SeaWorld Parks & Entertainment
9205 Southpark Center Loop, Suite 400
Orlando, FL 32819
Request for Proposal
Managed Services Solution for
Datacenter Hosting
TABLE OF CONTENTS
1. COMPUTE PLATFORM (WINTEL) ..................................................................................................... 3
2. CURRENT PHYSICAL ENVIRONMENT ............................................................................................. 4
3. CURRENT VIRTUAL ENVIRONMENT................................................................................................ 4
4. NETWORKING AND CONNECTIVITY................................................................................................ 4
5. MANAGED SERVICES........................................................................................................................ 5
6. MESSAGING PLATFORM .................................................................................................................. 5
7. BACKUP & RESTORATION ............................................................................................................... 6
8. DISASTER RECOVERY ...................................................................................................................... 6
9. STORAGE MANAGEMENT ................................................................................................................ 7
10. SHAREPOINT ...................................................................................................................................... 7
11. SAP / LINUX ........................................................................................................................................ 8
12. AS400 / ISERIES ................................................................................................................................. 8
13. PAYMENT CARD NETWORK / PCI.................................................................................................... 9
14. EXCLUSIONS & ASSUMPTIONS ....................................................................................................... 9
SeaWorld Parks & Entertainment Page 2 of 9
Managed Services for Datacenter Hosting RFP
1. Compute Platform (Wintel)
• This is currently a mixture of blade and rack-mount servers, VMware virtualization accounts for
approximately 75% of their environment. Chart A is a complete list of SeaWorld servers, their
platform, primary function and current resource configuration.
• Respondent will provide adequate rack-space, cooling and power to SeaWorld’s systems located
at the respondent’s facility
• SeaWorld has standardized on, and prefers to utilize, the Cisco UCS hardware platform for
servers and compute regardless of blade or rack-mount design
• All hardware being procured shall exceed currently deployed systems in performance, compute,
potential and connectivity capabilities in a cost effective manner, with a minimum specification
of 2CPU, 20 core, 16 GB ram, mirrored hard drive set
• Deployment of Cisco UCS server hardware, creation of service profiles, network and storage
connectivity following best practices of traffic segmentation and isolation
• Management tools to monitor the health of the environment will be required in order to
provide monthly reporting on overall and detailed health of the server environment.
• 24x7 Monitoring of all systems and infrastructure using the same tools across the enterprise,
with alerting and internal escalation procedures
• Migration of all virtual machine hosts to a 2012R2 Hyper-V virtual infrastructure
• Additional virtualization recommendations of physical assets where applicable
• Respondent is responsible for creating a SeaWorld approved master build process that will be
followed on all hardware, based on server purpose
• Respondent will provide deployment of servers in physical / virtual environment using
SeaWorld-approved hardened O/S image based on current security standards and processes
• Respondent will provide full management of the operating system, including troubleshooting,
maintenance, and vendor management for support issues
• Respondent will provide patch management of all Wintel systems located at the facility inclusive
of all security and critical patches within 30 days of release. O-Day patches will be handled on a
case by case basis. BIOS upgrades, firmware, and other hardware based upgrades will be fully
tested and signed off on by SeaWorld before release
• Respondent will follow best practices in utilizing virtual environments, ( i.e. two nodes of virtual
cluster not residing on same host )
• Respondent will provide ongoing improvements in system health and deployment through
cohesive monitoring and proactive improvements. (i.e. adding ram to a server when monitoring
and investigation reveal that it is required )
• Respondent will provide upgrades of management tools in relation to monitoring / management
of UCS infrastructure after thorough evaluation
• Respondent will provide diagnostic services of suspected hardware, and replacement of faulty /
failed components within their facility when required
• Requests for compute infrastructure should be completed in no less than 48 hours for virtual
servers, 72 hours for physical servers upon receipt of hardware
SeaWorld Parks & Entertainment Page 3 of 9
Managed Services for Datacenter Hosting RFP
2. Current Physical Environment
• See spreadsheet (Tab #1) in attachment to Section 2.1 of the RFP.
3. Current Virtual Environment
• See spreadsheet (Tab #2) in attachment to Section 2.1 of the RFP.
4. Networking and Connectivity
• SeaWorld has standardized on, and prefers to utilize, the Cisco networking platform for all
connectivity needs
• All network design shall follow best practices and policies
• SeaWorld requires minimum 10 GB connectivity capabilities throughout the network and all
connected devices
• Design and deploy all networking according to industry standards/best practices for Datacenter
high speed Spine and Leaf fabrics
• Implement 40 GB backbone utilizing Nexus 9K switches in ACI mode
• Implement 10 GB access layer connectivity
• Utilize whitelist model and build appropriate application profiles for communication between
servers on an as needed basis.
• Implement top of rack switches with adequate uplink speed for traffic utilization from servers
and storage arrays
• Maintain no more than a 4:1 oversubscription ratio
• Implement any additional networking equipment necessary to meet objective
• Manage all end point routers and switches
• Semi-annual evaluation of all code running on all networking gear
• Monitor firmware versions for vulnerabilities and remediate within 14 days for high risk and 30
days for all other
• Installation of UCS fabric interconnects and all cabling required for UCS installation
• Implement fully redundant connections to end host and implement network interface
teaming/load balancing where appropriate
• Maintain 99.999% uptime over agreed upon terms
• Respondent must provide local NTP time services sourced from industry recognized public
source
• Network load balancing will be required for multiple server farms, including:
o PCN Web Farm
o PCN App Farm
o Mission-Critical Web Farm
o Mission-Critical App Farm
o Business Support Web Farm
SeaWorld Parks & Entertainment Page 4 of 9
Managed Services for Datacenter Hosting RFP
• Internet Access
o Provide controlled Internet access for all authorized computer users within SEA.
• WAN Management
o Vendor will need to manage the WAN connectivity to all SEA locations, up to and
including the WAN router at each site. Any network equipment at remote sites beyond
the WAN router will be managed by SEA.
• Refer to the third tab of the “Physical and Virtual Environments” spreadsheet for a listing of
current network equipment in use.
5. Managed Services
• Maintain English language Service Desk operation to be available 24x7, 365 days per year
• IT Service Management system used by the vendor must interface with SEA's instance of
ServiceNow to allow SEA personnel to have visibility to all incident and change tickets being
worked on SEA's behalf. It would also allow a ticket that was initially opened for an application
outage to be transferred to the vendor if appropriate (or vice versa).
• Execute checks and audits on a quarterly basis to verify that Service Desk personnel are
complying with processes and procedures.
• Respondent must offer a system health panel dashboard with access to site metrics and
performance monitors.
• Issues deemed high-severity will have team assembled representing each discipline on
conference calls within 10 minutes
• A detailed root cause analysis must be provided within five days, for incidents which have
impacted the business
• All maintenance and changes will be performed in compliance with SeaWorld’s change
management process
6. Messaging Platform
• Securely manage SeaWorld’s Microsoft Exchange environment using Microsoft best practices
o In excess of 7,500 mailboxes
o Administration of Active-Sync and Outlook Web Access
• Respondent will handle creation of all new email account requests from SeaWorld
• Proactive optimization to SeaWorld’s messaging environment
• Provide day-to-day maintenance, backups, and mailbox restores, when needed
• Provide legal-hold assistance, and isolation of held mailboxes where required
• Upgrade current Exchange 2010 platform to 2013 / 2016 version
• Maintain and manage SeaWorld’s inter-office messaging system, currently Microsoft Office
Communicator & Microsoft Lync
• Support and maintain collaborative services for external Lync / Skype for business with external
participants
SeaWorld Parks & Entertainment Page 5 of 9
Managed Services for Datacenter Hosting RFP
7. Backup & Restoration
• SeaWorld has been utilizing Symantec NetBackup for backup and recovery of SeaWorld’s server
infrastructure in a disk-disk-tape-offsite methodology. This limits the timeframe of readily
available backup data SeaWorld has available for restore processes both as an entire system
restore, or individual file data recovery.
• SeaWorld is requiring a disk-disk backup solution for all SeaWorld systems being no less than
95% tapeless while adhering to the published SeaWorld retention policies, which are 35 days
retention, 13 monthly for specified SQL data backups
• Any data retention that still requires to be on tape will be kept in a secure off site location with a
documented ownership trail
• Include off-site data replication to be utilized in the event of an activation of the disaster
recovery site.
• SeaWorld will have a input as to the recommended technology proposed to be put in place to
accomplish the stated requirements
• Quarterly testing of a random selection of systems (approximately 10) for test restores will be
performed
• Monthly reporting of all backups and off-site replication are in scope for this requirement, and
are to be produced for compliance audits on a regular basis
8. Disaster Recovery
• SeaWorld has been utilizing Sun Guard for its disaster recovery needs, with a 72 hour RTO based
upon a tape backup and restoration methodology. While sufficient in the past, this no longer
meets our business needs for return to operation, or emerging best practice business continuity
requirements.
• RPO for all system recoveries will be quantified by system type, with the critical tier 1 & 2
systems not to exceed one hour of potential data loss
o Servers to be included in the disaster recovery plan are identified on Tab #1 and Tab #2
of the server identification list, with a Tier 1 and Tier 2 identification
• Less than six (6) hour RTO from the declaration of disaster for all tier 1 systems that are
currently part of the disaster recovery plan
• Less than twelve (12) hour RTO from the declaration of disaster for all remaining systems within
scope for disaster recovery
• Maintain off-site secondary Exchange environment for disaster recovery. Utilize the latest
replication topologies and methodologies to ensure that potential data loss is minimal. Adhere
with published disaster recovery business needs.
• Exchange environment recovery is required to be a less than one (1) hour RTO
• Monitoring and environment administrative systems required to be a less than one (1) hour RTO
• Remote connectivity systems, i.e. Checkpoint VPN, required to be a less than one (1) hour RTO
• QA & Dev systems are not included in scope for DR
SeaWorld Parks & Entertainment Page 6 of 9
Managed Services for Datacenter Hosting RFP
• A disaster recovery site that will be the replication destination of all systems and data from the
primary production site, with the most minimal data loss possible, in the event the warm site
needs to be activated to meet our RPO and RTO objectives
• The disaster recovery site will be able to run all production systems in the event of a disaster,
meeting the time requirements above
• Respondent will perform annual testing of the disaster recovery site, and be responsible to
develop a DR recovery plan
• Monitoring of all data replication, and the health of the disaster recovery site in the same
manner as the primary production site, with monthly reporting provided to SeaWorld
management including when in standby mode.
• SeaWorld will continue to be the primary stake holder in the decision making process for
declaring a disaster, and the subsequent activation of the disaster recovery site. Exception to
this would be physical location damage that renders the primary location unavailable, or
otherwise unusable.
• The SAP and AS400 environments are both part of the DR set.
9. Storage Management
• SeaWorld has standardized on the EMC VNX storage platform, in addition to Data Domain and
EMC Recoverpoint, with a preference to remain on this platform
• Respondent will be required to manage, monitor, maintain, and upgrade the storage arrays
• Create connection points to compute platform via creation of LUNS, CIFS, or volumes
• Monthly reporting of storage performance and capacity usage will be required to be provided
• Monthly forecasting of storage usage increase / decrease with recommendations to maintain
peak performance value to SeaWorld
• Semi-annual review of the state of the storage environment to allow for proper budgetary
planning
• Maintain current levels of disk firmware, and operating system after thorough research and
planning, while working with the business units impacted by possible outages and required
testing
• Respondent will be responsible for ensuring service tickets and hardware replacements for
failed equipment are created and hardware replaced in a timely fashion
10. SharePoint
• Manage and support SeaWorld’s SharePoint environment in accordance to Microsoft best
practices
• Upgrade and / or migrate to SharePoint 2016 in a safe and consistent manner after version
validation testing.
• Support all business functionality required, including but not limited to add-on infrastructure
services: Excel services, OneNote, Info Path, search, caching, sandboxing, etc.
SeaWorld Parks & Entertainment Page 7 of 9
Managed Services for Datacenter Hosting RFP
11. SAP / Linux
• Manage and support SeaWorld’s SAP environment
• Migrate the SAP application environment from physical Sun Solaris & Unix platform to a
VMware based Linux installation
o Include a proposal as to the VMware platform infrastructure requirements needed to
perform this task
• Maintain, support, and provide ownership of SeaWorld’s SAP application environment, including
upgrades, application changes, support, enhancements, and performance / stability
recommendations. This can be in the form of staff-augmentation on-site, or other method as
proposed by respondent
• Manage, patch, & update the Linux servers that the new SAP environment will be based upon
• Manage, monitor, and maintain Linux servers located at each of SeaWorld’s locations. This
includes O/S upgrades, patches, and general health checks
• Review and remediate any issues with the Linux operating systems
• Review and remediate any issues with the SAP application
• Make required changes to the SAP application as requested by SeaWorld
• Recommend and perform application upgrades after testing and approval process
• Recommend & perform operating system upgrades after thorough testing and SeaWorld
approval
• This environment is part of the DR (disaster recovery) set.
• As part of the transition costs, include installation of enhancement pack 7.
12. AS400 / iSeries
• Manage and support SeaWorld’s AS400 environment.
• Based on the following specifications, provide a current generation replacement for, and
manage the operation of SeaWorld’s iSeries AS400. This includes, OS upgrades, backups, and
patches for the operating system when released and validated.
o This is a 3rd party vendor supported application, and the respondent will only be
responsible for the operation of the AS400 and the operating system, not the
application residing on it.
• IBM Power 6 System
o Type 8203
o Model E4A-5587
o 64gb ram
o 2 cpu 4.1ghz processor
• IBM HMC Console
o Type 7042
o Model L4U
• IBM TS3200 Tape Library
SeaWorld Parks & Entertainment Page 8 of 9
Managed Services for Datacenter Hosting RFP
o Type 3573
o Model CR5, with 3 Ultrium Tape Drives (currently Ultrium 4 ULT3580)
• This environment is part of the DR (disaster recovery) set.
13. Payment Card Network / PCI
SeaWorld Parks & Entertainment is a PCI Level 1 Merchant and receives a Report of Compliance
(ROC) on the anniversary each year. As part of the recertification process, SEA will have an on-
site assessment to maintain compliance. The hosting facility will be required to satisfy PCI
requirements with regards to physical security, network security, data security and policy and
process.
To achieve compliance, SEA implemented an environment, referred to as the Corporate
Payment Card Network (PCN) to isolate servers/applications/databases that process and/or
store credit. SEA also implemented network segmentation in all parks to separate network
traffic required for processing credit transactions. SEA also implemented Tokenization
technology to minimize where card holder data is stored. These systems will be part of the
move to the vendor’s datacenter.
14. Exclusions & Assumptions
14.1 Exclusions
14.1.1 Park Infrastructure and Systems
All systems that reside at the parks behind the WAN routers are not part of this RFP.
14.1.2 Active Directory Support and Maintenance
Active Directory servers will be located in the vendor’s datacenter. The vendor will need
to provide support for the hardware only, SEA will support / manage Active Directory and
the operating system itself.
