Cloud and Enterprise Services Addendum

  1. INTRODUCTION

    PNAP’s Cloud and Enterprise Services are services designed to allow Clients scalable access to resources and services which may be managed or unmanaged to support application hosting, data storage, protection, and recovery as well as internet connectivity. Certain services are provisioned utilizing a comprehensive Statement of Work (“SOW”) and a Responsibility Matrix (“RM”) delineating the specific services to be performed, and the responsibilities of PNAP and Client.

  2. AGREEMENT

    This Cloud and Enterprise Services Service (CES) Addendum (“CES Addendum”) sets forth the specific terms and conditions under which PNAP (“PNAP”) shall supply Cloud and Enterprise Services to Client. The Core Service Agreement entered into between PNAP and Client fully incorporates the terms herein and provides that this CES Addendum, and Client’s execution of the Master Services Agreement constitutes acceptance of the terms and conditions stated herein. Capitalized terms used but not defined herein shall have the meanings set forth in the Master Services Agreement. The Initial Term length for this Service is set forth on the applicable Service Order Form (“SOF”), executed by PNAP and Client, making reference to these Services. As referred to herein, “Agreement” means this Cloud and Enterprise Services Addendum, together with the MSA and all policies and addenda that are incorporated herein by reference, including the Statement of Work (SOW), Responsibility Matrix (“RM”), Acceptable Use Policy (“AUP”), and Privacy Policy (“PP”). This Agreement sets forth the terms and conditions that apply to the Cloud and Enterprise Services Addendum.

    General

    PNAP Cloud and Enterprise Services is a set of services designed to lessen the burden of managing everything from core infrastructure to daily administrative tasks. PNAP’s infrastructure services are distinct from other dedicated hosting in that PNAP provides capacity, incident, and maintenance support for all management infrastructure. Client may maintain administrative access depending on the engagement. The Client Statement of Work and corresponding Responsibility Matrix delineates duties, however PNAP is responsible for setting up and configuring hardware, installing and configuring software, technical support, patch management, system maintenance, monitoring and updates. PNAP may (depending on the engagement) provide backups, load balancing, and disaster recovery, as well as security processes including vulnerability scans, intrusion detection (ID) and DDoS (distributed denial of service) prevention and mitigation on an as needed, best effort support basis.

    Service Levels

    As a general rule all PNAP CES offerings are designed to be 99.99% available, at a minimum, and offer credit back to Clients whenever our service becomes unavailable outside of an established maintenance window. A service outage, unless described differently in the SOW, is any loss of connectivity to the hosted application or system for more than 15 minutes. Our 100% uptime guarantee does not include management systems, portals, and reporting or billing services. The uptime guarantee includes access to virtual machines process and stored data. It is the Client’s responsibility to request the credit from their assigned PNAP Account Executive for any service outage experienced. In some cases advanced service levels are available to the Client per the specific design and architecture specification in the SOW. PNAP will work in concert with Client on specific requirements not outlined in the implementation SOW or this addendum to ensure value is derived from this engagement.

    Service Delivery

    For the purpose of this section alone “Service Delivery” shall be defined as ability of PNAP to fulfill an initial order for Service based on PNAP’s SOF. Once Service has progressed past installation phase and has been delivered to Client as a working Service this section shall no longer apply. The Service Delivery is dependent on available space, power, hardware and available network connectivity within a given data center. PNAP reserves the right to limit the service delivery to a new Client or expansion of existing Clients based on availability of space, power, hardware, or network connectivity. PNAP also reserves the right to limit Service Delivery in the event that necessary service components including, but not limited to, electrical power, cooling capacity, cabling, rack space, switching/routing/network infrastructure, application software, etc. are either unavailable, unattainable at a reasonable cost to PNAP, or put other Client’s environments at risk of disruption.

  3. SERVICE DESCRIPTIONS

    For all storage services, PNAP defines a terabyte (TB) as 1024 gigabytes (GB).

