{MSP} SERVICE LEVEL X Service Level Agreement

{MSP}
SERVICE LEVEL X
Service Level Agreement
Terms used in this document ................................................................................................................4
SERVICE LEVEL AGREEMENT – SLA X
5
Introduction ............................................................................................................................................5
Response times ........................................................................................................................................5
Priority Definitions ...............................................................................................................................6
SERVICE LEVEL AGREEMENT ACCEPTANCE
7
Charges....................................................................................................................................................7
Customer .................................................................................................................................................7
{MSP} ......................................................................................................................................................7
Articles.....................................................................................................................................................8
1.
Privacy & Data Protection ..........................................................................................................8
2.
Security .......................................................................................................................................10
3.
3.1.
3.2.
3.3.
Basic Requirements ...................................................................................................................11
Description ...........................................................................................................................11
Requirements/Pre-requisites .................................................................................................11
Customer Obligations ........................................................................................................... 11
MANAGED SERVICES
4.
12
4.1.
4.2.
4.3.
Continual Audit .........................................................................................................................12
Requirements/Pre-requisites/Limitations..............................................................................12
Frequency .............................................................................................................................12
Deliverable ...........................................................................................................................12
5.1.
5.2.
5.3.
5.4.
5.5.
Capacity Monitoring..................................................................................................................13
Requirements/Pre-requisites/Limitations..............................................................................13
Frequency .............................................................................................................................13
Deliverable ...........................................................................................................................13
Actions..................................................................................................................................13
Exceptions ............................................................................................................................13
6.1.
6.2.
6.3.
Weekly OS Inspection and Cleansing ......................................................................................14
Requirements/Pre-requisites/Limitations..............................................................................14
Frequency .............................................................................................................................14
Deliverable ...........................................................................................................................14
7.1.
7.2.
7.3.
7.4.
7.5.
Anti-Spyware Active Protection ...............................................................................................15
Requirements/Pre-requisites/Limitations..............................................................................15
Frequency .............................................................................................................................15
Deliverable ...........................................................................................................................15
Actions..................................................................................................................................15
Exceptions ............................................................................................................................15
8.1.
8.2.
AV Total Protection...................................................................................................................16
Requirements/Pre-requisites/Limitations..............................................................................16
Frequency .............................................................................................................................16
5.
6.
7.
8.
8.3.
8.4.
8.5.
Deliverable ...........................................................................................................................16
Actions..................................................................................................................................16
Exceptions ............................................................................................................................16
9.1.
9.2.
9.3.
9.4.
9.5.
Security updates to Microsoft Software...................................................................................17
Requirements/Pre-requisites/Limitations..............................................................................17
Frequency .............................................................................................................................17
Deliverable ...........................................................................................................................17
Actions..................................................................................................................................17
Exceptions ............................................................................................................................17
9.
10. Monitoring of System and Security Logs.................................................................................18
10.1.
Requirements/Pre-requisites/Limitations..............................................................................18
10.2.
Frequency .............................................................................................................................18
10.3.
Deliverable ...........................................................................................................................18
10.4.
Actions..................................................................................................................................18
10.5.
Exceptions ............................................................................................................................18
11. Desktop Policy Enforcement..................................................................................................... 19
11.1.
Requirements/Pre-requisites/Limitations..............................................................................19
11.2.
Frequency .............................................................................................................................19
11.3.
Deliverable ...........................................................................................................................19
11.4.
Actions..................................................................................................................................19
11.5.
Exceptions ............................................................................................................................19
12. Online Reports ...........................................................................................................................20
12.1.
Requirements/Pre-requisites/Limitations..............................................................................20
12.2.
Frequency .............................................................................................................................20
12.3.
Deliverable ...........................................................................................................................20
13. Event Log Monitoring ...............................................................................................................21
13.1.
Requirements/Pre-requisites/Limitations..............................................................................21
13.2.
Frequency .............................................................................................................................21
13.3.
Deliverable ...........................................................................................................................21
13.4.
Actions..................................................................................................................................21
13.5.
Exceptions ............................................................................................................................21
14. Hardware and Software Change Monitoring..........................................................................22
14.1.
Requirements/Pre-requisites/Limitations..............................................................................22
14.2.
Frequency .............................................................................................................................22
14.3.
Deliverable ...........................................................................................................................22
14.4.
Exceptions ............................................................................................................................22
15. Bandwidth Usage Monitoring...................................................................................................23
15.1.
