the onboarding service, integration, and management services to the Customer;
  3. Backup Policies. The policies define the managed backup schedule of how often and when to take a backup and the retention timeframe for that backup. The policies also define how often full backups should be taken and how often to retry in the event of backup failure; and
  4. Backup Groups. Groups define what resources are backed up and assigns the applicable Backup Policy to those resources.
3. On-Boarding Project Management.
  1. Project managers. Both the Provider and the Customer shall appoint a project manager to serve as the primary contact point; and
  2. On-Boarding Project Management Engagement. The Provider's project manager and the Customer's project manager shall meet as required for the duration of the on-boarding process for the purpose of facilitating a successful relationship and overseeing the implementation of all backup resources and services outlined in the Order and the On-boarding Provisioning Form, including but not limited to: (a) tracking the progress of the on-boarding and implementation process and all associated tasks; (b) reviewing other current or future projects or business plans that may impact the onboarding of the Equipment and services; (c) weekly status reports to review the Provider’s performance in execution of the on-boarding project for delivery of all Equipment and services; and (d) coordinating and planning for any new Equipment or software acquisitions specific to supporting the completion of on-boarding the Managed Backup for Cohesity service.
4. On-Boarding Acceptance Test.
  1. The On-Boarding Acceptance Test consists of non-service impacting backup recovery test operation performed by the Provider in conjunction with the Customer, as well as data recovery verification performed by the Customer, in each case as defined in the On-Boarding Project Plan;
  2. The On-Boarding Acceptance Test is performed during the Provider’s normal business hours of Monday-Friday 8:00 am – 5:00 pm with the time zone being based on the location where services are located, excluding any federal or other holidays observed by the Provider in such location;
  3. On-Boarding Acceptance Test Success Criteria. Successful completion of the On-boarding Acceptance Test shall be determined by validation to recover data either to the original location or an alternative location. Any other target objectives will be documented in the On-Boarding Project Plan. If the On-Boarding Acceptance Test cannot be completed for technical reasons, the Customer will provide the Provider with any data or information reasonably requested by the Provider in order to enable the Provider to diagnose and resolve any problems associated with any failure to recover data during the On-Boarding Acceptance Testing. The Provider project manager will notify the Customer via email or phone upon resolution of any such issues. After the Provider has notified the Customer that the problem has been resolved, the Customer and the Provider will promptly conduct a follow-up On-Boarding Acceptance Test to verify data recovery. This process will continue, if necessary, until the On-Boarding Acceptance Test Criteria meets the required success criteria; and
  4. Notwithstanding anything to the contrary in this Service Schedule, if the Customer fails to timely participate in the On-Boarding Acceptance Test process as identified in the On-Boarding Project Plan, all of the Provider’s on-boarding obligations will be considered completed and Provider will have no further obligations to the Customer regarding the On-Boarding Acceptance Test. In such event, the Customer may continue to exercise unlimited self-service testing.
5. Service Delivery Management.
  1. Service Delivery Management Contacts. The Customer shall appoint an individual who will serve as the primary contact point for the Provider in connection with ongoing lifecycle management and delivery of the services, and the Provider shall appoint a point of contact; and
  2. Service Delivery Management Engagement. The Provider and the appointed Customer's project contact shall meet as required during the term of each service for the purpose of facilitating a successful relationship and overseeing the delivery and performance of each service, including but not limited to, (a) tracking the progress of the onboarding and implementation process and all associated tasks, (b) reviewing other current or future projects or business plans that may impact all services and/or delivery of all services, (c) coordinating and planning for any new equipment or software acquisitions or needs, (d) reviewing strategic and tactical decisions for the Customer in respect of the establishment, budgeting and implementation of the Customer’s priorities and plans for information technology that may impact services and/or delivery of all services, and (e) monitoring and resolving concerns that may arise regarding the provision of the Service Schedule.
6. Provider's Obligations. The Provider is responsible for the following in accordance with industry best practices:
  1. Providing the Equipment as specified by the Order;
  2. Providing documentation and guiding the Customer through the On-Boarding Acceptance Test and related process;
  3. Providing ongoing support and education about Customer’s self-service data recovery features of the Managed Backup for Cohesity service at the Customer's request;
  4. Maintaining the underlying cloud infrastructure components to support the Managed Backup for Cohesity service such as compute, memory, storage and networking by following Provider's guidelines for managing these environments;
  5. Providing backup Equipment capacity increase options via Order as recommended by the Provider or as otherwise requested by the Customer;
  6. In case of Provider-assisted restoration, assisting the Customer with initiating the restore from the Customer-Leased Equipment at-time-of-Disaster;
  7. Monitoring performance and status of the Managed Backup for Cohesity service in compliance with the Backup Policies for each of the Backup Groups;
  8. Providing enhanced onboarding project management deliverables, to include:
    1. Weekly status call between the Provider on-boarding personnel and applicable Customer's contacts, and
    2. Weekly status report summarizing project tasks progress, project milestones, estimated and actual durations/completion dates and critical path items;
  9. Providing the Provider’s published Managed Backup for Cohesity service documentation and managing supporting documentation, including:
    1. Documented inventory and workload specifications (e.g. compute, storage, networking) of all Workloads within the scope of the Order, and
    2. Documented Customer network security configurations, including firewall security policies, NAT policies and network security segmentation design.
  10. Providing full installation, configuration and ongoing management of all services components required for delivery of Managed Backup for Cohesity service, to include (as applicable):
    1. Backup hardware & software installation, setup and configuration in the Customer's on-premises environments used for provision of such services;
  11. Providing full setup and configuration for backup of the Backup Policies for all Workloads within the scope and applicable to the Order and the On-Boarding Provisioning Form;
  12. Providing full assistance with the development and creation of the Customer’s Backup Policy definitions;
  13. Providing managed data recovery testing from backup and live data recovery from backup declaration events;
  14. Providing managed provisioning of new Backup Policies, capacity additions and other change requests submitted by the Customer; and
  15. Providing ongoing updates, patching and maintenance for all the Provider-provided service components required for delivery of the Managed Backup for Cohesity service, to include:
    1. Customer’s on-premises Equipment, and
    2. Software components used by the Managed Backup for Cohesity service; and
  16. Provided the Customer has returned the Equipment to the Provider in accordance with the requirements of this Service Schedule, the Provider will permanently destroy the Equipment and provide the Customer with a Certification of Destruction within a reasonable period following such destruction.
