2017-2018 Service Catalog - Agency for State Technology

July 2017
FY 2017-2018 Service Catalog
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Table of Contents
INTRODUCTION ............................................................................................................ 4
Service Management.................................................................................................... 4
Allocated Shared Services............................................................................................ 4
Direct Services ............................................................................................................. 5
Billing ........................................................................................................................... 5
Security Events ............................................................................................................ 5
Standard Environment .................................................................................................. 5
Dependencies Chart ..................................................................................................... 6
Glossary of Terms ........................................................................................................ 7
BACKUP AND RECOVERY PLATFORM .................................................................... 12
Data Protection Service .............................................................................................. 12
Data Archival Service ................................................................................................. 13
Service Level Commitment ......................................................................................... 13
Maintenance and Support Windows ........................................................................... 16
Roles and Responsibilities.......................................................................................... 17
DATABASE PLATFORM ............................................................................................. 19
Oracle Services .......................................................................................................... 19
Oracle Storage Service .............................................................................................. 20
DB2 For LUW (UDB) Services .................................................................................... 21
SQL Managed Instance .............................................................................................. 21
SQL Capacity Unit ...................................................................................................... 22
Service Level Commitment ......................................................................................... 24
Maintenance and Support Windows ........................................................................... 28
Roles and Responsibilities.......................................................................................... 29
DATA CENTER FACILITY AND OPERATIONS .......................................................... 35
Additional Electrical Circuit (Co-location service) ........................................................ 35
Page 1
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Floor Tiles (Co-location service) ................................................................................. 35
Rack Mounts (Co-location service) ............................................................................. 35
Scheduling Services ................................................................................................... 36
Service Level Commitment ......................................................................................... 37
Maintenance and Support Windows ........................................................................... 37
Roles and Responsibilities.......................................................................................... 37
MAINFRAME PLATFORM ........................................................................................... 44
z/OS Processing ......................................................................................................... 44
Backup/Virtual Storage ............................................................................................... 44
CICS Processing ........................................................................................................ 45
DB2 Processing .......................................................................................................... 45
DCF DB2 Processing ................................................................................................. 46
DCF IMS Processing .................................................................................................. 47
DCF Storage .............................................................................................................. 47
DCF z/OS Processing ................................................................................................ 48
Storage....................................................................................................................... 49
Service Level Commitment ......................................................................................... 50
Maintenance and Support Windows ........................................................................... 50
Roles and Responsibilities.......................................................................................... 50
MANAGED APPLICATIONS ........................................................................................ 53
Hosted Messaging Archive Service ............................................................................ 53
Citrix ........................................................................................................................... 53
Service Level Commitment ......................................................................................... 54
Maintenance and Support Windows ........................................................................... 54
Roles and Responsibilities.......................................................................................... 55
NETWORK PLATFORM .............................................................................................. 59
Load Balancing and Proxy .......................................................................................... 59
Network Unit ............................................................................................................... 59
Service Level Commitment ......................................................................................... 60
Page 2
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Maintenance and Support Windows ........................................................................... 60
Roles and Responsibilities.......................................................................................... 61
OPEN SYSTEMS PLATFORM ..................................................................................... 65
EDI Translation........................................................................................................... 65
Web/App/File Transfer Services ................................................................................. 65
Linux/UNIX Capacity Unit ........................................................................................... 65
Linux/UNIX Managed Server ...................................................................................... 66
Service Level Commitment ......................................................................................... 67
Maintenance and Support Windows ........................................................................... 67
Roles and Responsibilities.......................................................................................... 68
STORAGE PLATFORM ............................................................................................... 72
Block-Based Storage Service ..................................................................................... 72
Object-Based Storage Service ................................................................................... 72
Service Level Commitment ......................................................................................... 73
Maintenance and Support Windows ........................................................................... 75
Roles and Responsibilities.......................................................................................... 76
WINDOWS PLATFORM ............................................................................................... 79
Windows Capacity Unit ............................................................................................... 79
Windows Managed Server.......................................................................................... 79
Service Level Commitment ......................................................................................... 80
Maintenance and Support Windows ........................................................................... 83
Roles and Responsibilities.......................................................................................... 84
DIRECT SERVICE OFFERINGS .................................................................................. 89
Disaster Recovery Offering......................................................................................... 89
Security Training ........................................................................................................ 89
Page 3
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
INTRODUCTION
The Agency for State Technology (AST), referred to as the “Service Provider,” operates and maintains the State Data Center (SDC).
The SDC is an Uptime Institute Certified Tier III facility, owned by the State of Florida. The Service Provider provides Customers with
the latest in security, redundancy, and connectivity. To ensure that the SDC operates in a manner consistent with best practices and
effectively utilizes equipment and facilities, the Service Provider offers a standard set of services founded on ITIL, ISO/IEC 20000 and
PMI best practices, designed to add value and support to each Customer’s mission.
This Service Catalog, for Fiscal Year 2017-2018, defines each of the Service Provider’s service offerings and the associated service
boundaries, and is Attachment A to Customers’ Service Level Agreements (SLAs).
Service Management
ISO/IEC 20000 defines “a service” as a means of delivering value for the Customer by facilitating results the Customer wants to achieve.
The Service Provider is focused on our Customers, service, and service management supported by our extensive body of knowledge,
experience, and skill.
Al located Shared Services
The Service Provider’s services are divided into the following service areas:
•
•
•
•
•
•
•
•
•
Page 4
Backup and Recovery Platform
Database Platform
Data Center Facility and Operations
Mainframe Platform
Managed Applications
Network Platform
Open Systems Platform
Storage Platform
Windows Platform
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Direct Services
Direct Services are services that benefit a single Customer only, and cannot be considered a shared or allocated cost. Examples of
Direct Services include services that are not included in the Service Catalog or activities outside the scope of the defined service.
While it is expected that some Customers will have specific process, security, and legislative requirements, it is necessary to
document all Customer specific requirements in the Customer’s Attachment B, (Subscribed Services/Direct Services). Direct
Services are contingent on resource availability, and require advanced notice to be able to schedule adequate resources to handle
the requested out-of-scope work.
Billing
As a full cost recovery organization, no mark-up or profit is added to the charges assessed for services, as is the case with private
sector organizations. The Service Provider will follow the State Data Center Cost-Recovery Methodology described in Rule 74-3.007,
F.A.C. and the requirements of Title 2-Part 200, Code of Federal Regulations (“CFR”) (“Uniform Guidance,” formerly known as
Federal OMB Circular No. A-87 or A-21). Customers are billed based on actual services consumed.
Securit y Events
The Service Provider stands ready to assist with any security event investigation and remediation activity to protect the information
assets of its Customers. Security events that are outside of the scope of the services offered by the Service Provider, or of a failure to
adhere to Service Provider’s standards, will be considered a Direct Service.
Standard Environment
The Service Provider has established enterprise architecture standards for hardware, software, and supporting infrastructure hosted
at the SDC. These standards include, but are not limited to, requirements for operating systems, storage, security, facilities, cabling,
and other elements relating to efficient and effective data center operations. Standards are available for review upon request. All
Service Level Targets regarding availability, continuity, security, and capacity are contingent upon systems complying with the
established architectural standards. Costs related to maintaining Customer-specific End-of-Service-Life (EOSL) hardware or software
that do not meet the standards will be considered a Direct Service.
Page 5
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Dependencies Chart
Page 6
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Glossary of Terms
Term
Definition
Agency for State Technology (AST)
The State of Florida agency charged with ensuring Floridians’ information and access to
government services are protected, increasing government efficiency by continuously
improving information technology services, and protecting the State’s investment in large IT
projects through project assurance.
Active Directory (AD)
A distributed authentication and directory service implemented by Microsoft for Windows
domain networks.
Agreement
A formal document entered into by the Service Provider and the Customer that outlines the
terms and conditions, description of services offered and responsibilities of both parties.
Allocated Shared Service
Service Provider Services shared by participating Customers.
Backup
Copying data to protect against loss of integrity or availability of the original data.
Bandwidth
In networking, bandwidth is a measurement of bit-rate of available or consumed data
communication resources expressed in bits per second or multiples of domain networks.
Block-based Storage
A traditional storage architecture where data is managed as blocks within sectors and tracks
and abstracted by a file system or database management system for use by applications and
end users. Block-based are typically seen where higher I/O requirements are required.
Business Day
The Service Provider’s Business days are defined as Monday through Friday, excluding
applicable holidays. Business hours are 7am EST to 6pm EST, Monday through Friday,
excluding applicable holidays.
The Service Provider’s Hours of Operations are 24 hours per day, 7 days per week, 365 days
per year, including holidays.
Change
The addition, modification, or removal of anything that could have an effect on IT services.
Page 7
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Term
Definition
Change Management
The process responsible for controlling the lifecycle of all changes, enabling beneficial
changes to be made with minimum disruption to IT services.
Configuration Items (CI)
Any element that needs to be managed and controlled in order to ensure the successful
delivery of a service or services. CIs can vary quite a bit. Examples include software elements
such as applications, systems, and modules; and hardware elements such as computers,
tools, equipment, furniture, and buildings. CIs can also include documents such as drawings,
photographs, plans, policies, procedures, manuals, contracts, licenses, and agreements.
Configuration Management Database (CMDB)
A configuration management database stores data about the attributes of configuration items
and the relationships between these items. It is used to control items and to track how they
change throughout their lifecycle.
Customer
The entity that receives services from the Service Provider; the entity that agrees to the terms
of this Agreement.
Customer Information Control Systems (CICS)
A family of application servers and connectors that provides industrial-strength, online
transaction management and connectivity for mission-critical applications.
Customer Resource Forest
The hierarchical Active Directory structure managed by the Service Provider designed to host
managed servers and to segregate network traffic based on security zones.
Database
An organized collection of data.
DB2
A family of database server products that support the relational model or object-relational
features and non-relational structures in a particular encoding document.
Direct Service
Service Provider services that benefit a single Customer only, and cannot be considered a
shared or allocated cost.
Examples of Direct Services include services that are not included in the Service Catalog or
activities outside the scope of the defined service.
Disaster
A natural, man-made, or technological hazard resulting in an event of substantial extent
causing significant physical damage or destruction or drastic change to the environment.
Page 8
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Term
Definition
Exceptions
Exceptions to the standard service (i.e., no backup, administrative access granted, etc.); can
be part of the service request to build the server/service and requires approval from the
Service Provider before being granted.
FICON I/O Channel
A fibre-channel communication protocol designed for IBM mainframe computers and
peripherals.
Information Management System (IMS)
IMS, database and transaction management system.
Incident
An unplanned interruption to an IT service or reduction in the quality of an IT service.
Issue
An important topic or problem for debate or discussion.
Load Balancing
A computer networking method for distributing workloads across multiple computing
resources, such as computers, a computer cluster, network links, central processing units or
disk drives. Load balancing aims to optimize resource use, maximize throughput, minimize
response time, and avoid overload of any one of the resources.
Maintenance Windows
Allotted time in which the Service Provider and the Customer agree that maintenance can be
performed on a Customer’s managed systems that are housed within the State Data Center.
Object-based Storage
Storage architecture that manages data as objects, as opposed to other storage architectures
like file systems which manage data as a file hierarchy and block storage which manages
data as blocks within sectors and tracks. Each object typically includes the data itself, a
variable amount of metadata, and a globally unique identifier. Targeted at lower I/O
unstructured data - and typically less expensive than block-based storage – the Service
Provider’s implementation of object-based storage offers greater namespace scalability,
period snapshot that eliminate the need for the Data Protection service, client-side selfservice file restoration through the native Windows Previous Versions client, and multiprotocol access for development activities, among other benefits.
Operating System (OS)
A collection of software that manages computer hardware resources and provides common
services for computer programs.
Page 9
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Term
Definition
Oracle Database
An object-relational database management system produced and marketed by Oracle
Corporation.
OS Platform Management
Management of the operating system and all associated AST systems that support the
security, management, and infrastructure for the operating system to comply with the desired
configuration standards.
Parties
The Service Provider entity and the Customer entity authorized to agree to, act upon and
abide by the terms of this Agreement.
Patch
A piece of software designed to update a computer program or its supporting data, to fix or
improve it. This includes fixing security vulnerabilities and other bugs, and improving the
usability or performance.
Platform
A group of technologies that are used as a base upon which other applications, processes or
technologies are developed.
RACI
A responsibility assignment matrix (RAM), also known as RACI matrix or linear responsibility
chart, describes the participation by various roles in completing tasks or deliverables for a
business process.
Redundant Array of Independent Disks (RAID)
A data storage technology that combines multiple disk drive components into a logical unit for
the purposes of data redundancy and performance improvement.
Recovery
Returning a configuration item or an IT service to a working state. Recovery of an IT service
often includes recovering data to a known consistent state. After recovery, further steps may
be needed before the IT service can be made available to the users (restoration).
Recovery Point Objective (RPO)
Describes the acceptable amount of data loss measured in time. The RPO is the point in time
to which data must be recovered as defined by the Customer. This is generally a definition of
what a Customer determines is an "acceptable loss" in a disaster situation.
Recovery Time Objective (RTO)
The duration of time and a service level within which a business process must be restored
after a disaster (or disruption) in order to avoid unacceptable consequences associated with a
break in business continuity. It includes the time for trying to fix the problem without a
recovery, the recovery itself, tests and the communication to the users.
Scheduled Availability
The number of minutes in a month minus planned downtime.
Page 10
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Term
Definition
Service
A means of delivering value for the Customer by facilitating results the Customer wants to
achieve.
