Legal Terms & Conditions

Terms and Conditions for FireEye Offerings

Last update September 22, 2017


General Terms Applicable to all FireEye Offerings
Exhibit A: Additional Terms Applicable to FireEye Products (FireEye NX, EX, AX, PX, FX, HX, Security Orchestrator™, MVX Smart Grid, and Central Management Series (CMS) Products)
Exhibit B: Additional Terms Applicable to FireEye Subscriptions
    Exhibit B-1: Additional Terms Applicable to FireEye as a Service (FAAS)-Continuous Guidance Subscription
    Exhibit B-2: Additional Terms Applicable to FireEye as a Service (FAAS)-Continuous Vigilance Subscription
    Exhibit B-3: Additional Terms Applicable to Threat Analytics Platform (TAP)Subscription
    Exhibit B-4: Additional Terms Applicable to Email Threat Prevention (ETP) Subscription
    Exhibit B-5: Additional Terms Applicable to Helix Subscription
    Exhibit B-6: Additional Terms Applicable to the FireEye iSight Intelligence Subscription
Exhibit C: Support Terms for FireEye Products

These terms and conditions (the “Agreement”) govern the purchase and use of FireEye Offerings by the Customer listed on the Order or Statement of Work that incorporates this Agreement.

Structure and Order of Precedence.  This Agreement provides the general terms under which the Customer may use FireEye’s various Offerings.  The explicit rights for the Customer to use and receive Products, Support Services or Subscriptions or otherwise engage with specific FireEye Offerings are set forth in the applicable Exhibit.  In the event of conflict between any of the terms in this Agreement and an Exhibit, the Exhibit shall govern.

FireEye Offerings.  In addition to the rights and obligations set forth in this Agreement, when purchased by the Customer, the Customer shall have the rights, subject to the terms in each exhibit, as those set forth in the Exhibits to this Agreement that are applicable to each Offering (collectively the “Exhibit(s)”).

If you have arrived at this page via a link provided during the process of installing your FireEye Product, you acknowledge that by proceeding with the installation of that Product, you agree to be bound by this Agreement as it applies to Products. If this Agreement is considered an offer, acceptance Is expressly limited to the terms of this Agreement. If you do not unconditionally agree to the foregoing, discontinue the installation process. If you proceed with installation, you are representing and warranting that you are authorized to bind the Customer.


General Terms Applicable to all FireEye Offerings

1.        DEFINITIONS.

1.1           
“Content Feed” means all intelligence and content feeds associated with Products, which may consist of inbound and outbound feeds that are part of FireEye’s Dynamic Threat Intelligence (DTI) Cloud, downloads of Indicators for use with Products, and/or intelligence provided as part of the Advanced Threat Intelligence (ATI) Subscription.

1.2      “Deliverables” means the written reports that are created specifically for Customer as a result of the Professional Services provided hereunder.

1.3      “Documentation” means the user manuals generally provided in writing by FireEye to end users of the Products and Subscriptions in electronic format, as amended from time to time by FireEye.

1.4      “FireEye” means (i) FireEye, Inc., a Delaware corporation with its principal place of business at 1440 McCarthy Blvd., Milpitas, CA, 95035 with respect to Offerings  that are shipped to, deployed or rendered inside of North America (including the United States, Mexico, Canada and the Caribbean), Central America and South America (collectively, the “Americas”); or (ii) with respect to all Offerings that are shipped to, deployed or rendered outside of the Americas, FireEye Ireland Limited, a company incorporated under the laws of Ireland with principal place of business at 2 Park Place, City Gate Park, Mahon, Cork, Ireland.

1.5      "FireEye Materials" means all FireEye proprietary materials, Deliverables, intellectual property related to Products or Subscriptions, (such as all rights in any software incorporated into a Product or Subscription, copyrights, and patent, trade secret and trademark rights related to Products, and screens associated with Products or Subscriptions), Documentation, any hardware and/or software used by FireEye in performing Services or providing Subscriptions, Content Feeds, FireEye’s processes and methods (including any forensic investigation processes and methods), Indicators of Compromise, materials distributed by FireEye during Training, and any FireEye templates and/or forms, including report and presentation templates and forms.  FireEye Materials does not include Third Party Materials.

1.6       "Indicators of Compromise" or "Indicators" means specifications of anomalies, configurations, or other conditions that FireEye can identify within an information technology infrastructure, used by FireEye in performing Professional Services and providing Subscriptions.

1.7      “Intellectual Property Rights” means copyrights (including, without limitation, the exclusive right to use, reproduce, modify, distribute, publicly display and publicly perform the copyrighted work), trademark rights (including, without limitation, trade names, trademarks, service marks, and trade dress), patent rights (including, without limitation, the exclusive right to make, use and sell), trade secrets, moral rights, right of publicity, authors’ rights, contract and licensing rights, goodwill and all other intellectual property rights as may exist now and/or hereafter come into existence and all renewals and extensions thereof, regardless of whether such rights arise under the law of the United States or any other state, country or jurisdiction.

1.8      “Offerings” means, collectively, Products, Subscriptions, Training, Professional Services and Support Services.

1.9      “Order” means a written purchase order or similar ordering document, signed or submitted to FireEye by Customer and approved by FireEye, under which Customer agrees to purchase Offerings.

1.10     “Products” means the FireEye software and hardware appliances (which may include embedded software or firmware components) as described in Exhibit A to this Agreement.

1.11     “Professional Services” means, collectively, those security consulting services provided by FireEye under a Statement of Work and/or set forth on an Order, which may consist of Product-related services such as deployment, configuration or installation services; proactive security consulting such as penetration testing, vulnerability assessments or compromise assessments; or incident response or other remediative services.

1.12     "Service" or "Services" means the Professional Services, Support Services and Training.

1.13     "Statement of Work" or “SOW” means a mutually agreed-upon document between FireEye and Customer, describing Professional Services, rates and timelines (if applicable) for those Professional Services, and incorporating this Agreement.

1.14     “Subscription” means a service provided by FireEye for a fixed term, under which FireEye provides access to certain features, functionality, and/or information, as described in the applicable Exhibit for each Subscription attached to this Agreement.

1.15     “Support Services” means the Product support and maintenance services provided by FireEye with respect to each Product, and that are described in the applicable Exhibit for each Product attached to this Agreement.

1.16     “Third Party Materials” means software or other components that are licensed to FireEye by third parties for use in FireEye’s Offerings.

1.17     “Training” means training in the use of Products, or on security-related topics in general, provided by FireEye.

2.        ORDERS AND STATEMENTS OF WORK.

2.1.      Orders.  Customer may purchase Offerings by submitting an Order.  If accepted by FireEye, the “Order Effective Date” will be the date of the Order.  All Orders will be governed by this Agreement. For clarity, FireEye will not be obligated to ship any Product, or provide any Services, Training or Subscriptions until Customer has issued a valid Order for those Offerings.

2.2.      Statements of Work.  Each Statement of Work will incorporate and be governed by this Agreement.  The “Statement of Work Effective Date” will be the date both Customer and FireEye have agreed to the Statement of Work, either by executing the Statement of Work or by issuing and accepting an Order for the Professional Services described on the Statement of Work.  For clarity, FireEye will not be obligated to perform any Professional Services until a SOW describing those Professional Services has been agreed by both parties or an Order listing those Professional Services has been accepted by FireEye. 

3.        PAYMENT. Customer agrees to purchase the Offerings for the prices set forth in each Order and/or Statement of Work, as applicable (“Fees”).  If Customer purchases through a FireEye partner (such as an authorized reseller or distributor, collectively, “FireEye Partners”), all fees and other procurement and delivery terms shall be agreed between Customer and the applicable partner.  If Customer purchases directly from FireEye, Customer will make full payment in the currency specified in FireEye’s invoice, without set-off and in immediately available funds, within thirty (30) days of the date of each invoice.  All Fees are non-cancelable and non-refundable.  All Fees described on an Order will be fully invoiced in advance, unless otherwise agreed by FireEye.  Any partial shipments delivered by FireEye may be invoiced or delivered individually. Unless otherwise specified in a Statement of Work, all Fees related to Professional Services will be invoiced fully in advance.  Customer shall reimburse FireEye for all expenses incurred so long as such expenses are directly attributable to the Services or Subscriptions performed for or provided to Customer.  FireEye will provide appropriate vouching documentation for all expenses exceeding $25.  If any payment is more than fifteen (15) days late, FireEye may, without limiting any remedies available to FireEye, terminate the applicable Order or Statement of Work or suspend performance until payment is made current.  Customer will pay interest on all delinquent amounts at the lesser of 1.5% per month or the maximum rate permitted by applicable law.  All Fees are exclusive of all present and future sales, use, excise, value added, goods and services, withholding and other taxes, and all customs duties and tariffs now or hereafter claimed or imposed by any governmental authority upon the Offerings which shall be invoiced to and paid by the Customer.  If Customer is required by law to make any deduction or withholding on any payments due to FireEye, Customer will notify FireEye and will pay FireEye any additional amounts necessary to ensure that the net amount FireEye receives, after any deduction or withholding, equals the amount FireEye would have received if no deduction or withholding had been required.  Additionally, Customer will provide to FireEye evidence, to the reasonable satisfaction of FireEye, showing that the withheld or deducted amounts have been paid to the relevant governmental authority.  For purposes of calculating sales and similar taxes, FireEye will use the address set forth on the Order or Statement of Work, as applicable, as the jurisdiction to which Offerings and shipments are delivered unless Customer has otherwise notified FireEye in writing as of the Order Effective Date or Statement of Work Effective Date, as applicable. Customer will provide tax exemption certificates or direct-pay letters to FireEye on or before the Order Effective Date or Statement of Work Effective Date, as applicable. FireEye reserves the right to increase Fees at any time, although increases in Fees for Subscriptions or Support Services will not go into effect until the next Renewal Subscription Term or Renewal Support Term, as applicable.

4.        TITLE AND RISK OF LOSS; INSPECTION.  All hardware, including Products and any hardware provided for use with Subscriptions and/or Services, is shipped FOB Origin from FireEye’s designated manufacturing facility or point of origin, and title to such hardware and the risk of loss of or damage to the hardware shall pass to Customer at time of FireEye’s delivery of such hardware to the carrier.  FireEye is authorized to designate a carrier pursuant to FireEye’s standard shipping practices unless otherwise specified in writing by Customer.  Customer must provide written notice to FireEye within five (5) days of delivery of the Products of any non-conformity with the Order, e.g., delivery of the wrong Product or incorrect quantities.    

5.        TERMS APPLICABLE TO OFFERINGS.

5.1.      Products and Support Services. Customer’s purchase and use of each Product and Support Services for each Product will be subject to the licenses and terms specific to each Product set forth in Exhibit A.

5.2.      Subscriptions. Customer’s purchase of and access to each Subscription will be subject to the terms specific to each Subscription set forth in Exhibit B.

5.3.      Training.  Customer’s purchase of Training will be subject to the terms in this Section 5.3.  Training delivery dates and location for such Training will be mutually agreed upon by the parties. If an Order does not specify such dates and/or locations, then the parties will mutually agree upon the dates and locations for Training.  Customer must request rescheduling of Training no less than two (2) weeks in advance of the scheduled start date.  FireEye will use reasonable efforts to reschedule the Training, subject to availability, and Customer will pay any expenses associated with the rescheduling, including any expenses associated with cancelling or changing travel plans.  If Customer cancels attendance at a public Training class, Customer must notify FireEye no later than two (2) business days before the date of the Training class.  If Customer timely notifies FireEye of the cancellation, FireEye will issue Customer a credit for the amount paid for that public Training class, which Customer may apply toward another public Training class held within one (1) year of the date of the Order on which the cancelled Training class was included.  Customer may substitute a named attendee at a public Training class, but Customer will notify FireEye in advance of any such substitution.  FireEye reserves the right to refuse admittance to public Training classes to any person, for any reason, and if FireEye refuses admittance, FireEye will refund the amount paid for that person’s attendance at the public Training class.  FireEye does not refund or credit Fees paid for attendees who do not attend Training classes or who leave before a Training class concludes.  If Customer purchases a block of Training hours (for example, 10 hours of Training), then Customer must use those hours within one (1) year of the effective date of the applicable Order.  All Training must be scheduled and conducted within one (1) year of the date of the applicable Order for that Training.

5.4.      Professional Services.

5.4.1.   Deliverables.  Subject to Customer’s timely payment of applicable fees, and subject to this Agreement and each applicable SOW, Customer shall have a perpetual, non-exclusive, nontransferable, right and license to use, display and reproduce the Deliverables for its internal business purposes. Deliverables may not be shared with any third party other than law enforcement agencies. In no event may Deliverables be used for sales or marketing activities.  

5.4.2.   Customer-Owned Property.  Customer will be and remain, at all times, the sole and exclusive owner of the Customer-Owned Property (including, without limitation, any modification, compilation, derivative work of, and all intellectual property and proprietary rights contained in or pertaining thereto).  FireEye will promptly return to Customer all Customer-Owned Property upon the termination or expiration of the applicable Statement of Work or Order, or sooner at Customer’s request. “Customer-Owned Property” means any technology, software, algorithms, formulas, techniques or know-how and other tangible and intangible items that were owned by Customer, or developed by or for Customer prior to the SOW Effective Date that are provided by Customer to FireEye for incorporation into or used in connection with the development of the Deliverables or performance of Professional Services.