Requirements/Pre-requisites/Limitations..............................................................................23
15.2.
Frequency .............................................................................................................................23
15.3.
Deliverable ...........................................................................................................................23
15.4.
Actions..................................................................................................................................23
15.5.
Exceptions ............................................................................................................................23
16. Onsite Visits Policy ....................................................................................................................24
16.1.
Requirements/Pre-requisites/Limitations..............................................................................24
16.2.
Frequency .............................................................................................................................24
16.3.
Deliverable ...........................................................................................................................24
16.4.
Exceptions ............................................................................................................................24
Appendix ...............................................................................................................................................25
Workstation Event Log monitoring ....................................................................................................25
Server Event log monitoring ...............................................................................................................25
Terms used in this document
{MSP} – {MSP}
NOC – Network Operations Centre, central helpdesk where {MSP} services are run from
Service Level Agreement – SLA X
Introduction
As most traditional IT services are based around site visits by engineers, often an SLA has
come to be based around that deliverable, meaning the measurable standards are how
quickly you see someone on site.
Many of the services delivered by {MSP}s SLA1 can actually be ‘invisible’ in many ways to
a non-technical end user. To ensure that our customers get value for money we therefore
seek to make this ‘visible’. To do that we outline here all tasks that are carried out as a
part of the service contract, what they do, how the work, and how you can tell very easily
if they are being done as per the service agreement.
It is also the fundamental premise of {MSP} to avoid onsite visits wherever possible, as
this drives up the cost of providing support, and slows down the provision, so our Service
Levels are designed to avoid onsite visits and provide better service remotely, this benefits
all of our customers.
Response times
It is difficult to set response times for many of the services that {MSP} provides as many
of them are complex automated services, and so the response is immediate. These need a
lot of care an attention to make sure that they all work correctly, but this maintenance is
ongoing and continuous.
However, where you make contact with us, we will prioritise the incident as covered in the
‘Setting Priorities’ section and will agree to respond within the given time frames.
A response does not merely mean we will let you know we have received your message, it
means we will look at your issue, started diagnosis, and we will come back to you with 4
facts:
1)
2)
3)
4)
A clear agreement of what the incident is about
An owner for the problem both at {MSP} and your company
A clear outline from {MSP} as to what the next steps are
An expected time frame to resolution of the problem (a ‘Fix’ time)
In furnishing you with this information we have satisfied the ‘Response’ as constituted by
this service agreement.
It is extremely important that you discuss the Priority clearly with the {MSP}
representative as the priority will be set by agreement, the default Priority will be used if
you do not specify. You must also be realistic about the priority of an incident. Any
incidents which have been set above their allotted Response will be dropped to the
appropriate Priority by a senior member of {MSP}, which will also reset the count time for
the incident.
The target Response times set out for SLA1 are as follows:
Priority
Response Time
Emergency
Urgent
High
Normal
1
4
1
3
Hour
Hours
Day
Days
Priority Definitions
As the setting of Priority for an incident carries such an important weight in the delivery of
service, it is imperative that this is carried out in a consistent and fair manner for all
customers. To ensure this, clear definitions exist to decide what priority any incident will
come under, and this is based upon the business impact.
Priority
Definition
Example
Emergency
All users on a site unable to work
Urgent
1 user unable to work or all users greatly
inconvenienced
•
•
•
•
•
•
•
•
•
High
1 user unable to perform a single function
or experiencing inconvenience
General question, enquiry or problem that
does not effect any users ability to work
Normal
•
•
•
•
Virus Outbreak
Email server failure
Server crash
Network failure
Single virus
Users machine crashed
Internet outage*
Important File unavailable
Printer problem for
important meeting
Application fault
File unavailable
How do I…?
How much would …cost?
*Note that Internet outage is not an emergency priority as it is held with a 3rd party – your ISP, and while {MSP} will
endeavour to chase this as quickly as possible it is in the end, outside of our control.
If at any time you feel that your incident has either not been given the appropriate
priority, or that your incident is not being dealt with quickly enough, then you should
contact your account manager, as listed in this document. You are of course also welcome
to contact the Managing Director of the company at any time on MD@{MSP}.net
Service Level Agreement Acceptance
To ensure that the document has been understood by both parties and that there is
agreement over the service that is going to be delivered the acceptance section needs to
be filled in and signed by both parties. Unless there are changes to the service which is
being delivered this will be carried forward to any extra machines that are added to the
agreement.