The term ‘service’ is sometimes used as a synonym for core service, IT service or service
package.
Service Desk
The first point of contact between the Service Provider and the Customer. The Service
Provider’s Service Desk receives Customer incidents, service requests, billing inquiries,
general inquiries and changes.
Service Request
A formal request from the Customer for something to be provided - for example, a request for
information. Service requests may initiate a change request as part of fulfilling the service
request.
Snapshot (storage)
The state of a computer system at a particular point in time. It can refer to an actual copy of
the state of a system or to a capability provided by certain systems.
Storage Area Network (SAN)
A dedicated network that provides access to consolidated, block level storage.
Structured Query Language (SQL)
A special-purpose programming language designed for managing data held in a relational
database management system.
Time Sharing Option (TSO)
Allows creating an interactive session with IBM z operating systems.
Virtualization
The creation of a virtual (rather than actual) version of something, such as an operating
system, a server, storage device, or network resources.
Page 11
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
BACKUP AND RECOVERY PLATFORM
Service Name
Data
Protection
Service
Billable Unit
Billing
Service Targets
Methodology
Estimated Delivery
Time
Service Description
Gigabytes
Written/Month
% of Service
Use
1 business day
(following approval
of service order and
independent of
other services)
Provides backup of protected Customer data
for the purpose of system and data recovery
(not records retention), and data protection
reporting for Customer visibility. The Service
Provider will plan, schedule, and implement
standard backup and recovery
processes. The retention period for backup
data is 6 weeks for scheduled backups. All
backups are retained off-site in a secured
facility, using either encrypted tape transport
services or encrypted data replication.
Restoration for system recovery within the 6week retention timeframe is included in this
service.
95% of scheduled
backup jobs being
serviced by the
Service Provider’s
standard backup
environment will be
successful in a
monthly period
Customers may request additional retention
beyond 6 weeks by subscribing to the Data
Archival Service.
Certain customer-side DNS configurations
are required to utilize this service. These
settings – which include proper host name
and PTR records for reverse lookup – help
to ensure client-backup server security and
enable backups to occur. Customers without
the proper DNS configuration will be notified
by the Service Provider and provided
instructions to remedy the issue. Until DNS
is fully configured, the service level
Page 12
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Service Name
Billable Unit
Billing
Service Targets
Methodology
Estimated Delivery
Time
Service Description
agreements for this service may not be
honored, and systems may be unprotected.
Data
Archi val
Service
Gigabytes
Stored/Month
% of Service
Use
95% of scheduled
archive jobs of
supported
operating systems
will be successful in
a monthly period
1 business day
(following approval
of service order and
independent of
other services)
Provides long-term retention of Customer
data beyond the native six weeks included in
the Data Protection Service (or the native
object-based snapshot retention period) to
meet various compliance or business
requirements. Retention increments are in
periods of 6 months. Archives may take the
form of storage to tape, or cloud-based
storage services.
Restorations will be considered a Direct
Service.
For Fiscal Year 2017-18, all Data Protection
Service customers with jobs currently
scheduled to retain data beyond 6 weeks will
automatically be enrolled in this service. The
default retention will be 18 months, but can
be revised by request through the Service
Provider’s Service Desk.
Service Level Commitment
The Service Provider is committed to meeting 95% success rate for scheduled backup jobs being serviced by the Service Provider’s
standard backup environment in a monthly period.
Page 13
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Note: Interdependencies on other platforms may affect a specific platform’s performance metrics.
Data Protection Service
The Data Protection Service provides scheduled backups of customer data contained within the SDC and on supported managed or
co-lo operating systems within the designated backup window. The Service Provider’s Enterprise Data Protection System has been
architected to separate backup communication from production communication whenever possible to ensure overall system
performance, reliability, and efficiency. Data is retained online for 6 weeks and replicated to an off-site facility within 24 hours.
Systems that cannot meet the backup window due to data volume size or network design limitations will be communicated with the
Customer and options discussed to bring any deficits into compliance in order to protect systems within the standard window.
Customer-managed applications outside of the Service Provider’s service offerings (such as Active Directory, SharePoint, Exchange,
IIS and some databases), may require special backup handling for increased restore granularity or recoverability. Agencies installing
these applications must declare their use so that appropriate backup plans and orchestration can be put in place. While the Service
Provider stands ready to assist with the restoration of any data protected by the Data Protection Service, restoration SLAs for those
specific applications will not be honored in cases where those pre-arrangements have not been made.
Under certain circumstances, the Service Provider may grant exceptions to exclude data from backups. Customers may submit
exception requests by submitting a service request through the Service Provider’s Service Desk or via the Customer’s Portal.
Legacy backup systems will be maintained at best effort and will be migrated to the Service Provider’s standard Data Protection
Service System to ensure continuous improvements in data protection and ensure the highest level of service. Customers with
legacy backup systems protecting remote data outside of the SDC are encouraged to replicate data to systems hosted at the SDC
facility where backup SLAs apply.
Service includes an annual audit and review with the customer of all systems targeted for backup. The Service Provider will conduct
random data restores to validate recoverability, in addition to the daily exercise the backup system receives per routine operations.
All customers will receive daily reports showing backup summary and status, to ensure proper recoverability.
Page 14
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Data Restoration
The Data Protection Service is intended for the purpose of data recovery, not records retention, data archive, or disaster recovery. As
such, the Customer is responsible for any costs associated with data retention beyond what is included in this service.
All data restores will be directed to an alternate, pre-determined restore destination for movement by Customer staff to the originating
file location. Excessive restore requests (defined as greater than ten restore requests per 100 managed servers per month) will be
considered a Direct Service.
Restore requests for data within the standard retention period will be serviced during normal business hours. Request for restores
during the Direct Services Window will be considered a Direct Service. Request for restores during the Direct Services Window must
include an after-hours point of contact name, email address and phone number to validate the completed work.
In addition to the standard information required to open a support incident, all restore requests must include the name of the folder(s)
and/or file(s) to be restored, the file share or host (server) name, and the date the file should be restored to. Time spent by the
Service Provider’s staff to identify, search or locate data without this detail will be considered a Direct Service.
Special Note: Customer entities are cautioned that the Data Protection Service should not be used as an alternative to, or a substitute
for, proper records archiving pursuant to section 257.36, Florida Statutes. The backup of data by the Service Provider is intended to
assist only in recovery from infrastructure failures or human errors. Because backups traditionally utilize a point-in-time technology, it
is not possible to guarantee that records have not been altered or destroyed. Accordingly, the Service Provider cannot guarantee
compliance with applicable records retention requirements of the Department of State’s Division of Library and Information Services.
Public records may be disposed of only in accordance with the Division’s records retention schedules.
Direct Services
Examples of Backup activities that will be a Direct Service to the Customer include:
•
•
Custom job configurations for recurring backups that deviate from the standard retention schedule and any additional
maintenance, tracking, and intervention associated with the non-standard jobs.
Customer requested backups or system snapshots for customer driven events such as major application changes, code
deployments, or other upgrades.
Direct Services are contingent on resource availability. The Service Provider requires advance notice to be able to schedule adequate
resources to handle the requested out-of-scope work.
Page 15
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Data Archival Service
The Data Archival Service provides long-term retention of Customer data beyond the native six weeks included in the Data Protection
Service (or the native object-based snapshot retention period) to meet various compliance or business requirements, and may take
the form of storage to tape, or cloud-based storage services.
Restorations will be considered a Direct Service.
Requests for restores during the Direct Services Window must include an after-hours point of contact name, email address and phone
number to validate the completed work.
In addition to the standard information required to open a support incident, all restore requests must include the name of the folder(s)
and/or file(s) to be restored, the file share or host (server) name, and the date the file should be restored to. Time spent by the
Service Provider’s staff to identify, search or locate data without this detail will be considered a Direct Service.
For Fiscal Year 2017-18, all Data Protection Service customers with jobs currently scheduled to retain data beyond 6 weeks will
automatically be enrolled in this service.
Maintenance and Support Window s
Backup and Recovery Platform support windows are outlined in the tables below.
Maintenance and Support Windows
Page 16
Standard
Times
Time of Occurrence
Description of Maintenance
(normal business days)
Activities to be Performed
Normal
Business
Hours/
Window
Monday through Friday – 7:00
AM – 6:00 PM
Backup technicians are scheduled during
this time to fulfill service requests and
troubleshoot incidents. Priority 3 and 4
issues will be worked within this
window. Priority 1 and 2 issues are also
worked during this window and are
continuously worked until
resolved. Changes may be executed
during this time, following the Service
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Maintenance and Support Windows
Standard
Times
Time of Occurrence
Description of Maintenance
(normal business days)
Activities to be Performed
Provider’s change and release
management processes.
Standard
Maintenance
Window
Business Days:
Direct
Services
Window
Business Days:
7:00 AM – 6:00 PM (ET)
6:00 PM - 7:00 AM (ET)
Normal maintenance, changes, and
system enhancements will be performed
during this time.
Service or change requests initiated by the
Customer during this window will be
considered a Direct Service.
Saturday, Sunday and State
Holidays: All day
Roles and Responsibilities
General roles and responsibilities for this service are defined in the following RACI responsibility matrix below.
1. Responsible (R) - Those who do the work to achieve the task. There is typically one role with a participation type of responsible,
although others can be delegated to assist in the work required.
2. Accountable (A) - (also approver or final approving authority) - The one ultimately answerable for the correct and thorough
completion of the deliverable or task, and the one from whom responsible is delegated the work. In other words, an accountable
must sign off (approve) on work that responsible provides. There must be only one accountable specified for each task or
deliverable.
3. Consulted (C) - (sometimes counsel) - Those whose opinions are sought, typically subject matter experts; and with whom there
is two-way communication. Consultation prior to event/decision typically done through Change Management.
4. Informed (I) - Those who are kept up-to-date on progress, often only on completion of the task or deliverable; and with whom
there is just one-way communication.
Page 17
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Backup and Recovery Platform Functions
Tech
Mgt
Tech
Mgt
1
Inform customer of change requests
C
I
R
A
2
Inform customer of incidents or issues
C
I
R
A
3
Ensure all backup processes are accurately and timely
completed
C
I
R
A
4
Monitor services 24 hours a day x 7 days a week
C
I
R
A
5
Provide offsite replication or media transport of protected
data
C
I
R
A
6
Purchase and maintain all data protection components
and licenses necessary to maintain standard service
CI
RA
7
Provide precise file location (host name, share name, and
file name) for the restore requests
R
A
I
8
Provide customer contact information (name, phone,
email address) for after-hours or high priority restore
requests.
R
A
I
Provide a named individual authorized to grant exception
requests when the alternate restore location is not used
during requested restores
C
RA
I
Conduct annual backup audits
C
I
R
9
10
Page 18
Customer
Service
Provider
A
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
DATABASE PLATFORM
Service
Name
Oracle
Services
Billable Unit
Billing
Service Targets
Methodology (monthly)
Estimated Delivery Time
Service Description
Oracle
Resource Units
(ORU)/Month
% of Service
Use
Oracle Resource Units:
Provides physical database
management of Oracle-based
databases hosted at the SDC or at
selected remote sites. Service
includes installation, configuration,
Oracle database and diagnostics
license maintenance, 24x7
performance monitoring, 24x7
availability monitoring by
Operations and quarterly Oracle
security patch deployment for
supported versions.
Each Oracle
database will be
available 99.5% of
the scheduled
availability in a
monthly period of
the Service
Provider’s database
supporting
infrastructure
(network, servers).
Actual scheduled
availability (minutes)
minus reported
downtime (minutes)
divided by
scheduled
availability
(minutes).
Delivery time for Oracle
Resource Unit changes is 2
business days. Delivery
time is dependent on an
available maintenance
window for the server in
addition to CPU/Memory
/Storage resource and
Oracle license availability
(following approval of
service order and
independent of other
services).
New Oracle Instance:
Delivery time for a new
Oracle Instance on an
existing AST Managed
Server is 5 business days
(following approval of
service order and
independent of other
services). This time does
Page 19
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Service
Name
Billable Unit
Billing
Service Targets
Methodology (monthly)
Estimated Delivery Time
Service Description
not include build time for an
Open Systems Server.
Oracle
Storage
Service
Maximum
Gigabytes
Utilized per
Month
% of Service
Use
Storage for each
Oracle database will
be available 99.5%
of the scheduled
availability in a
monthly period of
the Service
Provider’s
supporting
infrastructure
(network, servers,
SAN arrays, Fiber
Channel switches).
Actual scheduled
availability will be
reported within the
Database
Performance Metric.
Page 20
2 business days (following
approval of service order
and independent of other
services).
Delivery time will be
dependent on an available
maintenance window for the
server in addition to
CPU/Memory/Storage
resource and Oracle license
availability.
Provides management of the
underlying ASM and filesystembased storage environments
servicing Oracle databases hosted
at the SDC or at selected remote
sites. Service includes 24x7
performance monitoring, 24x7
availability monitoring, and
quarterly Oracle security patch
deployment for supported versions.
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Service
Name
DB2 For
LUW
(UDB)
Services
Billable Unit
Billing
Service Targets
Methodology (monthly)
Processor Value % of Service
Unit (PVU per
Use
month)
Each DB2 For LUW
database will be
available 99.5% of
the scheduled
availability in a
monthly period of
the Service
Provider’s database
supporting
infrastructure
(network, servers).
Estimated Delivery Time
Service Description
5 business days (following
approval of service order
and independent of other
services).
This time does not include
the build time for an Open
Systems server.
