desktop-as-a-service (daas) withu2cloud€¦ · with daas, screen images are streamed to the user...
TRANSCRIPT
Introduction to yourservice
Desktop-as-a-Service (DaaS) with U2Cloud (the “Service”) is a
cloud offering providing the customer (“Customer” or “you”)
with virtual desktops and the necessary supporting
infrastructure. This Service Description and the attached
appendices (collectively, the “Service Description”) describe
the Service being provided to you (“Customer” or “you”) as
well as what to expect for your DaaS implementation with
U2Cloud.
Introduction
The Service is a cloud-based service that allows you to self-
provision your own virtual desktops, applications and supporting
services. U2Cloud provides image management for our clients,
enabling them to reduce their IT expenses while providing
users with customized desktops and applications.
Desktop-as-a-Service - It’s your very own private PC, that you
can connect to from anywhere on the planet. Jump from
tablet to laptop to phone and keep working without missing a
beat.
With DaaS, screen images are streamed to the user while
keyboard and mouse input are sent back to the server. When
using DaaS, you can present users with an entire desktop
environment or just the individual applications. Data is
centrally stored and can be accessed by hosted virtual
desktops or SaaS applications. From a user perspective, these
applications are integrated seamlessly. They look, feel and
behave like local applications.
U2Cloud DaaS (the “Service”) is a cloud –based offering providing
virtual or shared desktops from U2Cloud’s datacenters.
Desktop-as-a-Service (DaaS) with U2CloudService description | Feb 2017
DaaS with U2 Cloud offers you an
easy way to provide a fully managed,
cloud-based desktop experience to
your users. You don’t have to worry
about procuring or deploying hardware
or installing complex software to
deliver a desktop experience to your
users. U2Cloud takes care of all the
heavy lifting of managing hardware and
software, and tasks such as patching and
maintenance, enabling you to deliver a
high quality desktop experience to
your users.
Whether you are managing traditional
desktops or an on-premises solution for
virtual desktop infrastructure (VDI), both
of these approaches require significant
capital investment and are often
complex and difficult to deploy and
manage. Using our cloud-based desktop
environment eliminates the needfor
up-front investment and ongoing
management of infrastructure, providing
you with an easy, cost-effective way to
bring a secure and broadly accessible
desktop experience to your users. For
a low monthly fee, DaaS provides a
complete cloud-based desktop
computing service including compute,
persistent storage, and applications.
Your users get a better experience than
a traditional desktop with more
functionality, such as the ability to
access their applications and data from
a device of their choice. You get a
simpler way to provision desktops for
users for half the cost of an on-
premises VDI solution.
You simply select from a choice of
DaaS bundles that offer a range of
different amounts of CPU, memory,
storage, and choice of applications —
and launch the number of DaaS that
you require. You can choose from
multiple hardware options and then
choose a bundle with software pre-
installed. DaaS with U2 Cloud
provides users a desktop experience
that can be accessed from a variety of
devices such as a laptop computer (Mac
OS or Windows), iPad, Blackberry, or
Android tablet. The user’s applications
and data stay the same regardless of
which device they use, so they can easily
switch between devices without losing
their work.
You have the choice of creating a
standalone, managed directory for users
who will use DaaS, or you can integrate
withyour on-premises Active Directory
so that your users can use their existing
credentials to obtain seamless access
to corporate resources. This integration
works via a secure SSLconnection
to your on-premises network
using ADSync.
DaaSbundles
DaaS with U2 Cloud offers a choice of
service bundles providing different
hardware and software options to meet
your needs. You can choose from the
Standard, Professional or Premium
family of bundles that offer different
CPU, memory, and storage resources,
based on the requirements of your users.
Easyprovisioning
Provisioning desktops with U2 Cloud is
easy. All you need to do is to choose
the bundle that best meets the needs
of your users and the number of
desktops that you would like to launch.
Whether you choose to launch one or
many different desktops, it’s as simple as
selecting the appropriate bundle and
the user(s) that you wish to provide
with services. As soon as the resources
are ready, users receive an email giving
them instructions on how to connect
to their services.
Secure
DaaS with U2 Cloud enables you to
deliver a high quality desktop
experience to your end-users as well
as help meet compliance and security
policy requirements. When users are
using U2Cloud DaaS, your
organization’s data is not sent to or
stored on end- user devices.
