DDoS Mitigation Service Level Agreement

1.      Time-to-Mitigation Service Level

 

Attack Type Time-To-Mitigation
UDP/ICMP Floods 5 minutes or less
SYN Floods 5 minutes or less
TCP Flag Abuses 5 minutes or less
GET/POST Floods 15 minutes or less
DNS Reflection 10 minutes or less
DNS Flood Attack 10 minutes or less

 

2.      Consistency-Of-Mitigation Service Level

QuadraNet commits to providing a Consistency-Of-Mitigation level of no less than 95%. Consistency-Of-Mitigation is defined as being the proportion of the traffic that is forwarded to Customer’s protected assets via the Service that is clean.

Service is defined as the DDoS mitigation service provided by QuadraNet pursuant to the terms of the Agreement or sales order(s) to protect against attacks that may saturate Customer’s internet connectivity.

 

3.      Time-To-Mitigation and Consistency-Of-Mitigation Failures

The following table describes the remedies should QuadraNet fail to meet its Consistency-Of-Mitigation commitments following the Time-To-Mitigation target period within any given calendar month:

 

Time-To-Mitigation Duration (Per attack) or Continuous Loss of Consistency Remedy
Greater than TTM target & less than 90 minutes 1 day credit of monthly Service fee
Greater than/equal to 90 minutes & less than 180 minutes 3 days credit of monthly Service fee
Greater than/equal to 180 minutes 4 days credit of monthly Service fee

 

4.      Service Outage

Customer shall be eligible for remedies if affected by a Service Outage and it reports the interruption in the Service to QuadraNet within five (5) calendar days of the commencement of the outage event. QuadraNet shall determine in its sole discretion exercising good faith whether the interruption to the Service caused a Service Outage using its records, data and other evidence. QuadraNet shall make remedies to Customer for valid Service Outage claims accordingly.

Service Outage is defined as an interruption of the Service as a result of QuadraNet’s actions or failures that results in:

  1. The total lack of availability of Protected Assets for a period of at least 30 minutes; or
  2. Degraded availability of Protected Assets for a period in excess of 1 hour.

 

Service Outage Occurrence Time elapsed since a Service interruption became a Service Outage Remedy
Single event within a calendar month Less than 3 hours 2 days credit of monthly Service fees per Service Outage
Single event within a calendar month More than 3 hours but less than 72 hours 3 days credit of monthly Service fees per Service Outage
Multiple events within 3 calendar months Events greater than 45 minutes (at least one event in any 10 days) Material Breach – Customer can terminate Service

 

5. Protection Limits

Unless otherwise defined in a Service Order, Customer may receive up to 2 attack incidents per month for a total duration not to exceed 12 hours. Customer may elect to purchase additional attack capacity, incidents, or duration from QuadraNet at the then-current rate. Attacks in excess of Customer’s protection in capacity, number of incidents, or total duration will be mitigated solely by null-route.