14.2 Assumptions
• Current Windows server hardware will not be moved. Vendor will provide Windows Servers
for the corporate hosting environment and the PCN environment. We anticipate extensively
leveraging virtualization capabilities. Vendor will present proposal for relocating / migrating
SAP hardware. Vendor will follow all SEA Security Policies, processes, and procedures
• Vendor will comply with all requests for information and site visits required to maintain PCI
compliance
SeaWorld Parks & Entertainment Page 9 of 9
Managed Services for Datacenter Hosting RFP
DR PHYSICAL Phys or VM? # CPUs RAM Storage Purpose / Application
Physical 48 2,227.80 DEV SQL Server
Y‐Tier 1 OS Physical 2 48 809.2 DEV SQL Server
Y‐Tier 1 Windows Server 2008 R2 Enterprise Physical 2 256 Local & SAN ESX Server
Windows Server 2012 R2 Standard Physical 4 128 Local & SAN ESX Server
Y‐Tier 1 Vmware 5.1 Physical 4 256 Local & SAN ESX Server
Vmware 5.1 Physical 4 128 Local & SAN ESX Server
Y‐Tier 1 Vmware 5.1 Physical 4 256 Local & SAN ESX Server
Y‐Tier 1 Vmware 5.1 Physical 4 128 Local & SAN ESX Server
Vmware 5.1 Physical 4 256 Local & SAN ESX Server
Y‐Tier 1 Vmware 5.1 Physical 4 256 Local & SAN ESX Server
Y‐Tier 1 Vmware 5.1 Physical 4 256 Local & SAN ESX Server
Y‐Tier 1 Vmware 5.1 Physical 4 256 Local & SAN ESX Server
Vmware 5.1 Physical 4 128 Local & SAN ESX Server
Y‐Tier 2 Vmware 5.1 Physical 4 128 Local & SAN ESX Server
Y‐Tier 2 Vmware 5.1 Physical 4 128 Local & SAN ESX Server
Vmware 5.1 Physical 4 12 61.4 Domain Controller
Y‐Tier 1 Vmware 5.1 Physical 2 12 53.2 Domain Controller
Y‐Tier 1 Windows Server 2008 R2 Standard Physical 2 0 Sharepoint Administration Server
Y‐Tier 1 Windows Server 2008 R2 Standard Physical 0 48 143.1 Net Backup Media Server 1
Y‐Tier 1 Windows Server 2008 R2 Standard Physical 2 48 104.2 Net Backup Media Server 2
Y‐Tier 1 Windows Server 2008 R2 Enterprise Physical 2 96 1,374.20 Hyper‐V Host for ECW Platform
Y‐Tier 1 Windows Server 2008 R2 Enterprise Physical 2 96 1,347.00 Hyper‐V Host for ECW Platform
Y‐Tier 1 Windows Server 2012 Standard Physical 2 96 1,346.50 Hyper‐V Host for ECW Platform
Y‐Tier 1 Windows Server 2012 Standard Physical 2 48 282.7 Net Backup Server1
Windows Server 2012 Standard Physical 2 96 187.9 Net Backup Server2
Y‐Tier 1 Windows Server 2008 R2 Enterprise Physical 2 96 198 Net Backup Server3
Y‐Tier 1 Windows Server 2008 R2 Enterprise Physical 2 16 104.1 Kronos Application Server 1
Y‐Tier 1 Windows Server 2008 R2 Enterprise Physical 2 16 65.4 Kronos Application Server 2
Y‐Tier 1 Windows Server 2008 R2 Standard Physical 2 16 107.5 Kronos Central Comm Server
Windows Server 2008 R2 Standard Physical 2 12 187.2 My Micros Posting Server
Windows Server 2008 R2 Standard Physical 2 12 61.1 My Micros Portal Server
Windows Server 2008 R2 Standard Physical 2 128 94.7 Business Objects App Server
Windows Server 2008 R2 Standard Physical 2 128 94.2 Business Objects App Server
Windows Server 2012 R2 Standard Physical 2 128 94.9 Business Objects App Server
Windows Server 2012 R2 Standard Physical 2 32 17.5 My Micros App Server 1
Windows Server® 2008 Standard Physical 2 32 17.5 My Micros App Server 2
Windows Server 2012 R2 Standard Physical 2 32 18.3 Omnico Matra
Windows Server 2012 R2 Standard Physical 2 32 17.6 Omnico Matra
Windows Server 2012 R2 Standard Physical 2 48 2,320.90 Exchange Server
Windows Server 2012 R2 Standard Physical 2 48 4,088.00 Exchange Server
Windows Server 2008 R2 Enterprise Physical 2 48 4,561.30 Exchange Server
Windows Server 2008 R2 Enterprise Physical 2 72 3,495.00 Exchange Server
Windows Server 2008 R2 Enterprise Physical 2 12 109.8 Exchange Server
Windows Server 2008 R2 Enterprise Physical 1 12 75.9 Exchange Server
Windows Server 2008 R2 Standard Physical 1 12 78.7 Exchange Server
Windows Server 2008 R2 Standard Physical 1 12 60.8 Exchange Server
Windows Server 2008 R2 Standard Physical 1 8 36.1 FTC Automation Server
Windows Server 2008 R2 Standard Physical 1 8 34.8 FTC Automation Server
Windows Server 2008 R2 Enterprise Physical 1 24 148.4 CA Wiley Application Server
Windows Server 2008 R2 Enterprise Physical 2 48 494.4 SCCM‐SCOM_McAffee DB / Infrastructure
Windows Server 2008 R2 Standard Physical 2 48 457.5 SCCM‐SCOM_McAffee DB / Infrastructure
Windows Server 2008 R2 Enterprise Physical 2 128 2,133.70 SQL Monitoring Server‐‐‐‐‐4 CPU
Windows Server 2008 R2 Enterprise Physical 4 128 933.6 SQL 400 Cluster Node‐‐‐‐‐‐‐4 CPU
Windows Server 2008 R2 Enterprise Physical 4 128 64.1 SQL 400 Cluster Node‐‐‐‐‐‐‐4 CPU
Windows Server 2008 R2 Enterprise Physical 4 128 2,895.90 SQL 100 Cluster Node‐‐‐‐‐‐‐4 CPU
Windows Server 2008 R2 Enterprise Physical 4 128 82 SQL 100 Cluster Node‐‐‐‐‐‐‐4 CPU
Windows Server 2008 R2 Enterprise Physical 4 48 721.6 SQL Server ‐ Option to Buy
Windows Server 2008 R2 Enterprise Physical 2 24 101.7 Share Point SQL Server Node
Windows Server 2008 R2 Standard Physical 2 24 899.4 Share Point SQL Server Node
Windows Server 2008 R2 Enterprise Physical 2 12 541.9 SQL Performance Analysis
Windows Server 2008 R2 Enterprise Physical 2 12 64.2 Wiley MOM SQL Server
Windows Server 2008 R2 Enterprise Physical 2 64 411.7 Kronos ‐ SQL Server
Windows Server 2008 R2 Standard Physical 2 64 150.7 Kronos ‐ SQL Server
Windows Server 2008 R2 Enterprise Physical 2 64 743 Xcenter ‐ SQL Server
Windows Server 2008 R2 Enterprise Physical 2 12 114.1 EARS SQL Server
Windows Server 2008 R2 Enterprise Physical 2 12 204.5 SQL Server ‐ Credit Recon
Windows Server 2008 R2 Standard 2
Windows Server 2008 R2 Standard
Y‐Tier 2 Windows Server 2008 R2 Enterprise Physical 2 12 112.5 SQL Server ‐ NetKey
Y‐Tier 1 Windows Server 2008 R2 Enterprise Physical 4 128 600.6 XBR/MyMicros/Icare/Simphony SQL‐‐4 CPU
Windows Server 2008 R2 Enterprise Physical 4 128 432.4 XBR/MyMicros/Icare/Simphony SQL‐‐4 CPU
Y‐Tier 1 Windows Server 2008 R2 Standard Physical 2 32 105.3 SSIS / Job Server SQL Server
Windows Server 2012 Standard Physical 4 511.984375 3,956.60 Data Warehouse SQL Server ‐‐‐‐‐4CPU
Windows Server 2012 Standard Physical 4 511.984375 5,275.50 Data Warehouse SQL Server‐‐‐‐‐4 CPU
Windows Server 2012 Standard Physical 2 64 143.5 SQL Server
Windows Server 2012 Standard Physical 2 64 55.1 SQL Server
Windows Server 2008 R2 Enterprise Physical 0 0 Delphi Server
Vmware 5.1 Physical 4 128 Local & SAN ESX Server
Vmware 5.1 Physical 4 128 Local & SAN ESX Server
Vmware 5.1 Physical 4 128 Local & SAN ESX Server
Windows Server 2008 R2 Standard Physical 2 48 269.1 WSUS Update Server
Windows Server 2008 R2 Standard Physical 2 12 174.8 QA TMM Server
Windows Server 2008 R2 Standard Physical 2 12 50.6 QA TMM Server
Windows Server 2008 R2 Standard Physical 2 48 469.4 QA SQL Server
Windows Server 2008 R2 Enterprise Physical 2 24 394.4 QA SQL Server
Windows Server 2008 R2 Enterprise Physical 1 8 33.7 Test SQL Server
Windows Server 2008 R2 Enterprise Physical 4 96 127.2 Test SQL Server
Windows Server 2008 R2 Enterprise Physical 4 96 3,185.10 Test SQL Server
Windows Server 2008 R2 Enterprise Physical 2 48 1,727.90 DEV SQL Server
Windows Server 2012 R2 Standard Physical 2 48 429.8 Test SQL Server
Windows Server 2008 R2 Enterprise Physical 2 24 76.6 Test SQL Server
Windows Server 2008 R2 Enterprise Physical 2 48 435.8 Test SQL Server
Windows Server 2008 R2 Standard Physical 2 12 96.1 VMWare Vcenter Server
Windows Server 2003 Physical 4 4 124.6 Test Micros Server
Windows Server 2003 Physical 16 12 74.8 Alliance Ticketing Server
Windows Server 2003 Physical 0 0 Test KIOSK server
Windows Server 2008 R2 Enterprise Physical 2 96 90 System Center App Server
Windows Server 2008 R2 Enterprise Physical 2 96 90 System Center App Server
Windows Server 2012 R2 Standard Physical 2 128 100 Generic Application Server
Windows Server 2012 R2 Standard Physical 2 128 90 Generic Application Server
DR VIRTUAL Phys or VM? # CPUs RAM Storage Purpose / Application
Virtual 4 43.3 Test Generic Application Server
Y‐Tier 2 OS Virtual 1 3.109375 67.1 Delphi Web Server
Windows Server 2008 R2 Standard Virtual 2 2 16.2 Test Delphi Web Server
Y‐Tier 2 Windows Server 2003 Virtual 1 4 70.1 DEV Generic Application Server
Windows Server 2003 Virtual 2 4 14.4 DEV Generic Application Server
Y‐Tier 2 Windows Server 2008 R2 Standard Virtual 2 4 22.1 DEV Generic Application Server
Y‐Tier 2 Windows Server 2012 R2 Standard Virtual 2 8 44.2 DEV Generic Application Server
Y‐Tier 1 Windows Server 2012 Standard Virtual 4 4 56.4 DEV SQL Server
Y‐Tier 1 Windows Server 2008 R2 Standard Virtual 2 8 44.8 DEV Web Server
Windows Server 2008 R2 Standard Virtual 4 4 33.6 Domain Controller
Windows Server 2008 R2 Standard Virtual 2 4 25.6 ADFS for Azure
Windows Server 2008 R2 Standard Virtual 2 4 49.6 ADFS for Azure
Windows Server 2008 R2 Standard Virtual 2 8 47 FTC Jump Server
Windows Server 2008 R2 Standard Virtual 2 16 22.3 Tripwire App Server
Windows Server 2012 R2 Standard Virtual 4 10 199.8 SharePoint Admin Jump Server
Windows Server 2012 R2 Standard Virtual 2 2 36.2 Forefront TMG Manager
Windows Server 2008 R2 Standard Virtual 2 10 100.4 SharePoint Admin Server
Windows Server 2008 R2 Standard Virtual 4 8 125.1 SharePoint 2010 Server
Windows Server 2008 R2 Standard Virtual 2 4 27.4 McAffee EPO Server
Windows Server 2008 R2 Standard Virtual 2 8 162.1 FTC Jump Server
Windows Server 2008 R2 Standard Virtual 1 8 236.1 SAP Administration
Windows Server 2008 R2 Standard Virtual 1 4 62.7 FTC Jump Server
Windows Server 2008 R2 Standard Virtual 1 4 114.4 Monitoring Tools Server
Windows Server 2008 R2 Standard Virtual 2 4 44.8 SAP Administration
Windows Server 2008 R2 Standard Virtual 2 4 16.7 Citrix Reciever Server
Windows Server 2008 R2 Enterprise Virtual 2 4 20.7 ASA 400 Jump Server
Windows Server 2012 R2 Standard Virtual 2 8 20.9 BI FTP Server
Windows Server 2012 R2 Standard Virtual 2 8 43.4 Batch Process Server
Windows Server 2012 R2 Standard Virtual 2 4 36.2 Repli‐Web
Windows Server 2008 R2 Standard Virtual 1 4 44.6 H‐P Bios Tools Mgmt Server / NPS Config
Windows Server 2008 R2 Standard Virtual 2 4 20.6 Generic Application Server
Windows Server 2008 R2 Standard Virtual 2 4 20.6 Generic Application Server
Windows Server 2012 R2 Datacenter Virtual 2 4 37.7 H‐P Bios Tools Mgmt Server / NPS Config
Windows Server 2012 R2 Datacenter Virtual 1 4 37 Perspective Application
Windows Server 2008 R2 Standard Virtual 2 4 27.5 NetKey Application
Windows Server 2008 R2 Standard Virtual 2 8 74.6 CA Workload Automation ‐ Autosys
Windows Server 2003 Virtual 2 8 33.2 CA Embedded Entitlement Manager
Windows Server 2008 R2 Standard Virtual 2 8 99 Team Foundation Server
Windows Server 2008 R2 Standard Virtual 2 8 295.6 Team Foundation Server
Windows Server 2008 R2 Standard Virtual 2 4 30.8 Credit Recon App Server
Windows Server 2008 R2 Enterprise Virtual 2 16 30.9 XBR App Server
Windows Server 2008 R2 Standard Virtual 4 16 33.8 XBR App Server
Windows Server 2008 R2 Standard Virtual 4 4 80.2 XBR App Server
Windows Server 2008 R2 Standard Virtual 1 12 46.4 Business Objects TMP Server
Windows Server 2008 R2 Standard Virtual 4 12 38.3 Business Objects TMP Server
Windows Server 2008 R2 Standard Virtual 4 12 37 Business Objects TMP Server
Windows Server 2008 R2 Standard Virtual 4 1.9921875 33.9 FTPS Server for non‐PCN MPR
Windows Server 2008 R2 Standard Virtual 1 2 29.4 Taxware App Update Server
Windows Server 2008 R2 Standard Virtual 1 8 31.7 Micros iCare App Server
Windows Server 2008 R2 Standard Virtual 2 4 29.4 Micros iCare App Server
Windows Server 2008 R2 Standard Virtual 2 4 48.4 DNA Fusion App Server
Windows Server 2008 R2 Standard Virtual 2 4 35.7 CA Workload Automation ‐ Autosys
Windows Server 2008 R2 Standard Virtual 2 4 22.1 MQ App Server
Windows Server® 2008 Standard Virtual 2 4 19.5 CIP Service Center
Windows Server 2012 R2 Standard Virtual 2 4 20 SAP Nlink Warehouse Inventory Server
Windows Server 2012 Standard Virtual 2 8 34 E‐Clinical App
Windows Server 2012 Standard Virtual 1 8 31.4 E‐Clinical App
Windows Server 2008 R2 Standard Virtual 1 4 41.1 SQL Server ‐ Delphi
Windows Server 2008 R2 Standard Virtual 2 4 26.9 FTC Jump Server
Windows Server 2008 R2 Standard Virtual 2 2 14.9 WodApp 2012R2
Windows Server 2008 R2 Standard Virtual 2 2 15 WodApp 2012R2
Windows Server 2012 R2 Standard Virtual 2 4 18.1 NetKey Application
Windows Server 2012 R2 Standard Virtual 2 4 21.9 Generic Application Server
Windows Server 2012 R2 Standard Virtual 2 12 13.7 InfoPath Application Server
Windows Server 2008 R2 Standard Virtual 2 12 49.7 WodApp 2012R2
Windows Server 2012 R2 Standard Virtual 2 12 40.2 WodApp 2012R2
Windows Server 2012 R2 Standard Virtual 2 16 18.4 Introscope Application Server
Windows Server 2012 R2 Standard Virtual 2 8 67.9 E‐Clinical App
Windows Server 2012 R2 Standard Virtual 1 8 49.7 E‐Clinical App
Windows Server 2012 Standard Virtual 1 8 49 E‐Clinical App
Windows Server 2012 Standard 1
Windows Server 2012 Standard
Y‐Tier 1 Windows Server 2012 Standard Virtual 1 8 54.1 Zoological App Server
Y‐Tier 1 Windows Server 2012 Standard Virtual 1 4 28.6 Zoological App Server
Y‐Tier 1 Windows Server 2012 Standard Virtual 1 4 28 Zoological App Server
Y‐Tier 1 Windows Server 2012 Standard Virtual 1 8 35.1 Zoological App Server
Y‐Tier 1 Windows Server 2012 Standard Virtual 1 8 30.4 Zoological App Server
Y‐Tier 1 Windows Server 2008 R2 Standard Virtual 1 4 18.7 Zoological App Server
Y‐Tier 1 Windows Server 2008 R2 Standard Virtual 1 4 15.1 Zoological App Server
Windows Server 2012 R2 Standard Virtual 4 4 27.7 SQL Server ‐ Clarity
Y‐Tier 2 Windows Server 2008 R2 Standard Virtual 2 8 26.5 FTC Jump Server
Y‐Tier 2 Windows Server 2008 R2 Standard Virtual 2 8 26.7 FTC Jump Server
Windows Server 2012 R2 Standard Virtual 2 8 31.4 Omnico Matra
Y‐Tier 1 Windows Server 2012 R2 Standard Virtual 2 6 13.3 Red‐Rock App Server
Y‐Tier 1 Windows Server 2012 R2 Standard Virtual 2 6 13.1 Red‐Rock App Server
Y‐Tier 1 Windows Server 2008 R2 Standard Virtual 4 8 32.9 WOD‐App
Y‐Tier 2 Windows Server 2008 R2 Standard Virtual 4 8 32.3 WOD‐App
Windows Server 2008 R2 Standard Virtual 4 8 30.3 WOD‐App
Y‐Tier 2 Windows Server 2008 R2 Standard Virtual 4 8 31.1 WOD‐App
Windows Server 2012 R2 Standard Virtual 2 8 12.8 WOD‐App 2012R2
Windows Server 2012 R2 Standard Virtual 2 8 12.9 WOD‐App 2012R2
Windows Server 2008 R2 Standard Virtual 2 6 131 Exchange Messaging Server
Windows Server® 2008 Standard Virtual 1 4 50.5 Microsoft OCS Server 2007
Windows Server 2008 R2 Standard Virtual 1 4 63.4 Blackberry BES Server
Windows Server 2008 R2 Standard Virtual 1 4 43.2 Blackberry BES Server
Windows Server 2012 R2 Standard Virtual 4 16 46.2 Lync Frontend Server
Windows Server 2008 R2 Standard Virtual 4 4 39.8 FTC Jump Server
Windows Server® 2008 Standard Virtual 1 4 36.2 H‐P Quality Center Server
Windows Server 2008 R2 Standard Virtual 4 8 65.4 Provance
Windows Server 2008 R2 Standard Virtual 4 12 42.5 SQL Server 2008 / R2 / 2012 Tools
Windows Server 2008 R2 Standard Virtual 2 4 43 CA Autosys
Windows Server 2008 R2 Standard Virtual 2 8 39.4 CA Autosys
Windows Server 2008 R2 Standard Virtual 4 8 55.7 McAffee EPO Console Server
Windows Server 2008 R2 Standard Virtual 1 4 63.2 SCCM 2007
Windows Server 2008 R2 Standard Virtual 2 8 170.7 CA Wiley Application Server
Windows Server 2008 R2 Standard Virtual 2 8 169.2 CA Wiley Application Server
Windows Server 2008 R2 Standard Virtual 2 8 113.7 CA Wiley Application Server
Windows Server 2008 R2 Standard Virtual 2 8 120.7 CA Wiley Application Server
Windows Server 2008 R2 Standard Virtual 2 6 71.2 MDM‐Airwatch Server 1
Windows Server 2008 R2 Standard Virtual 2 6 57.2 MDM‐Airwatch Server 2
Windows Server 2008 R2 Standard Virtual 2 4 40.6 MDM‐Airwatch Server 3
Windows Server 2008 R2 Standard Virtual 2 4 39.5 MDM‐Airwatch Server 4
Windows Server 2008 R2 Standard Virtual 1 4 50.7 SQL Server ‐‐ HPQC (old)
Windows Server® 2008 Standard Virtual 1 4 38.8
Windows Server 2012 R2 Standard Virtual 4 12 79.6 SQL Server
Windows Server 2008 R2 Standard Virtual 1 4 91.9 SQL Server
Windows Server 2012 R2 Standard Virtual 2 8 244.8 SQL Server ‐ TFS
Windows Server 2008 R2 Standard Virtual 1 3 66.1 SQL Server ‐Delphi
Windows Server 2008 R2 Standard Virtual 1 2 132.4 SQL Server ‐ Perspective
Windows Server 2008 R2 Standard Virtual 2 12 48.2 SQL Server ‐ SQL Jobs / SSIS
Windows Server 2008 R2 Standard Virtual 1 4 52.5 Citrix Server
Windows Server 2008 R2 Enterprise Virtual 2 4 28.6 Citrix Server
Windows Server 2008 R2 Enterprise Virtual 2 4 30.6 Citrix Server
Windows Server 2008 R2 Enterprise Virtual 2 8 32.2 Citrix Server
Windows Server 2008 R2 Enterprise Virtual 2 8 58.9 Citrix Server
Windows Server 2008 R2 Enterprise Virtual 2 8 52.9 Citrix Server
Windows Server 2008 R2 Enterprise Virtual 2 8 44.9 Citrix Server
Windows Server 2008 R2 Standard Virtual 4 8 33.3 WOD‐Web
Windows Server 2008 R2 Standard Virtual 4 8 31.6 WOD‐Web
Windows Server 2008 R2 Standard Virtual 4 8 33.4 WOD‐Web
Windows Server 2008 R2 Standard Virtual 4 8 31.3 Net I.Q. 7.0 App Server
Windows Server 2008 R2 Standard Virtual 2 4 30.3 EARS Application Server
Windows Server 2008 R2 Standard Virtual 2 4 94 Payment Card Network Server
Windows Server 2008 R2 Standard Virtual 2 4 93 Payment Card Network Server
Windows Server 2008 R2 Standard Virtual 2 4 94 Payment Card Network Server
Windows Server 2008 R2 Standard Virtual 2 4 42 Payment Card Network Server
Windows Server 2008 R2 Standard Virtual 2 4 42 Payment Card Network Server
Windows Server 2008 R2 Standard Virtual 2 4 94 Payment Card Network Server
Windows Server 2008 R2 Standard Virtual 2 4 42 Payment Card Network Server
Windows Server 2008 R2 Standard Virtual 2 4 94 Payment Card Network Server
Windows Server 2008 R2 Standard Virtual 2 4 42 Payment Card Network Server
Windows Server 2008 R2 Standard Virtual 2 4 42 Payment Card Network Server
Windows Server 2008 R2 Standard Virtual 2 4 265 Payment Card Network Server
Windows Server 2008 R2 Standard Virtual 2 4 80 Payment Card Network Server
Windows Server 2008 R2 Standard Virtual 2 4 79 Payment Card Network Server
Y‐Tier 2 Windows Server 2008 R2 Standard Virtual 2 4 71 Payment Card Network Server
Y‐Tier 2 Windows Server 2008 R2 Standard Virtual 2 4 92 Payment Card Network Server
Y‐Tier 2 Windows Server 2008 R2 Standard Virtual 2 4 79 Payment Card Network Server
Y‐Tier 2 Windows Server 2008 R2 Standard Virtual 2 4 53 Payment Card Network Server
Y‐Tier 2 Windows Server 2008 R2 Standard Virtual 2 4 77 Payment Card Network Server
Y‐Tier 2 Windows Server 2008 R2 Standard Virtual 2 4 60 Payment Card Network Server
Y‐Tier 2 Windows Server 2008 R2 Standard Virtual 2 4 169 Payment Card Network Server
Windows Server 2008 R2 Standard Virtual 2 4 54 Payment Card Network Server
Y‐Tier 2 Windows Server 2008 R2 Standard Virtual 2 4 54 Payment Card Network Server
Windows Server 2008 R2 Standard Virtual 2 4 365 Payment Card Network Server
Y‐Tier 1 Windows Server 2008 R2 Standard Virtual 2 4 149 Payment Card Network Server
Y‐Tier 2 Windows Server 2008 R2 Standard Virtual 2 4 80 Payment Card Network Server
Y‐Tier 2 Windows Server 2008 R2 Standard Virtual 2 4 79 Payment Card Network Server
Y‐Tier 2 Windows Server 2008 R2 Standard Virtual 2 4 80 Payment Card Network Server
Y‐Tier 2 Windows Server 2008 R2 Standard Virtual 2 4 191 Payment Card Network Server
Windows Server 2008 R2 Standard Virtual 1 4 34.3 QA Generic Application Server
Windows Server 2008 R2 Standard Virtual 2 10 138.6 QA Generic Application Server
Windows Server 2003 Virtual 2 4 30.4 QA Generic Application Server
Windows Server 2008 R2 Standard Virtual 1 4 43.1 QA Generic Application Server
Windows Server 2008 R2 Standard Virtual 4 16 29.8 QA Generic Application Server
Windows Server 2008 R2 Standard Virtual 4 16 40.1 QA Generic Application Server
Windows Server 2008 R2 Standard Virtual 1 4 37.6 QA Generic Application Server
Windows Server 2008 R2 Standard Virtual 1 4 31.2 QA Generic Application Server
Windows Server 2008 R2 Standard Virtual 2 4 38.2 QA Generic Application Server
Windows Server 2012 R2 Standard Virtual 2 4 15.8 QA Generic Application Server
Windows Server 2012 Standard Virtual 2 4 20.9 QA Generic Application Server
Windows Server 2012 R2 Standard Virtual 2 2 12.8 QA Generic Application Server
Windows Server 2012 R2 Standard Virtual 2 2 15 QA Generic Application Server
Windows Server 2012 R2 Standard Virtual 2 8 18.5 QA Generic Application Server
Windows Server 2012 R2 Standard Virtual 1 2 13.2 QA Generic Application Server
Windows Server 2012 R2 Standard Virtual 1 2 13.1 QA Generic Application Server
Windows Server 2008 R2 Standard Virtual 2 4 39.3 QA Generic Application Server
Windows Server 2008 R2 Standard Virtual 2 8 47.5 QA Generic Application Server
Windows Server 2008 R2 Standard Virtual 2 4 33 QA Generic Application Server
Windows Server 2008 R2 Standard Virtual 2 4 345 Payment Card Network Server
Windows Server 2008 R2 Standard Virtual 2 4 34.7 Test Generic Application Server
Windows Server 2012 Standard Virtual 2 4 18.8 Test Generic Application Server
Windows Server 2012 R2 Standard Virtual 2 32 104.6 Test WOD‐App
Windows Server 2012 Standard Virtual 1 8 137 Test Generic Application Server
Windows Server 2008 R2 Standard Virtual 1 4 26.3 Test Generic Application Server
Windows Server 2008 R2 Standard Virtual 4 8 35.7 Test Generic Application Server
Windows Server 2008 R2 Standard Virtual 4 8 34.5 Test Generic Application Server
Windows Server® 2008 Standard Virtual 1 4 37.6 Test Generic Application Server
Windows Server 2008 R2 Standard Virtual 2 4 56.9 Test SQL Server
Windows Server 2008 R2 Standard Virtual 1 4 44.8 Test SQL Server
Windows Server 2008 R2 Standard Virtual 1 2 122.6 Test SQL Server
Windows Server 2008 R2 Standard Virtual 1 1 60.5 Test SQL Server
Windows Server 2012 Standard Virtual 1 8 135.3 Test SQL Server
Windows Server 2012 R2 Standard Virtual 1 8 31.7 Test Generic Application Server
Windows Server 2008 R2 Standard Virtual 4 8 39.7 Test Generic Application Server
Windows Server 2008 R2 Standard Virtual 4 8 36.9 Test Generic Application Server
Windows Server 2008 R2 Standard Virtual 1 4 43.4 VMWare Vcenter Server (2008R2 ?)
