Terms and Conditions for Albert Monitoring Services

These Terms and Conditions shall govern the purchase of Albert Monitoring Services between the Center for Internet Security, Inc. (“CIS”), located at 31 Tech Valley Drive, East Greenbush, NY 12061-4134, and Customer (CIS and Customer each a “Party” and collectively referred to as the “Parties”).

WITNESSETH:

WHEREAS, CIS, through its Multi-State Information Sharing and Analysis Center (MS-ISAC) has been recognized by the United States Department of Homeland Security as the governmental ISAC and as a key Albert Monitoring resource for all fifty states, local governments, tribal nations and United States territories (“SLTTs”); and

WHEREAS, CIS operates twenty-four hours a day, seven days per week (24/7) Security Operations Center (SOC), as further described herein; and

WHEREAS, CIS offers fee-based Albert Monitoring Services (as defined herein) to SLTTs and Customer desires to procure such Albert Monitoring Services, subject to the terms and conditions set forth herein.

NOW, THEREFORE, in consideration of the mutual covenants contained herein, the Parties do hereby agree as follows:

I. Definitions

A. Albert Monitoring Services.  Combined Netflow and intrusion detection system monitoring, with analysis of related data; event notification and delivery; and management of associated devices, including hardware and software necessary for service delivery. Also referred to as “Services”.

B. Security Operation Center (SOC) – 24 X 7 X 365 watch and warning center that provides network monitoring, dissemination of cyber threat warnings and vulnerability identification and mitigation recommendations.

II. Selection of Albert Monitoring Services

Subject to the terms and conditions contained herein, CIS hereby agrees to supply, on behalf of Customer, individual counties as designated to CIS by Customer (each, a “County”) with the Albert Monitoring Services, including necessary hardware, as requested during the Term. The Service Start Date (as defined herein below) for Albert Monitoring Services will be dependent upon CIS receiving sufficient information to begin services, but shall terminate as of the end of the applicable Term, as specified in Section V below.  Should Customer wish to designate additional counties to receive Albert Monitoring Services, such requests should be sent to:

Center for Internet Security, Inc.

31 Tech Valley Drive

East Greenbush, NY 12061-4134

Attn: CIS Services

or email to:  [email protected]

III. Consideration, Payment Terms

A. Consideration.  As consideration for the Albert Monitoring Services requested by Customer, Customer hereby agrees to pay to CIS the costs for one year of the Albert Monitoring Services for each County.

B. Pricing for Subsequent Terms.  At least ninety (90) days prior to the end of any Term of this Agreement, CIS shall provide Customer with updated pricing for Albert Monitoring Services to apply for the Subsequent Term.  Unless Customer terminates the Agreement in accordance with the provision of Section V of this Agreement, the Parties agree that the agreement between the parties will be amended to incorporate the updated pricing for the Subsequent Term.

C. Payment Terms. CIS shall invoice Customer for one year of the Albert Monitoring Services as the Services begin for each individual County.  Unless otherwise agreed to by the Parties in writing, Customer shall pay CIS in full within 30 days of receipt of invoice.

IV. Additional Terms and Conditions

The Parties acknowledge and agree that as a condition precedent to CIS providing a County with Albert Monitoring Service, Customer and County shall have executed a Memorandum of Agreement (MOA)) setting forth Customer’s and County’s obligations with respect to the Services and Customer shall forward to CIS a copy of such fully-executed MOA.

V. Term of the Agreement; Termination

A. Term; Renewal.  The Agreement will commence on the date it is accepted by Customer (the “Effective Date”), and Albert Monitoring Services will start for each County as of the date that all pre-service requirements as set forth in the aforementioned MOAs are met and monitoring services are available for an individual County (the “Service Start Date”). The Agreement shall continue in full force and effect for a period of twelve (12) months from the first Service Start Date for a County receiving Service under this Agreement (the “Initial Term”), unless otherwise earlier terminated pursuant to the terms of this Section V.  Upon mutual written agreement of both Parties, the Agreement may be renewed for three (3) additional one (1) year renewal periods (each a “Subsequent Term”). The Initial Term and the Subsequent Term(s) shall be collectively referred to herein as the “Term.” No less than forty-five (45) days prior to the expiration of a Term, Customer shall notify CIS of its intent to renew or not renew the Agreement. If the Agreement is not renewed for any reason by either Party, the individual Counties whose Service Start Date was less than 12 months at the end of the Term shall continue to receive Service for a period of 12 months after their Service Start Date unless CIS and an individual County enter into a separate agreement whose terms supersede this paragraph.

B. Termination.  Either Party may terminate the Agreement during the Term by providing written notice to the other Party ninety (90) days prior to termination. Unless otherwise specified in the additional terms and conditions (Appendix A) related to the particular Albert Monitoring Service, either Party may terminate Albert Monitoring Service being provided under this Agreement by providing written notice to the other Party sixty (60) days prior to termination of the service.