7. Customer's Obligations. The Customer is responsible for the following in accordance with industry best practices (as applicable):
  1. Providing the Provider with full and timely cooperation in the Provider’s provision of the Managed Backup for Cohesity service, including without limitation by: (a) providing the Provider with all information reasonably requested by the Provider, such as backup requirement details and site access details and (b) making available Customer’s designated contact reasonably accessible to the Provider;
  2. Restoring backups from the Customer-Leased Equipment provided with the Managed Backup for Cohesity service. While the Provider will provide Customer with reasonable support with restoring its backups upon request, Customer remains responsible for performing granular recovery of individual items from agent-based application aware backups. Customer further acknowledges that the Provider does not guarantee the recoverability of individual applications running on the Virtual Machines, such as databases or email messaging systems;
  3. Promptly notifying the Provider if the protected Resources are compromised, modified or infected by an unauthorized user, malware, virus, worm, or similar code or otherwise Hacked or accessed by a person lacking permission to access the protected Resources;
  4. If the Customer provisions Reserved Resources in excess of the specifications set out on the Order, including the storage necessary for processing the snapshot-based backups, the Provider is not responsible for any performance degradation, loss of backup data, or errors caused by over allocation;
  5. Ensuring all Customer-owned software, applications, devices, systems, processes, and services that maintain Customer data to be protected by the services delivered as part of this Agreement are covered as specified under Section 2.3.5 of this Service Schedule for the purposes of fulfilling the Agreement;
  6. Maintaining all firmware or software updates to all Customer-owned hardware, software, applications, devices, and systems in use with or protected by the Managed Backup for Cohesity service provided by the Provider;
  7. Contacting all software, application, device, system, service, and service providers covered under this Agreement and add the appropriate Provider’s personnel as approved contacts for the purposes of fulfilling this Service Schedule;
  8. Assisting with the completion of the On-boarding Provisioning Form provided by the Provider;
  9. Providing all current and existing documentation of the Customer Primary Site(s) including without limitation, environment “as-built” documentation, application contact information, application dependencies, current backup strategy, disaster recovery plans and any other documentation reasonably requested by the Provider;
  10. Providing the Provider’s personnel with the Customer's asset discovery and documentation;
  11. Providing all current process documentation in support of the Managed Backup for Cohesity service and provide all assistance to the Provider as necessary to modify existing or implement new processes to streamline the delivery of the Managed Backup for Cohesity service;
  12. Maintaining all software and Customer-Leased Equipment or items provided to the Customer by the Provider located within the Customer's Primary Site(s) in direct support of the delivery of Managed Backup for Cohesity service outlined in the Order in good working order and in accordance with applicable manufacturers’ specifications. The Customer shall notify the Provider immediately upon determination that any Customer-Leased Equipment is not in compliance with the foregoing or is otherwise not working;
  13. The Customer shall cooperate with the Provider with regard to the performance of the Provider’s obligations hereunder, including (without limitation):
    1. Providing the Provider with the required remote access to the Customer’s Equipment, as may be reasonable to permit Provider to perform its obligations hereunder, and
    2. Notifying the Provider of any changes to its configurations that could potentially impact the services. For example, any data protection gaps such as a new virtual machine or physical server not being protected because the Customer did not inform the Provider.
  14. Prior to the expiration or termination of any Order for the Managed Backup for Cohesity service, migrating and permanently deleting all of its Customer data residing on any Equipment prior to returning the Equipment to the Provider. Such data migration and deletion obligations are at the Customer’s expense, unless otherwise agreed between the Customer and the Provider in a SOW for data migration services; and
  15. Within thirty (30) days after the expiration or termination of any Order for the Managed Backup for Cohesity service where such Order covers Equipment, Customer will return the Equipment to the Provider by shipping the Equipment to Provider’s designated address at Customer’s expense. Risk of loss to the Equipment will remain with Customer until Equipment is delivered to the Provider. Customer acknowledges and agrees if Customer does not ship the Equipment to Provider within such thirty (30) day period, Customer will pay the applicable Provider the cost of the Equipment.
Managed Off-Site Replication for Cohesity. The terms and conditions of this Section 3.31 are applicable to each Order that includes the Provider's Managed Off-Site Replication for Cohesity service.
1. Resources.
  1. Storage. The resources that comprise the Managed Off-Site for Cohesity service could include one of the following as specified in the Order:
    1. Dedicated Equipment that provide storage capacity in pre-determined cluster sizes, or
    2. Shared Equipment that provide storage capacity in a multi-tenant environment;
  2. Licensing. All required licensing is included in the Managed Off-Site Replication for Cohesity service unless explicitly specified in the Order for Bring-Your-Own-Device (BYOD) environments; and
  3. Business Models. Capacity is available in a reserved business model as specified in the Order.
2. Assets & Deliverables.
  1. On-Boarding Project Plan. A documented detailed overview of all tasks associated with the Provider on-boarding process defined within scope of the mutually agreed upon Statement of Work. The purpose of this document is to track ownership, progress and completion of all applicable on-boarding tasks in collaboration between the Customer and the Provider;
  2. On-Boarding Provisioning Form. A detailed discovery document used for information gathering and collection of all Customer specific technical and infrastructure-related information for the sole purpose of the Provider providing the on-boarding service, integration, and management services to the Customer;
  3. Backup Policies. The policies define the managed backup schedule of how often and when to take a backup and the retention timeframe for that backup. The policies also define how often full backups should be taken and how often to retry in the event of backup failure; and
  4. Backup Groups. Groups define what resources are backed up and assigns the applicable Backup Policy to those resources.
3. On-Boarding Project Management.
  1. Project managers. Both the Provider and the Customer shall appoint a project manager to serve as the primary contact point; and
  2. On-Boarding Project Management Engagement. The Provider's project manager and the Customer's project manager shall meet as required for the duration of the on-boarding process for the purpose of facilitating a successful relationship and overseeing the implementation of all backup resources and services outlined in the Order and the On-boarding Provisioning Form, including but not limited to: (a) tracking the progress of the on-boarding and implementation process and all associated tasks; (b) when applicable, reviewing other current or future projects or business plans that may impact the onboarding of the Equipment and services; (c) when applicable, weekly status reports to review the Provider’s performance in execution of the on-boarding project for delivery of all Equipment and services; and (d) when applicable, coordinating and planning for any new Equipment or software acquisitions specific to supporting the completion of on-boarding the Managed Off-Site Replication for Cohesity service.
4. Service Delivery Management.
  1. Service Delivery Management Contacts. The Customer shall appoint an individual who will serve as the primary contact point for the Provider in connection with ongoing lifecycle management and delivery of the services, and the Provider shall appoint a point of contact; and
  2. Service Delivery Management Engagement. The Provider and the appointed Customer's project contact shall meet as required during the term of each service for the purpose of facilitating a successful relationship and overseeing the delivery and performance of each service, including but not limited to, (a) tracking the progress of the onboarding and implementation process and all associated tasks, (b) reviewing other current or future projects or business plans that may impact all services and/or delivery of all services, (c) coordinating and planning for any new equipment or software acquisitions or needs, (d) reviewing strategic and tactical decisions for the Customer in respect of the establishment, budgeting and implementation of the Customer’s priorities and plans for information technology that may impact services and/or delivery of all services, and (e) monitoring and resolving concerns that may arise regarding the provision of the Service Schedule.