5.4.3.    Customer Responsibilities.  If the Services or Subscriptions require the installation and use of FireEye equipment or software, Customer will facilitate the installation and shall provide physical space, electrical power, Internet connectivity and physical access as reasonably determined and communicated by FireEye. Notwithstanding anything to the contrary herein or in any Statement of Work, including confidentiality provisions, if Customer has hired FireEye to perform a PCI DSS Compliance Audit or a PCI investigation, FireEye may provide The Payment Card Industry Security Standards Council, LLC (PCI SSC), card companies and the relevant merchant bank with all Reports of Compliance (ROC) and all related assessment and investigative report documents generated in connection with such work, as required by PCI DSS rules. If FireEye is required by applicable law, legal process or government action to produce information, documents or personnel as witnesses with respect to the Professional Services or this Agreement, such as by responding to one or more subpoenas, Customer shall reimburse FireEye for any time and expenses (including without limitation reasonable external and internal legal costs) incurred to respond to the request, unless FireEye is itself a party to the proceeding or the subject of the investigation.

5.4.4.    Additional Assumptions.  The following additional assumptions will apply to all Professional Services: (a) estimated Fees for Professional Services do not include any hardware, software, licensing, maintenance or support costs of any FireEye or other third-party product or service suggested by FireEye in the course of performing Professional Services; (b) when FireEye’s personnel are performing Professional Services on site at Customer’s premises, Customer will allocate appropriate working space and physical access for all FireEye personnel; (c) Customer will make available key individuals within the security program that can best help plan and coordinate activities described in the SOW; (d) either party may elect to submit written change requests to the other party proposing changes to the Statement of Work. All changes to the requirements and Statement of Work will be made using agreed-to project change control procedures.

5.5        Evaluations.  If Customer receives a Product or Subscription for evaluation purposes (“Evaluation Offerings”) then Customer may use the Evaluation Offerings for its own internal evaluation purposes for a period of up to thirty (30) days from the date of receipt of the Evaluation Offerings (the “Evaluation Period”).  Customer and FireEye may, upon mutual written agreement (including via email), extend the Evaluation Period. If the Evaluation Offering includes hardware components, Customer will return the hardware within ten (10) days of the end of the Evaluation Period, and if Customer does not return the hardware within this period, Customer shall be invoiced for the then-current list price for the applicable Evaluation Offering. Customer acknowledges that title to hardware components of Evaluation Offerings remains with FireEye at all times, and that Evaluation Offerings may be used and/or refurbished units. If the Evaluation Offering does not include hardware components, Evaluator must delete all software and other components (including Documentation) related to the Evaluation Offering at the end of the Evaluation Period, and confirm those deletions in writing to FireEye, or the Evaluator shall be invoiced for the then-current list price for the Evaluation Offering.  If the Evaluation Offering is a Subscription, Evaluator understands that FireEye may disable access to the Subscription automatically at the end of the Evaluation Period, without notice to Evaluator. EVALUATION OFFERINGS ARE PROVIDED “AS IS”, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, FIREEYE DISCLAIMS ALL WARRANTIES RELATING TO THE EVALUATION OFFERINGS, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, ANY WARRANTIES AGAINST INFRINGEMENT OF THIRD PARTY RIGHTS, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

6.        INTELLECTUAL PROPERTY

6.1.     Ownership of FireEye Materials; Restrictions.  All Intellectual Property Rights in FireEye Materials, Products, Deliverables, Documentation, and Subscriptions belong exclusively to FireEye and its licensors. Customer will not (and will not allow any third party to): (i) disassemble,  decompile,  reverse  compile,  reverse engineer or attempt to discover any source code or underlying ideas or algorithms of any FireEye Materials (except to the limited extent that applicable law prohibits reverse engineering restrictions); (ii) sell,  resell,  distribute, sublicense or otherwise transfer, the  FireEye Materials, or  make the functionality of the FireEye Materials available to any other party through any means (unless otherwise FireEye has provided prior written consent),  (iii) without the express prior written consent of FireEye, conduct any benchmarking or comparative study or analysis involving the FireEye Materials (“Benchmarking”) for any reason or purpose except, to the limited extent absolutely necessary, to determine the suitability of Products or Subscriptions to interoperate with  Customer’s internal computer systems; (iv) disclose or publish to any third party any Benchmarking or any other information related thereto; (v) use the FireEye Materials or any Benchmarking in connection with the development of products, services or subscriptions that compete with the FireEye Materials; or (vi) reproduce, alter,  modify or create derivatives of the FireEye Materials. Between Customer and FireEye, FireEye shall retain all rights and title in and to any Indicators of Compromise FireEye developed by or for FireEye in the course of providing Subscriptions or performing Services. 

6.2.     Third Party Materials.  Customer acknowledges that Products and Subscriptions may include Third Party Materials.  FireEye represents that these Third Party Materials will not diminish the license rights provided herein or limit Customer’s ability to use the Products and Subscriptions in accordance with the applicable Documentation, and neither the inclusion of Third Party Materials in any Product or Subscription or use of Third Party Materials in performance of Services will create any obligation on the part of Customer to license Customer’s software or products under any open source or similar license. 

7.        WARRANTIES.

7.1.     Product Warranty.  FireEye warrants to Customer that during the one (1) year period following the shipment of the Products, the Products will perform substantially in accordance with the applicable Documentation. The warranty stated in this Section 7.1 shall not apply if the Product has: (i) been subjected to abuse, misuse, neglect, negligence, accident, improper testing, improper installation, improper storage, improper handling or use contrary to any instructions issued by FireEye; (ii) been repaired or altered by persons other than FireEye; (iii) not been installed, operated, repaired and maintained in accordance with the Documentation; or (iv) been used with any third party software or hardware which has not been previously approved in writing by FireEye.  If during the one-year Product warranty period: (a) FireEye is notified promptly in writing upon discovery of any error in a Product, including a detailed description of such alleged error; (b) such Product is returned, transportation charges prepaid, to FireEye’s designated manufacturing facility in accordance with FireEye’s then-current return procedures, as set forth by FireEye from time to time; and (c) FireEye’s inspections and tests determine that the Product contains errors and has not been subjected to any of the conditions set forth in 7.1(i)-(iv) above, then, as Customer’s sole remedy and FireEye’s sole obligation under the foregoing warranty, FireEye shall, at FireEye’s option, repair or replace without charge such Product.  Any Product that has either been repaired or replaced under this warranty shall have warranty coverage for the remaining warranty period.  Replacement parts used in the repair of a Product may be new or equivalent to new.

7.2.     Services Warranty.  FireEye warrants to Customer that Services will be performed in a professional manner in accordance with industry standards for like services.  If Customer believes the warranty stated in this Section has been breached, Customer must notify FireEye of the breach no later than thirty (30) days following the date the Services were performed, and FireEye will promptly correct or re-perform the Services, at FireEye’s expense.

7.3.     Subscription Warranty.  FireEye warrants to Customer the Subscriptions will be provided in a professional manner in accordance with industry standards for similar subscriptions.  If Customer believes the warranty stated in this Section has been breached, Customer must notify FireEye of the breach no later than thirty (30) days following the date the warranty was allegedly breached, and FireEye will promptly correct the non-conformity, at FireEye’s expense.

7.4.     Remedies Exclusive.  Except for any Service Level Credits described in Exhibit B, the remedies stated in Sections 7.1-7.3 above are the sole remedies, and FireEye’s sole obligation, with respect to Products, Subscions and Services that fail to comply with the foregoing warranties.   

7.5.     Disclaimer of Warranties.  EXCEPT FOR THE EXPRESS WARRANTIES SET FORTH HEREIN, ALL PRODUCTS, SUBSCRIPTIONS, FIREEYE MATERIALS, DELIVERABLES AND SERVICES ARE PROVIDED ON AN “AS IS” BASIS WITHOUT ANY WARRANTY WHATSOEVER.  FIREEYE AND ITS SUPPLIERS EXPRESSLY DISCLAIM, TO THE MAXIMUM EXTENT PERMISSIBLE UNDER APPLICABLE LAW, ALL WARRANTIES, EXPRESS, IMPLIED AND STATUTORY, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, NONINFRINGEMENT, OR ARISING FROM COURSE OF PERFORMANCE, DEALING, USAGE OR TRADE.  FIREEYE ALSO MAKES NO WARRANTY REGARDING NONINTERRUPTION OF USE OR FREEDOM FROM BUGS, AND MAKES NO WARRANTY THAT PRODUCTS, FIREEYE MATERIALS, DELIVERABLES, SERVICES OR SUBSCRIPTIONS WILL BE ERROR-FREE.

8.        INFRINGEMENT INDEMNITY.

8.1.     FireEye shall defend Customer, and its officers, directors and employees, against any third party action alleging that the FireEye Materials infringes a valid U.S. patent or copyright issued as of the date of delivery or performance, as applicable, and FireEye shall pay all settlements entered into, and all final judgments and costs (including reasonable attorneys’ fees) finally awarded against such party in connection with such action.  If the FireEye Materials, or parts thereof, become, or in FireEye’s opinion may become, the subject of an infringement claim, FireEye may, at its option: (i) procure for Customer the right to continue using the applicable FireEye Materials; (ii) modify or replace such FireEye Materials with a substantially equivalent non-infringing FireEye Materials; or (iii) require the return of such FireEye Materials or cease providing affected Product, Subscriptions, Deliverables or Services, and refund to Customer, with respect to Products, a pro-rata portion of the purchase price of such Products based on a three-year straight line amortization of the purchase price, and with respect to Subscriptions, a portion of any pre-paid Fees for such Subscriptions, pro rated for any unused Subscription Term, and with respect to Services, any pre-paid Fees for Services that have not been delivered. THIS SECTION 8.1 STATES THE ENTIRE LIABILITY OF FIREEYE AND CUSTOMER’S SOLE REMEDY WITH RESPECT TO ANY INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS BY THE OFFERINGS, FIREEYE MATERIALS, OR DELIVERABLES.

8.2.     FireEye shall have no indemnification obligations with respect to any action arising out of: (i) the use of any Product, Subscription, Deliverable, or Service, or any part thereof, in combination with software or other products not supplied by FireEye; (ii) any modification of the Products, Subscriptions, Deliverables, or Services not performed or expressly authorized by FireEye; or (iii) the use of any the Products, Subscriptions, Deliverables, or Services other than in accordance with this Agreement and applicable Documentation.

8.3.     The indemnification obligations shall be subject to Customer: (i) notifying FireEye within ten (10) days of receiving notice of any threat or claim in writing of such action; (ii) giving FireEye exclusive control and authority over the defense or settlement of such action; (iii) not entering into any settlement or compromise of any such action without FireEye’s prior written consent; and (iv) providing reasonable assistance requested by FireEye.

9.        LIMITATION OF LIABILITY.

9.1.     Consequential Damages Waiver.  EXCEPT FOR LIABILITY ARISING UNDER A BREACH OF ANY INTELLECTUAL PROPERTY RIGHT OF FIREEYE, OR THE INDEMNIFICATION OBLIGATIONS SET FORTH IN SECTION 8 (INFRINGEMENT INDEMNITY),  IN NO EVENT WILL FIREEYE BE LIABLE FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL OR EXEMPLARY DAMAGES OF ANY KIND, INCLUDING BUT NOT LIMITED TO ANY LOST PROFITS AND LOST SAVINGS, HOWEVER CAUSED, WHETHER FOR BREACH OR REPUDIATION OF CONTRACT, TORT, BREACH OF WARRANTY, NEGLIGENCE, OR OTHERWISE, WHETHER OR NOT FIREEYE WAS ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGES.

9.2.     Limitation of Monetary Damages.  EXCEPT FOR LIABILITY ARISING UNDER A BREACH OF ANY INTELLECTUAL PROPERTY RIGHT OF FIREEYE, PAYMENT OBLIGATIONS OF CUSTOMER, AND THE INDEMNIFICATION OBLIGATIONS SET FORTH IN SECTION 8 (INFRINGEMENT INDEMNITY), AND NOTWITHSTANDING ANY OTHER PROVISIONS OF THIS AGREEMENT OR ANY ORDER OR STATEMENT OF WORK, FIREEYE’S TOTAL LIABILITY ARISING OUT OF THIS AGREEMENT, THE OFFERINGS, THE FIREEYE MATERIALS AND DELIVERABLES SHALL BE LIMITED TO THE TOTAL AMOUNTS RECEIVED BY FIREEYE FOR THE RELEVANT OFFERINGS DURING THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE FIRST OCCURRENCE OF THE EVENTS GIVING RISE TO SUCH LIABILITY.

9.3.      Applicability.  THE LIMITATIONS AND EXCLUSIONS CONTAINED HEREIN WILL APPLY ONLY TO THE MAXIMUM EXTENT PERMISSIBLE UNDER APPLICABLE LAW, AND NOTHING HEREIN PURPORTS TO LIMIT EITHER PARTY’S LIABILITY IN A MANNER THAT WOULD BE UNENFORCEABLE OR VOID AS AGAINST PUBLIC POLICY IN THE APPLICABLE JURISDICTION.

9.4        SAFETY Act.  FireEye and Customer hereby mutually waive and release each other from any and all liabilities relating to any claims for losses or damages of any kind (including, but not limited to, business interruption losses) arising out of an Act of Terrorism as defined by the Support Anti-Terrorism By Fostering Effective Technologies Act of 2002 (“SAFETY Act”)(6 U.S.C. §§ 441-444). FireEye and Customer further agree to be solely responsible to the full extent of any and all losses they may sustain, or for any and all losses their respective employees, officers, or agents may sustain, resulting from an Act of Terrorism as defined by 6 U.S.C. §§ 441-444 when FireEye’s Multi-Vector Virtual Execution Engine and any subscriptions, cloud services platform or associated services (the “Qualified Anti-Terrorism Technology”) are utilized in defense against, response to, or recovery from an Act of Terrorism.    

