2.2.2
– beyond the annual report, is there a portal for customers to monitor network uptime and issues?
– in the past, network performance has been affected by security issues – it’s understandable that UNM would not want to publish publicly on IT Alerts what the exact cause is. Would it be possible to publish, behind a NetID site, more detailed information for the UNM IT community? With an understanding of the situation, the UNM IT community could monitor and improve their security posture, and inform end users, generally, that the issues are due to an external threat.
– would switches fall under the 2 business day failure replacement window? What happens if it’s a device affecting an entire building?
3.1 and 5.1
The KSA report references cost-recovery and so it appears that departments may now need to pay for things they didn’t previously (5.1), but may also need to pay for changes initiated by Networking/Security (3.1).
It makes sense to clearly define in this SLA what services will incur charges, and what will remain core-services – if departments are paying for services, their expectations will be higher. Costs and related service expectations are then best noted here.
To avoid misunderstandings, it would be useful to have a well-defined list:
– of the customer initiated requests that will incur charges (firewall changes? DNS additions?)
– of all UNM Networking initiated changes that will be charged to customers (VLAN requirements? subnet redesigns?)
-If a condition is not listed, then would customers assume it is a core-service and they are not to be charged for it?
– Bullet 2 – deactivate hosts and departments
– what is the notification process prior to deactivation?
– in routine, non-emergency cases where UNM Networking or Security initiate a change that could affect departments, what sign-off or notification process would apply?
– can a department be charged for work if there was no prior sign off or notification?
– what protocol is followed if a network change interrupts a department’s established business process (assuming the process itself did not represent a security issue)?
– is there a cost to the department to remediate the change or create a workaround?
– would items 6.1 and 6.2 then apply, where an Incident has occurred affecting the department, and would be assigned a Priority designation?
–
In all cases where a charge could occur, should a customer sign off and notification procedure be documented within this SLA?
- This reply was modified 8 years, 5 months ago by ccovey01.