Provides physical database
management of DB2 for LUWbased databases (UDB) hosted at
the SDC or at select remote sites.
Service includes installation,
configuration, DB2 for LUW (UDB)
database and diagnostics license
maintenance, 24x7 performance
monitoring, 24x7 availability
monitoring by Operations and
scheduled DB2 for LUW (UDB)
security patch deployment
coordinated with Customers.
5 business days (following
approval of service order
and independent of other
services).
Provides physical database
management of Customer SQL
Server database instances residing
on servers located at the SDC or at
select remote sites. Service
includes installation, configuration,
SQL backup job management, and
Actual scheduled
availability (minutes)
minus reported
downtime (minutes)
divided by
scheduled
availability
(minutes).
SQL
Managed
Instance
Instances/Month % of Service
Use
Each SQL instance
will be available
99.5% of the
scheduled
availability in a
monthly period of
the Service
Page 21
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Service
Name
Billable Unit
Billing
Service Targets
Methodology (monthly)
Estimated Delivery Time
Provider’s database
supporting
infrastructure
(network, servers).
Service Description
24x7 monitoring and quarterly
Service Pack security patch
deployment coordinated with
Customers for supported versions.
Actual scheduled
availability (minutes)
minus reported
downtime (minutes)
divided by
scheduled
availability
(minutes).
SQL
Capacit y
Unit
Page 22
Capacity Units
(CU)/Month
% of Service
Use
This service was
born out a need for
cost allocation and
is not a measurable
service.
3 business days (following
approval of service order
and independent of other
services). Adding or
removing capacity units may
require a server reboot.
Delivery time for these
changes will be dependent
on an availability
maintenance window for the
server.
Provides processing capacity as
required to support the associated
SQL Managed Instance. SQL
Capacity Units are sold in
quantities of processing power,
specifically gigabytes of RAM and
GHz of CPU. The capacity unit
count for a SQL server is equal to
the Windows Capacity Unit for the
hosting of Windows Managed
Server.
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
SQL Capacity Unit Matrix
Below is a table describing how SQL capacity units are applied and who is responsible for providing funding for the appropriate SQL license.
AST is the owner of all SQL licenses. The Service Provider provides the funding when it is a shared service; the Customer provides the
funding when the request is deemed to be a direct charge.
Lifecycle Stage
SQL Version
License Type
Funding for License
Provided By
License
Owned and
Managed By
Provider
Capacity Units
Applied
Physical
Machine
Physical
Machine
NonProduction
NonProduction
SQL 2014 and
newer
SQL 2012 and older
Developer Edition
Provider
Minimum license
required to
perform
necessary
functions
Customer
Customer
(MSDN)
Y
Physical
Machine
Production
All Versions
Minimum license
required to
perform
necessary
functions
Customer
Provider
Y
Virtual Machine
NonProduction
NonProduction
SQL 2014 and
newer
SQL 2012 and older
Developer Edition
Provider
Provider
N
Minimum license
required to
perform
necessary
functions
Customer
Customer
(MSDN)
Y
Production
All Versions
Enterprise Edition
Provider
Provider
Y
Platform
Virtual Machine
Virtual Machine
N
Page 23
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Service Level Commitment
Oracle, DB2 for LUW (UDB) and SQL Services – Excluding scheduled maintenance time for each database or instance and all
infrastructure services required to support each database or instance, the service will be available 99.5% of the scheduled time. This
is scheduled availability. Service will comply with the Service Provider’s change and release management processes, which include
client notification.
Note: Interdependencies on other platforms may affect a specific platform’s performance metrics.
Oracle Service
The Oracle Services consists of Customer Oracle databases residing on servers located at the Service Provider’s facility or at select
remote sites, managed at the database level, and includes applying Oracle security patches received quarterly from Oracle for
supported versions.
This service provides for the use of a fully managed dedicated Oracle database. Each Oracle database requires the Oracle Storage
Service in support of the Oracle database. Service includes physical database management; logical database management is available
based on staff availability.
Physical database management and support includes:
1. Physical administration of database objects (e.g., creation of a database, creating and dropping table space, etc.).
2. Database software installation and implementation.
3. Database migration (upgrades) to supported database versions (coordinated with the Customers).
4. Application of database software patches and vulnerability scanning.
5. Maintenance of the database tuning parameters.
6. Database instance backup and recovery.
7. Management of the database administrative rights (coordinated with the Customers).
8. System level inter-database connectivity.
9. 24/7/365 on-call support for production environment.
10. 24/7/365 database monitoring.
11. Database license management.
Oracle Database Licensing
Appropriate Oracle licensing is required for this service. Licenses may be transferred from the Customer to the Service Provider or
purchased by the Service Provider on the Customer’s behalf. The Oracle Database Service includes maintenance costs for the Oracle
Database and Diagnostic Pack licenses, but not other Oracle database licenses. All new Oracle database licenses and maintenance
Page 24
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
cost for licenses other than those included in the service will be considered Direct Services. In addition, the Oracle Database Service
does not include any costs for extended lifecycle maintenance. Customers requiring extended maintenance must contract for such
through the Service Provider and will be assessed direct costs.
Oracle Storage Service
Oracle Storage Services consists of Oracle ASM instances and filesystem resources residing on servers located at the Service
Provider’s facility or at select remote sites, managed at the ASM instance or database level. This service includes applying Oracle
security patches received quarterly from Oracle, for supported versions of ASM.
This service provides storage resources for dedicated Oracle databases. Each Oracle database requires the Oracle Storage Service
in support of the Oracle database.
Physical ASM/GI instance and filesystem management and support includes:
1. Physical administration of ASM instance and storage objects (e.g., creation of an ASM instance, creating and dropping table
space, etc.).
2. ASM/GI software installation and implementation.
3. 24/7/365 on-call support for production environment.
4. 24/7/365 ASM instance and filesystem monitoring.
5. ASM license management.
Oracle Storage Licensing
Appropriate Oracle licensing is required for this service. Licenses may be transferred from the Customer to the Service Provider or
purchased by the Service Provider on the Customer’s behalf.
SQL Managed Instance
The SQL Managed Instance consists of Customer SQL Server database instances residing on servers located at the Service Provider’s
facility or at a select remote site. Multiple customer databases may be provisioned in a single SQL instance.
This service provides for the use of a fully managed dedicated Microsoft SQL Server instance. SQL Server instance requires Windows
Managed Server, Windows Managed Server Capacity Unit, SQL Capacity Unit, Network Unit, Storage and Data Protection services in
support of the SQL Managed Instance.
Page 25
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
1. Physical administration of SQL Server.
2. SQL Server software installation and implementation.
3. SQL Server migration (upgrades) to supported SQL Server versions (coordinated with the Customers).
4. Application of SQL Server software patches and vulnerability scanning.
5. Maintenance of the instance parameters.
6. SQL Server backup and recovery.
7. Management of the SQL Server administrative rights (coordinated with the Customers).
8. System level inter-database connectivity.
9. 24/7/365 on-call support for production environment.
10. 24/7/365 SQL Server monitoring.
11. SQL Server license management.
12. SQL Server licenses when the server is hosted within the Service Provider’s enterprise virtual infrastructure.
13. Logical database support when resources are available and when requested by the Customer via a service request and will be
considered a Direct Service.
SQL Server Licensing
Appropriate SQL licensing is required for the SQL Managed Instance service, and is generally included with the SQL Capacity Unit
charge. Licenses may be transferred from the Customer to the Service Provider or purchased by the Service Provider on the
Customer’s behalf. Legacy SQL instances transferred to the Service Provider are supported within the constraints of the SQL Server
license restrictions in effect at time of transfer to the Service Provider. Customers who utilized CALs with any transferred license must
continue to pay for support of those CALs. Customers who purchased Software Assurance must transfer those contracts to the Service
Provider for consolidation and payment. Customers wishing to maintain Software Assurance for SQL instances will be considered a
Direct Service, unless the database instance is provisioned within the shared enterprise SQL environment. In addition, Customers must
continue to maintain license compliance for their internal SQL developers. This is typically handled with SQL developer licenses, which
are often covered via Visual Studio licenses or MSDN memberships.
SQL licenses for new production servers are included in the cost of SQL Capacity Units, assuming the server is hosted within the
Service Provider’s enterprise virtual infrastructure. These licenses include the latest versions of Microsoft SQL Enterprise Edition.
Customers utilizing standalone physical servers must continue to provide appropriate licensing. Licensing at disaster recovery sites
must be discussed and negotiated during disaster recovery planning.
Page 26
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
DB2 for LUW (UDB) Service
DB2 for LUW Services consists of Customer DB2 for LUW databases residing on servers located at the Service Provider’s facility or
at select remote sites. Managed at the database level, this service includes applying DB2 for LUW security patches on vendor
supported versions of the software.
This service provides for the use of a fully managed dedicated DB2 for LUW database. Each DB2 for LUW database requires managed
server, capacity unit, network connectivity, storage and backup services in support of the DB2 for LUW database. Service includes
physical database management; logical database management is available based on staff availability and will be considered a Direct
Service.
Physical database management and support includes:
1. Physical administration of database objects (e.g. creation of a database, creating and dropping tablespace, etc.).
2. Database software installation and implementation.
3. Database migration (upgrades) to supported database versions (coordinated with the Customers).
4. Application of database software patches and vulnerability review scanning.
5. Maintenance of the database configuration parameters.
6. Database system performance tuning.
7. Database instance backup and recovery.
8. Management of the database administrative rights (coordinated with the Customers).
9. System level inter-database connectivity.
10. 24/7/365 on-call support for production environment.
11. 24/7/365 database monitoring.
12. Database license management.
DB2 for LUW Database Licensing
Appropriate DB2 for LUW licensing is required for this service. Licenses may be transferred from the Customer to the Service Provider
or purchased by the Service Provider on the Customer’s behalf. The DB2 for LUW Database Service includes the maintenance costs
for the DB2 for LUW Database license. All new DB2 for LUW database licenses and maintenance cost for licenses other than those
included in the service and will be considered a Direct Service. In addition, the DB2 for LUW database service does not include any
costs for extended lifecycle maintenance. Customers requiring extended maintenance must contract those services through the Service
Provider and will be assessed direct costs.
Page 27
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Maintenance and Support Window s
Database Platform support windows are outlined in the tables below.
Maintenance and Support Windows
Windows
Time of Occurrence
Description of Activities to be
Performed
Normal
Business
Hours/
Window
Monday through Friday – 7:00
AM – 6:00 PM
Database technicians are scheduled
during this time to fulfill service requests
and troubleshoot incidents. Priority 3 and 4
issues will be worked within this
window. Priority 1 and 2 issues are also
worked during this window and are
continuously worked until
resolved. Changes may be executed
during this time, following the Service
Provider’s change and release
management processes.
Standard
Maintenance
Window
Business Days: Monday - Friday
Normal maintenance, changes and system
enhancements will be performed during
this time.
Direct
Services
Window
Business Days: Monday - Friday
6:00 PM – Midnight (ET)
6:00 PM - 7:00 AM (ET)
Saturday, Sunday and State
Holidays: All day
Page 28
Service or change requests initiated by the
Customer during this window will be
considered a Direct Service.
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Roles and Responsibilities
General roles and responsibilities for this service are defined in the RACI responsibility matrix below.
1. Responsible (R) - Those who do the work to achieve the task. There is typically one role with a participation type of responsible,
although others can be delegated to assist in the work required.
2. Accountable (A) - (also approver or final approving authority) - The one ultimately answerable for the correct and thorough
completion of the deliverable or task and the one from whom responsible is delegated the work. In other words, an accountable
must sign off (approve) on work that responsible provides. There must be only one accountable specified for each task or
deliverable.
3. Consulted (C) - (sometimes counsel) - Those whose opinions are sought, typically subject matter experts; and with whom there is
two-way communication. Consultation prior to event/decision typically done through change management.
4. Informed (I) - Those who are kept up-to-date on progress, often only on completion of the task or deliverable; and with whom there
is just one-way communication.
Database Platform Functions
Customer
Service
Provider
Tech
Mgt
Tech
Mgt
1
DB2 for
LUW,
SQL,
Oracle
Install and maintain database system
software.
C
C
R
A
2
Oracle,
Oracle
Storage
Create database instances/tablespace.
C
C
R
A
3
SQL,
DB2 for
LUW
Create instances/databases.
C
C
R
A
Page 29
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Database Platform Functions
Page 30
Customer
Tech
Mgt
Service
Provider
Tech
Mgt
R
A
4
DB2 for
LUW,
Oracle
Create user level objects.
R
A
5
SQL,
DB2 for
LUW
Create database level objects.
R
A
6
DB2 for
LUW,
Oracle
Storage
Provide storage/tablespace management.
I
7
DB2 for
LUW,
SQL,
Oracle
Backup databases.
C
I
R
A
8
DB2 for
LUW,
SQL,
Oracle
Restore database.
A
I
R
I
9
DB2 for
LUW,
SQL,
Oracle
Perform database imports/exports.
R
A
C
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Database Platform Functions
Customer
Service
Provider
Tech
Mgt
Tech
Mgt
10
DB2 for
LUW,
SQL,
Oracle
Maintain instance and database availability.
C
C
R
A
11
Oracle
Storage
Maintain ASM instance.
C
C
R
A
DB2 for
LUW,
SQL,
Oracle
Monitor instance, database performance
and log.
I
I
R
A
DB2 for
LUW,
SQL,
Oracle
Implement SQL and application
performance tuning.