    Any of the following options may be added, individually, to Client Service for an additional fee:

    Managed Private Cloud

    Managed Private Cloud (MPC) is a dedicated, built to order, infrastructure offering where PNAP’s SOW governs delivery, management, and administrative responsibilities. MPC hardware is owned by PNAP and leased to the Client on a schedule identified in the SOF. At a minimum, PNAP is responsible for managing all systems “beneath the hypervisor”, meaning that PNAP will maintain all components required host operating systems and data. PNAP is not responsible, unless identified in a SOW, for managing Client’s operating systems, applications, data, backups, or disaster recovery.

    Virtual Private Data Center

    Virtual Private Data Center (VPDC) is a multi-tenant, shared infrastructure offering where a PNAP SOW would only govern delivery, management, and administrative responsibilities in unique cases. VPDC hardware is owned by PNAP and Clients are granted access to a specific amount of computing resources. PNAP is responsible for managing all systems “beneath the hypervisor”, meaning that PNAP will maintain all components required host operating systems and data. PNAP is not responsible, unless identified in a SOW, for managing Client’s operating systems, applications, data, backups, or disaster recovery.

    Data Security Cloud

    Data Security Cloud (DSC) is a multi-tenant, shared infrastructure offering where a PNAP SOW would only govern delivery, management, and administrative responsibilities in unique cases. DSC hardware is owned by PNAP and Clients are granted access to a specific amount of computing resources. PNAP is responsible for managing all systems “beneath the hypervisor”, meaning that PNAP will maintain all components required host operating systems and data. PNAP is not responsible, unless identified in a SOW, for managing Client’s operating systems, applications, data, backups, or disaster recovery.

    Backup and Replication Services

    Backup and Replication Services are a multi-tenant, shared data protection offering that provides software, hardware, and connectivity to protect VMs hosted within, and external to, PNAP’s demarcation point. PNAP will manage all hardware and software related to maintaining the service’s availability. In some cases, PNAP will also configure, schedule, and monitor for backups, replication, and completion to ensure success. Client is responsible for communicating requested backup and replication schedule, retry windows, retention periods, and job type during the sales engagement process. Clients may also request changes to any configured setting during the contract period. PNAP will govern all non-default Backup and Replication Service specifics through a SOW. Default backups schedule is one full backup followed by nightly reverse-incremental held for two weeks.

    Disaster Recovery Services

    The Disaster Recovery Service is virtual machine protection offering that facilitates the recovery of “protected” operating systems and data. PNAP will manage all hardware and software related to maintaining the service’s availability. Through a SOW PNAP will configure and manage the protection mechanisms to ensure Client’s virtual machines are replicating between sites. Generally, Client is responsible for initiating recovery events and executing specific configuration (IP address, DNS, etc...) changes necessary to run application in failed over state. PNAP will provide technical assistance and support fail over attempts as defined in the SOW.

  4. Encryption Management Platform

    Encryption Management Platform (EMP) is a cloud security solution provided by phoenixNAP and supported by Fortanix. This Self-Defending Key Management Service (SDKMS) delivers Hardware Security Module (HSM), Key Management, Encryption, and Tokenization for multi-cloud and hybrid environments. The solution provides a centralized way to enforce policies and maintain consistent end to end encryption by encrypting applications and data – at rest, in motion, and in use by leveraging Runtime Encryption technology built upon Intel SGX technology. With SDKMS, one can securely generate, store, and use cryptographic keys and certificates, as well as secrets, such as passwords, API keys and tokens. This service supports all the major key algorithms (AES, RSA, (3)DES, HMAC, ECC) and is a FIPS 140-2 Level 3 certified HSM.

  5. DISCLAIMERS

    No Product Warranty

    PNAP makes no express or implied warranties of product merchantability or fitness for any particular purpose. While all services are designed to be resilient, it is up to the Client to plan for disasters and it is always recommended to keep an off-site backup of critical data in event of critical failure or disaster.

    Notice of Loss

    PNAP is not liable for any loss or corruption of data. Clients are always encouraged to retain a copy of data. In the event of loss or destruction of or damage to Client data, PNAP will provide notification to Client via e-mail to an address provided by the Client. Client must ensure that the e-mail address is valid.

  6. SOFTWARE

    PNAP will provide all software licensing necessary to delivery managed resources to include, but not limited to; VMWare VSPP, Windows SPLA, Veeam Cloud Connect, and Zerto. Any software installable or key to be delivered to the Client will be defined in a subsequent SOW.

