Report: Digital Espionage and Innovation: Unpacking AgentTesla

Search
Close this search box.

Support And Maintenance Agreement

This Support and Maintenance Agreement (“Agreement”) sets forth the agreement, terms and conditions applicable between Fidelis Security (“Fidelis”) and the Customer (“Customer” or “User”) entity purchasing any Fidelis services of the type described herein. By issuing a purchase order for a technical support/maintenance service offered by Fidelis, the Customer entity placing such a purchase order (“User”) agrees to be bound by the terms of this Agreement. The terms of this Agreement are conditioned upon Customer’s strict adherence to the Fidelis End User License Agreement (EULA). In the event of any conflict between this Agreement and the EULA, the EULA shall control.

Customer agrees and acknowledges that Customer has read and agreed to all terms and conditions contained herein. IF CUSTOMER DOES NOT AGREE WITH ALL TERMS AND CONDITIONS CONTAINED HEREIN, CUSTOMER MUST IMMEDIATELY CEASE ALL USE OF THE PURCHASED PRODUCTS AND/OR SERVICES. THIS AGREEMENT DOES NOT REQUIRE CUSTOMER’S WRITTEN APPROVAL.

In the case where Customer has purchased products and services form a Fidelis reseller or distributor, all rights contained herein shall be passed through to Customer. Such entitlement is conditioned upon the level of support Customer purchased and receipt of payment.

1. Support Contracts; Term

For each Fidelis Product with respect to which Customer wishes to purchase support and maintenance services as set forth herein, Customer will issue to Fidelis a purchase order for support (“Support PO”) for a specified term at agreed prices. (A purchase order that is considered a Support PO hereunder may also include other line items, including for product purchases, on the same purchase order.) When accepted by Fidelis, this Support PO will create a contract between Fidelis and the Customer (“Support Contract”) for provision of maintenance/support services with respect to such Product (a “Supported Product”) in accordance with the terms and conditions set forth in this Support and Maintenance Agreement. “Product” shall mean the object code copy of the proprietary Fidelis product (“Software”), and any associated Fidelis-provided hardware, together with the accompanying Documentation. “Documentation” shall mean the user guides and manuals for installation and use of the Product regardless of format.

The initial term of each Support Contract shall commence on the date of shipment of the Supported Product or the date that software is made available for download, and shall end on the date that is such number of months after such date as is indicated in the Support PO unless otherwise agreed in writing.

Fidelis will not provide services (this includes software updates including critical security fixes/ patches, software updates, threat feeds and phone or email support),  under this Agreement with regard to a particular Product following the expiration date of a Support Contract (the “Expiration Date”). In order to prevent a lapse in service, Fidelis must receive a Support PO for renewal of service prior to the Expiration Date. By issuing a renewal Support PO in accordance with agreed prices, User can renew the Support Contract for the term indicated in the relevant Support PO, and provision of services will then continue, uninterrupted, for the term indicated, based on a term commencement date that is the day after the Expiration Date. If a Support Contract lapses without renewal, Fidelis may, at its option, decline to make services available for subsequent purchase and if it agrees to a subsequent purchase reinstate may impose an additional charge for reinstatement of service.

2. Support and Maintenance Services

Maintenance/support services generally contain three elements: (a) Software Maintenance, (b) Hardware Support and (c) Technical Support. Responsibilities as to each are as set forth below.

2.1 Software Maintenance

Fidelis will provide “Software Updates” for Fidelis Software. Depending upon the product, Software Updates may include: (i) Releases (defined as revisions and updates made generally available for commercial release by Fidelis at no charge to its customers who have purchased maintenance contracts for the Product with which the Release is to be used) or (ii) Maintenance Updates, including operating system updates for appliances. Software Updates will be made available to User electronically via Fidelis’ password-protected support portal. Where appropriate, as determined by Fidelis, Fidelis may distribute Software Updates on physical media at Fidelis’ sole discretion. All use of Software Updates by User is governed by the terms and conditions applicable to the Fidelis software previously licensed by User and/or the license provided with such Software Updates.Fidelis does not guarantee that all Software Updates will run on all Fidelis-provided hardware.“Software Updates” does not include any software that Fidelis, in its sole discretion, designates as a new product in that it charges its customers on maintenance separately to license such software.