Charges
This service level agreement will attract the following charges:
XX per month for PC Support
XX per month for Laptop Support
XX per month for Server Support
Any onsite visits will be charged at XX per hour, with conditions as outlined in section 16.
Customer
I hereby accept that I have read the Service Level Agreement document and have
understood and agree to the conditions in place upon the service that will be delivered to
me by {MSP}, and in particular realising the realistic Limitations on a fixed price service.
Number of PCs:_______
Number of Laptops:_______
Number of Servers:_______
Customer:_________________________________________________
Signed:___________________________________________________
Date:_____________________________________________________
{MSP}
I hereby agree that I have taken any and all steps to ensure that the customer
understands the service that they are being offered by {MSP}, and will take all measures
possible to ensure that {MSP} is delivering this service to the customer by regularly
delivering reports and checking customer satisfaction.
{MSP} Account Manager:___________________________________________
Signed:___________________________________________________________
Date:_____________________________________________________________
Articles
1. Moves Adds and Changes
As a part of the managed service we are including as per this agreement fixed services
which are delivered as a part of the Managed Service cost.
New items are not supported in this agreement
2. Privacy & Data Protection
2.1. Each party shall ensure that it shall at all times during the term of this agreement
comply with all the provisions and obligations imposed on it by Data Protection
legislation.
2.2. For the purpose of this agreement the Data Protection Act shall mean:
2.2.1. the Data Protection Act 1984 as long and as far as it is still applicable to
processing of personal data pursuant to this Agreement;
2.2.2. the Data Protection Act 1998 as soon as it becomes applicable to
processing of personal data pursuant to this agreement
2.2.3. any other data protection legislation adopted pursuant to the Data
Protection Act 1998
2.3. The {MSP} support system holds only technical data, and any contact data as
supplied by the customer to {MSP}. {MSP} will not use this data in any way other
than to provide service as outlined in this document. {MSP} will not share your
information with any 3rd Parties, or use it for any marketing activities except
where you have given us permission.
3.
Security
3.1. Network Access
3.1.1. To provide IT support it is necessary for {MSP} to have full administration
access to your network and any supported machines, you must agree to this
to allow us to forfill the requirements of this service.
3.1.2. You must allow access for the {MSP} support system by opening port 5721
on your network for outbound access, or giving permission for {MSP} to set
up such access (a site visit to set this up may incur a charge).
3.2. Passwords
3.2.1. {MSP} will need passwords to access the network environment, including
but not limited to:
3.2.1.1.
Windows Domains, Local Windows admin accounts, Routers,
Firewalls
3.2.2. {MSP} will set up Admin accounts for its own technical access to your
systems. We will use strong password technique, this also means your
password is unique to your business, but is based on a formula so that it can
not be guessed, and does not need to be written down or stored. {MSP} does
not reveal this information to customers, and customers asking for password
information will be refused. It is an offence for any member of {MSP}’s staff
to disclose any Admin passwords to anyone outside the {MSP} security team
and will result in immediate dismissal.
3.3. Listed below are the security features implemented by {MSP} as part of it’s
management system:
3.3.1. The {MSP} management system is designed with comprehensive security
throughout. The {MSP} system’s design team brings over 50 years of
experience designing secure systems for government and commercial
applications.
3.3.2. {MSP} Agent
3.3.2.1.
The {MSP} platform architecture is central to providing maximum
security. Each computer managed has a small agent installed. The
agent initiates all communications back to the server. Since the agent
will not accept any inbound connections, it is impossible for a third
party application to attack the agent from the network.
3.3.3. Firewalls
3.3.3.1.
{MSP} does not need any input ports opened on client machines.
This lets the agent do its job in any network configuration without
introducing susceptibility to inbound port probes or new network
attacks.
3.3.4. Encryption
3.3.4.1.
{MSP} protects against man-in-the-middle attacks by encrypting
all communications between the agent and server with 256-bit RC4
using a key that rolls every time the server tasks the agent (typically at
least once per day). Since there are no plain-text data packets passing
over the network, there is nothing available for an attacker to exploit.
3.3.5. Secure Access
3.3.5.1.
Administrators access the {MSP} server through a Web interface
after a secure logon process. The system never sends passwords over
the network and never stores them in the database. Only each
administrator knows his or her password. The client side combines the
password with a random challenge, issued by the {MSP} server for
each session, and hashes it with SHA-1. The server side tests this result
to grant access or not. The unique random challenge protects against a
man-in-the-middle attack sniffing the network, capturing the random
bits, and using them later to access the {MSP} server.