Offer description
2
Secure and cost-effective cloud-based desktops designed for your business.
Desktop and mobile clients
Clients are available for both
Windows and Mac computers as well
as for the iPad, Kindle Fire, Wyse
Cloud Connect and Android tablets.
Provisioned users, will get an email
containing details on how they can
download the clients. The client
provides users with full access to their
desktop and includes support for
multiple monitors, audio, and video.
The clients for iPad, Kindle Fire, Dell
Wyse Cloud Connect and Android
tablets have a number of features
designed to provide users with a
tablet-optimized desktop experience.
Users can show or hide an on-screen
keyboard by double-tapping on the
screen with two fingers. The client
provides a touch-based mouse
interface so that interacting with
desktop applications is as easy as using
a traditional mouse. Single and double
clicking requires a simple tap or double
tap, or a two fingered tap for a right
click. Users can scroll vertically using
a two-fingered touch and pinch to
zoom. A slide-out radial control can be
accessed by a thumb swipe from the left
of the screen and gives users access to a
variety of commands. With a Kindle Fire,
Wyse Cloud Connect or Android tablet,
users can connect a keyboard or touch
pad to have a laptop experience with
their tablet DaaS.
Provisioning
The U2Cloud Onboarding Team will
collaborate with designated
Customer contacts to provide
standardized onboarding of the
Service. The standard onboarding
Service will include:
• Initiate contact with you to gather
the necessary information to
complete a successful Provisioning
– The necessary information
will include domain, network,
designated Customer
contact list, and other
relevant information
• Establish secure VPN backhaul
connection (if ordered) to provide
an encrypted data path to your on
premise data
• Create and configure the
Service platform
• Create an account for your
company in the incident
management system for incident
and service request management
• Provide links for manuals and
relevant support documentation
as well as information on how to
obtain support
Active Directory integration is
automatically configured for the client
via the Active Directory Connector in
Cloud Portal. The client simply logs in
and installs the tool on the DC. The
customer can sync the entitiesdesired
by creating a group within their AD.
• IT assessment call with sales
and technical engineers to drive
customer requirements
• Up to 10 DaaS users
per organization
• Up to two lines of business
(LOB) applications virtualized
for the Pilot
• Basic Data Migration to test
designated LOB applications
• Access to support portal and
technical support
• Active Directory
Synchronization for Pilot users
• Three hours of professional
services towards the
optimization of the
environment and advanced
Group Policy configuration
What isincludedin thePilot
• VPN backhauls
• User Profile migrations
• Advanced database
configurations
• End-point management
• U2Cloud is not responsible
for performing any backups of
data, software, systems and/or
programs for thePilot phase
What isexcludedfrom thePilot
Pilot program
The U2Cloud DaaS pilot is designed to allow Customers to test full
production operations on a reduced scale for a fixed period of time and then
quickly expand into full scale production. There are no differences in the pilot
infrastructure and the production infrastructure however; some limitations will
exist to reflect the scale and short time period of the pilot.
3
Infrastructure Management
The Service platform resides in a
U2Cloud datacenter. U2Cloud will
provide security in accordance with the
Security Statement provided in Exhibit 2
and incorporated herein.
Requests for Changes to Service
Service requests are required to change
the profile of file servers,VPN backhauls,
storage or to add additionalservices.
Since these requests will impact the
cost of the Service, any personnel
making a request must be on the list of
authorized personnel provided by the
Customer and have authority to make
such requests. Updates to this list are
conducted via Service requests. Service
requests will be completed promptly
based on available capacity.
Examples of change of service requests
that impact cost of Service include:
• Adding or removing virtual or
shared desktops or file servers
• Adding or removing
storage upgrades
• Changing model of existing virtual
or shared desktops or fileservers
• Adding or removing
bandwidth upgrades
• Requests for Add-On Services
Support
Support for the Service is available in
English by phone (888) 486-1277 (24
hours x 7 days a week x 365). Support is
limited to designated Customer contacts
(I.T. personnel or help desk contacts)
that are on the designated Customer
contact list. U2Cloud provides Support
for the infrastructure and Desktops
located in the datacenteronly.