5. Provider's Obligations. The Provider is responsible for the following in accordance with industry best practices:
  1. Providing the storage infrastructure and licensing as specified by the Order;
  2. Providing documentation and guiding the Customer through the On-Boarding process;
  3. Maintaining the underlying cloud infrastructure components to support the Managed Off-Site Replication for Cohesity service such as compute, memory, storage and networking by following Provider's guidelines for managing these environments;
  4. Providing Off-Site Replication capacity increase options via Order as recommended by the Provider or as otherwise requested by the Customer;
  5. Providing the Customer with the option to purchase a best-effort cloud restoration service to 11:11 Cloud Services at an additional cost using the backups stored at the Target Site with the following parameters:
    1. The creation of Virtual Data Center(s) will consist of the specifications detailed in the relevant Order,
    2. The network connectivity to the restored environment will be provided by the Provider,
    3. The restoration shall be limited to VMware based environments, and
    4. The Provider will start the restoration process within 24 hours after the Customer has both declared a Disaster by notifying the Provider and approved the new Order that contains the cloud resources required to run the workloads along with the iTech fees for the professional services required to perform the restoration tasks;
  6. Providing enhanced onboarding project management deliverables, to include:
    1. Weekly status call between the Provider on-boarding personnel and applicable Customer's contacts, and
    2. Weekly status report summarizing project tasks progress, project milestones, estimated and actual durations/completion dates and critical path items;
  7. Providing the Provider’s published Managed Off-Site Replication for Cohesity service documentation and managing supporting documentation, including:
    1. Documented inventory and workload specifications (e.g. compute, storage, networking) of all Workloads within the scope of the Order, and
    2. Documented Customer network security configurations, including firewall security policies, NAT policies and network security segmentation design;
  8. Providing full installation, configuration and ongoing management of all services components required for delivery of Managed Off-Site Replication for Cohesity service, to include (as applicable):
    1. Backup hardware & software installation, setup and configuration;
  9. Providing capacity additions and other change requests submitted by the Customer; and
  10. Providing ongoing updates, patching and maintenance for all the Provider-provided service components required for delivery of the Managed Off-Site Replication for Cohesity service, to include:
    1. Infrastructure hosting the off-site replicas, and
    2. Software components used by the Managed Off-Site Replication for Cohesity service.
6. Customer's Obligations. The Customer is responsible for the following in accordance with industry best practices (as applicable):
  1. Providing the Provider with full and timely cooperation in the Provider’s provision of the Managed Off-Site Replication for Cohesity service, including without limitation by: (a) providing the Provider with all information reasonably requested by the Provider, such as backup requirement details and (b) making available Customer’s designated contact reasonably accessible to the Provider;
  2. Promptly notifying the Provider if the protected Resources are compromised, modified or infected by an unauthorized user, malware, virus, worm, or similar code or otherwise Hacked or accessed by a person lacking permission to access the protected Resources;
  3. If the Customer provisions Reserved Resources in excess of the specifications set out on the Order, including the storage necessary for processing the snapshot-based backups, the Provider is not responsible for any performance degradation, loss of backup data, or errors caused by over allocation;
  4. Maintaining all firmware or software updates to all Customer-owned Cohesity hardware, and software used in production that replicates to the Provider’s target;
  5. Assisting with the completion of the On-boarding Provisioning Form provided by the Provider;
  6. Providing the Provider’s personnel with the Customer's asset discovery and documentation;
  7. Providing all current process documentation in support of the Managed Off-Site Replication for Cohesity service and provide all assistance to the Provider as necessary to modify existing or implement new processes to streamline the delivery of the Managed Off-Site Replication for Cohesity service;
  8. The Customer shall cooperate with the Provider with regard to the performance of the Provider’s obligations hereunder, including (without limitation):
    1. Notifying the Provider of any changes to its configurations that could potentially impact the services. For example, any data protection gaps such as a new virtual machine or physical server not being replicated because the Customer did not include the server in the Backup Policy; and
  9. Prior to the expiration or termination of any Order for the Managed Off-Site Replication for Cohesity service, migrating and permanently deleting all of its Customer data residing on the Provider’s target environment. Such data migration and deletion obligations are at the Customer’s expense, unless otherwise agreed between the Customer and the Provider in a SOW for data migration services.
Managed SteelDome InfiniVault. The terms and conditions of this Section 3.32 are applicable to each Order that includes the Provider's Managed SteelDome InfiniVault.
1. Resources.
  1. Licensing. All required licensing is included in the Managed SteelDome InfiniVault service; and
  2. Business Models. Storage capacity is available in a reserved business model as specified in the Order.
2. Assets & Deliverables.
  1. On-Boarding Project Plan. A documented detailed overview of all tasks associated with the Provider on-boarding process defined within scope of the mutually agreed upon Statement of Work. The purpose of this document is to track the ownership, progress, and completion of all applicable on-boarding tasks in collaboration between the Customer and the Provider;
  2. On-Boarding Provisioning Form. A detailed discovery document used for information gathering and collection of all Customer specific technical and infrastructure-related information for the sole purpose of the Provider providing the on-boarding service, integration, and management services to the Customer; and
  3. Protection Policies. The policies define the Managed SteelDome InfiniVault schedule of how often and when to take a snapshot of the data and the retention timeframe for that snapshot.
3. On-Boarding Project Management.
  1. Project managers. Both the Provider and the Customer shall appoint a project manager to serve as the primary contact point; and
  2. On-Boarding Project Management Engagement. The Provider's project manager and the Customer's project manager shall meet as required for the duration of the on-boarding process for the purpose of facilitating a successful relationship and overseeing the implementation of all resources and services defined in the Order and the On-boarding Provisioning Form, including but not limited to: (a) tracking the progress of the on-boarding and implementation process and all associated tasks; (b) reviewing other current or future projects or business plans that may impact the on-boarding of the backup resources and services; (c) weekly status reports to review the Provider’s performance in execution of the on-boarding project for delivery of all Cloud Resources and services; and (d) coordinating and planning for any new Equipment or software acquisitions specific to supporting the completion of on-boarding all Cloud Resources and services.