R
A
13
DB2 for
LUW,
SQL,
Oracle
Provide physical database security.
C
I
R
A
14
SQL,
Oracle
Provide and monitor instance privilege
management.
I
I
R
A
12
Page 31
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Database Platform Functions
Page 32
Customer
Service
Provider
Tech
Mgt
Tech
Mgt
R
A
15
DB2 for
LUW
Provide and monitor database privilege
management.
I
I
16
DB2 for
LUW,
SQL,
Oracle
Manage application and user security.
R
A
17
DB2 for
LUW,
SQL,
Oracle
Manage database replication.
C
A
R
C
18
DB2 for
LUW,
SQL,
Oracle,
Oracle
Storage
Migrate/upgrade database.
C
C
R
A
19
DB2 for
LUW,
SQL,
Oracle
Validate database migration/upgrade.
R
A
C
I
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Database Platform Functions
Customer
Tech
20
DB2 for
LUW,
SQL,
Oracle
Manage physical instance/database related
job scheduling.
21
DB2 for
LUW,
SQL,
Oracle
Manage application related job scheduling.
22
DB2 for
LUW,
SQL,
Oracle
23
24
Mgt
C
Service
Provider
Tech
Mgt
R
A
R
A
I
Manage business capacity planning.
R
A
C
I
DB2 for
LUW,
SQL,
Oracle
Provide data modeling.
R
A
DB2 for
LUW,
SQL,
Oracle
Manage user accounts.
R
A
C
C
Page 33
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Database Platform Functions
25
Page 34
DB2 for
LUW,
SQL,
Oracle
Provide license management and
compliance.
Customer
Service
Provider
Tech
Mgt
Tech
Mgt
I
C
R
A
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
DATA CENTER FACILITY AND OPERATIONS
Service Name
Billable Unit
Billing
Service Targets
Methodology
Estimated
Delivery Time
Service Description
Circuit/Month
% of Service
Use
99.9% facility
uptime in a monthly
period
Provides electrical circuits for requirements that
exceed the standard number of circuits provided
for cabinets or rack mount installs. Standard
single cabinets include 1 - 30 Amp - 208V (2)
pole circuit, and standard rack mounts include 2
power strip receptacles (1 primary and 1
backup) within the cabinet. If redundant power is
requested or required by the Customer, the
Customer will be responsible for the installation
cost of the new circuit(s). Circuits are monitored
for current, voltage and power.
Tile/Month
% of Service
Use
99.9% facility
uptime in a monthly
period
1U/Month
% of Service
Use
99.9% facility
uptime in a monthly
period
For Standard
Electrical
Service – 5
business days
(after receipt of
the installation
form). Nonstandard
requests may
require
additional
delivery time for
special order
parts.
10 business
days for
installation (after
receipt of the
installation
form).
10 business
days for
installation (after
receipt of the
installation
form).
Additional
Electrical
Circuit
(Colocation
service)
Floor Tiles
(Colocation
service)
Rack
Mounts
(Colocation
service)
Provides a physically secured footprint for
Customer owned cabinets within the SDC that
includes under floor cable management, power
(cabinets should not exceed 1.25 kW per tile),
HVAC, and is monitored 24x7x365. A floor tile is
a 2' x 2' tile used as the unit of measure.
Provides a physically secured 19" standard
cabinet for Customer owned equipment within
the SDC. The standard rack mount unit
measurement is 1 Rack Unit = 1U or 1.75".
Page 35
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Service Name
Scheduling
Services
Billable Unit
Billing
Service Targets
Methodology
Estimated
Delivery Time
Service Description
Labor
Hour/Month
Hour
Production
Region
requests: 1 hour
turnaround.
Test Region
requests: 4 hour
turnaround. This
is during normal
business hours,
for both
production and
test regions
(following
approval of
service order
and independent
of other
services).
Provides administration and support of workload
scheduling and batch activity. Included are Job
Control Language (JCL) documentation review
for job compliancy, correctness, and accuracy to
ensure jobs sustain production ready status.
Planned implementation, upgrades, and
installations to support workload scheduling are
also in-scope for this service.
Customer’s
Scheduling
Services will be
available at least
99.5% of scheduled
availability in a
monthly period.
In-Scope Scheduling Services
• Automated change management (aka: mainframe code turnover) administration & support
• On-Request change management & on-request workload scheduling
• Automated workload scheduling administration, support, forecasting, and reporting
• On-Request forecasting and reporting
• Automated output management, archive and retrieval administration, and support
• Job Documentation and JCL comment block reviews and compliancy
• Special Event monitoring, preparation and handling
• JCL variable complication, testing, variable substitutions, date formula testing and implementation
• Supported product training and support
• Monthly SLA metrics performance reviews & reporting
Page 36
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Additional In-Scope Services:
• 2nd tier On-call support
•
Consulting support
•
Support/participate in weekend application implementations, upgrades and installs
•
Participate in new product/software evaluations & testing of software changes
•
Decommissioning of obsolete jobs, tasks, members, or other components where authorized
Remote Hands is available only via separate, signed agreement between the Customer and the Service Provider as part of the SLA.
This must be included in the Direct Services (Attachment B) section of the SLA.
Service Level Commitment
The Service Provider is committed to meeting a minimum uptime of 99.9% for the Data Center Facility and Operations services.
Reference the individual service definitions above for service availability.
Note: Interdependencies on other platforms may affect a specific platform’s performance metrics.
Maintenance and Support Window s
Data Center Facility and Operations maintenance is performed as needed.
Roles and Responsibilities
General roles and responsibilities for this service are defined in the following RACI responsibility matrix below.
1. Responsible (R) - Those who do the work to achieve the task. There is typically one role with a participation type of responsible,
although others can be delegated to assist in the work required.
2. Accountable (A) - (also approver or final approving authority) - The one ultimately answerable for the correct and thorough
completion of the deliverable or task, and the one from whom responsible is delegated the work. In other words, an accountable
must sign off (approve) on work that responsible provides. There must be only one accountable specified for each task or
deliverable.
Page 37
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
3. Consulted (C) - (sometimes counsel) - Those whose opinions are sought, typically subject matter experts; and with whom there is
two-way communication. Consultation prior to event/decision typically done through change management.
4. Informed (I) - Those who are kept up-to-date on progress, often only on completion of the task or deliverable; and with whom there
is just one-way communication.
Data Center Facility and Operations Functions
Customer
Tech
Page 38
Mgt
Service
Provider
Tech
Mgt
1
Co-Location
Continuously review and evaluate security
procedures
R
A
2
Co-Location
Monitor all areas of the SDC 24 hours a day
R
A
3
Co-Location
Authorize identified persons with access to
computer room before admission
R
A
4
Co-Location
Verify that all cabinets within the computer room
are locked when not being accessed
R
A
5
Co-Location
Ensure a staff member is assigned to receive and
inspect any equipment received
R
A
6
Co-Location
Assign SDC staff for cleaning all secure areas of
the facility
R
A
7
Co-Location
Ensure only authorized personnel access restricted
areas
R
A
8
Co-Location
Ensure redundant facility components through tests
R
A
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Data Center Facility and Operations Functions
Customer
Tech
Mgt
Service
Provider
Tech
Mgt
The following criteria are required for each visitor
before entering the computer room:
9
Co-Location
10
Co-Location
11
Co-Location
•
Have proper written authorization from
their organization for access and have a
security record and photo identification on
file.
•
Provide proper photo identification.
Ensure all visitors will be escorted within the SDC,
unless they have passed the Service Provider CJIS
compliant background check.
Notify the Service Provider’s Operations staff of
deliveries.
R
R
A
R
A
R
A
A
Submit proper forms (as identified) for equipment
installation, removal, and changes:
•
12
Co-Location
•
•
Equipment Installation Request Document
(Attachment 1) must be completed and
returned to Operations staff before any
equipment is brought into the facility. This
includes the delivery of equipment. If all
required information is not provided, the
installation of Customer equipment may
be delayed.
Equipment Removal / Transfer document
(Attachment 2) before any equipment is
removed from the facility
Submit CSA form to SUNCOM for SDC
ports to be installed and when equipment
is removed
R
Page 39
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Data Center Facility and Operations Functions
Customer
Service
Provider
Tech
Mgt
Tech
R
13
Co-Location
Ensure all hardware for installation is accurately
inventoried
R
A
14
Co-Location
Provide and install the hardware for the rack mount
R
A
15
Co-Location
Provide a staff list requiring access to the
equipment
R
A
Mgt
I
Follow OP119 – State Data Center Standards &
OP124 - Computer Room Operational Guidelines
16
Co-Location
17
Scheduling
Scheduling
18
Scheduling
19
20
Page 40
Scheduling
Adhere to all Computer Room Operational
Guidelines. Failure to comply with the Guidelines
may lead to termination of this Agreement and the
subsequent removal of Customer equipment at the
SDC. Compliance with Computer Room
Operational Guidelines is determined at the
discretion of the SDC Manager.
R
A
Continuously review and evaluate Scheduling
Services Group related security procedures
R
A
Monitor all areas of the workload scheduling
platforms from 7:00am to 6:00 pm daily. On call is
available during non-business hours.
R
A
Ensure all electronic production documentation is
submitted to Service Provider’s Scheduling
Services Group and kept up-to-date
Ensure all hardcopy production documents or
documentation are stored properly at day’s end
R
R
A
C
R
A
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Data Center Facility and Operations Functions
Scheduling
21
22
23
24
Ensure production work requests are production
ready prior to submitting to the Services Provider’s
Service Desk
Customer
Tech
Mgt
R
A
Service
Provider
Tech
Mgt
Scheduling
Ensure production work requests are quality
checked and processed in a timely manner
R
A
Scheduling
Ensure only authorized personnel access restricted
areas
R
A
Scheduling
Ensure same day production must go work is
received by established cutoff time of 3:00 pm EST.
R
A
Scheduling
Ensure all outages that impact production batch
processing work is documented, scheduled and
approved through change management, well in
advance, unless an emergency occurs.
R
A
R
A
25
Scheduling
Follow the Scheduling Services requirements:
1.
26
2.
3.
Provide proper scheduling services
authorization established and documented
at Service Provider’s Information
Technology Service Management (ITSM)
tool
Provide job, program and or component
security accesses completed prior to
production implementation
Be prepared to direct their production
processes at all times
Page 41
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Data Center Facility and Operations Functions
Customer
Tech
Mgt
Service
Provider
Tech
All visitors will be escorted unless they have
successfully completed the CJIS compliant
background check.
27
Scheduling
Submit properly completed forms so all production
work can be processed without conflicts or delays.
R
A
Scheduling
Ensure all obsolete tasks, members, or other
components are removed from the production
environment
R
A
Ensure all critical job runs for same day processing
is called into the Service Provider’s Service Desk
and clearly marked on the electronic work order
form.
R
A
Ensure a list of authorized persons or liaisons is
submitted to the Service Provider’s Service Desk
and is kept up-to-date
R
A
R
A
Ensure all calendar run and no-run dates are
provided at least one month in advance for every
month
R
A
All production JCL changes (including overrides)
shall be made by the Customer’s development
staff.
R
A
28
Scheduling
29
Scheduling
30
Scheduling
31
Failure to comply with the Guidelines may lead to
escalation to upper management for resolution.
Scheduling
32
Scheduling
33
Page 42
Follow Scheduling Services Group Operational
Guidelines – As stated above.
R
Mgt
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Data Center Facility and Operations Functions
Customer
Tech
Mgt
All production code moves made outside of the
standardized scheduling tool shall be made by the
Customer’s development staff.
R
A
Manage and monitor all batch job processing run
outside of the standardized scheduling tool for the
entirety of the job flow.
R
A
Scheduling
Perform all job output restores.
R
A
Scheduling
Manage cataloguing/un-cataloguing tapes and
dataset spooling.
R
A
38
Scheduling
Act as the project leader or manager for their
internal customer processes.
R
A
39
Scheduling
Diagnose all problems related to their applications.
R
A
Scheduling
34
Scheduling
35
36
37
Service
Provider
Tech
Mgt
Page 43
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
MAINFRAME PLATFORM
Service Name
Billable
Unit
z/OS
Processing
IBM
Resource
Units/
Month
Billing
Method
ology
% of
Service
Use
Service Targets
Estimated Delivery
Time
Service Description
Mainframe
Platform will be
available 99.5%
of the availability
in a monthly
period.
Adding an additional
LPAR will take 14 days
(following approval of
service request and
independent of other
services). Changes to
an existing LPAR will
take 2 days. Changes
to an LPAR requiring
an IPL will be
implemented in the
next maintenance
window. Changes
requiring a Power On
Reset will be done at a
date agreed upon by
all customers residing
on the machine since
those changes affect
all customers.
Dependent on the
availability of existing
mainframe platform
compute, storage or
licensing capacity.
Provides mainframe system resources for batch, TSO
and other basic services. Includes batch process
monitoring for automated jobs that can be executed
with minimal human interaction. The Service Provider
provides monitoring, troubleshooting system level
issues, routine maintenance and configuration of
operating system level software.
Actual
scheduled
availability
(minutes
scheduled)
minus reported
downtime
(minutes)
divided by
scheduled
availability
(minutes).
Backup/Virtual
Storage
Page 44
Gigabyte/
Month
% of
Service
Use
99.5% of system
backups will run
successfully on
schedule in a
monthly period.
Adding or
changing backups
will take 1
business day
(following approval
of service request
and independent
of other services).
