MANAGED DDOS PROTECTION SERVICE - SPECIFIC TERMS

Super Administrator

Written By James Lee (Super Administrator)

Updated at February 10th, 2021

  1. Service Definitions

    "Acceptance"

    Means in relation to a Service, the date of your activation of the Service

    “Content”

    Means, not limited to, messages, alerts, reports, information regarding DDoS events generated by the systems supporting the Service and made available to you

    “DDoS”

    Means Distributed Denial of Service

    “DDoSProtect”

    Means the security service provided by us that monitors, detects and protects your online presence or services from disruptions caused by DDoS attacks. 

    "Fault"

    Means a fault or defect in the Service or any associated equipment or facilities that disrupts the Service (as set out in this Specific Terms). 

    “Internet Service”

    Means internet access service provided by us to you

    "Service"

    Means the grant to you of the right to use the Service as specified in the Order subject to and in accordance with the terms of this Specific Terms.
  2. Managed DDoS Protection (“DDoSProtect”) Service
    1. In relation to each Order, we will use reasonable endeavours to commence providing the DDoSProtect Services pursuant to such Order on the date of Acceptance for such DDoSProtect Services. Such DDoSProtect Services will thereafter be provided for the Service Term subject to the termination clauses of this Specific Terms and the General Terms.
    2. SPTel’s Internet Service is a pre-requisite for our DDoSProtect Service. You may apply for internet access service through our customer portal.
    3. Each order for a DDoSProtect Service may be applied only to one Internet Service provided by us under a Service Order. All IP addresses associated with that Internet Service will be monitored. Additional charges apply if you require monitoring of additional IP addresses or a subset of a larger range of IP addresses already being monitored.
    4. Upon successful subscription to DDoSProtect Service, you would be entitled to access our online system(s) via a single user ID as provided by us which will include information regarding DDoS events. You may request access for additional users for a fee.
    5. You may select to upgrade your subscription to a higher tier of Service or downgrade your subscription to a lower tier of Service at any time through our customer portal. There will be no Early Termination Charges applicable in the event that you upgrade your subscription to a higher tier of Service. However, Early Termination Charges will be applicable if you downgrade your subscription to a lower tier of Service. For avoidance of doubt, any change to the subscription of Service will result in a new term of the Terms of Service, which shall commence on the date of the change.
    6. If a DDoS attack on your Internet Service (provided by us) was detected by you, and in the event that the attack was not detected by our DDoSProtect Service, you may initiate mitigation action through your access to our online system(s) or our customer service hotline.
    7. You agree that:
      1. The Service is subject to availability of resources, including but not limited to, technical capacity, our delivery systems, network availability and our area of coverage at the time at which the Service is requested or delivered.
      2. Auto-trigger email alerts on detected anomalies are subjected to your internet connectivity and network condition.
      3. We will, in our sole discretion, determine the method of mitigation to be used against a DDoS attack including, but not limited to, cleaning, filtering and black holing of traffic.
      4. Where a DDoS attack is larger than your subscribed mitigation bandwidth or the cleaning capacity of the DDoSProtect mitigation system, we may black hole traffic or use other methods at our disposal to mitigate the attack.
      5. You must not resell the Service or otherwise provide to third parties without our prior written consent, whether for profit or not.
      6. If you subscribe to any Third Party services directly, you shall be responsible for adhering to the Third Party's terms of service. In no event shall we be responsible for any of the Third Party's performance of the service which you subscribed directly.
      7. You shall not use the Service in any manner or for any purpose which may constitute a violation or infringement of the rights of any party including but not limited to their intellectual property or confidentiality rights.
      8. You must not make or attempt any unauthorised access to any part or component of the Service, the network or any third party systems or networks to which you can connect through the Services directly or otherwise.
      9. You must not disrupt the various networks that are connected to the Service or violate the regulations, policies or procedures of such networks.
  3. No Warranties
    1. This Service is provided “as it” and without any representation of warranty, whether express, implied or statutory. We specifically disclaim any merchantability, fitness for a particular purpose.
    2. We do not guarantee:
      1. Continuous and uninterrupted performance of the Services
      2. Any traffic being rerouted away from you or any delays or other changes to traffic caused by routing, filtering or cleaning of your traffic.
      3. DDoS events not detected or protected by us.
    3. The amount of clean traffic generated (maximum up to port size) depends on the outcome of your mitigation efforts made via the Service; and we will not be liable to you or any third party.
    4. We do not warrant the accuracy, reliability or quality of any Content obtained through the Service; and that the Service and access to them are error free and uninterrupted or available at all times.
  4. Processing of instructions submitted via telephone
    1. You may instruct us to act in accordance with your instructions submitted via telephone which are related to the subscription of Services, activation of Services, deactivation of Services and/or termination of Services.
    2. We shall process the instructions after making proper verification. For the purpose of proper identification, you shall correctly answer our verification enquiries. We shall have the right to refuse to act upon your telephone instructions if:
