{MSP} SERVICE LEVEL X Service Level Agreement Terms used in this document ................................................................................................................4 SERVICE LEVEL AGREEMENT – SLA X 5 Introduction ............................................................................................................................................5 Response times ........................................................................................................................................5 Priority Definitions ...............................................................................................................................6 SERVICE LEVEL AGREEMENT ACCEPTANCE 7 Charges....................................................................................................................................................7 Customer .................................................................................................................................................7 {MSP} ......................................................................................................................................................7 Articles.....................................................................................................................................................8 1. Privacy & Data Protection ..........................................................................................................8 2. Security .......................................................................................................................................10 3. 3.1. 3.2. 3.3. Basic Requirements ...................................................................................................................11 Description ...........................................................................................................................11 Requirements/Pre-requisites .................................................................................................11 Customer Obligations ........................................................................................................... 11 MANAGED SERVICES 4. 12 4.1. 4.2. 4.3. Continual Audit .........................................................................................................................12 Requirements/Pre-requisites/Limitations..............................................................................12 Frequency .............................................................................................................................12 Deliverable ...........................................................................................................................12 5.1. 5.2. 5.3. 5.4. 5.5. Capacity Monitoring..................................................................................................................13 Requirements/Pre-requisites/Limitations..............................................................................13 Frequency .............................................................................................................................13 Deliverable ...........................................................................................................................13 Actions..................................................................................................................................13 Exceptions ............................................................................................................................13 6.1. 6.2. 6.3. Weekly OS Inspection and Cleansing ......................................................................................14 Requirements/Pre-requisites/Limitations..............................................................................14 Frequency .............................................................................................................................14 Deliverable ...........................................................................................................................14 7.1. 7.2. 7.3. 7.4. 7.5. Anti-Spyware Active Protection ...............................................................................................15 Requirements/Pre-requisites/Limitations..............................................................................15 Frequency .............................................................................................................................15 Deliverable ...........................................................................................................................15 Actions..................................................................................................................................15 Exceptions ............................................................................................................................15 8.1. 8.2. AV Total Protection...................................................................................................................16 Requirements/Pre-requisites/Limitations..............................................................................16 Frequency .............................................................................................................................16 5. 6. 7. 8. 8.3. 8.4. 8.5. Deliverable ...........................................................................................................................16 Actions..................................................................................................................................16 Exceptions ............................................................................................................................16 9.1. 