Operation of a virtual appliance in your infrastructure
(1) //SEIBERT/MEDIA shall provide a virtual appliance (hereinafter "VA") as a virtual machine (hereinafter "VM") for operating the software on the Client's servers. In order to ensure the best possible operation, the following general conditions are specified:
The client must run the virtualization solution from VMWare and can import the VA, which is provided in the *.ova file format.
In order to be able to prepare the VA in advance, the customer must complete a Technical Questionnaire.
//SEIBERT/MEDIA shall specify the operating system in the VM.
PostgreSQL is used as a database in the VM.
In consultation with the Client, and where it is technically justified, connections to database systems managed by the Client are possible.
The VM must have access to the Internet. The VM and the application running on it will be accessed via a domain name that can be resolved in the Client's network.
The VM will be managed via SSH over a Site2Site VPN connection between the //SEIBERT/MEDIA network and the Client.
At least TCP ports 22, 80, 443 and 5666 (to the virtual appliance) and 8086 must be directly accessible via the Site2Site VPN.
The Client is not given root access to the system, but will be provided with a Linux user account with limited administration rights. For emergencies, //SEIBERT/MEDIA will provide documentation on how the Client can obtain full root access.
All activity and login attempts over SSH through both //SEIBERT/MEDIA and the customer's network are logged.
//SEIBERT/MEDIA takes full responsibility for the monitoring of the VM and the application over the Site2Site VPN.
//SEIBERT/MEDIA provides automatic consistent backups of the application in predefined directories in the VM.
The Client is responsible for the historical storage of these backups in their internal infrastructure.
In addition to the backups, block-based VM backups, e.g. as VMware vSphere snapshots, must be created daily by the Client. These backups must be kept for at least 3 days.
The Client must provide direct contacts to people responsible for the following components in the Client’s IT infrastructure, who must also respond during the agreed service hours (see § 7) in order to resolve any problems that may occur:
Virtualization system (e.g. VMware vSphere) for VM snapshots and emergency Linux management.
Active Directory for troubleshooting in case of login problems.
Backup systems to provide access to backups.
If necessary, externally connected database systems or database cluster systems for troubleshooting or to import backups.
When anti-virus software is mandatory according to company policy, they may not perform active real-time interventions in the file system (on-access and quarantine function), but only work passively (on-demand and reporting to the client's IT department).
(2) Other conditions reflecting the latest technology shall be specified to the Client before an order is placed, insofar as this is necessary for the operation of the software.