Customer responsibilities
You will be responsible for the
following activities:
• All end user support including,
but not limited to client devices
(desktops, notebooks, smartphones
thin clients, etc.) and images
(operating systems, applications
and settings)
• Validating application compatibility
in a virtual environment and
monitoring application performance
– U2Cloud provides assistance in
validating application compatibility
• Network connectivity and
bandwidth from Customer to
end user and Customer to Internet,
including supporting the VPN
hardware and software. No
VPN required
• Active Directory configuration
and administration
• Ensuring that Customer’s authorized
support contacts have purchasing
authority to order/change Service
• Supporting Provisioning and any
Service upgrade activities
U2Cloud
responsibilities
• Maintain Service platform hardware
and software that resides in
U2Cloud datacenter, including
connection from the Internet
and VPN
• Perform incident management
for platform-level support in
accordance with Operational
Response Targets
• Provide preventive maintenance on
datacenter/platform hardware
Miscellaneous
No hardware is being transferred, sold,
leased or licensed to Customer under
this Service Description. To the extent
U2Cloud uses hardware or software
as part of its delivery of the Service,
such hardware or software will be
licensed, owned or otherwise held by
U2Cloud. The Service can be hosted
out of datacenters in both the United
States and the European Economic Area.
During discovery, Customer will select
which region to host the Service.
4
Corporate Headquarters
Green Cove Springs, FL, USA
East Coast Data Center
Jacksonville, FL, USA
US Gov Development Center
Orlando, FL, USA
West Coast Data Center
Las Vegas, NV, USA
Central Data Center
Denver, CO, USA
About U2Cloud
U2Cloud enables users to access data from anywhere and at any time with the same experience you have come to expect from your office desktop or laptop. All your software, apps, data files and Email are securely operating in the Cloud. U2Cloud offers ultimate 24/7 portability and security, at reduced cost and increased productivity. No hassles software updates to download or maintain and simple to s ubscribe. A variety of service levels are offered - appropriately scaled to government, private sector enterprise and a wide array of indust ries. U2Cloud is operating globally from a growing number of North American facilities on the East coast, Midwest and West coast.
Copyright © 2017 U2 Cloud, LLC. All rights reserved. Other product and company names mentioned herein may be trademarks of their
respective companies.
This Service Level Agreement
summarizes the Service Level guidelines
between U2Cloud, LLC(“U2Cloud”)
and you and is incorporated into the
Agreement by reference. This Service
Level Agreement applies separately to
each of your paid services. U2Cloudmay
update, amend, modify or supplement
this Service Level Agreement from time
to time.
1. SERVICE.
U2Cloud will use commercially
reasonable efforts to provide the
Services as defined by the plan or plans
purchased or subscribed to under
your Account(s).
2. SERVICEAVAILABILITY.
1.Definition. U2Cloud will provide
at least 99% Service Availability,
measured on a per calendarmonth
basis. “Service Availability” is defined in
the table below. We guarantee 99%
availability of your Hosted Virtual
Desktop in any given calendar month.
We have defined some key terms
below to ensure our clients understand
this guarantee.
5
Exhibit 1:Service Level Agreements (SLA) forU2Cloud
Description Desktop-as-a-Service AvailabilitySLA
Hosted Virtual
Desktop
Is defined as the hosted virtual desktop environment that
we are providing to you as a part of our hosted desktop
service offerings.
Monitoring U2Cloud auto-tests the connection of and session generation
of a hosted virtual desktop every 30 minutes.
Availability The virtual desktop is available when it allows a user
with correct credentials to login and access a desktop
environment and/or stream anapplication.
Unavailability Any period of time when users are unable to login to their
hosted virtual desktop for which they have appropriate
permissions. This period begins when detected by our system
or when a ticket is created/escalated with our support team.
Unavailability Issues caused by external network issues or incidents on the
client network identified by support personnel shall not count
towards the monthly availability calculation.
Unavailability Incidents relating to human error or technical issues on the
client terminal including but not limited to Microsoft Updates,
Anti-Virus, Malware or terminal hardware/software issues
shall not count towards the monthly availability calculation.
Additionally issues or incidents relating to scanners, printers,
copiers, cameras, USB memory or external hard drives shall
not count towards the monthly availability calculation.
2.2. Calculation.
To calculate Service Availability, U2Cloud
uses a combination of methods,
including analyzing logs from both
U2Cloud’s event monitoring system
and the actual affected infrastructure
components and matching these
findings with client reports to determine
the actual timeframe. Any loss of Service
Availability less than five minutes in
duration will not be included in the
calculation of ServiceAvailability.