3.3.6. Web Access
3.3.6.1.
The Web site itself is protected by {MSP} Patch Management. The
{MSP} Patch scan is run on the {MSP} server every day. As soon as
new patches are released, the {MSP} Patch scan automatically detects
they are needed and applies all security patches automatically.
4.
Basic Requirements
4.1.
Description
This lists the minimum requirements for customers to be able to receive any of the {MSP}
services
4.2.
1.
2.
3.
4.
5.
6.
7.
8.
9.
Requirements/Pre-requisites
Windows Based Operating System on the following:
1.1. As per what Microsoft currently support
1.2. Where Microsoft drop support for a product {MSP} will let you know and a
separate arrangement will be made to upgrade existing hardware/software to
meet Microsoft’s new requirement
All PC’s/Servers must perform to the specification as outlined by Microsoft for the given
operating system or application system
{MSP} Agent installed and working (supplied by {MSP})
Broadband or equivalent ‘always on’ internet connection with at least 256Kb’s spare
capacity (not a dial-up connection, unless roaming out of office). For sites with more
than 10 PC’s a higher specification connection may be required, for example SDSL.
Firewall/router or similar port blocking device, set to block all inbound traffic (except
where required for internal functionality).
Access to change the firewall device above to allow outbound traffic on port 5721
Machines left on continuously where possible (unless agreed otherwise), with power
saving setup to minimize wastage ({MSP} can configure this for you).
An {MSP} information panel will be displayed on the machine desktop that will be used
to help identify the machine for support purposes, this must not be removed
{MSP} will introduce some small records into the Windows registry to keep track of
internal settings for delivering the service
4.3.
Customer Obligations
Where some part of a customer environment does not meet the criteria as specified above,
{MSP} will be unable to setup any service, or continue to deliver service to that device or
site (if the item affects an entire site) until the environment is bought back in line with
{MSP}’s minimum requirements.
Where service is already being delivered by {MSP} and the environment is changed
outside the afore mentioned requirements either by the customer, by {MSP}, it’s partners
or a 3rd party, {MSP} will at it’s discretion continue to deliver service to that environment
until it can be bought back into alignment with the requirements, for a period of up to 14
days, or until next payment date is due for the customer, whichever is sooner. After which
time if support is to continue an extra charge will be levied to support a machine outside of
the required specification, generally this will be three times the normal monthly cost of
supporting a machine per month or part thereof.
Unless the changes are directly a result of negligence on the part of {MSP} or it’s partners,
all costs involved in bringing an environment back in line with requirements will be meet
by the customer. {MSP} will not meet any costs as a result of 3rd parties.
{MSP} will make all endeavours to warn the customer of the costs before undertaking any
work, but will also try to operate in the best interests of the customer and the continuation
of it’s business, and may take it upon itself to deliver chargeable services where this would
be continuing to operate in the spirit of the previous spending and decisions made by that
customer in accordance with the perceived business impact or possible service disruption.
Managed Services
5. Continual Audit
5.1.
Requirements/Pre-requisites/Limitations
5.1.1.
5.1.2.
5.1.3.
5.2.
As per {MSP} minimum requirements
DMI/SIMBIOS compatible motherboard with PCI or above slots (not ISA)
RAID controllers will not be separately identified
Frequency
5.2.1. Machines will be set to renew audit information every 7 days and be set to
skip if machine is not available at the time of the audit.
5.3.
Deliverable
5.3.1.
5.3.2.
a.
b.
c.
d.
e.
Monthly Executive summary report which includes license summary.
Upon Request:
Report of Licensed Software (as per Kaseya Software License database)
Full installed application list (note, this is an extremely large report and
can only be run as a one-off and not continuously, if this is required in hard
copy it may incur a printing cost)
Operating System report
Hardware report
System settings
6. Capacity Monitoring
6.1.
6.1.1.
6.2.
6.2.1.
6.3.
Requirements/Pre-requisites/Limitations
As per {MSP} minimum requirements
Frequency
Machines will be set to provide Capacity Monitoring on a continuous basis
Deliverable
6.3.1. Monthly Executive Report showing available space & total space %
breakdown
6.3.2. Detailed Capacity report available upon request.
6.4.
Actions
6.4.1. If disk space falls to within 10% of total on any fixed partition, {MSP} will
contact you with this information and suggested corrective action.