  7. RIGHT TO AUDIT

    At times, PNAP may require access to environments, hosted or not, to ensure licensing practices and agreements are being followed. This requirement is to protect both PNAP and the Client from unintentionally breaching 3rd party licensing requirements. PNAP may request auditing access to portals, management infrastructure, monitoring systems, and reporting to verify configurations, licensing counts, and adherence to practices set forth in the SOW. Clients have 10 business days to provide access from the date a request is delivered to the Client’s Program Manager.

  8. MAINTENANCE AND SERVICE MODIFICATIONS

    Technical Reviews

    PNAP engineers will review and approve all architectures and proposed changes for technical accuracy and risk to ensure environment stability. Client may request via email a technical review as part of their monthly support allocation to address any technical subjects.

    Program Reviews

    At the request of either Program Manager, a Program Review (PR) can be scheduled to review SOW performance, areas for improvement, and to address any outstanding programmatic items.

    Service Requests

    PNAP 24x7 NOC and Infrastructure Engineers will respond to all non-emergency service requests according to the below schedule;

    • 1st Response within 30 minutes
    • All requests will be acknowledged by the NOC staff within 30 minutes as verification the issue has been received and is being reviewed. Level 1-2 troubleshooting will commence during this time.

    • 2nd Response within 2 business hours
    • This will be a notification of suggested resolution or escalation. NOC staff will attempt to satisfy the request with available resources, if no resolution is found within 120 minutes the problem will be escalated to the appropriate engineering team for further attention.

    • 3rd Response (Engineering) within 8 business hours
    • Business hours are Sunday through Friday 00:00AM-5:00PM MST

      If non-business hour support is requested, Client must indicate that in the service request and the appropriate escalations will be made. Emergency Service Requests are escalated immediately if the below requirements are met, and will be acted upon ASAP;

    • Emergency Service Request – A request to rectify a deficiency in the operations of an environment or inability to access the contracted service.

    Technical Support

    PNAP’s NOC will provide 24x7 technical support to Client. This support shall include troubleshooting, how-to requests, and fulfill limited operational requests. The NOC will escalate any request that cannot be fulfilled to engineering teams if not able to fulfill request.

    Engineering & Operations Improvement Recommendations

    PNAP will periodically supply a recommendations report to Client with suggested upgrades, changes to architecture, operational suggestions, and capacity expansion requirements. These are suggestions only and may require additional support hours, monetary funds, or changes to the SOW to implement. These recommendations will be justified and formally delivered to Client’s Program Manager for consideration. Additionally, PNAP will not be held responsible adverse outcomes from Client not adopting suggested changes.

    Program & Engineering Support

    PNAP will provide overall design and engineering support to Client. Systems engineering services shall include system design activities, trade-off studies, performance analyses, requirements decomposition, concept of operation, and operations training. In addition, PNAP will support Design Reviews and Technical Interchange Meetings as requested by the Client’s Program Manager.

  9. CHARGES

    The subsections of this section define the recurring and non-recurring charges and fees pursuant to this schedule.

    MONTHLY RECURRING FEES

    The Initial Monthly Recurring Charges are the initial monthly fees charged for this Schedule. This fee may be modified by mutual agreement of Client and Provider based on changes to the initial configurations, covered devices, or other similar environment variables.

    NON-RECURRING SERVICE FEES

    The non-recurring services and fees associated with this Schedule include but are not limited to any Out-of-Scope fees and/or the fees for any associated labor and other services provided under a Statement of Work or for the migration/installation/implementation of Client’s production environment from its current state to Provider’s Cloud/Hosting environment or for other purposes agreed to by Provider and Client, including, but not limited to, those defined in a Statement of Work as one time or non-recurring fees or services whether created at the time of or subsequent to the execution of this agreement.

    Initial Setup Fees

    The initial setup fees and charges for this Schedule are the one-time non-recurring fees associated with the initial setup of Client’s services. This fee may be modified by mutual agreement of Client and Provider based on changes to the initial configurations, scope, covered devices or other similar environment variables. Initial Setup Fees do not include the charges for Data Migration. Data Migration Fees will be specified and covered under a separate Statement of Work or Project.