Software Maintenance keeps the software up-to-date by providing access to, and the right to deploy, the latest threat intelligence updates, program versions and releases, and remote technical software support features.  Software Maintenance benefits will cease upon expiration of the applicable support agreement, but may be reinstated upon payment of a reinstatement fee if not renewed prior to lapse of service.

Error Corrections and “Bug” Fixes. Fidelis shall utilize commercially reasonable effort to correct any recurring code error or “bug” in the Software that is directly attributable to Fidelis. Fidelis shall have no obligation to correct all errors and shall not be liable for correction of errors attributable to any third party.Customer, upon discovery of any such error shall notify Fidelis in writing and provide instructions to illustrate or reproduce the error. Any error that is corrected or “fixed” in any available version or release shall relieve Fidelis of any obligation to fix such error.

2.2 Hardware Support

As a result of its technical support services (see below), Fidelis may from time to time diagnose that a reported problem is due to a failed Fidelis hardware product. Fidelis will use the following process with regard to hardware repairs. Fidelis may only provide hardware support for up to three (3) years from the date of original shipment of a Product from Fidelis or its designee. Hardware support for older Product will be provided at Fidelis’ sole discretion.

For hardware purchased prior to April 1, 2018 (Revision H and older hardware), following completion of remote troubleshooting and problem determination, Fidelis will determine, in its sole discretion, if the issue (a) can be resolved remotely, (b) can be resolved with shipment of parts, or (c) requires an on-site service technician for resolution. If Fidelis determines that an issue requires an on-site technician and/or parts, it will initiate dispatch of the technician and/or parts for necessary repairs and resolution on a Next Business Day basis. “Next Business Day” means the following business day, based on the Fidelis business day schedule, for requests received by Fidelis prior to 2pm US EST, and the subsequent business day for requests received later in the day. Requests will only be accepted during normal Fidelis business hours (8 hours a day, Monday through Friday, excluding holidays). Outside the continental United States, Fidelis cannot guarantee availability of on-site service, and will ship parts for Next Business Day delivery, but does not guarantee arrival at the User’s location in that time frame. Arrival times will vary depending on location.

For hardware purchased after April 1, 2018 (revision I and newer), Fidelis provides parts replacement only.  Any on-site services may be purchased separately.

2.3 Support Programs

Standard Support includes the services described in Sections 2.1 and 2.2 under the following parameters (Standard Support is only available on products purchased prior to January 1, 2016):

  • Technical Support (as more fully described in Section 2.5) between the hours of 8AM – 6PM EST, Monday through Friday exclusive of Fidelis holidays
  • Software maintenance and new releases
  • Hardware service with on target goal of next day service
  • 24×7 online web portal for case management, knowledgebase articles, and access to software and documentation

Premium Support (Standard Support is only available on products purchased prior to April 1, 2018)

  • All the benefits of Standard Support
  • 24x7x365 access to Technical Support Engineers

2.4 RMA Policy and Process

Fidelis may determine, in its sole discretion, that it is necessary to return a Product to Fidelis. In such circumstances, Fidelis will issue Customer a Return Material Authorization (RMA) Number prior to shipment. Each RMA Number will be specific to the matter giving rise to such necessity and records shall be maintained regarding the issue and processing of the Product.