10.       Export Control; Anti-Corruption; U.S. Government Restricted Rights.

10.1.    Export Control. Each party represents and warrants that it shall comply with all laws and regulations applicable to it with respect to the Offerings.  Customer further acknowledges and agrees that the Products and FireEye Materials may be subject to restrictions and controls imposed by the United States Export Administration Act, the regulations thereunder, as well as European Union (“EU”) or National export control laws and obligations and similar laws in other jurisdictions.  Customer agrees to comply with all applicable export and re-export control laws and regulations, including the Export Administration Regulations (“EAR”) maintained by the U.S. Department of Commerce, trade and economic sanctions maintained by the Treasury Department’s Office of Foreign Assets Control, and the International Traffic in Arms Regulations (“ITAR”) maintained by the Department of State.  Specifically, Customer covenants that it shall not, directly or indirectly, sell, export, reexport, transfer, divert, or otherwise dispose of any Products, FireEye Materials, or technology (including products derived from or based on such technology) received from FireEye under this Agreement to any destination, entity, or person prohibited by the laws or regulations of the United States and the EU, without obtaining prior authorization from the competent government authorities as required by those laws and regulations.  These prohibitions include, but are not limited to the following:  (i) the Products and FireEye Materials cannot be exported or re-exported to any countries embargoed by the United States (currently including Cuba, Iran, North Korea, Sudan or Syria) which includes nationals of these countries employed by Customer; (ii) the Products and FireEye Materials cannot be exported or re-exported for military use in country group ‘b’ prior to valid ‘export license’ or valid ‘license exception’; and (iii) the Products and FireEye Materials cannot be used for any prohibited end uses including any “nuclear, biological or chemical weapon related activities”; and (iv) the Products and FireEye Materials will not be re-exported or otherwise sold or transferred if it is known or suspected that they are intended or likely to be used for such purposes.  Customer agrees to notify FireEye of any suspicious activities by any employee related to the Products.  Customer agrees to indemnify, to the fullest extent permitted by law, FireEye from and against any fines or penalties that may arise as a result of Customer’s breach of this provision.   This export control clause shall survive termination or cancellation of any Orders.

10.2.    Anticorruption Laws.  Each Party acknowledges that it is familiar with and understands the provisions of the U.S. Foreign Corrupt Practices Act ("the FCPA") and the U.K. Bribery Act of 2010 (“UKBA”) and agrees to comply with its terms as well as any provisions of local law related thereto.  Each party further understands the provisions relating to the FCPA and UKBA’s prohibitions regarding the payment or giving of anything of value, including but not limited to payments, gifts, travel, entertainment and meals, either directly or indirectly, to an official of a foreign government or political party for the purpose of influencing an act or decision in his or her official capacity or inducing the official to use his or her party's influence with that government, to obtain or retain business involving the Offering.  Each Party agrees to not violate or knowingly let anyone violate the FCPA or UKBA, and Each Party agrees that no payment it makes will constitute a bribe, influence payment, kickback, rebate, or other payment that violates the FCPA, the UKBA, or any other applicable anticorruption or anti-bribery law.

10.3.    U.S. Government Restricted Rights. The Offerings, Deliverables and Documentation are “commercial items”, “commercial computer software” and “commercial computer software documentation,” pursuant to DFAR Section 227.7202 and FAR Section 12.212, as applicable.  All Offerings and FireEye Materials are and were developed solely at private expense.  Any use, modification, reproduction, release, performance, display or disclosure of the Offerings, FireEye Materials and Documentation by the United States Government shall be governed solely by this Agreement and shall be prohibited except to the extent expressly permitted by this Agreement.

11.       CONFIDENTIAL INFORMATION.

11.1.    Confidential Information. “Confidential Information” means the non-public information that is exchanged between the parties, provided that such information is: (i) identified as confidential at the time of disclosure by the disclosing party (“Discloser”); or (ii) disclosed under circumstances that would indicate to a reasonable person that the information should be treated as confidential by the party receiving such information (“Recipient”). The terms of any commercial transaction between the parties (including pricing related to the Offerings) shall be considered Confidential Information.

11.2.    Maintenance of Confidentiality.  Each party agrees that it shall: (i) take reasonable measures to protect the Confidential Information by using the same degree of care, but no less than a reasonable degree of care, to prevent the unauthorized use, dissemination or publication of the Confidential Information as the Recipient uses to protect its own confidential information of a like nature;  (ii) limit disclosure to those persons within Recipient’s organization with a need to know and who have previously agreed in writing, prior to receipt of Confidential Information either as a condition of their employment or in order to obtain the Confidential Information, to obligations similar to the provisions hereof; (iii) not copy, reverse engineer, disassemble, create any works from, or decompile any prototypes, software or other tangible objects which embody the other party's Confidential Information and/or which are provided to the party hereunder; and (iv) comply with, and obtain all required authorizations arising from, all U.S. and other applicable export control laws or regulations..  Confidential Information shall not be used or reproduced in any form except as required to accomplish the purposes and intent of an Order or Statement of Work.  Any reproduction of Confidential Information shall be the property of Discloser and shall contain all notices of confidentiality contained on the original Confidential Information.

11.3.    Exceptions.  The parties agree that the foregoing shall not apply to any information that Recipient can evidence: (i) is or becomes publicly known and made generally available through no improper action or inaction of Recipient; (ii) was already in its possession or known by it prior to disclosure by Discloser to Recipient; (iii) is independently developed by Recipient without use of or reference to any Confidential Information; or (iv) was rightfully disclosed to it by, or obtained from, a third party.  Recipient may make disclosures required by law or court order provided that Recipient: (a) uses diligent efforts to limit disclosure and to obtain, if possible, confidential treatment or a protective order; (b) has given prompt advance notice to Discloser of such required disclosure; and (c) has allowed Discloser to participate in the proceedings.

11.4.    Injunctive Relief.  Each party will retain all right, title and interest to such party’s Confidential Information.  The parties acknowledge that a violation of the Recipient’s obligations with respect to Confidential Information may cause irreparable harm to the Discloser for which a remedy at law would be inadequate.  Therefore, in addition to all remedies available at law, Discloser shall be entitled to seek an injunction or other equitable remedies in all legal proceedings in the event of any threatened or actual violation of any or all of the provisions hereof.

11.5.   Return of Confidential Information.  Within thirty (30) days after the date when all Orders and SOWs have expired or been terminated, or after any request for return of Confidential Information, each party will return to the other party or destroy all of such other party’s Confidential Information, at such other party’s discretion, and, upon request, provide such other party with an officer’s certificate attesting to such return and/or destruction, as appropriate. 

11.6.   Privacy. If FireEye is a data processor under this Agreement, and in accordance with applicable data protection laws, including but not limited to the EU General Data Protection Regulation (GDPR), FireEye agrees that it will:

11.6.1  only deal with and process personal data controlled by Customer in compliance with, and subject to, the instructions received from Customer and in compliance with this Agreement and will not use or process the personal data for purposes other than those permitted by the Customer, anticipated by the Documentation for the Offerings, or for the purpose of research and development of FireEye’s Offerings;

11.6.2  adopt and maintain appropriate (including organizational and technical) security measures in processing Customer’s personal data in order to protect against unauthorized or accidental access, loss, alteration, disclosure or destruction of such data, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing; and

11.6.3  take all reasonable steps to ensure that (i) persons employed by it, and (ii) other persons engaged at its place of work, are aware of and comply with applicable data privacy laws and regulations. FireEye does not react to Do Not Track signals because there is no standard for how those signals are sent.

11.6.4  FireEye may process or otherwise transfer any personal information in or to any country outside of the country of origination, including such countries with less restrictive data protection laws, to the extent necessary for the provision of the Offerings. If required and where applicable, FireEye will enter into mutually agreed-upon country-specific data transfer mechanisms, including the Privacy Shield framework and the EU Standard Contractual Clauses as approved by the European Commission, to help ensure an adequate level of data protection for the personal data that will be processed or transferred.

12.       TERM AND TERMINATION.

12.1.    Term. 

12.1.1  Products.  Products will be licensed according to the applicable terms in Exhibit A, for the period of time stated on the Order (e.g., if the Order lists a Product as being provided for “3Y,” the license for that Product is provided for three years from the date of the Order). If no period of time is stated on the Order, then the Product is licensed perpetually, unless otherwise terminated as set forth herein.

12.1.2  Support Services.  Support Services will begin (i) for Products that include hardware, ten (10) days from the date of shipment of the associated Product; (ii) for Subscriptions that include Support Services, and virtual or software-only Products, ten days following the Order Effective Date, and will continue for the period of time stated on the Order(“Initial Support Term”). Unless otherwise stated on the Order, the Support Services will automatically renew for additional periods of one (1) year each (each, a “Renewal Support Term” and together with the Initial Support Term, the “Support Term”), unless either party notifies the other of its intention not to renew Support Services at least sixty (60) days prior to the expiration of the then-current Support Term. Customer may terminate Support at any time, for convenience, on thirty (30) days’ written notice to FireEye.  If Customer terminates Support Services for convenience before the end of the then-current Support Term, Customer will pay any remaining fees owing for the remainder of the then-current Support Term within thirty (30) days of the effective date of termination.

12.1.3  Subscriptions.  The term of each Subscription will begin on or shortly after the Order Effective Date (as determined by FireEye) and will continue in effect for the period of time stated in the Order (“Initial Subscription Term”).  Unless otherwise stated on the Order, the Subscription will automatically renew after its Initial Subscription Term for additional periods of one (1) year each (each, a “Renewal Subscription Term” and together with the Initial Subscription Term, the “Subscription Term”), unless either party notifies the other of its intention not to renew that Subscription at least sixty (60) days prior to the expiration of the then-current Subscription Term. Customer may terminate a Subscription at any time, for convenience, on thirty (30) days’ written notice to FireEye.  If Customer terminates a Subscription for convenience before the end of the then-current Subscription Term, Customer will pay any remaining fees owing for the remainder of the then-current Subscription Term within thirty (30) days of the effective date of termination.

12.1.4  Professional Services; Statements of Work.  Professional Services described on an Order will be provided at mutually agreed-upon times, and will continue until complete, unless otherwise terminated as set forth herein.  The term of each SOW will be as set forth in that SOW.  If no term is expressed in an SOW, then the term of that SOW will begin on the SOW Effective Date and continue until the Professional Services described in that SOW are complete or the SOW is earlier terminated as set forth herein.  Unless otherwise stated in a SOW, Customer may terminate a SOW at any time for convenience by giving FireEye at least thirty (30) days’ written notice of its intent to terminate the SOW.  If Customer terminates an SOW for convenience as set forth in this Section, Customer will pay any amounts owing for Professional Services and Deliverables provided under that SOW up to and including the date of termination. Customer may request that FireEye suspend performing Professional Services during the term of a Statement of Work, and FireEye will suspend such Professional Services within 24 hours of Customer’s request.  Customer acknowledges that any such suspension will not affect Customer’s obligation to pay fees for Professional Services rendered through the date of suspension, and that resumption of Professional Services may be delayed if FireEye redeploys personnel to other engagements during the period of suspension.

12.2.   Termination for Material Breach.  Either party may terminate any Order or any SOW upon written notice of a material breach of the applicable Order or SOW by the other party as provided below, subject to a thirty (30) day cure period (“Cure Period”).  If the breaching party has failed to cure the breach within the Cure Period after the receipt by the breaching party of written notice of such breach, the non‑breaching party may give a second notice to the breaching party terminating the applicable Order or SOW.  Termination of any particular Order or SOW under this Section will not be deemed a termination of any other Order or SOW, unless the notice of termination states that another Order or SOW is also terminated.  Notwithstanding the foregoing, the Cure Period applicable to a breach by Customer of any payment obligations under any Order or any SOW will be fifteen (15) days. Notwithstanding the foregoing, this Agreement shall terminate automatically in the event Customer has breached any license restriction and, in FireEye’s determination, that breach cannot be adequately cured within the Cure Period.

12.3.    Effect of Termination.  Termination or expiration of any Order or SOW will not be deemed a termination or expiration of any other Orders or SOWs in effect as of the date of termination or expiration, and this Agreement will continue to govern and be effective as to those outstanding Orders and SOWs until those Orders and SOWs have expired or terminated by their own terms or as set forth herein.  The provisions of Section 3 (Payment), Section 6 (Intellectual Property), Section 7.5 (Disclaimer of Warranties), 9 (Limitation of Liability), 10 (Export Control; Anti-Corruption; U.S. Government Restricted Rights), 12 (Confidential Information), and 13 (Miscellaneous), and all accrued payment obligations, shall survive the termination of all Orders and SOWs and the relationship between FireEye and Customer.

13.       MISCELLANEOUS.

13.1.    Assignment. Customer may not assign any Order or Statement of Work, or any rights or obligations thereunder, in whole or in part, without FireEye’s prior written consent, and any such assignment or transfer shall be null and void.  FireEye shall have the right to assign all or part of an Order or Statement of Work without Customer’s approval.  Subject to the foregoing, each Order and Statement of Work shall be binding on and inure to the benefit of the parties’ respective successors and permitted assigns.