      1. the caller is not one of the authorized person(s) stated at clause 6.1.2;
      2. the caller does not respond correctly to the enquires for the purpose of proper identification;
    3. You shall be responsible for any and all sums payable arising from your instructions to us. We shall bear no liability for any loss incurred by you for processing instructions submitted in accordance with these terms and/or as a result of misinterpretation of an instruction due to any error, ambiguity or inaccuracy of the instruction.
  5. Charges
    1. The Charges payable in relation to each Order do not include cross-connect charges that you may have to incur in connection with the provision of the Service pursuant to such Order unless otherwise stipulated in Order.
    2. If there is a Fault in any month which entitles you to receive a Service Credit Rebate (as set out in this Specific Terms), the relevant Service Credit Rebate will be applied to the Charges for the following month. Such Service Credit Rebate (if any) shall be your sole and exclusive remedy (and our sole and exclusive liability) in respect of such Fault.
    3. We reserve the right to charge you for expenses incurred by us in investigating any Fault reported by you if the Fault is not due to or does not lie within our facilities or Network.
    4. You are responsible for all incidental charges related to accessing, provisioning, maintaining, repairing the Service at your location(s).
    5. All orders are non-cancellable and all amounts paid are non-refundable.
  6. Operational Terms and Conditions
    1. You shall be responsible for:
      1. Determining the severity of the attack and how and when to initiate mitigating any and all attacks via the Service, unless Automatic DDoS Attack Mitigation is ordered and enabled.
      2. Providing us with the names and contact details of any individuals authorised to act on your behalf for Service management matters. We may also accept instructions from a person who we reasonably believe is acting with your authority.
      3. Ensuring that your designated users use the reporting procedures agreed between both of us and will be available for all subsequent DDoS attack management communications.
      4. Assuring that only you or your designated users will access the Service and that you and all your users shall not share user IDs, passwords or other methods for accessing the Service with individuals who are not the designated users of the access provided by us.
      5. Take all reasonable steps to prevent unauthorised access to the Service.
    2. If you become aware of any use of the Service that violates the requirements of Clause 6.1 above, you must take prompt action to suspend your use of the Service. We may ask you to take action within a certain time period. If you fail to comply with our request we may suspend your account.
    3. Whilst traffic cleaning is underway it is envisaged that an increase in latency may occur. We will use reasonable endeavours to ensure that legitimate traffic is received as normally as possible during an attack, and that your site’s experience is affected as little as possible.
    4. Either Party detecting a Fault in the Service shall notify the other Party as soon as reasonably possible. Our contact details will be provided in our service handover document. Your contact details shall be the details provided by you on in our customer portal. You will reasonably cooperate with us in respect of any fault investigation pertaining to the Service or DDoS attacks.
    5. Any Service failure due to changes to the system configurations requested by you is your sole responsibility. Any Charges for rectifying such failure caused by you or any third parties will be borne solely by you.
    6. We reserve the right to immediately stop any ongoing mitigation initiated by you, if any, with or without notice to you, if we determine in our absolute discretion that such mitigation will or may affect the Service's infrastructure, and/or the Network. We will not be liable to you or any third party for the foregoing.
    7. We may, in our absolute discretion and without notice to you, trigger a black hole if necessary to prevent any harm or imminent harm (such as interruption, disruption, congestion, signal leakage and/or any unauthorised action) to our network or the networks of third parties.
  7. Rights in DDoSProtect Service
    1. The provision of DDoSProtect Service pursuant to any Order does not give you any right, title or proprietary interest in the DDoSProtect Service
    2. We own the infrastructure that supports the DDoSProtect Service.
    3. Except as expressly permitted, you must not grant any third party any right to use any DDoSProtect Service that has been provided to you.
  8. Termination Rights supplementing the General Terms
    1. Where the provision of the DDoSProtect Service is conditional on you subscribing to other services with us or satisfying minimum requirements of subscription to such other services from us ("Service Condition"), any violation of the Service Condition will also automatically terminate the DDoSProtect Service and you will be liable for Early Termination Charges.
    2. Where the DDoSProtect Service is subscribed as a secondary service to other Services provided by us, the termination of said Services would automatically terminate the DDoSProtect Services. In this event, an Early Termination Charge in respect of the DDoSProtect Services may be payable.
    3. The minimum period of Service shall be indicated in the Order. Unless otherwise agreed to in writing, when the minimum period of Service expires, this Agreement will be automatically renewed on a calendar monthly basis (based on the same terms and conditions except for Charges, which shall be based on our then prevailing Charges for the Services) unless you give us a written notice of termination at least 30 days prior to the expiry of the minimum period of Service or the renewed term.
    4. Without limiting the foregoing, Clause 4, 5 and 6 will survive any expiration or termination of this Agreement. Upon the effective date of termination of the Agreement for any reason: (a) all rights granted to you under this Agreement, including your right to use the Service, will immediately terminate; (b) you must stop all use of the Service, and (c) you must return or, if we request, destroy any Confidential Information.