2.3. Service Availability Credit.
Subject to your valid submission of a
Service Availability Credit request and
the other conditions herein, ifService
Availability under your Account for
any calendar month is below 99%,
U2Cloud will issue a credit (“Service
Availability Credit”) in accordance
with the following schedule: If the
subscription period for anaffected
Service is less than one calendar month,
then the Service Availability Credit will be
adjusted on a pro ratabasis.
To request a Service Availability
Credit,(a) your Account must be in
good standing with U2Cloud, (b) you
must open a technical support ticket in
the http://www.U2Cloud.com/support
form reporting an apparent Service
interruption within 72 hours of the
event, and (c) you must send an emailor
written Service Availability Credit request
to the Billing Department at billing@
U2Cloud.com in the month immediately
following the month for which you are
requesting a Service Availability Credit.
Service Availability Credit requests must
include your Account name or Account
number and the dates and specific times
for which you are requesting Service
Availability Credits.
U2Cloud will compare information
provided by you to the data referenced
in Section 2.2 above. A Service
Availability Credit will be issued only if
U2Cloud confirms from such data that a
Service Availability Credit is available.
U2Cloud will calculate the Service
Availability Credit based on the type
ofparticular Service for which Service
Availability was below the prescribed
level, the fees for the particularservice.
The limits and sole remedies regarding
Service Availability Credits total credits
under this SLA are set forth in Section
4 of thisService Level Agreement.
Wrongly reported faults reported outside
of business hours may be subject to a
$150.00 per hour fee.
3. TERMS & CONDITIONS.
To request a Recovery Credit, (a) your
Account must be in good standing with
U2Cloud, (b) you must open a Technical
Support Ticket. and (c) you must sendan
email or written Recovery Credit request
to the Billing Department at billing@
U2Cloud.com in the month immediately
following the month for which you are
requesting a Recovery Credit. Recovery
Credit requests must include your
Account name or Account number and
the dates and specific periods of lost
or corrupted Data for which you are
requesting the Recovery Credit.
U2Cloud will compare information
provided by you to the actual Data that
resides in your database. A Recovery
Credit is issued only if U2Cloud
confirms Data loss warranting the
Recovery Credit. If U2Cloud is unable to
restore the relevant Data within five (5)
business days of a valid Recovery Credit
request, you will receive amonthly
fee credit of 100%. The limits and sole
remedies regarding Recovery Credits
and total credits under this SLA are
set forth in Section 4 of this Service
Level Agreement.
4. TOTAL CREDIT LIMITS; SOLEAND
EXCLUSIVE REMEDIES.
4.1. Total Service Availability Credits. The
total Service Availability Credit due to
you for any Account may not exceed
50% of the monthly fees charged to that
Account during the month for which the
Service Availability Credit is to be issued,
unless the amount to be credited is
less than $1.00 in which case the credit
amount will be $1.00. Only one Service
Availability Credit is available in any
given calendar month. Notwithstanding
anything set forth in theAgreement or
this Service Level Agreement, the Service
Availability Credit described in Section
2 of this Service Level Agreement will
be your sole and exclusive remedy in
connection with any loss of Service
Availability as described in such section
or breach by U2Cloud of the Agreement
or this Service LevelAgreement.
4.2. Total Recovery Credits. The total
Recovery Credit due to you for any
Account may not exceed 100% of the
monthly fees charged to that Account
during the month for which the
Recovery Credit is to be issued. Only
one Recovery Credit is available in any
given month. Notwithstanding anything
set forth in the Agreement or this
Service Level Agreement, the Recovery
Credit described in Section 3 will be
your sole and exclusive remedy forany
Service Availability
6
99.0% to 99%
98.0% to 98.99%
95.0% to 97.99%
90.0% to 94.90%
89.90% or below
Amount of the refund as a percentage of monthly fee
for affected Service
3% of monthly feecredited
5% of monthly feecredited
10% of monthly feecredited
25% of monthly fee credited
2.5% credited for every 1% of lost availability up to the maximum
total penalty limit
losses arising from any Data loss as
described in such Section of this Service
Level Agreement.
4.3. Total Credit Limit. The total credits
that you may be issued with respect
to any calendar month, including the
aggregate of Service Availability Credits
and Recovery Credits, will not exceed
150% of the monthly fees charged to the
Account during the month for which all
such credits are issued.
