AndyCare! Pro
SoW Appendix F
This Appendix to your AndyCare! Pro SoW (this “Agreement”) is an integral part of the linked SoW and governs our business relationship with you, so please read this document carefully and keep a copy for your records.
Appendix F – Service & Product Descriptions
Not all plans include all the services listed below:
MDM management & RMM for Workstations & Servers
All monitoring and alert-type services are limited to detection and notification functionalities only. These functionalities are guided by Client-designated policies, which may be modified by Client as necessary or desired from time to time. Initially, the policies will be set to a baseline standard as determined by CA; however, Client is advised to establish and/or modify the policies that correspond to Client’s specific monitoring and notification needs.
CA shall keep all managed equipment and software current with critical patches and updates (“Patches”) as such Patches are released generally by the manufacturers of the applicable hardware or software. Patches and updates are developed by third party vendors and, on rare occasions, may make the System, or portions of the System, unstable, or cause the managed equipment or software to fail to operate properly even when the Patches are installed correctly. CA shall not be responsible for any downtime or losses arising from or related to the installation or use of any Patch, provided that the Patch was installed in accordance with manufacturer’s instructions. CA reserves the right, but not the obligation, to refrain from installing a Patch if CA is aware of technical problems caused by a Patch, or believes that a Patch may render the System, or any portion of the System, unstable.
Servers/Workstations – Mac
● Disk IO Errors (hard drive function)
● FileVault Status (encryption on or off)
● Kernel Panics (OS or CPU issues)
● Laptop Battery - Life Remaining
● Local IP Address and connection (Wi-Fi vs. Ethernet)
● Malware Tests
● Network Errors
● RAM Errors
● Macintosh HD Capacity (checks for drives that are filling up)
● SMART Status (early failure warning)
● Time Machine Status
● Backblaze cloud backup status
● Other application-specific alerts as available/needed
Patch Management & Monitoring – Mac
● MacOS updates - User is prompted to run as updates become available
● Automated maintenance with ability to repair common issues
● Malware scanning & remediation
● Patching of over 200 software titles including the big names and many popular shareware and freeware titles - a full list can be found at: https://support.addigy.com/support/solutions/articles/8000072792-public-software-managed-by-addigy (patches have been manually vetted and tested by manufacturer).
● Additional customized software updates based on needs
● A customized scheduling method that accommodates end users’ workflow to reduce downtime/interruption.
● Remote deployment of software installations
● Enforcement of security settings
● Ability to remotely wipe or lock computer
● Prevention of unauthorized OS updates & upgrades
Patch Management & Monitoring - Windows
● Patch Management
○ Patch review and approval before deployment
○ Daily Patch Scanning
○ Tiered deployment priority based on severity of updates
■ Critical - As soon as possible
■ Important - off work hours
■ Optional - off work hours
○ Detailed auditing of applied patches
○ Automated workflow for patching and reporting
● System Configuration Management
○ Security compliance and configurations
○ Remote management access configurations
○ Printer and network device remote configurations
○ Remote Automation for system customizations
● Software Deployment
○ Customized software deployment automation
○ Automated updates
○ Self Service Portal for optional software catalog
● Inventory management
○ Application Control
○ Hardware/Software monitoring and alerts
○ System Scanning for software metering
● Remote tools
○ System Management
○ Chat functionality
○ Remote Control
○ Wake On Lan
● Reporting
○ Custom reporting based on any device metrics
● Cloud based management
MDM management for iOS and iPadOS devices
Our MDM (Mobile Device Management) solution offers seamless management for iOS and iPadOS devices within organizations. From device provisioning to security enforcement and app management, This solution provides centralized control over the entire fleet of Apple devices. With features like remote configuration, app deployment, compliance monitoring, and security policies enforcement, ensures efficient and secure management of iOS and iPadOS devices across the organization. Simplify administration, enhance productivity, and maintain compliance with our robust MDM solution.
● 24x7x365 MDM with customized monitoring and alerting
● Remote Configuration
● App Deployment and Management
● Compliance Monitoring
● Security Policies Enforcement
● Device Provisioning
● Remote Lock/Wipe
● App Whitelisting/Blacklisting
● Inventory Management
● Automated Patch Management
● Apple Account Management
● Remote Support and Troubleshooting
MDM Management for Android devices
Our Android Management (Mobile Device Management) offers comprehensive management and security solutions for Android devices in the enterprise. From device provisioning to app management and security enforcement, it provides centralized control over the entire Android device fleet. With features such as remote device management, app distribution, compliance enforcement, and data protection, Eensures efficient and secure management of Android devices across the organization. Simplify administration, enhance productivity, and mitigate risks with our Android Management solution.