Dependent on the
availability of
Provides management and proactive monitoring of
the virtual tape subsystem environment used for
mainframe data backup. In addition, this service
includes the movement of tape media containing the
backup data to the designated off-site vaulting facility.
Customer mainframe system backups (full and
incremental) are scheduled based on criteria specified
in the SLA.
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Service Name
Billable
Unit
Billing
Method
ology
Service Targets
Estimated Delivery
Time
Service Description
existing mainframe
platform compute,
storage or
licensing capacity.
CICS
Processing
DB2
Processing
IBM
Resource
Units/
Month
IBM
Resource
Units/
Month
% of
Service
Use
% of
Service
Use
CICS application
regions will be
available 99.5%
of the scheduled
availability in a
monthly period.
Actual
scheduled
availability
(minutes) minus
reported
downtime
(minutes)
divided by
scheduled
availability
(minutes).
DB2 databases
will be available
99.5% of the
scheduled
availability in a
monthly period.
Changes to CICS
regions will take 1
business day
(following approval
of service request
and independent
of other services).
Dependent on the
availability of
existing mainframe
platform compute,
storage or
licensing capacity.
Provides IBM - CICS subsystem(s) and IBM - CICS
transaction manager software for Customer
applications. CICS offers advanced recovery options
and ensures that transactions are rolled back
appropriately when they fail. CICS related software is
included in this service. This service consists of
monitoring, troubleshooting system level issues,
routine maintenance and configuration of CICS and
related software.
Changes to DB2
regions will take 1
business day
(following approval
of service request
and independent
of other services).
Provides IBM - DB2 database subsystem(s) for
Customer applications. All DB2 related software
hosted in the Service Provider’s mainframe
environment is included in this service. This service
consists of monitoring, troubleshooting system level
Page 45
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Service Name
DCF DB2
Processing
Billable
Unit
Actual
Cost/
Month
Billing
Method
ology
Direct
Cost
Service Targets
Estimated Delivery
Time
Service Description
Actual
scheduled
availability
(minutes) minus
reported
downtime
(minutes)
divided by
scheduled
availability
(minutes).
DB2 databases
will be available
99.5% of the
scheduled
availability in a
monthly period.
Dependent on the
availability of
existing mainframe
platform compute,
storage or
licensing capacity.
issues, routine maintenance and system configuration
of DB2 and related software.
Changes to DB2
regions will take 1
business day
(following approval
of service request
and independent
of other services).
Dependent on the
availability of
existing mainframe
platform compute,
storage or
licensing capacity.
Provides IBM - DB2 database subsystem(s) for
Customer applications. All DB2 related software
hosted in the Service Provider’s mainframe
environment is included in this service. This service
consists of monitoring, troubleshooting system level
issues, routine maintenance and system configuration
of DB2 and related software.
Actual
scheduled
availability
(minutes) minus
reported
downtime
(minutes)
divided by
scheduled
availability
(minutes).
Page 46
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Service Name
DCF IMS
Processing
Billable
Unit
Actual
Cost/
Month
Billing
Method
ology
Direct
Cost
Service Targets
Estimated Delivery
Time
Service Description
IMS databases
will be available
99.5% of the
scheduled
availability in a
monthly period.
Changes to IMS
regions will take 1
business day
(following approval
of service request
and independent
of other services).
Dependent on the
availability of
existing mainframe
platform compute,
storage or
licensing capacity.
Provides IBM - IMS database subsystem(s) for
Customer applications. All IMS DB/TM related
software hosted in the Service Provider’s mainframe
environment is included in this service.
Adding or deleting
volumes or
changes to
Automatic Class
Selection (ACS)
Provides management of storage resources to ensure
needed capacity is available for Customer use.
Consists of monitoring available capacity, adding new
storage when needed, routine maintenance and
IMS application
regions will be
available 99.5%
of the scheduled
availability in a
monthly period.
DCF Storage
Actual
Cost/
Month
Direct
Cost
Actual
scheduled
availability
(minutes) minus
reported
downtime
(minutes)
divided by
scheduled
availability
(minutes).
Mainframe
storage will be
available 99.5%
of the scheduled
This service consists of monitoring, troubleshooting
system level issues, routine maintenance and system
configuration of IMS and related software.
Page 47
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Service Name
DCF z/OS
Processing
Billable
Unit
Actual
Cost/
Month
Billing
Method
ology
Direct
Cost
Service Targets
Estimated Delivery
Time
Service Description
availability in a
monthly period.
routines will take 1
business day
(following approval
of service request
and independent
of other services).
Dependent on the
availability of
existing mainframe
platform compute,
storage or
licensing capacity.
configuration of storage software, and catalog
maintenance.
Adding an additional
LPAR will take 14 days
(following approval of
service request and
independent of other
services). Changes to
an existing LPAR will
take 2 days (following
approval of service
request and
independent of other
services). Changes to
an LPAR requiring an
IPL will be
implemented in the
next maintenance
window. Changes
requiring a Power On
Reset will be done at a
Provides mainframe system resources for batch, TSO
and other basic services. Includes batch process
monitoring for automated jobs that can be executed
with minimal human interaction. The Service Provider
provides monitoring, troubleshooting system level
issues, routine maintenance and configuration of
operating system level software.
Actual
scheduled
availability
(minutes) minus
reported
downtime
(minutes)
divided by
scheduled
availability
(minutes) in a
monthly period.
z/OS processing
will be available
99.5% of the
scheduled
availability in a
monthly period.
Actual
scheduled
availability
(minutes) minus
reported
downtime
(minutes)
divided by
scheduled
Page 48
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Service Name
Storage
Billable
Unit
Gigabyte/
Month
Billing
Method
ology
% of
Service
Use
Service Targets
Estimated Delivery
Time
availability
(minutes).
date agreed upon by
all customers residing
on the machine since
those changes affect
all customers.
Dependent on the
availability of existing
mainframe platform
compute, storage or
licensing capacity.
Mainframe
storage will be
available 99.5%
of the scheduled
availability in a
monthly period.
Adding or deleting
volumes or
changes to
Automatic Class
Selection (ACS)
routines will take 1
business day
(following approval
of service request
and independent
of other services).
Dependent on the
availability of
existing mainframe
platform compute,
storage or
licensing capacity.
Actual scheduled
availability
(minutes) minus
reported
downtime
(minutes) divided
by scheduled
availability
(minutes).
Service Description
Provides management of storage resources to ensure
needed capacity is available for Customer use.
Consists of monitoring available capacity, adding new
storage when needed, routine maintenance and
configuration of storage software, and catalog
maintenance.
Page 49
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Service Level Commitment
The Service Provider is committed to meeting a minimum uptime of 99.5% for the Mainframe Platform. Reference the individual service
definitions above for service availability.
Note: Interdependencies on other platforms may affect a specific platform’s performance metrics.
Maintenance and Support Window s
Mainframe Maintenance and Support Windows are performed as needed on a Customer-specific basis.
Roles and Responsibilities
General roles and responsibilities for this service are defined in the following RACI responsibility matrix below.
1. Responsible (R) - Those who do the work to achieve the task. There is typically one role with a participation type of responsible,
although others can be delegated to assist in the work required.
2. Accountable (A) - (also approver or final approving authority) - The one ultimately answerable for the correct and thorough
completion of the deliverable or task, and the one from whom responsible is delegated the work. In other words, an accountable
must sign off (approve) on work that responsible provides. There must be only one accountable specified for each task or
deliverable.
3. Consulted (C) - (sometimes counsel) - Those whose opinions are sought, typically subject matter experts; and with whom there is
two-way communication. Consultation prior to event/decision typically done through change management.
4. Informed (I) - Those who are kept up-to-date on progress, often only on completion of the task or deliverable; and with whom there
is just one-way communication.
Mainframe Platform Functions
Customer
Tech
Page 50
1
Acquisition of mainframe hardware and software.
2
Manage mainframe related hardware upgrades and
replacements.
I
Service
Provider
Mgt
Tech
Mgt
I
R
A
R
A
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Mainframe Platform Functions
Customer
Tech
Mgt
Service
Provider
Tech
Mgt
3
Allocation of system resources.
I
R
A
4
Provide data backup and restoration services in
accordance with State of Florida and Customer
established policies.
I
R
A
5
System monitoring, troubleshooting, repair and escalation
of problems for the mainframe.
R
A
6
Install & maintain all mainframe OS related software &
patches.
I
R
A
7
Install & maintain all mainframe DB2 related software.
I
R
A
8
Install & maintain all mainframe IMS related software.
I
R
A
9
Install & maintain all mainframe CICS related software.
I
R
A
10
Install & maintain all mainframe print management related
software.
I
R
A
11
Maintain code promotion software.
I
R
A
12
Maintain cost allocation system data collection computer
programs and batch jobs.
R
A
13
Provide access control software implementation,
configuration and maintenance.
R
A
I
I
Page 51
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Mainframe Platform Functions
Customer
Tech
Page 52
Mgt
Service
Provider
Tech
Mgt
R
A
14
Perform program product (vendor software) installation,
upgrades, and maintenance.
15
Manage mainframe software license and compliance.
R
A
16
Monitor the mainframe systems for performance & tuning.
R
A
17
Manage and make OS performance tuning changes.
I
R
A
18
Manage batch resources and priorities.
I
R
A
19
Provide information necessary to determine workload
management requirements.
R
A
I
C
20
Provide Application User Account Management.
R
A
21
Manage the Customer change processes
R
A
C
22
Identify data retention requirements.
R
A
C
I
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
MANAGED APPLICATIONS
Service Name
Hosted
Messaging
Archi ve
Service
Billable Unit
Billing
Service Targets
Methodology
Estimated Delivery Time
Service Description
GB of
Storage
/Month
% of Service
Use
7 business days (following
approval of service request
and independent of other
services)
The Hosted Messaging Archive
Service provides storage for
messages archived from the Hosted
Messaging Service previously
provided at AST.
99.5% uptime in a
monthly period
This service has been sunsetted.
Citrix
Peak
Concurrent
Users/Month
% of Service
Use
99.5% uptime in a
monthly period
New Citrix hosting will be
available on a case-by-case
basis. For existing Citrix
customers, the normal Service
Request response times
apply.
Provides support for remote access
and central application deployment for
Customers in a shared, highly available
configuration, while providing capability
for dedicated application servers for
each entity. Service includes
installation, administration, support,
licensing, and maintenance of the Citrix
environment. The service maintains
three (3) tiers; Development,
Test/Quality Assurance, and
Production for full application life cycle
management. This provides the
Customer the flexibility to test
applications prior to deploying to
production. All three (3) tiers are
designed to be highly available.
Customer applications deployed remain
the responsibility of the Customer.
Page 53
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Service Level Commitment
The Service Provider is committed to meeting the performance metrics for the Managed Applications Service. Reference the
individual service definitions above for specific service availability.
Note: Interdependencies on other platforms may affect a specific platform’s performance metrics.
Hosted Messaging Archive Service
The Hosted Messaging Service offers storage and search services for messages archived from the Hosted Messaging Service
previously hosted by AST. Only messages archived from the legacy service are retained in this system. This service will not archive
any new messages.
Citrix Service
The Service Provider is responsible for ensuring the overall health and availability of the server hardware, operating system, storage,
backup, Citrix application and network services as part of the basic service cost. Customer applications deployed remain the
responsibility of the Customer. Time spent by the Service Provider performing release management, application or code support and
security response to Customer supplied applications will be considered a Direct Service.
Maintenance and Support Window s
Managed Applications support windows are outlined in the tables below.
Maintenance and Support Windows
Page 54
Windows
Time of Occurrence
Description of Activities to be
Performed
Normal
Business
Hours/
Window
Monday through Friday – 7:00
AM – 6:00 PM
Technicians are scheduled during this time
to fulfill service requests and troubleshoot
incidents. Priority 3 and 4 issues will be
worked within this window. Priority 1 and 2
issues are also worked during this window
and are continuously worked until
resolved. Changes may be executed
during this time, following the Service
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Maintenance and Support Windows
Windows
Time of Occurrence
Description of Activities to be
Performed
Provider’s change and release
management processes.
Standard
Maintenance
Window
Business Days: Monday – Friday
6:00 PM – Midnight (ET)
Normal maintenance, changes and system
enhancements will be performed during
this time.
Direct
Services
Window
Business Days: Monday – Friday
Midnight - 7:00 AM (ET)
Service or change requests initiated by the
Customer during this window will be
considered a Direct Service.
Citrix
Application
Support
Production:
Business Days: Monday – Friday
7:00 AM – Midnight (ET)
Saturday, Sunday and State
Holidays: All day
Citrix and Citrix application patching,
installation, deployment, and support.
Development/Test:
Business Days: Monday – Friday
7:00 AM – 6:00 PM (ET)
Roles and Responsibilities
General roles and responsibilities for this service are defined in the following RACI responsibility matrix below.
1. Responsible (R) - Those who do the work to achieve the task. There is typically one role with a participation type of responsible,
although others can be delegated to assist in the work required.
Page 55
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
2. Accountable (A) - (also approver or final approving authority) - The one ultimately answerable for the correct and thorough
completion of the deliverable or task, and the one from whom responsible is delegated the work. In other words, an accountable
must sign off (approve) on work that responsible provides. There must be only one accountable specified for each task or
deliverable.
3. Consulted (C) - (sometimes counsel) - Those whose opinions are sought, typically subject matter experts; and with whom there is
two-way communication. Consultation prior to event/decision typically done through change management.
4. Informed (I) - Those who are kept up-to-date on progress, often only on completion of the task or deliverable; and with whom there
is just one-way communication.
