Ivanti Service Manager Cloud Services

Version 13

    This document outlines the service definition for Ivanti Service Manager Cloud.

     

    Ivanti Service Manager Cloud Services Information

    Ivanti Service Manager's Cloud deployment is provided through multi-tenant architecture. What this means is that customers share a common platform, but have separate and unique application schemas and databases.  This can be represented as follows:

     

    Simple Architecture.png

     

    The benefit of this approach is that customer’s data is isolated for the best security and lowest impact of potential breaches should they arise. In brief, it minimizes the risk of data leakage between customers and allows for customer-specific configuration of the solution.

     

    To secure data at rest, Ivanti provides encryption for all data centers at no additional cost to customers. For this, Ivanti encrypts the volume with a data key using the industry-standard AES-256 algorithm.

     

    Cloud Storage

    Ivanti has the following storage guidelines in place: 1.5 GB per named user license, 2 GB per concurrent user license. Additional storage can be purchased for $200 per GB per year for database storage and $60 per GB per year for attachments. Usage of subscription services shall not exceed 100,000 API Calls per 24 hour period.

     

     

    E-mail

    Customers have the option of having Ivanti host email services for their cloud tenant. In this instance, customers are limited to 10,000 total recipients per 24-hour period. Counting recipients is different than counting messages. For example, sending 100 emails that each have 100 recipients is counted the same as sending 10,000 emails that each have a single recipient.

     

     

    Data Center Connections

    For more information regarding infrastructure connections or Ivanti data centers, refer to this document: Infrastructure Connections to Data Centers - landing page

     

     

    High Availability Deployment

    We designed our application to be multi-tenant with high levels of availability. Web application tiers are redundant in design with individually scalable application components, deployed across multiple fault-tolerant zones. Application and infrastructure monitoring is available to regulate flow of traffic automatically across these zones to maximize application performance and availability. Continuous monitoring detects anomalies, and self-healing processes reduce the need for human intervention and recovery.

     

     

    Disaster Recovery

    We use always-on replication for near real-time replication of data to provide a low Recovery Point Objective (RPO) and minimize data loss in the low-probability event of a naturally occurring or human-induced disaster.  We use hot backup sites for our core services that our 24x7 NOC Operations can switch to if deemed necessary.

     

    Each AWS Data Center has a corresponding Disaster Recovery site.  That information is as follows:

    • For the Oregon Data Center -> DR  is in N. Virginia
    • For N. Virginia Data Center -> DR is in Oregon
    • For Sydney Data Center -> DR is in Melbourne
    • For Ireland Data Center -> DR is in Frankfurt
    • For Frankfurt Data Center -> DR is in Ireland

     

    More detail on Ivanti Cloud Security can be found here: Ivanti Service Manager Cloud Security.pdf

     

     

    Planned Maintenance Downtime

    Planned Maintenance Downtime shall generally not exceed four (4) hours per calendar quarter. However, in the exceptional case that Planned Maintenance Downtime will exceed four (4) hours per calendar quarter, Ivanti shall provide notice to customers who have opted in to receive these notifications.

     

    Maintenance Window: The Cloud environment Maintenance Window is every Friday, US Pacific Time, and the start time is dependent upon location of the data center.  This is noted as follows:

    • APAC Data Center: 10:00 (10:00am) Pacific Time
    • EMEA Data Center: 14:00 (2:00pm) Pacific Time
    • US Data Centers: 20:00 (8:00pm) Pacific Time

     

    Maintenance Notifications:

    Maintenance notifications are provided on the cadence noted below:

    • Updates requiring no downtime are posted to the Change Calendar.  Notifications are provided 15 minutes prior to the update as well as when the update has completed.
    • Notification for Emergency Changes that are required outside of the maintenance window are provided on an as-needed basis and are sent as soon as possible
    • Notifications are sent five (5) days in advance for the following circumstances:
      • Any change that is expected to cause a disruption in service to Staging or Production environments
      • Any release for a major upgrade.

     

     

    New Releases

    Ivanti releases updates to Service Manager three(3) times per year.  Upgrades and Updates are provided at no additional cost as part of the Support and Maintenance Agreement, including all documentation describing the features and fixes included with each release.  Ivanti reserves the right to determine how and when to develop and apply any product updates and upgrades.