4.4. No Refund. Credits are applicable
only toward use of the Service and are
not convertible into cash or any type
of refund.
5. TECHNICAL SUPPORT.
U2Cloud will use commercially
reasonable efforts to assist you, through
your authorized Account contacts,
with setting up and configuring your
Account, having access to the Services
and other issues related to the Services.
Only your authorized Accountcontacts
may request information, changes
or technical support pursuant to the
Agreement. For more information,
visit the technical support pageof
U2Cloud’s administrative control panel.
U2Cloud’s technical support response
time depends on the complexity of the
inquiry and support request volume.
6. MANAGEMENT.
6.1. Account Management Tools.
Through your authorized contacts,
you may manage your Account with
U2Cloud’s online management tools,
the administrative control panel and
end-user control panel. U2Cloud will
not be required to perform for you
any task that can be done through the
control panels.
6.2. Custom Configuration. Requests
for modification to the standard
configuration of the Services will be
considered on a case ¬by¬ case basis.
Approval of such modifications will be at
U2Cloud’s sole discretion. U2Cloud does
not guarantee any particular result from
non¬standard configurations nor can
it be held liable in any way for Service
performance changes or failures which
result from non¬standard configurations.
6.3. Additional Services. For tasks
that cannot be performed through
the administrative control panel,you
may request that U2Cloud perform
professional services on a time and
materials basis. The request will include
a detailed description of work and
the authorized amount of time, in
half hour increments, to perform the
work. U2Cloud may evaluate andrevise
the request (including the estimated
number of hours to perform the
work) and reserves the right, in its sole
discretion, to decline any request. Any
additional services will be performed
at U2Cloud’s standard published rates,
provided that any emergency services
that require commencement within 24
hours will be charged at1.5x U2Cloud’s
standard published rate. U2Cloud will
use commercially reasonable efforts to
perform requested additional services.
However, it does not guarantee any
particular result from performance
of additional services or make any
representations or warranties
regarding such additional services nor
can it be held liable in any way
(including for any credits) for Service
performance changes or failureswhich
result from performing tasksrequested
by you. U2Cloud may require a
separate agreement for any of these
additional services.
7. STORAGE CAPACITY; DATA
TRANSFER; SERVER RESOURCES.
Each Account is allotted storage
capacity and data transfer amounts
on U2Cloud’s serversaccording
to the Service and related options
selected by you. The servers may stop
accepting, processing, or delivering
Data, including e-mail messages, when
such set allotment or the purchased
limit is reached thus causing a loss of
Service Availability or Data loss. U2Cloud
will not be responsible forsuch loss
of Service Availability or Data losses,
and such loss of Service Availability
will be excluded from calculations
for Service Availability. The amount of
data stored affects client and server
performance. Large data storage may
respond slower to user requests or
cause client no responsiveness while the
data is processed. Unlimited capacity
allocation per plan is subject to technical
limitations of the software used to
access such capacity. U2Cloud does
not guarantee incoming and outgoing
mail delivery time. As a result, a delay
in incoming and outgoing mail delivery
time – regardless of the cause – is not
included in any calculation of Service
Availability. U2Cloud has no control
over software limitations imposed by
a software manufacturer. Data storage
capacity may not be used for
archiving services.
8. CERTAINLIMITATIONS.
There are numerous situations beyond
U2Cloud’s control and are therefore not
in the scope of this SLA.
8.1. Malicious Attacks. U2Cloud will do
everything in its power to stop any third
party “Denial of Service” attacks or other
forms of “disabling” attacks initiated
against your hosted virtual desktop
network or infrastructure.
7
8.2. Scheduled Maintenance. In order
to maintain performance and security
of the Services, U2Cloud performs
scheduled maintenance within its
published maintenance windows. This
may require specific Services to be
suspended during the maintenance
period. Loss of ServiceAvailability
due to scheduled maintenance will
notbe included in the calculation of
Service Availability. U2Cloud will use
commercially reasonable efforts to
notify you in advance of any scheduled
maintenance that may adversely affect
your use of the Services.
8
8.3. Emergency Maintenance. U2Cloud
may need to perform emergency
maintenance, including security patch
installation or hardware replacement.
U2Cloud will not be able to provide
you with advanced notice in case
of emergency maintenance. Loss of
Service Availability due to emergency
maintenance will be excluded from
calculations for Service Availability.
