Lumen Service Guide

Content Delivery Network (CDN) Service Guide

Updated July 23, 2021

This Product Specific Terms and Service Guide (“Service Guide”) is subject to and incorporated into the Agreement and Content Delivery Network Service Schedule between the parties.

A. CDN Edge Compute

1. Features

  • Regional Egress supports regional egress data plans (includes requests to origin as egress).
  • Core Platform is required with the Edge Compute – Regional Egress plan. It supports end user termination, Authoritative DNS, TLS, Geo-restriction and authentication.
  • Custom Docker Container is an Edge Compute custom Docker Container that supports serverless functions. Container usage charges apply. License must be provided by Customer.
  • ModSecurity is an Edge Compute container supporting ModSecurity Web Application Firewall (WAF). ModSecurity is open source software. Container usage charges apply.
  • OpenResty is an Edge Compute container supporting OpenResty NginX and LUA. OpenResty is open source software. Container usage charges apply.
  • Varnish Cache is an Edge Compute container supporting Varnish Cache and VCL scripting. Varnish Cache is open source software. Container usage charges apply.
  • Virtual Waiting Room (VWR) is an Edge Compute container supporting Virtual Waiting Room. VMR is open source software. Container usage charges apply.
  • NodeJS is an Edge Compute container supporting the NodeJS protocol. NodeJS is open source software, and the container usage rate is priced on an Individual Case Basis (ICB).
  • White Glove Support is Edge Compute White Glove Support performed by Lumen’s vendor. Additional terms may be required.
  • ThreatX is an Edge Compute container supporting ThreatX WAF services.
  • Wallarm is an Edge Compute container supporting Wallarm WAF services.
  • PerimeterX is an Edge Compute container supporting PerimeterX Bot Manager services (Bot Defender).
  • Radware is an Edge Compute container supporting Bot Manager services.

The CDN Edge Compute platform’s Aperture Portal is self-service enabled. If a Customer activates and generates usage on a Container or Node Type that does not have a negotiated rate on an executed Order, then the following rates will apply (rate per million requests [Mreq] per month). Rates are subject to change at any time.

 
Container Type
Rate
 
Mod Security
$1.56/Mreq
 
Varnish Cache
$0.64/Mreq
 
OpenResty
$1.25/Mreq
 
Virtual Waiting Room
$1.99/Mreq
 
ThreatX
$0.98/Mreq
 
PerimeterX
$0.63/Mreq
 
Cloudinary
$0.63/Mreq
 
Image Optimization
$0.63/Mreq
 
SiteSpect
$1.99/Mreq
 
Wallarm
$0.63/Mreq
 
Radware
$0.63/Mreq

2. Software Marketplace

2.1 If Customer will use the Services to process personal data subject to data protection law that requires specific terms in place with the vendor or with Lumen (as applicable) as a processor, Customer agrees that it is Customer’s sole responsibility to request the appropriate terms.

2.2 For any software designated as Third Party Marketplace Software, Lumen offers quoting, ordering and billing support only. Third Party Marketplace Software is not part of the Edge Compute Services (as defined in the Schedule) provided by Lumen, and Customer acquires them directly from the applicable vendor or via a URL included within this Service Guide and Customer will be required to agree to the applicable vendor’s then current standard terms and conditions as a condition of having access to the software via Lumen’s Software Marketplace. Lumen is not responsible or liable for any damages whatsoever for Third Party Marketplace Software, even if Lumen recommends the software, or if the software is related to or complements the Service or to Customer’s ability to use or receive the Edge Compute Service. Lumen is the applicable vendor’s agent for purposes of ordering, collecting payment or in other ways as it relates to Third Party Marketplace Software.
Customer acknowledges that fees, payment, pricing, billing and tax terms are governed by the Agreement and CDN Service Schedule between Customer and Lumen. In addition, Lumen reserves the right to exercise all available remedies under the Agreement, including suspension for non-payment.

2.3 Customers may utilize their own license for certain software available on the Software Marketplace.

2.4 Customer consents to Lumen and the applicable vendors’ collecting and compiling system and operational metrics data to determine trends and improve service capabilities. Lumen and its vendors may associate this data with similar data of other Customers so long as such data is merged in a manner that will not in any way reveal the data as being attributable to any specific Customer.

3. Web Application Firewall (WAF)

Customer may select one of the following self-managed WAF service features currently available and provided and licensed through Lumen: ThreatX or Wallarm. WAF software is provided “AS-IS” and “AS-AVAILABLE” with no applicable service level agreement.