13.2.    Entire Agreement.  This Agreement along with any Order, Statement of Work and the Exhibits attached hereto is the entire agreement of the parties with respect to the Offerings and supersedes all previous or contemporaneous communications, representations, proposals, commitments, understandings and agreements, whether written or oral, between the parties regarding the subject matter thereof.  FireEye does not accept, expressly or impliedly and FireEye hereby rejects and deems deleted any additional or different terms or conditions that Customer presents, including, but not limited to, any terms or conditions contained or referenced in any order, acceptance, acknowledgement, or other document, or established by trade usage or prior course of dealing.  This Agreement may be amended only in writing signed by authorized representatives of both parties.

13.3.    Force Majeure.  Neither party will be liable to the other for any delay or failure to perform any obligation under this Agreement (except for a failure to pay fees) if the delay or failure is due to unforeseen events, which occur after the signing of this Agreement and which are beyond the reasonable control of the parties, such as strikes, blockade, war, terrorism, riots, natural disasters, refusal of license by the government or other governmental agencies, in so far as such an event prevents or delays the affected party from fulfilling its obligations and such party is not able to prevent or remove the force majeure at reasonable cost.

13.4.     Governing Law.  This Agreement shall be deemed to have been made in, and shall be construed pursuant to the laws of the State of California and the United States without regard to conflicts of laws provisions thereof, and without regard to the United Nations Convention on the International Sale of Goods or the Uniform Computer Information Transactions Act.  Any legal suit, action or proceeding arising out of or relating to the Offerings, the FireEye Materials, this Agreement, an Order or a Statement of Work will be commenced exclusively in a federal court in the Northern District of California or in state court in Santa Clara County, California, and each party hereto irrevocably submits to the jurisdiction and venue of any such court in any such suit, action or proceeding.

13.5.     Independent Contractors.  The parties are independent contractors.  Nothing in these Terms, any Order or any Statement of Work shall be construed to create a partnership, joint venture or agency relationship between the parties.  Customer shall make no representations or warranties on behalf of FireEye.

13.6.    Language.  This Agreement and each Order and Statement of Work are in the English language only, which shall be controlling in all respects.  All communications, notices, and Documentation to be furnished hereunder shall be in the English language only.

13.7.     Notices.  All notices required to be sent hereunder shall be in writing, addressed to receiving party’s current business contact, if known, with a cc: to the General Counsel/Legal Department of the receiving party, and sent to the party’s address as listed in this Agreement, or as updated by either party by written notice.  Notices shall be effective upon receipt and shall be deemed to be received as follows: (i) if personally delivered by courier, when delivered; or (ii) if mailed by first class mail, or the local equivalent, on the fifth business day after posting with the proper address.

13.8.     Severability.  If any provision of this Agreement is held to be illegal, invalid or unenforceable under the laws of any jurisdiction, the provision will be enforced to the maximum extent permissible so as to effect the intent of the parties, and the remaining provisions of this Agreement will remain in full force and effect.

13.9.    Third Party Rights.  Other than as expressly set out in this Agreement, this Agreement does not create any rights for any person who is not a party to it and no person who is not a party to this Agreement may enforce any of its terms or rely on any exclusion or limitation contained in it.

13.10.   Waiver.  The waiver of a breach of any provision of this Agreement shall not constitute a waiver of any other provision or any subsequent breach.

13.11.   Equal Opportunity.  FireEye is committed to the provisions outlined in the Equal Opportunity Clauses of Executive Order 11246, the Rehabilitation Act of 1973, the Vietnam Era Veterans Readjustment Act of 1974, the Jobs for Veterans Act of 2003, as well as any other regulations pertaining to these orders.

Back To Top


Exhibit A

PRODUCT LICENSE AND SUPPORT TERMS
(FIREEYE NX, EX, AX, PX, FX, HX, SECURITY ORCHESTRATOR™, MVX SMART GRID, AND CENTRAL MANAGEMENT SERIES (CMS) PRODUCTS)

In addition to the General Terms Applicable to all Offerings, the following terms apply to the FireEye NX, EX, AX, PX, FX, HX, Security Orchestrator, MVX Smart Grid, and Central Management Series (CMS) Products, including any add-on features such as FireEye Advanced Threat Intelligence (ATI), and including both hardware-based, cloud and virtual implementations.

1.        Grant of License and Restrictions. Subject to the terms hereof, payment of all fees, and any applicable user/use limitations, FireEye grants Customer a personal,  nonsublicensable, nonexclusive, right to use the Product, in accordance with the Agreement and this Exhibit A. Customer will maintain the copyright notice and any other notices that appear on the Product, including any interfaces related to the Product.  With respect to the FireEye HX Series Product, Customer may install the “agent” software component of the Product on the number of Nodes stated on the applicable Order.  With respect to the FireEye EX Series Product, Customer may use the Product in connection with the number of attached URL engines  (i.e., email accounts) (“Attached URL Engines”) stated on the applicable Order.  FireEye reserves the right to audit Customer’s use of the Product to ensure compliance with this Agreement.  “Nodes” are endpoint computing devices owned or controlled by Customer (such as laptops, workstations, and servers), on which Customer installs the agent software.  Updates, preview features, Content Feeds and/or Support Services are not necessarily provided with the Software, may require additional payment or include additional terms and conditions, and may be provided on a “preview” basis for a limited period at no additional charge but then licensed for an additional fee at a later date. Customer acknowledges that Third Party Software distributed with the Products may be subject to separate license terms, and specifically, if the Oracle™ Java® software is included within the Product, that software is subject to the license found at http://www.oracle.com/technetwork/java/javase/terms/license/index.html.   

2.        Content Feeds.  Subject to Customer’s payment in full of all associated fees for the applicable FireEye Content Feed, as set forth on the applicable Order, FireEye shall grant a limited, non-exclusive, personal, non-transferable, non-sublicenseable right to use the Content Feed as set forth in the Documentation for the applicable Product, for Customer’s internal business purposes during the active Support Term for the applicable Product. FireEye shall not disclose to any third party any personally identifiable data or Customer Confidential Information in connection with the Content Feed unless expressly authorized to do so by Customer.  The Content Feeds available to the Customer for purchase with respect to the Products may include:

2.1      FireEye Dynamic Threat Intelligence™ (DTI™) – The DTI Content Feed (currently available only for customers who have purchased the FireEye NX, EX, AX, HX and FX Product) provides continual, updated information to the Product about threats.

2.2.     FireEye Advanced Threat Intelligence™ (ATI™) – The ATI Content Feed (currently available only for customers who have purchased the FireEye NX or EX Product) provides contextual information about malware detected in Customer’s environment, such as information regarding threat groups associated with certain malware, industry verticals in which FireEye has observed certain threat groups operate and in which certain malware is used, and brelative frequency of observation of various threats and malware.

3.        Cloud MVX Products. If Customer has purchased the Cloud MVX version of a Product, and subject to Customer’s payment in full of all associated fees, then the analysis performed by the Product will be available through Cloud MVX during the active Support Term for the applicable Product.

4.        Support Services.  Subject to Customer’s payment in full of all associated fees for FireEye Support Services, FireEye shall provide Support Services for the Products as set forth in Exhibit C, as may be updated by FireEye in its discretion.

Back To Top


EXHIBIT B: SUBSCRIPTION TERMS

EXHIBIT B-1
SUBSCRIPTION TERMS FOR FIREEYE AS A SERVICE (FAAS) – CONTINUOUS GUIDANCE

In addition to the General Terms Applicable to all Offerings, the following terms govern the FireEye as a Service (FaaS) – Continuous Guidance (CG) Subscription.

1.      DEFINITIONS.

1.1.    “Alert” means an alert generated by a Product, ETP Subscription, FireEye Helix Subscription, or TAP Subscription that FireEye has determined is potentially malicious based on its characteristics, and that is ingested into the FaaS analysis infrastructure.

1.2.    “Covered System” means (i) a computing device (to the extent supported by FireEye) that Customer specifies as within the scope of the CG Subscription, and if the Customer has purchased the HX Product or FireEye Helix Subscription, on which a software agent has been installed to support CG Subscription delivery, or (ii) a computing device (to the extent supported by FireEye) whose network traffic is observable to support CG Subscription delivery; (iii) with respect to ETP Subscriptions or EX Product, mailboxes monitored to support CG Subscription delivery; or (iv) any computing device that both Customer and FireEye agree is within scope of the CG Subscription.

1.3.    “Enabling Hardware” means additional hardware appliances that will be used by FireEye in providing the Subscription, and may include log collection and analysis equipment.

1.4.    “FaaS Supported Technology” means the Products, Subscriptions, and Enabling Hardware monitored through the CG Subscription.

1.5.     “FaaS Guidance Reports” means the written reports outlining FireEye’s recommendations for investigating and addressing Alerts that FireEye creates and makes available to Customer through the CG Subscription.

1.6.    “Nodes” or “Node Band” refers to number of Covered Systems within the Customer environment, which is reflected on the Subscription Order.

1.7.     “Suppressed Alerts” means Alerts that are to be excluded from reporting because they a) relate to previously reported incidents that have not been resolved by the Customer; b) relate to Covered Systems that were identified as compromised and where required resolution steps have not been completed by the Customer; c) are not identified as being supported by FaaS in the FaaS Operations Manual; or d) have been requested to be excluded by the Customer.

2.      Scope of FaaS – Continuous Guidance (CG) Services.  During the Subscription Term, FireEye will provide the CG Subscription as set forth in this Section 2, according to the Subscription level and Node Band purchased by Customer as set forth in the Subscription Order. All services Customer requests that are not described in this Section 2 will be performed at mutually agreed upon rates as set forth in Statements of Work.  If the number of Nodes exceeds the Node Band reflected in the Subscription Order by more than ten percent (10%), FireEye will notify Customer in writing, and will issue an invoice for the next higher Node Band at FireEye’s then-current rates pro-rated for the remaining portion of the then-current Subscription Term.

2.1.    Subscription Initiation. FireEye will work with Customer to deploy, connect, and test the FaaS Supported Technology that will be monitored through the CG Subscription (“Subscription Initiation”). During Subscription Initiation, FireEye will do the following:

    a)      Designate a FaaS Transition Manager who will work in conjunction with the Customer.

    b)     Create and deliver account details for FaaS Portal access, conduct training, collect implementation requirements, establish agreed-upon installation timelines, and provide Documentation for CG Subscription.

    c)     Assist Customer with setup and configuration of the FaaS Supported Technology, and test whether FireEye can receive Alerts with supporting artifacts, and can monitor the Customer’s Covered Systems.

    d)     For FaaS Supported Technology that has been appropriately configured, conduct baseline monitoring activities for up to 14 days. The intent of the baseline is to identify any Covered Systems known to be compromised and identify active attacks occurring in the Customer’s environment, and provide the Customer with any recommended steps to remediate these issues.

    e)      Validate monitoring and alerting activity for each FaaS Supported Technology.  

2.2.    Alert Analysis

For each validated FaaS Supported Technology, FireEye will conduct the following monitoring and reporting activities:

    (a)        Classification of Alerts. Alerts are automatically ingested into the FaaS infrastructure as they are generated by the applicable FaaS Supported Technology. Once ingested, FireEye will classify the Alert as requiring further analysis or requiring no further analysis within thirty (30) minutes of the time the Alert was ingested into the FaaS infrastructure.

    (b)        If an Alert is classified as requiring no further analysis, then a severity level will be assigned to the Alert and a a FaaS Guidance Report will be published to the FaaS Portal within the times set forth in the table below, based on the severity level.

    (c)        Validation. If an Alert is classified as requiring further analysis, then FireEye will begin analysis of that Alert promptly. FireEye analysts will perform an initial triage and validation to determine if the Alert is a true or false positive, benign or suspicious activity.

    (d)        FaaS Guidance Reports.  After validation, FireEye will assign a “High” “Medium” or “Low” severity level. FireEye will publish a FaaS Guidance Report to the Portal related to that Alert within the times set forth in the table below, calculated from the time FireEye assigns the severity level.

FaaS Report Severity Level

Time to Classify Alert as Requiring Further Analysis or No Further Analysis (from time of ingestion)

Time to Publish FaaS Report (from time FireEye assigns severity level)

High

30 minutes

1 hour

Medium

30 minutes

4 hours

Low

30 minutes

24 hours

    (e)         Multiple Related Alerts. When FireEye has identified a true positive or suspicious activity, FireEye analysts may aggregate and review multiple Alerts from related Covered Systems to determine the extent of activity related to the Alert. FireEye analysts may append recommendations for subsequent Alert investigations to the initial FaaS Guidance Report if FireEye determines that additional or subsequent Alerts are related, and in such cases, FireEye will not be required to issue a separate FaaS Guidance Report for each such related Alert.

    (f)        Non-Remediable Alerts. FireEye has no obligation to notify the Customer or generate a new FaaS Guidance Report on new Alerts that are directly related to previous investigations or known compromises where a FaaS Guidance Report has been published and FireEye has provided recommended remediation steps, when the Customer has acknowledged the FaaS Guidance Report but chooses not to or cannot remediate the cause of these Alerts.

    (g)         Alert Priority. FireEye may re-prioritize Alerts, regardless of their severity classification, to provide focus to Alerts that FireEye determines may have the largest impact to the Customer’s environment.

    (h)         Continuity of Monitoring. All monitoring and reporting activities described in this Section 2.2 will be provided on a 24/7/365 basis.

