Appendix E

APPENDIX E: UNIFYED CLOUD HOSTING AND MANAGED SERVICES OVERVIEW


Unifyed Cloud Hosting And Managed Services Overview

Unifyed provides comprehensive 24x7x365 hosting capabilities in the Unifyed Cloud. With Unifyed's hosting and managed services, you can leverage the Unifyed's technical expertise and infrastructure to help reduce your implementation timeframe without the usual upfront infrastructure costs — or the ongoing implementation and management headaches.

When you select Unifyed for the day-to-day hosting and technical management of Unifyed, you gain comprehensive application expertise and reliable IT infrastructure designed to keep your Unifyed solution running smoothly and dependably. Unifyed ensures that your implementation of Unifyed achieves minimum 99.9% up-time on a yearly basis.


Unifyed's Cloud Hosting Service Features:

  • Standard Grade Datacenter Facility
  • Standard Datacenter Equipment
  • Multi-homed, Redundant Internet Connectivity
  • Robust Network, Application, and Physical Security
  • Maintenance of Virtual Instance and Operating System
  • Unifyed Application Administration and Management for Upgrades, Security Patches, Restarts as per SOW
  • Unifyed Database Administration Management Upgrades, Security Patches, Restarts as per SOW
    • 24x7x365 Network Operations Center staffed by a team of engineers monitoring your applications around the clock

Unifyed's Cloud Hosting Service Benefits:

  • Eliminate upfront capital expenditures – Unifyed takes care of all the equipment and provisioning costs.
  • Maintain high performance, availability, stability, and security while reducing overall cost of ownership.
  • Improve performance and productivity – concentrate your team on its areas of core strength and not infrastructure.
  • Eliminate unplanned downtime and performance issues with our "best-in-class" service level agreements (SLAs).
  • Gain peace of mind knowing your Unifyed solution will be consistently available to those who need it most – your customers.

Unifyed Cloud Architecture

Unifyed's Cloud has extended it's hosting services to Amazon® Elastic Compute Cloud (Amazon® EC2). Unless otherwise specified in your SOW, each virtual machine is equipped with 4 virtual CPUs, 15 GB RAM, 18 GB storage space (SSD) and 1 mbps outbound bandwidth utilization per year.


Reliable

Amazon® EC2 offers a highly reliable environment where replacement instances can be rapidly and predictably commissioned. The service runs within Amazon®'s proven network infrastructure and datacenters. Note: The Amazon® EC2 Service Level Agreement commitment is 99.9% availability for each Amazon® EC2 Region.


Secure

Amazon® EC2 works in conjunction with Amazon® VPC to provide security and robust networking functionality for your computed resources.

  • Your compute instances are located in a Virtual Private Cloud (VPC) with an IP range that you specify. You decide which instances are exposed to the Internet and which remain private.
  • Security Groups and networks ACLs allow you to control inbound and outbound network access to and from your instances.
  • You can connect your existing IT infrastructure to resources in your VPC using industry-standard encrypted IPsec VPN connections.
  • Your EC2 resources can be provisioned as Dedicated Instances. Dedicated Instances are Amazon®® EC2 Instances that run on hardware dedicated to a single customer for additional isolation.

Next Generation Cloud:

Just as Amazon® Simple Storage Service (Amazon® S3) enables storage in the cloud, Amazon® EC2 enables "compute" in the cloud. Amazon® EC2 uses Amazon® EBS and Amazon® S3 to provide reliable, scalable storage of your Amazon® Machine Images (AMI) so that we can boot them when you ask us to do so. Amazon® EC2 works in conjunction with Amazon® Simple Storage Service (Amazon® S3), Amazon® Relational Database Service (Amazon® RDS), Amazon® SimpleDB and Amazon® Simple Queue Service (Amazon® SQS) to provide a complete solution for computing, query processing and storage across a wide range of applications.


Backup & Recovery Powered By Amazon® Elastic Block Store (EBS)

Unifyed use Amazon® Elastic Block Store (EBS) that offers persistent storage for Amazon® EC2 instances.

Amazon® EBS is recommended when data changes frequently and requires long-term persistence. Amazon® EBS volumes are particularly well-suited for use as the primary storage for file systems, databases, or for any applications that require fine granular updates and access to raw, unformatted, block-level storage. Amazon® EBS is particularly helpful for database-style applications that frequently encounter many random reads and writes across the data set.




EBS-Optimized Instances

EBS-optimized instances enable EC2 instances to fully use the IOPS provisioned on an EBS volume. EBS-optimized instances deliver dedicated throughput between Amazon® EC2 and Amazon® EBS, with options between 500 and 2,000 Megabits per second (Mbps) depending on the instance type used. The dedicated throughput minimizes contention between Amazon® EBS I/O and other traffic from your EC2 instance, providing the best performance for your EBS volumes. EBS-optimized instances are designed for use with both Standard and Provisioned IOPS Amazon® EBS volumes. When attached, Provisioned IOPS volumes can achieve single digit millisecond latencies and are designed to deliver within 10% of the provisioned IOPS performance 99.9% of the time.


