Updated November 2, 2020
This Service Guide (“SG”) sets forth a description of the Lumen Private Cloud for VMware Cloud product, a Lumen Managed VMware Cloud (“VMC”) on Amazon Web Services (“AWS”) solution (the “Service” or “VMware Cloud”). All or part of these Services are provided by or through Lumen’s vendor, VMware. This SG is subject to and incorporated into the Agreement, Lumen TS Service Exhibit and Hosting Service Schedule between the parties. The specific details of the Service ordered by Customer will be set forth on the relevant Service Order.
Lumen’s Private Cloud for VMware Cloud on AWS is a managed Infrastructure-as-a-Service (“IaaS”). Service may be purchased on a 12 or 36-month term basis. Notwithstanding any auto renew provisions in the Lumen TS Service Exhibit, the VMware Cloud solution does automatically renews month to month unless renewed or terminated in accordance with the applicable Schedule.
The Service provides access to a virtual server(s) deployed in an AWS data center that includes a suite of software collectively called a Software-Defined Data Center (“SDDSC”). The software components that Customer has access to as part of the Service includes:
Service includes automatic maintenance, patching, and upgrades of the SDDC, performed by VMware.
Service consoles provide Customer with an interface that provides the ability to (i) self-serve provision of the SDDC; (ii) access and manage workloads and the compute, storage, and network components of the SDDC; and (iii) view status.
Optional Add-on Services – all subject to separate terms and conditions and pricing
Customer has the ability to install Guest Operating Systems (“Guest OS”), software or appliances as long as it supports being installed on a VMware Hypervisor Platform and the version of Vsphere implemented. Customer is solely responsible for ensuring that any Guest OS or virtual appliance is and remains compatible with the Lumen Private Cloud for VMware Cloud Infrastructure. Guest OS licenses may be provided by the Customer or purchased through the AWS Marketplace.
To access or use the Service, Customer must utilize either an existing AWS account previously acquired through Lumen or obtain a new AWS account provided by Lumen. Prior to provisioning an SDDC, Lumen requires Customers to connect to their AWS account. This process establishes identity and access management policies in the AWS account that enables communication between resources provisioned in Customer’s AWS account and the SDDC.
Customers can provision and resize their SDDCs on demand, using the interface noted above. An SDDC includes a minimum of one cluster with a single host. Customers can add hosts and clusters, up to the provisioning maximum for their organization. Customers can select the available AWS region where their SDDCs will be provisioned.
The Service includes incident and problem management (e.g., detection, severity classification, recording, escalation, and return to service) pertaining to availability of the Service.
Customer is responsible for incident and problem management (e.g., detection, severity classification, recording, escalation, and return to service) pertaining to all virtual machines deployed in Customer’s SDDC.
The Service includes automatic backup and restore services for the Management infrastructure, including VMware vCenter Server®, VMware NSX® Manager™, VMware NSX® Controller™, and VMware NSX® Edge™.
Customer is responsible for backup and restoration of all content and configurations created by Customer in the SDDC, including virtual machines, content libraries, datastores, and port groups.
The Service includes the following change management services: (i) processes and procedures to maintain the availability of the Service; and (ii) processes and procedures to release new code versions, hot fixes, and service packs related to the Service.
Updates to the SDDC software are necessary to maintain the availability of the Service and are mandatory. These updates will be applied to Customer’s SDDC, subject to the processes set forth in this section. A Customer may not, in the normal course, skip or delay application of these updates. Support may not be provided, and SLAs will not apply if Customer is not on the most current version of the SDDC software.
Lumen will provide notification of scheduled maintenance at least 24 hours in advance for any changes that may impact use of an SDDC. Changes related to maintenance may require maintenance downtime of up to 40 hours per year for each SDDC. Maintenance downtime is excluded from eligible downtime towards SLA credits.
The Service includes the following security components which are provided on a commercially reasonable efforts basis:
Information Security: Designed to protect the information systems used to deliver the Service (as between Lumen, VMware, and Customer) over which VMWare has sole administrative level control.
Security Monitoring: Designed to monitor for security events involving the underlying infrastructure servers, storage, networks, and information systems used in the delivery of the Service over which VMware has sole administrative level control. This responsibility stops at any point where Customer has some control, permission, or access to modify an aspect of the Service.