Windows Server 2012 R2 Standard Virtual 1 4 166 Test ‐ SQL Server
Windows Server 2003 Virtual 1 1 35
Windows Server 2008 R2 Enterprise Virtual 2 8 296.2 Test ‐ SQL Server
Windows Server 2003 Virtual 4 4 35.2 STLAPP
Windows Server 2003 Virtual 4 4 25.7 X‐Store
Windows Server 2003 Virtual 4 4 58.1 X‐Store
Windows Server 2003 Virtual 4 4 101.1 Remoteware
Windows Server 2003 Virtual 4 4 20.3 X‐Store
Windows Server 2003 Virtual 1 4 19.8
Windows Server 2003 Virtual 4 4 51.8 WOD‐App
Windows Server 2003 Virtual 1 1 26.1 WOD‐App
Windows Server 2003 Virtual 1 2 22.7 NetKey Application
Windows Server® 2008 Enterprise Virtual 2 4 48.1 EARS Web Server
Windows Server® 2008 Enterprise Virtual 2 4 52.6 Test WOD‐App
Windows Server 2003 Virtual 2 2 27.1 Test WOD‐App
Windows Server 2003 Virtual 1 2 50.3 Test EARS Server
Windows Server® 2008 Enterprise Virtual 2 4 49.5
Windows Server® 2008 Enterprise Virtual 2 4 50.2
Windows Server 2003 Virtual 1 1 19.7
NETWORK EQUIPMENT Model OS
Device Mfg ASR1002 15.0(1)S
Router Cisco ASR1002 15.0(1)S
Router Cisco 15.0(1)M3
Router Cisco 3945 15.0(1)M3
Router Cisco 3945 12.2(33)SXJ3
Switch Cisco WS‐C6509‐E 12.2(33)SXJ3
Switch Cisco WS‐C6509‐E 15.0(2)SE5,
Switch Cisco WS‐C3750G‐48TS‐S 15.0(2)SE5,
Switch Cisco WS‐C3750G‐48TS‐S 12.2(53)SE2
Switch Cisco WS‐C3750G‐48TS‐S 12.2(53)SE2
Switch Cisco WS‐C3750G‐48TS‐S 12.2(53)SE2
Switch Cisco WS‐C3560G‐24TS‐E 12.2(53)SE2
Switch Cisco WS‐C3560G‐24TS 12.2(52)SE
Switch Cisco WS‐C3560E‐48TD‐E 12.2(52)SE
Switch Cisco WS‐C3560E‐48TD‐E 12.2(52)SE
Switch Cisco WS‐C3560E‐48TD‐E 12.2(52)SE
Switch Cisco WS‐C3560E‐48TD‐E 12.2(55)SE4
Switch Cisco WS‐C3750G‐48TS‐E 12.2(55)SE4
Switch Cisco WS‐C3750G‐48TS‐E 12.2(58)SE2
Switch Cisco WS‐C2960S‐24TS‐L 12.2(50)SE1
Switch Cisco WS‐C2960‐24TT‐L 12.2(50)SE1
Switch Cisco WS‐C2960‐24TT‐L 12.2(50)SE5
Switch Cisco WS‐C3550‐24‐SMI 12.2(53)SE1
Switch Cisco WS‐CBS3130G‐S‐F 12.2(53)SE1
Switch Cisco WS‐CBS3130G‐S‐F 12.2(53)SE1
Switch Cisco WS‐CBS3130G‐S‐F 12.2(53)SE1
Switch Cisco WS‐CBS3130G‐S‐F 12.2(53)SE1
Switch Cisco WS‐CBS3130G‐S‐F 12.2(53)SE1
Switch Cisco WS‐CBS3130G‐S‐F 12.2(53)SE1
Switch Cisco WS‐CBS3130G‐S‐F 12.2(53)SE1
Switch Cisco WS‐CBS3130G‐S‐F 12.2(53)SE1
Switch Cisco WS‐CBS3130G‐S‐F 12.2(53)SE1
Switch Cisco WS‐CBS3130G‐S‐F 12.2(53)SE1
Switch Cisco WS‐CBS3130G‐S‐F 12.2(53)SE1
Switch Cisco WS‐CBS3130G‐S‐F 12.2(53)SE1
Switch Cisco WS‐CBS3130G‐S‐F 12.2(53)SE1
Switch Cisco WS‐CBS3130G‐S‐F 12.2(53)SE1
Switch Cisco WS‐CBS3130G‐S‐F 12.2(53)SE1
Switch Cisco WS‐CBS3130G‐S‐F 12.4(17)
Router Cisco 3845
F5 F5 Big‐IP 11.5.1
Load Balancer F5 F5 Big‐IP 11.5.1
Load Balancer F5 F5 Big‐IP 11.5.1
Load Balancer F5 F5 Big‐IP 11.5.1
Load Balancer F5 F5 Big‐IP 11.5.1
Load Balancer
Load Balancer F5 F5 Big‐IP 11.5.1
Load Balancer F5 F5 Big‐IP 11.5.1
Load Balancer F5 F5 Big‐IP 11.5.1
Question # RFP Lot Sub‐Category (if applicable) Addendum #1: Bidders' Clarifying Questions (
1 Data Center Data Center
2 Data Center Data Center Question
3 Data Center Where is the Corporate Data Center currently located?
Platforms Is it correct that the current Corporate Data Center needs to be rehosted
4 Data Center greenfield assets as part of primary scope of managed DC services RFP?
Is it correct that the Corporate Data Center and computer rooms have cur
5 Data Center Cisco UCS platform, while storage is on EMC VNX and Backup on Data Dom
6 Data Center Compute
7 Data Center Current Physical and Virtual Environments Would all virtual hosts need to be moved to Hyper‐V virtualization layer?
8 Data Center Storage and Backup Is it correct that all production servers need to be considered for DR? If s
9 Data Center production and non production instances be provided in the "Current phy
10 Data Center spreadsheet?
11 Data Center Provide the following details on Storage and Backup infrastructure (Site‐w
12 Data Center ‐ Make and model:
13 Data Center ‐ Age details:
‐ Current capacity (in TB):
Backup Describe the backup & retention policy followed. What is the current Back
monthly) ( full or incremental)? What is the retention policy for onsite an
Cloud Does SEA have any instances hosted in public cloud? Is public cloud hostin
Networking and Connectivity It was understood for all Remote Sites that only WAN (routers) managem
Networking and Connectivity
inventory just shows five routers. What is the complete inventory of rem
management?
Is it correct that the WAN management scope includes monitoring of rout
QoS / CoS policies, traffic and route engineering, etc?
Networking and Connectivity It was understood that SEA would like to take SDN path with help of Nexu
Networking and Connectivity
is SEA looking for a full application mode migration when implementing A
Is there any requirement to retain IP schema in Target DCs?
Networking and Connectivity There are 8 F5 BIGIP load balancers in current DC environment; please let
can be forklift in the Target DCs. If yes please share the model numbers.
14 Data Center Networking and Connectivity There are 5 different Farm/Zones are given for which Load balancing is re
App Farm, Mission‐Critical Web Farm, Mission‐Critical App Farm and Bus
15 Data Center Networking and Connectivity from these are there any specific needs for zoning within the Data Center
Militarized and Secure Zones? Please provide details.
16 Managed Security Services Security
17 Managed Security Services Security Is there any centralized voice / video / WLAN equipment at the current da
18 Managed Security Services Security migrated to the new data center? If yes, what is the equipment make / m
19 Managed Security Services Security
20 Managed Security Services Security What is the frequency of the Vulnerability Assessment (VA) and Penetrat
What is the tool used for Vulnerability Assessment (VA)?
What is the total number of application with respect to PCI Scan and Web
Would SeaWorld Prefer Penetration Testing (PT) as a service or tool?
What is the frequency of Penetration Testing envisaged?
Does PT include‐ IP address details? Clarify if these are Internal or Externa
(Managed Data and Security Services)
SEA Response
Florence, Kentucky
from supplier premises, with Yes
rrent compute environment on Compute is 90% Dell, Storage is 2xEMC VNX 5800 & 1XNetApp 3250. Backup is 1xDataDomain 2500 and
main? 1xDataDomain 2200
That is SEA's preference, unless vendor provides valid counter to remain on Vmware. The reason for this preference
so, can the segregation of is that Hyper‐V has met our virtualization requirements, and we have been able to implement and support it at a
ysical and Virtual Environment" lower cost than Vmware. An exception to this would be an vendors (e.g. SAP) who do not support their products
wise): running under Hyper‐V. If you believe Vmware would would provide greater value to SEA, please outline that in the
proposal.
That is already called out in Column A on the server list
2 x VNX5800, 1yr, 130tb; NetApp 3250, 3yr, 50tb
kup frequency (daily, weekly, We retain backups for all servers for five weeks. Monthly backups of production SQL Server databases are retained
nd for offsite vaulting? for 13 months.
We currently run a small number of web sites in a public cloud, but that is outside the scope for this RFP. We expect
to increase our use of the public cloud in the future, but the details around how it would be implemented, and how
ng part of SEA's roadmap? systems would connect back to our existing infrastructure have not been decided.
ment is in scope, but the network
mote site routers in scope of WAN
No remote site network is in scope, only data center
ters, configuring / updating the
Yes
us 9K switches in ACI mode. If so,
ACI, or first in Nx‐OS and then ACI? This would depend upon the level of effort, as well as its impact upon the timeline and migration / setup costs
No requirement
t us know if these Loadbalancer The current hardware is approaching end‐of‐life. To transfer to a new facility, we thought it would be necessary to
have systems ready to operate at the new facility while they are still operating at the existing data center. Our
equired like PCN Web Farm, PCN Ians sguemneprtaiol,n w ise tvhieatw n tehwe enqeuedipsm foern lto wado ubladl abnec aincgq uainrde ds eagnmd eimntpalteiomne inntdeedp aesn pdaerntt olyf othf iesa pcrho joetchte. r. Load balancing in
siness Support Web Farm. Apart our data center is primarily used as a means to provide higher availability of information systems ‐ if one server
r LAN besides the tradition De‐ becomes unavailable, the load balancer would detect this and only send traffic to the remaining systems. We would
also use load balancers when the traffic/load on a system exceeds what could be delivered on a single server.
ata center that needs to be Segmentation would be applied to separate/isolate systems based on the sensitivity of data and trust levels for each
model? zone. We use DMZ segments between the corporate network and external networks (Internet, busines partner,
etc.). We also use internal segements to separate critical systems (e.g. Cardholder Data Network, animal care
systems, etc.).
The primay systems for our enterprise PBX are running in a SEA management facility in Orlando. The systems
covered under this RFP are the failover site. We are running Avaya Communications Manager 6 platform with
duplex core. The system components include: Avaya Session Border Controller (not yet implemented…to occur in
2016 under a separate project), Session Manager, System Manager, CM duplex core, Aura Messaging, Secure Access
Link (SAL), CES One‐X, and G450 gateways.
tion Testing (PT) Services? Current tool is Qualys; assume systems will be scanned monthly, with follow‐up scans until key vulnerabilities have
b scan? been remediated; Penetration Testing is required internal, external, and wireless on an annual basis as well as
following any significant changes ‐ assume penetration tests would be performed twice per year
Assume 40 apps
Our assumption is that penetration tests would be performed by a person ‐ a tool alone would be insufficient
Assume penetration tests are performed twice per year
al? Penetration tests would include internal, external, and wireless
21 Managed Security Services Security Enumerate the network devices for which Penetration Testing (PT) is to b
22 Managed Security Services Security
Please Provide: How many users connect to the environment remotely u
23 Managed Security Services Security
24 Managed Security Services Security Does SeaWorld have any requirement for IPSec VPN? If yes please explain
What is the retention period of the logs, both online and offline?
25 Managed Security Services Security Is there any requirements of Security Audit to be carried out? If yes, pleas
26 Managed Security Services Security the audits.
27 Managed Security Services Web Engineering What will be the frequency of the security audits?
28 Managed Security Services Web Engineering How many internal and external users will access the IAM (identity access
29 Managed Security Services Is there a central authoritative source present for integration with IAM?
Security Number of users for whom the network access control solution is to be de
30 Data Center Messaging & Platform Would SEA be open to exploring the benefits of public cloud?
31 Data Center Workplace Is there any support expected from service provider on mobile devices, ha
mobile device management platforms?
What is the current mechanism of requesting software in SEA's landscape
32 Data Center Workplace to get these installed, or is there a software catalogue or application store
download via self‐service?
33 Data Center DC What is the 'current state' data center lease end date?
34 Data Center Current Physical and Virtual Environments What is the count of servers, as the MSS requirement sheet mentions a to
Physical and Virtual Environments" spreadsheet has only 312 servers liste
35 Data Center Current Physical and Virtual Environments Is there an inventory of servers hosting the SAP environment?
36 Data Center Disaster Recovery What is the location of SunGard DR site?
37 Data Center Storage What is the total capacity of storage, as the "Current Physical and Virtual
shows 65 TB of storage?
38 Data Center Current Physical and Virtual Environments What is the age of inventory including server, storage, backup, network a
39 Data Center Backup Can you describe the backup architecture at the park computer rooms?
40 Data Center Servers Is the supplier expected to price for operating systems?
41 Data Center Disaster Recovery Is there any storage or backup replication in place to SunGard DR site?
42 Data Center SAP / Linux Is it correct that any major upgrade would be considered as a separate pr
separately?
43 Data Center AS400/iSeries It was understood from Section 12 of RFP document "Data Center" that t
44 Data Center AS400/iSeries server P6 520 in the environment. Can you describe the hosting location
45 Data Center AS400/iSeries
46 Data Center AS400/iSeries LPARs with their Roles (PROD/HA/DR/DEV)., which are hosted on this phy
47 Data Center AS400/iSeries What is the the total usable Disk attached with the AS/400 server? Is the
48 Data Center AS400/iSeries
49 Data Center AS400/iSeries SAN based?
50 Data Center AS400/iSeries Is the AS/400 server leased or owned by SEA?
Which OS versions are currently running in each AS/400 LPAR?
Describe the current Disaster Recovery Strategy (e.g.‐ Role‐swap, Save/Re
tests for each critical AS/400 system/LPAR.
Describe the SLAs and RPO / RTO for each AS/400 LPAR.
What YOY growth level (processing/Capacity) is expected in each AS/400
Please share the inventory details of AS400 environment ( Tab named AS4
51 Data Center O365 Is SEA open to move its Messaging and Collaboration (Email/SharePoint/I
(O365)?
52 Data Center Exchange Is any encryption used for emails, such as S/MIME or any third party softw
53 Data Center Exchange Is Lync Enterprise Voice (EV) being used by SeaWorld currently? If yes, ple
54 Data Center Element Monitoring Lync EV environment.
55 Data Center Element Monitoring
Describe the current Monitoring Tools for Databases/Storage and explain
Are any Scripts being used for monitoring and its integrations with Elemen
be done? Penetration testing could occur against any/all devices
using SSL VPN? Approx. 900 users access VPN for remote connectivity. Most connect via IPsec, SSL is available as an option.
n? IPsec VPN is used for connectivity with some business partners; it is also the primary means for remote users to
connect
Online: 90 days; Offine 12 months
se provide the target audience of The internal audit team will conduct a quarterly review of membership in roles with elevated access, user access to
critical applications, access to modify critical applications, segregation of duties, and firewall rules.
s management) solution? Quarterly
eployed? SEA's identity management is still in the design phase at this time
andhelds, smartphones and SEA's identity management is still in the design phase at this time
e? Do users call the service desk We do not currently use a NAC solution
e in place for the users to Yes, where use of public cloud could provide improved agility, responsiveness to variable or termporary workloads,
reduce costs, or provide other value, we would like to explore the option.
otal count as 800 and "Current
ed? Mobile users connecting to email and calendar
Environments" spreadsheet Not in scope
SEA must be fully‐migrated, with equipment removed from the current data center, before June 30, 2015
and SAN switches?
MSS requirement includes park level systems, but the Data Center count is 312
roject and would be priced for See the "SAP" tab on this spreadsheet.
Newark, New Jersey
There are 2xVNX 5800's with 175tb each, 90tb used on each with a combination of prod, QA, SQL, and Exchange
data. 1xNetApp 3250 with 65tb, approx 30tb used with mainly SAP data. Certain historical data is also retained. The
used capacity listed above is accurate
All equipment is 5 ‐ 6 years old, with the exception of the EMC storage which is less than 1 year, NetApp storage
which is 3 years, Checkpoint firewalls less than 1 year, and three Hyper‐V hosts for ECW
SEA's theme parks are not in scope
No
No
Correct, project scope and cost needs to be included in the RFP response as separate line item(s) for consideration
there is one physical AS/400
of this server and total number of
ysical AS/400 server? See the "AS400 Inventory" tab on this spreadsheet
AS/400 storage direct attached or
No SAN connectivity
Owned
V7R1M0
estore, etc.) and Frequency of DR
Tape restore at SunGuard currently
As the AS400 falls into DR Tier, each Lpar would require RTO of 6 hours and RPO is currently 24 hours
LPAR? Less than 10%
400 Inventory) See the "AS400 Inventory" tab on this spreadsheet
Yes, we would be open to considering this option. Any proposal in this area must consider how to handle licensing
for our front‐line workers who currently access the messaging system through shared computers (today we license
the shared devices througha device eCAL instead of licensing every user). As O365 requires per‐user licensing, our
IM) services to public cloud modeling of this scenario predicted a significant increase in costs to move to the cloud. A proposal to move this
direction must also provide details around how the solution would be secured.
ware? No
ease provide details of the current
No
Databases are managed by the SEA DBA team who use Spotlight to monitor the SQL Server databases; Storage is
n if it is agentless or agent based. using native EMC / NetApp tools
nt Monitoring? No
56 Data Center Element Monitoring Regarding the current integrations present between Monitoring Systems,
57 Data Center Element Monitoring Tool in place where all Element Monitoring Tools are integrated?
58 Data Center Element Monitoring How is Server Capacity being monitored today? Is there any Tool to perfo
59 Data Center Element Monitoring Is there any Knowledgebase Integration present in the tools environment
60 Data Center Element Monitoring What are the monitoring parameters for OS, Applications?
61 Data Center Element Monitoring
62 Data Center Element Monitoring Is there any integration of monitoring tools with Service Management Too
63 Data Center Element Monitoring Describe the current Job Scheduling Tools and Integration of Events.
64 Data Center Element Monitoring What are the total number of jobs defined in the IT environment?
65 Data Center Network Monitoring What are the total number of servers built per month and the tools relate
66 Data Center Network Monitoring Are there any In Flight projects in the current environment?
67 Data Center Network Monitoring Which tools are being used for Network Monitoring (Fault & Performance
ownership of licenses?