6.4.2. Upon disk space reaching 10% of total on any fixed partition {MSP} will
run an automatic clean-up to try and free-up any unnecessary system files
and delete any temporary user files. This is done in the best interests of the
health of a machine, as a completely full HDD on a windows machine can
cause complete failure, so all attempts will be made to avoid that happening.
6.5.
Exceptions
6.5.1. This service only covers standard fixed HDD partitions, not external
devices such as USB devices etc. or mapped drives.
6.5.2. Where the disks are already clean and no further room can be made the
automatic cleanup will not run.
6.5.3. If the disk is filling up extremely fast (within second or minutes) then the
{MSP} alert may not be quick enough to catch this happening. Something
would have to already be seriously wrong for this to take place, and under
such circumstances {MSP} cannot accept responsibility for capacity of the
machine, or any failure of the device caused by such. Recovery or fix would
be at the discretion of {MSP} and may be chargeable.
7. Weekly OS Inspection and Cleansing
7.1.
7.1.1.
7.2.
Requirements/Pre-requisites/Limitations
As per {MSP} minimum requirements
Frequency
7.2.1. Machines will be set to provide OS Inspection and Cleansing every 7 days
and be set to skip if machine is not available at the time of the service. A defragmentation will happen every 30 days (this will be skipped on a machine if
no de-fragmentation is found).
7.3.
Deliverable
7.3.1. {MSP} System script and clean up tool using Windows Disk Cleanup
7.3.2. {MSP} System script running Windows and 3rd Party De-frag tools
7.3.3. Entry of cleanup and defrag into {MSP} System log
7.3.4. Monthly executive report showing count of cleansing and defrags on all
machines
7.3.5. Local Pop-up on machine to warn users that the service is running
(optional)
8. Anti-Spyware Active Protection
8.1.
Requirements/Pre-requisites/Limitations
8.1.1. As per {MSP} minimum requirements
8.1.2. Windows Defender Beta 2 ({MSP} will install if not already on the machine)
8.1.3. {MSP} may see fit to remove other Anti-Spyware programs from your
machine if they will interfere with delivery of the service
8.2.
Frequency
8.2.1. A Weekly scheduled service that will ensure the Anti-Spyware program is
activated is updated and that a clean-up has been run on the system.
8.3.
Deliverable
8.3.1. Included in the Executive Summary will be a list of the number of scans
and updates that have taken place.
8.3.2. A log entry will be created on {MSP}’s system so separate report can be
generated if required
8.3.3. Anti-Spyware Definitions updated minimum monthly
8.4.
Actions
8.4.1. An alert will be raised with the {MSP} NOC if any Spyware is found on a
machine. It is expected that this would be removed by the automatic
cleanup, but the ticket that this alert will raise will be followed up to ensure
this is the case.
8.5.
Exceptions
8.5.1. While {MSP} will make every effort to ensure your machine is safe from
Spyware, we do not guarantee that your machine can not be infected in
exceptional circumstances. Where this does happen, any resulting support or
service required may be chargeable at the discretion of {MSP}, but with
consultation with the Customer.
9. AV Total Protection
9.1.
Requirements/Pre-requisites/Limitations
9.1.1. As per {MSP} minimum requirements
9.1.2. GriSoft AVG professional will be supplied and installed by {MSP}
9.1.3. Any other Anti-virus programs will be disabled and may be removed, it is
up to the customer to ensure they have the necessary files/paperwork to
reinstall this software should you stop receiving this service from {MSP}
9.2.
Frequency
9.2.1. A Weekly scheduled service that will ensure the Anti-Virus program is
activated is updated and that a clean-up has been run on the system.
9.3.
Deliverable
9.3.1. Included in the Executive Summary will be a list of the number of scans
and updates that have taken place.
9.3.2. Script log entry so separate report is possible
9.3.3. Definitions updated minimum monthly
9.4.
Actions
9.4.1. An alert will be raised with the {MSP} NOC if any Virus is found on a
machine. It is expected that this would be removed by the automatic
cleanup, but the ticket will be followed up with high priority to ensure this is
the case.
9.5.
Exceptions
9.5.1. While {MSP} will make every effort to ensure your machine is safe from
Viruses, we do not guarantee that your machine can not be infected in
exceptional circumstances. Where this does happen, any resulting support or
service required may be chargeable at the discretion of {MSP}, but with
consultation with the Customer.