2.3.    Engagement Managers. A pool of non-designated Engagement Managers will be available to assist in the ongoing delivery of the CG Subscription. Customers may post questions to the FaaS Portal for Engagement Manager response. Engagement Managers will assist in answering CG related questions such as those related to key findings in a FaaS Guidance Report. In addition, Engagement Managers will post yearly service review reports to the FaaS Portal. Engagement Managers have no obligation to engage in activities or respond to inquiries that are otherwise the responsibility of standard FireEye Support such as Product-related troubleshooting or configuration questions.

2.4.    System Health Monitoring and Notification. For Customers who have purchased the FireEye EX, FX, HX, NX, NX Smart Sensor, or PX Product, FireEye will provide Customer with notification of system health issues such as connectivity problems.

2.5.    Portal Access.  Appliance Health Monitoring and FaaS Guidance Reports will be provided via an online portal (“FaaS Portal”), and FireEye will provide login credentials to the Customer to enable access to the FaaS Portal. Service levels for the FaaS Portal are as set forth in Section 4 below.

2.6.    Incident Response (IR) Services Retainer. During the Subscription Term, if Customer requires incident response (IR) Professional Services, Customer will have access to FireEye’s 24/7/365 IR intake procedures. FireEye will provide contact information and details of this service shortly after the Order Effective Date. If Customer requires IR Professional Services, FireEye will respond, triage and determine the need for IR Professional Services. If FireEye determines that IR Professional Services are necessary, FireEye will assign an IR Responder to work with Customer, including, as necessary, for onsite assistance. All IR Professional Services will be performed using the FaaS Supported Technology, and will be charged on a time and materials basis, invoiced monthly in arrears, at agreed upon hourly rates.

2.7.    FireEye iSIGHT Intelligence Portal.  During the Subscription Term, FireEye will provide access to a FireEye iSIGHT Intelligence Portal (“FIIP”), subject to the following:

    a)      Permitted Use; Reports.  Customer may be provided with access, to view and use FIIP and content appearing on FIIP (“FIIP Content”) to provide supplementary information to a FAAS Guidance Report.  Customer understands and acknowledges that the FIIP Content available through the CG Subscription is more limited than that available to customers who purchase a full iSIGHT Subscription. Some features of FIIP may allow Customer to generate a report (each, a “FIIP Report”).  FIIP Reports and FIIP Content are FireEye Materials.  Subject to Customer’s payment obligations, FireEye grants to Customer a limited, non-exclusive right to produce FIIP Reports using FIIP, and reproduce and distribute those FIIP Reports and FIIP Content internally for Customer’s own business purposes.

    b)     Additional Use Limitations.  Customer may appoint up to fifteen (15) users of FIIP at any time. Each day, all users on Customer’s account may collectively make up to (A) one hundred (100) queries of IP addresses and domain names and (B) one hundred (100) queries of malware.  Customer may request additional queries, to be evaluated by FireEye on a case-by-case basis.

    c)      User Content.  “User Content” means any communications, images, sounds, and all the material and information that Customer or anyone using Customer’s account contributes to or through FIIP (e.g., comments to FIIP Content, suspected malware that Customer uploads to FIIP).  Customer hereby grants FireEye a perpetual, irrevocable, worldwide, paid-up, non-exclusive, license, including the right to sublicense to third parties, and right to reproduce, fix, adapt, modify, translate, reformat, create derivative works from, publish, distribute, sell, license, transmit, publicly display, publicly perform, or provide access to electronically, broadcast, display, perform, and use and practice such User Content as well as all modified and derivative works thereof.  Customer represents that Customer has all necessary rights to grant the license referenced in the preceding sentence.  FireEye may use and disclose any of the information it collects about its customers’ use of FIIP to the extent such information is de-identified.

    d)     Restrictions. Customer may not access FIIP by any means other than through the interface that is provided or approved by FireEye. Customer will not collect any information from or through FIIP using any automated means, including without limitation any script, spider, “screen scraping,” or “database scraping” application, and Customer will not damage, disable, overburden, or impair FIIP or interfere with any other party’s use and enjoyment of FIIP.

    e)      Customer acknowledges that some optional features and content appearing on FIIP may require payment of additional fees.

2.8.    Reseller and Partner Purchases.  If Customer receives the Subscription via a FireEye authorized services or support partner (a “Partner”), Customer agrees that the Subscription, including system health monitoring reports and FaaS Guidance Reports may be delivered to Customer through the Partner. Notwithstanding any other confidentiality obligations between the parties, Customer authorizes FireEye to disclose information related to the Subscription and Customer Data to Partner.

3.      Customer Responsibilities. Customer acknowledges and agrees that FireEye’s ability to successfully deliver the CG Subscription is dependent on the Customer’s ability to meet its responsibilities as outlined herein.

3.1   FireEye will have no liability for any failure to deliver the CG Subscription as set forth herein that may arise due to Customer’s refusal or failure to perform its responsibilities.

    a)      Installation Requirements. Customer will be responsible for the following: (i) providing network architecture diagrams, physical, and logical access to Customer’s environment for the sole purpose of deploying and configuring FaaS Supported Technology; (ii) upgrading pre-existing FaaS Supported Technology to the minimum software version as referenced within the FaaS Operations Manual for each product or service; (iii) providing confirmation that all FaaS Supported Technology within the Customer’s environment has been successfully configured and connected to their network according to the individual Product’s or Subscription’s System Administration Guide and the configurations supported as noted in FireEye’s Support portal; (iv) providing the ability to establish a persistent connection to the Customer’s network within the designated port range corresponding to the country from which the CG Subscription will be delivered as referenced within the FaaS Quick Start Guide.

    b)     Compromised Systems. Customer recognizes that the CG Subscription is not an alternative to an incident response engagement for an environment that is compromised prior to the start of the CG Subscription.

    c)      Credential Security. Customer will be responsible for the following: (i) providing accurate information to FireEye for provisioning access to (and removal of) Customer personnel access to the FaaS Portal; (ii) implementing and adhering to strong password standards; (iii) providing accurate information to FireEye for domain whitelisting; and (iv) reporting any security issues related to the Subscription (including the FaaS Portal) to FireEye immediately.

    d)     Network Segment Exclusion: Customer must notify FireEye if specific network segments will not require FaaS monitoring. Customer must provide detailed information regarding the specific network segment range when possible. Examples: guest networks, testing environments, etc.

    e)      Remediating Known Compromises. Customer must make a reasonable effort to investigate and remediate any known compromises reported by FireEye or third party vendors. FireEye may choose to suppress alerts generated by known compromised systems until such time the compromise is remediated.

3.2.    Exclusions. Notwithstanding anything else contained in these Terms to the contrary, FireEye shall have no obligation or responsibility to provide the alerting and monitoring activities described in Section 2.2 for (i) Products that the Customer (or FireEye or another third party on Customer’s behalf) has configured with a one-way feed of FireEye’s Dynamic Threat Intelligence (DTI) Subscription; (ii) FaaS Supported Technology that has been declared end of support or that are not currently supported; (iii) FaaS Supported Technology that has no active Support Service in place; (iv) FaaS Supported Technology for which software updates have not been applied; (v) Products that have not been installed and deployed; or (vi) FaaS Supported Technology that is misconfigured or incorrectly deployed, which prevents the FaaS Supported Technology from monitoring the Covered Systems. Customer acknowledges that to facilitate FireEye’s efficient performance of the CG Subscription, FireEye may control some features and functionality of the FaaS Supported Technology, and that such features or functionality may not be available for Customer’s independent use during the Subscription Term.

4.      FaaS PORTAL AVAILABILITY

4.1        Uptime. FireEye shall undertake commercially reasonable efforts to ensure the FaaS Portal availability for 99.9% of the time during each calendar month.

    a)      “Service Outage” is where the FaaS Portal is not available due to a failure or a disruption in the FaaS Portal that is not the result of Scheduled Maintenance, Emergency Maintenance, a force majeure event or of the act or omission of Customer.

    b)     “Scheduled Maintenance Period" is the period during which weekly scheduled maintenance of the FaaS Portal may be performed, or a maintenance window otherwise mutually agreed upon by FireEye and Customer.

    c)      "Emergency Maintenance" means any time outside of Scheduled Maintenance that FireEye requires to apply critical patches or fixes or undertake other urgent maintenance. If Emergency Maintenance is required, FireEye will provide notice to Customer, to the extent possible under the circumstances, and provide the expected time frame of the Emergency Maintenance and availability of the FaaS Portal during the Emergency Maintenance.

    d)     "System Availability" means the total number of minutes in any calendar month minus the aggregate number of minutes of all Service Outages that occur during that calendar month.

4.2.       Remedy

    a)      If the FaaS Portal does not meet the monthly service availability defined in 4.1, FireEye will provide a credit to the Customer in accordance to the table below (“Credit”) for a validated SLA Claim (defined below). The Percent of FaaS Portal availability per calendar month (in the table below) is equal to the result, expressed as a percentage, of the number of minutes of System Availability in a calendar month divided by the total number of minutes in the calendar month.

Percent of FaaS Portal Availability per Calendar Month

Service Credit

<99.9%

2%

<99.0%

5%

<98.0%

10%

    b)     For determining the Credit, the duration of a Service Outage will be measured as the time starting when Customer experiences a disruption in availability of the FaaS Portal and ending when a successful solution or workaround allowing for full restoration of the FaaS Portal is provided by FireEye to Customer.  Customer must notify FireEye in writing of any Service Outage no later than fifteen (15) days after the calendar month in which the Service Outage occurred (“SLA Claim”) to be entitled to a Credit for that Service Outage.

    c)      Any Credits earned by Customer hereunder will be applied to the Subscription Fees owed by Customer for the next Subscription Term for which the Credit applies. If Credits cannot be applied to future Subscription Fees because the Subscription Term has terminated for non-renewal or for a material uncured breach by Customer, such credits shall become null and void. If Credits cannot be applied to future Subscription Fees because the Subscription Term has terminated due to a material uncured breach by FireEye, FireEye will promptly pay Customer the amount of the Credit.

    d)     Customer shall not be entitled to receive a Credit that exceeds 10% of its prorated monthly Subscription Fee for a Service Outage for the applicable calendar month

Back To Top


EXHIBIT B-2
SUBSCRIPTION TERMS FOR FIREEYE AS A SERVICE (FAAS) – CONTINUOUS VIGILANCE

In addition to the General Terms Applicable to all Offerings, the following terms govern the FireEye as a Service (FaaS) – Continuous Vigilance (CV) Subscription.

1.      DEFINITIONS.

1.1.    “Alert” means an alert generated by a Product, ETP Subscription, FireEye Helix Subscription, or TAP Subscription that FireEye has determined is potentially malicious based on its characteristics, and that is ingested into the FaaS analysis infrastructure.

1.2.    “APT Alert” means an alert generated by a Product, ETP Subscription, FireEye Helix Subscription, or TAP Subscription that is identified by FireEye as being associated with a “targeted threat,” which means advanced persistent threat (APT) actors or APT activity.

1.3.    “APT Only Service” means the Subscription level in which FireEye will provide investigation and reporting of APT Alerts. If Customer purchases the APT Only Service, FireEye will provide investigation and reporting of only APT Alerts, and not any other Alerts.

1.4.    “Covered System” means (i) a computing device (to the extent supported by FireEye) that Customer specifies as within the scope of the CV Subscription, and if the Customer has purchased the HX Product or FireEye Helix Subscription, on which a software agent has been installed to support CV Subscription delivery, or (ii) a computing device (to the extent supported by FireEye) whose network traffic is observable to support CV Subscription delivery; (iii) with respect to ETP Subscriptions or EX Product, mailboxes monitored to support CV Subscription delivery; or (iv) any computing device that both Customer and FireEye agree is within scope of the CV Subscription.

1.5.    “Enabling Hardware” means additional hardware appliances that will be used by FireEye in providing the Subscription, and may include log collection and analysis equipment.

1.6.    “FaaS Supported Technology” means the Products, Subscriptions, and Enabling Hardware monitored through the CV Subscription.

1.7.    “Full Coverage Service” means the Subscription level in which FireEye will process and assess all Alerts other than Suppressed Alerts.

1.8.    “FaaS Reports” means the written reports relating to Alerts that FireEye creates and makes available to Customer through the CV Subscription.

1.9.    “Nodes” or “Node Band” refers to number of Covered Systems within the Customer environment, which is reflected on the Subscription Order.

1.10.  “Suppressed Alerts” means Alerts that are to be excluded from investigation and reporting because they a) relate to previously reported incidents that have not been resolved by the Customer; b) relate to Covered Systems that were identified as compromised and where required resolution steps have not been completed by the Customer; c) are not identified as being supported by FaaS in the FaaS Operations Manual; or d) have been requested to be excluded by the Customer.

2.      Scope of FaaS – Continuous Vigilance (CV) Services.  During the Subscription Term, FireEye will provide the CV Subscription as set forth in this Section 2, according to the Subscription level and Node Band purchased by Customer as set forth in the Subscription Order. If the Subscription Order does not specify the Subscription level purchased, then Customer will be deemed to have purchased the APT Only Service. All services Customer requests that are not described in this Section 2 will be performed at mutually agreed upon rates as set forth in Statements of Work.  If the number of Nodes exceeds the Node Band reflected in the Subscription Order by more than ten percent (10%), FireEye will notify Customer in writing, and will issue an invoice for the next higher Node Band at FireEye’s then-current rates pro-rated for the remaining portion of the then-current Subscription Term.