Managed Application Functions
Page 56
Managed Application
Customer
Service Provider
Tech
Mgt
Tech
Mgt
1
Citrix XenApp components infrastructure management
and administration
Citrix
C
I
R
A
2
Citrix XenApp components availability and monitoring
Citrix
C
I
R
A
3
Citrix XenApp components patch management and
maintenance
Citrix
C
I
R
A
4
Citrix XenApp Server components license purchase and
maintenance
Citrix
C
I
R
A
5
Utilize the Service Provider’s Change, Incident, Release,
Problem and Configuration Management Processes
All
C
I
R
A
6
Maintain server/service security; Comply with Rule
Chapter 74-2, FL Administrative Code, with respect to
server, network and service security
Citrix
C
I
R
A
7
Usage reporting
Citrix
C
I
R
A
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Managed Application Functions
Managed Application
Customer
Service Provider
Tech
Mgt
Tech
Mgt
8
Determine access rules and setup
Citrix
R
A
C
I
9
Purchase and maintain Microsoft Remote Desktop
Services (RDS) CAL licenses
Citrix
R
A
C
I
10 Perform application testing following the Service
Provider’s patch services
Citrix
R
A
C
I
11 Hosted application management & support
Citrix
R
A
C
I
12 Purchase and maintain hosted application licenses
Citrix
R
A
C
I
13 Endpoint support & maintenance including the Citrix
Receiver client component
Citrix
R
A
C
I
14 1st level end user support
Citrix
R
A
C
I
15 Notify the Service Provider’s Service Desk of all service
issues and requests
Citrix
R
A
C
I
16 Active Directory controlled access to applications via
domain groups
Citrix
R
A
C
I
17 Maintain Customer application code; Comply with Rule
Chapter 74-2, FL Administrative Code if applicable, with
respect to Customer application security and logical
separation of development, test and production services
Citrix
R
A
C
I
18 Customer Wide Area Network (WAN) bandwidth charges
Citrix
R
A
C
I
Page 57
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Managed Application Functions
Page 58
Managed Application
Customer
Service Provider
Tech
Mgt
Tech
Mgt
19 Notify Customer of planned and emergency outages
Hosted Messaging
C
I
R
A
20 Server availability and monitoring
Hosted Messaging
C
I
R
A
21 Server backup and recovery
Hosted Messaging
C
I
R
A
22 Server connectivity to WAN
Hosted Messaging
C
I
R
A
23 Server patch management and maintenance
Hosted Messaging
C
I
R
A
24 Off-site storage of backup media
Hosted Messaging
C
I
R
A
25 Purchase and maintain server licenses
Hosted Messaging
C
I
R
A
26 Client Desktop Application (e.g., Outlook) installation and
support
Hosted Messaging
R
A
C
I
27 Client Desktop Application Internet (WAN) connectivity
and troubleshooting
Hosted Messaging
R
A
C
I
28 Notify the Service Provider’s Service Desk of all service
needs
Hosted Messaging
R
A
C
I
29 Notify the Service Provider’s Service Desk of all service
problems
Hosted Messaging
R
A
C
I
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
NETWORK PLATFORM
Service Name
Billable Unit
Billing
Methodology
Service
Targets
Estimated
Delivery Time
Service Description
Load
Balancing
and Proxy
100
Concurrent
Connections/
Month
% of Service
Use
Service
will be
available
99.5% of
scheduled
availability
in a
monthly
period.
3 business days
(following
approval of
service order
and
independent of
other services)
Provides for the creation and maintenance of Virtual IP Address
(VIP) and Proxy or Load Balancing to backend hosts. Includes
SSL termination, acceleration, optimization, and health
monitoring. Charged by the number of concurrent connections
provisioned (in blocks of 100) to meet the technical and
performance requirements. Hardware and software components
of service are designed to be Highly Available (HA) with device
failover. HTTP-to-HTTPS redirect services are also included with
this service at no charge, provided the customer uses the
standard Service Provider’s template.
Service does not include SSL certificate purchases for
applications unable to leverage the Service Provider’s wildcard
certificate, content switching, or advanced scripting.
Netw ork
Unit
Network
Units
(NU)/Month
% of Service
Use
Service
will be
available
99.5% of
scheduled
availability
in a
monthly
period.
3 business days
(following
approval of
service order
and
independent of
other services)
Provides local network connectivity to servers or appliances
(physical or virtual). One NU is required per server or appliance
that requires network connectivity or backup. Multiple physical or
virtual connections may be configured for redundancy or access
reasons. Interface specific settings are based on speed, usage,
and other parameters available on the upstream switch and
connected device. Service includes configuration and
maintenance of port settings and monitoring of link status and
usage. Non-standard configurations such as fiber or special port
setup will be considered a Direct Service. Up to 10 firewall
modifications per month are included; additional modifications will
be considered a Direct Service.
For customers leveraging Web/URL filtering capabilities, support
and maintenance will also be considered a Direct Service.
Page 59
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Service Level Commitment
The Service Provider is committed to meeting a minimum uptime of 99.5% for Network Services. Reference the individual service
definitions above for service availability.
Note: Interdependencies on other platforms may affect a specific platform’s performance metrics.
Maintenance and Support Window s
Network Platform support windows are outlined in the tables below.
Maintenance and Support Windows
Standard
Times
Time of Occurrence
Description of Maintenance
(normal business days)
Activities to be Performed
Normal
Business
Hours/
Window
Monday through Friday – 7:00
AM – 6:00 PM
Network technicians are scheduled during
this time to fulfill service requests and
troubleshoot incidents. Priority 3 and 4
issues will be worked within this
window. Priority 1 and 2 issues are also
worked during this window and are
continuously worked until
resolved. Changes may be executed
during this time, following the Service
Provider’s change and release
management processes.
Standard
Maintenance
Window
Minor and Standard Changes:
Business days, 6:00 PM –
Midnight
Normal maintenance, changes, and
system enhancements will be performed
during this time.
Major Changes:
Page 60
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Maintenance and Support Windows
Standard
Times
Time of Occurrence
Description of Maintenance
(normal business days)
Activities to be Performed
Sunday 6:00 PM – Monday 5:00
AM (ET)
Direct
Services
Window
Business Days: 6:00 PM - 7:00
AM (ET)
Saturday, Sunday and State
Holidays: All day
Service or change requests initiated by the
Customer during this window will be
considered a Direct Service.
Roles and Responsibilities
General roles and responsibilities for this service are defined in the following RACI responsibility matrix below.
1. Responsible (R) - Those who do the work to achieve the task. There is typically one role with a participation type of responsible,
although others can be delegated to assist in the work required.
2. Accountable (A) - (also approver or final approving authority) - The one ultimately answerable for the correct and thorough
completion of the deliverable or task, and the one from whom responsible is delegated the work. In other words, an accountable
must sign off (approve) on work that responsible provides. There must be only one accountable specified for each task or
deliverable.
3. Consulted (C) - (sometimes counsel) - Those whose opinions are sought, typically subject matter experts; and with whom there is
two-way communication. Consultation prior to event/decision typically done through change management.
4. Informed (I) - Those who are kept up-to-date on progress, often only on completion of the task or deliverable; and with whom there
is just one-way communication.
Page 61
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Network Platform Functions
Page 62
Customer
Service
Provider
Tech
Mgt
Tech
Mgt
1
Purchase SSL certificate for load balanced or proxy
applications unable to leverage the Service Provider’s
wildcard certificate (Load Balancing and Proxy)
R
A
C
I
2
Configure Customer VRF (Network Connectivity)
I
C
R
A
3
Configure network infrastructure devices (Network
Connectivity)
I
R
A
4
Monitor network infrastructure devices (Network
Connectivity)
I
R
A
5
Backup network infrastructure device configurations
(Network Connectivity)
R
A
6
Maintain device software on network infrastructure
devices (Network Connectivity)
R
A
7
Configure firewall device and network settings (Network
Connectivity)
R
A
8
Install firewall policy rules (Network Connectivity)
R
A
9
Define application-specific requirements to meet
customer's business needs (Network Connectivity)
10
Configure network/firewall policies based on
application-specific requirements (Network
Connectivity)
I
I
C
R
C
I
C
R
A
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Network Platform Functions
Customer
Service
Provider
Tech
Mgt
Tech
Mgt
A
11
Configure firewall threat objects and profiles (Network
Connectivity)
C
I
R
12
Configure web filtering profiles (Network Connectivity)
R
A/C
I
13
Configure report distribution/content settings (Network
Connectivity)
C
R
A
14
Configure device and network settings (Load Balancing
and Proxy)
R
A
15
Maintain device software (Load Balancing and Proxy)
I
R
A
16
Provide SSL keychain (Certificate + Key) (Load
Balancing and Proxy)
R
A
I
17
Configure virtual IP address and service (Port) - virtual
server (Load Balancing and Proxy)
C
I
R
A
18
Maintain virtual IP address and service (Port) - virtual
server (Load Balancing and Proxy)
C
I
R
A
19
Monitor virtual IP address and service (Port) - virtual
server (Load Balancing and Proxy)
R
A
Page 63
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Network Platform Functions
20
Page 64
Install SSL keychain (Certificate + Key) (Load
Balancing and Proxy)
Customer
Service
Provider
Tech
Mgt
Tech
Mgt
C
I
R
A
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
OPEN SYSTEMS PLATFORM
Service Name
EDI
Translation
Web/ App/File
Transfer
Services
Linux/UNIX
Capacit y
Unit
Billable Unit
Billing
Service Targets
Methodology
Estimated
Delivery Time
Service Description
Kilobyte
Transfer/Month
% of Service
Use
99.5%
Availability in a
monthly period
Provides EDI data transformation services in
support of database and application loading.
Web Unit/
Month
% of Service
Use
99.5%
Availability in a
monthly period
Capacity Units
(CU)/Month
% of Service
Use
N/A
(This service
was born out a
need for cost
allocation and is
not a
measurable
service.)
5 business days
to deploy
translation
(following
approval of
service request
and
independent of
other services)
3 business days
(following
approval of
service request
and
independent of
other services)
3 business
days (Adding or
removing
capacity units
may require a
server
reboot. Delivery
time for these
changes will be
dependent on
an available
maintenance
Provides HA web based application and file
transfer services for Customers via shared
Linux/UNIX environment.
Provides the required processing capacity to
support any Linux/UNIX Managed Server. Total
Capacity Units are calculated by adding capacity
units for (1) CPU and (2) RAM. These values are
calculated as follows:
1) CPU Capacity Units are calculated by
multiplying the number of cores by the base
CPU speed (rounded up to the next whole
integer).
2) RAM Capacity Units are calculated based
on the number of Gigabytes divided by one
for virtual systems and divided by 4 for
Page 65
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Service Name
Linux/UNIX
Managed
Server
Billable Unit
Unix Server
Units
(SU)/Month
Billing
Service Targets
Methodology
% of Service
Use
99.5%
Availability in a
monthly period
Estimated
Delivery Time
Service Description
window for the
server.)
physical systems (rounded up to the next
whole integer).
All capacity units within the server/zone/container
provided will be considered a Direct Service.
Server restrictions apply, including minimum sizing
for new physical servers and all such server
capacity must be x86 based commodity hardware.
Customers requiring non-commodity hardware
should contact the Service Provider and will be
required to provide justification for approval.
Provides hosting of a Linux/UNIX-based server OS
instance. All systems will be implemented as virtual
machines unless there is a documented need for a
physical device. This service includes the Service
Provider’s standard OS licenses (Red Hat and
Solaris on x86), and support, OS configuration and
tuning, OS upgrades, OS patch management in
standard maintenance window, 24x7 core system
monitoring, and compliance/security management.
Purchase of the OS and support/entitlement of and
non-standard OS is the Customer’s responsibility.
Support of non-standard OS or hardware is at the
discretion of the Service Provider, and any
customization of processes or code required to
maintain the systems and adhere to the Service
Provider’s best practices will be considered a Direct
Service. Capacity Unit, Storage, Data Protection
(backup), and Network Unit services are required
and covered under separate offerings.
10 business
days *
(following
approval of
service order
and
independent of
other services)
* This includes both simple and complex builds with or without high-availability (HA) features. Simple builds are typically delivered in less than 5 days. Time required for
implementation of Customer-requested applications that are not part of the set of application packages provided within a vendor provided OS build are not included in the
build process delivery time. Infrastructure dependencies outside of the full control of AST may adversely affect delivery time. These dependencies include but are not
limited to Customer firewalls, Customer network routing and IP address management, and Customer Active Directory domain access. Additionally, unless an exception is
filed and granted, a server cannot be delivered without anti-virus protection, data protection services, or the AST system management tool(s) installed.
Page 66
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Service Level Commitment
The Service Provider is committed to meeting a minimum uptime of 99.5% for the Open Systems Platform Service. Reference the
individual service definitions above for service availability.
Note: Interdependencies on other platforms may affect a specific platform’s performance metrics.
Maintenance and Support Window s
Open Systems Platform support windows are outlined in the tables below.
Maintenance and Support Windows
Standard
Times
Time of Occurrence
Description of Maintenance
(normal business days)
Activities to be Performed
Normal
Business
Hours/
Window
Monday through Friday – 7:00
AM – 6:00 PM
Open Systems technicians are scheduled
during this time to fulfill service requests
and troubleshoot incidents. Priority 3 and 4
issues will be worked within this
window. Priority 1 and 2 issues are also
worked during this window and are
continuously worked until
resolved. Changes may be executed
during this time, following the Service
Provider’s change and release
management processes.