10. Security updates to Microsoft Software
10.1.
Requirements/Pre-requisites/Limitations
10.1.1. As per {MSP} minimum requirements
10.2.
Frequency
10.2.1. Weekly scans to assess patch requirements
10.2.2. {MSP} internal machines are patched Monday and Tuesday with the latest
patches to ensure reliability
10.2.3. Custom machines patched between Thursday – Sunday each week
10.3.
Deliverable
10.3.1. Latest patches as per Microsoft’s recommendations will be installed on all
managed machines
10.3.2. Included in the Executive Summary will be a list of the number of scans
and updates that have taken place.
10.3.3. Script log entry so separate report is possible
10.3.4. Patch status shown in monthly executive summary report
10.3.5. Detailed patch report available on request
10.3.6. An Alert will be raised with the {MSP} NOC if a patch fails to install
10.3.7. Where possible Patches will be downloaded once to a central file share on
the local network and then delivered across the local area network to
conserve internet bandwidth
10.4.
Actions
10.4.1. Assess test machines on Wednesday and approve patches for Customer
machines
10.4.2. Any issues raised with the NOC will be dealt with as per normal ticket
affecting 1 user.
10.5.
Exceptions
10.5.1. Where a patch / hotfix causes system problems on a customer machine
{MSP} staff will roll back the patch / hotfix to try to resolve the problem
10.5.2. Patches come from Microsoft and not from {MSP}, therefore {MSP} cannot
be responsible for any adverse reaction that a patch might have with any
particular machine configuration. In in unlikely event of a machine failure
{MSP} will restore the machine to it’s last good backup with no charge.
11. Monitoring of System and Security Logs
11.1.
Requirements/Pre-requisites/Limitations
11.1.1. As per {MSP} minimum requirements
11.1.2. Windows Event logging switched on
11.1.3. No other software interferes with Windows Event logs
11.2.
Frequency
11.2.1. Even logs will be scanned and uploaded to {MSP} NOC on a continuous
basis
11.3.
Deliverable
11.3.1. List of event log activity will be shown in Monthly Executive Summary
report
11.3.2. Full latest inclusion and exclusion list supplied on request
11.4.
Actions
11.4.1. Where any of the faults in the {MSP} Inclusion list is found an Alert will be
raised ant a ticket created at the {MSP} NOC.
11.4.2. An Alert will be raised where anything falls outside the {MSP} Exclusion
list, the Alert will be looked at to see if it warrants further investigation and if
so, a ticket will be raised.
11.4.3. Any issues raised with the NOC will be dealt with as per normal ticket
affecting 1 user.
11.4.4. The Event Logs can often pick up and idetntify issues which require
attention, such as with applications installed on machines (please note most
applications are outside the scope of {MSP}’s support). Any time spent
fixing such problems will be chargeable, but the customer will be notified
before any such chargeable work is undertaken.
11.5.
Exceptions
11.5.1. Monitoring will stop where machines start producing more than 100 Event
Log entries per hour, this will be alerted and investigated as a separate issue.
11.5.2. Where the Event Logging is stopped due to undue Event Creation the
Monthly report may be affected and this will be pointed out by {MSP} Staff
11.5.3. If a machine is generating an unordinary number of alerts, this can
adversely effect the {MSP} system, so {MSP} at it’s discretion will stop
monitoring Event Logs on this machine until the problem is rectified (this may
incur an extra charge), or discontinue support for this machine completely.
12. Desktop Policy Enforcement
12.1.
Requirements/Pre-requisites/Limitations
12.1.1. As per {MSP} minimum requirements
12.1.2. Windows active directory and group policies, professional operating system
12.1.3. Clear agreement with Customer of current Corporate Policy
12.2.
Frequency
12.2.1. This is a continuous service, but the details of the desktop policy will be
reviewed annually, or more often on request
12.3.
Deliverable
12.3.1. Login policy (times places etc)
12.3.2. Accounts policy (admin settings user account usage, own account etc)
12.3.3. Corporate Screensaver?
12.3.4. Desktop look and feel, background, colurs, fonts, IE 6 or later settings
12.3.5. Block Access to the following programs:
12.3.5.1. Kazaa
12.3.5.2. Share Bear
12.3.5.3. Audio Galaxy
12.3.5.4. iTunes
12.3.5.5. BitTorrent
12.3.5.6. Getright
12.3.6. File Shares on machines (should be none)
12.3.7. Installation of other Applications,
12.3.7.1. is this allowed,
12.3.7.2. by whom,
12.3.7.3. what approval policy
12.3.7.4. Block editing of Windows system settings (such as the registry)
12.4.