Storage Powered By Amazon® EBS Snapshot

An Amazon® EBS snapshot is a point-in-time backup copy of an Amazon® EBS volume that is stored in Amazon® S3. Snapshots are incremental back-ups, which mean that only the blocks on the device that have changed after your most recent snapshot are saved. When you delete a snapshot, only the data exclusive to that snapshot is removed. Active snapshots contain all of the information needed to restore your data (from the time the snapshot was taken) to a new Amazon® EBS volume.


Amazon® Virtual Private Cloud

Amazon® Virtual Private Cloud (Amazon® VPC) lets you provision a logically isolated section of the Amazon® Web Services (AWS) Cloud where you can launch AWS resources in a virtual network that you define.


DDoS Protection Powered By Amazon® Web Services

This service enhances AWS' basic DDoS mitigation capabilities so that your business-critical applications are always secure against all types of DDoS attacks. Using advanced traffic inspection technology, DDoS Protection for AWS automatically detects and mitigates volumetric network (OSI layer 3) and sophisticated application (layer 7) DDoS attacks—with zero business disruption to users. If you are a target of DDoS attacks, Unifyed recommends additional DDoS protection using services such as CloudFlare, Akamai and Incapulsa.


Monitoring Powered By Zenoss®

At Unifyed, we utilize best-of-breed monitoring and operations center solutions to ensure uptime and accessibility. Unifyed uses Zenoss® network management system (NMS) solution for monitoring. Zenoss® monitors critical systems and services on a 24/7 basis, ensuring uptime, reliability, availability, and assuring you of receiving your 99.9% uptime guarantee.



In addition to providing you with monitoring capability, Zenoss® is utilized by our 24/7 network operations center to monitor and control servers on a global basis. The NOC is utilizing Zenoss® to monitor your Unifyed solution every minute of every day, year round.

Beyond ensuring that downtime is dealt with appropriately, Zenoss® provides Unifyed a window into the health of your portal server. Through these health check dashboards and monitoring services, the NOC and Unifyed' Support Team can prevent critical infrastructure and services from going down and stop problems before they start – providing you with dedicated resources that are working each day to find and correct problems and maintain your servers in optimum health.




Unifyed Cloud Security

Given a seemingly constant stream of announcements related to security breaches, loses of verify data, and the increasingly rigid legislative environment, protecting your institutional and user data is a key consideration for any service deployment.

Unifyed takes our Client's security extremely seriously and has implemented multi-tier security architecture. Leveraging both industries best practices, third party audits, leading hardware, software, and tools – your data is protected from both hostile attack, and inadvertent release.


Unifyed Data Security Architecture

Unifyed believes the primary role of Unifyed Web Digital Campus is to aggregate, display, and provides access to information - not to store or manage it. Whenever possible management, security and control of information is delegated to institutional core information systems, with Unifyed serving as a conduit, but not maintaining copies or storing user information, aside from that required to look up records.

For example: in the case of integration with an institutional ERP system for Course Grade data, information is retrieved when the user requests it (by accessing a page with portlets displaying the content). The user is identified to the ERP system, and records for that user are displayed in the portal, but not persisted past the end of the user's login session. This architecture allows both:

  • Local enforcement of data access rules and policy
  • Increased security by limiting the dissemination of information

Application Security

The Unifyed web services utilize HTTPS for securing information between the end user and the Unifyed solution. Users can be assured that their grades, financial aid, and other private information are not publicly accessible and susceptible to sniffing attacks that could occur when HTTP is utilized. Web services are verified with Secure Socket Layer (SSL) certifications to verify hostnames and to prevent "spoofing" attacks.

  • Role-Based Access Control allows fine-grained control over data and resources
  • Encryption/Hashing of password and other sensitive data prevents disclosure
  • Delegated Administration over application data allows scoped administration
  • User-based system integration – user information is passed to backend systems allowing for authorization to be enforced at the source
  • Logging & Auditing of access to critical information to aid in diagnostics and recovery
  • Institutional Integration – we use your Directory/SSO infrastructure for end-user authentication, immediately reflecting access/provisioning changes, password policies, etc.

Operational Security

The Unifyed staff takes protective measures to ensure that root passwords, application administrator passwords, and other sensitive information is stored on protected volumes that are accessible only to authorized personnel. Access from Unifyed to the applications you have integration to Unifyed is secured via IPSec VPN tunneling to ensure integrity of any confidential data. These measures and more are all designed to ensure that your Unifyed Web Digital Campus remains available to your users but a secured pathway into your Standard environment.


Privacy

The Unifyed service has crafted a clear and concise statement on privacy concerns, and includes the statement as part of the standard Unifyed service agreement. Unifyed complies with all relevant federal and state laws regarding privacy, including FERPA. Your users' information is never sold to any third party, and Unifyed does not allow its staff to access your students' private information other than for testing purposes.

Your servers will be hosted on dedicated virtual machines. Root passwords, application administration passwords, and other such secure passwords will be site-specific. Root access will be restricted to verified and authorized system administrators only.

Note: For further details on Unifyed's Network Security, ask your Unifyed Relationship Manager for Unifyed Network Security Whitepaper.