4. On-Boarding Acceptance Test.
  1. The On-Boarding Acceptance Test consists of non-service impacting data recovery test operations performed by the Provider in conjunction with the Customer, as well as data recovery verification performed by the Customer, in each case as defined in the On-Boarding Project Plan;
  2. The On-Boarding Acceptance Test is performed during the Provider’s normal business hours of Monday to Friday, between 8:00 a.m. and 5:00 p.m., with the time zone being based on the data center location where services are located, excluding any federal or other holidays observed by the Provider in such location;
  3. On-Boarding Acceptance Test Success Criteria. Successful completion of the On-boarding Acceptance Test shall be determined by validation of data recovery either to the original location or an alternative location. Any other target objectives will be documented in the On-Boarding Project Plan. If the On-Boarding Acceptance Test cannot be completed for technical reasons, the Customer will provide the Provider with any data or information reasonably requested by the Provider in order to enable the Provider to diagnose and resolve any problems associated with any failure to recover data during the On-Boarding Acceptance Testing. The Provider’s project manager will notify the Customer via email or phone upon resolution of any such issues. After the Provider has notified the Customer that the problem has been resolved, the Customer and the Provider will promptly conduct a follow-up On-Boarding Acceptance Test to verify data recovery. This process will continue, if necessary, until the On-Boarding Acceptance Test Criteria meets the required success criteria; and
  4. Notwithstanding anything to the contrary in this Service Schedule, if the Customer fails to timely participate in the On-Boarding Acceptance Test process as identified in the On-Boarding Project Plan, all of the Provider’s on-boarding obligations will be considered completed and Provider will have no further obligations to the Customer regarding the On-Boarding Acceptance Test. In such event, the Customer may continue to exercise unlimited self-service testing.
5. Service Delivery Management.
  1. Service Delivery Management Contacts. The Customer shall appoint an individual who will serve as the primary point of contact for the Provider in connection with ongoing lifecycle management and delivery of the services, and the Provider shall appoint a point of contact; and
  2. Service Delivery Management Engagement. The Provider’s and the appointed Customer's points of contact shall meet as required during the term of each service for the purpose of facilitating a successful relationship and overseeing the delivery and performance of each service, including but not limited to: (a) tracking the progress of the on-boarding and implementation process and all associated tasks; (b) reviewing other current or future projects or business plans that may impact all services and/or delivery of all services; (c) coordinating and planning for any new equipment or software acquisitions or needs; (d) reviewing strategic and tactical decisions for the Customer in respect of the establishment, budgeting and implementation of the Customer’s priorities and plans for information technology that may impact services and/or delivery of all services; and (e) monitoring and resolving concerns that may arise regarding the provision of all services, this SLA and/or the Service Schedule.
6. Provider's Obligations. The Provider is responsible for the following in accordance with industry best practices:
  1. Providing the software solution as specified by the Order;
  2. Providing documentation and guiding the Customer through the On-Boarding Acceptance Test and related processes;
  3. Providing ongoing support and education about the Customer’s Managed SteelDome InfiniVault service at the Customer's request;
  4. Maintaining the underlying cloud infrastructure components to support the Managed SteelDome InfiniVault services such as compute, memory, storage and networking by following the Provider's guidelines for managing these environments;
  5. Providing Managed SteelDome InfiniVault capacity increase options via Order as recommended by the Provider or as otherwise requested by the Customer;
  6. In case of Provider-assisted restoration, assisting the Customer with initiating restoration from the Customer Managed SteelDome InfiniVault at the time of Disaster;
  7. Monitoring performance and status of the Managed SteelDome InfiniVault service in compliance with virtual appliance operating at expected CPU, memory and storage requirements;
  8. Providing enhanced on-boarding project management deliverables, to include:
    1. Weekly status call between the Provider on-boarding personnel and applicable Customer's contacts, and
    2. Weekly status report summarizing project tasks progress, project milestones, estimated and actual durations/completion dates and critical path items;
  9. Providing the Provider’s published Managed SteelDome InfiniVault service documentation and managing supporting documentation, including:
    1. Documented inventory and workload specifications (e.g., compute, storage, networking) of all Workloads within the scope of the Order, and
    2. Documented Customer network security configurations, including firewall security policies, NAT policies and network security segmentation design;
  10. Providing full installation, configuration and ongoing management of all services components required for delivery of Managed SteelDome InfiniVault service, to include (as applicable): software installation, setup and configuration both in the Customer's premises and the Provider’s cloud data center environments used for provision of such services;
  11. Providing full setup and configuration for backup of the protection policies for all Workloads within the scope and applicable to the Order and the On-Boarding Provisioning Form;
  12. Providing full assistance with the development and creation of the Customer’s protection policy definitions;
  13. Providing live data recovery from Disaster declaration events;
  14. Providing managed provisioning of capacity additions and other change requests submitted by the Customer; and
  15. Providing ongoing updates, patching and maintenance for all the Provider provided service components required for delivery of the Managed SteelDome InfiniVault service, to include: software components used by the Managed SteelDome InfiniVault service.
7. Customer's Obligations. The Customer is responsible for the following in accordance with industry best practices (as applicable):
  1. Providing the Provider with full and timely cooperation in the Provider’s provision of the Managed SteelDome InfiniVault services, including without limitation by: (a) providing the Provider with all information reasonably requested by the Provider, such as snapshot frequency and retention requirement details and (b) making available Customer’s designated contact reasonably accessible to the Provider;
  2. At the Customer’s discretion, restoring data by requesting support from the Provider in restoring data from the Managed SteelDome InfiniVault service;
  3. Promptly notifying the Provider if the Reserved Resources are compromised, modified or infected by an unauthorized user, malware, virus, worm, or similar code or otherwise accessed by a person lacking permission to access the protected Reserved Resources;
  4. If the Customer provisions Reserved Resources in excess of the specifications set out on the Order, including the storage necessary for processing the snapshot-based recovery points, the Provider is not responsible for any performance degradation, loss of data, or errors caused by over allocation;
  5. Ensuring all Customer-owned software, applications, devices, systems, processes, and services that maintain Customer data to be protected by the services delivered as part of this Agreement are covered as specified under Section 2.3.5 of this Service Schedule for the purposes of fulfilling the Agreement;
  6. Maintaining all firmware or software updates to all Customer owned hardware, software, applications, devices, and systems in use with or protected by the Managed SteelDome InfiniVault services provided by the Provider;
  7. Contacting all software, application, device, system, service, and service providers covered under this Agreement and adding the appropriate Provider’s personnel as approved contacts for the purposes of fulfilling this Service Schedule;
  8. Assisting with the completion of the On-boarding Provisioning Form provided by the Provider;
  9. Providing all current and existing documentation of the Customer Primary Site(s) including without limitation, environment “as-built” documentation, application contact information, application dependencies, current backup strategy, disaster recovery plans, and any other documentation reasonably requested by the Provider;
  10. Providing the Provider’s personnel with the Customer's asset discovery and documentation;
  11. Providing all current process documentation in support of the Managed SteelDome InfiniVault services and provide all assistance to the Provider as necessary to modify existing or implement new processes to streamline the delivery of the Managed SteelDome InfiniVault services;
  12. The Customer shall cooperate with the Provider with regard to the performance of the Provider’s obligations hereunder, including (without limitation):
    1. Providing the Provider with the required remote access to the Customer Equipment, as may be reasonable to permit the Provider to perform its obligations hereunder, and
    2. Notifying the Provider of any changes to its configurations that could potentially impact the services. For example, new data being added to the Managed SteelDome InfiniVault services because the Customer did not inform the Provider;
  13. Prior to the expiration or termination of any Order for the Managed SteelDome InfiniVault service, migrating and permanently deleting all of its Customer data residing on any Equipment. Such data migration and deletion obligations are at the Customer’s expense, unless otherwise agreed between the Customer and the Provider in a SOW for data migration services.