3.1 ThreatX (TX) and and Wallarm are software as a service (SaaS) service and applicable charges include implementation and technical supports costs. Wallarm is an Edge Compute container supporting Wallarm Web Application Firewall (WAF) Service. Wallarm Cloud WAF allows Customers to build cloud-native applications securely, monitor them for modern threats, and get alerted when threats arise. Wallarm Cloud Web Application and API Protection (WAAP) includes full support of API technologies including REST, SOAP, WebSocket, graphQL and gRPC. A Wallarm license is applicable, in addition to Edge Compute container usage fees.

3.2 Certain services may have fixed monthly recurring charges with overage charges based on traffic or other usage. If Customer exceeds the license size ordered on a regular basis (as determined by Lumen or the applicable vendor at its sole discretion), Lumen and/or the applicable vendor reserves the right to require an upgrade license.

3.3 Pricing and Billing

3.3.1 Recurring ThreatX WAF service pricing is based on number of supported applications or domain groups (small, medium, large, jumbo) and number of requests (HTTP/HTTPS) per month (i.e., committed traffic volume). Lumen captures this usage information from the CDN Edge Compute platform or directly from ThreatX.

3.3.2 Recurring Wallarm WAF pricing is based on number of requests (HTTP/HTTPS) per month (i.e., committed traffic volume) or usage based. Lumen captures this information from the CDN Edge Compute platform or directly from Wallarm.

3.4 Access and Monitoring. ThreatX is responsible for monitoring Customer WAF services, enabling application level monitoring and resolving potential security incidents. Customers will have access to the respective vendor’s portal. Wallarm is responsible for monitoring Customer WAF services, enabling application level monitoring and resolving potential security incidents. Customers will have access to the respective vendor’s portal.

3.5 Maintenance and Support. ThreatX is responsible for change management, major and minor releases, patch releases, service maintenance during vendor determined maintenance windows and all support during installation, service migration, Customer validation, and 24 x 7 monitoring and management after installation. Wallarm is responsible for change management, major and minor releases, patch releases, service maintenance during vendor determined maintenance windows and all support during installation, service migration, Customer validation, and 24 x 7 monitoring and management after installation.

4.0 BOT Management. Customers may select PerimeterX or Radware for BOT management services. PerimeterX is designated Third Party Software and Services. Radware is provided through Lumen, both subject to the additional terms below. Unless otherwise expressly provided below, BOT management services are provided “AS-IS” and “AS-AVAILABLE” with no applicable service level agreement.

4.1 PerimeterX PerimeterX is an Edge Compute container supporting PerimeterX Bot Management. Container usage charges apply. Customer may provide its own PerimeterX license.

4.1.1 PerimeterX software PerimeterX software is designated Third Party Marketplace Software and Customer agrees that its use of the software is subject to all of the terms, conditions, and requirements below. In addition, all terms of Section 2 above will apply.

Customer’s use of the software is subject to the PerimeterX Subscription Agreement found at https://www.perimeterx.com/Legal/PSA.pdf. All billing disputes must be made in writing within 20 days after the date of the invoice containing the amount in question to be eligible to receive an adjustment or credit. Any paid term will automatically renew unless either PerimeterX or the Customer provides the other with written notice of non-renewal at least 60 days prior to the renewal date. The SLA applicable to the Services is found at . Unless otherwise stated, all fees are in US Dollars.

4.1.2 All requests for licenses are subject to acceptance by PerimeterX. Delivery will be deemed to have been made when PerimeterX makes the Service available to Customer. PerimeterX will not provide Lumen with access to any Customer data related to or derived from Customer’s use of the PermeterX license.

4.1.3 PerimeterX may make changes to the SLA at any time upon at least sixty (60) days prior notice. Customer will make any request to Lumen for a credit under the applicable SLA. Lumen will credit a subsequent invoice for the amount of the applicable credit based on whether and to the extent PerimeterX agrees it is responsible for a failure under the SLA and agrees to provide a credit to Lumen. In no event will any credit exceed the amount of fees owed in the applicable month.

4.1.4 PerimeterX is responsible for providing support to Customer per the terms of the Subscription Agreement.

4.2 Radware offers a bot management service. Radware software is provided/licensed by Lumen subject to the additional terms below. This service is focused on mitigating bot attacks against Customer web services. Radware service makes real-time decisions to distinguish between activity of human visitors, activity of desirable automated software systems (i.e., good bots) and activity of malicious automated software systems (i.e., bad bots) so that controls can be put in place to limit automated and programmatic web and mobile application access. This service monitors incoming requests for validity, human visitors, or from good bots such as search engines, and not from automated software systems with malicious or undesirable intent. The service uses a number of vendor proprietary techniques to detect automated software systems, including but not limited to unique, behavioral-based learning mechanisms that gather knowledge over time to detect and block malicious bots. With continued use, the service’s behavioral-based learning mechanisms learns, adapts and improves on its ability to detect the automated software systems attempting to access the Customer’s web and mobile applications.