Standard
Maintenance
Window
Business Days:
Normal maintenance, changes, and
system enhancements will be performed
during this time.
6:00 PM – Midnight (ET)
Page 67
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Maintenance and Support Windows
Standard
Times
Time of Occurrence
Description of Maintenance
(normal business days)
Activities to be Performed
Direct
Services
Window
Business Days:
Service or change requests initiated by the
Customer during this window will be
considered a Direct Service.
6:00 PM - 7:00 AM (ET)
Saturday, Sunday and State
Holidays: All day
Roles and Responsibilities
General roles and responsibilities for this service are defined in the following RACI responsibility matrix below.
1. Responsible (R) - Those who do the work to achieve the task. There is typically one role with a participation type of responsible,
although others can be delegated to assist in the work required.
2. Accountable (A) - (also approver or final approving authority) - The one ultimately answerable for the correct and thorough
completion of the deliverable or task, and the one from whom responsible is delegated the work. In other words, an accountable
must sign off (approve) on work that responsible provides. There must be only one accountable specified for each task or
deliverable.
3. Consulted (C) - (sometimes counsel) - Those whose opinions are sought, typically subject matter experts; and with whom there is
two-way communication. Consultation prior to event/decision typically done through change management.
4. Informed (I) - Those who are kept up-to-date on progress, often only on completion of the task or deliverable; and with whom there
is just one-way communication.
Page 68
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Open Systems Platform Functions
Customer
Service
Provider
Tech
Mgt
Tech
Mgt
1
Install, provision, maintain, troubleshoot, protect, and
retire server instances.
C
I
R
A
2
License the server OS 1
C
I
R
A
3
Reboot servers when required.
C
I
R
A
4
Restart native operating system services.
C
I
R
A
5
Restart application-specific services, not provided by the
Service Provider as an enterprise service. (Runs with
elevated privileges) 4
C
I
R
A
6
Restart application-specific services not provided by the
Service Provider as an enterprise service. (Runs without
elevated privileges) 2
R
A
C
I
7
License, install, maintain, and troubleshoot server antimalware products.
R
A
8
License, maintain and troubleshoot applications not
provided by the Service Provider as an enterprise
service. 2
R
A
C
I
9
Patch/update application code not provided by the
Service Provider as an enterprise service. (Runs with
elevated privileges) 4
C
I
R
A
Page 69
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Open Systems Platform Functions
Page 70
Customer
Service
Provider
Tech
Mgt
Tech
Mgt
10
Patch/update application code not provided by the
Service Provider as an enterprise service. (Runs without
elevated privileges) 2
R
A
C
I
11
Installation of applications not provided by the Service
Provider as an enterprise service. (Runs with elevated
privileges) 2
C
I
R
A
12
Installation of applications not provided by the Service
Provider as an enterprise service. (Runs without elevated
privileges) 2
R
A
C
I
13
Plan and coordinate continuity of operations plans for
critical customer-specific servers. 4
C
I
R
A
14
Plan and coordinate continuity of operations plans for
critical customer-specific applications.
R
A
C
I
15
Manage and update application code and web content.
(Runs with elevated privileges) 4
C
I
R
A
16
Manage and update application code and web content.
(Runs without elevated privileges) 2
R
A
C
I
17
Monitor key application services for health and availability
24x7x365.
R
A
C
I
18
Monitor system services for health and availability
24x7x365.
C
I
R
A
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Open Systems Platform Functions
Customer
Service
Provider
Tech
Mgt
Tech
Mgt
19
Plan for and request capacity to fulfill customer initiatives
and growth.
R
A
C
I
20
Acquire capacity required to fulfill customer initiatives and
growth 3
C
I
R
A
21
Perform application testing/validation following changes
performed by the SDC.
R
A
C
I
1)
If the base offered OS, CentOS, is not selected. CentOS is a no cost GPL license with community support and will not require licensing.
2)
May require custom scripts and controlled access methods.
3)
Dependent on funding, availability and customer notice.
4)
Will be considered a Direct Service.
Page 71
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
STORAGE PLATFORM
Service
Name
BlockBased
Storage
Service
Billable Unit
Billing
Service Targets
Methodology
Estimated Delivery Time
Service Description
Allocated
Gigabyte/Month
% of Service
Use
2 business days (following
approval of service order
and independent of other
services)
Provides physical or virtual volumes
accessed via a storage area network
(SAN) using a protocol such as iSCSI,
Fibre Channel (FC) or Fiber Channel
over Ethernet (FCoE) in a nonmainframe environment. Includes the
Service Provider’s multi-path
management software licenses,
standard maintenance on storage
arrays and SAN infrastructure devices,
24x7 monitoring, and
security/compliance management for
storage components.
Storage will be
available 99.5% of
the scheduled
availability in a
monthly period.
Actual scheduled
availability
(minutes) minus
reported downtime
(minutes) divided
by scheduled
availability
(minutes).
ObjectBased
Storage
Service
Allocated
Gigabyte/Month
% of Service
Use
Storage will be
available 99.5% of
the scheduled
availability in a
monthly period.
Actual scheduled
availability
(minutes) minus
reported downtime
(minutes) divided
by scheduled
Page 72
Data protection (backup) services are
required and covered under separate
offerings.
2 business days (following
approval of service order
and independent of other
services)
Provides storage via CIFS or NFS
protocols for distributed unstructured
data and includes the Service
Provider’s standard component
maintenance, 24x7 monitoring and
security/compliance management for
storage components.
Data protection (backup) services are
included in this offering via snapshot
technology. The Service Provider will
plan, schedule, and implement
standard snapshot processes. The
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Service
Name
Billable Unit
Billing
Service Targets
Methodology
availability
(minutes).
Estimated Delivery Time
Service Description
retention period for snapshot data is 6
weeks for daily snapshots. All
snapshots are replicated off-site to a
secured facility, using encrypted data
replication. Restoration for file-level
recovery within the 6-week retention
timeframe is self-serviced by end
users through the native, client-side
recovery dialog boxes (aka, “Previous
Versions Client”).
Data archival beyond 6 weeks is
available through the Data Archival
Service.
Service Level Commitment
The Service Provider is committed to meeting a minimum uptime of 99.5% for the Storage Platform.
Note: Interdependencies on other platforms may affect a specific platform’s performance metrics.
Block-Based Storage Service
The Block-Based Storage Service has been architected to provide the most powerful, flexible and highly available storage solution. It
provides efficiency by:
•
•
•
•
•
Utilizing storage virtualization
Modular design
Array optimization
Auto-tiering of data between Solid-State Disk (SSD), performance (SAS), and capacity (Near-line SAS) drives
Flexible I/O modules which support Fiber Channel (FC), Fiber Channel over Ethernet (FCoE), and internet Small Computer
System Interface (iSCSI)
Page 73
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Enterprise storage is typically provided via a SAN using either Fiber Channel or iSCSI based disks with Redundant Array of Independent
Disks (RAID) protection provisioned within the enterprise storage infrastructure to provide high availability.
The Service Provider has simplified the deployment and billing of the storage environment through the use of storage virtualization and
auto-tiering. The auto-tier feature allows a single Logical Unit Number (LUN) to leverage the advantages of Solid-State Disk (SSD),
Serial Attached SCSI (SAS), and Near-line SAS drives simultaneously. The array collects activity statistics at a sub-LUN level to
determine which components should be promoted to faster tiers of storage.
The Storage Service requires the Data Protection Service to ensure recoverability due to hardware, system, or data integrity failure.
Additional information can be found in the Data Protection Service description.
Object-Based Storage Service
The Object-Based Storage Service provides storage via Ethernet connectivity (typically using either CIFS or NFS protocols) to
access the storage. This storage is best used for distributed/unstructured data sets such as static web content, data backups,
archival images, and multi-media files (videos, pictures, or music).
One important difference between block and object systems is that in object-based storage systems, the objects are not stored in a
file-folder hierarchy (though they are viewed and retrievable in a file-folder hierarchy). Objects are allocated and stored with metadata
associated directly with each data object and are actual storage objects that are understood, managed and secured at the device
level.
Primary benefits of the Object-Based Storage Service:
•
•
•
•
•
•
Simultaneous multi-protocol (HDFS, S3, Swift, WebHDFS, REST API, etc.) access support – to aid in the support of cloudready application development
Cloud integration to third-party storage providers via file-level metadata attributes
Data at-rest Encryption (DARE)
Granular file-level access auditing
End user access to data restoration via self-service, client-side recovery dialog boxes
Fully mountable, replicated snapshots speed disaster recovery
Object-based Storage billing is based on customer-defined quota limits and associated, consumed snapshot storage space.
Page 74
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Special Note: Customers are cautioned that the snapshot technology used in the Object-based Backup Service should not be used
as an alternative to, or a substitute for, proper records archiving pursuant to section 257.36, Florida Statutes. The backup of data by
the Service Provider is intended to assist only in recovery from infrastructure failures or human errors. Because backups traditionally
utilize a point-in-time technology, it is not possible to guarantee that records have not been altered or destroyed. Accordingly, the
Service Provider cannot guarantee compliance with applicable records retention requirements of the Department of State’s Division of
Library and Information Services. Public records may be disposed of only in accordance with the Division’s records retention schedules.
Media Disposal
For media that has failed or is removed from service, the Service Provider will properly dispose of the media. The Service Provider will
date and record the state property tag, if present, manufacture, and serial number of media to be disposed. This info will be written on
a disposal form and signed by a witness (Service Provider employee) that the media was disposed of per Florida Law. The media must
be destroyed by a certified vendor which will provide a written certificate of the media destroyed. A copy of this information will be
captured and retained by the Service Provider in the Service Provider’s ITSM System.
If functioning media is being decommissioned and not disposed of, sanitation software will be used which meets IRS, NIST, DOD and
Rule Chapter 74-2, F.A.C., the Florida Cybersecurity Standards, disk sanitation requirements.
Special Note: The Customer is responsible for managing data on non-OS partitions/drives/volumes and should act on storage alerts
as they are received. In such situations where storage usage spikes, or in critical situations where service availability is jeopardized,
the Service Provider may add up to 10% of pre-approved storage.
Maintenance and Support Window s
Storage Platform support windows are outlined in the tables below.
Page 75
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Maintenance and Support Windows
Windows
Time of Occurrence
Description of Activities to be
Performed
Normal
Business
Hours/
Window
Monday through Friday – 7:00
AM – 6:00 PM
Storage technicians are scheduled during
this time to fulfill service requests and
troubleshoot incidents. Priority 3 and 4
issues will be worked within this
window. Priority 1 and 2 issues are also
worked during this window and are
continuously worked until
resolved. Changes may be executed
during this time following the Service
Provider’s change and release
management processes.
Standard
Maintenance
Window
Business Days: Monday - Friday
Normal maintenance, changes and system
enhancements will be performed during
this time.
Direct
Services
Window
Business Days: Monday - Friday
6:00 PM – Midnight (ET)
6:00 PM - 7:00 AM (ET)
Service or change requests initiated by the
Customer during this window will be
considered a Direct Service.
Saturday, Sunday and State
Holidays: All day
Roles and Responsibilities
General roles and responsibilities for this service are defined in the following RACI responsibility matrix below.
1. Responsible (R) - Those who do the work to achieve the task. There is typically one role with a participation type of responsible,
although others can be delegated to assist in the work required.
Page 76
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
2. Accountable (A) - (also approver or final approving authority) - The one ultimately answerable for the correct and thorough
completion of the deliverable or task, and the one from whom responsible is delegated the work. In other words, an accountable
must sign off (approve) on work that responsible provides. There must be only one accountable specified for each task or
deliverable.
3. Consulted (C) - (sometimes counsel) - Those whose opinions are sought, typically subject matter experts; and with whom there is
two-way communication. Consultation prior to event/decision typically done through change management.
4. Informed (I) - Those who are kept up-to-date on progress, often only on completion of the task or deliverable; and with whom there
is just one-way communication.
Storage Platform Functions
Customer
Tech
Mgt
I
Service
Provider
Tech
Mgt
R
A
1
Inform Customer of incident and change requests.
2
Purchase, install, manage, maintain, and troubleshoot
back-end storage systems.
R
A
3
Create, edit, and delete zones within the storage area
network infrastructure.
R
A
4
Acquire and plan for storage capacity to fulfill Customer
requests.
I
R
C
5
Monitor storage infrastructure 24x7x365.
I
R
A
6
Project storage capacity needs on periodic basis.
R
A
C
I
7
Manage data on non-OS partitions/drives/volumes and
act on storage alerts as they are received from the
Service Provider.
R
A
C
I
A
Page 77
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Storage Platform Functions
Page 78
Customer
Service
Provider
Tech
Mgt
Tech
Mgt
8
Ensure all backup processes are accurately and timely
completed.
C
I
R
A
9
Monitor services 24 hours a day x 7 days a week.
C
I
R
A
10
Provide offsite replication or media transport of protected
data.
C
I
R
A
11
Assume all costs required to meet State retention
schedules for protected data, beyond the Service
Provider standards. This includes the recovery of such
data for backup systems no longer maintained or integral
to the Service Provider’s standard environment.
RAC
12
Discuss long-term data retention strategies with the
Service Provider prior to implementation of any product,
solution, or service to ensure strategic alignment,
technical compatibility, and cost effectiveness.
RA
C
I
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
WINDOWS PLATFORM
Service Name
Window s
Capacit y
Unit
Window s
Managed
Server
Billable Unit
Billing
Service Targets
Methodology
Estimated
Delivery Time
Service Description
Capacity
Units
(CU)/Month
% of Service
Use
This service was
born out a need
for cost allocation
and is not a
measurable
service.