● Remote Device Management
● App Distribution and Management
● Compliance Enforcement
● Data Protection
● Device Provisioning
● Security Policies Enforcement
● Remote Lock/Wipe
● App Whitelisting/Blacklisting
● Location Tracking
● Inventory Management
Network Management
For covered networks:
● Firewall Management
○ Manage accessibility to network
○ Firmware updates
● Wireless Network
○ Up to (3) Wireless Access Points (APs)
● Virtual Private Network (VPN)
○ Set-up and Manage VPN
○ Manage User Access
● Proactive Alerting
○ Configuration settings are changed
○ A device goes offline for X minutes
○ A VPN connection comes up or goes down
○ The primary uplink status changes
○ The DHCP lease pool is exhausted
○ An IP conflict is detected
○ Cellular connection state changes
○ A rogue DHCP server is detected
○ A warm spare failover occurs
○ Malware is blocked
○ Malware is downloaded
○ Clients connect or disconnect from the LAN
● Monthly Audits
● Vendor Liaison – based on Plan selected
● Troubleshooting/Restoration of Services
Email Security & Email Encryption
● Secure all email - incoming, outgoing and internal
● Advanced AI-based anti-phishing
● Anti-spam filtering
● Known malware prevention (Antivirus)
● Protection from zero-day malware (File Sandboxing)
● File sanitization (CDR)
● Malicious URL protection (URL Reputation)
● URL click-time protection (URL Rewriting)
● Protection from zero-day malicious URLs (URL Sandboxing)
● Account takeover prevention (Anomalies)
● Unauthorized applications detections (Shadow IT)
● Data loss prevention (DLP)
● Email encryption (for email sent to recipients outside your domain)
DNS Web Security
● Advanced DNS filtering
● Protection against protection from HTTP and HTTPS security threats
● Malware blocking, content filtering, phishing protection
● Flexible policy setting via granular policy engine
Vulnerability Scanning
● With advanced threat intelligence, real-time monitoring, automated response, and a built-in vulnerability scanner, this system ensures your network stays protected. Its user-friendly interface and proactive defense features, including intrusion detection and role-based access control, keep your business secure and compliant.
○ Threat Intelligence Integration
○ Intrusion Detection and Prevention
○ Behavioral Analysis
○ Automated Response Capabilities
○ Compliance Monitoring
Endpoint Protection:
Endpoint Protection is a comprehensive security solution for business endpoints. It offers advanced threat detection, including antivirus, antimalware, firewall, and anti-phishing features. With machine learning and behavioral analysis, it can identify and block known and unknown threats in real-time. ● Advanced Threat Detection
Antivirus & Anti Malware Protection
Firewall
Centralized Management Console
Device and Content Control
Integration with SIEM Solutions
Lightweight Agent
Multi-Layered Protection
Continuous Monitoring & Real-time Prevention
Ransomware Protection & Application Control
USB Device Control
Dark Web IDTM
Dark Web Monitoring provides continuous searching, monitoring and reporting of your digital credentials on the Dark Web. This platform combines human and sophisticated Dark Web intelligence with search capabilities to identify, analyze and proactively monitor for your organization's compromised or stolen employee and customer data.
Included Services
Monthly monitoring of Dark Web email accounts associated with the primary domain, both current and past.
Individual compromise report emailed to the named Tech Advocate as they are discovered, and CA is notified.
Monthly summary emailed report of compromises found sent to the named Tech Advocate.
Monitoring of 10 personal email addresses per organization. (Must be provided to CA in a .csv-formatted file, and updated as needed) ● View-only access to the Dark Web ID dashboard
Excluded Services
Services rendered under this Section include initial install/training. Further action to review results, remove, change, or correct Client passwords or other data is the responsibility of the Client. No other labor or support is implied or covered by this Section.
Client is responsible for notifying CA in writing that personal email addresses be added or removed.
Backblaze Workstation Backup for Mac & PC
Included in certain Standard, Plus, Pro and Max plans. Available for Essential plans on a per-computer basis.
● No File Size or Bandwidth Speed Limits
● Backblaze constantly scans for new or changed files and automatically backs them up.
○ No need to pick files or folders. We back up everything automatically.
● Keep Old Versions and Deleted Files for One Year or Forever
○ Backblaze keeps old file versions and deleted files for 30 days.
○ Option: Now you can extend it to one year for free or forever for versions retained beyond one year.
● Unlimited Data
○ There are no limits to how much data you can backup with Backblaze.
● Unlimited File Sizes
○ Backblaze will backup any size of file. You can limit this in the settings panel.
● Unlimited Drives
○ Plug in any external hard drive by USB, Firewire, or Thunderbolt and Backblaze will back it up. Sweet!
● You Decide How Long
○ You have more important things to do than spend time picking files and folders to backup. That’s why Backblaze backs up your data automatically, and constantly looks for new and changed files to backup. Install Backblaze and never worry about losing a file again.
What We Don't Backup
● Backblaze does not want to waste your bandwidth or Backblaze data center disk space. Thus, we do not backup your operating system, application folder, or temporary internet files that are transient and would not be useful in the future. Backblaze also excludes podcasts in iTunes. ● Certain File Types
○ You can see these exclusions by clicking on “Settings…” in the Backblaze Control Panel and selecting the Exclusions tab. These exclusions can be removed! Some of these excluded files are:
■ ISO (Disk Images)
■ DMG (Mac Disk Image)
■ VMC VHD VMSN (Virtual Drives)
■ SYS (System Configuration & Drivers)
■ EXE (Application Files)
■ Other Backup Programs
○ Backblaze doesn't backup backups like Time Machine and Retrospect RDB.
○ Deleted Files
● CA offers Backblaze version retention for 30 days or 1 year as part of certain plans. Lifetime version backup is available at an additional charge. Backblaze will keep versions of a file that changes for up to 30 days (or 1 year, or lifetime). However, Backblaze is not designed as an additional storage system when you run out of space. Backblaze mirrors your drive. If you delete your data, it will be deleted from Backblaze after 30 days (or 1 year, or lifetime).
● Disconnected External Hard Drives
● Your external hard drives need to be connected to your computer and scanned by Backblaze at least once every 30 days in order to keep them backed up.
Backblaze B2 Cloud Storage
● Offsite backup of local server data
● Billed monthly per/TB of storage used and certain data transport fees (eg: restoration of data)