SCHEDULE A: SERVICE SPECIFICATIONS

DDoSProtect or Managed DDoS Protection Service is a suite of security service crafted to detect and mitigate DDoS attacks targeting to compromise a protected host or device or asset in the network. SPTel will provide to you the “Enterprise”, “Premium” or “Premium+” option that you select in our online quotation. These options relate to the respective specifications set out in the table below and in any applicable subscription and will apply in accordance with the details set out in that subscription.

  Enterprise Premium Premium +
Features Network-based DDoS Attack Detection Application Layer DDoS Attack Detection DNS Protection (Inbound) Initiated/Automatic DDoS Attack Mitigation Network-based DDoS Attack Detection Application Layer DDoS Attack Detection Signature-based Protection
DNS Protection (Inbound)
Initiated / Automatic DDoS Attack Mitigation Per Incident Report		 Network-based DDoS Attack Detection Application Layer DDoS Attack Detection Signature-based Protection
DNS Protection (Inbound)
Initiated / Automatic DDoS Attack Mitigation 
Cloud Mitigation [100Mbps Clean Traffic]
Per Incident Report

On Demand Value Added Services (“VAS”)

SPTel offers On Demand Value Added Services below to our “Enterprise”, “Premium” or “Premium+” option. Additional charges and minimum contract terms may be applicable.

  >Enterprise >Premium >Premium +
On-Demand VAS Signature-based Protection
Additional DDoS Attack Bandwidth Protection Enhanced SLA: 15 mins

Per Incident Report Customized Notification Protocol
Managed Security Dashboard Additional Login		 Additional DDoS Attack Bandwidth Protection 
Enhanced SLA: 15 mins
Customized Notification Protocol
Managed Security Dashboard Additional Login		 Additional DDoS Attack Bandwidth Protection Enhanced SLA: 15 mins
Customized Notification Protocol
Cloud Mitigation Upgrade
Managed Security Dashboard Additional Login

The following list specifically describes the feature set that will be offered in the service options.

Additional DDoS Attack Bandwidth Protection Customer may choose to subscribe to Additional Attack Bandwidth Mitigation for additional protection beyond the entitled mitigation bandwidth.
Application Layer DDoS Attack Detection Detects attacks mimicking legitimate and innocent application requests, targeted to crash web servers.
Cloud Mitigation When Customer’s subscribed DDoS attack mitigation bandwidth with SPTel reached saturation, upon which customer’s entire traffic will be diverted to a third-party global DDoS mitigation vendor for cleaning before legit traffic is directed back to customer’s router. Cloud Mitigation bandwidth of 100Mbps is included.
Cloud Mitigation Upgrade This VAS allows Customer to increase their Cloud Mitigation bandwidth from 100Mbps onwards
Customized Notification Protocol SPTel will have a standard notification protocol (E.g. escalation personnel contact via SMS). This VAS allows Customer to request to for a bespoke notification protocol
DNS Protection (Inbound) This feature protects the Customer’s DNS servers from inbound DNS based DDoS attacks.
Initiated/Automatic DDoS Attack Mitigation Customer has the option to set mitigation action to be automated or manually initiated once an attack is detected.
Network-based DDoS Attack Detection Customer has the option to set mitigation action to be automated or manually initiated once an attack is detected.
Per Incident Report A report relating specifically in depth and context to a incident.
Managed Security Dashboard Additional Login
 Customer will be provided 2 login accesses to a SIEM dashboard with their DDoSProtect subscription. Additional login access is available at a fee.
Signature-based Protection
 Detects application DDoS and misuse attacks, which are harder to detect and appear like legitimate traffic so they can go unnoticed without a signature based analysis tool.