Patching and Vulnerability Management: Designed to maintain the systems used to deliver the Service, including the application of patches deemed critical for the target systems.
Customer is responsible for the following:
Information Security: Customer is responsible for ensuring adequate protection of the content deployed and/or accessed with the Service. This includes, but is not limited to, any level of virtual machine patching, security fixes, data encryption, access controls, roles and permissions granted to Customer’s internal, external, or third-party users, etc.
Network Security: Customer is responsible for the security of the networks over which Customer has administrative level control. This includes, but is not limited to, maintaining effective firewall rules in all SDDCs deployed.
Security Monitoring: Customer is responsible for the detection, classification, and remediation of all security events that are (i) isolated within Customer’s deployed SDDCs, (ii) associated with virtual machines, operating systems, applications, data, or content surfaced through vulnerability scanning tools, or (iii) required for a compliance or certification program in which Customer is required to participate.
Customers are responsible for capacity management of their SDDCs, including maintaining 30% unused space (“slack space”) for the vSAN datastore within the Service, to support operation of the SDDC. Adequate slack space is required for use of the vSAN datastore.
If storage free space reaches (or falls below) 25%, Customer could lose the ability to utilize the SDDC, and the environment could become inoperable. If unused space in an SDDC vSAN datastore drops reaches (or falls below) 25%, hosts will automatically be added to the SDDC to prevent damage to the SDDC.
If a host is added, both Customer and Customer’s Lumen account team will be notified and Lumen will process a new order with charges for adding additional hosts. Customers can use the VMware Cloud sizer tool, found at https://vmcsizer.vmware.com/home, for guidance on the appropriate number of hosts needed to support anticipated workloads.
The Service collects data directly from the machines and/or devices involved in the use of the Service, such as configuration, performance, and usage data. The data is limited to the Hypervisor layer and does not include Customer’s application or content.
The Service uses FullStory functionality to collect data directly from any browsers used to access and use the Service. FullStory collects data regarding use of the Service, including user interaction and behavior, to enable session replay. To opt out of session recording, FullStory makes the following website available: https://www.fullstory.com/optout/.
The Service utilizes Google Analytics to collect data directly from any browsers used to access and use the Service Offering. To opt out of Google Analytics, Google makes the following browser add-on available: https://tools.google.com/dlpage/gaoptout.
Customer agrees to provide the information, above, regarding Usage Data, FullStory, and Google Analytics usage to all users of the Service.
Customer acknowledges and agrees that its failure to perform its obligations herein may result in Lumen’s inability to perform the Services and Lumen shall not be liable for any failure to perform, including any SLAs in the event of Customer’s failure. In addition, Lumen is not responsible for any loss or corruption of Customer Data, content or information. Lumen’s obligations related to Customer Data are exclusively governed by the Security and Compliance section of the applicable Service Exhibit.
NSX: A virtual networking and security software product family created from VMware's vCloud Networking and Security (vCNS) and Nicira Network Virtualization Platform (NVP) intellectual property.
Software-Defined Data Center (SDDC): A data center facility where the elements of the infrastructure are virtualized and delivered as a service and where the provisioning and operation is abstracted from the hardware and fully implemented through software.
Solid-State Drive (SSD): A solid-state storage device that uses integrated circuit assemblies as memory to store data persistently.
VMware Software Bundle: The VMware Software bundle is the software that is included with the base Lumen on Private Cloud for VMC Base Product – includes VCenter Standard, Vsphere, Software Defined Data Center, NSX and VSAN.
VMware Hypervisor Platform: The physical servers are configured with the VMware Vsphere Hypervisor software the creates the Virtualization layer between the physical hosts and the Guest Operating Systems that are installed.
VMware Cloud Infrastructure: The Amazon Web Services (AWS) physical Servers, the hardware, and the VMware Software Bundle that together comprise the VMC on AWS Infrastructure
VSAN: VMware Inc.’s Virtual Storage Area Network, which is a software-defined storage offering from VMware that enables enterprises to pool their storage capabilities and to instantly and automatically provision virtual machine storage via simple policies that are driven by the virtual machine. Lumen is not responsible for unauthorized access if Customer does not take its own steps to maintain security, including encryption.back to top