2.1.    Subscription Initiation. FireEye will work with Customer to deploy, connect, and test the FaaS Supported Technology that will be monitored through the CV Subscription (“Subscription Initiation”). During Subscription Initiation, FireEye will do the following:

    a)       Designate a FaaS Transition Manager who will work in conjunction with the Customer.

    b)     Create and deliver account details for FaaS Portal access, conduct training, collect implementation requirements, establish agreed-upon installation timelines, and provide Documentation for CV Subscription.

    c)      Assist Customer with setup and configuration of the FaaS Supported Technology, and test whether FireEye can receive Alerts with supporting artifacts, and can monitor the Customer’s Covered Systems.

    d)     For FaaS Supported Technology that has been appropriately configured, conduct baseline monitoring activities for up to 14 days. The intent of the baseline is to identify any Covered Systems known to be compromised and identify active attacks occurring in the Customer’s environment, and provide the Customer with any recommended steps to remediate these issues.

    e)      Validate monitoring and alerting activity for each FaaS Supported Technology.

2.2.    Alert Analysis

For each validated FaaS Supported Technology, FireEye will conduct the following monitoring, investigation and reporting activities:

    (a)        Classification of Alerts. Alerts are automatically ingested into the FaaS infrastructure as they are generated by the applicable FaaS Supported Technology. Once ingested, FireEye will classify the Alert as requiring further analysis or requiring no further analysis within thirty (30) minutes of the time the Alert was ingested into the FaaS infrastructure. FireEye will ingest and classify the Alerts that correspond with the Subscription level the Customer purchased. If the Customer purchased the APT Only Service, FireEye will classify only APT Alerts. If the Customer purchased the Full Coverage Service, FireEye will classify all Alerts.  FireEye has no obligation to investigate and report on Alerts that fall outside the purchased Subscription level.

    (b)        If an Alert is classified as requiring no further analysis, then a severity level assignment will be applied to the Alert and FaaS Report will be published to the FaaS Portal within the times set forth in the table below, based on the severity level.

    (c)        Initial Investigation. If an Alert is classified as requiring further analysis, then FireEye will begin analysis of that Alert promptly. FireEye analysts will perform an initial analysis of the Customer’s Covered Systems to determine if the Alert is a true or false positive, benign or suspicious activity.

    (d)        FaaS Reports. If FireEye’s investigation determines that the Alert indicates a true compromise, FireEye will assign a “High” “Medium” or “Low” severity level. FireEye will publish a FaaS Report to the Portal related to that Alert within the times set forth in the table below, calculated from the time FireEye assigns the severity level.

    (e)        Alerts that are investigated but are found to be benign or a false positive will be reported as an Informational report.

    (f)         Regardless of whether FireEye’s investigation determines that an Alert indicates a true compromise, FireEye will publish a FaaS Report on the Alert to the FaaS Portal within the times set forth in the table below, based on the severity level of the FaaS Report (High, Medium, Low). Customer acknowledges that in some cases, when FireEye’s investigation is not complete, a FaaS Report may provide only an update of current status of the Alert investigation.

FaaS Report Severity Level

Time to Classify Alert as Requiring Further Analysis or No Further Analysis (from time of ingestion)

Time to Publish FaaS Report (from time FireEye assigns severity level)

High

30 minutes

1 hour

Medium

30 minutes

4 hours

Low

30 minutes

24 hours

    (g)        Extended Investigations; Multiple Related Alerts. When FireEye has identified a true positive or suspicious activity, FireEye analysts may perform an extended investigation, and/or may aggregate and review multiple Alerts from related Covered Systems to determine the extent of activity related to the Alert. FireEye analysts may append results from the extended investigation or subsequent Alert investigations to the initial FaaS Report if FireEye determines that additional or subsequent Alerts are related, and in such cases, FireEye will not be required to issue a separate FaaS Report for each such related Alert.

    (h)        Non-Remediable Alerts. FireEye has no obligation to notify the Customer or generate a new FaaS Report on new Alerts that are directly related to previous investigations or known compromises where a FaaS Report has been published and FireEye has provided recommended remediation steps, when the Customer has acknowledged the FaaS Report but chooses not to or cannot remediate the cause of these Alerts.

    (i)         Alert Priority. FireEye may re-prioritize Alerts, regardless of their severity classification, to provide focus to Alerts that FireEye determines may have the largest impact to the Customer’s environment.

    (j)         Continuity of Monitoring. All monitoring, investigation and reporting activities described in this Section 2.2 will be provided on a 24/7/365 basis.

2.3.    Engagement Manager Responsibilities. FireEye will assign an Engagement Manager to Customer’s account to assist in the ongoing delivery of the CV Subscription. Engagement Managers will schedule routine meetings, deliver related documentation and training specific to the delivery of the CV Subscription. Engagement Managers have no obligation to engage in activities or respond to inquiries that are otherwise the responsibility of standard FireEye Support such as Product-related troubleshooting or configuration questions.

2.4.    Hunting.  FireEye will conduct periodic proactive hunting techniques on Covered Systems to look for additional indicators of malicious or attacker activity. When FireEye’s investigation reveals a compromise, then FireEye will assign a severity classification and publish a FaaS Report to the FaaS Portal within the time frames set forth in the table in 2.2 above, according to the severity classification.

2.5.    System Health Monitoring and Notification. For Customers who have purchased the FireEye EX, FX, HX, NX, NX Smart Sensor, or PX Product, FireEye will provide Customer with notification of system health issues such as connectivity problems.  

2.6.    Containment.  When the Customer has purchased the FireEye Helix Subscription or HX Product, FireEye may, when appropriate, recommend containment of the target Covered System from the Customer’s network. Containment must be executed by the Customer.

2.7.    Portal Access.  Appliance Health Monitoring and FaaS Reports will be provided via an online portal (“FaaS Portal”), and FireEye will provide login credentials to the Customer to enable access to the FaaS Portal. Service levels for the FaaS Portal are as set forth in Section 3 below.

2.8.    Incident Response (IR) Services Retainer. During the Subscription Term, if Customer requires incident response (IR) Professional Services, Customer will have access to FireEye’s 24/7/365 IR intake procedures. FireEye will provide contact information and details of this service shortly after the Order Effective Date. If Customer requires IR Professional Services, FireEye will respond, triage and determine the need for IR Professional Services, and if FireEye determines that IR Professional Services are necessary, FireEye will assign an IR Responder to work with Customer, including, as necessary, for onsite assistance. All IR Professional Services will be performed using the FaaS Supported Technology, and will be charged on a time and materials basis, invoiced monthly in arrears, at agreed upon hourly rates.

2.9.    FireEye iSIGHT Intelligence Portal.  During the Subscription Term, FireEye will provide access to a FireEye iSIGHT Intelligence Portal (“FIIP”), subject to the following:

    a)      Permitted Use; Reports.  Customer may access, view and use FIIP and content appearing on FIIP (“FIIP Content”) solely for internal use.  Customer understands and acknowledges that the FIIP Content available through the CV Subscription is more limited than that available to customers who purchase a full iSIGHT Subscription. Some features of FIIP may allow Customer to generate a report (each, a “FIIP Report”).  FIIP Reports and FIIP Content are FireEye Materials.  Subject to Customer’s payment obligations, FireEye grants to Customer a limited, non-exclusive right to produce FIIP Reports using FIIP, and reproduce and distribute those FIIP Reports and FIIP Content internally for Customer’s own business purposes.

    b)     Additional Use Limitations.  Customer may appoint up to twenty (20) users of FIIP at any time. Each day, all users on Customer’s account may collectively make up to (A) one hundred twenty five (125) queries of IP addresses and domain names and (B) one hundred twenty five (125) queries of malware.  Customer may request additional queries, to be evaluated by FireEye on a case-by-case basis.

    c)      User Content.  “User Content” means any communications, images, sounds, and all the material and information that Customer or anyone using Customer’s account contributes to or through FIIP (e.g., comments to FIIP Content, suspected malware that Customer uploads to FIIP).  Customer hereby grants FireEye a perpetual, irrevocable, worldwide, paid-up, non-exclusive, license, including the right to sublicense to third parties, and right to reproduce, fix, adapt, modify, translate, reformat, create derivative works from, publish, distribute, sell, license, transmit, publicly display, publicly perform, or provide access to electronically, broadcast, display, perform, and use and practice such User Content as well as all modified and derivative works thereof.  Customer represents that Customer has all necessary rights to grant the license referenced in the preceding sentence.  FireEye may use and disclose any of the information it collects about its customers’ use of FIIP to the extent such information is de-identified.

    d)     Restrictions. Customer may not access FIIP by any means other than through the interface that is provided or approved by FireEye. Customer will not collect any information from or through FIIP using any automated means, including without limitation any script, spider, “screen scraping,” or “database scraping” application, and Customer will not damage, disable, overburden, or impair FIIP or interfere with any other party’s use and enjoyment of FIIP.

    e)      Customer acknowledges that some optional features and content appearing on FIIP may require payment of additional fees.

2.10. Reseller and Partner Purchases.  If Customer receives the Subscription via a FireEye authorized services or support partner (a “Partner”), Customer agrees that the Subscription and FaaS Reports may be delivered to Customer through the Partner. Notwithstanding any other confidentiality obligations between the parties, Customer authorizes FireEye to disclose information related to the Subscription and Customer Data to Partner.

2.11. FaaS for ICS.  If Customer has purchased the additional ICS Monitoring feature of the CV Subscription (“ICS Monitoring Subscription”), the following terms will govern the ICS Monitoring Subscription: (a) FireEye will, in addition to the services described in Sections 2.1-2.6 of this Exhibit, monitor Customer’s TAP Subscription for malicious activity based on custom rules developed by FireEye in consultation with the Customer; (b) FireEye will perform additional hunting activities tailored to the Customer’s environment; (c) Alerts resulting from the activities described in (a)-(b) will be published to the FaaS Portal as set forth in Section 2.2 above; and (d) additional Enabling Hardware will be provided (“ICS Enabling Hardware”). The ICS Enabling Hardware constitutes Third Party Material, and the hardware components of such ICS Enabling Hardware must be returned to FireEye or the relevant third party upon termination or expiration of the CV Subscription Term. Customer acknowledges that the third party owner of the ICS Enabling Hardware is a third party beneficiary of the right to enforce the obligation to return the ICS Enabling Hardware as set forth above. The Subscription Term for the ICS Monitoring Subscription will be the same as the CV Subscription Term. 

3.      Customer Responsibilities. Customer acknowledges and agrees that FireEye’s ability to successfully deliver the CV Subscription is dependent on the Customer’s ability to meet its responsibilities as outlined herein.

3.1   FireEye will have no liability for any failure to deliver the CV Subscription as set forth herein that may arise due to Customer’s refusal or failure to perform its responsibilities.

    a)      Installation Requirements. Customer will be responsible for the following: (i) providing network architecture diagrams, physical, and logical access to Customer’s environment for the sole purpose of deploying and configuring FaaS Supported Technology; (ii) upgrading pre-existing FaaS Supported Technology to the minimum software version as referenced within the FaaS Operations Manual for each product or service; (iii) providing confirmation that all FaaS Supported Technology within the Customer’s environment has been successfully configured and connected to their network according to the individual Product’s or Subscription’s System Administration Guide and the configurations supported as noted in the FireEye Support Portal; (iv) providing the ability to establish a persistent connection to the Customer’s network within the designated port range corresponding to the country from which the CV Subscription will be delivered as referenced within the FaaS Quick Start Guide.

    b)     Compromised Systems. Customer recognizes that the CV Subscription is not an alternative to an incident response engagement for an environment that is compromised prior to the start of the CV Subscription.

    c)      Credential Security. Customer will be responsible for the following: (i) providing accurate information to FireEye for provisioning access to (and removal of) Customer personnel access to the FaaS Portal; (ii) implementing and adhering to strong password standards; (iii) providing accurate information to FireEye for domain whitelisting; and (iv) reporting any security issues related to the Subscription (including the FaaS Portal) to FireEye immediately.

    d)     Network Segment Exclusion: Customer must notify FireEye if specific network segments will not require FaaS monitoring. Customer must provide detailed information regarding the specific network segment range when possible. Examples: guest networks, testing environments, etc.

    e)      Remediating Known Compromises. Customer must make a reasonable effort to remediate any known compromises reported by FireEye or third party vendors. FireEye may choose to suppress alerts generated by known compromised systems until such time the compromise is remediated.

3.2.    Exclusions. Notwithstanding anything else contained in these Terms to the contrary, FireEye shall have no obligation or responsibility to provide the CV Subscription for (i) Products that the Customer (or FireEye or another third party on Customer’s behalf) has configured with a one-way feed of FireEye’s Dynamic Threat Intelligence (DTI) Subscription; (ii) FaaS Supported Technology that has been declared end of support or that are not currently supported; (iii) FaaS Supported Technology that has no active Support Service in place; (iv) FaaS Supported Technology for which software updates have not been applied; (v) Products that have not been installed and deployed; or (vi) FaaS Supported Technology that is misconfigured or incorrectly deployed, which prevents the FaaS Supported Technology from monitoring the Covered Systems. Customer acknowledges that to facilitate FireEye’s efficient performance of the CV Subscription, FireEye may control some features and functionality of the FaaS Supported Technology, and that such features or functionality may not be available for Customer’s independent use during the Subscription Term.