SCHEDULE B: CHARGES

No. Item Charges
1 One-Time Charge Refer to the Order.
2 Monthly Recurring Charge Refer to the Order.
3 Daily Charge Refer to the Order.
4a Early Termination Charge for cancellation/termination of Order before Service commencement One-Time Charge (if not yet paid) plus all costs and third party liabilities incurred by us as of date of termination.
4b Early Termination Charge for termination during Service Term All Monthly Recurring Charges payable for the remainder of the Service Term.

SCHEDULE C: SERVICE LEVEL AGREEMENT

  1. We will provide you with Service Level ("SLA") Targets and Rebates as follows:
    Service Type Service Level Targets Service Credit Rebates (% of Monthly Recurring Charge)
    Service Availability (For Enterprise and Premium Service) 99.99% per calendar month
    Outage time Service Credit
    >1min to ≤4mins 0%
    >5mins to ≤30mins 3%
    >30mins to ≤4 hours 5%
    >4 to ≤8 hours 10%
    >8 hours 20%
    Service Availability (For Premium+ Service) 99.999% per calendar month
    Outage time Service Credit
    < 1min 0%
    >1min to ≤30min 3%
    >30mins to ≤4 hours 5%
    >4 to ≤8 hours 10%
    >8 hours 20%
    Notification 30 minutes per High Severity incident
    Notification time Service Credit
    30mins to ≤1 hour 5%
    >1 hour 10%
    Notification (For Enhanced SLA) 15 minutes per High Severity incident
    Notification time Service Credit
    >15mins to ≤30mins 5%
    >30mins 10%
  2. Service Availability is calculated as a percentage of time that at least one feature of the service is in function within a given 30-day calendar month. Outage Minutes means the measurement in minutes from the time the Service is unavailable till resolution and is calculated after you open a Priority 1 trouble ticket with us. Service Availability excludes:
    1. The Service has escalated to Blackhole
    2. The Internet Service is not available due to reasons other than a DDoS attack
    3. SPTel has chosen to withdraw the service in observation of product policies, and has duly informed the customer of the service withdrawal

      Service Availability (%) = (1 - (Total Eligible Outage Minutes per Service per month) ) x 100

      43,200 minutes

    4. *Priority 1 means total loss of Service or degraded Service to the extent that it is unusable by you and you are prepared to release its Service for immediate testing.
  3. Notification is calculated as the time from a High Severity incident is detected by us and informed to you via online alerts, email, or SMS. Notification excludes non-delivery due to inaccurate email address or phone number, missed calls or failure to access to our online portal.
  4. Subject to the terms of this Schedule, you will be entitled to a Service Credit Rebate against the Monthly Recurring Charge where a Service to which the Service Level applies fails to be restored by us within the specified time period, as set out in the table in Paragraph 1 above.
  5. Service Credit Rebate(s) will be applied against your account for the calendar month immediately following the month in which the Fault(s) occurred and is capped for all Service Levels at twenty percent (20%) of one (1) month’s MRCs for each affected DDoSProtect Service per month. Service Credit Rebates may not be transferred or applied to any other account.
  6. Notwithstanding anything herein, the calculation of whether a Service Level is met or not, and shall not take into account Faults or other delays arising from or in connection with any of the following:
    1. Scheduled maintenance;
    2. Acts or omissions of you or of any Third Party, or any network, cable, equipment or system connected by you or any Third Party;
    3. Force majeure (as set out in the General Terms) or an inability to gain access to the location for fault isolation and restoration due to your direct or indirect act, omission or negligence.

Related Articles

Managed DDoS Protection Features

DDOS DETECTION Network-Based DDoS Detection Detection of volume-based attacks aim...

Managed DDoS Protection SLA Summary

SERVICE LEVEL AGREEMENT (SLA) SPTel DDoSProtect provides the promise of service q...

Managed DDoS Protection Value Added Services

MANAGED DDOS PROTECTION VALUE ADDED SERVICES VAS Enterprise Premium Premium+ Addi...

Managed DDoS Protection Value Propositions

MANAGED DDOS PROTECTION VALUE PROPOSITIONS Next Generation DDoS Attack Protection...