Return and Repair. Fidelis will coordinate with Customer to identify the hardware issue and provide an RMA Number for the return item. Customer shall then repackage the hardware based Product in the original packaging or the packaging sent along with the replacement unit/part(s)/component(s) (Fidelis is not responsible for damage during shipping and is not covered under any part this Agreement), affix the shipping label to the product with the RMA Number notated and ship the Product to the Fidelis specified location. If Customer is located outside of the United States, Customer shall be responsible for any and all taxes, duties, fees, VAT and any other charges associated with the import of the repaired Product. Under no circumstances will Fidelis be the importer of record into Customer’s country of destination. Fidelis makes no guarantee of time frame for delivery of product to Fidelis or to Customer). If Fidelis does not receive delivery of the returned Product or component to the Fidelis specified destination within fifteen (15) calendar days following Customer receipt of the replacement Product, Customer will be invoiced for the then current list price of the replacement Product or component whichever was shipped under the applicable RMA number. For RMAs consisting of parts or components, Fidelis shall retain title to any and all parts and/or components returned.

Advance Replacement. Available only with active Premium Plus maintenance and support. Fidelis will coordinate with Customer to identify the hardware failure and provide an RMA Number for the return item. Provided that no external configuration is required, no circumstances arise outside Fidelis’ control and that the RMA is issued prior to the daily cut-off shipping time, Fidelis will ship a replacement Product to Customer by the next business day (Fidelis does not guarantee next Business day arrival) arrival along with a prepaid shipping label for the return shipment. Fidelis will pay all shipping costs associated with the replacement Product except that if Customer is located outside of the United States, Customer shall be responsible for any and all taxes, duties, fees, VAT and any other charges associated with the import of the replacement Product. Under no circumstances will Fidelis be the importer of record into Customer’s country of destination. Upon receipt of the replacement Product, Customer shall repackage the return Product in its original packaging, write the RMA number on the outside of the packaging and return the product under FOB destination terms except that Fidelis shall pay for the shipping (Fidelis is not responsible for damage during shipping and is not covered under any part this Agreement; title does not transfer to Fidelis until Fidelis’ receipt thereof). If Fidelis does not receive delivery of the returned Product to the Fidelis specified destination within fifteen (15) calendar days following Customer receipt of the replacement Product, Customer will be invoiced for the then current list price of the replacement Product. Fidelis makes no guarantee of time frame for delivery of product to Customer or return shipment to Fidelis. Debugging of a product is to be performed on the Customer site and will not qualify for an Advance Replacement.

2.5 Technical Support

Fidelis will provide technical assistance for each Supported Product as follows:

Online Support
Fidelis’ online support center is accessible via personalized login, through Fidelis’ website, support.fidelissecurity.com. The user agrees to keep the personalized login information highly confidential. Under no circumstances will it disclose or permit to be disclosed login information to any third party (with the exception of its own employees or contractors who need to know it in connection with this Agreement.) Information available to User in the on-line support center may include:

  • Knowledge base solutions, including:
    • Frequently asked questions
    • Common problems and solutions
  • Product updates and related information, including:
    • Product Documentation
    • Technical Bulletins
    • Software Updates
    • Software release notes

Live Interactive Technical Support
Fidelis support representatives will provide assistance with the diagnosis of product configuration issues and failures specific to Fidelis products.

Requests for technical support may be made via email to [email protected] or by telephone to the support numbers published from time to time on support.fidelissecurity.com.

Technical support cases will be managed based on the priorities and criteria indicated below using the associated target response and resolution objectives:

PriorityCharacteristicsResponse targetResolution target
1System unavailable or severely compromised;
no workaround available; highest business impact
30 minutesFidelis will work continuously on the issue until there is a fix or an available workaround to lower the business impact
2System operating with limited capability or
potential compromise; high-moderate business impact
2 hoursFidelis will work with Users to define workarounds and then to include a product fix in a special patch release or the
next maintenance release
3System operating within published capability;
non-critical features may be limited; moderate
business impact

4 hoursFidelis will work with Users to define workarounds and then to include a product fix in the next maintenance release
4System operating within published capability; low
business impact
8 hoursFidelis will include a product fix in the next
maintenance release or minor release
5Enhancement requests; very low impact to
production system or impact only to test system;
little or no business impact