9.2. 9.3. 9.4. 9.5. Security updates to Microsoft Software...................................................................................17 Requirements/Pre-requisites/Limitations..............................................................................17 Frequency .............................................................................................................................17 Deliverable ...........................................................................................................................17 Actions..................................................................................................................................17 Exceptions ............................................................................................................................17 9. 10. Monitoring of System and Security Logs.................................................................................18 10.1. Requirements/Pre-requisites/Limitations..............................................................................18 10.2. Frequency .............................................................................................................................18 10.3. Deliverable ...........................................................................................................................18 10.4. Actions..................................................................................................................................18 10.5. Exceptions ............................................................................................................................18 11. Desktop Policy Enforcement..................................................................................................... 19 11.1. Requirements/Pre-requisites/Limitations..............................................................................19 11.2. Frequency .............................................................................................................................19 11.3. Deliverable ...........................................................................................................................19 11.4. Actions..................................................................................................................................19 11.5. Exceptions ............................................................................................................................19 12. Online Reports ...........................................................................................................................20 12.1. Requirements/Pre-requisites/Limitations..............................................................................20 12.2. Frequency .............................................................................................................................20 12.3. Deliverable ...........................................................................................................................20 13. Event Log Monitoring ...............................................................................................................21 13.1. Requirements/Pre-requisites/Limitations..............................................................................21 13.2. Frequency .............................................................................................................................21 13.3. Deliverable ...........................................................................................................................21 13.4. Actions..................................................................................................................................21 13.5. Exceptions ............................................................................................................................21 14. Hardware and Software Change Monitoring..........................................................................22 14.1. Requirements/Pre-requisites/Limitations..............................................................................22 14.2. Frequency .............................................................................................................................22 14.3. Deliverable ...........................................................................................................................22 14.4. Exceptions ............................................................................................................................22 15. Bandwidth Usage Monitoring...................................................................................................23 15.1. Requirements/Pre-requisites/Limitations..............................................................................23 15.2. Frequency .............................................................................................................................23 15.3. Deliverable ...........................................................................................................................23 15.4. Actions..................................................................................................................................23 15.5. Exceptions ............................................................................................................................23 16. Onsite Visits Policy ....................................................................................................................24 16.1. Requirements/Pre-requisites/Limitations..............................................................................24 16.2. Frequency .............................................................................................................................24 16.3. Deliverable ...........................................................................................................................24 16.4. Exceptions ............................................................................................................................24 Appendix ...............................................................................................................................................25 Workstation Event Log monitoring ....................................................................................................25 Server Event log monitoring ...............................................................................................................25 Terms used in this document {MSP} – {MSP} NOC – Network Operations Centre, central helpdesk where {MSP} services are run from Service Level Agreement – SLA X Introduction As most traditional IT services are based around site visits by engineers, often an SLA has come to be based around that deliverable, meaning the measurable standards are how quickly you see someone on site. Many of the services delivered by {MSP}s SLA1 can actually be ‘invisible’ in many ways to a non-technical end user. To ensure that our customers get value for money we therefore seek to make this ‘visible’. To do that we outline here all tasks that are carried out as a part of the service contract, what they do, how the work, and how you can tell very easily if they are being done as per the service agreement. It is also the fundamental premise of {MSP} to avoid onsite visits wherever possible, as this drives up the cost of providing support, and slows down the provision, so our Service Levels are designed to avoid onsite visits and provide better service remotely, this benefits all of our customers. Response times It is difficult to set response times for many of the services that {MSP} provides as many of them are complex automated services, and so the response is immediate. These need a lot of care an attention to make sure that they all work correctly, but this maintenance is ongoing and continuous. However, where you make contact with us, we will prioritise the incident as covered in the ‘Setting Priorities’ section and will agree to respond within the given time frames. A response does not merely mean we will let you know we have received your message, it means we will look at your issue, started diagnosis, and we will come back to you with 4 facts: 1) 2) 3) 4) A clear agreement of what the incident is about An owner for the problem both at {MSP} and your company A clear outline from {MSP} as to what the next steps are An expected time frame to resolution of the problem (a ‘Fix’ time) In furnishing you with this information we have satisfied the ‘Response’ as constituted by this service agreement. It is extremely important that you discuss the Priority clearly with the {MSP} representative as the priority will be set by agreement, the default Priority will be used if you do not specify. You must also be realistic about the priority of an incident. Any incidents which have been set above their allotted Response will be dropped to the appropriate Priority by a senior member of {MSP}, which will also reset the count time for the incident. The target Response times set out for SLA1 are as follows: Priority Response Time Emergency Urgent High Normal 1 4 1 3 Hour Hours Day Days Priority Definitions As the setting of Priority for an incident carries such an important weight in the delivery of service, it is imperative that this is carried out in a consistent and fair manner for all customers. To ensure this, clear definitions exist to decide what priority any incident will come under, and this is based upon the business impact. Priority Definition Example Emergency All users on a site unable to work Urgent 1 user unable to work or all users greatly inconvenienced • • • • • • • • • High 1 user unable to perform a single function or experiencing inconvenience General question, enquiry or problem that does not effect any users ability to work Normal • • • • Virus Outbreak Email server failure Server crash Network failure Single virus Users machine crashed Internet outage* Important File unavailable Printer problem for important meeting Application fault File unavailable How do I…? How much would …cost? *Note that Internet outage is not an emergency priority as it is held with a 3rd party – your ISP, and while {MSP} will endeavour to chase this as quickly as possible it is in the end, outside of our control. If at any time you feel that your incident has either not been given the appropriate priority, or that your incident is not being dealt with quickly enough, then you should contact your account manager, as listed in this document. You are of course also welcome to contact the Managing Director of the company at any time on MD@{MSP}.net Service Level Agreement Acceptance To ensure that the document has been understood by both parties and that there is agreement over the service that is going to be delivered the acceptance section needs to be filled in and signed by both parties. Unless there are changes to the service which is being delivered this will be carried forward to any extra machines that