68 Data Center Network Monitoring Describe any priorities tasks SEA may exceptionally want to configure in T
Would the provider capture the Network Configuration from current Mon
69 Data Center Patching & Compliance
70 Data Center Patching & Compliance Is there any Integration present with Service Management Tools and netw
71 Data Center Patching & Compliance How is patching being done in the below mentioned environment?
72 Data Center Is there any tool for bare metal provisioning?
Service Management Is compliance being handled, as per the current policies?
73 Data Center As ServiceNow is present as the Service Management tool in SEA's enviro
Service Management current Service Management / Service Desk Tools?
74 Data Center
75 Data Center Service Management What are the processes covered by the implemented tools and current sc
76 Data Center Service Management
Is SNI looking for any kind of process reengineering in the current process
77 Data Center Reporting Are SLA / OLA configured in the current environment?
78 Data Center Is there any current unified reporting tool present in the current environm
Is it required of the vendor to assume ownership of all current physical de
79 Data Center infrastructure or just the compute, storage, networking necessity require
80 Data Center Will SEA retain the application configuration and day to day management
81 Data Center technology?
Does SEA want the SAP current environment to be migrated to the vendo
82 Data Center is the ideal solution to move the current environment then migrate?
In the spreadsheets, is storage shown in GB increments?
83 Data Center
Does SEA have i/o performance metrics for its applications? What is R5 v
84 Data Center Does SEA want all virtual vms to be upgraded to windows 2012 or remain
for the time being?
85 Data Center
There are 4 sets of load balancers are there certain farms that need to be
86 Data Center hypervisor sharing)? if so which farms? Today what which farms do these
87 Data Center Would 4:1 cpu oversubscription and a 4:1 memory oversubscription ratio
88 Data Center farms? If not, what would your ratios be for cpu and similar for memory?
89 Data Center Of SEA's physical servers, which applications must remain on physical har
by application (Kronos, My Micros, Business Objects, Omnico Matra, FTC
90 Data Center XBR/MyMicros/Icare/Simphony, SSIS, TMM Server(s), Alliance Ticketing S
91 Data Center server)?
What does the FTC automation server do?
Why do the Genric Application Servers require so much memory?
Is there any licensing by core application licenses outside of Microsoft SQ
Does SEA want to provide the Microsoft SQL, Exchange, SharePoint licens
of the business response?
Regarding the ServiceNow integration, is there an SI you are already work
Is SEA opposed to Hyper‐v replication, where applicable?
, is there any Manager of Manager
No
orm this activity? Not at this time, it is a manual process
t? No
CPU / Memory / Disk (I/O and capacity) / Connectivity, actual thresholds are unknown as they are determined by the
services provider
Yes ‐ events that identify a disruption in service or other situation that requires someone to investigate should
ols? automatically open an incident ticket in ServiceNow.
Autosys is used for scheduled tasks, managed by SEA
There are approx 150 ‐ 175 jobs scheduled through Autosys
ed to it? Net Average is less than five per month, year‐over‐year, tools for deployment are determined by provider
Yes
e) across locations, including
SEA's park locations are not in scope, but it uses Solarwinds
Tools. None at this time
nitoring tools? No, provider is responsible for configurations and monitoring of such
Yes, our current vendor has implemented this integration with their tools ‐ an event detected through network
monitoring will automatically open an incident ticket in the service management system. This integration is not
work monitoring tools? owned by SEA. A similar capability is expected through the managed service.
WSUS through group policy, manual installation of patches and reboots performed by provider
None that SEA is aware of at the data center level
Reporting is provided as part of compliance
onment, what are the other Service Now is the main tool used for this function, any other tools employed are migrating over to the Service Now
base
Upon receipt of actionable item, a service request is sent to the appropriate team for investigation. From there, the
action items are identified and acted upon if needed at that time, following protocol, or whatever action item is
cope of the existing tools? needed is planned, and scheduled for remediation
SEA is open to improvements in any process provided by the provider, however they must meet its needs and
ses? purposes before approval
Yes, reference the RFP regarding desired levels
Reporting is provided in a unified manner by the current provider. SEA does not have insight as to the tools used,
ment? nor if it is a manual compilation process
evices in the datacenter x86 Vendor will be responsible for managing all physical assets residing in the datacenter, but it is our assumption that
ed by the workloads? SEA would own the assets.
t of the implemented Tokenization
Yes
or's environment vmware/linux or SEA is flexible to either solution that the vendor may feel is a lower risk solution for migration and ongoing
supportability
Yes
All EMC storage is R5, with peak io at approx 24k ‐ 26k on each of the 2 arrays. The NetApp 3250 is at approx 13k
vs R10? iops at peak. Consolidation of the NetApp workload into the EMC is preferred
n on the current OS currently on
Leave as‐is for the migration
e totally isolated (as in no Each pair of load balancers service production / QA / PCI network / PCI/ DMZ, each is required to have physical
e load balancers sit in front of? segmentation
o be acceptable for SEA's virtual If moving to Hyper‐V, oversubscription is not possible, if remaining on Vmware, with their history of licensing
? modification we would prefer to be closer to 1:1 , a 2:1 rate is acceptable
rdware due to license or required
Automation,
Server, Generic application
MyMicros, TMM, Omnico, Simphony, are required to remain physical for supportability by the vendor, or licensing
Mainly used as a management / jump box server for datacenter personnel that houses applications used to manage
the environment
They are systems that housed applications either decommisioned, or waiting for implimentation
QL? No
ses or want them part of the scope
SEA will provide
SEA is working with Service Now for implimentation of the product, no SI is being used for intergration into other
king with? products at this time
Not opposed
92 Data Center Exchange Specific Describe the expectations of "help desk support"?
Are the responses expected to include pricing for all migration efforts incl
93 Data Center Exchange Specific (exchange, sharepiont, SAP) work efforts?
What is SEA's projected growth rate next year and the year after year ?
94 Data Center Exchange Specific
What are the storage tier consumption today within each SAN tier level <
95 Data Center Exchange Specific Raid10, Tier2 being Raid5, Tier3 being Raid6>?
Does SEA wish to replicate <DR> test evnironments?
96 Data Center Exchange Specific Does SEA wish to replicate <DR> Dev evnironments?
97 Data Center Exchange Specific What is the current change rate of data from day to day that SEA wishes t
98 Data Center Exchange Specific
Exchange Specific Describe the expectations regarding “proactive optimization to SeaWorld
99 Data Center Exchange Specific As Active Sync and Outlook Web Access will be available and setup, descr
Exchange Specific administration tasks expected.
100 Data Center Exchange Specific
Exchange Specific Regarding the upgrade to 2013/2016, is the expectation to move SEA's as
101 Data Center Skype for Business execute an upgrade, or to execute a migration from the existing setup to
Skype for Business
102 Data Center Skype for Business What is the total “utilized” storage for this environment, as the spreadshe
Skype for Business What release year is this environment?
103 Data Center Skype for Business What is the license level?
104 Data Center Skype for Business How many AD domains?
105 Data Center Skype for Business How many AD forests?
106 Data Center Skype for Business Will SEA be providing server and user licenses?
107 Data Center Will users be accessing email from Outlook client, OWA, other? How man
108 Data Center SharePoint Does SEA have an archive solution today?
109 Data Center o Does Sea World need to port or migrated legacy archive mail?
110 Data Center SharePoint Is the existing environment being migrated as‐is?
111 Data Center What release year is this environment?
112 Data Center SharePoint What license level?
113 Data Center SharePoint What features are being used?
114 Data Center SharePoint How many users?
115 Data Center SharePoint Are VOIP capabilities activated?
116 Data Center SharePoint Is this solution tied into any other solutions?
117 Data Center SharePoint Reagrding architecture, are any servers tagged with a Skype role?
118 Data Center Regarding the upgrade to 2016, is the expectation to move SEA's as‐is to t
SharePoint upgrade, or to execute a migration from the existing setup to a new 2016
119 Data Center Describe the expectations for “support all business functionality required
SharePoint on infrastructure services: Excel services, OneNote, Info Path, search, cach
120 Data Center SharePoint requesting sysadmin support or full application level support?
What release year is this environment?
121 Data Center SharePoint What license level?
122 Data Center Will SEA purchase and provide server and user licenses?
123 Data Center SharePoint Anonymous Access?
124 Data Center Expected 12 month growth?
125 Data Center SharePoint Does this SharePoint environment integrate with any other solutions?
126 Data Center SharePoint Is the following architecture correct: 2 physical; Sharepoint Jump Server v
SharePoint sharepoint admin server 1 physical, Sharepoint 2010 Server virtual 1; Info
127 Data Center SharePoint SharePoint Admin Jump Server – What is the purpose of this server?
SharePoint Forefront TMG Manager – Is this needed moving forward
128 Data Center
129 Data Center SharePoint Admin Server –Is this just for Central Administration access or
SharePoint Admin Server– this is on the spreadsheet, but no server resou
130 Data Center you provide resources
InfoPath Application Server – Is this tied to SharePoint?
131 Data Center Is SharePoint today built with redundancy?
SharePoint today built with site Disaster Recovery?
132 Data Center Today are you doing SQL Log shipping
133 Data Center Do you use a 3rdparty replication technolody and if so what is it?
134 Data Center
135 Data Center
136 Data Center
luding applicatin migrations Central location that can be contacted for assistance with the environment either to rectify issues we have been
made aware of, or that the vendor has noticed and is making resolution to. Issues such as system reboots required,
<Tier0 being SSD, Tier1 being SAS
Yes
to replicate? 5 ‐ 7% year‐over‐year
d’s messaging environment”? SEA is using EMC VNX which has a tiered pool design with a combination of SSD / SAS drives in each pool. Total
ribe any anticipated ongoing consumption of each array is approx 75 TB on each array split between three pools of disks in a gold / silver / bronze
design
No
No
Has not been measured
Ensuring that the compute / storage / and connectivity requirements are within required levels, and make
reccomendations where needed to ensure optimal performance. i.e.‐‐‐Balance mailstores sizing to keep systems in a
close percentage of use
None, except for assistance in users connecting either through ActiveSync for mobile devices
s‐is to the provider and then
a new 2013/2016 environment? SEA is open to either process, dependant upon the risk involved for each
eets only show allocated storage? 11.3tb
2010
Enterprise
One
One
Yes
ny users per option? All users have access through Outlook and OWA, mobile user count is approximately 750
No
Yes, including legal hold items which is included in the storage count
N/A
N/A
N/A
N/A
N/A
N/A
N/A
No
the provider and then execute an
6 environment? SEA is open to either process, dependant upon the risk involved for each
d, including but not limited to add‐ Provide support to the business in all aspects of SharePoint, including assistance to the end users in intergration,
hing, sandboxing, etc.” Is SEA setup of sharepoint sites when needed, and working with SEA in intergration of applications with SharePoint if
needed
2010
Enterprise
Yes
No
10%
No
virtual, Forefront 1 virtual,
oPath app Server virtual 1? Correct
Used by current SharePoint admin for remote access to administer environment
SEA is in process of migrating to a new proxy, but is unsure if it will be completed by migration
r is this an Applications server? Central administation access
urces are listed. Is this a typo ? Can
For sizing, assume minimal specification of 2cpu, 16gb ram
Yes
No
No
No
No
137 Data Center SharePoint Have you today configured for Always On SQL configuration?
No
Sub‐Category (if applicable) Addendum #2: Bidders' Clarifying Questions (Managed D
Security Question
Managed Services What is the User to Device Ratio?
AS400/iSeries The RFP document states to "maintain English language Service Desk operation to be ava
days per year." Does this mean that the End User Service Desk is also in scope?
AS400/iSeries Please share the list of 3rd Party vendor applications/utilities that are currently installed/
AS400/iSeries AS/400 environment.
Is there a Data replication tool like Mimix, iTerra, iCluster etc (for High Availability) is curr
Exchange use in the AS/400 environment? Please provide details of the replication between the se
to HA mapping).
Exchange Is the AS/400 server covered by HW/SW support by IBM or any other service provider?
Please provide details around any Third party tools/application integrations like Archiving
Exchange etc.?
Please provide the count of mailboxes that fall into any of the below categories:
SharePoint • Use applications which might be incompatible with Cloud Messaging environment.
• Are located on low bandwidth site
SharePoint
Please confirm if Blackberry services or mobile messaging service used? If yes, for how m
SharePoint
SharePoint Supplier would like to know the SharePoint Server version/s in Existing Environment. Also
SharePoint details on the no. users provisioned for SharePoint services?
Element Monitoring
Network Monitoring Please provide details on Internet facing Web applications and authentication mechanism
Exchange Specific Supplier would like to know the main purpose of Web application/s ( Publishing or Docum
Exchange Specific management)
Exchange Specific Please clarify if External users are required to authorize/access SharePoint currently?
Exchange Specific Please list type of Integration with External Applications e.g. SAP
Exchange Specific Describe the current Monitoring Tools for Windows/Unix/others and explain if it is agentl
Exchange Specific based.
Exchange Specific Provide presently deployed Event Correlation / Deduplication / Message Suppression in a
Exchange Specific Enterprise Tools for Network Management
o Please provide an exact number of mailboxes
o What features are being used?
o Does this Exchange environment integrate with any other solutions?
o Are there any SMTP Relays? Please list
o Desired mailbox quota?
o Does Sea World have a preference for DAG setup?
o Current AV/AS provider?
o Does Sea World want to maintain this provider or go with vendor option?
Data and Security Services)
SEA Response
This is not a metric we have tracked in the past. Approx. 1,650 users have computers for their individual use.
Of these users, approx. 900 have mobile devices as well. Approx. 1,700 computers are available for shared use
by about 6,000 employees. We also have about 2,000 POS terminals that will be used by a large number of
employees.
ailable 24x7, 365
No, this is for issues that relate to the datacenter. This is not a replacement for SeaWolrd's service desk
/in use in the
MMS, which is a warehouse inventory & ordering system
rently installed/in
ervers (Production
Not that we are aware of
Yes, fully under maintenance
g, Voice Mail, Fax
There are none
None to our knowledge
many users? Yes, for less than 5 users, which should be migrated fully off before contract signing
o, please provide SharePoint 2010 Enterprise; We have 1,650 users licensed through O365, and the remaining users access the
environment through 1,915 device CALS. The number of users in this latter category can vary according to
seasonal employment.
m No part of the current SharePoint environment is Internet‐facing. It is for internal use only. Users can access it
ment from a remote location if the first establish a VPN connection to the corporate network.
SharePoint is primarily used for document management, but it also hosts our primary intranet site which uses
less or agent basic content management (e.g. company announcements, policies, forms, etc.)
any of the External users cannot directly access SharePoint
No integration with external apps today.
NetIQ, agent‐based
Current tool is provided by the vendor managing the current data center…it is not owned by SEA.
8474
Messaging, data retention rules, legal hold
None to our knowledge
One
Default mailbox quota is 1 GB; as needed, exceptions have been freely granted to 2 GB; a few users have been
permitted to have larger mailboxes when warranted by their job function
SeaWorld wil require a DAG configuration that correlates to the disaster recovery requirements
McAffee on the servers; IronPort as a service for AV and anti‐spam on inbound email
We are open to changing AV vendors
Microsoft Office Communicator Server Are we simply migrating the existing environment as is?
Microsoft Office Communicator Server What release year is this environment? 2007?
Microsoft Office Communicator Server What license level?
Microsoft Office Communicator Server What features are being used?
Microsoft Office Communicator Server How many users?
Microsoft Office Communicator Server Architecture: Are you using Microsoft OCS 2007 ‐ 1 virtual today?
Are we simply migrating the existing environment as is?
Microsoft Lync What release year is this environment?
Microsoft Lync What license level?
Microsoft Lync What features are being used?
Microsoft Lync How many users?
Microsoft Lync Is there data that needs to migrate or is this just a server architecture move?
Microsoft Lync Number of users:
SharePoint Internal: ?
External: ?
SharePoint Active Directory Authentication only?
Will SharePoint sites be available via the internet or VPN only?
SharePoint SSL Certificates needed?
SharePoint Compliance requirements: ?
SharePoint If SharePoint 2007, did Sea World deploy the Microsoft FAB 40 templates?
SharePoint
SharePoint If there is no direct upgrade path, is Sea World open to leverage a third party migration to
SharePoint Is the expectation/request to move everything over as is, and then provide a plan to upgr
workloads (SharePoint, Exchange, Skype for Business Server) down the road?
SharePoint
Messaging Platform Was Microsoft Office 365 reviewed as a solution option, and if so, what were the thought
Please specify the number of mailboxes per month that are affected by the legal‐hold pol
Messaging Platform
How many requests per month for legal‐hold to export applied policy mailbox data to a P
Messaging Platform is the timeframe of legal hold notification?
Disaster Recovery Please identify any limits set for the legal‐hold policy applied mailbox quota.
Please clarify if these systems require a one‐hour Recovery Point Objective (RPO).
Storage Management Please provide the configuration and utilized storage details of existing storage frames, to
disks usable and total disk allocated.
Storage Management Please provide the IOPs required for the Tier‐1 and Tier‐2 workloads per current and futu
Environment Details requirements.
Please specify if anti‐virus support is required for the Wintel servers.
Security Device Management
Please provide information regarding the web application firewalls, including, vendor, mo
of web applications.
Yes
We are running OCS 2007, implemented in 2010
Enterprise
Messaging, file transfer
Approx. 5,000
Yes
Yes
2013
Enterprise
Messaging, file transfer
Less than 100
Server move only
We have 1,650 users licensed through O365, and the remaining users access the environment through 1,915
device CALS. The number of users in this latter category can vary according to seasonal employment.
None
Yes
Internal or VPN only
No
Not at this time
N/A
ool? Yes
rade specific
Yes, upgrade proposals and pricing should be included with the migration proposal
ts on that option? As O365 requires per‐user licensing, our modeling of this scenario predicted a significant increase in costs to
licy. move to the cloud. A proposal to move this direction must also provide details around how the solution would
PST file, and what be secured. We are open to the possibility of using Office 365 if it can be financially justified and adequate
security can be demonstrated.
o include total Approx 1,000 mailboxes
ure performance The frequency can vary significantly from one month to the next. 5‐10 requests per month for data exports may
be typical. On one occasion, we had an exceptionally large export of many mailboxes that totaled over 3 GB of
data.
When a mailbox is marked for legal hold, all messages must be retained.
No
Each VNX has 250‐275 disks broken into multiple pools using all disks. NetApp3250 has 240 disks, all allocated
We average about 7000‐10000 iops
Yes
odel, and number We do not currently use web application firewalls under the scope of this contract. We use Incapsula today to
provide WAF protection for Outlook Web Access, but this service is managed by SEA.