5 daysFidelis will work during normal business hours and within the planned release cycle to address

The above targets will apply to requests submitted by phone during business hours for legacy Standard support. However, for Support Contracts for Fidelis Premium service, Fidelis will respond to requests submitted by phone in Priority 1 cases within four (4) hours, and such calls may be submitted 24 hours a day. For requests submitted via email, Fidelis will respond by the end of the next business day. Business hours means Monday to Friday 8:00 AM to 6:00 PM, United States Eastern Time, exclusive of holidays observed by Fidelis.

3. Customer Responsibilities

In order for Fidelis to provide effective technical support the User must fulfill minimum responsibilities. The items for which Users are responsible are:

Case Requests

  • Detailed description of the problem including Product and serial number (if hardware based)
  • Troubleshooting already performed
  • System log files
  • Configuration and log in details to allow Fidelis remote access

Customer Assistance

  • Ensuring that either a modem (as designated by Fidelis) is installed on the User’s network or Internet access is provided; and
  • Providing Fidelis with all necessary authorizations for remote access by Fidelis to the User’s network
  • Maintaining personnel with adequate technical expertise and training to assist the Fidelis technical support center in providing troubleshooting and problem resolution.
  • Reasonably cooperating with Fidelis support personnel in the diagnosis of a problem
  • Maintaining an unmodified copy of all Software Updates and all related documentation, archival files and configuration files necessary to reinstall, reconfigure or reconstruct any lost, altered, or damaged software.
  • Maintaining Fidelis software at the current release or no more than one release back from current release.
  • Ensuring that all products are used and maintained in accordance with the applicable product documentation.
  • Providing Fidelis with the location (physical address including contact name, contact phone number, address, city, state, postal code and country) by serial number of all Supported Products
  • Notifying Fidelis in writing of physical moves of equipment to a new location at least ten (10) business days in advance of the move.
  • Registering in accordance with Fidelis’ instructions, all service, product and site information for all products to be supported.
  • Nomination of specified individuals to receive feedback and support form Fidelis

INELIGIBILITY

Notwithstanding the foregoing, Fidelis shall bear no responsibility to provide support services arising from or related to:

  • Customer failure to implement any and all updates made available under this Agreement
  • Product environment constraints Any alteration or modification of any kind not authorized or performed by Fidelis
  • Use of the product in violation of the End User License Agreement
  • Damage to the product
  • Unauthorized combination of the Product with any third party product

Failure to comply with any of the requirements set forth in this Section 3 could affect Customer support entitlement and Fidelis’ ability to provide effective service. Fidelis shall not be held responsible and shall bear no liability where its service is affected by the Customer’s failure to comply with the above obligations.

4. Conditions and Exclusions

4.1 Eligibility.

Fidelis is only obligated to provide services hereunder with regard to Supported Products that are in good operating condition at revision levels specified by Fidelis, and, for software, for products that are at the then-current or immediately preceding revision level.

4.2 Remote Support Only.

Fidelis is only obligated to provide services hereunder remotely and Fidelis is under no obligation to provide on-site services under this Agreement.

4.3 Ineligibility Circumstances

Fidelis shall not be obligated to provide services in accordance with this Agreement with regard to any defect or nonconformity caused by: (a) the combination of Fidelis products with any third-party hardware or software (other than software approved by Fidelis), or the installation of any such software on the Fidelis product platform; (b) accident, neglect, misuse, improper programming, failure of electrical power, air-conditioning, humidity control, transportation, or other than normal use or causes; (c) maintenance or repair by anyone other than Fidelis personnel or authorized Fidelis representatives; (d) modifications made to the Products by anyone other than Fidelis personnel or authorized Fidelis representatives; or (d) failure to notify Fidelis of the product defect during the term of this Agreement. If User requests that Fidelis provide service in any of the above cases, all services will be performed at Fidelis’ then-current per-call or per-hour services rates.