Actions
12.4.1. {MSP} will consult with customer to create a policy if there isn’t one
already
12.4.2. {MSP} will set up a way to implement the policy
12.4.3. {MSP} will monitor the policy and alert on any deviations
12.5.
Exceptions
12.5.1. Where users are given local admin rights it will always be possible for them
to circumvent policies, therefore {MSP} cannot enforce a policy where the
user is a local administrator
12.5.2. Please note that enforcement of policy can restrict users’ ability to perform
actions on their machine(s) which may mean they need to contact {MSP} to
perform some actions on their machine, giving delays to some actions.
{MSP} will always try to keep these delays to a minimum but accept no
responsibility for any inconvenience caused by such delays, as this service is
in place to protect the security of the customer.
13. Online Reports
13.1.
Requirements/Pre-requisites/Limitations
13.1.1. As per {MSP} minimum requirements
13.1.2. Email address supplied for main site contact
13.2.
Frequency
12.2.1 Updated Monthly
13.3.
Deliverable
13.3.1. URL’s
13.3.1.1.
13.3.1.2.
13.3.1.3.
13.3.1.4.
13.3.1.5.
emailed for each of the following report types:
Executive Summary
Uptime History
Patch Status
Disk Usage
Machine Summary
14. Event Log Monitoring
14.1.
Requirements/Pre-requisites/Limitations
14.1.1. As per {MSP} minimum requirements
14.2.
Frequency
14.2.1. This is an ongoing service that is constantly monitoring the Windows
Event Logs. The system can pickup and respond to errors inside the Windows
Event Log with 30 seconds.
14.3.
Deliverable
14.3.1. The Executive Summary report will show a total each month of the
number of actionable items found in the Application Event Log
14.3.2. {MSP} filters and looks through the logs for specific know problems and
turns these into tickets which will be checked and responded to.
14.3.3. A full list of all the Filtered events that {MSP} monitor for can be found in
the Appendix.
14.4.
Actions
14.4.1. Any Events that are found via the filters and raised as a ticket will be
investigated by an engineer and if any fault is found this will be resolved
wherever possible via remote management.
14.5.
Exceptions
14.5.1. Where a problem is as a result of hardware failure, this cost is not
included in support
14.5.2. Where a problem requires an onsite visit this is not included
14.5.3. If a problem is complex and affected by other systems {MSP} will put this
information together into a report of findings that will delivered to the
customer along with a course of action and costs associated with taking
corrective action
15. Hardware and Software Change Monitoring
15.1.
Requirements/Pre-requisites/Limitations
15.1.1. As per {MSP} minimum requirements
15.2.
Frequency
15.2.1. This change monitoring takes place at the same frequency as the
Continual Audit service
15.3.
Deliverable
15.3.1. Separate Monthly change report can be supplied on requests
15.3.2. Engineers will work through the monitored alert list for any anomalies,
and where these are found a ticket will be raised and the customer informed.
15.4.
Exceptions
15.4.1. The hardware change report does not cover external devices such as USB
keys and USB attached drives, unless these have a windows hardware driver
that makes them appear as a part of the normal OS operation.
16. Bandwidth Usage Monitoring
16.1.
Requirements/Pre-requisites/Limitations
16.1.1. As per {MSP} minimum requirements
16.1.2. Windows XP Pro SP2 or later or 2003 SP1 patch or later
16.1.3. Installation of Kaseya Network Protection Driver
16.2.
Frequency
16.2.1. On request, runs for 7 days
16.3.
Deliverable
16.3.1. Bandwidth Usage report by machine and by top 10 applications across all
machines, sent via email.
16.4.
Actions
16.4.1. A ticket will be raised with a 7 day due date to ensure the system is
turned off after that period has elapsed.
16.5.
Exceptions
16.5.1. The Bandwidth Monitoring requires use of a Driver installed by the {MSP}
monitoring system. This is a system level driver inserted in the TCP/IP stack.
In rare circumstances this can interfere with normal operation of the
machine, for example loss of network connectivity. Where such issues occur
{MSP} will endeavour to remove the Driver and reboot the machine to enable
connectivity again. Where other more adverse effects encountered {MSP} will
operate on a best-endeavour basis to get the machine fully operation as soon
as possible, however any site visit require will be chargeable.