OS Phys or VM? # CPUs Memory (GB)
Sun Solaris Physical 2 cpu x 16 core 32 Prod01
AIX Physical 8 core 64 Prod02
AIX Physical 8 core 64 Prod03
Sun Solaris Physical 8 core 64 Prod04
AIX Physical 4 core
8 Prod05
Sun Solaris Physical 2 cpu x 16 core 32 Dev01
AIX Physical 8 core 64 Dev02
AIX Physical 8 core 64 Dev03
AS/400 Systems Overview
LPAR # Current Serial Number Server System Description LPAR Role System OS Version Memory in GB C
LPAR1 Location Edition/Process (PROD/DR/HA/Q Model
LPAR2
LPAR3 or Feature A/DEV/TEST)
LPAR4 Code
LPAR5
LPAR6
LPAR7
LPAR8
LPAR9
LPAR10
LPAR11
LPAR12
Legend:
missing details
Code LPAR Type Model Interactive Serial Time OS/400 S/W
Name Name Feature Zone Version Group
SeaWorld 06-212B6 A
wer 6 Sys 8203 E4A-5587 Enterprise EST V7R1M0 P10
10-05DCC EST V7R1M0 P10 1
BECAS4S1 CR5 78N1439 EST V7R1M0 P10 6
BECAS4S2 L4U 1K10104815 P10 1
BECAS4S3 HH4 1K10101244 EST V7R7.1.0
HH4 1K10104869 EST 9.20 / 3.00e
HMC Console 7042 HH4 EST
TO4 Tape Library 3573 BBH5
ULT3580 BBH5
RIUM 4 TAPE D ULT3580 BBH5
RIUM 4 TAPE D ULT3580
RIUM 4 TAPE D
CPW DASD DASD Tape/Tape Library Comments
external or attached with the
Internal? LPAR?
Storage (GB) # of Batch Asset Int. Memory Modem
CPUs CPW Tag# CPW (in GB) Phone#
ASP1 ASP2 ASP3 IASP
2 9150 9150 30
1395 N/A N/A N/A 0.95 3980 3980 14.5
697.8 N/A N/A N/A 0.4 732 732
1395 N/A N/A N/A 0.65 4438 4438 4
12
Number Name Description Table Section Answer
Column
10.1 Lot #1: Managed Data Center Services Questions
10.1.1 General
10.1.1.1 Describe the proposed process, including timelines, for full The process is summarized below for your x86 infrastructure:
implementation of the services in scope by July 1, 2016. Presales=>Planning=>Deployment=>Build & QC=>Post Handover
1. Presales: Risk Assessment, Secure Infrastructure, Secure Datacenter.
2. Planning: Document Preparation, Assign Account Team, Internal Preparation Meeting, Implementation Call.
3. Deployment: Action Items, Additional Calls Scheduled, Build Begins.
a. Assign Data Center locations
b. Assign IPs
4. Build & QC: PM Functional Teams, Device QC, Handover to Support.
c. Build Network Devices
d. Configure Network Devices
e. Configure and Present Storage
f. Build Hypervisors
g. Build VMs
h. QC Servers (above to here is roughly 20 business days standard starting from initial implementation call)
i. Migration of vms and physical workloads/new installations (>17wks at 15-30 servers per week as average during business hours* this can be adjusted as customer
needs)
j. Taking the SeaWorld standard images and ‘rackizing’ with Rackspace Tools to integrate with Rackspace Services
k. Testing holistically of the environment applications and migration efforts <on going as migrations/installation happens>
5. Post Handover: Account Management Guidelines,
Runbook, Warm Handoff to customer for migrations and applications.
10.1.1.2 Would the proposed servers be based upon the Cisco UCS platform? If Rackspace powers its infrastructure on x86 Intel processors similar to Cisco using the same Xeon family processors. HBAs, Network cards, Memory and disk spindles all
not, specify the hardware that would be utilized. A detailed list of come from the same enterprise suppliers and are rated ‘enterprise class.’ Rackspace standardizes on rack-mounted servers not blades as they do not make financial
proposed hardware can also be attached. sense in our business model. Please see our appendix for the detailed infrastructure solution (including equipment detail).
10.1.1.3 Describe your process for destruction of data in relation to disk drives, Rackspace has several options that we can use for destruction of data: Destroy the drive/media, have some other 3rd party do the destruction and provide
physical systems, retired equipment, etc. certification,(DoD Algorithm wipe with each series equivalent to 2 wipes usually totally about 9 passes), degauss the media, backup tapes are wiped prior to reuse, broken
or tapes taken out of service are pulverized then incinerated by a certified 3rd party vendor
10.1.1.4 Per the attached scope of work document in Section 2.1, does your
company support AS400 according to the stated specifications? We are unable to provide AS400 Services.
10.1.1.5 Describe methodology and tools for the proposed method of migration, The Rackspace process for migrations includes both Change Management and Governance. We have a delivery methodology that includes 4 phases:
including change management and governance. Phase 1: Project Initiation - Project Initiation is the first phase in the Project Lifecycle and essentially involves starting up the project. In this phase the project is initiated
by defining its purpose and scope, the justification for initiating it and the solution to be implemented. It identifies the teams involved (customer and our services), gathers
notational timelines, requirements, risks, threats, RACI
Phase 2: Planning - The first step of the Planning phase is the creation of a detailed project plan The creation of a comprehensive Project Plan is critical to the success of
the project. The Project Plan identifies the Work Breakdown Structure (WBS) of phases, activities and tasks to be undertaken to complete the project. It identifies the
sequencing, duration and dependencies of tasks as well as the resources and financial expenditures required to complete the project. The Project Manager will refer to
this plan throughout the project to monitor and control time, cost and quality - the three core tenets of Project Management. The Project Manager will then create the
following: Resource Plan, Communications Plan, Risk Register, Lessons Learned log.
Phase3: Execution - In this phase the Project Manager monitors and controls the project delivery by undertaking:
Time Management, Cost Management, Change Management, Change Management Process, Risk Management, Issue Management, Communications Management
Phase 4: Closure -Once the customer has accepted all the deliverables and have performed a Phase Review to determine whether the project has achieved its objectives,
the project is then ready for closure. Closing a project formally involves a reasonable amount of work. First, a Project Closure Report is created to list all of the actions
required to close the project. When the Project Sponsor has approved this report, the actions listed are completed to release project resources, hand over deliverables,
close the Project Office and inform all stakeholders that the project is now closed. Between one and two weeks after the project has been closed, an independent party
conducts a Post-Implementation Review to determine the project's overall success and to identify whether the business actually realized the benefits stated in the hosting
and SOW documents. Any lessons learned are also documented for future projects.
10.1.1.6 Upload a rate card for any additional services / projects that are out of Rackspace provides its renowned Fanatical Support® across a broad portfolio of managed products, including Public Cloud, Private Cloud, Hybrid Hosting, and
scope, but may be requested at a later time. Dedicated Hosting. We offer choice, flexibility, and freedom from vendor lock-in through custom-fit solutions that will scale with SeaWorld's growth and enable your
mission-critical business applications. At Rackspace, your solution is hosted with industry-leading network connectivity and resides on redundant and reliable
10.1.2 Corporate Profile infrastructure.
10.1.2.1 What is the address of your corporate headquarters? We provide a range of solutions that address the biggest challenges IT faces:
10.1.2.2 Provide a brief history of your company, in addition to descriptions of the * Digital: Ecommerce, site hosting, Web Content Management (WCM), Video
product and service offerings, core competencies, etc. * Data Services: in both new applications and insights
* Cloud Scale Apps: Both building new and modernizing existing (like SaaS and Test Dev)
10.1.2.3 Describe at least two (2) examples of current customers with scopes and * Cloud Office: Email and collaboration (like SharePoint and Skype for Business)
requirements that are similar to this project. * IT Solutions: Improving agility/speed of Central IT
10.1.2.4 Provide the locations of other data centers (if any) that may warrant At Rackspace, we offer a far larger set of technologies to make hybrid a reality.
consideration, as either the primary or secondary facility.
* Dedicated Servers: The foundation of a managed hosting environment using industry-leading hardware from companies like Dell, HP, VMware, NetApp and Cisco.
10.1.2.5 Attach a copy of your company’s latest audited financial statement. * Private Cloud: Offers power, efficiency and features of a public cloud, with the security, control and performance of a dedicated environment. Our expertise spans three
10.1.2.6 private cloud technology stacks--VMware, Microsoft, and OpenStack.
From an information security standpoint, attach a copy of your * Public Cloud: Build flexible and scalable applications on our public cloud. And an industry-leading networking solution to connect them all.
10.1.2.7 company’s latest SSAE 16 (SOC 2) report. * Hybrid Cloud: Connect your private cloud to the Rackspace Public Cloud or to Dedicated Servers to grow or shrink on demand using RackConnect hybrid cloud
List and describe any alliances / strategic relationships that are in place connection technology. With Rackspace, you can define hybrid however you like (in ways you can’t with any other single provider.)
with fellow technology companies, which may be relevant to these
project requirements. The Rackspace Managed Cloud comes with Fanatical Support®. It’s the results-obsessed, can-do, above and beyond service that we’re famous for. Fanatical Support®
includes real value ranging from 24x7x365 access to thousands of cloud engineers to providing proactive architecture advice and security guidance.
Fanatical Support® includes industry-leading capabilities depending on the service level:
* Launch assistance
* Architecture advisors
* Security guidance
* Code development assistance
* Cloud Engineers available 24x7x365
* Dedicated support teams (know you by name)
1 Fanatical Place, City of Windcrest
San Antonio, Texas 78218
Rackspace has been a pioneer and innovator in managed hosting since 1998. In 1999, VP of Customer Care David Bryce coined the term “Fanatical Support” to
encapsulate our customer service philosophy. Rackspace has grown by providing customers with Managed Hosting services in a way that revolutionized the industry. In
2004, Rackspace began to investigate the feasibility of creating what would come to be known as the cloud. In 2005, a Rackspace venture known as Mosso.com
launched with the offer that would become our Cloud Sites technology. In 2008, Rackspace announced that Slicehost and JungleDisk, two emerging companies with
rabid fan bases, would join Mosso in building out Rackspace's Public Cloud Strategy. In August of 2012, Rackspace launched the open cloud into production on
OpenStack, making it the largest OpenStack-based public cloud in the world. Our work with OpenStack, the open source cloud software that we co-founded with NASA,
makes the Rackspace open cloud possible. We helped build Nova, or OpenStack Compute, from the ground up as the engine that drives our open cloud platform, and
we have added our own products on top of it — Managed Cloud, RackConnect and others — to boost its capabilities.
In addition to the similar industry customer case studies for Six Flags and Shlitterbahn provided as attachments, Rackspace has many customers in other industries that
rely on us for comprehensive managed hosting and disaster recovery solutions.
One such customer is a well-known, $2.2 Billion dollar/year international self storage company headquartered in the US that is run as a real estate investment trust. It is
the largest brand of self-storage services in the US, and in 2008, it was the largest of four publicly traded storage REITs. Their solution is very similar to the projected
scope outlined by SeaWorld in that they run legacy applications and traditional corporate systems.
Rackspace also manages the platform for a fast-growing, Seattle-based, e-commerce company that sells clothing, toys, and home products online. This customer, which
is set to grow over $500 million dollars of revenue in 2015, hosts 100% of their revenue stream on this Rackspace-hosted platform which, in and of itself, should show the
value they place in our Fanatical Support model.
Rackspace maintains 10 data centers located in 6 regions including: Grapevine, TX; Richardson, TX; Chicago, IL; Herndon, VA; Ashburn, VA; London, UK; Hong Kong,
China; and Sydney, Australia. Current production data centers are in Chicago, London, and Hong Kong with available space in other facilities limited to existing customer
expansion and multi-site solutions. Account teams and technical support staff are located in San Antonio, TX; Austin, TX; and London, UK
Please see attached.
Please see attached.
Rackspace has a partnership program where we partner with industry leaders within their specific area of expertise. On a strategic basis, we partner with the likes of Dell
and Microsoft to provide hardware and software for our customers. Additionally, we partner with Iron Mountain, Trustwave, Cisco, VMware, Alert Logic, EMC, Double-Take
and Neustar.
10.1.3 Building / Property 222,260 SF
10.1.3.1 What is the size of the building? Primary location solution for our IAD facility: 44461 Chilum Place, Ashburn, Virginia 20147
10.1.3.2 Where is the proposed data center located? Secondary location solution for our DFW facility: 801 Industrial Blvd, Suite 200, Grapevine, TX 76051
10.1.3.3 Is the data center managed in-house or through a third party? In-House
10.1.3.4 Was the building purpose-built or retrofitted? When? Purpose-built in 2011.
10.1.3.5 Describe any current / future construction or expansion plans. N/A
10.1.3.6 Which materials were used in the construction of the building? Pre-cast reinforced concrete
10.1.3.7 Which materials were used in the construction of the roof? What is its Concrete Roof 3 years
age, wind rating, type of roof deck, etc.
10.1.3.8 What is the exterior wall thickness? (Information not available.)
10.1.3.9 What existing roof equipment and penetrations are in place? What type Protected 500 Lux
of lightning protection is in place?
10.1.4 Data Center Space 130,412 SF
10.1.4.1 How many square feet of useable floor are available at this facility? Raised Floor
10.1.4.2 Is the flooring raised floor, slab, etc? Approximately 92,000 SF
10.1.4.3 How many square feet of ancillary space are available at this facility?
Rackspace maintains extensive, detailed, standardized policies for logistics management, including procedures for transfer of assets (domestic and international),
10.1.4.4 Describe your company's procedures for logistics (shipping and insurance and damage reporting, shipping devices to customers, and supplier standards for inbound shipments, to name a few. More specific information can be
receiving)? supplied upon request and down-select later in the bid process.
4 Dock Bays
10.1.4.5 Describe the delivery procedures in place. Where is the shipping /
receiving area located? Is there a loading dock in the receiving location? smoke detector and laser based incipient smoke detection systems and double interlocked pre-action sprinkler system
10.1.4.6
What type of fire suppression is in place? What type of smoke, heat or Utility Power: 34.5 kV
10.1.5 fire detection systems are in place? What is the wall fire rating (in N/A
10.1.5.1 hours)? 26 MW
10.1.5.2 Electrical Specifications 24 Rotary power systems with 1,300 kW of critical output each
10.1.5.3 What is the designed power density of the proposed facility? 24 diesel-powered engine generators with 2,250 kW capacity each
10.1.5.4 What are the minimum / maximum densities?
10.1.5.5 What is the aggregate power capacity? Four 50,000 gallon underground diesel storage tanks
Describe your utility source and diversity paths.
10.1.5.6 How many generators are available to this facility? What is their output 24 Rotary power systems with 1,300 kW of critical output each
10.1.5.7 capacity? What is the make and model? What is their maintenance
schedule? What is the fuel replenishment process, in the event of an Redundancy: N+2, Each Phase
extended power outage?
What is the fuel capacity of each generator (in gallons)? What type of 10 centrifugal chillers with 1,200 Ton capacity each
fuel is used? What is the runtime at maximum load? At maximum efficiency the site was designed for ~1.3 PUE./At current capacity the site is operating at 1.56 PUE.
How many uninterruptible power supply (UPS) systems do you have at
this facility? Is the UPS dedicated for the entire facility or to selected Water. Local reclaimed "gray water" as primary supply with potable water as secondary source. Additionally water retention ponds on-site can be utilized during an
areas? What is the size (in KW)? What is the output capacity and emergency. Single primary feeds per source. Backups are built into the water cooled system, multiple supplies, chilled water loops and onsite stored chilled water.
power factor? What is the maintenance schedule? What is the
average run time? Do you oversubscribe at any component of the Two. Maximum distance, 200 meters. See site diagram. https://www.dft.com/sites/default/files/resources/Data%20Center%20Brochure_ACC4_0.pdf
power architecture? What is the method for monitoring the UPS?
Handled within the CRAH units.
10.1.5.8 What type of grounding does this facility have? Adheres to ASHRAE
10.1.6 Cooling Specifications Leak detection sensors within chilled water pipe trench under the raised floor.
10.1.6.1 What is the aggregate cooling output (in tons)? ~72 degrees F
10.1.6.2
What is the design power usage effectiveness (PUE)? What is the Yes, the facility owner/operator, DuPont Fabros Technology does not provision nor manage providers. Tenants may utilize existing providers or pay for non-existing
10.1.6.3 actual / operating PUE? providers to pull into the building.
See attachment – relevant site is ACC4. ACC4 has been relatively static since 2010/2011 so carrier/provider list would still be accurate.
10.1.6.4 Is this facility water-cooled or air-cooled?
If water-cooled, what is this facility’s water source? How many feeds are
10.1.6.5 in place? If air-cooled, describe the system. What is the back-up
10.1.6.6 cooling system?
10.1.6.7
10.1.6.8 How many cooling distribution loops does this facility have? How far is
10.1.7 it from the main system? What is the temperature in the pipe?
10.1.7.1
Is the humidification handled in-unit or externally?
10.1.7.2 What are the humidity standards at this facility?
What leak detection and monitoring systems are in place?
What is the operating temperature of the data center?
Network Services
Is your facility carrier-neutral regarding ingress / egress points for
internet and MPLS?
Which carriers are available at this facility?
10.1.7.3 Is it possible to connect to carriers that are currently not in your facility? Yes, see above.
10.1.7.4 Is there interconnectivity between your facilities in different locations? Yes, DuPont Fabros maintains a fiber ring within their own campus and is also connected to the adjacent Equinix campus.
10.1.7.5 Describe the private line networking options that are available. Are they third party would provide them and run the line to the DC Demarc room. Rackspace will treat them as a colo device. The DCs have mini pearl (sp) that can be attached
provided by a third party? How are they supported? for the customer to troubleshoot issues. Customers that need private lines into our DC's are responsible for obtaining their own connections directly with the carrier. We
do have a DC to DC Backbone, which is not the same as a private line (dedicated), these are virtual circuits (or L3VPN tunnels) over shared physical lines.
10.1.7.6 Which local exchange carrier (LEC) service providers are utilized?
10.1.7.7 Which redundancy options are built into your backbone network? What This varies depending on data center location.
are the failover options in place? Is the customer responsible for The shared backbone between DC (vs private line) is built in a ring fashion where each segment of the ring is built with diverse providers and paths. In addition, any
10.1.7.8 redundancy options on their communications? segment of the ring can be completely lost and still be able to reroute in the opposite direction of the ring.
10.1.7.9 Where are the entry points for connectivity, in relation to the building? Multiple street side manholes provide access into the ACC4 facility via four (4) points-of-entry (POEs) within the building AS WELL AS one (1) meet-me-room (MMR)
within the building.
Describe the carrier's “last mile,” including single points of failure. This varies on a case-by-case and provider-by-provider basis. However, for the Rackspace Backbone network the carriers last mile is fully diverse. From diverse
providers, to paths from their POP, to separate entrances into the building to separate racks they are terminated to inside the DC.
10.1.7.10 Are there multiple entry points for all carriers?
10.1.8 Data Center Systems & Personnel Dependent upon the carrier.
10.1.8.1 Describe the environmental and security monitoring systems that are Lenel Onguard is the system for security while mechanical and electrical systems are monitors via separate applications. Electrical branch circuit monitoring on the
currently in place. raised floor is via Eaton Foreseer BMS.
This would depend upon the severity and impact to the overall environment. Rackspace will follow its business continuity plan (BCP) and incident management (IM)
10.1.8.2 Would your company send notifications in the event of a system outage escalations appropriately. Notification would be via ticket, the trigger would be directly related to the escalation levels within the BCP and IM procedures.
or service failure, regardless of the effect to SEA's environment? If so,
how would that notification process take place and what triggers it? The facility contains an onsite facility operations center for critical and essential infrastructure.
Technical staff, both infrastructure and IT are onsite 24/7. ~5+ years average tenure.
10.1.8.3 What control centers are located in this facility?
10.1.8.4 Local Rackspace personnel will respond to tickets within 15 minutes with adherence to a 100% network uptime SLA and 1-hour hardware replacement SLA.
Describe the personnel onsite. What is the average length of
10.1.8.5 experience (in years) for onsite staff? What is the required level of Rackspace does not utilize remote hands. Full time Rackspace employees are onsite 24/7 to respond and resolve customer environment issues.
10.1.8.6 education?
What is the response time for requests placed to personnel and Proximity card and biometric access, multiple levels of access control. Security personnel onsite 24/7. ~170 onsite cameras with 90 days retention.
vendors?
Only local Rackspace employees and approved, escorted vendors for Rackspace have access to the secured environment. Customers nor customer vendors are ever
What is the scope of the remote hands for this facility? granted access to the raised floor environment as Rackspace does not operate nor manage a traditional colocation hosting model.
10.1.8.7 Describe the level of physical security in place at this facility. Which Rackspace. Physically, no option, local Rackspace personnel would be the only individuals with access or the ability to access. Logically a customer can secure their
10.1.8.8 security systems are in place? environment as they see fit as full control of servers resides with the customer.
Describe the escort procedures that are in place on the floor. FEMA Zone X - Outside 500 year floodplain
None. The ACC4 facility resides within the FEMA 500 year flood zone.