     

    SUPPORT AND MAINTENANCE: Support and Maintenance Services are included as part of the SaaS Offering. Updates are provided to customers as part of the Support and Maintenance Services. Ivanti reserves the right to determine how and when to develop and apply any Updates to the SaaS Offering.

     

     

    Ivanti Support Services

    As part of the Support and Maintenance Agreement, customers receive membership in our global customer support community, and the ability to receive support directly from our full Ivanti customer support team.

     

    Responsibility: Primary contact for all Cloud Customers for general product queries/issues including break-fix communications with customer.

     

    New Ivanti Service Manager Cloud Customer On-Boarding Tasks

    Below is a high-level description of the activities involved in on-boarding a new Cloud customer.  It is not intended to be all inclusive or detail each step of every implementation.  Each customer is unique in their requirements and as such, each implementation may vary in terms of configuration; time to implement, etc.

     

    Project Initiation discussions

    As part of an engagement with Ivanti's Professional Services, an Ivanti Project Manager or Project Coordinator will schedule an initial call to discuss the following points.

    • Preferred customer URL for their tenant
    • Details of VPN connections (if required)
    • Details of E-Mail connections (if required)
    • Single Sign On (SSO) Options
    • 3rd party integrations

     

    Project Initiation Tasks

    Ivanti Service Manager Cloud customers are entitled to three(3) environments: Testing (UAT); Development (Staging) and Production.  As part of the initial activity, the Staging environment is set up where the initial configuration will begin.

     

     

    Project Tasks

    The following project tasks are owned by the customer or Ivanti Professional Service Consultants:

    • Design
      • Including Design workshops and creating design documentation with customer.
    • Build
      • Build work carried out based on design and Statement of Work
    • UAT
      • Manage UAT issues and resolution.

    Customer Go-LIVE

    Support of the Go-Live activities and issues resolution are owned by the customer and Ivanti Professional Service Consultants and Support.

     

     

    Post Go-Live Activities

    • Any issues should be logged with Support through normal support channels. Details can be found here: Welcome to Ivanti Support

     

     

    Ivanti Service Manager Administration Tasks

    Owned by Customer

    • Customers have access to and own all aspects of administration and design within Service Manager.  Restrictions however do apply to Server Configuration files and access to the database through SQL.
    • Development Package moves from Staging to UAT to Production.
      • NOTE: While customers can manage this process, Ivanti recommends that for package moves into Production a service request is logged so that Ivanti can create a maintenance window as well as a perform a full backup as part of the package move to production.

     

    Owned by Ivanti Operations Team

    As Ivanti Service Manager is provided as a Software as a Service, platform, there are restrictions to infrastructure for our customers that Ivanti's Operations Team will retain sole access to administer and maintain. Below are a list of tasks that will be conducted by our Operations Team. Customers requesting any of the below should do so by raising a new Support incident:

     

    Administration

    • Database Backups
      • Customers are entitled to a full backup of their database on a once-per-quarter basis (calendar quarter) to bring into their local environment.  Customers who require more frequent backups may incur additional charges.
    • SQL Scripts and Stored Procedures
      • Verification and application of any approved community scripts. E.g. Set Network Logins, Add Users to Roles
        • Scheduling of maintenance plans on a customer by customer basis.
    • Caveats
      • Changes made by the customer should only be made in their Testing or Development environments.  Although changes can be made directly to the production environment, Ivanti does not recommend this practice.
      • Changes made by the customer directly in their Production environment could cause errors.  Ivanti strongly recommends all changes be made in a development environment migrated to production per established processes.

    Product Releases

    • As part of the new product version release cycle, customers who opt in can receive a temporary "Pilot" environment that allows them to test features or fixes included in an upcoming release using their own database model.  To opt into the Pilot program, customers can contact Support, their Customer Success Manager or their Solutions Partner.  Once the new release is moved into Production, Pilot environments are discontinued until the next release cycle.

     

    Maintenance Notifications

    • Maintenance notifications are provided on the cadence noted below:
      • Updates requiring no downtime are posted to the Change Calendar.  Notifications are provided 15 minutes prior to the update as well as when the update has completed.
      • Notification for Emergency Changes that are required outside of the maintenance window are provided on an as-needed basis and are sent as soon as possible
      • Notifications are sent five (5) days in advance under the following circumstances:
        • Any change that is expected to cause a disruption in service to Production environments
        • Any release for a major upgrade.

    Outage Management

    • Send outage notifications
    • Send RCA Reports and follow up meetings