are added to the agreement. Charges This service level agreement will attract the following charges: XX per month for PC Support XX per month for Laptop Support XX per month for Server Support Any onsite visits will be charged at XX per hour, with conditions as outlined in section 16. Customer I hereby accept that I have read the Service Level Agreement document and have understood and agree to the conditions in place upon the service that will be delivered to me by {MSP}, and in particular realising the realistic Limitations on a fixed price service. Number of PCs:_______ Number of Laptops:_______ Number of Servers:_______ Customer:_________________________________________________ Signed:___________________________________________________ Date:_____________________________________________________ {MSP} I hereby agree that I have taken any and all steps to ensure that the customer understands the service that they are being offered by {MSP}, and will take all measures possible to ensure that {MSP} is delivering this service to the customer by regularly delivering reports and checking customer satisfaction. {MSP} Account Manager:___________________________________________ Signed:___________________________________________________________ Date:_____________________________________________________________ Articles 1. Moves Adds and Changes As a part of the managed service we are including as per this agreement fixed services which are delivered as a part of the Managed Service cost. New items are not supported in this agreement 2. Privacy & Data Protection 2.1. Each party shall ensure that it shall at all times during the term of this agreement comply with all the provisions and obligations imposed on it by Data Protection legislation. 2.2. For the purpose of this agreement the Data Protection Act shall mean: 2.2.1. the Data Protection Act 1984 as long and as far as it is still applicable to processing of personal data pursuant to this Agreement; 2.2.2. the Data Protection Act 1998 as soon as it becomes applicable to processing of personal data pursuant to this agreement 2.2.3. any other data protection legislation adopted pursuant to the Data Protection Act 1998 2.3. The {MSP} support system holds only technical data, and any contact data as supplied by the customer to {MSP}. {MSP} will not use this data in any way other than to provide service as outlined in this document. {MSP} will not share your information with any 3rd Parties, or use it for any marketing activities except where you have given us permission. 3. Security 3.1. Network Access 3.1.1. To provide IT support it is necessary for {MSP} to have full administration access to your network and any supported machines, you must agree to this to allow us to forfill the requirements of this service. 3.1.2. You must allow access for the {MSP} support system by opening port 5721 on your network for outbound access, or giving permission for {MSP} to set up such access (a site visit to set this up may incur a charge). 3.2. Passwords 3.2.1. {MSP} will need passwords to access the network environment, including but not limited to: 3.2.1.1. Windows Domains, Local Windows admin accounts, Routers, Firewalls 3.2.2. {MSP} will set up Admin accounts for its own technical access to your systems. We will use strong password technique, this also means your password is unique to your business, but is based on a formula so that it can not be guessed, and does not need to be written down or stored. {MSP} does not reveal this information to customers, and customers asking for password information will be refused. It is an offence for any member of {MSP}’s staff to disclose any Admin passwords to anyone outside the {MSP} security team and will result in immediate dismissal. 3.3. Listed below are the security features implemented by {MSP} as part of it’s management system: 3.3.1. The {MSP} management system is designed with comprehensive security throughout. The {MSP} system’s design team brings over 50 years of experience designing secure systems for government and commercial applications. 3.3.2. {MSP} Agent 3.3.2.1. The {MSP} platform architecture is central to providing maximum security. Each computer managed has a small agent installed. The agent initiates all communications back to the server. Since the agent will not accept any inbound connections, it is impossible for a third party application to attack the agent from the network. 3.3.3. Firewalls 3.3.3.1. {MSP} does not need any input ports opened on client machines. This lets the agent do its job in any network configuration without introducing susceptibility to inbound port probes or new network attacks. 3.3.4. Encryption 3.3.4.1. {MSP} protects against man-in-the-middle attacks by encrypting all communications between the agent and server with 256-bit RC4 using a key that rolls every time the server tasks the agent (typically at least once per day). Since there are no plain-text data packets passing over the network, there is nothing available for an attacker to exploit. 3.3.5. Secure Access 3.3.5.1. Administrators access the {MSP} server through a Web interface after a secure logon process. The system never sends passwords over the network and never stores them in the database. Only each administrator knows his or her password. The client side combines the password with a random challenge, issued by the {MSP} server for each session, and hashes it with SHA-1. The server side tests this result to grant access or not. The unique random challenge protects against a man-in-the-middle attack sniffing the network, capturing the random bits, and using them later to access the {MSP} server. 