VI. Title, Limitation of Warranties and Liability

A. Title.   CIS will at all times retain title to hardware and software provided to Customer during the Term of this Agreement. Customer shall retain title to all hardware and/or software purchased by Customer to provide Services under this Agreement.

B. LIMITATION OF LIABILITY. CIS DOES NOT ASSUME ANY RESPONSIBILITY OR LIABILITY FOR ANY ACT OR OMISSION OR OTHER PERFORMANCE RELATED TO THE PROVISION OF ALBERT MONITORING SERVICES OR FOR THE ACCURACY OF THE INFORMATION PROVIDED AS PART OF THE SERVICES.  THE SERVICES ARE PROVIDED ON AN “AS-IS” BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED.

VII. Confidentiality Obligation

CIS acknowledges that certain confidential or proprietary information may either be provided by the Counties to CIS or generated in the performance of the Albert Monitoring Services, including without limitation:  information regarding the infrastructure and security of a County’s information systems; assessments and plans that relate specifically and uniquely to the vulnerability of a County’s information systems; the results of tests of the security of a County’s information systems insofar as those results may reveal specific vulnerabilities; or information otherwise marked as confidential by County (“Confidential Information”).    CIS agrees to hold all Counties’  Confidential Information in confidence to the same extent and the same manner as it protects its own confidential information, but in no event will less than reasonable care be provided and a County’s information will not be released in any identifiable form without the express written permission of such County or as required pursuant to lawfully authorized subpoena or similar compulsive directive or is required to be disclosed by law, provided that the County shall be required to make reasonable efforts, consistent with applicable law, to limit the scope and nature of such required disclosure.  CIS shall, however, be permitted to disclose relevant aspects of such Confidential Information to its officers, employees and CIS’s federal partners provided that they agree to protect the Confidential Information to the same extent as required under this Agreement.  CIS agrees to use all reasonable steps to ensure that Confidential Information received under this Agreement is not disclosed in violation of this Section VII.  The obligations pursuant to this paragraph shall survive the termination of this Agreement. Nothing in this Agreement shall prohibit CIS from using aggregated data of its customers and the Counties in any format for any purpose, provided that such data cannot be identified to or associated with a County.

VIII. Force Majeure

Neither Party shall be liable for performance delays or for non-performance due to causes beyond its reasonable control.

IX. No Third-Party Rights

Except as otherwise expressly stated herein, nothing in this Agreement shall create or give to third Parties any claim or right of action of any nature against Customer or CIS.

X. Assignment

Neither Party may assign their rights and obligations under this Agreement without the prior written approval of the other Party, which approval shall not be unreasonably withheld, conditioned or delayed. This Agreement shall be binding upon and inure to the benefits of each Party and their respective successors and assigns.

XI. Notices

A. All notices permitted or required hereunder shall be in writing and shall be transmitted either: via certified or registered United States mail, return receipt requested; by personal delivery; by expedited delivery service; or by e-mail with acknowledgement of receipt of the notice.

B. Such notices shall be addressed as follows or to such different addresses as the Parties may from time-to-time designate:

CIS

Name:         CIS Services

Address:      Center for Internet Security, Inc.

31 Tech Valley Drive

East Greenbush, NY 12061-4134

Phone:        (518) 266-3476

E-Mail:        [email protected]

Customer – Customer contact information to be provided to CIS.

C. Any such notice shall be deemed to have been given either at the time of personal delivery or, in the case of expedited delivery service or certified or registered United States mail, as of the date of first attempted delivery at the address and in the manner provided herein, or in the case of email transmission, upon receipt.

D. The Parties may, from time to time, specify any new or different contact information as their address for purpose of receiving notice under this Agreement by giving fifteen (15) days written notice to the other Party sent in accordance herewith.  The Parties agree to mutually designate individuals as their respective representatives for the purposes of receiving notices under this Agreement.  Additional individuals may be designated in writing by the Parties for purposes of implementation and administration, resolving issues and problems and/or for dispute resolution.

XII. Governing Law and Jurisdiction

Unless otherwise specifically prohibited by the laws of Customer’s jurisdiction, any disputes arising in connection with this Agreement shall be governed and interpreted by the laws of the State of New York. All claims, counterclaims, disputes and other matters in question arising out of or relating to this Agreement or its breach will be decided in a court of competent jurisdiction within the State of New York.

XIII. Non-Waiver

None of the provisions of this Agreement shall be considered waived by either Party unless such waiver is given in writing by the other Party.  No such waiver shall be a waiver or any past or future default, breach or modification of any of the terms, provision, conditions or covenants of the Agreement unless expressly set forth in such waiver.