10.1.8.9 Who is responsible for control to physical access of a customer’s None.
equipment? What are the access control options for customer’s Rackspace has a standardized root cause analysis process which is completed for any impacting or near impact to a customers environment.
10.1.9 equipment? Hurricane, blizzard, earthquake.
10.1.9.1 Risks Facility resides within the flight path for Washington Dulles International Airport (IAD).
10.1.9.2 Is the facility located in a flood plain?
What is the history (if any) of water leakage and flood events in the For a complete description of SLA terms, please see Managed Hosting Terms (Intensive) http://www.rackspace.com/information/legal/intensiveterms or in the attached
10.1.9.3 facility? document. (For Critical Application Support information, please reference line item 100 below.)
10.1.9.4 What is this facility’s history of utility downtime or wide outages?
Describe the post-mortem process that is in place following issue N/A as we are not a tradional colocation provider.
10.1.9.5 resolution.
What type(s) of severe weather / natural disasters may occur in this
10.1.9.6 region?
What is this facility’s proximity to major transportation paths (railway,
10.1.9.7 flight path, highway, etc)?
10.1.9.7.1 Availability Review
Describe or upload a detailed breakdown of your proposed service level
agreement (SLA), with specific reference to remedies for business
interruptions to critical applications. What types of penalties would be
incurred for shortfalls related to uptime, availability, etc?
10.1.9.7.2 What is the fee structure (if any) for utility usage? What is the power
pricing model? What is the utility rate for this facility? Describe any
flexibility options for this contract.
10.1.10 Ancillary Services N/A; covered by the standard Rackspace contract as a "managed" provider.
10.1.10.1 What additional services (if any) are offered at this facility? Are these
services managed by your company or a third party? If a third party, N/A; covered by the standard Rackspace contract as a "managed" provider.
10.1.10.2 which service providers do you work with?
Yes, but not cage management.
10.1.10.3 Does your company offer device support (rack and stacking, hot part N/A; covered by the standard Rackspace contract as a "managed" provider.
10.1.10.4 replacement, power cycling, etc)?
10.1.11 Does your company offer rack, cabinet and / or cage management? San Antonio, Virginia, and London
10.1.11.1 Which monitoring systems are in place for power reports?
Network Operations Center All personnel are full-time Rackspace employees.
Where is your network operations center (NOC) geographically located?
Rackspace Cloud Monitoring
10.1.11.2 What is the status of personnel monitoring the environment (direct
10.1.11.3 employees, third party company, non-badged employees, etc)? The Rackspace SLA covers our administrative responsibilities and includes financial penalties for any failure to render service as described within that document. A
Which items are monitored for the following areas and what toolset is summary of the SLA follows:
10.1.11.4 used for monitoring them?
ServerNetworkStorageConnectivity 100% Network Uptime-The data center network infrastructure will be available 100% of the time. “Network infrastructure” means the portion of the network extending from
the outbound port on your cabinet switch to the outbound port on the border router and includes switches, routers, and cabling. Network Availability is defined as the
Describe the standard service level agreements (SLA) and ability to pass TCP/IP traffic with less than 3% packet loss and less than 30ms latency across the Rackspace network infrastructure.
corresponding response time(s) provided by the NOC.
Facilities-A/C power to the outbound port on your serving power distribution unit (PDU) will be available 100% of the time. Target ambient room temperature will be 72
10.1.11.5 What is the escalation plan for customer notification? Provide an degrees Fahrenheit in the server area of the datacenter and will not vary by more than +/- 5 degrees. Target Relative humidity will be 45% in the server area and will not
example of how this communication process was successfully followed. vary by more than +/- 5%.
10.1.11.6 Would the NOC provide vendor management for hardware / operating Hardware-Rackspace will repair or replace failed hardware components provided by Rackspace at no additional cost within one hour of problem identification by
system issues? Rackspace. This guarantee does not include the time required to rebuild a RAID array, reload the operating system, reload and configure applications, and/or restore
10.1.11.7 from backup.
10.1.11.8 How many levels of service are located at the NOC? As part of Fanatical Support, Rackspace believes that SeaWorld is entitled to direct access to top-tier technical contacts who will work with you to find a rapid solution to
Does the NOC make proactive environment recommendations and, if so, any issue that might arise. Our dedicated account teams collaborate with additional internal resources and/or escalate technical issues directly to our hardware or
10.1.11.9 how often? software vendors on your behalf.
Could the NOC integrate with SEA's ticketing system, Service Now?
These issues are handled internally by Rackspace experts. Vendor management, if required, would be handled by the Rackspace team.
N/A
N/A
N/A
10.1.11.10 How does the NOC rate the severity of issues on monitored systems? Severity 1: A major outage or severe degradation impacting Rackspace products, services, infrastructure, or our ability to support customers at a global / regional level.
Extended customer impact is likely with no work-around available. Examples:
10.1.11.11 Of all of the applications used by SEA, five (the “Super-Critical • Core (Lettered or numbered) down event likely to cause widespread customer impact for more than an hour Aggr issue affecting multiple aggregation routers with
Applications”) have been identified as having a significant impact on widespread issues to customers or internal systems
business operations. • Edge router failure with no redundant connectivity (or redundancy not able to take over) with widespread customer impact
SEA expects that these applications will be held to higher service levels • DC impacting and ongoing DDoS attack
– even higher than the other critical applications - and an outage for
these applications would also carry a higher service level credit if the Severity 2: A minor outage or degradation impacting Rackspace products, services, infrastructure or our ability to support customers. Impact of degradation limited to
SLA is not achieved. If an outage for a Super-Critical Application is loss or intermittent availability of a resource, product feature, or product component. Work-around may be available. Examples:
longer than two hours, a service level credit would be applied equal to • Resolved core (Lettered or numbered) down event that was likely to cause widespread customer impact
6.25% of the total fees paid for that month. If a second outage were to • Aggr issue affecting a single aggregation area with widespread issues isolated to customers or internal systems in that area
occur in the same month, the service level credit would double to 12.5% • Issues affecting connectivity between edge and core routers
of the total fees paid. Please confirm whether you would accept this
SLA for the Super-Critical Applications. Severity 3: An issue requiring awareness of a risk situation or minimal degradation that is impacting, or could potentially impact Rackspace products, services,
infrastructure or our ability to support customers. Minimal degradation is transparent to Rackers or Customers -it affects non-critical resources or should be monitored for
potential to escalate into higher severity. Example:
• Provider/Private Line/Peering connectivity issues that are likely to have caused impact (i.e. flapping that wasn't filtered immediately or outages where reconvergence was
slow/unsuccessful causing more than 5min of potential impact)
• Aggr failover, reboot, or line card failure on only one aggr in a pair (minimal impact that is not ongoing)
Non-Incidents: Some network issues can occur which do not require the creation of an incident at all. This may be because another part of the business already has a
process to report the issue, because it is not of a severity that would impact multiple customers, or because it is not likely to need monitoring for worsening conditions or
continuation of the event. Examples:
• Top of Rack switch failure (handled by DCOPS)
• DDoS attack that has affected customer below the aggr layer
• Provider/Private Line/Peering connectivity issues that result in a brief period of latency for reconvergence (i.e. an unexpected provider outage that causes successful
reconvergence)
Critical Application Services advanced service level agreement (SLA) provides 100% production platform uptime guarantee and a 2x service level credit for businesses
that demand the highest level of performance and uptime on critical applications and websites.
Advanced Service Level Agreement
• 100% Production Platform Uptime Guarantee
• 2x service level credit with Rackspace approved HA environments
• 5 minute notification
Web Scale Engineers
• Deep application layer experience
• Design, Installation & con figuration of optimized web environments
• Ongoing, proactive planning
• 24x7x365 support for the application layer and infrastructure
Advanced Infrastructure, Application & Transaction Monitoring
• Real-time transaction monitoring
• Application performance analysis
• Custom application alerting, utilization trending & reporting
• Advanced URL & end-user transaction monitoring
• Extensive environment topology mapping
• Custom infrastructure implementation & optimization
10.1.11.12 For each incident severity level, specify / upload the proposed SLA for Rackspace live support will be available 24 hours per day, 7 days per week, year round. SeaWorld may request support by opening a support ticket via the
time to (a) acknowledge and (b) resolve each incident. MyRackspace® Customer Portal or by calling your account team. We will respond to your support requests within the following time frames:
10.1.11.13 Would your company support an SLA to complete Root Cause Analyses Emergency
(RCA) for any high-impact incident(s) within 10 business days? If not, * Respond within 15 minutes.
specify the SLA for RCA that would be supported. * Examples of emergency issues include your server, switch, or site down. You cannot access your server or site from the public Internet.
10.1.11.14 Would your company support an SLA for critical OS instances (those Urgent
identified as “Tier 1” in the spreadsheet attached in Section 2.1) of * Respond within 1 hour.
99.95% availability? If not, specify the SLA that would be supported. * Examples of urgent issues include your server or site functioning improperly or at less than optimal performance. Your server or site is accessible but in a reduced state
(timeouts or slow response).
10.1.11.15 Would your company support an SLA for standard OS instances (those
identified as “Tier 2” in the spreadsheet attached in Section 2.1) of Standard
99.9% availability? If not, specify the SLA that would be supported. * Respond within 4 hours.
* Standard issues include all non-critical issues, such as server or site is functioning normally, but you require information or assistance on Intensive services, wish to
10.1.11.16 Would your company support an SLA for all other OS instances of schedule maintenance outages or help with any other non-immediate tasks. Your site is functioning with acceptable parameters, but you require assistance in loading
99.7% availability? If not, specify the SLA that would be supported. software or have a help desk-type question.
10.1.11.17 Would your company support an SLA for all network devices designed We will contact you via support ticket, telephone call or both, depending upon the severity of the situation and any procedures we have established with you for your
for high availability of 99.99%? If not, specify the SLA that would be account.
supported. Rackspace has a standardized root cause analysis process which is completed for any impacting or near impact to a customers environment.
The Rackspace SLA covers our administrative responsibilities and includes financial penalties for any failure to render service as described within that document. A
summary of the SLA follows:
100% Network Uptime-The data center network infrastructure will be available 100% of the time. “Network infrastructure” means the portion of the network extending from
the outbound port on your cabinet switch to the outbound port on the border router and includes switches, routers, and cabling. Network Availability is defined as the
ability to pass TCP/IP traffic with less than 3% packet loss and less than 30ms latency across the Rackspace network infrastructure.
Facilities-A/C power to the outbound port on your serving power distribution unit (PDU) will be available 100% of the time. Target ambient room temperature will be 72
degrees Fahrenheit in the server area of the datacenter and will not vary by more than +/- 5 degrees. Target Relative humidity will be 45% in the server area and will not
vary by more than +/- 5%.
Hardware-Rackspace will repair or replace failed hardware components provided by Rackspace at no additional cost within one hour of problem identification by
Rackspace. This guarantee does not include the time required to rebuild a RAID array, reload the operating system, reload and configure applications, and/or restore
from backup.
All OS instances would fall under under one SLA.
Please see answer above.
Please see answer above.
Please see answer above.
10.1.11.18 Specify your company's standard SLA for speed to answer, as well as Rackspace live support will be available 24 hours per day, 7 days per week, year round. SeaWorld may request support by opening a support ticket via the
the abandon rate for calls placed to your company's service desk. MyRackspace® Customer Portal or by calling your account team. We will respond to your support requests within the following time frames:
10.1.11.19 If your company has standard SLAs for service requests, describe and / Emergency
* Respond within 15 minutes.
or upload them here. * Examples of emergency issues include your server, switch, or site down. You cannot access your server or site from the public Internet.
10.2 Lot #2: Managed Security Services Questions Urgent
* Respond within 1 hour.
10.2.1 Managed Security Service Viability * Examples of urgent issues include your server or site functioning improperly or at less than optimal performance. Your server or site is accessible but in a reduced state
(timeouts or slow response).
10.2.1.1 Provide the annual revenue (2014) that your company derives from the
Standard
following services: * Respond within 4 hours.
* Standard issues include all non-critical issues, such as server or site is functioning normally, but you require information or assistance on Intensive services, wish to
Security Device Management;Security Monitoring;Security information schedule maintenance outages or help with any other non-immediate tasks. Your site is functioning with acceptable parameters, but you require assistance in loading
software or have a help desk-type question.
and event management (SIEM);Log Management; andVulnerability
We will contact you via support ticket, telephone call or both, depending upon the severity of the situation and any procedures we have established with you for your
Scanning (excluding any revenues from product bundling or resale). account.
10.2.1.2 Describe how any of the top research firms (Gartner, Forrester, etc) Please see attached SLA terms for our Intensive service level.
have ranked your company in the managed security service provider
10.2.1.3 (MSSP) market. Please see attached financial statement for all revenue information.
10.2.1.4
10.2.1.5 Describe any awards that your company has won for MSS. Rackspace Managed Security offering was launched in September 2015. As a company, Rackspace was named a leader in the 2015 Gartner Magic Quadrant for Cloud-
Enabled Managed Hosting, and has been honored as one of Fortune's Best Companies to Work For in six of the past eight years.
How many MSS clients did your company have at the end of 2014, as
well as currently? Rackspace Managed Security offering was launched in September 2015.
Provide details on how long your company has provided each MSS that Rackspace Managed Security offering was launched in September 2015. Since our introduction, we have signed on 7 new customers.
is currently offered.
Rackspace announced, in September 2015, new Managed Security and Compliance Assistance offerings to assist customers in addressing data security, protecting
10.2.2 Security Practices critical business processes, and mitigating risks from potential cyberattacks and threats. These service offerings allow Rackspace to work with its customers to develop
10.2.2.1 Provide detail on your company's internal security policy and holistic security solutions and address compliance requirements that cover complex, multi-cloud environments.
procedures, while specifically documenting any industry standards that
have been adopted or followed. Rackspace has policies that meet best Industry Standards following the ISO27002 Framework. However, Rackspace policy prohibits external distribution of company
policies and procedures. All Rackspace policies and procedures are confidential and proprietary. Rackspace policies and procedures are sensitive and the prohibition on
external distribution was adopted in part to protect our entire customer base. The following list represents the security policies that currently make up the Rackspace
Security Policies and a brief description of what they cover:
1. Rackspace Security Organization – establishes corporate security department and outlines responsibility for security at Rackspace.
2. Personnel Security – outlines security requirements associated with the Rackspace workforce.
3. Physical Access – defines requirements for physical security controls and processes.
4. Asset Controls – outlines expectations that establish control for physical assets within the company.
5. Information Sensitivity – defines the categories of information that support Rackspace business and controls to protect them.
6. Business Continuity – defines the corporate approach to ensuring that the Rackspace customer support infrastructure is always available.
7. Incident Response – provides expectations for the development of a defined corporate response to security incidents.
8. Acceptable Use – establishes requirements and prohibitions for the appropriate use of Rackspace’s services by customers.
9. Security Awareness and Training – establishes requirements for a corporate security-training program for the Rackspace workforce.
10. Protection against malicious code and viruses – defines Anti-virus solution requirements
11. Change management – outlines approaches to coordination and validation of proposed changes.
NIST 800 series guidelines reflect a very comprehensive approach to enterprise security program development. Rackspace security leadership has experience with NIST
800 series requirements. Rackspace has committed to a similar set of requirements as reflected in ISO27002. These requirements seem more reflective of how most
corporations approach security program development outside of government oversight.
10.2.2.2 Has your company had an independent review of its MSSP Yes. Rackspace maintains various certifications to assist you in verifying the security policies and processes Rackspace has in place for the environment of your hosted
infrastructure and service (SSAE 16 review)? infrastructure. We’ve been assessed and hold validation for the following compliance frameworks:
If so, provide detail on this review, including who executed it, when it
was executed, scope of the review, type of testing, frequency of testing * ISO 27002
and summary results. A softcopy of the report can also be uploaded. If * ISO 27001
not, is your company planning to have a review performed in the future * ITIL
or is it in the process of having one executed? Provide any details * Payment Card Industry Data Security Standard (PCI DSS)
regarding who will be executing it, when it will be executed, scope of * SSAE 16 and ISAE 3402 (Previously SAS 70 Type II)
review, type of testing, and frequency of testing. * Safe Harbor (export.gov)
* Content Protection and Security Standard (CPS)
10.2.2.3 Does your company perform internal reviews over its MSSP
infrastructure and service? While Rackspace has an internal security management system to ensure that it meets the requirements of applicable legal and regulatory obligations, it is the customer’s
If so, provide detail regarding who executed it, when it was executed, responsibility to comply with relevant laws and regulations that may impact their hosted data.
scope of review, type of testing, frequency of testing and summary
results. If your company hasn't performed an independent review or the It is important to note that many of our best practices are applicable across our entire portfolio (e.g., data center security) of services, whether dedicated hosting or cloud.
results cannot be distributed, would you grant SEA the right (or a third
party acting on its behalf) to audit your company's operations and The Rackspace Corporate Security and Internal Audit departments undertake regular compliance checking activities including formal scheduled audits, spot checks and
determine the appropriateness of implemented safeguards? risk assessments. Rackspace employees are trained annually on changes to policies and general security concerns in the market.
10.2.2.4 Describe your company's business continuity / disaster recovery policy. Rackspace performs regular internal audits of financial controls, Operations and Security controls, processes, and policies. Rackspace maintains contact with authorities
and special interest groups according to ISO27001 requirements. Rackspace maintains close ties to local law enforcement and emergency services, and to industry
10.2.3 Managed Security Services (MSS) Infrastructure special interest groups and forums. Rackspace maintains an ISOC (Information Security Operations Center) that monitors special interest groups and the health of the
10.2.3.1 Does your company maintain full, dedicated Security Operation Centers network as a whole.
(SOCs) to support its MSS?
10.2.3.2 Does your company own and manage its SOCs? Rackspace is committed to a business continuity program that helps us meet service level agreements (SLAs) reflected in customer contract language. Our business
continuity efforts are consistent and reflect industry best practices. Business continuity at Rackspace involves ensuring that supporting internal applications, utilities, and
10.2.3.3 Where are your company's primary and secondary SOCs located? Are network infrastructure remain operational after any service interruption event. We have several locations around the globe with a multi-site recovery plan for Rackspace
all of the SOCs operational 24 x 7 x 365? infrastructure, Rackspace facilities, and items covered under the Customer’s SLA and MSA.
10.2.3.4 Describe the level of SOC redundancy?
Explicitly, Rackspace’s business continuity program does not include customer-specific cloud resources or customer data hosted in the cloud. The customer should
10.2.3.5 Describe how your company limits service interruption if a SOC goes consider their recovery time objective and recovery point objectives when transferring data to cloud services, and structure their overall solution to satisfy these
10.2.3.6 offline? requirements.
Describe your company's security safeguards around the SOCs. Specific highlights of the program include:
* Redundant utility (data, voice, electric) providers and supporting SLAs
10.2.3.7 Describe the staffing for each of your company's SOCs. * Highly redundant ‘100% uptime’ shared network architecture
10.2.3.8 * Adequate inventories for hardware failure replacement
Does your company permit an onsite SOC visit? If so, what is the * Backup generators and electrical controls at each data center capable
process for planning the visit? * Remote support sites for customer contact support
* Backups of corporate support applications
* Periodic data center infrastructure restoration and contingency testing
The Rackspace Business Continuity plans do not include individual customer solutions, but are instead designed to ensure the highest possible availability of support,
service delivery, and communications to all customers. Rackspace can work with the customer to define a solution that meets their specific RTOs and RPOs.
Rackspace Managed Security employs 24x7x365 Customer Security Opperations Center (CSOC) that is located in San Antonio, Texas (Castle).
Rackspace Managed Security employs 24x7x365 Customer Security Opperations Center (CSOC) that is located in San Antonio, Texas (Castle). The CSOC is owned,
managed, and opperated by Rackspace Hosting.
Rackspace Managed Security employs 24x7x365 Customer Security Opperations Center (CSOC) that is located in San Antonio, Texas (Castle).
CSOC and all security analysts maintain the ability to remotely monitor and respond to security events within our customer environments if the CSOC is unavailable.
There is no service interuptions if the CSOC goes offline, all security analysts maintain the ability to remotely monitor and respond to security events within our customer
environments.
All CSOC hosts and systems are completely segregated from the rest of the Rackspace Hosting environment and all customer data is stored on encrypted systems. In
order to gain physical access to the CSOC it is required to pass through a corridor blocked by a entry badge only access and at the end of that corridor is an additional
door that requires badge access and biometrics scanning (fingerprint). Access is only granted to CSOC members and appropriate RMS personnel.