3.3.6. Web Access 3.3.6.1. The Web site itself is protected by {MSP} Patch Management. The {MSP} Patch scan is run on the {MSP} server every day. As soon as new patches are released, the {MSP} Patch scan automatically detects they are needed and applies all security patches automatically. 4. Basic Requirements 4.1. Description This lists the minimum requirements for customers to be able to receive any of the {MSP} services 4.2. 1. 2. 3. 4. 5. 6. 7. 8. 9. Requirements/Pre-requisites Windows Based Operating System on the following: 1.1. As per what Microsoft currently support 1.2. Where Microsoft drop support for a product {MSP} will let you know and a separate arrangement will be made to upgrade existing hardware/software to meet Microsoft’s new requirement All PC’s/Servers must perform to the specification as outlined by Microsoft for the given operating system or application system {MSP} Agent installed and working (supplied by {MSP}) Broadband or equivalent ‘always on’ internet connection with at least 256Kb’s spare capacity (not a dial-up connection, unless roaming out of office). For sites with more than 10 PC’s a higher specification connection may be required, for example SDSL. Firewall/router or similar port blocking device, set to block all inbound traffic (except where required for internal functionality). Access to change the firewall device above to allow outbound traffic on port 5721 Machines left on continuously where possible (unless agreed otherwise), with power saving setup to minimize wastage ({MSP} can configure this for you). An {MSP} information panel will be displayed on the machine desktop that will be used to help identify the machine for support purposes, this must not be removed {MSP} will introduce some small records into the Windows registry to keep track of internal settings for delivering the service 4.3. Customer Obligations Where some part of a customer environment does not meet the criteria as specified above, {MSP} will be unable to setup any service, or continue to deliver service to that device or site (if the item affects an entire site) until the environment is bought back in line with {MSP}’s minimum requirements. Where service is already being delivered by {MSP} and the environment is changed outside the afore mentioned requirements either by the customer, by {MSP}, it’s partners or a 3rd party, {MSP} will at it’s discretion continue to deliver service to that environment until it can be bought back into alignment with the requirements, for a period of up to 14 days, or until next payment date is due for the customer, whichever is sooner. After which time if support is to continue an extra charge will be levied to support a machine outside of the required specification, generally this will be three times the normal monthly cost of supporting a machine per month or part thereof. Unless the changes are directly a result of negligence on the part of {MSP} or it’s partners, all costs involved in bringing an environment back in line with requirements will be meet by the customer. {MSP} will not meet any costs as a result of 3rd parties. {MSP} will make all endeavours to warn the customer of the costs before undertaking any work, but will also try to operate in the best interests of the customer and the continuation of it’s business, and may take it upon itself to deliver chargeable services where this would be continuing to operate in the spirit of the previous spending and decisions made by that customer in accordance with the perceived business impact or possible service disruption. Managed Services 5. Continual Audit 5.1. Requirements/Pre-requisites/Limitations 5.1.1. 5.1.2. 5.1.3. 5.2. As per {MSP} minimum requirements DMI/SIMBIOS compatible motherboard with PCI or above slots (not ISA) RAID controllers will not be separately identified Frequency 5.2.1. Machines will be set to renew audit information every 7 days and be set to skip if machine is not available at the time of the audit. 5.3. Deliverable 5.3.1. 5.3.2. a. b. c. d. e. Monthly Executive summary report which includes license summary. Upon Request: Report of Licensed Software (as per Kaseya Software License database) Full installed application list (note, this is an extremely large report and can only be run as a one-off and not continuously, if this is required in hard copy it may incur a printing cost) Operating System report Hardware report System settings 6. Capacity Monitoring 6.1. 6.1.1. 6.2. 6.2.1. 6.3. Requirements/Pre-requisites/Limitations As per {MSP} minimum requirements Frequency Machines will be set to provide Capacity Monitoring on a continuous basis Deliverable 6.3.1. Monthly Executive Report showing available space & total space % breakdown 6.3.2. Detailed Capacity report available upon request. 6.4. Actions 6.4.1. If disk space falls to within 10% of total on any fixed partition, {MSP} will contact you with this information and suggested corrective action. 6.4.2. Upon disk space reaching 10% of total on any fixed partition {MSP} will run an automatic clean-up to try and free-up any unnecessary system files and delete any temporary user files. This is done in the best interests of the health of a machine, as a completely full HDD on a windows machine can cause complete failure, so all attempts will be made to avoid that happening. 6.5. Exceptions 6.5.1. This service only covers standard fixed HDD partitions, not external devices such as USB devices etc. or mapped drives. 