4.4 Relocation of Products.

Fidelis assumes that Supported Products will remain in the country in which they are initially installed. Fidelis may not be able to provide all services hereunder with regard to all products in certain countries. Customer holds the sole responsibility to register with Fidelis the exact geographic location of use or each product.

4.5 Non-Fidelis Equipment.

This Agreement does not cover any services in relation to electrical or network cabling external to the Fidelis equipment or maintenance of accessories, alterations, attachments or other devices not furnished by Fidelis.

4.6 Replacement Parts.

All failed parts replaced during coverage become the property of Fidelis on an exchange basis, even if replaced on a per-call request. Replacement parts may be refurbished or contain refurbished components.

5. General Terms and Conditions

5.1 Changes.

Fidelis reserves the rights to amend, modify, or withdraw any of its maintenance or support services without notice, provided such change shall not materially impact the scope of services provided to User prior to the end of the then-current term of a Support Contract.

5.2 Software License.

User’s right to use Software Updates is governed by the terms and conditions applicable to the Fidelis software previously licensed by User.

5.3 Lapsed Support

If Customer fails to renew this Agreement for any reason prior to the expiration of the then current term, the parties may elect to reinstate such support and maintenance pursuant to the terms and conditions set forth herein provided (i) that Customer agrees to pay for the time that has lapsed in addition to any

renewal term and (ii) Products are in proper working condition as determined by Fidelis in its sole discretion.

5.4 Warranty.

Fidelis warrants that services hereunder will be performed in a professional and workmanlike manner with a reasonable standard of care in accordance with general industry standards. Except for the preceding warranty, to the maximum extent permitted by applicable law, Fidelis and its suppliers disclaim all other warranties, express or implied, including, but not limited to, warranties of merchantability, satisfactory quality, non-infringement, or fitness for a particular purpose with regard to the maintenance and support services.

5.5 Confidentiality

All information provided by one party to the other in connection with services provided hereunder that is proprietary or confidential in nature and so marked by the disclosing party, or which the receiving party reasonably should understand is proprietary and confidential under the circumstances (“Confidential Information”), shall be treated by the receiving party as confidential, and the receiving party shall not disclose it to parties outside Fidelis or User or use it except as necessary in connection with performance under this Agreement. “Confidential Information” includes, without limitation, diagnostics, software and all related information and documentation, new product information, financial data, and technical data. The obligation to treat information confidentially shall not apply to information which (a) was already known to the other party prior to its disclosure by a party hereto, or (b) was publicly available at the time of its disclosure, or subsequently becomes so without violation by either party or its obligations hereunder; or (c) is rightfully received by a party from a third party without obligation of confidentiality to the other party; or (d) is independently developed by the party in receipt of such information. In the event that either party is requested or required by a court, government agency or legal process to disclose any Confidential Information of the other, such party agrees to provide prompt written notice to the other party so that the other party may seek a protective order or, in its discretion, waive compliance with the provisions of this Agreement. Each party shall provide its employees, agents and advisors with access to Confidential Information of the other party only on a “need to know” basis in connection with the parties’ business relationship. Each party shall take appropriate actions (by instruction, agreement or otherwise) with those employees, agents or advisors who are permitted access to Confidential Information of the other party to assure their compliance with the terms and conditions hereof. The parties agree that Confidential Information is valuable information, the unauthorized disclosure or use of which would cause irreparable injury for which there would be no adequate remedy at law, and that the disclosing party shall have the right to seek injunctive relief in the event of any such breach or threatened breach, in addition to any other remedy available to it.