The CSOC is staffed by trained and experienced Security Analysts that exceed industry standards and are by all means "Best in Breed" security professionals. CSOC
analysts are GCIA, GCIH certified, and hold many other industry standard certifications.
Onsite CSOC visits are permitted and must be scheduled through the RMS Customer Experience Team and/or Rackspace Customer Experience Center. Access directly
into the CSOC by customers however is not permitted, all viewing will be from the Customer Experience Center through Ionized Glass which will be cleared for a short
duration of the CSOC Tour and briefing.
10.2.3.9 Describe your company’s staffing approach. The CSOC is staffed by trained and experienced Security Analysts that exceed industry standards and are by all means "Best in Breed" security professionals. CSOC
What are the classifications for support (Level 1, Level 2, etc)? Clearly analysts are GCIA, GCIH certified, and hold many other industry standard Level 1 Analyst monitor for lower level events and escalate to Level 2/3 if event severity
define each level of support and the functions performed. (For example, increases through the triage process. Level 2 analysts are responsibile for monitoring all Medium/High level events and escalate to Level 3 analysts if event severity
Level 1 support monitors events, incident escalation, documentation, increases through the triage process. Level 3 Analysts are responsible for all Critical level event handling and triage, Level 3 Analysts are also responsible for conducting
etc.) Which qualifications and certifications are required for each hunting missions in our customers environments that identifies anomolies indicative of attacker activity.
classification listed above? What types of career paths are available for
employees (in the above classifications) within your company? All RMS and CSOC personnel undergo an extensive background check prior to being offered a possition of employement within Rackspace Managed Security.
10.2.3.10 Describe your company's approach to background checks or screening RMS does not manage or maintain customer firewalls. RMS and the CSOC will, however, ingest firewall logs as an additional level of context and visibility to monitoring a
(if any) that are performed on employees, contractors, consultants and customer's environment.
vendors associated with any aspect of its MSS offering.
RMS does not manage or maintain customer firewalls.
10.2.3.11 Describe SEA's responsibilities (if any) in regards to managing the
firewalls. Depending on the particular requirements, we can explore how to support SeaWorld change management procedures. However, we do not manage or maintain customer
firewalls.
10.2.3.12 Does your company offer co-management, where SEA would retain
10.2.3.13 administrative rights and technology ownership for the firewalls? Firewall Manager lets you manage your security in real-time via our customer portal. When you want to make a change in permit rules or view destination server IP
Could your company support SEA's change management procedures? addresses and static rules you can do it yourself in the time it takes to create a support ticket. It's simple and fast—it's one more way Fanatical Support® makes hosting
10.2.3.14 If so, how would that be reconciled with its own standard operating better.
procedures?
What type of visibility (if any) would SEA have into your company's -Consultation with Experienced CISSP-Certified Security Professionals
firewall policies and configuration? -Rackspace Security Engineers On Site 24x7x365
-Dedicated and Fully Managed Firewalls
10.2.3.15 How many change requests are be allowed in a given month for -Firewall Manager for Higher Customer Control and Visibility over Security
10.2.3.16 managed firewalls? -Port Blocking, Packet Inspection, Virtual Private Network and Much More
What is your company's rate of accuracy for firewall rule changes? -Advanced Security Services for Multimedia Applications and Protocols
-Fanatical Support® provided all day every day
10.2.4 Firewall Management
RMS does not manage or maintain customer firewalls. RMS and the CSOC will, however, ingest firewall logs as an additional level of context and visibility to monitoring a
10.2.4.1 Describe your company's managed / monitored firewall service. customer's environment.
RMS does not manage or maintain customer firewalls. RMS and the CSOC will, however, ingest firewall logs as an additional level of context and visibility to monitoring a
customer's environment.
Our firewalls provide a level of security and have earned many industry accolades including ICSA Firewall and IPSec certification and Common Criteria EAL4 evaluation
status. Firewall configurations will be implemented per the customer’s requirement/direction. Rackspace deploys all firewalls in a maximum secure state, with all
ports/services closed/off. The implementation phase will involve Rackspace working with the customer to help define a solution/configuration that will meet their business
needs/demands.
Dedicated customer Virtual networks (VLAN) are used to logically segment customers on the Rackspace network into different broadcast domains so that packets are
only switched between ports that are designated on the same VLAN. Firewalls protecting the customer from the Rackspace public network and from the Internet are
implemented, configured and managed by experienced Internet security specialists. Firewalls are configured with Access Command Lists (ACL) which prevent access to
private internal IPs and deny access to all non-Administrative ports.
All non-administrative ports are closed by default unless specifically requested by the customer. Administrative activity by Rackspace on customer servers is limited to
specific internal Rackspace IP address ranges. Additionally, the customer may specify IP address ranges to be used to tightly restrict customer remote administration
Routers are configured to prevent Denial of Service (DoS) attacks through the use of anti-spoofing Access Control Listings (ACLs). TACACS+ is an industry standard
network device access control system. Rackspace secures access to core networking infrastructure utilizing inherent access control functionality in TACACS+ software.
Processes are in place to review the TACACS+ access lists on a quarterly basis to verify those users on the list still require access. Any discrepancies found are corrected
immediately.
10.2.4.2 Does your company have a consulting practice that is available for Rackspace has invested significant resources to ensure it can detect and respond to security events and incidents that impact its infrastructure. It is key to point out that
security and technology support (deployment, incident response and this function does not involve actively monitoring individual customer solutions, but the overarching networking and physical environment including the monitoring of
forensics, etc)? internal networks and employee access customer environments.
10.2.4.3 Which firewalls does your company support and how are those products Security operations at Rackspace ensure that:
selected? Is your company a vendor-neutral MSSP, or is it the actual
developer / manufacturer of the proposed product(s)? * Incidents are responded to in a timely manner and communication is disseminated to the relevant parties
* Corrective actions are identified and executed
10.2.4.4 Does your company have any management tool(s) for supporting * Root cause analyses are performed
multiple vendor firewalls? If yes, provide the corresponding detail. * Lessons learned are fed back to the policy and planning functions
10.2.4.5
10.2.4.6 Does your company currently have a firewall configuration check-up This function of our security management system drives continuous improvement of the practices and models we implement to protect Rackspace infrastructure. An
procedure? If yes, how often is this performed? effective mitigation of risks of a cloud solution requires a combination of a secure application architecture and security management disciplines within the service provider.
Does your company currently have a pre-deployment testing procedure Security Management at Rackspace involves the coordination of the security organization, security controls, and compliance and security operations.
in place? If yes, explain briefly.
Rackspace has selected Cisco as our firewall standard in our private cloud environments. The Vyatta firewall is our standard for Rackspace public cloud multi-tenant
10.2.4.7 Describe your company's process and quality assurance for making environments where the customer has no private devices or requirements. While technology is always changing Rackspace makes it a point to consistently review, test,
firewall changes. Moreover, describe the general firewall management and track the latest features in labs. We have very stringent requirements that revolve around the company, technology, support and service of our vendors. For each
quality assurance measures. product we review it is graded specific to how it benefits our customers, ourselves and industry. Feature sets depends on the product being reviewed. Rackspace’s
mission is to be the greatest service company and with that in mind we hold our vendors to high standards as well.
10.2.5 Managed Network IDS / IPS
10.2.5.1 Describe your company's managed IDS (intrusion detection systems) / Our tools are specific to the firewall vendors we have and are not cross-platform.
IPS (intrusion prevention systems) service.
At Rackspace we do nightly backups and check-ups to configurations to ensure consistent reliable configurations.
10.2.5.2 Does your company have a consulting organization that is available for
security and technology support (deployment, incident response and Rackspace has a strict procedure in order to setup initially all configurations with our best practices. There are other strict procedures to test and validate the deployment
forensics, etc)? providing another check and balance that the firewall and all networking equipement was setup correctly to ensure the device match our standard templates. This testing
and validation of the scripts and settings is done as a part of our QC process prior to handing the equipment to a live environment for customer use.
If a change needs to be made, the specific commands are entered into a ticket by Rackspace. The ticket is then approved by you, the customer to configure the firewall
specific to the statements in the ticket. A Rackspace manager will approve the ticket being processed and give access TACACS to the network engineer who will make
the change during the change outage window. The change is tested via communication by you, the customer. Upon acceptance, the Rackspace manager will remove
TACACS access to the firewall.
The Alert Logic Threat Management™ system monitors your Rackspace environment, detecting external and internal threats. When it detects an incident, Alert Logic's
ActiveWatch service provides expert guidance from its security operations center (SOC), staffed round the clock by Alert Logic security analysts. Integrated vulnerability
scanning helps you identify possible points of entry and correct them, and assists you with meeting regulatory compliance requirements.
The Alert Logic Log Manager™ automatically aggregates, normalizes, and stores log data from your environment—simplifying log searches, forensic analysis, and report
creation through real-time or scheduled analysis. LogReview, a service enhancement to Log Manager, provides daily event log monitoring and review by a team of Alert
Logic security professionals.
Rackspace has invested significant resources to ensure it can detect and respond to security events and incidents that impact its infrastructure. It is key to point out that
this function does not involve actively monitoring individual customer solutions, but the overarching networking and physical environment including the monitoring of
internal networks and employee access customer environments.
Security operations at Rackspace ensure that:
* Incidents are responded to in a timely manner and communication is disseminated to the relevant parties
* Corrective actions are identified and executed
* Root cause analyses are performed
* Lessons learned are fed back to the policy and planning functions
This function of our security management system drives continuous improvement of the practices and models we implement to protect Rackspace infrastructure. An
effective mitigation of risks of a cloud solution requires a combination of a secure application architecture and security management disciplines within the service provider.
Security Management at Rackspace involves the coordination of the security organization, security controls, and compliance and security operations.
10.2.5.3 Which IDS / IPS products does your company support and how are Rackspace Managed Security is vendor-neutral and tools agnostic.
those products selected? Is your company a vendor-neutral MSSP, or is
it the actual developer / manufacturer of the proposed product? Rackspace Managed Security holds relationships with several security tools and services organizations. RMS holds many relationships to provide the best insight and
capabilities to monitoring our customers environments as effectively as possible by allowing access to use multiple tools and capabilities.
10.2.5.4 Does your company have special relationships with the product and
10.2.5.5 platform vendors of the products that would be deployed? If so, how RMS employs the use of a network based perimiter IDS/IPS that captures all ingress and egress traffic within the customers environment. RMS also employs a host
would SEA benefit? Is your company the developer / manufacturer of based IDS and agent that captures and records all activity executed on a system.
any products supported by its MSS? If so, is your company proposing
any of these products as part of the solution for SEA? How would RMS employs the use of a network based perimiter IDS/IPS that captures all ingress and egress traffic within the customers environment. RMS also employs a host
SEA's input be solicited in product selection? based IDS and agent that captures and records all activity executed on a system.
Describe your company's approach for implementing a managed /
monitored IDS / IPS solution for SEA. RMS ingests and correlates all events and logging into a big data analytics solution which acts as the "single pane of glass" for CSOC analysts and for rule and
correlation generation.
10.2.5.6 What event data does your company capture when monitoring IDS / IPS
devices? Rackspace takes care of all patching and OS upgrades for software provided by it. However, Customer can opt out of this service and provide its own support for
patching to meet its business needs. Patch updates are thoroughly tested in our test environment prior to installation in your environment to confirm that they will not
10.2.5.7 How does your company's IDS / IPS solution enable correlation across adversely affect your systems. Rackspace typically deploys critical patches immediately, with limited testing. All other patches are tested and delayed for at least 7
disparate vendor devices and technologies? Business Days to allow for assessment of impact. Notifications of standard patches are released to Customer on a monthly basis with Critical patch notification performed
within 7 Business Days.
10.2.5.8 How does your company assure timely operating system, firmware,
patch, and signature upgrades / updates? What is its procedure for Our process for implementation updates is as follows: As security fixes are released, Rackspace will proceed to test the updates internally to make sure that these will not
performing these changes, including a description of quality assurance cause complications on your systems. Once the patches have been tested and approved a ticket will generated to notify you of the updates ready to be applied to your
measures? servers. You will have two days from the time the ticket is created to respond with your request to not be updated or specific instructions concerning updates. If there are
no further instructions from the customer Rackspace will proceed to apply the released patches to your configuration by the end of the week. When servers are kicked in
10.2.5.9 How does your company manage false positives and tune signatures? the Managed Segment, the schedule day and schedule time are randomized. This means that these servers will patch at different times. The default patching week is
week 4 of the month. Starting the 4th Monday of the week, these servers will patch according to the setting on the server. Rackspace leverages the Microsoft Windows
10.2.5.10 Describe the initial and ongoing tuning process. How would your Server Update Services as the foundation of our managed patching. Integration of Windows Server Update Services (WSUS) with other Rackspace systems provides
company tune IDS / IPS devices to the client environment? What several key functions that allow Rackspace a highly reliable, scalable and flexible managed patching solution.
involvement would be required from SEA?
There are several advantages with this new approach.
10.2.5.11 Describe the troubleshooting process. If a device is functioning * The ability to automatically download updates by product for Microsoft Windows, Office, SQL Server, and Exchange. Microsoft has committed to have updates become
10.2.5.12 improperly, explain the process for returning to normal operations. available in the future for more products.
* The ability to exclude target updates for specific computers and computer groups.
10.2.6 When a new vulnerability or threat is discovered, does your company * Maximized bandwidth efficiency through Background Intelligent Transfer Service (BITS).
10.2.6.1 create and deploy custom signatures for managed IDS / IPS devices? * The ability to target updates to specific computers and computer groups.
How are signatures tested and validated? What is the approach to * The Ability to verify that updates are suitable for each computer before installation so that only the necessary updates are applied.
developing custom signatures? * Centralized configuration of Rackspace managed servers to schedule update installs and system restarts per server.
R* CMoSminpgliaenstcseaannddcuoprrdealatetesstaatlul sevreepnotsrtainngdtologdgeitnegrminintoe ambisigsindgatuapadnaatelysticasndsohleultpiomn awihnitcahinaccotsnsaissttehnet "psaintcghlelepvaenlse aocfrgolsasssR"afockr sCpSaOceCmaannaalygsetsd asnedrvfeorrsrule and
Security Monitoring correlation generation. This allows RMS to quickly query, identify inefficiencies in rules, and execute rule tuning from a central location.
Describe the technical architecture for your company's MSS?
RMS ingests and correlates all events and logging into a big data analytics solution which acts as the "single pane of glass" for CSOC analysts and for rule and
10.2.6.2 How would your company's monitoring technology integrate into SEA's correlation generation. This allows RMS to quickly query, identify inefficiencies in rules, and execute rule tuning from a central location. No involvement from the customer
environment? What bandwidth is required? is required in the execution of ongoing tuning.
RMS works closely with Rackspace Security Support (internally) and Alert Logic (externally) for any hardware/device related issues. Once a devices is identified as
functioning improperly, the device is replaced within 1 hour.
Yes, signatures, rules, and queries are developed by the RMS Threat intelligence them when new vulnerabilities are identifies to track susceptable systems within a
customers environment. Any systems identified by this process are closely monitored for exploitation of the vulnerability in question.
Rackspace Managed Security's CSOC operation is based on the triple stack of: host visibility, network visibility and security analytics. Our analytics capability combines a
traditional SIEM operation to manage and correlate security events with a big data capability to baseline activity and highlight anomalous activity
Managed monitoring for the purposes of security needs is procured and provided by per customer request. There is ample bandwidth within the infrastructure but if
bandwidth were to spike over 65%+ Rackspace would notify SEA about possible upgrade in network connectivity. We are sizing the infrastructure within 10GbE thus we
don't suspect this will be of issue.
10.2.6.3 Does your company use any commercial SIEM or Log Management RMS ingests and correlates all events and logging into a big data analytics solution which acts as the "single pane of glass" for CSOC analysts and for rule and
technologies for event collection, correlation or analysis activities? correlation generation. This allows RMS to quickly query, identify inefficiencies in rules, and execute rule tuning from a central location.
10.2.6.4 Provide a listing of devices (IDS, firewalls, routers, etc) your company Standard offer - Alert Logic Log Manager, Alert Logic Threat Manager (for network monitoring only, not IDS) CrowdStrike FalconHost, LogRhythm Network Monitoring,
supports as part of its monitoring service, including categories of devices LogRhythm SIEM
and specific vendors technologies it supports. Describe the preferred Additional Components - Alert Logic Threat Manager (IDS), Duo Security 2FA, Imperva SecureSphere WAF, Vormetric Transparent Encryption, Incapsula WAF/DDoS,
collection method used to gather security logs or events from devices, Rackspace DDoS Protection (Arbor Networks)
as well as other non-preferred collection methods that are supported. All logs collected through the Alert Logic Log Manager
10.2.6.5 How scalable is your company's monitoring solution? Provide the Managed monitoring for the purposes of security needs is procured and provided by per customer request. There is ample bandwidth within the infrastructure but if
current event load across its client base. How does the platform bandwidth were to spike over 65%+ Rackspace would notify SEA about possible upgrade in network connectivity. We are sizing the infrastructure within 10GbE thus we
manage spikes in traffic growth? don't suspect this will be of issue.
10.2.6.6 How flexible is your company's monitoring platform and can it support Yes, RMS can ingests custom log sources and index the data into our analytics system for additional visibility into activity within a customers environment.
custom application logs? Explain the process and timeframe for
10.2.6.7 supporting new event sources. RMS monitors all firewall logs from firewalls active within the customers environment.
10.2.6.8 What data is analyzed when monitoring firewalls? RMS monitors all IDS/IPS logs from IDS/IPS active within the customers environment.
10.2.6.9 What data is analyzed when monitoring IDS or IPS devices? RMS monitors all host logs from hosts active within the customers environment.
10.2.6.10 What data is analyzed when monitoring host logs? Firewall Logs, IDS/IPS Logs, Win Event Logs, DHCP Logs, DNS Logs, Proxy Logs
10.2.6.11 Rank potential event sources in order of recommended priority. APIs can be directly plugged into the RMS analytics solution for further monitoring
10.2.6.12 Describe your ability to monitor technologies via their native application
10.2.6.13 programming interface (API). Windows 2008 R2 and Up, and REHL/CENTOS 6.2 and up are our requirements for host based monitoring
10.2.6.14 Would your company require SEA to maintain certain versions of the
technologies being monitored? RMS recommends ingesting as much network and host logging as possible to enable a detailed scope of visibility in the customers environment
10.2.6.15 Would your company require implementation of a log collection or
10.2.6.16 consolidation device on SEA's network? If so, provide detail. All data is collected using TLS out from the customer's environment. All data is encrypted and in transit.
10.2.6.17 Describe the communication data flow between monitored devices on
10.2.6.18 SEA's network and your company's monitoring facility. Include the RMS stores, indexes, and normalizes all data through an automated process within our analytics solution.
10.2.6.19 format, protocol, direction of communication and bandwidth implications.
10.2.6.20 Furthermore, describe how the confidentiality of the communications is RMS has a large number of highly validate and tuned alerts that monitor for suspicious and known attacker activity and the CSOC also employs hunting mission to
protected across public networks. proactively identify activity that cant be detected by a tool.
Describe your company's methodologies for filtering of data gathered. RMS triages every security event to identify root cause of the event and to explain why an event is malicious. The triaging process is executed uniquely for varying types
Describe your company's methodologies for the normalization of data of security events and is handled by specific event investigation playbooks.
received. Rackspace consumes processed intelligence reports from third parties at the tactical, operational, and strategic levels (which includes detailed trend analysis). This
Describe your company's methodologies for the identification of intelligence is fused with data specific to our customers and incorporated into monthly reporting.
suspicious activity.
Describe your company's methodologies for the validation of security RMS ingests and correlates all events and logging into a big data analytics solution which acts as the "single pane of glass" for CSOC analysts and for rule and
events. correlation generation. This allows RMS to quickly query, identify inefficiencies in rules, and execute rule tuning from a central location.
Describe your company's methodologies for trend analysis of security
events. RMS ingests and correlates all events and logging for all RMS customers into a big data analytics solution which acts as the "single pane of glass" for CSOC analysts
Describe your company's methodologies for the retention of event data. and for rule and correlation generation. This allows RMS to quickly query, identify inefficiencies in rules, and execute rule tuning from a central location accross all
customers.