6.5.2. Where the disks are already clean and no further room can be made the automatic cleanup will not run. 6.5.3. If the disk is filling up extremely fast (within second or minutes) then the {MSP} alert may not be quick enough to catch this happening. Something would have to already be seriously wrong for this to take place, and under such circumstances {MSP} cannot accept responsibility for capacity of the machine, or any failure of the device caused by such. Recovery or fix would be at the discretion of {MSP} and may be chargeable. 7. Weekly OS Inspection and Cleansing 7.1. 7.1.1. 7.2. Requirements/Pre-requisites/Limitations As per {MSP} minimum requirements Frequency 7.2.1. Machines will be set to provide OS Inspection and Cleansing every 7 days and be set to skip if machine is not available at the time of the service. A defragmentation will happen every 30 days (this will be skipped on a machine if no de-fragmentation is found). 7.3. Deliverable 7.3.1. {MSP} System script and clean up tool using Windows Disk Cleanup 7.3.2. {MSP} System script running Windows and 3rd Party De-frag tools 7.3.3. Entry of cleanup and defrag into {MSP} System log 7.3.4. Monthly executive report showing count of cleansing and defrags on all machines 7.3.5. Local Pop-up on machine to warn users that the service is running (optional) 8. Anti-Spyware Active Protection 8.1. Requirements/Pre-requisites/Limitations 8.1.1. As per {MSP} minimum requirements 8.1.2. Windows Defender Beta 2 ({MSP} will install if not already on the machine) 8.1.3. {MSP} may see fit to remove other Anti-Spyware programs from your machine if they will interfere with delivery of the service 8.2. Frequency 8.2.1. A Weekly scheduled service that will ensure the Anti-Spyware program is activated is updated and that a clean-up has been run on the system. 8.3. Deliverable 8.3.1. Included in the Executive Summary will be a list of the number of scans and updates that have taken place. 8.3.2. A log entry will be created on {MSP}’s system so separate report can be generated if required 8.3.3. Anti-Spyware Definitions updated minimum monthly 8.4. Actions 8.4.1. An alert will be raised with the {MSP} NOC if any Spyware is found on a machine. It is expected that this would be removed by the automatic cleanup, but the ticket that this alert will raise will be followed up to ensure this is the case. 8.5. Exceptions 8.5.1. While {MSP} will make every effort to ensure your machine is safe from Spyware, we do not guarantee that your machine can not be infected in exceptional circumstances. Where this does happen, any resulting support or service required may be chargeable at the discretion of {MSP}, but with consultation with the Customer. 9. AV Total Protection 9.1. Requirements/Pre-requisites/Limitations 9.1.1. As per {MSP} minimum requirements 9.1.2. GriSoft AVG professional will be supplied and installed by {MSP} 9.1.3. Any other Anti-virus programs will be disabled and may be removed, it is up to the customer to ensure they have the necessary files/paperwork to reinstall this software should you stop receiving this service from {MSP} 9.2. Frequency 9.2.1. A Weekly scheduled service that will ensure the Anti-Virus program is activated is updated and that a clean-up has been run on the system. 9.3. Deliverable 9.3.1. Included in the Executive Summary will be a list of the number of scans and updates that have taken place. 9.3.2. Script log entry so separate report is possible 9.3.3. Definitions updated minimum monthly 9.4. Actions 9.4.1. An alert will be raised with the {MSP} NOC if any Virus is found on a machine. It is expected that this would be removed by the automatic cleanup, but the ticket will be followed up with high priority to ensure this is the case. 9.5. Exceptions 9.5.1. While {MSP} will make every effort to ensure your machine is safe from Viruses, we do not guarantee that your machine can not be infected in exceptional circumstances. Where this does happen, any resulting support or service required may be chargeable at the discretion of {MSP}, but with consultation with the Customer. 10. Security updates to Microsoft Software 10.1. Requirements/Pre-requisites/Limitations 10.1.1. As per {MSP} minimum requirements 10.2. Frequency 10.2.1. Weekly scans to assess patch requirements 10.2.2. {MSP} internal machines are patched Monday and Tuesday with the latest patches to ensure reliability 10.2.3. Custom machines patched between Thursday – Sunday each week 10.3. Deliverable 10.3.1. Latest patches as per Microsoft’s recommendations will be installed on all managed machines 10.3.2. Included in the Executive Summary will be a list of the number of scans and updates that have taken place. 10.3.3. Script log entry so separate report is possible 10.3.4. Patch status shown in monthly executive summary report 10.3.5. Detailed patch report available on request 10.3.6. An Alert will be raised with the {MSP} NOC if a patch fails to install 10.3.7. Where possible Patches will be downloaded once to a central file share on the local network and then delivered across the local area network to conserve internet bandwidth 10.4. Actions 10.4.1. Assess test machines on Wednesday and approve patches for Customer machines 10.4.2. Any issues raised with the NOC will be dealt with as per normal ticket affecting 1 user. 10.5. Exceptions 10.5.1. Where a patch / hotfix causes system problems on a customer machine {MSP} staff will roll back the patch / hotfix to try to resolve the problem 10.5.2. Patches come from Microsoft and not from {MSP}, therefore {MSP} cannot be responsible for any adverse reaction that a patch might have with any particular machine configuration. In in unlikely event of a machine failure {MSP} will restore the machine to it’s last good backup with no charge. 