Managed Cloud Security Service Terms

The terms in this section, called the “service terms”, apply to a group of services or a specific service within a group. The terms in this section apply to TELUS Managed Cloud Security Service.

1.0 Cloud Security Platform


1.1 General Description


TELUS Managed Cloud Security Service is a TELUS managed security service, powered by Palo Alto Networks Prisma Access security platform (the “Cloud Security Platform”), that implements, enables, manages and monitors your security incidents based on the security policies defined by you.

1.2 Service Elements


Service Options
TELUS Managed Cloud Security Service provides solution with 2 options:

  1. Managed Cloud Security for Remote Network
  2. Managed Cloud Security for Remote Access VPN Users

Managed Cloud Security for Remote Networks option is based on the aggregated bandwidth going through your firewall at any given time estimated based on type and number of security features enabled, packet size, number of VPNs, speed of each site access that determine the required bandwidth.
Managed Cloud Security for Remote Users option is based on the number of remote access VPN connections required. TELUS Managed Cloud Security Service provides consistent security for users who are connecting to their corporate network or the internet.

Service Elements and Parties Responsibilities
The chart below specifies the TELUS Managed Cloud Security Service elements and features (“Service Elements”) and your and our related responsibilities.

Remote Network and Remote User Instantiation and Set-up

Service ElementYour ResponsibilityOur ResponsibilityBill Method
Create Security Zone (Trust and Untrust) on the Cloud Security PlatformIncluded in one-time charge
Configure Remote Network/Remote UserIncluded in one-time charge
Build Template for Cloud Security PlatformIncluded in one-time charge
Build Template Stack for Cloud Security PlatformIncluded in one-time charge
Add Device Group to Device Group Hierarchy for Cloud Security PlatformIncluded in one-time charge
Configure your Security Policy to allow traffic from Remote Network/Remote User to Service Connection to allow traffic to the Internal ResourceIncluded in one-time charge
Configuration of security policies (provided by you)Included in one-time charge
Maintenance of Cloud Security PlatformIncluded in monthly fixed charge
Ensuring that Cloud Security Platform software are at version levels certified and supported by the applicable vendor and supported by usIncluded in monthly fixed charge

Use of TELUS Systems & Infrastructure

Service ElementYour ResponsibilityOur ResponsibilityBill Method
Operate our trouble ticketing system to track and report on current and historical problems for TELUS Managed Cloud Security ServiceIncluded in monthly fixed charge

Cloud Security Platform Management

Service ElementYour ResponsibilityOur ResponsibilityBill Method
Monitor (7 x 24) Cloud Security Platform for availability and functioning.Included in monthly fixed charge
Update you for any maintenance related activities on the Cloud Security Platform
Patch Management: Receive and test patches before implementation on the Management tools. Standard Policy is N-1 based on TELUS/Vendor approved patches / versions. Emergency patches are implemented as released by vendor and approved by you.Included in monthly fixed charge
Provide a designated contact with which we can communicate status of the TELUS Managed Cloud Security ServiceIncluded in monthly fixed charge
Provide a single point of contact and create a trouble ticket and follow the ticket through resolution.Included in monthly fixed charge

Valid Vendor Maintenance Agreements

Service ElementYour ResponsibilityOur ResponsibilityBill Method
Have a valid maintenance agreement with the service vendor.Included in monthly fixed charge

Software, Managed Services or Configuration Failures

Service ElementYour ResponsibilityOur ResponsibilityBill Method
First level troubleshooting and problem diagnosis of your TELUS Managed Cloud Security Service that appear to be impacted by the Cloud Security Platform configuration.
Assist with Cloud Security Platform troubleshooting and problem diagnosis with approved contactIncluded in monthly fixed charge

Security Management

Service ElementYour ResponsibilityOur ResponsibilityBill Method
Define business rules for security appliance configuration and changes
24x7 logging of Cloud Security Platform listed in the Service Charges sectionIncluded (logs stored for up to three (3) months

1.3 Yours Responsibilities


Use
You consent to and represent that you have obtained the consent of all your users for, the collection, use and disclosure by us and our vendor of your users’ personal information collected in connection with provision and use of the Managed Cloud Security Service (whether previously collected or to be collected). We will use such information solely for the purposes of providing the TELUS Managed Cloud Security Service in accordance with our Privacy Commitment published at https://www.telus.com/support/privacy-policy

1.4 Service Performance


Availability
TELUS Managed Cloud Security Services come with a Service Availability Target performance commitment. Where we fail to achieve the Service Availability Target in any month we will provide you with the applicable credit indicated in the table below. The payment of the credit is your sole remedy for a failure by us to meet the Service Availability Target and such a failure will not be considered a breach or default of this agreement by us.