10.2.6.21 Describe how your company correlates traffic between IDS, firewalls, RMS ingests and correlates all events and logging for all RMS customers into a big data analytics solution which acts as the "single pane of glass" for CSOC analysts
network devices, and other devices being monitored. Include details and for rule and correlation generation. This allows RMS to quickly query, identify inefficiencies in rules, and execute rule tuning from a central location accross all
regarding: customers.
Event-Linking Correlation; Asset-Based Correlation; Anomaly RMS ingests and correlates all events and logging for all RMS customers into a big data analytics solution which acts as the "single pane of glass" for CSOC analysts
Detection;Meta-Event Correlation; Fraud Data and Blacklist Data and for rule and correlation generation. This allows RMS to quickly query, identify inefficiencies in rules, and execute rule tuning from a central location accross all
Integration; Global Scale and Intelligence; and Early-Warning Systems. customers.
RMS ingests and correlates all events and logging for all RMS customers into a big data analytics solution which acts as the "single pane of glass" for CSOC analysts
10.2.6.22 Describe your company's approach to correlation of data across its MSS and maintains the ability to integrate customer asset criticallity information to scale event severity in managed rules.
clients. RMS has a large number of highly validate and tuned alerts that monitor for suspicious and known attacker activity and the CSOC also employs hunting mission to
proactively identify activity that cant be detected by a tool.
10.2.6.23 Describe your company's approach to correlation of data across MSS Rackspace currently consumes processed intelligence reports from third parties at the tactical, operational, and strategic levels (which includes detailed trend analysis).
(monitoring, scanning, intelligence). At the tactical level, these feeds are automate IDS rules, IOCs and signatures into our tooling. We also have the ability to generate our own rules based on analysis of
events observed across our customers Rackspace environments. At the operational and strategic level, the SOC operation is continually assessed and updated in order
10.2.6.24 Describe your company's approach to correlation of data across all to defend new TTPs, threats and Bad Actor capabilities as they evolve.
security devices, regardless of type or function.
10.2.6.25 Describe your company's ability to correlate event data to asset criticality
10.2.6.26 information.
10.2.6.27 How does your company gain visibility into anomalous activity and how
is that activity analyzed?
Does your company integrate external intelligence into the monitoring
process? If so, describe what intelligence is used, how it is obtained
and how it impacts the analysis process.
10.2.6.28 Describe how third-party intelligence sources are integrated into Rackspace currently consumes processed intelligence reports from third parties at the tactical, operational, and strategic levels (which includes detailed trend analysis).
monitoring and who those third-party intelligence sources are. At the tactical level, these feeds are automate IDS rules, IOCs and signatures into our tooling. We also have the ability to generate our own rules based on analysis of
events observed across our customers Rackspace environments. At the operational and strategic level, the SOC operation is continually assessed and updated in order
10.2.6.29 Describe your company's approach to reducing false positives. to defend new TTPs, threats and Bad Actor capabilities as they evolve.
RMS ingests and correlates all events and logging for all RMS customers into a big data analytics solution which acts as the "single pane of glass" for CSOC analysts
10.2.6.30 Describe the manner in which your company prioritizes client notification and for rule and correlation generation. This allows RMS to quickly query, identify inefficiencies in rules, and execute rule tuning from a central location across all
based on potential event impact. customers to reduce false positives and monitor rules more efficiently
The managed security onboarding process ensures that we understand the data that we are protecting, where it is being stored and the potential impact of that data to
10.2.6.31 Describe the type of notification and communication included as part of your business. Vulnerability data and threat intelligence and our analysis of your threat landscape drives the way categorize events observed in the environment and our
your company's service, including the timing associated with each type response is tailored to minimize business impact.
of notification. Managed security employs 3 standard reporting processes. Flash reports, issued within 2 hours of a critical event being identified, or 4 hours of a category high event.
Weekly reports, which are a metric driven summary of events observed within the environment in the course of the last week. Finally, our monthly reports summerize all
10.2.6.32 Describe any service limitations or thresholds that SEA would be the technical data observed in the environment for the last 30 days in a technical summary, but also include a summary of the observed in the environment, in the context
10.2.6.33 charged additional fees for exceeding. How many incidents could be of the threat landscape, specific to the customer.
10.2.6.34 escalated before additional fees are charged? Unlimited all inclusive - no hidden fees.
When a new threat or vulnerability is identified, describe how your
10.2.7 company's solution creates custom correlation rules to identify, respond RMS ingests and correlates all events and logging for all RMS customers into a big data analytics solution which acts as the "single pane of glass" for CSOC analysts
10.2.7.1 to and prevent similar attacks. and maintains the ability to integrate customer asset criticallity information to scale event severity in managed rules.
SEA anticipates changes and growth to its current network infrastructure
– in particular, the potential use of public cloud services in the future. Definitely yes.
How would your company's architecture grow to meet these future
needs? The Alert Logic Log Manager™ automatically aggregates, normalizes, and stores log data from your environment—simplifying log searches, forensic analysis, and report
Log Management creation through real-time or scheduled analysis. LogReview, a service enhancement to Log Manager, provides daily event log monitoring and review by a team of Alert
Describe your company's approach for collecting, indexing and retaining Logic security professionals.
raw log data.
Rackspace Managed Security employes the Alert Logic Log Manager for log colledtion and management. Additionally, all log information is fed into our security analytic
10.2.7.2 What tools does your company use to monitor and manage log data? platform for analysis and correlation
The Alert Logic Log Manager supports over 3000 individual log sources. For new log types to be added to the platform, RMS works closely with the Alert Logic
10.2.7.3 What log sources are supported and what is the process for supporting engineering team to add new log sources.
new log sources (i.e. custom applications)? Log data not stored on any customer system. The data is shipped to secure locations at the Alert Logic and Rackspace data centers
10.2.7.4 How is log data protected from tampering or misuse? Data can be retained as long as is required by the customer
10.2.7.5 How scalable is your company's solution? How much log data can be
retained? The Alert Logic Log Manager has propritery technology to compress the information that is sent from the host agents to the backend analytics platform
10.2.7.6 What level of compression is available?
The Alert Logic Log Manager supports over 3000 individual log sources. For new log types to be added to the platform, RMS works closely with the Alert Logic
10.2.7.7 What resources are available to support the integration of log sources engineering team to add new log sources.
into the system? Log management is sized on tiered structure based on total number of log sources
10.2.7.8
10.2.7.9 How is your company's log management solution sized? RMS works closed with the customer to identify all systems that need to be monitored and consistently anaylzed the environment and architecture to make sure any
changes are accounted for.
10.2.8 How does your company ensure that logs are being collected from all
10.2.8.1 critical systems? Rackspace has a Threat and Vulnerability team, which serves both Rackspace Managed Security and the internal Global Enterprise Security team. They consume
multiple actionable intelligence feeds, including signature-based intelligence, which is integrated into SOC tooling and operational and intelligence and drives
10.2.8.2 Threat Intelligence deployment, posture and remediation of vulnerabilities.
10.2.8.3 Does your company have a dedicated research team that is focused on For the most part, Rackspace consumes intelligence which has already been analysed and validated by external intelligence providers. Our team is focused on
10.2.8.4 threats and vulnerabilities? If so, what information sources do they use contextualizing that intelligence for our customer's verticle and environment.
10.2.8.5 for intelligence? What access do MSS clients have to this team? The Rackspace Managed Security team ingest multiple intelligence feeds, these are operationalized by the analysts to maximize the effectiveness of our security
10.2.8.6 How is intelligence analyzed and validated? operation. We use various metrics to understand our effectiveness against threats and add capability when required.
10.2.9 The SOC team is made up of Cyber Security analysts and report writers. 1 team.
10.2.9.1 How is intelligence used in the management and monitoring of client
10.2.9.2 devices? What visibility do clients have into this intelligence? N/A
10.2.9.3 What is the level of integration between the research team and SOC
10.2.9.4 operations? N/A
10.2.9.5 Provide (or upload) examples of how threat research has been used to
proactively protect clients. Partner based vulnerability scanning. Via Alert Logic, using devices on individual customer networks for internal scans and shared scanning infrastructure for external
Provide (or upload) samples of research briefs or write-ups from scans. Will be transitioning to new partner (Rapid 7) in the coming months, archtecture will be similar.
research staff.
Vulnerability Scanning Vulnerabilities confirmed by customer and/or analyst. False positives reported via email or web portal
Describe your company's vulnerability scanning architecture.
Can be done via 3rd party services
Where does your company source its vulnerability checks?
What is the process to escalate and / or prioritize identified Vulnerabilities confirmed by customer and/or analyst. False positives reported via email or web portal
vulnerabilities?
Does your company support web application scanning? Can it test for
database vulnerabilities?
How are vulnerabilities confirmed? What is the process for reporting
false positives?
10.2.9.6 Is vulnerability data used in the monitoring process and, if so, in what Vulnerabilities are reviewed by the CSOC analysts and the monitoring operation is adapted to minimize risk posed by any existing vunerabilities.
10.2.9.7 ways? Email to customer-defined recipient list. Scans scheduled via web interface
10.2.9.8 How are vulnerability scanning reports delivered? How are scans Yes, via artner based vulnerability scanning. Via Alert Logic, using devices on individual customer networks for internal scans and shared scanning infrastructure for
10.2.9.9 scheduled? external scans. Will be transitioning to new partner (Rapid 7) in the coming months, archtecture will be similar.
Can your company support internal and external scanning? What Yes, Alert Logic and Rapid 7
infrastructure does this involve?
Does your company offer payment card industry approved scanning Rackspace would not leverage SEA's scanning tool (Qualys)
vendors (PCI ASV) scanning to support quarterly compliance validation?
Rackspace does not currently protect customer endpoints (laptops, desktops, mobile devices on customer premises). Capability is targed for 2016
10.2.9.10 Would your company leverage SEA’s vulnerability scanning tool N/A
(Qualys), or would all services be provided with its own tool? N/A
10.2.10 Endpoint Protection N/A
10.2.10.1 Describe your company's managed service for endpoint security? N/A
10.2.10.2 Does your company's solution require agents installed on every N/A
endpoint? If so, what are the bandwidth implications? N/A
10.2.10.3 Is your company's endpoint managed service “always-on,” or does it rely N/A
on periodic scanning? N/A
10.2.10.4 What visibility would SEA have into what is happening on its endpoints? N/A
N/A
10.2.10.5 In the event of an alert, does your company's solution provide N/A
remediation recommendations?
10.2.10.6 What would SEA's responsibilities be with regards to managing the Malware protection is provided via the CrowdStrike FalconHost agent
solution? No
10.2.10.7 How long is the endpoint data retained for forensic purposes? N/A
10.2.10.8 Does your company have threat intelligence embedded in your solution? Yes
Yes
10.2.10.9 Does your company's solution provide coverage for Windows, Linux and N/A
Mac OS endpoints? Varies based on customer requirements.
10.2.10.10 Does your company provide the ability for remote incident response and Managed security employs 3 standard reporting processes. Flash reports, issued within XX of an event being identified, XXXXXXXXXXXXXXXXXX. Weekly reports, which
quickly isolating compromised endpoints from its network? are a metric driven summary of events observed within the environment in the course of the last week. Finally, our monthly reports summerize all the technical data
observed in the environment for the last 30 days in a technical summary, but also include a summary of the observed in the environment, in the context of the threat
10.2.10.11 Does your company's solution use an onsite appliance and / or landscape, specific to the customer.
professional services to assist with implementation and training? Yes. Please see answer above.
10.2.10.12 How does your company ensure / verify that all endpoints are being Rackspace Managed Security produces comprehensive reporting, contextualized for our customers. This minimizes the requirement for ad hoc reporting but requests
managed? would be handled on a case by case basis.
Yes, RMS can create PDF reports and deliver them encrypted and signed securely.
10.2.11 Malware Protection
10.2.11.1 Describe your company's managed service for advanced malware RMS delievers weekly and monthly reports that outline your security operations. Weekly reports will be delivered every Friday to give a weekly update on activity observed
in the environment. Monthly reports will be delivered the first Friday of every month that contain a Security Operations overview for the entire month as well as detail the
protection. threat landscape for the customer.
10.2.11.2 Does your company's solution utilize sandboxing technology? If so,
what type?
10.2.11.3 Can your company's solution detect malware that is designed to evade
traditional sandboxes?
10.2.11.4 Can your company's solution detect zero-day threats?
10.2.11.5 Does your company have threat intelligence embedded into the
solution?
10.2.11.6 Does your company offer complimentary services to provide defense-in-
depth?
10.2.11.7 In the event of a compromise, what level of responsibility does your
company assume in relation to remediation?
10.2.12 Managed Security Services Reporting
10.2.12.1 Describe your company's standard reporting process, specifically
including how frequently SEA would receive standard reports and
whether your company has web-based reporting capability. Also,
upload samples reports and screen shots of web-based interface.
10.2.12.2 Does your company have asset-based reporting allowing SEA to create
and group assets, assign criticality and view event, scanning and all
other information using asset views?
10.2.12.3 Does your company support ad-hoc reporting requests? If so, describe
the process for requesting ad-hoc reports and lead time for ad-hoc
reporting.
10.2.12.4 Does your company support the ability to create PDF reports? If so, can
they be sent securely via email? Can they be digitally signed and
tracked?
10.2.12.5 What is your company's approach to providing meaningful security
metrics? Describe reports available in the portal that clients can use to
demonstrate security effectiveness and ROI.
10.2.12.6 How is your company's reporting interface structured? Would SEA use Rackspace uses a variety of tools to manage customer environments. We use an industry standard toolset for monitoring and managing traditional physical servers and
multiple interfaces for different services? Is the information integrated network elements. In addition, we have developed our own Cloud Monitoring Platform, Agent, and automation systems.
across service line and, if so, what cross-service line metrics and reports
are offered? Our web monitoring tools are able to monitor not only synthetic web transactions, but tools we bring to bear with our Critical Application Services (CAS) also pull in-depth
metrics from within application platforms, such as que-depths, pool connections, and log analysis can allow us to start reacting before application problems are even
10.2.12.7 Could SEA create custom reports and, if so, how is this accomplished? visible to customers.
10.2.12.8 What pre-built reports are available? Are there compliance reports? If
We present all our information, and control systems to our customers, by our MyRackspace Customer Portal, and Cloud Portal systems, which allow read-write, and read-
so, which regulations are supported? only access to all the metrics and parameters we work with to manage customer environments.
10.2.12.9 Describe help desk or ticketing functionality. What workflow This allows customers to take a “trust, but verify” approach to governance, with a portal that summarizes both performance and ticket history.
management features are available?
Yes. The MyRackspace customer portal is a graphical, user-friendly and interactive interface provided for managing your account and generating reports, etc. Please see
10.2.12.10 Can your company integrate with client ticketing systems (i.e. the attached overview of the customer portal.
ServiceNow)? RMS delievers weekly and monthly reports that outline your security operations. Weekly reports will be delivered every Friday to give a weekly update on activity observed
in the environment. Monthly reports will be delivered the first Friday of every month that contain a Security Operations overview for the entire month as well as detail the
10.2.12.11 How long is data available in the portal for reporting? threat landscape for the customer.
10.2.13 Client Support and Account Management
10.2.13.1 Describe your company’s process for client-initiated tickets, as it relates Service requests can be made in one of three ways: by contacting your account team directly, by submitting a trouble ticket through the MyRackspace® Customer Portal
(http://my.rackspace.com) or by calling our toll free support number. All service requests will be assigned a ticket, regardless of the method chosen to contact
to incidents and support issues. Rackspace. The full history of all tickets associated with the account will be available for review through our customer portal, providing you a full history of changes
performed by Rackspace support personnel.
With the MyRackspace® Customer Portal, you’ll get increased control through powerful self-service tools including:
* DNS Administration makes site changes more seamless
* Firewall Control Panel allows you to set, manage and change access rules
* Virtual Environment Management gives you increased control over your VMs (Virtual Machines)
* Turn VMs on and off as needed to save money
* Create and store VM templates for one-hour provisioning
* Create and store VM copies for rapid recovery from a VM failure
The MyRackspace® Customer Portal can be utilized to create, view, search and update tickets remotely, while you can submit, search, and view SeaWorld support
tickets which are delivered immediately to your dedicated Rackspace support team. Receiving daily updates is straightforward, and allows you insight into your bandwidth
consumption and managed backup reporting, identifying traffic patterns and bottlenecks.
The flexibility of customizable user permissions allows SeaWorld to create a fully evolved management of individual and group access to your configuration and account.
You’ll get additional support tools and resources in our Discussion Forums, Knowledge Base Documents, and Suggestion and Message Center that enhance your
MyRackspace experience.
DNS Administration-Rackspace provides DNS services at no additional cost. Full management of all domains and resource records can be performed through the DNS
manager or by submitting a service request by any of the methods previously mentioned.
Bandwidth Reporting-MRTG-style graphs for all servers and devices are available within the MyRackspace® Customer Portal, along with aggregate transfer amounts for
that month. Rackspace provides bandwidth allotments based upon aggregate transfer, and can optionally provide 95th percentile pricing for commitments of 20 Mbps
and higher.
Backup Reporting-The MyRackspace® Customer Portal allows SeaWorld to view the details of your backup environment as well as usage, history, and success/failure
status. Any backup failures are logged by the backup utility software and immediately investigated.
Yes, depending on the specifics of the project.
For as long as the account is active.
Service requests can be made in one of three ways: by contacting your account team directly, by submitting a trouble ticket through the MyRackspace® Customer Portal
(http://my.rackspace.com) or by calling our toll free support number. All service requests will be assigned a ticket, regardless of the method chosen to contact
Rackspace. The full history of all tickets associated with the account will be available for review through our customer portal, providing you a full history of changes
performed by Rackspace support personnel.
10.2.13.2 What is your company's approach to client support? Rackspace is the only hosting company that offers you Fanatical Support® – our unconditional commitment to doing whatever it takes to make our customers successful
and happy. We back up this support with an industry leading SLA and a pledge that if something goes wrong, we will rise to the occasion, take action, resolve the issue,
10.2.13.3 How is your company's client support structured? What is the and accept responsibility. Our culture is based upon fundamental service elements that are outlined below:
escalation process for reported problems or issues?
Responsiveness
10.2.13.4 What are the hours for client support? Does support change hands at * Your support team will be available to assist you 24x7x365
any point? What location(s) is this support provided from? How does We will be accessible by phone or ticket at all times
your company maintain quality of support 24 x 7? * We will take special care to assist with your urgent requests
Ownership
* We will take personal responsibility for your hosted Rackspace infrastructure
* We empower our employees to make decisions and take actions on your behalf
* A live escalation contact will be readily available to you at all times
* We will follow through on our commitments to you
Resourcefulness
* We employ creative and practical solutions for your hosting service, including items related to the network, hardware or operating system
* Our staff includes subject matter experts that know how to identify problems and offer solutions
* Our support teams will provide advice about your Rackspace environment based on industry and technology expertise
Transparency
* We will actively listen to and provide you with direct and individualized communications
* Our communications and conversations are not scripted, but are personal responses addressing your specific needs
* Our answers to your questions will be straightforward and honest, and we will not avoid tough questions
Rackspace live support will be available 24 hours per day, 7 days per week, year round. Sea World may request support by opening a support ticket via the
MyRackspace® Customer Portal or by calling your account team.
We will respond to your support requests within the following time frames:
Emergency
* Respond within 15 minutes.
* Examples of emergency issues include your server, switch, or site down. You cannot access your server or site from the public Internet.
Urgent
* Respond within 1 hour.
* Examples of urgent issues include your server or site functioning improperly or at less than optimal performance. Your server or site is accessible but in a reduced state
(timeouts or slow response).
Standard
* Respond within 4 hours.
* Examples of standard issues include all non-critical issues; server or site is functioning normally, but you require information or assistance on Intensive services, wish to
schedule maintenance outages or help with any other non-immediate tasks. Your site is functioning with acceptable parameters, but you require assistance in loading
software or have a help desk-type question.
We will contact you via support ticket, telephone call or both, depending upon the severity of the situation and any procedures we have established with you for your
account.
Sea World will have 24x7 access to their account team and to technical support staff. Additional support is available in our US based support team in San Antonio and
Austin, TX.
Rackspace Exchange Support is available M-F 7am - 7pm CST for application support and questions. Our teams are available 24x7x365 for any critical issues (system
down).
Rackspace SharePoint Support is available M-F 7am - 7pm CST for application support and questions. Our teams are available 24x7x365 for any critical issues (system
down).
The words you are searching are inside this book. To get more targeted content, please make full-text search by clicking here.
1 SWData Center Scope
Discover the best professional documents and content resources in AnyFlip Document Base.
Search