8. Risks
  1. There may be times when the Managed SteelDome InfiniVault service is unable to perform scheduled snapshots. Reasons for a snapshot failure include, but are not limited to, situations where a snapshot is unable to start during retry windows, services are temporarily unavailable, conflicts occur between resources, etc. In such events, the Provider will use reasonable efforts to attempt to remedy any potential snapshot failures, and Customer shall hold Provider harmless if a snapshot did not occur successfully.
Connectivity Services General Terms: The terms and conditions of Section 3.33 are applicable to each Order that includes the Provider's Connectivity Services described in Sections 3.34- 3.36 below.
1. Order Effective Date. Notwithstanding anything to the contrary in the Agreement, all Orders for Connectivity Services will be effective and binding as of the date of execution by the last Party to execute.
2. Service Jurisdiction. Customer acknowledges and agrees that no intrastate circuit provided hereunder may:
  1. be extended by Customer from any Customer Location to an out of state location;
  2. be used for switched termination of interstate calls; or
  3. be used to transmit or otherwise carry more than 10% Interstate Traffic even if the physical end points of the circuit are both within the same state.
    
    “Interstate Traffic” includes Internet, interstate switched access, and/or any data or switched voice traffic that originates and terminates in different states. If Customer wishes to use or extend any intrastate circuit for the foregoing purposes, Customer must provide Provider with a written request ten (10) business days prior to any such use or extension.
3. Service Delivery and Requirements.
  1. Customer must procure, at its sole cost and expense, all necessary connections within each Customer Location to access and interconnect with the Connectivity Services. Customer is solely responsible for all cross-connection charges necessary to connect to the Connectivity Services. Customer is not permitted to access the Provider Network except at Customer’s side of the Service Demarc;
  2. Customer must procure and maintain, at its sole cost and expense, Customer Equipment which is technically compatible with the Connectivity Services and the Provider Network; and
  3. Unless otherwise noted in the Order, Customer is responsible for obtaining and maintaining, for the duration of the related Order Term, any necessary third party licenses, approvals or permissions (“Location License(s)”) for Provider to connect the Connectivity Services from the public rights-of-way to the Customer Equipment and Customer Location and/or to the Customer Location and install and/or utilize the necessary inside plant facilities and equipment, including power, riser conduit and fiber optics. Such Location License(s) must extend to the installation, maintenance and retrieval of any Provider equipment.
4. Compensation.
  1. Without limiting Section 5.6.1 of the Agreement (Consequences of Termination), if the Customer cancels an Order prior to commencement of the Connectivity Services, Customer will be responsible for any and all third-party costs incurred by Provider, including the costs of carrier circuits, equipment costs, construction costs and building access costs. Notwithstanding Section 4.2 of the Agreement (Payment), Provider will invoice those costs to Customer and the invoice will be due immediately upon receipt; and
  2. Customer is responsible for and will pay any and all fees (i) associated with obtaining and maintaining the Location Licenses, and (ii) assessed by any building owner, landlord or other third party for the necessary license, approval and/or permission to install and maintain the Connectivity Service to a Customer Location.
5. Customer's Obligations. The Customer is responsible for the following in accordance with industry best practices:
  1. Supplying the Provider with information reasonably required to fulfill its obligations;
  2. Promptly notifying the Provider if the CPE is compromised, accessed by an unauthorized person, or infected with a virus, worm or similar malicious code; and
  3. When applicable, configuring the appropriate organization access permissions including the creation, modification, and deletion of end-user 11:11 Cloud Console account(s).
6. Service Level Agreement. The Service Level Agreement would be accessible at https://1111systems.com/legal/sla.
11:11 Lit Services. The terms and conditions of this Section 3.34 are applicable to each Order that includes 11:11 Lit Services.
1. Service Delivery and Requirements
  1. Subject to the terms and conditions contained herein, the Order and the Agreement, Provider will provide the Lit Services set forth in the Order. Provider shall use reasonable commercial efforts to cause the Service Commencement Date to occur by the Requested Install Date but Provider does not guarantee that installation will be completed by such Requested Install Date. After completing installation and testing, Provider will notify Customer that the Lit Services are ready. Customer is not entitled to any credits, SLA or otherwise, for claims related to the circuits arising more than (3) days after the installation or where Customer delays in testing the circuits;
  2. If installation is delayed as a result of Customer’s failure to fulfill its obligations under the Agreement (including, failure to obtain any necessary Location License(s)) (defined below), Provider will give Customer written notice to cure such failure within thirty (30) days. If Customer fails to cure within such period, the Service will be deemed to be delivered and the Service Commencement Date will be deemed to have occurred on the last day of such 30-day period;
  3. If an Order requires a site survey or special construction in order to be completed (each, a “Site Survey”), then Customer may incur additional Monthly Recurring Charges or Non-Recurring Charges. Customer may cancel an Order with no early termination fees if additional fees of any kind arise after the Site Survey is conducted for the Services covered by the Order; and
  4. Cross Connects are not included. Customer is responsible for all cross connects unless otherwise provided in the Order.
