It is not easy for IT administrators of large organizations to manage and maintain their networks and everything connected to the design, infrastructure, building, deployment and management of a network. At the same time it is difficult to simply hand over control of the most critical security components of their network infrastructure. But in recent years, more and more companies are outsourcing the building, deployment and management of parts of their network infrastructure to managed services providers, who guarantee the highest security standards and stringent quality norms. Anyone thinking about outsourcing such a mission-critical aspect of their network should understand in detail the potential security implications to their security and performance, as well as the company as a whole. One of the biggest differences among providers of network management services is the service-level agreement (SLA). It is essential to understand the various aspects of the SLA and what the SLA should contain and why a well-defined stringent SLA is necessary.
In general, a network management services provider SLA should cover the following areas:
Service Summary
The service summary section usually appears in the introductory section of the SLA. This summary will enumerate the obligations that you – as a customer – must fulfill in order to satisfy the SLA. This section will usually list the support level the customer has purchased. The support level determines how fast the service provider will respond to service requests, how many service requests are allowed per month or annually, how often the customer will be notified during emergencies, and what is the general service availability guarantee.
Infrastructure
Service providers host network management services in a variety of ways. Some will offer dedicated services and teams at your site. Some will provide customers with dedicated services from the provider’s own network operations center. Regardless of the method used, the service provider should state clearly in the SLA how the service is to be provided. Once you’re sure of the infrastructure in use, you will be able to understand and specify infrastructure requirements, performance, upgrades and so forth.
Software
Most service providers partner with equipment providers such as Cisco, Nortel and others. Other service providers will use open-source software. It’s important to know what software will be used for the service you have purchased. Your company may have specific requirements, such as avoiding unsupported open-source software on any of your network.
Service Availability
This section describes exactly what service level guarantee the customer will receive. One of the most critical service-level guarantees is network uptime. For example, 99.5% uptime means that your network can potentially be down for 216 minutes per month without any penalty for the service provider. If the service is down more than the guaranteed level, the service provider will compensate you for that period of time. It is critical to understand what the service provider considers to be downtime. For example, most service providers will not consider upgrades to constitute network downtime; therefore, you will not be compensated for those periods of unavailability. Other service-level guarantees the agreement may specify include how fast the service provider will respond to your service requests, how long upgrades will take, how fast service providers will detect and report problems, and so forth. Another critical consideration is how the service provider will be penalized if the service-level guarantee is not met.
Service Requests
SLAs generally provide for a number of standard service requests per month and a number of emergency service requests per month. Understanding when the service call will be considered an emergency request will allow you to properly plan for changes. For example, if the service provider considers any requests you want performed outside of standard business hours to be emergency, and most of the changes you want fall outside of that time frame, you may need to re-state SLA terms. More importantly, some service providers may limit the number of IT personnel from your company allowed to open service requests. Others may consider certain service requests to count as two requests. Some service providers may charge extra for certain service requests, and so on.
Monitoring and Reporting
Network administrators can find it extremely frustrating if they’re unable to quickly perform troubleshooting when the network is unexpectedly down, or if they don't have the resources for a quick network analysis when an incident is detected. Thankfully, service providers are doing a much better job of providing reports to customers on bandwidth utilization, uptime analysis and log management. But you'll still need to ask a number of questions. For example, will you receive daily, weekly or monthly reports based on your network? Can you get custom reports so you can perform troubleshooting or network problem analysis? Availability, responsiveness, quality and communication are important elements to consider for any service provider SLA.