4.      FaaS PORTAL AVAILABILITY

4.1        Uptime. FireEye shall undertake commercially reasonable efforts to ensure the FaaS Portal availability for 99.9% of the time during each calendar month.

    a)      “Service Outage” is where the FaaS Portal is not available due to a failure or a disruption in the FaaS Portal that is not the result of Scheduled Maintenance, Emergency Maintenance, a force majeure event or of the act or omission of Customer.

    b)     “Scheduled Maintenance Period" is the period during which weekly scheduled maintenance of the FaaS Portal may be performed, or a maintenance window otherwise mutually agreed upon by FireEye and     Customer.

    c)      "Emergency Maintenance" means any time outside of Scheduled Maintenance that FireEye requires to apply critical patches or fixes or undertake other urgent maintenance. If Emergency Maintenance is required, FireEye will notify Customer, to the extent possible under the circumstances, and provide the expected time frame of the Emergency Maintenance and availability of the FaaS Portal during the Emergency Maintenance.

    d)     "System Availability" means the number of minutes in any calendar month minus the aggregate number of minutes of all Service Outages that occur during that calendar month.

4.2.       Remedy

    a)      If the FaaS Portal does not meet the monthly service availability defined in 4.1, FireEye will provide a credit to the Customer in accordance to the table below (“Credit”) for a validated SLA Claim (defined below). The percent of FaaS Portal availability per calendar month (in the table below) is equal to the result, expressed as a percentage, of the number of minutes of System Availability in a calendar month divided by the total number of minutes in the calendar month.

Percent of FaaS Portal Availability per Calendar Month

Service Credit

<99.9%

2%

<99.0%

5%

<98.0%

10%

    b)      For determining the Credit, the duration of a Service Outage will be measured as the time starting when Customer experiences a disruption in availability of the FaaS Portal and ending when a successful solution or workaround allowing for full restoration of the FaaS Portal is provided by FireEye to Customer.  Customer must notify FireEye in writing of any Service Outage no later than fifteen (15) days after the calendar month in which the Service Outage occurred (“SLA Claim”) to be entitled to a Credit for that Service Outage.

    c)     Any Credits earned by Customer hereunder will be applied to the Subscription Fees owed by Customer for the next Subscription Term for which the Credit applies. If Credits cannot be applied to future Subscription Fees because the Subscription Term has terminated for non-renewal or for a material uncured breach by Customer, such credits shall become null and void. If Credits cannot be applied to future Subscription Fees because the Subscription Term has terminated due to a material uncured breach by FireEye, FireEye will promptly pay Customer the amount of the Credit. Customer shall not be entitled to receive a Credit that exceeds 10% of its prorated monthly Subscription Fee for a Service Outage for the applicable calendar month.

Back To Top


EXHIBIT B-3
SUBSCRIPTION TERMS FOR FIREEYE THREAT ANALYTICS PLATFORM (TAP)

In addition to the General Terms Applicable to all Offerings, the following terms govern the Threat Analytics Platform Subscription, including purchase and support of TAP Cloud Collector™ Appliances and Support. 

1.         TAP Software, Alerts

1.1.1     TAP Software and Hardware.  As part of the TAP Subscription, FireEye may deliver to Customer one or more software files (individually and collectively, “TAP Software”), and/or one or more “Cloud Collector” hardware appliances (“Cloud Collector Appliances”), which may contain TAP Software.  Subject to full payment of all Fees associated with the TAP Subscription, FireEye grants to Customer a non-exclusive, limited right and license to install and run the TAP Software during the Subscription Term solely for purposes of using the TAP Subscription in accordance with the Documentation for the TAP Subscription.

1.1.2     Access; Customer Logs.  FireEye will provide Customer with credentials to enable access to the TAP Subscription.  Using the TAP Software, and subject to payment of Fees for the TAP Subscription and any Cloud Collector Appliances, Customer may upload Customer Logs to the TAP portal (“TAP Portal”).  “Customer Logs” means any communications, logs and other content and information that Customer or anyone using Customer’s account contributes to or through the TAP Portal. Customer grants to FireEye a perpetual, irrevocable, worldwide, paid-up, non-exclusive license and right to reproduce, modify, create derivative works from, publish, distribute, sell, sub-license, transmit, publicly display and provide access to Customer Logs, for purposes of enhancing FireEye’s products and services, so long as (i) FireEye ensures that any Customer Confidential Information is removed from Customer Logs, and (ii) FireEye’s use of Customer Logs does not in any way identify Customer or its employees or in any other way allow a third party to identify Customer as the source of the Customer Logs.  Customer Logs are Customer’s property, and other than the licenses granted in herein, FireEye does not obtain any ownership rights in Customer Logs. FireEye will retain Customer Logs for a period of thirteen (13) months from the earlier of the date the Customer Log was received and the end of the Helix Subscription Term.

1.1.3     Some features of the TAP Subscription may generate alerts of suspected malicious activity (each, a “TAP Alert”).  TAP Alerts are FireEye Materials.  FireEye hereby grants to Customer a limited, non-exclusive right to use TAP Alerts, and reproduce and distribute those TAP Alerts internally for Customer’s own business purposes. 

1.1.4     Cloud Collector Management.  If Customer has installed Cloud Collectors in connection with the TAP Subscription, then FireEye will continuously monitor the Customer’s Cloud Collector Appliances or Cloud Collector TAP Software for system health issues such as monitoring to ensure proper throughput and relay of data.

1.1.5     Support.  Subject to Customer’s payment in full of all associated fees for FireEye Support Services, FireEye shall provide Support Services for the TAP Subscription as set forth in Exhibit C, as may be updated by FireEye in its discretion. 

2.         Event Volume; True-Up

2.1.1     Fees for the TAP Subscription are divided into “Tiers” based on the volume of events processed through the TAP Subscription per second (“Event Volume”).  If at any point during the Subscription Term, Customer’s Event Volume exceeds the Tier upon which Customer’s TAP Subscription Fees were based, FireEye will not guarantee that Customer Logs in excess of the purchased Tier will be ingested and processed by the TAP Subscription. In times of Event Volume in excess of the paid Tier, Customer Logs will enter a queue.  Excessive queueing may cause Customer Logs to be lost from the queue. If at any point during the Subscription Term, Customer’s average Event Volume for any consecutive thirty-day period exceeds the Tier upon which Customer’s TAP Subscription Fees were based, FireEye may issue a true-up invoice for the pro-rated difference between the Fees already paid for that Subscription Term and FireEye’s list prices for the Fees for the Tier associated with Customer’s actual Event Volume for that thirty-day period, pro-rated to reflect that thirty-day period and the remainder of the Subscription Term.  FireEye will apply any discounts that were applied to initial Fees to FireEye’s list prices for any true-up invoice.  Until such time that the True Up invoice is paid in full, the TAP Subscription will continue to ingest and process only the Event Volume of the purchased Tier, allowing any excess Customer Logs to enter queueing conditions. The Tier for any Renewal Subscription Term will be the Tier associated with the actual Event Volume for the immediately preceding Subscription Term.

2.1.2     At the end of the Initial Subscription Term and each Renewal Subscription Term, FireEye may true-up Fees for that Subscription Term, and if the average monthly Event Volume for that Subscription Term exceeds the maximum Event Volume for the Tier for which Customer previously paid Fees, then (a) FireEye will issue a true-up invoice reflecting the difference between the Fees already paid for that Subscription Term and the Fees for the Tier associated with Customer’s actual Event Volume.

3.         TAP Portal Availability

3.1        FireEye shall undertake commercially reasonable efforts to ensure the TAP Portal availability for 99.9% of the time during each calendar month.

3.1.1     “Service Outage” is where the TAP Portal is not available due to a failure or a disruption in TAP Portal that is not the result Scheduled Maintenance, Emergency Maintenance, a force majeure event or of the act or omission of Customer.

3.1.2     “Scheduled Maintenance Period" is the period during which weekly scheduled maintenance of the TAP Portal may be performed.

3.1.3     "Emergency Maintenance" means any time outside of Scheduled Maintenance that FireEye is required to apply critical patches or fixes or undertake other urgent maintenance. If Emergency Maintenance is required, FireEye will contact Customer and provide the expected time frame of the Emergency Maintenance and availability of the TAP Portal during the Emergency Maintenance.

3.1.4     "System Availability" means the percentage of total time during which the TAP Portal shall be available to Customer, excluding the Scheduled Maintenance Period and Emergency Maintenance.

3.2.       Remedy

3.2.1     In the event that the TAP Portal does not meet the monthly service availability defined in 6.1, FireEye will provide a credit to the Customer in accordance to the table below (“Credit”) for a validated SLA Claim (defined below).

Percent of TAP Portal Availability per Calendar Month

Service Credit

<99.9%

2%

<99.0%

5%

<98.0%

10%

3.2.2     For determining the Credit, the duration of a Service Outage will be measured as the time starting when Customer experiences unavailability of the TAP Portal and ending when a successful solution or workaround allowing for full restoration of the TAP Portal is provided by FireEye to Customer.  Customer must notify FireEye in writing of any Service Outage no later than fifteen (15) days after the date the Service Outage occurred (“SLA Claim”) to be entitled to a Credit for that Service Outage.

3.2.3     Any Credits earned by Customer hereunder will be applied to the Subscription Fees owed by Customer for the next Subscription Term for which the Credit applies. If Credits cannot be applied to future Subscription Fees because the Subscription Term has terminated for non-renewal or for a material uncured breach by Customer, such credits shall become null and void. If Credits cannot be applied to future Subscription Fees because the Subscription Term has terminated due to a material uncured breach by FireEye, FireEye will promptly pay Customer the amount of the Credit.

3.2.4     Customer shall not be entitled to receive a Credit that exceeds 10% of its prorated monthly Subscription Fee for a Service Outage for the applicable calendar month.

4.         FireEye iSIGHT® Intelligence Portal (FIIP).  During the Subscription Term, FireEye will provide access to a FireEye iSIGHT Intelligence Portal (FIIP), subject to the following:

  1. Permitted Use; Reports. Customer may view and use FIIP and content appearing on FIIP (“FIIP Content”) solely for internal use. Customer understands and acknowledges that the FIIP Content available through the TAP Subscription is more limited than that available to customers who purchase a full iSIGHT Subscription. Some features of FIIP may allow Customer to generate a report (each, a “FIIP Report”). FIIP Reports and FIIP Content are FireEye Materials. Subject to Customer’s payment obligations, FireEye grants to Customer a limited, non-exclusive right to produce FIIP Reports and FIIP Content using FIIP, and reproduce and distribute those FIIP Reports and FIIP Content internally for Customer’s own business purposes.
  2. Additional Use Limitations. Customer may appoint up to fifteen (15) users of FIIP at any time. Each day, all users on Customer’s account may collectively make up to (A) one hundred (100) queries of IP addresses and domain names, and (ii) one hundred (100) queries of malware. Customer may request additional queries, to be evaluated by FireEye on a case by case basis.
  3. User Content. “User Content” means any communications, images, sounds, and all the material and information that Customer or anyone using Customer’s account contributes to or through FIIP (e.g., comments to FIIP Content, suspected malware that Customer uploads to FIIP). Customer hereby grants FireEye a perpetual, irrevocable, worldwide, paid-up, non-exclusive, license, including the right to sublicense to third parties, and right to reproduce, fix, adapt, modify, translate, reformat, create derivative works from, publish, distribute, sell, license, transmit, publicly display, publicly perform, or provide access to electronically, broadcast, display, perform, and use and practice such User Content as well as all modified and derivative works thereof. Customer represents that Customer has all necessary rights to grant the license referenced in the preceding sentence. FireEye may use and disclose any of the information it collects about its customers’ use of FIIP, including the CTI platform, to the extent such information is de-identified.
  4. Restrictions. Customer may not access FIIP by any means other than through the interface that is provided or approved by FireEye. Customer will not collect any information from or through FIIP using any automated means, including without limitation any script, spider, “screen scraping,” or “database scraping” application, and Customer will not damage, disable, overburden, or impair FIIP or interfere with any other party’s use and enjoyment of FIIP.
  5. Customer acknowledges that some optional features and content appearing on FIIP may require payment of additional fees.

 

Back To Top

 

 

 


EXHIBIT B-4
SUBSCRIPTION TERMS FOR FIREEYE EMAIL THREAT PREVENTION (ETP)  

In addition to the General Terms Applicable to all Offerings, the following terms govern the Email Threat Prevention Subscription.

1.         Definitions.

“ETP Subscription" means the scanning, filtering, and delivery of email by the FireEye Email Threat Prevention Subscription.

“Customer Data” means data and information originated by Customer that Customer submits to the ETP Subscription.

“Customer Representatives” means any employee of Customer to whom Customer provides access to the ETP Subscriptions (or any component thereof) for use on behalf of and for the benefit of the Customer and for Customer’s internal business purposes, subject to all the terms and conditions of this Agreement.

“Licensed Inboxes” means the number of email inboxes Customer may have at any time that are registered to the ETP Subscription; which maximum number shall be based on the Subscription fees paid by Customer and identified on the relevant purchase order from Customer as approved and invoiced by FireEye. 

2.        Right of Access and Use.   During the Subscription Term, and subject to the terms of this Agreement, FireEye grants to Customer a non-exclusive right to permit those Customer Representatives authorized by Customer to access and use the ETP Subscription on Customer's behalf in compliance with the terms of this Agreement and the Documentation for the ETP Subscription.  Notwithstanding anything else herein, the number of email inboxes Customer may register to the ETP Subscription may not exceed the number of Licensed Inboxes.