2. Provider Network; Equipment
  1. The Provider Network remains the sole and exclusive property of Provider or its supplier and nothing contained herein shall give or convey to Customer any right, title, or interest whatsoever in or to the Provider Network, which may never be deemed a fixture to real property. Customer may not adjust, encumber, repair or attempt to repair the Provider Network, and may not remove or relocate any portion of the Provider Network without the prior written consent of Provider. Customer shall not pledge, lease, sell, transfer, mortgage, otherwise encumber, give away, remove, relocate, alter or tamper with any portion of the Provider Network (or any notice of ownership thereon) or attach any electrical or other devices to the Provider Network. Provider reserves the right to make such filings or take such other actions as Provider, in its sole discretion, deems necessary or appropriate to evidence its ownership rights in the equipment. Customer agrees to execute all documents required to make such filings or accomplish such actions. If Customer causes any liens to be placed on the Provider Network, it must cause any such liens to be removed within thirty (30) days of Customer’s knowledge thereof. Customer is liable to Provider for any loss or damage to the Provider Network other than loss or damage resulting from an act or omission of Provider, its employees, contractors, or agents;
  2. Provider reserves the right to, at any time, alter the Provider Network and any equipment therein or therewith and the features and functionality of the Provider Network or equipment. Provider will use reasonable efforts to schedule maintenance and replacement of equipment to minimize interference with, or interruption of, Services, but shall have no liability for interruptions in Services arising out of, or related to, maintenance or replacements. Provider may charge Customer for any repairs or replacement required due to damage or misuse of the Provider Network or equipment (normal wear and tear excepted). If any of Provider’s equipment or any portion of the Provider Network is defective, damaged, destroyed, tampered with, stolen or otherwise removed, Customer must notify Provider immediately and may be held liable for repair or replacement if such notification is not immediately provided;
  3. The Customer is responsible for installing and cabling the Provider's Network Equipment at the Customer’s location(s). Upon request, the Provider offers installation services as an add-on, based on availability at the respective location(s);
  4. Upon termination of Services, the Customer will contact Provider to schedule return of Customer-Leased Equipment and any portion of the Provider Network and will be responsible for the costs of shipping the equipment to Provider. All equipment and the Provider Network must be returned within thirty (30) business days of circuit termination, in undamaged and full working order (normal wear and tear excepted). If the provided equipment or any portion of the Provider Network is not returned by Customer or is not returned in such condition as originally provided, Customer shall pay Provider the cost of repair or replacement, at fair market value, as reasonably determined by Provider;
  5. If an Order specifies that the Customer is required to obtain space and power to support Provider equipment or any portion of the Provider Network for the Services, Customer must provide, at its sole cost and expense, the Site Environmental Specifications;
  6. If applicable, the Customer agrees to provide all reasonable assistance to Provider in procuring and installing or activating necessary telecommunication circuits and facilities as necessary to provide telemetry from the Customer Locations to Provider’s monitoring center(s) to enable out of band management. Customer shall provide adequate space and power to support the related telemetry equipment; and
  7. If Provider deems it necessary, the Customer may be required to renumber the IP addresses assigned to Customer by Provider. Upon expiration, cancellation, or termination of a Service for any reason, Customer agrees to return to Provider any IP addresses or address blocks assigned to the Customer.
3. Monitoring and Maintenance
  1. Provider will perform all maintenance and repairs to the Provider Network as it deems necessary to ensure proper functioning of the Service. Provider will maintain the Provider Network at no additional charge to the Customer, except as provided in Section 3.34.3(b). Should any condition exist in any portion of the Provider Network that may impair the integrity of the Service or if Provider determines that it is necessary to conduct tests and adjustments to maintain the efficient working order of the Service, Provider will initiate and coordinate planned maintenance (or will cause such action to occur) which may include the deactivation of a network segment or other facility that supports the Service; and
  2. If all or part of the Provider Network requires restoration, replacement or repair by reason of an act or omission of Customer, or its employees, agents or contractors, such repair, replacement and/or restoration may be made by Provider, at Customer’s sole expense, in accordance with Provider’s then current time and materials rates plus applicable Taxes. If Provider dispatches personnel for a Provider Network failure caused by Customer equipment or personnel or due to an issue caused by Customer’s equipment or other service providers, Provider will invoice, and Customer agrees to pay Provider’s actual costs for time and travel associated with the dispatch.
4. Burst Usage Payment Terms (Applies only if any Order provides for a Service with Burstable Usage)
  1. Provider will measure Customer’s bandwidth usage in five-minute intervals, for each point of connection between Customer and Provider (or its up-stream provider) in two categories: incoming and outgoing. At the end of each billing cycle, all data samples in each category will be sorted from highest to lowest and the top five percent (5%) of measurements will be discarded. The highest remaining data sample in the higher of the two categories will then constitute the bandwidth usage level for that particular billing cycle. “Burst Usage” means the amount of bandwidth usage for the particular billing cycle exceeding Customer’s Minimum Committed Data Amount (as specified on the applicable Order.).
5. Internet Over Wireless Service.
  1. Internet of Wireless (“IOW”) Services use cellular radio technologies to transmit data. Customer understands and accepts, that:
    1. IOW Services may be subject to transmission and service area limitations, interruptions caused by atmospheric, topographical or environmental conditions (including location topology or equipment positioning), or other conditions or activities affecting wireless transmission,
    2. An external antenna may be required in some cases (for an additional charge) to boost signal strength, and
    3. 4G LTE may not be available at all locations;
  2. Acceptable Use
    1. Customer must obtain Provider’s prior written approval and execute a written agreement before it may install, deploy or use any of its own regeneration equipment or similar mechanism (for example, a repeater) to originate, amplify, enhance, retransmit or regenerate IOW Service, and
    2. USE OF IOW SERVICES FOR REMOTE MEDICAL MONITORING IS EXPRESSLY PROHIBITED;
  3. Wireless Data Usage: Wireless data usage is the sum of all data transferred, typically measured in megabytes (MB) or gigabytes (GB), across the subscribed IOW Services during the usage period. Customer is responsible for all wireless data usage, including any usage and the associated charges that exceed the Customer’s data plan, regardless of the cause for that usage;
  4. Usage-based Data Plans:
    1. Usage-based data plans are based on the maximum amount of data usage available to the Customer before overage charges apply,
    2. Provider’s usage-based IOW Services are meant to be used as a back-up to primary office Internet service, as a temporary primary Internet service, machine to machine communication, or as an Access Transport for the Internet of Things (“IOT”),
    3. Customers may not use IOW Services as a permanent primary Internet service without the express permission of Provider,
    4. Nevertheless, regardless of Customer’s intended use, Customer is responsible for choosing an adequate data plan,
    5. Provider is not responsible for providing Customer with high data usage alerts. Customer has the option to purchase an edge device configured with software license to monitor its data usage for an additional fee, and
    6. Customer understands that certain applications drive high data usage. Highest among these is video, including security cameras, YouTube videos, live video streams, video conferences, etc. If Customer expects to use IOW Services for such applications, a minimum data plan of 50 GB or 100 GB is recommended, which still may not be adequate. Provider recommends that Customers who choose low data plans block such applications from using its IOW Services;
  5. Data Usage with Managed Services (including SD-WAN and Firewalls)
    1. Customer understands that some SD-WAN applications and failover firewall configurations allow for active-active configurations in which a Virtual Private Network (“VPN”) tunnel is kept active across the IOW Services with some data traffic routed through that tunnel in order to optimize quality of service. Customer must specify to Provider if it intends to use the IOW Services in active-active mode prior to implementation as certain underlying providers expressly prohibit this configuration,
    2. Customer also understands that active-active configuration often results in high data usage and that if Customer intends to maintain IOW Services in an active-active configuration, a minimum data plan of 5 GB per location is advised, which still may not be adequate depending on the amount of traffic traversing the tunnel,
    3. Customers who choose low data plans will ensure all device configurations are in an active-passive configuration and not active-active mode, and
    4. In addition, certain managed service applications such as SD-WAN and Firewall may require configurations to “poll” for software updates frequently which can drive up data usage. It is the responsibility of the Customer to optimally configure all managed service equipment in order to minimize IOW Services usage or, if Customer works with a managed services provider (be it Provider or a third party), ensure said provider optimally configures all equipment in order to minimize IOW Services usage;
  6. Speed-based Data Plans
    1. Speed-based data plans are based on maximum service speeds measured in Megabits per second (Mbps); however, the maximum speeds are not guaranteed and are subject to network availability,
    2. Speed-based data plans are intended for official business use only for business-critical data applications. Authorized business applications do not include streaming video, streaming audio, web hosting, public Wi-Fi or guest Wi-Fi. Customer warrants that it will only use a speed-based data plan and the Services arising therefrom or related thereto for business critical data applications and such usage does not include any unauthorized applications,
    3. Provider may slow speeds on 8 Mbps plans after 50 GB of data usage, and 12 Mbps plans after 75 GB of data usage, and
    4. For speed-based data plan users, Provider will identify users with excessive usage and review if the usage is in line with official business use for business critical applications and business critical data. If excessive usage does not comply with these terms, Customer must immediately bring the service usage within the terms. Notwithstanding anything to the contrary in the Agreement, if usage is not brought within compliance, Provider may discontinue service or move the user to a traditional usage-based data plan with overage charges. If excessive usage is within business use, Provider will work with Customer to identify and implement an alternative solution, included alternative Internet over Anything (IOA) Services, discussing opportunities for Wi-Fi offload, application settings, and other network efficiency adjustments such as using a managed services to restrict usage.

