Forum OpenACS Q&A: Service Level Agreement negotiation

Posted by Tom Jackson on 05/22/03 07:46 PM

Hey it is time for me to step up to reality and move my servers off my dsl line and into a real ISP. I'm thinking of locating in Fisher Plaza with an ISP that is moving there in July.

They have sent me their SLA, but I don't know what to look for, and to watch out for.

Are there any guidelines on what to ask for, and what to pay? One thing that I noticed was that they charge $7/Gb when I exceed my montly transfer. Isn't that kind of high?

Overall the agreements sounds like I have to pay them, and they don't have to do anything.

2: Re: Service Level Agreement negotiation (response to 1)

Posted by Malte Sussdorff on 05/22/03 08:30 PM

Hello Tom,

it really depends on what they charge you and how many servers you want to host with them. But $7/GB is to high. We could offer you considerably better conditions than that and still make a decent amount of money :).

You should ask for remote hands support (and how much is included per month). You should ask for reaction times in case something breaks with your server (aka, how fast is remote hands available) as well as with their connection. Do they have backup connections, who is providing their connection, how well connected is this provider. Furthermore ask what happens if they or their connection provider goes out of business (not unlikely these days). Demand at least one month of notice.

As they will normally not state anything in their SLA that would make them pay you money, you should make sure that the risks are fairly low of something happening and that you have the option of leaving them quickly if they don't provide you the service (e.g. if the internet connection is down for more than 12 hours per month, then you have the right to immediatly cancel the contract without further notice).

Last but not least, you should make sure though that you don't promise something to your clients (e.g. uptime of 99.9%) if the hosting provider does not guarantee the same to you.

3: Re: Service Level Agreement negotiation (response to 1)

Posted by Walter Smith on 05/22/03 08:37 PM

SLA's are a known problem in the industry. For an excellent treatment of the subject and a really good primer on colo/hosting/managed services, you can check out Doug Kaye's book, "Strategies for Web Hosting and Managed Services." He's got a web site at http://www.rds.com/books/.

Below is one of my works in progress, an internal document for evaluating and negotiating with managed services providers. At this point it is incomplete, but there are some important points, and maybe someone else can step in and fill in the gaps.

COLO/MANAGED SERVICE PROVIDER EVALUATION
Assuming a combination of colocation and managed services, that you are providing rack space, power, connectivity, and related services as well as additional managed services.

The need for managed services is because I have to offer my clients a service level based on web site uptime, not just hardware or network uptime. The typical colocation facility will provide an SLA that guarantees power and pipe, but there are so many other things that can go wrong.

Coverage - I think of managed services as a
- 24/7 NOC - a network operations center that is staffed at all times
- Off-hours/overflow customer service support -
- Documentation/runbook
- Backup, recovery, and reboot

The dilemma for businesses running the OACS is that it doesnt fit into the standard managed services packages, which ordinarily only support a limited number of the most common applications and operating systems. You are then stuck paying for a much more expensive "custom" managed service package, and still not getting comparable support because perhaps they have only one or two people on staff who have been trained in your configuration. In this sense it is desirable that the MSP be "specialized" in the applications needed to run OACS, although this raises the concern that they will not have enough business to support themselves on that.

Application Support - typical managed services packages only support a limited list of applications and a couple of OS's, usually Windows 2000 and Redhat. Obviously, it would be important to make sure they will support the variations/customizations necessary for your environment.

Monitoring -
- Web site monitoring and alert notification
- Traffic monitoring and shaping

Hardware acquisition assistance purchasing recommendations, capacity planning assistance, leasing arrangements.

CDN

Network security

No single points of network failure:
- Redundant bandwidth from multiple tier-one providers, favorable peering arrangements, and BGP4 peak usage at less than 60% of capacity so that the network can support the loss of any one connection.
- Redundant network routers cross-connected to the redundant backbone connections.

Staffing:
How are you staffed? How many people, whats the structure, who knows what, etc.

Pricing:
What is your pricing model? Time-and-materials, flat-rate, retainer, etc.?

4: Re: Service Level Agreement negotiation (response to 1)

Posted by Patrick Giagnocavo on 05/22/03 09:18 PM

Tom, I sent you a private email with some other recommendations.

But for your specific question concerning SLA's it has been my experience that you rarely get satisfaction as a result of what is in the SLA.

What matters more is

1) are you considered a good customer or just another "small fry" operator?

2) are the folks running the place competent and flexible, or are they bureaucrats?

Bandwidth pricing is all over the place, but a T1 from Internap (pretty much the best there is) is less than $900/mo most places. So figure 300GB as a typical max monthly usage and you have a base rate of $3/GB. Plus power, space, profit, etc. Of course, the company you are dealing with is buying much much more than a T1 and therefore getting a better price.