    The initial setup and other non-recurring fees for setup services provided under this schedule are as follows:

    Non-Recurring Service Non-Recurring Charge
    Initial Setup $ “Amount = 1 non-recurring fees”
    Second NR service, if any $”second NR fee”
    Total Non-Recurring Fees $

  10. UNSUPPORTED SERVICES

    PNAP will not support, as part of the Services provided under this Addendum, any of the following:

    1. Custom programming for any application
    2. Installation of operating systems, databases, or applications not specifically identified in a SOW.
    3. Creation of firewall rules, IDS alerts, Client alarms, or logging, not otherwise contracted under the Security Services offering.
    4. Application configuration or any item not defined as supported under this agreement or a SOW.
    5. Other services/features of a given application as identified by PNAP as unsupportable during or after such application’s installation.
    6. Any workstation, server, or other device located outside of a PNAP Data Center and/or not specifically covered under this Schedule or a SOW.
    7. Maintain any other copy of Client’s data for the purposes of Client restoration or recovery, not otherwise contracted under the Security Services offering.

  11. UNSUPPORTED APPLICATIONS AND HARDWARE

    Applications and Hardware that are considered “End of Life” or “End of Support” (EOL/EOS) are otherwise not supported by the application developer/vendor are out-of-scope under this Addendum, unless specifically identified in a SOW. All EOL/EOS application and hardware supported by a SOW can only be supported as “best-effort” and support cannot be guaranteed.

  12. ONSITE SERVICES

    Onsite services must be executed through remote access and specifically identified in SOW. PNAP must be granted appropriate remote access, appropriate permissions to complete the services, and a physically onsite POC to provide local support.

  13. IN-SCOPE SERVICES

    All items defined as “In-Scope Services” are included in the SOF and SOW unless otherwise noted. All prices are in U.S. dollars and exclude any applicable duties and taxes.

  14. OUT-OF-SCOPE SERVICES

    Out-of-Scope services may be provided at Client’s request and on a per occurrence basis at PNAP’s prevailing labor rates. Unless otherwise defined in the SOW, PNAP’s labor rate is $150/hour. PNAP will provide the Client with an out-of-scope warning and estimate level of efforts (in full hours) that must be accepted in writing before out-of-scope work can begin. All out-of-scope work will be considered best-effort and PNAP will not be held responsible for any issues that arise.

  15. CLIENT PROGRAM MANGERS & POINT OF CONTACTS

    As part of the initial setup and during the onboarding process Client will be required to provide the name of its elected internal Point of Contact (POC) and a Program Manager (PM) as well as backups for each. The Client POC’s individually and together serve as a focal point for all information concerning its service activities. Client Program Managers are the only representatives of the Client who can request service additions, modifications, deletions, or out-of-scope work.

  16. SERVICE ADDITIONS, DELETIONS, OR MODIFICATIONS

    In order to add or delete services from this Schedule, PNAP shall accept either written or electronic authorizations from the Client’s Program Manager. Program Managers must submit the request to their Sales or Account Executive for processing.

  17. EXCLUSIONS

    Services under this Schedule do not include services for problems arising out of: (a) any attempted or actual modification, alteration, or addition of software or hardware undertaken by persons other than PNAP or PNAP’s authorized representatives unless previously approved in writing by PNAP.

    Client, by affixing his/her/their signature hereto, acknowledges that (he/she/they) has\have read the above “Exclusions” and fully understands these terms.

  18. CLIENT RESPONSIBILITIES

    Client shall document and promptly report all errors or malfunctions of a system covered under this agreement to PNAP. PNAP shall provide all necessary spare parts and/or other hardware to maintain equipment owned by it necessary to the fulfillment of any service under this Schedule.

    Client shall not use anything whether tangible or intangible which is appurtenant to and/or provided by this agreement for any unlawful purpose or for any purpose which is prohibited by PNAP’s Network Abuse Policy and/or Acceptable Use Policy as is posted on its website.

  19. STATEMENT OF WORK; RESPONSIBILITY MATRIX

    A Statement of Work (“SOW”) and Responsibility Matrix (“RM”) may be used to specify the specific duties, scope, locations, deliverables, standards, activities, and general requirements for any Cloud or Enterprise Service offered by PNAP to a Client.


  20. v.3; 04052021