5.6 Limitation of Liability.

In no event will either party or their respective suppliers be liable for any special, indirect, incidental, consequential or cover damages (including any damages resulting from inaccurate or lost data or loss of use or profits) arising out of or in connection with the furnishing of services hereunder or the use or performance of Fidelis Products. Except for violation of section 5.4 above, in no event will either party’s total liability for any damages in any action based on or arising out of or in connection with the services performed hereunder or this Agreement exceed the total amount paid for the maintenance and support services for the Supported Product in connection with which the liability arose. The foregoing limitations shall not affect a party’s rights and remedies under applicable intellectual property laws.

5.7 Term and Termination.

Upon completion of the current term, whether the original or a renewed term, this Agreement shall automatically renew for a successive one-year term unless either party notifies the other in writing of its intent not to renew at least ninety (90) days prior to the end of the then current term. Upon renewal, the

Subscription Maintenance and Support Fee shall be equal to the equivalent of a one-year fee of the prior term, prorated to one year if the prior term was less or greater than one year, plus five percent (5%).

Either party may terminate this Agreement if (i) the other party becomes insolvent, files, or has filed against it a petition in bankruptcy, or ceases doing business; or (ii) the other party fails to cure a material breach of this Agreement (or of the separate Product license agreement that entitles User to use the Product) within 30 days after receipt of written notice of such breach from the party not in default. Either party may terminate this Agreement for any reason or no reason with ninety (90) days written notice to the other party. In the event of a termination by Fidelis other than for breach, Fidelis shall refund to User a portion of the maintenance fee prorated to reflect the date of termination. No refund will be due in the event of any termination by User. Any expiration or earlier termination of this Agreement does not modify or alter any of the obligations of the parties that accrued prior to such termination. The sections of this Agreement that address proprietary rights and information; warranty; export; remedies; limitation of liability; termination; interpretation of the agreement, and governing law survive any expiration or termination of this Agreement. The section entitled Software License also survives any expiration or termination provided User is not in default under this Agreement and continues to comply with the terms hereof.

5.8 Export.

User agrees not to export, directly or indirectly, any Fidelis product or related technical data or information without first obtaining any required export licenses or other governmental approvals. Without limiting the foregoing, User, on behalf of itself and its subsidiaries and affiliates agrees that it will not export, re-export, transfer, or divert any software, or technical data, or any direct product thereof, to any country to which such exports or re-exports are restricted or embargoed under United States export control laws and regulations, or to any national or resident of such restricted or embargoed countries without first obtaining all export licenses and approvals required by the United States government.

5.9 General.

The relationship of Fidelis and User is that of independent contractors. If any provision of this Agreement is held to be invalid or unenforceable, the remainder of the provisions shall remain in full force and effect. Fidelis and User agree to comply with the provisions of all applicable laws, ordinances, regulations, and codes. This Agreement (along with Fidelis’ applicable terms and conditions accompanying the product) constitute the complete and exclusive understanding of the parties, and supersede all prior discussions, representations and agreements regarding the subject matter hereof. In the event of a conflict or variance between any purchase order and this Agreement, this Agreement shall prevail. No amendment, modification or waiver of this Agreement will be effective unless approved in writing by the duly authorized representatives of the parties. Neither party is liable for its failure or delay to perform its obligations under this Agreement due to strikes, wars, revolutions, acts of terrorism, fires, floods, explosions, earthquakes, labor shortages, government regulations, or other causes beyond its reasonable control. This Agreement may not be assigned by User without prior written permission from Fidelis. Any attempt by User to assign any right, or delegate any duty or obligation which arises under this Agreement without such permission will be voidable. This Agreement is governed by the laws of the Commonwealth of Massachusetts without regard to its conflicts of laws principles. All notices required or provided for herein will be in writing and given by personal delivery, by overnight courier service, via facsimile or by mail using the address as set forth in the relevant Support PO, and for Fidelis, its principal address as published or to such other address as may be substituted by notice to the other party. All notices will be effective upon receipt.

Get Started

See Fidelis Security platforms in action. Learn how our fast scalable platforms provide full visibility, deep insights, and rapid response to help security teams worldwide protect, detect, respond, and neutralize against advanced cyber adversaries.