8.4 This SLA does not go into effect until
after Provisioning has been completed
(as described in the Provisioning section
of the Service Description)
8.5 Service unavailability caused by
events outside the reasonable control
ofU2Cloud, including failure or
unavailability of the Customer’ssystems,
the Internet, or any other service or
third-party used by Customer to use,
connect to, or access theService.
9. DATA RETENTION & RESTORATION.
U2Cloud will not be responsible
for retaining any of your Data after
termination of your Account. Your
Data will be deleted promptly after
your Account is terminated and from
backups during scheduled backup
rotation. U2Cloud will not restore,
provide onany storage media or send
out any Data pertaining to terminated
Accounts, unless specifically noted in a
customized service agreement. It is your
responsibility to back¬up and migrate
your Data prior to termination of your
Account or any other action which can
lead to deletion of any of your Data from
the Services.
10. ADDITIONAL SERVICELEVEL
AGREEMENTS.
In addition to the Availability SLA,
U2Cloud will meet to exceed the
following SLAs:
Operational Response Targets
Although U2Cloud strives to achieve
the below-listed operational response
targets with respect to Incident
Response Times and Service Requests,
failure to achieve these targets will
not give rise to any legal liability
for U2Cloud.
“Incident Response Times” is defined as
the elapsed time between submission
of an incident to U2Cloud and the
acceptance by a technician of an
assignment to address the incident.
“Service Requests” are defined as
requests for fee-based Services (for
example, the purchase of additional
seats). U2Cloud target completion of
these services at 5 business days.
“Severity Level 1” is defined as a problem
where the majority of End Users who
use the Service are severely affected
which severely affects the Customer’s
ability to conduct its businessoperations,
and there is no workaround for the
applicable problem.
“Severity Level 2” is defined as a problem
where the majority of End Users who
use the Service are affected which
moderately affects the Customer’s
ability to conduct itsbusiness operations
because performance is degraded or
functionality of the affecteditem
is limited.
“Severity Level 3” is defined as a problem
where a reasonably limited number
of End Users who use the Service are
affected and the effect on Customer’s
ability to conduct its businessis limited.
“Severity Level 4” is defined as a
problem where a single End User is
affected and the effect on Customer’s
ability to conduct itsbusiness operations
is limited.
Operational Response Targets
Incident
ResponseTimes
Severity Level 1 – 98% with 30 minutes
Severity Level 2 – 98% within 30 minutes
Severity Level 3 – 98% within 4 business hours
Service Requests Completion within five (5) business days or less.
Journey toa Secure Cloud
10
U2Cloud’s infrastructure was architected
to be one of the most secure and
flexible cloud computing environments
available. Maintaining a secure
infrastructure is one of the top concerns
of companies today. At U2Cloud,we
see security as a mutual responsibility.
U2Cloud has secured the underlying
infrastructure and you must secure
your users access and control.
This document summarizes the
numerous controls implemented within
U2Cloud, so customers can determine
if these capabilities and controls are
suitable for their unique requirements.
• Identity and Access Management
- Ensures that only properly
authenticated entities are allowed
access
• Integrity & Encryption - Used
internally within U2Cloud for
protecting control channels and is
provided for customers providing
rigorous data protection capabilities
• Availability & Isolation - Minimizes
interaction with data by keeping
appropriate containers logically or
physically separate
• Physical & Environmental Security
Identity & AccessManagement
U2Cloud enables more secure, identity-
based access to systems, applications,
and data both on premises and in
the cloud from virtually any location
or device. It enables use of a single
identity across an organization as well
as with partners’ networks, and provides
seamless, always-on connectivity,
management of organization identities,
credentials, information protection,
system and application settings.
Integrity
Secure Access – All of the services
provided by U2Cloud are delivered
over SSL. All communications between
U2Cloud’s internal components are
protected with SSL. In most cases,
the SSL certificates are self-signed.
Exceptions are for any certificates for
connections that could be accessed
from the Internet. Encryption of data
in storage and in transit is used to
align with best practices for ensuring
confidentiality and integrity of data.
Availability & Isolation
Beyond authenticating access to
data, simply keeping different data
appropriately segregated provides
well-recognized protection. U2Cloud
provides isolation at a number of levels,
as discussed below.
Isolation of Hypervisor, Root OS,
and Guest VMs
A critical boundary is the isolation
of the root VM from the guest
VMs and the guest VMs from one
another, managed by the hypervisor
and the root OS.