11:11 Dark Fiber. The terms and conditions of this Section 3.35 are applicable to each Order that includes 11:11 Dark Fiber services.

Service Delivery and Requirements
1. Subject to the terms and conditions contained herein, the Order and the Agreement, Provider will lease to Customer the Dark Fiber which will constitute the Service set forth in the Order. After completing installation and testing the Dark Fiber to determine that it meets the Dark Fiber Specifications, Provider will deliver the Dark Fiber by notifying Customer and providing testing results demonstrating compliance with the Dark Fiber Specifications. Provider shall use reasonable commercial efforts to cause the Service Commencement Date to occur by the Requested Install Date set forth in the Order, but Provider does not guarantee that installation will be completed by such Requested Install Date; and
2. If delivery is delayed as a result of Customer’s failure to fulfill its obligations under the Agreement (including failure to obtain any necessary Location License(s)), Provider will give Customer written notice to cure such failure within thirty (30) calendar days. If Customer fails to cure within such period, the Service will be deemed to be delivered and the Service Commencement Date will be deemed to have occurred on the last day of such 30-day period.
Network Relocation and Underlying Rights
1. Provider may relocate all or any portion of the Provider Network segments or any of the facilities required to provide Customer with the Dark Fiber: (i) if a third party with legal authority orders or threatens to order such relocation (e.g., through eminent domain, nationalization, or expropriation), (ii) in order to comply with applicable laws, or (iii) for bona fide operational reasons;
2. Provider agrees to provide Customer fourteen (14) calendar days prior notice of a relocation, if reasonably feasible;
3. Provider has the right to direct such relocation, including the right to determine the extent of, the timing of, and methods to be used for such relocation, provided that any relocation:
  1. is constructed and tested in accordance with the Dark Fiber Specifications,
  2. does not result in a materially adverse change to the operations, performance, or connection points with the Provider Network of Customer, and
  3. does not unreasonably interrupt service on the Dark Fiber;
4. Notwithstanding anything to the contrary contained herein, all Dark Fiber Services to be delivered under an Order are subject and subordinate to the Underlying Rights. “Underlying Rights” means the right of way, franchise, access rights and other agreements obtained by Provider for the construction, operation and maintenance of its network. All Dark Fiber Services provided to Customer are expressly made subject and subordinate to each and every limitation, restriction or reservation affecting the Underlying Rights. Upon the expiration or other termination of an Underlying Right that is necessary in order to grant, continue or maintain any Dark Fiber Services, Provider shall use commercially reasonable efforts to renew such Underlying Right or to obtain an alternate right of way. If Provider is required to relocate any part of its network facilities used or required in providing Dark Fiber Services to Customer as the result of a lack of an Underlying Rights, Provider shall determine the extent of, the timing of, and methods to be used for such relocation. Should Provider determine that the cost of relocation or obtaining the necessary Underlying Rights are not commercially reasonable, Provider in its sole discretion may terminate the Agreement or the applicable Order upon thirty (30) days’ notice to Customer.
Use of Dark Fiber
1. Customer may use the Dark Fiber for any lawful purpose, including for the provision of telecommunications services, information services and capacity to its customers;
2. Customer may not, without the express written consent of Provider, perform, or contract with any third party to perform, any repairs or maintenance to any Dark Fiber. Customer will not install any equipment to be used with the Dark Fiber that does or could damage or interfere with the Provider Network; and
3. Customer shall not, directly or indirectly, create or be permitted to impose any lien on the Dark Fiber or on the rights or title relating thereto, or any interest therein, or in the Agreement. Customer shall promptly, at its own expense, take such action as may be necessary to duly discharge any lien created by it or permitted by it to be imposed on the Dark Fiber.
Maintenance
1. Provider will perform all maintenance and repairs to the Provider Network as it deems necessary to ensure proper functioning of the Service. Provider will maintain the Provider Network at no additional charge to Customer, except as provided in Section 3.34.4.b Should any condition exist in any portion of the Provider Network that may impair the integrity of the Service or if Provider determines that it is necessary to conduct tests and adjustments to maintain the efficient working order of the Service, Provider will initiate and coordinate planned maintenance (or will cause such action to occur) which may include the deactivation of a network segment or other facility that supports the Service;
2. If all or part of the Provider Network requires restoration, replacement or repair by reason of an act or omission of Customer, or its employees, agents or contractors, such repair, replacement and/or restoration may be made by Provider, at Customer’s sole expense, in accordance with Provider’s then current time and materials rates plus applicable Taxes. In the event that Provider dispatches personnel for a reported Provider Network failure caused by Customer equipment or personnel or due to an issue caused by Customer’s equipment or other service providers, Provider will invoice, and Customer agrees to pay Provider’s actual costs for time and travel associated with the dispatch; and
3. Customer is responsible, at its sole cost and expense, for acquiring, installing, operating, or otherwise making provision for and maintaining all electronic and optronic equipment necessary for Customer to light the Dark Fiber and/or for Customer’s transmissions over the Dark Fiber.