Provides processing capacity as required to support
the associated Windows Managed Server Service.
Capacity Units are sold in quantities of memory and
processing power, specifically gigabytes of RAM and
GHz of CPU. Minimums apply. Customers requiring
dedicated physical hardware must provide
justification and, if approved, will be billed for all the
compute resources present within the server.
Window
Server Units
(SU)/Month
% of Service
Use
Windows
Managed Server
will be available
99.5% of the
scheduled
availability in a
monthly period
(the number of
minutes in a
month minus
planned
downtime).
3 business
days (Adding or
removing
capacity units
may require a
server
reboot. Delivery
time for these
changes will be
dependent on
an available
maintenance
window for the
server.)
10 business
days* (following
approval of
service order
and
independent of
other services).
Provides hosting of a Windows-based server OS
instance, and includes OS licenses and support, OS
configuration and tuning, OS patch management in
standard maintenance window, 24x7 core system
monitoring, compliance/security management, and
anti-virus protection. Capacity Unit, Storage, Data
Protection (backup), and Network Unit services are
required and covered under separate offerings.
The Service Provider is responsible for ensuring the
overall health and availability of the server hardware,
operating system and basic network connectivity.
Application-layer management responsibility is
Page 79
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Service Name
Billable Unit
Billing
Service Targets
Methodology
Actual scheduled
availability
(minutes) minus
reported
downtime
(minutes) divided
by scheduled
availability
(minutes).
Estimated
Delivery Time
Service Description
maintained by the Customer with optional Service
Provider support.
* This includes both simple and complex builds with or without SQL or Microsoft Clustering. Simple builds are typically delivered in less than 5 days. Infrastructure
dependencies outside of the full control of AST may adversely affect delivery time. These dependencies include but are not limited to agency firewalls, agency network
routing and IP address management, and agency Active Directory domain access. Unless an exception is filed and granted, a server cannot be delivered without anti-virus
protection, data protection services, or the AST system management tool(s) installed.
Service Level Commitment
The Service Provider is committed to meeting a minimum uptime of 99.5% for Windows Managed Server. The other Windows
services do not provide reporting at this time. Reports will be provided via the self-service portal.
Note: Interdependencies on other platforms may affect a specific platform’s performance metrics.
Windows Capacity Unit
Windows Capacity Unit is defined as each 1024 MB of RAM and each 1000 MHz of processor pool resources allocated to the OS.
Customers of physical servers will be charged for all RAM and all processor MHz for all cores available to the OS.
Eleven (11) Windows Capacity Units (5 CU processing and 6 CU RAM) are required to minimally provision a new managed server
under this model. Additional capacity will be provisioned upon request and is subject to availability. New Windows Managed Servers
also require a minimum system partition of 80 GB of storage to be used exclusively for the operating system. Additional
data/applications storage will be provisioned at Customer request, subject to availability. The additional storage, assigned a different
drive designation, will be the storage location for customer data and applications. Wherever possible, system disks will be maintained
such that 20% of total storage is available. Customers with legacy direct attached storage which are not part of the Service Provider’s
Storage Service is considered a Direct Service.
Page 80
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Windows Managed Server requires the Data Protection Service to meet service availability requirements. Server restoration time will
be excluded from the Managed Server performance metrics where backup exception requests have been granted and are related to
the outage.
Windows Managed Server
Windows Managed Server includes:
1.
2.
3.
4.
5.
OS installation/configuration.
Server operating system license. (Windows Rights Assignment document available upon request.)
OS platform management.
Use of fully managed, dedicated use of fully managed servers for Customer processing.
Server patch management - Regular deployment of Microsoft OS patches including Service Packs and all MS*-* security bulletin
patches for the Service Provider’s provided services. Microsoft security bulletins (ex: MS16-001) are released and deployed
on a monthly basis. The Windows Managed Server Service offering does not include patch services for other customer-installed
Microsoft enterprise products such as SharePoint, SCCM, SCOM, Lync/Skype, and Exchange. Also excluded from routine
patch operations are customer-installed other third-party software such as Adobe Acrobat, Flash, ColdFusion, Java, or any
other off-the-shelf products.
6. Server health and availability monitoring - incident notification and response 24 x 7 x 365.
7. Security scanning and remediation efforts.
8. Virus protection - Installation, configuration and on-going maintenance of the anti-virus software.
9. Remote host security system logging.
10. Virtual machine snapshots (available upon request) which are retained for a maximum of 5 business days. For longer term
needs clones are available.
11. Clustering available upon request.
12. Delegated access per the SLA.
Unless an exception has been granted, newly provisioned servers will be provisioned in the Service Provider’s highly available
(HA) virtual infrastructure.
Below is a list of Customer responsibilities in the Windows Managed Server (this includes, but is not limited to):
1. Application development and deployment in the development environment.
2. Application deployment in the test and production environments.
Page 81
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
3. Application remediation, monitoring, installation, patching and support for other enterprise software such as SharePoint, SCCM,
SCOM, Lync/Skype, Exchange, ColdFusion and other off the shelf software products.
4. User provisioning.
Solarwinds is fundamentally the Service Provider’s monitoring and instrumentation tool, and has been procured and deployed with the
capacity needs of the Service Provider’s staff in mind. The Service Provider is piloting agency access to the tool to provide improved
customer insight and quicker time-to-resolution to technical issues. Access to the tool is available to Customers upon request as a
“value add” and without Service Level expectations. As such, the Service Provider may modify, update, patch, and restart the monitoring
platform at any time and without notice. While these changes are processed through the Service Provider’s internal change process,
these events may not be visible to your organization. Incidents submitted to Service Provider for Solarwinds instrumentation issues will
be excluded from service level calculations and will be handled during business hours. Access to the monitoring tool requires an Active
Directory trust for authentication and is limited to agency staff with the prerequisite skill to appropriately interpret the monitoring data.
Page 82
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Maintenance and Support Window s
Windows Platform support windows are outlined in the tables below.
Maintenance and Support Windows
Windows
Times
Description
Normal Business
Hours/Window
Monday through Friday - 7:00 AM –
6:00 PM
Windows technicians are scheduled
during this time to fulfill service
requests and troubleshoot incidents.
Priority 3 and 4 issues will be
worked within this window. Priority 1
and 2 issues are also worked during
this window and are continuously
worked until resolved. Changes may
be executed during this time,
following the Service Provider’s
change and release management
processes.
Extended Business Hours
Monday through Friday - 6:00 PM –
Midnight
Windows technicians are available
during this time to fulfill scheduled
service requests and troubleshoot
incidents as they arise.
Standard Maintenance
Hours
Monday through Friday - 6:00 PM –
1:00 AM
This is the default window for
maintenance to the Service
Provider’s services and
infrastructure. Normal maintenance,
changes, and system
enhancements will be performed
during this time. This is the regularly
Page 83
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Maintenance and Support Windows
Windows
Times
Description
scheduled patch window for
Windows servers. Patching outside
of this window will be considered a
Direct Service.
Direct Services Hours
Monday through Friday – 12:01 AM
- 7:00 AM
Saturday, Sunday, and State
Holidays – All Day
On-call Hours
Monday through Friday 1:01 AM to
7:00 AM
All day Saturday and Sunday
Service requests fulfilled during this
windows will be considered a Direct
Service.
On-call technicians are available
during this time to help resolve
server down or imminent failure
incidents as they arise.
Roles and Responsibilities
General roles and responsibilities for this platform are defined in the RACI responsibility matrix below.
1. Responsible (R) - Those who do the work to achieve the task. There is typically one role with a participation type of responsible,
although others can be delegated to assist in the work required.
2. Accountable (A) - (also approver or final approving authority) - The one ultimately answerable for the correct and thorough
completion of the deliverable or task and the one from whom responsible is delegated the work. In other words, an accountable
must sign off (approve) on work that responsible provides. There must be only one accountable specified for each task or
deliverable.
3. Consulted (C) - (sometimes counsel) - Those whose opinions are sought, typically subject matter experts; and with whom there is
two-way communication. Consultation prior to event/decision typically done through change management.
4. Informed (I) - Those who are kept up-to-date on progress, often only on completion of the task or deliverable; and with whom there
is just one-way communication.
Page 84
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Windows Platform Functions
Customer
Service
Provider
Tech
Mgt
Tech
Mgt
1
Ensures the overall health and availability of the server
hardware, operating system and basic network
connectivity.
I
I
R
A
2
Develop, deploy, and maintain Customer application
code; Comply with Rule Chapter 74-2, FL Administrative
Code if applicable, with respect to Customer application
security and logical separation of development, test and
production services.
R
A
C
I
3
Manage Customer Active Directory, including account
adds/modify/deletes.
R
A
C
I
4
Manage the Service Provider’s Active Directory, including
account adds/modify/deletes. (Customer resource forest)
C
I
R
A
5
Manage Customer application.
R
A
C
I
6
Manage group policy, with the exception of those settings
which modify security, audit or patch behavior of those
servers at the Service Provider’s facility. (Customer)
R
A
C
I
7
Manage group policy. (Customer Resource Forest)
C
I
R
A
8
Manage internal DHCP, WINS and DNS namespace.
(Customer)
R
A
C
I
9
Manage DNS namespace. (Customer resource forest)
C
I
R
A
Page 85
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Windows Platform Functions
Tech
Mgt
Tech
Mgt
10
Perform testing following changes performed by the SDC.
R
A
C
I
11
Perform testing following the Service Provider’s patch
services.
R
A
C
I
R
A
C
I
12
Page 86
Customer
Service
Provider
Purchase and maintain application licenses.
13
Restart application-specific services, not provided by the
Service Provider as an enterprise service.
R
A
C
I
14
Notify the Service Provider’s Service Desk of all service
issues and requests.
R
A
C
I
15
Plan and coordinate continuity of operations plans for
critical Customer-specific servers and applications.
R
A
C
I
16
Plan for and acquire capacity to fulfill Customer requests.
C
I
R
A
17
Provide capacity plan to the Service Provider biannually
per Florida Statute.
R
A
C
I
18
Provide server anti-virus management and maintenance.
C
I
R
A
19
Provide server availability and monitoring.
C
I
R
A
20
Acquire server backup and recovery. (Service Required)
C
I
R
A
21
Provide server connectivity to WAN.
C
I
R
A
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Windows Platform Functions
Customer
Service
Provider
Tech
Mgt
Tech
Mgt
22
Provide server installation and configuration of operating
system.
C
I
R
A
23
Maintain server/service security; Comply with Rule
Chapter 74-2, FL Administrative Code, with respect to
server, network and service security.
C
I
R
A
24
Provide server management and administration.
C
I
R
A
25
Monitor server availability 24x7x365 on an on-going
basis, with immediate alerts sent to support staff when
service interruptions or degradations are detected.
C
I
R
A
26
Manage server operating system license purchase and
maintenance.
C
I
R
A
27
Perform server patch management and maintenance.
C
I
R
A
28
Reboot servers when required.
C
I
R
A
29
Restart native operating system services.
C
I
R
A
30
Patch all MS*-* security patches supplied by Microsoft
with the exception of patches related to SharePoint,
Exchange, Lync/Skype, SCOM, and SCCM.
C
I
R
A
31
Patch all MS*-* security patches supplied by Microsoft for
SharePoint, Exchange, Lync/Skype, SCOM, and SCCM.
R
A
C
I
Page 87
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
Windows Platform Functions
Page 88
Customer
Service
Provider
Tech
Mgt
Tech
Mgt
32
Patch all third-party software such as Adobe Acrobat,
Flash, ColdFusion, Java, or any other common, off-theshelf products.
R
A
C
I
33
Utilize the Service Provider’s Change, Incident, Release,
Problem and Configuration Management Processes.
C
I
R
A
2017-2018 Service Catalog - ATTACHMENT A – updated 6-29-2017
DIRECT SERVICE OFFERINGS
Service Name
Disaster
Recovery
Offering
Service Description
Provides a structured approach to providing a comprehensive information technology infrastructure for
managing, maintaining, and enhancing business-critical disaster recovery capabilities located at least 150 miles
from Tallahassee. This offering builds on other appropriate SDC Managed Services (server, database, storage,
network, etc.) and leverages capacity available through the SDC or Infrastructure as a Service (IaaS) and
Disaster Recovery as a Service (DRaaS) from third-party contractors. This Direct Service offering is available for
an additional fee for each of the SDC Managed Compute Services (Mainframe, UNIX/Linux, and Windows). The
fees for this offering will be comprised of SDC Managed Service offerings and necessary capacity required to
support the disaster recovery infrastructure for the customer’s application set as well as any direct cost from the
Cloud Service Provider(s) for specific associated equipment, facilities, and service use and consumption.
Disaster Recovery is a shared service that is allocated in proportion to the appropriations for a given Customer.
Securit y
Training
Provides a comprehensive course on how to implement the Critical Security Controls, a prioritized, risk-based
approach to security. This offering provides Information Security Managers, cybersecurity staff, and auditors the
opportunity to participate in hands on training of techniques and tools needed to implement and audit the Critical
Security Controls, as well as understand how to effectively identify and mitigate threats. State agencies will be
billed directly from the participating agencies’ Contracted Services Appropriation category for service use and
consumption. For those agencies specifically named in proviso who are not agency customers, the agency
should process a journal transfer of funds from the participating agency to the Service Provider for service use
and consumption.
Page 89
Download PDF
Similar pages