VLANIsolation
VLANs are used to isolate the
internal and management networks.
VLANs partition a network such
that no communication is possible
between VLANs without passing
through a router, which prevents
a compromised node from faking
traffic from outside itsVLAN and
it also cannot eavesdrop on traffic
that is not to or from its VLANs.
Isolation of Customer Access
The systems managing access
to customer environments (the
U2Cloud Portal) are isolated
within U2Cloud’s network. This
logically separates customer access
infrastructure from customer
applications and storage.
Packet Filtering
The hypervisor and the rootOS
provide network packet filters
that assure that the untrusted VMs
cannot generate spoofed traffic,
cannot receive traffic not addressed
to them, cannot direct traffic to
protected infrastructure endpoints,
and cannot send or receive
inappropriate broadcast traffic.
Physical & Environmental Security
U2Cloud’s data centers are state of the
art, utilizing innovative architectural and
engineering approaches. Data centers
are housed in nondescript facilities.
Physical access is strictly controlled
Exhibit 2:Security Statement forU2Cloud
both at the perimeter and at building
ingress points by professional security
staff utilizing video surveillance, intrusion
detection systems, and other electronic
means. Authorized staff must pass two-
factor authentication to access data
center floors. All visitors and contractors
are required to present identification and
are signed in and continually escorted
by authorized staff.
U2Cloud only provides data center
access and information to employees
and contractors who have a legitimate
business need for such privileges. When
an employee no longer has a business
need for these privileges, his or her
access is immediately revoked, even
if they continue to be an U2Cloud. All
physical access to data centers by
U2Cloud employees is logged and
audited routinely.
Fire Detection and Suppression
Automatic fire detection and
suppression equipment has been
installed to reduce risk. The fire
detection system utilizes smoke
detection sensors in all data center
environments, mechanical and
electrical infrastructure spaces,
chiller rooms and generator
equipment rooms.
Power
The data center electrical power
systems are designed to be fully
redundant and maintainable without
impact to operations, 24hours
a day, and seven days a week.
Uninterruptible Power Supply (UPS)
units provide back-up power in
the event of an electrical failure for
critical and essential loads in the
facility. Data centers use generators
to provide back-up power for the
entire facility.
Climate and Temperature
Climate control is required to
maintain a constant operating
temperature for servers and
other hardware, which prevents
overheating and reduces the
possibility of service outages. Data
centers are conditioned to maintain
atmospheric conditions at optimal
levels. Personnel and systems
monitor and control temperature
and humidity at appropriate levels.
Management
U2Cloud monitors electrical,
mechanical, and life support
systems and equipment so
that any issues are immediately
identified. Preventative maintenance
is performed to maintain the
continued operability of equipment.
The controls outlined in this Appendix
are designed to provide strong data
security safeguards that meet theneeds
of a typical user. They are not intended
or designed to address all industry
specific requirements that are driven
by regulatory requirements such as
HIPAA or PCI. Users with specific data
security requirements that exceed the
controls listed in this Appendix should
discuss alternative cloud solutions with
their U2Cloud representative. To the
extent U2Cloud receives or otherwise
has access to Customer’s “education
records” and “personally identifiable
information” contained in such records,
as such terms are defined in FERPA,
U2Cloud acknowledges that it is
subject to the requirements of 34 CFR
§99.33(a) governing the use and re-
disclosure of personally identifiable
information in education records.
Corporate Headquarters
Green Cove Springs, FL, USA
East Coast Data Center
Jacksonville, FL, USA
US Gov Development Center
Orlando, FL, USA
West Coast Data Center
Las Vegas, NV, USA
Central Data Center
Denver, CO, USA
About U2Cloud
U2Cloud enables users to access data from anywhere and at any time with the same experience you have come to expect from your office desktop or laptop. All your software, apps, data files and Email are securely operating in the Cloud. U2Cloud offers ultimate 24/7 portability and security, at reduced cost and increased productivity. No hassles software updates to download or maintain and simple to s ubscribe. A variety of service levels are offered - appropriately scaled to government, private sector enterprise and a wide array of indust ries. U2Cloud is operating globally from a growing number of North American facilities on the East coast, Midwest and West coast.
Copyright © 2017 U2 Cloud, LLC. All rights reserved. Other product and company names mentioned herein may be trademarks of their
respective companies.