Dark Fiber Specifications and Fiber Optic Cable Splicing, Testing and Acceptance Standards

Specification	Specification Value
Attenuation at 1310 nm Non-Dispersion Shifted Fiber (NDSF)	< 0.35 dB/km
Attenuation at 1550 nm Non-Dispersion Shifted Fiber (NDSF)	< 0.25 dB/km
Fiber Cable Construction	Outside Plant Lose Tube or Ribbon Fiber Suitable for Aerial, Underground and Directly Buried Applications
Strength Member	Embedded Strands Parallel to Glass Core for Strength up to 600psi tensile pull without stretching or introduction of microbending
Cable Jacket Covering	Polyethylene Jacketed for Protection and Dielectric Stability

The maximum loss value measured between Customer Locations with an industry-accepted laser source and power meter, or an OTDR, shall have an attenuation of less than or equal to the following:

1. At 1310 nm: (0.4 dB/km x km of fiber) + (number of connectors x 0.50 dB) + (0.15 dB x number of splices) + 1.0 dB
2. At 1550 nm: (0.3 dB/km x km of fiber) + (number of connectors x 0.50 dB) + (0.15 dB x number of splices) + 1.0 dB

11:11 SD-WAN and Managed Connectivity. The terms and conditions of this Section 3.36 are applicable to each Order that includes the SD-WAN and Managed Connectivity services.
1. Service.
  1. SD-WAN and Managed Connectivity services expand the traditional network services (as described in the Lit Services and Dark Fiber Service Supplements) to include Customer Premises Equipment (CPE) and its support. Standard service deployment includes rental of 11:11 Systems provided CPE, device configuration, installation, device maintenance, warranty support, device administration, proactive monitoring, and proactive support. Devices vary based on the Customer’s requirements and include. Still, they are not limited to SD-WAN-enabled managed Firewalls (as described in section 3.1), Network Switches, Network Routers, Broadband/Cable Modem, Wireless Router/Modems, and Network Interface Devices (NID). Standard service delivery for SD-WAN deployment includes engineering effort of 10 hours per each SD-WAN site managed by Provider. At the end of service delivery, Provider may charge Customer for engineering efforts exceeding a collective 10 hours per site, based on current market rates.
2. Service Demarcation.
  1. CPE provided and managed by the Provider as Customer-Leased Equipment, shall be placed on the Customer premises between the Wide Area Network (WAN) (lit or dark fiber services) and the Customer Local Area Network (LAN) environment. The point of service demarcation shall be extended for managed services to the LAN side of the router, firewall or other managed CPE device. For unmanaged telecommunications service, the demarcation shall be the output jack (typically an RJ45 or fiber optic ports) of the network equipment. Systems maintenance, testing, and support shall be extended to the demarcation on the LAN side of the CPE. It shall not extend into the Customer LAN. While the Provider’s technicians may assist the Customer with trouble isolation into the LAN, the Customer remains solely responsible for maintenance and repair of the LAN environment. The Provider accepts no responsibility for the accuracy of any tests, suggested outage causes, or repair costs for any part of the Customer LAN after the point of demarcation on the managed device.
3. Provider’s Obligations.
  1. Configuring the managed devices per an agreed configuration plan based on the Customer’s requirements, infrastructure, and availability;
  2. Designing the Customer network based on the Customer's requirements and configure the managed devices to support that design once the Customer approves;
  3. Providing replacement hardware in the event of a failure; and
  4. In some cases, the Provider may agree to provide monitoring services for CPE not leased from Provider. In such cases, the Provider will provide services, as authorized by and agreed with the Customer, that may include some or all of the following: device configuration, backup configuration support, device administration and change management, proactive monitoring, VPN administration, network management portal access for real-time performance monitoring, graphs and reports.
4. Customer’s Obligations.
  1. Promptly providing all information requested by Provider’s technical team related to existing network policies and configurations associated with the old equipment, if applicable, to ensure a seamless migration process and to minimize any potential conflicts or challenges that may arise during the transition. In the event Customer requires additional assistance or expertise for the actual transfer of rules from the old equipment to the new SD-WAN infrastructure, then Provider is prepared to offer such services as part of a separate paid professional services engagement the terms of which will be mutually agreed to in writing signed by the Parties;
  2. Providing environmentally controlled rack space and power for the managed devices;
  3. Providing the Provider with out-of-band access;
  4. Installing and cabling the Provider's Equipment at the Customer’s location(s). Upon request, the Provider offers installation services as an add-on, based on availability at the respective locations;
  5. Providing unobstructed access to the equipment for maintenance, troubleshooting, and replacement;
  6. Informing the Provider of its existing network design, the applicable IP addresses, the need for high availability, SD-WAN policies, the desired network operation with the managed CPE, and the VPN layout if included;
  7. Confirming the configuration plan prior to installation and that the managed devices are configured per the Customer’s preferences after service activation;
  8. Confirming the network design for implementation and its correct operation upon installation;
  9. Upon service connection, providing a test plan to confirm that the network's performance and failover are functioning per the plan. The Customer will allow the Provider ample time to resolve the issue identified during the testing period;
  10. Procuring and maintaining the hardware and software components required for the Local Monitoring Probe. Customer will ensure the proper installation of the Local Monitoring Probe within the premises and shall be responsible for securing and configuring it to align with its corporate policies and specific network requirements. Customer is responsible for ongoing management tasks, including, but not limited to, patching, upgrades, and updates in accordance with industry best practices; and
  11. Should the Provider provide the Customer monitoring services for CPE not leased from Provider, the Customer will be required to:
    1. Authorizing Provider access the Customer’s equipment and making changes to settings and configurations,
    2. Providing the Provider with the necessary login credentials, including login names, passwords, and IP addresses, to access their equipment for management and administration purposes,
    3. Acknowledging that such services may not be as extensive for CPE not leased from Provider as for Customer-Leased Equipment due to differences in manufacture and technology from the standard equipment deployed by the Provider and using the Provider’s network management platform and expertise, and
    4. Agreeing and acknowledging that, except in cases of gross negligence or willful misconduct, the Provider will be held harmless for any damage to CPE, associated devices, associated services, or data resulting from actions taken by the Provider in the process of monitoring, administering, and managing the CPE.
11:11 DRaaS for Azure. The terms and conditions of this Section 3.37 are applicable to each Order that includes 11:11 DRaaS for Azure and are accessible at https://1111systems.com/legal/1111-draas-azure-service-terms/
11:11 Shared Workplace. The terms and conditions of this Section 3.38 are applicable to each Order that includes 11:11 Shared Workplace Recovery services and are accessible at https://1111systems.com/legal/1111-workplace-recovery-shared-service-terms-na/
11:11 Dedicated Workplace. The terms and conditions of this Section 3.39 are applicable to each Order that includes 11:11 Dedicated Workplace Recovery services and are accessible at https://1111systems.com/legal/1111-workplace-recovery-dedicated-service-terms-na/

11:11 Systems Service Schedule

Section 1: Definitions

Section 2: Universal Service Terms (Applicable to All Services)

Section 3: Service-Specific Terms