17. Onsite Visits Policy
17.1.
Requirements/Pre-requisites/Limitations
17.1.1. {MSP} will only send an engineer onsite where all other options have been
exhausted. As this will be chargeable you will be warned before and engineer
is sent onsite.
17.1.2. The Engineer will only stay onsite for the length of time required to address
the issue at hand, and will not undertake any other work while onsite, unless
this is agreed by an Account Manager and any extra time and expense
agreed.
17.2.
Frequency
17.2.1. There are no pre-booked onsite visits as a part of the Service Level
Agreement and all ad-hoc onsite visits will be chargeable.
17.3.
Deliverable
17.3.1. Time onsite will be delivered in 1 hour blocks with a minimum of two
chargeable hours.
17.3.2. Travel to site will be a set charge of 1 hour of normal chargeable time.
17.4.
Exceptions
17.4.1. Where the customer is more than 1 hours travel one way from {MSP}
travel will be charged on an hourly basis by agreement. Costs may also be
incurred for travel by means other than a car, and some small charge for
mileage if the site is over 100 miles away from {MSP}, this will also be by
agreement.
Appendix
Workstation Event Log monitoring
The following events will be monitored and responded to in the Windows Event Log
Source Filter
Category
Filter
Event
ID
User
Filter
Description
Filter
*Application popup*
*Microsoft Office*
*Ntfs*
*
*
*
26
11
All IDs
*
*
*
*OMCI*
*
2
*
*Sophos Anti-Virus*
*Sophos Anti-Virus*
2
16
*
*
*SophosAntiVirus*
*sweepNT*
*SweepNT*
*Tcpip*
*
*Potentially
unwanted
application*
*
*
*
*
*
*
*The file system
structure on the disk
is corrupt and
unusable*
*Amount of physical
memory*
*
*
6
17410
17409
4198
*
*
*
*
*
*
*
*
Application Error
Application Hang
Folder Redirection
NETLOGON
*
*
*
*
1000
1002
101
5719
*
*
*
*
*Faulting application*
*Hanging application*
*
*No Windows NT
Domain Controller is
available for domain*
Server Event log monitoring
The following events will be monitored and responded to in the Windows Event Log
Source Filter
Category Event ID
Filter
User
Filter
Description
Filter
APCPBAgent
*
1025
*
*Shutdown In
Progress*
APCPBAgent
*
2000
*
*UPS On Battery*
APCPBEAgent
*
3003
*
*UPS Battery Is
Discharged*
APCPBEAgent
*
3030
*
*Insufficient Runtime
Available*
DhcpServer
*
1051
*
*The DHCP/BINL
service has determined
that it is not
authorized*
DhcpServer
*
1051
*
*The DHCP/BINL
service has determined
that it is not
authorized*
*The previous system
shutdown at*
EventLog
*
6008
*
EventLog
*
6009
*
*Uniprocessor Free*
IISAdmin
*
104
*
Microsoft ISA
Server
*
12206
*
*IISADMIN service
failed to create
account*
*proxy chain loop*
Microsoft ISA
Server
*
14141
*
*proxy chain loop*
MSExchangeDSAcc
ess
Topology
2102
*
*All Domain Controller
Servers in use are not
responding*
MSExchangeIS
*
1112
*
*has reached the
maximum allowed
size*
MSExchangeIS
*
1112
*
*has reached the
maximum allowed
size*
MSExchangeIS
*
1003
*
*The disk is full.
Attempting to stop the
Microsoft Exchange
Information Store
service*
MSExchangeIS
*
1113
*
*The log disk is full.
Attempting to stop the
Microsoft Exchange
Information Store
service*
MSExchangeIS
*
1159
*
*Database error*
MSExchangeSA
*
1005
*
*Unexpected error*
NETBT
*
4319
*
*A duplicate name has
been detected on the
TCP network.*
NETLOGON
*
5719
*
*No Windows NT
Domain Controller is
available for domain*
Server
*
2511
*
*The server service
was unable to recreate
the share*
SQLExecutive
*
208
*
*SQL Server
Scheduled Task*
sqlserveragent
*
208
*
*SQL Server
Scheduled Job*failed*
sqlserveragent
*
103
*
*SQLServerAgent
could not be started*
TermServLicensing
*
18
*
*Terminal Services
Licensing*
WSH
*
1
*
*Exchanges
Information Store *