Unifyed Hosting Service Level Agreement (SLA)

Unless otherwise specified in your SOW, Unifyed provisions Standard Edition of Unifyed in a configuration with the following specifications:

  • Disk: 18 GB of SAN storage
  • 4 Virtual CPUs
  • 15 GB of RAM
  • 1 Mbps outbound utilization per year

The virtual server provided for Unifyed Standard Edition supports max 600 (six hundred) active users (stressed mode) which can create total of 1,800 (eighteen hundred) concurrent sessions at HTTP layer in login throughput based load/stress test.

Note: For organizations that require additional active users, Unifyed also has an additional configuration e.g. Unifyed Advanced Enterprise Architecture or Unifyed Advanced Dynamic Enterprise Architecture. Contact your Relationship Manager for further details on Unifyed Advance Architecture.


System Availability, Response & Maintenance

System Availability

  • Unifyed is a 24x7 application with minimum availability levels of 99.9% system uptime per year. Availability applies to your Unifyed production nodes only, unless otherwise stated in your SOW.
  • This availability does not include downtime caused by the following scenarios:
    • Scheduled downtime where notice is given to Clients, or where the Client's Unifyed solution is taken offline due to Client requested work needing to be performed (eg. Upgrade).
    • Any deletion of pages, content, data by Client that causes the unauthenticated content to be inaccessible to users. (Eg: Deletion of system folders).
    • Any unavailability caused by circumstances beyond our reasonable control, including, for example, an act of God, act of government, flood, fire, earthquake, civil unrest, act of terror, strike or other labor problem (other than one involving our employees), Internet service provider failure or delay, or denial of service attack.
  • Minimum 24 hour notice of planned system outages.
  • Access 9am-5pm ET to dedicated support team including Tier 1 and 2 tech support (see SOW for details).
  • Access 24x7x365 to dedicated support team for Priority 1 incidents (see SOW for details).

Note: For Clients that require 24x7x365 access to Unifyed Support for Priority 2-5 support requests or custom Solutions available, contact your Relationship Manager for Platinum Support pricing information.


Unifyed Maintenance

  • Scheduled maintenance and service windows
  • Advanced notification of outages
  • Standard upgrades, bug fixes, performance analysis, storage maintenance
  • Unit tested, load tested, and user tested code
  • Daily backups and pre-maintenance snapshots
  • Backup and archive windows are fully configurable and can be set per Client
  • Backup archives can be requested for compliance with your governance and regulation. Depending on the request, there may be Professional Services fees.

Monitoring & Reporting

  • Report of system performance metrics available upon request
  • Report of service calls broken down in timeframes available upon request
  • Report of system usage statistics available upon request

Dedicated Staff

  • An assigned Unifyed Relationship Manager
  • Single point of contact for Unifyed
  • Meets online regularly with Client (determined at time of kick-off)
  • Responds in a timely manner to e-mails and phone calls
  • Focused on current status, needs, issues and planning

Benefits Of Hosting Vs On-Site

Accelerate Project Delivery Timeframe

Historical implementation data shows that Clients selecting Unifyed can accelerate the timeframe to get Unifyed up and running. The decrease in timeframe is attributed to the use of Unifyed's standardized infrastructure and software build configurations, expert technical resources, and tested implementation processes. On average, our Clients have decreased delivery timeframes by six months. Our team of implementation engineers and administrators have the experience and know-how you need to get your Unifyed implementation functional and operational in the shortest amount of time possible.

Decrease Or Eliminate Cost Of Ownership

When you choose to host your Unifyed solution, your can vastly decrease or even eliminate cost of ownership. Unifyed maintains the hardware and software foundation of your system. Unifyed will take care of system patching and equipment upgrades, in cooperation with your local information technology staff, ensuring constant and effective communication. Hosting will take the burden of ownership off of your institution, providing you with more fiscal and human resources to target at proven areas of expertise and areas of needed investment at your institution.

Decrease Staff Workload

In today's always-on society, information technology staff is at a premium. Chances are, your IT staff has a high workload, and adding additional services and applications to their support duties may not be a viable option. With Unifyed's Cloud Hosting, Unifyed provides all the resources needed to host, administer, maintain, and extend your Unifyed application now and into the future.

Improved Performance

Choosing a Unifyed hosted solution in the Unifyed Cloud will provide you with improved performance compared with other options. From speed of delivery to response time in outages to maintenance and ongoing upgrades, your Unifyed implementation will ensure:

Decreased Risk

  • Long-term costs may be fixed for a given level of resources.
  • Get up and running quickly.
  • Reduce the overheads (in-cost and staff time) of server and patch management, systems monitoring, backups, operations, disaster recovery and end-user support.
  • Free up IT staff for other projects.
  • Allows you to focus on core business operations.
  • Easily solves multiple office/geographic spread needs.
  • Adds additional layers of reliability in terms of power, scalability and connectivity.
  • Leverages specialized expertise or experience in systems management.
  • Improved continuity – in the event of staff turnover or re-tasking.
  • Provides 24/7 operations without extra staffing or facilities.
  • Leverages economies of scale to shorten deployments and cost of operation.