XIV. Entire Agreement; Amendments

This Agreement and the appendices attached hereto constitute the entire understanding and agreement between the Parties with respect to the subject matter hereof and replace and supersede all prior understandings, communications, agreements or arrangements between the Parties with respect to this subject matter, whether oral or written. This Agreement may only be amended as agreed to in writing by both Parties.

XV. Partial Invalidity

If any provision of this Agreement be adjudged by a court of competent jurisdiction to be unenforceable or invalid, that provision shall be limited or eliminated to the minimum extent necessary so that this Agreement shall otherwise remain in full force and effect and enforceable.

APPENDIX A

ADDITIONAL TERMS AND CONDITIONS

 The following terms and conditions set forth the respective responsibilities of CIS and Customer in establishing and maintaining Albert Monitoring Services.

I. CIS Responsibilities

A. CIS will provide the following as part of the Albert Monitoring Services, as specified below:

B. Monitoring and Event Related Services.  CIS will provide the following monitoring and event related services:

  1. If applicable, specifications for the sensor(s)/server(s) to be purchased by Customer for provision of the Albert Monitoring Services.
  2. Analysis of events from monitored devices for attacks and malicious traffic.
  3. Analysis of security events.
  4. Correlation of security data/logs/events with information from other sources.
  5. Notification of security events per the Escalation Procedures provided by Customer.
  6. 24/7 telephone (1-866-787-4722) availability for assistance with resolution of security events detected by the Albert Monitoring Services.

C. Device Management: CIS will be responsible for the correct functioning of devices used as part of Albert Monitoring Services, including ensuring that all upgrades, patches, configuration changes and signature upgrades are applied to such devices. CIS shall provide the sensor(s)/server(s) to be used for Albert Monitoring Services, in type and numbers as agreed to in this Agreement.

D. Batch Queries:  CIS will process batch queries of Netflow data upon Customer request, with a limit of 10 queries per month per device.  CIS maintains flow records for a period not to exceed six (6) months.

II. Customer Responsibilities

A. Customer acknowledges and agrees that CIS’s ability to perform the Albert Monitoring Services is subject to Customer fulfilling certain responsibilities listed below.  Customer acknowledges and agrees that CIS shall not have any responsibility whatsoever to perform or to continue to perform Albert Monitoring Services in the event Customer fails to meet its responsibilities described below.

B. For purposes of this Agreement, Customer acknowledges and agrees that only those security devices supported by CIS fall within the scope of this Agreement.

C. Customer shall direct County to provide logistic support in the form of rack space, electricity, Internet connectivity, and any other infrastructure necessary to support communications at County’s expense.

D. Customer shall direct County to provide the following to CIS prior to the commencement of Albert Monitoring Services and at any time during the Term of the Agreement if the information changes:

  1. Current network diagrams to facilitate analysis of security events on the portion(s) of County’s network being monitored.  Network diagrams will need to be revised whenever there is a substantial network change;
  2. In-band access via a secure Internet channel to manage the device(s);
  3. Outbound access via a secure Internet channel for log transmission;
  4. Reasonable assistance to CIS, including, but not limited to, providing all technical information related to the Albert Monitoring Service reasonably requested by CIS, to enable CIS to perform the Albert Monitoring Service for the benefit of County and Customer;
  5. Public and Private IP address ranges including a list of servers plus server details, to include: operating system and configuration information, as well as a list of IP ranges and addresses that are not in use by County;
  6. Completed Pre-Installation Questionnaires (PIQ) in the form provided by CIS. The PIQ will need to be revised whenever there is a change that would affect CIS’s ability to provide the Albert Monitoring Services;
  7. A completed Escalation Procedure Form including the name, e-mail address, and 24/7 contact information for all designated Points of Contact (POC), to include at a minimum the authorized POC representative;
  8. The name, email address, and landline, mobile, and pager numbers for all shipping, installation and security points of contact.

E. Duringthe Term of this Agreement, Customer shall direct County to provide the following with respect to any Albert Monitoring Services:

  1. Written notification to CIS SOC (SOC@cisecurity.org) at least thirty (30) days in advance of changes in hardware or network configuration affecting CIS’s ability to provide Albert Monitoring Services;
  2. Written notification to CIS SOC (SOC@cisecurity.org) at least twelve (12) hours in advance of any scheduled downtime or other network and system administration scheduled tasks that would affect CIS’s ability to provide Albert Monitoring Service;
  3. A revised Escalation Procedure Form must be submitted by the authorized POC when there is a change in status for any POC.
  4. Sole responsibility for maintaining current maintenance and technical support contracts with County’s hardware vendors for any device affected by Albert Monitoring Services.
  5. Active involvement with CIS SOC to resolve any tickets requiring County input or action; and
  6. Reasonable assistance in remotely installing and troubleshooting devices including hardware and communications.