4.2.1 Use of Radware includes threat analysis capabilities that are deployed in the Section platform-managed Docker containers and threat analysis capability that is deployed in the Radware cloud environment.

4.2.2 Radware is responsible for providing support to Customer per the terms of the Service Agreement. The service fees are based on traffic volumes (monthly bot calls and the number of subscriber IDs). Additional support service are available as hourly service packages.

4.2.3 Customer’s use of Radware BOT Management service is also subject to the “Radware Terms of Service”, which means the terms and conditions incorporated as a binding attachment to the Service Schedule and available at https://www.radware.com/documents/eula-lumen/. Radware’s Terms of Service also requires Customer’s acceptance of the Radware DPA or “Data Processing Agreement” which means Radware’s data processing agreement that forms an integral part of the Radware Terms of Service.

4.2.4 Lumen may increase rates on an annual basis.

4.2.5 Customer’s order is subject to acceptance of the corresponding order by Radware.

4.2.6 Overage Service Use. In the event a Customer’s actual usage of the software exceeds the level ordered by Customer or exceeds any Service limitation(s), such as, but not limited to (by way of example only and as and if applicable), limitations on traffic level (legitimate or attack, as applicable), number of protected applications, or any other limitation (each an “Overage Use”), Lumen will invoice Customer for the Overage Use on a monthly basis as stipulated in an Order or this Service Guide.

4.2.7 NOTWITHSTANDING ANYTHING TO THE CONTRARY, LUMEN’S AND ITS SUPPLIER’S AGGREGATE LIABILITY FOR DIRECT DAMAGES WILL BE LIMITED TO THE AGGREGATE AMOUNT RECEIVED BY SUPPLIER FOR THE SERVICE THAT IS THE SUBJECT MATTER OF THE LIABILITY IN THE TWELVE (12) MONTH PERIOD PRECEDING THE DAMAGING EVENT.

5.Image Optimization

Cloudinary is a CDN Edge Compute container supporting Cloudinary Image Optimization. Cloudinary license must be provided by Customer.

Optidash Container is an Edge Compute container supporting Optidash Image Optimization. Customer agrees to the rates provided in the Order if Optidash is purchased by Customer and included within the containerOptidash is provided “AS-IS” and “AS-AVAILABLE” and no applicable service level agreement applies.

6.DataBase

6.1 HarperDB license is provided/licensed by Lumen. Software is provided “AS-IS” and “AS-AVAILABLE” and no applicable service level agreement applies. HarperDB will provide support directly to Customers, including with respect to setting up, activating, monitoring, and managing the applicable instances of the HarperDB Software. Customers will contact HarperDB directly for all required support.

6.2 HarperDB is a geo-distributed database with hybrid SQL & NoSQL functionality in one powerful tool, accessed via a REST API. It runs anywhere presenting a single interface across all deployment architectures. HarperDB’s hybrid cloud capability runs in CEC docker containers, providing low latency edge data replication, and a near real-time data synchronization between nodes.

6.3 Pricing and Billing. Recurring HarperDB pricing is based on number of number of requests (HTTPS) per month. The rate is priced on an Individual Case Basis, based on the size of the Customer’s database size, average request/reply size and redundancy requirements. Lumen captures this the request information from the CDN Edge Compute container. Usage is billed a month in arrears.

7. A/B Testing

SiteSpect is a software module installed on a Edge Compute container supporting SiteSpect A/B Testing. Customer may provide its own SiteSpect license. If Customer purchases access to this software from Lumen, Customer will pay the minimum commit and applicable overages as provided in the order. The software is provided “AS-IS” and “AS-AVAILABLE” and no applicable service level agreement applies.

8. CDN Edge Compute Definitions

“Web Application Firewall” or “WAF” means a service focused on protecting web applications from cyber-attacks by filtering, monitoring, analyzing, and blocking cyber threats. WAF is focused on HTTP traffic that web applications face. Web application attacks usually include cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection.

“Bot mitigation” means a service that protects web applications against bad bot attacks. Bad bots represent software programs that malicious attackers use to automate their attacks.

“Workspace(s)” means each logical grouping of Customer’s web applications which are managed and visible as a single grouping through the applicable Portal.

B. CDN Optional features

Secure SSL Delivery is an online add-on feature for the secured delivery of digital files such as software & updates, games, documents, graphics & images, and audio & video implementing a Lumen or non-Lumen SSL Certificate associated to hostnames as a Server Name Indication (SNI) implementation

Secure SSL Delivery – Premium is an online add-on feature for the secured delivery of digital files such as software & updates, games, documents, graphics & images, and audio & video implementing non-Lumen SSL Certificates associated to Virtual IP (VIP) addresses.