11. Monitoring of System and Security Logs 11.1. Requirements/Pre-requisites/Limitations 11.1.1. As per {MSP} minimum requirements 11.1.2. Windows Event logging switched on 11.1.3. No other software interferes with Windows Event logs 11.2. Frequency 11.2.1. Even logs will be scanned and uploaded to {MSP} NOC on a continuous basis 11.3. Deliverable 11.3.1. List of event log activity will be shown in Monthly Executive Summary report 11.3.2. Full latest inclusion and exclusion list supplied on request 11.4. Actions 11.4.1. Where any of the faults in the {MSP} Inclusion list is found an Alert will be raised ant a ticket created at the {MSP} NOC. 11.4.2. An Alert will be raised where anything falls outside the {MSP} Exclusion list, the Alert will be looked at to see if it warrants further investigation and if so, a ticket will be raised. 11.4.3. Any issues raised with the NOC will be dealt with as per normal ticket affecting 1 user. 11.4.4. The Event Logs can often pick up and idetntify issues which require attention, such as with applications installed on machines (please note most applications are outside the scope of {MSP}’s support). Any time spent fixing such problems will be chargeable, but the customer will be notified before any such chargeable work is undertaken. 11.5. Exceptions 11.5.1. Monitoring will stop where machines start producing more than 100 Event Log entries per hour, this will be alerted and investigated as a separate issue. 11.5.2. Where the Event Logging is stopped due to undue Event Creation the Monthly report may be affected and this will be pointed out by {MSP} Staff 11.5.3. If a machine is generating an unordinary number of alerts, this can adversely effect the {MSP} system, so {MSP} at it’s discretion will stop monitoring Event Logs on this machine until the problem is rectified (this may incur an extra charge), or discontinue support for this machine completely. 12. Desktop Policy Enforcement 12.1. Requirements/Pre-requisites/Limitations 12.1.1. As per {MSP} minimum requirements 12.1.2. Windows active directory and group policies, professional operating system 12.1.3. Clear agreement with Customer of current Corporate Policy 12.2. Frequency 12.2.1. This is a continuous service, but the details of the desktop policy will be reviewed annually, or more often on request 12.3. Deliverable 12.3.1. Login policy (times places etc) 12.3.2. Accounts policy (admin settings user account usage, own account etc) 12.3.3. Corporate Screensaver? 12.3.4. Desktop look and feel, background, colurs, fonts, IE 6 or later settings 12.3.5. Block Access to the following programs: 12.3.5.1. Kazaa 12.3.5.2. Share Bear 12.3.5.3. Audio Galaxy 12.3.5.4. iTunes 12.3.5.5. BitTorrent 12.3.5.6. Getright 12.3.6. File Shares on machines (should be none) 12.3.7. Installation of other Applications, 12.3.7.1. is this allowed, 12.3.7.2. by whom, 12.3.7.3. what approval policy 12.3.7.4. Block editing of Windows system settings (such as the registry) 12.4. Actions 12.4.1. {MSP} will consult with customer to create a policy if there isn’t one already 12.4.2. {MSP} will set up a way to implement the policy 12.4.3. {MSP} will monitor the policy and alert on any deviations 12.5. Exceptions 12.5.1. Where users are given local admin rights it will always be possible for them to circumvent policies, therefore {MSP} cannot enforce a policy where the user is a local administrator 12.5.2. Please note that enforcement of policy can restrict users’ ability to perform actions on their machine(s) which may mean they need to contact {MSP} to perform some actions on their machine, giving delays to some actions. {MSP} will always try to keep these delays to a minimum but accept no responsibility for any inconvenience caused by such delays, as this service is in place to protect the security of the customer. 13. Online Reports 13.1. Requirements/Pre-requisites/Limitations 13.1.1. As per {MSP} minimum requirements 13.1.2. Email address supplied for main site contact 13.2. Frequency 12.2.1 Updated Monthly 13.3. Deliverable 13.3.1. URL’s 13.3.1.1. 13.3.1.2. 13.3.1.3. 13.3.1.4. 13.3.1.5. emailed for each of the following report types: Executive Summary Uptime History Patch Status Disk Usage Machine Summary 14. Event Log Monitoring 14.1. Requirements/Pre-requisites/Limitations 14.1.1. As per {MSP} minimum requirements 14.2. Frequency 14.2.1. This is an ongoing service that is constantly monitoring the Windows Event Logs. The system can pickup and respond to errors inside the Windows Event Log with 30 seconds. 14.3. Deliverable 14.3.1. The Executive Summary report will show a total each month of the number of actionable items found in the Application Event Log 14.3.2. {MSP} filters and looks through the logs for specific know problems and turns these into tickets which will be checked and responded to. 14.3.3. A full list of all the Filtered events that {MSP} monitor for can be found in the Appendix. 14.4. Actions 14.4.1. Any Events that are found via the filters and raised as a ticket will be investigated by an engineer and if any fault is found this will be resolved wherever possible via remote management. 