MeasurePerformance TargetTotal Monthly Outage TimeCredit Amount on the applicable monthly fixed charges
Service Level Availability Availability = (Total-Downtime-Excluded) x100 (Total-Excluded)99.99%Less than 98%5%

Total = Total # of minutes in a calendar month
Downtime = Time the service was down
Excluded = Excluded time as specified below
The Service Availability Target is the percentage of time in a calendar month that the Managed Cloud Security Service should be available for your use on a per location basis.
When we measure and calculate the result we assume each month is 30 days but we include all periods of unavailability over the calendar month except for any period of unavailability that is caused or contributed to by one of the following excusable downtime:
• networks or equipment of another carrier or service provider
• you, your network or your other services
• an event of force majeure as defined in the General Terms and Conditions
• any period of unavailability that occurs when we are performing maintenance activities during planned and unplanned windows
• your equipment, software, technology and/or third-party equipment, software or technology (other than third-party equipment, software or technology under Palo Alto Networks’ control)
• failure of your Internet service provider, utility companies, or other vendor(s) you rely on to access the internet
• mis-configuration of Service features or settings wholly under your control
• your failure to purchase an adequate license to meet the volume or capacity at which it uses the TELUS Managed Cloud Security Service, if the service performance commitment would have been met if not for such failure
• High availability events and scaling events
• Fetching of logs from logging service
• if using BGP (Border Gateway Protocol) with Prisma Access, the route convergence time will be excluded
• any reasonably unforeseeable interruption or degradation in service due to actions or inactions caused by third parties including, but not limited to, force majeure events
• rightful suspension and/or cancellation by Palo Alto Networks of the TELUS Managed Cloud Security Services pursuant to the Palo Alto Networks End User Agreement
Service credits are calculated as a percentage of the monthly fixed charges attributable to the applicable Service and further pro-rated based on the portion of the Service impacted by the outage (e.g., for Managed Cloud Security for Mobile User, the outage impact is measured based on the number of users affected; for Managed Cloud Security for Remote Network, the outage impact is measured in Mbps).

1.5 Changes


Change Requests
In an effort to identify risk and reduce overall impact of changes to your environment, TELUS has implemented a 3-tier support process for change requests that require testing. The request will be processed and TELUS support will determine if the change is within an acceptable level of risk. TELUS will then contact you and negotiate timelines for testing and execution if needed.
Change management processes include the ongoing evaluation, management and tracking of the execution of requests for changes conforming to ITIL best practices.
Requesters in your authorization list provided to TELUS (“Authorization List”) will have access to TELUS change portal tools and will be accepted as valid change requesters. All other change requests from users not on the authorization list will be rejected.

Request submission
Both standard and non-standard change requests can be submitted to an Online Web Interface at Service NOW.
These requests will be reviewed and if a quote is required (non-standard and/or complex change), TELUS will engage all necessary parties to review and assess the request. TELUS will submit a quote back to you for approval as required.
In cases where a statement of work (SOW) is required, TELUS will work with your internal teams to develop the appropriate SOW.
Once the request is submitted via the change request online tool, a security support representative will contact you and we will proceed to work on the change request in accordance with the nature of the change requested (standard or non-standard).

Change Management
The following table outlines the Managed Cloud Security Service Change Management performance objective applicable to standard charges:

MeasureIndicatorObjective Business hoursAfter business
hours
Response for Standard change requestElapsed time from receipt of your change request to initial acknowledgement of receipt by TELUS15 minutes15 minutes
Completion for Standard change requestElapsed time between notification back by TELUS and completion (unless parties agree that the change will be made during scheduled maintenance)16 business hours16 business hours
Response for Expedited change requestElapsed time from receipt of your change request to initial acknowledgement of receipt by TELUS15 minutes15 minutes
Completion for Expedited change requestElapsed time between notification back by TELUS and completion (unless parties agree that the change shall be made during scheduled maintenance)12 business hours12 business hours
Response for Emergency change request**Elapsed time from receipt of your SEV2 trouble ticket priority by TELUS15 minutes15 minutes
Completion for Emergency change request**Elapsed time between notification back by TELUS and completion (unless parties agree that the change shall be made during scheduled maintenance)2 business hours2 business hours

Average acknowledgement of change request notification within a calendar month does not exceed an average of 15 minutes.

** Emergency changes are implemented within 2 business hours following the incident management process and following the pre-qualified assessment. Emergency changes requested through Incident management may have billable time associated with the change if the Emergency is related to a root cause outside of our responsibility or ownership.

__Emergency Change Requests __

If you need to request an emergency change, your authorized contact should call the toll-free number provided in their Welcome Package, provided they have a dedicated number assigned to them. All other customers should call the regular TELUS Managed Security Services toll-free phone number (1-877-263-5300) and mention that the request is for an emergency change request on their Managed Cloud Security Service. An “Emergency change request” should also be submitted through the normal process using the change request web portal to document the requested change and for tracking purpose.
The TELUS Service Desk representative will obtain all required information from the caller and verify that the caller is an authorized change requester. The Emergency Change Request will be assigned as a ticket to our Tier 2 or Tier 3 teams.

1.6 Service cancellation


__TELUS Cancellation right __

We may cancel the Managed Cloud Security service at any time for any reason on 30 days’ prior written notice to you. Should we do so, you will not be liable for the payment of any service cancellation charges in connection with such cancellation

__Cancellation Charge __

When your TELUS Managed Cloud Security Services are cancelled, we calculate the cancellation charge using the table below. The service cancellation charge is a percentage of the total monthly fixed charges remaining for the service period after cancellation.

Month of the service period at which cancellation occurs% of monthly fixed charges for the remaining service period after cancellation
0 – 24 months100%
25 – 60 months50%

Did this article solve your problem?

Search Support