Enhanced Support assigns a designated Technical Support Manager resource to provide technical support services beyond the standard CDN support included with Lumen’s CDN services.

Origin Shield is custom configuration on the CDN platform that assigns specific CDN servers to interact with a Customer’s own origin/cloud environments external to the CDN Service.

Adaptive Origin Server is an online service to ingest content for adaptive bitrate (ABR) delivery using Microsoft HTTP Smooth Streaming, Apple HTTP Live Streaming, Adobe HTTP Dynamic Streaming (HDS), or Motion Picture Expert Group – Dynamic Adaptive Streaming over HTTP (MPEG-DASH).

Dynamic Content Packaging is an online service to transcode standard .MP4 on-demand media files for Apple HTTP Live Streaming (HLS), Adobe HTTP Dynamic Streaming (HDS) deliveries, or Motion Picture Expert Group – Dynamic Adaptive Streaming over HTTP (MPEG-DASH).

CDN Archive Services is an online service to store and manage the ingest and archival of live audio and video broadcasts delivered over the internet through the Lumen CDN Service.

Log File Collection & Delivery is an online access to obtain log files that captures metrics to allow us to measure what we provide.

Log Streaming is log files providing detailed information on the CDN Services used are exported to external customer servers or 3rd party analytics providers.

Bandwidth Reservation is a reserve capacity on the CDN Service.

C. CDN Support (not applicable for CDN Edge Compute)

The table below provides details and comparison of the Lumen CDN Standard and Enhanced Support services.

Support Item Description CDN Standard Support CDN Enhanced Support
General Technical Support Team General CenturyLink Customer & Technical Support resources who can be engaged as needed to configure services and address technical requirements.
Basic On-Boarding Bringing up to ten [10] customer properties onto the Lumen CDN platform. Services includes: (1) Up¬front design and caching architecture; (2) Migration of services from an existing provider; (3) Testing, tuning and configuration of CDN services; (4) Performance analysis and recommendations to meet business or technical objectives; (5) Set-up client side statistics; (6) Expansion to new; and (7) Access to ASN and other network data.
Business Continuity Planning Program Business Continuity Planning (BCP) provides quality network service and the capability to recover from service disruptions quickly and efficiently with minimum impact to our customers.
Lumen CDN Media Portal Online reports that can be accessed through the Lumen CDN Media Portal providing historical and real-time information.
Online,Email,Phone,Support Access to Customer & Technical support resources via Online Portal, Email, and Phone.
# of Support Requests per- Month Defined number of support requests per- Month. Unlimited Unlimited
Outages Address service Outages resulting in a large geographic impact for a single customer or exposure to invalid content being served or accessed. Restore Time objective: ≤ 4 Hrs Phone Support: 24/7x365 Case Updates objective: every 2 Hrs Restore Time objective: ≤ 2 Hrs Phone Support: 24/7x365 Case Updates objective: every 1 Hrs
Impairments Address significant performance issue, possibly regionally isolated or inhibiting proper content from being served or accessed. Restore Time objective: ≤ 6 Hours Phone Support: 24/7x365 Restore Time objective: ≤ 4 Hrs Phone Support: 24/7x365
Request for Information Address non-service impacting request for information or configuration changes for supported Lumen CDN services. Response Time objective: ≤ 24 Hrs Phone Support: Bus. Hrs Response Time objective: ≤ 4 Hrs Phone Support: Bus. Hrs
Basic Live Event Management Live event preparation and management support that includes: (1) Critical priority in addressing service Outages and impairment issues; and (2) Timely notification and status updates of impacted Live deliveries.
Enhanced Live Event Management Additional Live event preparation and management support that includes: (1) Customizable event planning and delivery;(2) End to end service assurance; and (3) Pro-active monitoring of Live streaming deliveries to ensure un-interrupted service.
Linear (24/7) LiveMonitoring Monitoring of Linear live streaming deliveries that includes: (1) End to end service assurance; and (2) Pro-active monitoring of Live streaming deliveries to ensure un-interrupted service.
Priority Case Handling Calls and cases routed to the top of support queues to ensure priority response. Includes access to expanded phone support, and delivery of regular ongoing case status updates.
Proactive Health Checks Proactive 24/7 x 365 monitoring of customer Lumen CDN service(s) and notification of impacted service(s).
Quarterly Service Review Quarterly technical review that includes: (1) Performance analysis of services and recommendations to meet business or technical objectives; and (2) Closer examination of metrics and advanced analytics collected from the Lumen CDN.