14.5. Exceptions 14.5.1. Where a problem is as a result of hardware failure, this cost is not included in support 14.5.2. Where a problem requires an onsite visit this is not included 14.5.3. If a problem is complex and affected by other systems {MSP} will put this information together into a report of findings that will delivered to the customer along with a course of action and costs associated with taking corrective action 15. Hardware and Software Change Monitoring 15.1. Requirements/Pre-requisites/Limitations 15.1.1. As per {MSP} minimum requirements 15.2. Frequency 15.2.1. This change monitoring takes place at the same frequency as the Continual Audit service 15.3. Deliverable 15.3.1. Separate Monthly change report can be supplied on requests 15.3.2. Engineers will work through the monitored alert list for any anomalies, and where these are found a ticket will be raised and the customer informed. 15.4. Exceptions 15.4.1. The hardware change report does not cover external devices such as USB keys and USB attached drives, unless these have a windows hardware driver that makes them appear as a part of the normal OS operation. 16. Bandwidth Usage Monitoring 16.1. Requirements/Pre-requisites/Limitations 16.1.1. As per {MSP} minimum requirements 16.1.2. Windows XP Pro SP2 or later or 2003 SP1 patch or later 16.1.3. Installation of Kaseya Network Protection Driver 16.2. Frequency 16.2.1. On request, runs for 7 days 16.3. Deliverable 16.3.1. Bandwidth Usage report by machine and by top 10 applications across all machines, sent via email. 16.4. Actions 16.4.1. A ticket will be raised with a 7 day due date to ensure the system is turned off after that period has elapsed. 16.5. Exceptions 16.5.1. The Bandwidth Monitoring requires use of a Driver installed by the {MSP} monitoring system. This is a system level driver inserted in the TCP/IP stack. In rare circumstances this can interfere with normal operation of the machine, for example loss of network connectivity. Where such issues occur {MSP} will endeavour to remove the Driver and reboot the machine to enable connectivity again. Where other more adverse effects encountered {MSP} will operate on a best-endeavour basis to get the machine fully operation as soon as possible, however any site visit require will be chargeable. 17. Onsite Visits Policy 17.1. Requirements/Pre-requisites/Limitations 17.1.1. {MSP} will only send an engineer onsite where all other options have been exhausted. As this will be chargeable you will be warned before and engineer is sent onsite. 17.1.2. The Engineer will only stay onsite for the length of time required to address the issue at hand, and will not undertake any other work while onsite, unless this is agreed by an Account Manager and any extra time and expense agreed. 17.2. Frequency 17.2.1. There are no pre-booked onsite visits as a part of the Service Level Agreement and all ad-hoc onsite visits will be chargeable. 17.3. Deliverable 17.3.1. Time onsite will be delivered in 1 hour blocks with a minimum of two chargeable hours. 17.3.2. Travel to site will be a set charge of 1 hour of normal chargeable time. 17.4. Exceptions 17.4.1. Where the customer is more than 1 hours travel one way from {MSP} travel will be charged on an hourly basis by agreement. Costs may also be incurred for travel by means other than a car, and some small charge for mileage if the site is over 100 miles away from {MSP}, this will also be by agreement. Appendix Workstation Event Log monitoring The following events will be monitored and responded to in the Windows Event Log Source Filter Category Filter Event ID User Filter Description Filter *Application popup* *Microsoft Office* *Ntfs* * * * 26 11 All IDs * * * *OMCI* * 2 * *Sophos Anti-Virus* *Sophos Anti-Virus* 2 16 * * *SophosAntiVirus* *sweepNT* *SweepNT* *Tcpip* * *Potentially unwanted application* * * * * * * *The file system structure on the disk is corrupt and unusable* *Amount of physical memory* * * 6 17410 17409 4198 * * * * * * * * Application Error Application Hang Folder Redirection NETLOGON * * * * 1000 1002 101 5719 * * * * *Faulting application* *Hanging application* * *No Windows NT Domain Controller is available for domain* Server Event log monitoring The following events will be monitored and responded to in the Windows Event Log Source Filter Category Event ID Filter User Filter Description Filter APCPBAgent * 1025 * *Shutdown In Progress* APCPBAgent * 2000 * *UPS On Battery* APCPBEAgent * 3003 * *UPS Battery Is Discharged* APCPBEAgent * 3030 * *Insufficient Runtime Available* DhcpServer * 1051 * *The DHCP/BINL service has determined that it is not authorized* DhcpServer * 1051 * *The DHCP/BINL service has determined that it is not authorized* *The previous system shutdown at* EventLog * 6008 * EventLog * 6009 * *Uniprocessor Free* IISAdmin * 104 * Microsoft ISA Server * 12206 * *IISADMIN service failed to create account* *proxy chain loop* Microsoft ISA Server * 14141 * *proxy chain loop* MSExchangeDSAcc ess Topology 2102 * *All Domain Controller Servers in use are not responding* MSExchangeIS * 1112 * *has reached the maximum allowed size* MSExchangeIS * 1112 * *has reached the maximum allowed size* MSExchangeIS * 1003 * *The disk is full. Attempting to stop the Microsoft Exchange Information Store service* MSExchangeIS * 1113 * *The log disk is full. Attempting to stop the Microsoft Exchange Information Store service* MSExchangeIS * 1159 * *Database error* MSExchangeSA * 1005 * *Unexpected error* NETBT * 4319 * *A duplicate name has been detected on the TCP network.* NETLOGON * 5719 * *No Windows NT Domain Controller is available for domain* Server * 2511 * *The server service was unable to recreate the share* SQLExecutive * 208 * *SQL Server Scheduled Task* sqlserveragent * 208 * *SQL Server Scheduled Job*failed* sqlserveragent * 103 * *SQLServerAgent could not be started* TermServLicensing * 18 * *Terminal Services Licensing* WSH * 1 * *Exchanges Information Store *
© Copyright 2024