3.        Restrictions.  Except as otherwise expressly permitted under this Agreement, Customer agrees that it shall not, nor shall it permit any third party to, (a) use the ETP Subscription (or any portion thereof) in excess of or beyond the Subscription Term, the Licensed Inbox quantity, and/or other restrictions/limitations described in this Agreement; use the ETP Subscription to store or transmit infringing, libelous, or otherwise unlawful or tortious material, or to store or transmit material in violation of third-party privacy or other rights; or (d) interfere with or disrupt the integrity or performance of the ETP Subscription or third-party data contained therein. Unless Customer has purchased the AV/AS version of the ETP Subscription, Customer shall route email through a commercially available secure email gateway for anti-spam scanning prior to relay through the FireEye network.  FireEye may, in its discretion, limit the volume of email traffic flowing through the ETP Subscription to help avoid Service Outages (as defined below). No rights or licenses are granted other than as expressly and unambiguously set forth herein.

4.        Support Services.  Subject to Customer’s payment in full of all associated fees for FireEye Support Services, FireEye shall provide Support Services for the ETP Subscription as set forth in Exhibit C, as may be updated by FireEye in its discretion.

5.        Inbox Count Increases; Reporting; Invoice.  If the number of inboxes that Customer have registered to the ETP Subscription (“Actual Inbox Count”) exceeds Customer’s then current Licensed Inbox count or if Customer wishes to increase the Licensed Inbox count, then Customer shall notify FireEye (or the applicable FireEye Partner) and submit an Order for the incremental Subscription Fees due, and upon receipt of such Order, the Licensed Inbox count shall be amended to reflect this change.  Upon written request, Customer will provide FireEye a report identifying (i) the Actual Inbox Count; and (ii) any other information reasonably requested by FireEye at the time as it relates to the use of the ETP Subscription to determine compliance with the terms of this Agreement.  FireEye and/or its Authorized Resellers may invoice Customer if it learns of any shortfalls, i.e. that the Licensed Inbox Count is below the Actual Inbox Count.  The fees charged to Customer for increases in License Inbox counts will be based on the then-current Subscription Term pricing.

6.         ETP Subscription Availability

6.1       FireEye shall undertake commercially reasonable efforts to ensure the ETP Subscription is available (i.e., not experiencing a Service Outage) for 99.9% of the time during each calendar month.

6.1.1    “Service Outage” is a period of time, other than Excused Outage Time, where the ETP Subscription is not processing and delivering email due to a failure or a disruption in the ETP Subscriptions.

6.1.2    “Excused Outage Time” means a Service Outage that occurs (a) during a Scheduled Maintenance Period; (b) during Emergency Maintenance; (c) during a force majeure event; or (d) due to the act or omission of Customer.

6.1.3    “Scheduled Maintenance Period" is the period of up to six (6) hours, occurring between the hours of 6 p.m. Pacific time on Friday and midnight Pacific time on Sunday, during which scheduled maintenance of the ETP Subscriptions may be performed. FireEye shall use commercially reasonable efforts to provide no less than 2 weeks’ notice of a Scheduled Maintenance Period to Customer.

6.1.4    "Emergency Maintenance" means any time outside of a Scheduled Maintenance Period that FireEye requires to apply critical patches or fixes or undertake other urgent maintenance. If Emergency Maintenance is required, FireEye will provide notice to Customer in advance, to the extent possible under the circumstances, or if advance notice is not possible, contemporaneously or as soon thereafter as possible, and provide the expected time frame of the Emergency Maintenance and availability of the ETP Subscription during the Emergency Maintenance.

6.1.4    "System Availability" means the total number of minutes in any calendar month minus the number of minutes of Service Outages that occur during that calendar month.

6.2.      Remedy

6.2.1    If the ETP Subscription does not meet the monthly service availability defined in 6.1, FireEye will provide a credit to the Customer in accordance to the table below (“Credit”) for a validated SLA Claim (defined below). The percent of System Availability per calendar month (in the table below) is equal to the result, expressed as a percentage, of the number of minutes of System Availability in a calendar month divided by the total number of minutes in the calendar month.

Percent of System Availability per Calendar Month

Service Credit

<99.9%

25%

<99.0%

50%

<98.0%

100%

6.2.2    For determining the Credit, the duration of a Service Outage will be measured as the time starting when the ETP Subscription stops functioning and ending when a successful solution or workaround allowing for the restoration of the ETP Subscription is provided by FireEye.  Customer must notify FireEye in writing of any Service Outage no later than fifteen (15) days after the date the Service Outage occurred (“SLA Claim”) to be entitled to a Credit for that Service Outage.

6.2.3    Any Credits earned by Customer hereunder will be applied to the Subscription Fees owed by Customer for the next Subscription Term for which the Credit applies. If Credits cannot be applied to future Subscription Fees because the Subscription Term has terminated for non-renewal or for a material uncured breach by Customer, such credits shall become null and void. If Credits cannot be applied to future Subscription Fees because the Subscription Term has terminated due to a material uncured breach by FireEye, FireEye will promptly pay Customer the amount of the Credit.

6.2.4    Customer shall not be entitled to receive a Credit that exceeds 100% of its prorated monthly Subscription Fee for a Service Outage for the applicable calendar month.

 

Back To Top


EXHIBIT B-5
SUBSCRIPTION TERMS FOR FIREEYE HELIX

In addition to the General Terms Applicable to all Offerings, the following terms govern the FireEye Helix Subscription.

1.  Helix Subscription. FireEye Helix is a Subscription that allows centralized, cloud-based portal access to functionality provided by several FireEye Products and Subscriptions. As part of the Helix Subscription, Customer will be provided access to the FireEye Helix portal (“Helix Portal”), where Customer can view alerts and other information. The Helix Subscription provides network monitoring via the FireEye the Cloud MVX Product, endpoint monitoring via the FireEye Cloud HX Product, monitoring of both FireEye and third-party products via the Threat Analytics Platform Subscription, and aggregation of alerts via the FireEye Cloud CMS Product. Customer may also view alerts from some other FireEye Products that Customer has separately purchased via the FireEye Helix Subscription, but not all FireEye Products and Subscriptions will be accessible through the Helix portal.

FireEye will provide the Customer with credentials allowing access to the Helix Portal on or about the effective date of the Order for the Helix Subscription. The Helix Subscription will provide: (a) if purchased, aggregate network traffic throughput through the Cloud MVX Product in the number of Mbps covered by the tier of Helix Subscription purchased; (b) if purchased, endpoint security via a cloud-hosted virtual instance of the FireEye HX endpoint Product, up to the number of Nodes that correspond with the tier of Helix Subscription purchased (“Nodes” means endpoint computing devices owned or controlled by Customer, such as laptops, workstations, and servers, on which Customer installs the FireEye HX endpoint agent software); (c) if purchased, analysis of Customer Logs (as defined below) via the FireEye Threat Analytics Platform (TAP), up to the number of events per second (EPS) that correspond with the tier of Helix Subscription purchased.  In some cases an Order for the FireEye Helix Subscription may note that the Subscription does not include one or more of the above features (such as when the Customer has already separately purchased one of these features).

2.   Helix Software, Alerts

2.1       As part of the Helix Subscription, FireEye may deliver to Customer one or more software files, including an endpoint “Agent” software, “Virtual NX” (Sensor) software and “Cloud Collector” software (individually and collectively, “Helix Software”). Subject to full payment of all fees associated with the Helix Subscription, FireEye grants to Customer a non-exclusive, limited right and license to install and run the Helix Software during the Helix Subscription Term solely for purposes of using and accessing the Helix Subscription in accordance with its Documentation. Customer may install the virtual NX sensor software, endpoint Agent Helix Software on the number of Nodes corresponding with the tier of Helix Subscription purchased.

2.2       Access; Customer Logs.  Using the Helix Software, and subject to payment of fees for the Helix Subscription, Customer may upload Customer Logs to the Helix Subscription. “Customer Logs” means any communications, logs and other content and information that Customer or anyone using Customer’s account contributes to or through the Helix Subscription using the Cloud Collector Helix Software. Customer grants to FireEye a perpetual, irrevocable, worldwide, paid-up, non-exclusive license and right to reproduce, modify, create derivative works from, publish, distribute, sell, sub-license, transmit, publicly display and provide access to Customer Logs, for purposes of enhancing FireEye’s products and services, so long as (i) FireEye ensures that any Customer Confidential Information is removed from Customer Logs, and (ii) FireEye’s use of Customer Logs does not in any way identify Customer or its employees or in any other way allow a third party to identify Customer as the source of the Customer Logs.  Customer Logs are Customer’s property, and other than the licenses granted in herein, FireEye does not obtain any ownership rights in Customer Logs.  As part of the Helix Subscription, FireEye will retain Customer Logs for a period of thirteen (13) months from the earlier of the date the Customer Log was received and the end of the Helix Subscription Term.

2.3       Alerts. The Helix Subscription will aggregate and display alerts from the various sources included within the Helix Subscription, and other FireEye products as applicable (each, a “Helix Alert”). Helix Alerts are FireEye Materials.  FireEye grants to Customer a limited, non-exclusive right to use Helix Alerts, and reproduce and distribute those Helix Alerts internally for Customer’s own business purposes.

3.  Event Volume; True-Up

3.1       Fees for the Helix Subscription are divided into “tiers” based on three metrics: (i) the volume of events processed per second (EPS or “Event Volume”); (ii) aggregate network throughput (“Network Throughput”); and (iii) number of Helix Software Agents installed (“Node Count”) (collectively “Tier Metrics”).  If at any point during the Subscription Term, Customer’s average Event Volume, Network Throughput, or Node Count, for any consecutive thirty-day period, exceeds the Tier upon which Customer’s Helix Subscription Fees were based, FireEye may issue a true-up invoice for the pro-rated difference between the fees already paid for that Subscription Term and FireEye’s list prices for the fees for the Tier associated with Customer’s actual Tier Metrics for that thirty-day period, pro-rated to reflect that thirty-day period and the remainder of the Subscription Term.  FireEye will apply any discounts that were applied to initial fees to FireEye’s list prices for any true-up invoice.  If at any point during the Subscription Term, Customer’s Event Volume exceeds the Tier upon which Customer’s Helix Subscription fees were based, FireEye will not guarantee that Customer Logs in excess of the purchased Tier will be ingested and processed by the Helix Subscription. In times of Event Volume in excess of the paid Tier, Customer Logs will enter a queue.  Excessive queueing may cause Customer Logs to be lost from the queue. Until such time that the true up invoice is paid in full, the Helix Subscription will continue to ingest and process only the Event Volume, Network Throughput, and Node Count of the purchased Tier. The Tier for any renewal Subscription Term will be the Tier associated with the actual Event Volume, Node Count and Network Throughput for the immediately preceding year of the Subscription Term.

3.2       At the end of the each Subscription Term, FireEye may true-up fees for that Subscription Term, and if the average monthly Event Volume, Node Count or Network Throughput for that Subscription Term exceeds the maximum Tier Metrics for the Tier for which Customer previously paid fees, then FireEye will issue a true-up invoice reflecting the difference between the fees already paid for that Subscription Term and the fees for the Tier associated with Customer’s  actual Tier Metrics.

4.         Helix Support.  Subject to Customer’s payment in full of all associated fees for FireEye Support Services, FireEye shall provide Support Services for the FireEye Helix Subscription as set forth in Exhibit C, as may be updated by FireEye in its discretion.

5.         Customer Responsibilities. Customer will be responsible for (a) providing accurate information to FireEye for provisioning access to (and removal of) Customer personnel access to the Helix Portal; (b) implementing and adhering to strong password standards; (c) providing accurate information to FireEye for domain whitelisting; (d) reporting any security issues related to the Subscription (including the Helix Portal) to FireEye immediately; and (e) backing up, storing securely off the Helix cloud, applying Updates to the Cloud Collector, NX, Cloud CMS, Cloud HX/HXD and HX Agent Product components of the Helix Subscription.

6.         Helix Portal Availability

6.1       FireEye shall undertake commercially reasonable efforts to ensure the Helix Portal availability for 99.9% of the time during each calendar month.

6.1.1    “Service Outage” is where the Helix Portal is not available due to a failure or a disruption in Helix Portal that is not the result of Scheduled Maintenance, Emergency Maintenance, a force majeure event or of the act or omission of Customer.

6.1.2    “Scheduled Maintenance Period" is the period during which weekly scheduled maintenance of the Helix Portal may be performed, or a maintenance window otherwise mutually agreed upon by FireEye and Customer.

6.1.3    "Emergency Maintenance" means any time outside of Scheduled Maintenance that FireEye requires to apply critical patches or fixes or undertake other urgent maintenance. If Emergency Maintenance is required, FireEye will notify Customer, to the extent possible under the circumstances, and provide the expected time frame of the Emergency Maintenance and availability of the Helix Portal during the Emergency Maintenance.

6.1.4    "System Availability" means the number of minutes in any calendar month minus the aggregate number of minutes of all Service Outages that occur during that calendar month.

6.2.      Remedy

6.2.1    In the event that the Helix Portal does not meet the monthly service availability defined in 6.1, FireEye will provide a credit to the Customer in accordance to the table below (“Credit”) for a validated SLA Claim (defined below). The Percent of Helix Portal availability per calendar month (in the table below) is equal to the result, expressed as a percentage, of the number of minutes of System Availability in a calendar month divided by the total number of minutes in the calendar month.

Percent of Helix Portal Availability per Calendar Month

Service Credit

<99.9%

2%

<99.0%

5%

<98.0%

10%

6.2.2    For determining the Credit, the duration of a Service Outage will be measured as the time starting when Customer experiences unavailability of the Helix Portal and ending when a successful solution or workaround allowing for full restoration of the Helix Portal is provided by FireEye to Customer.  Customer must notify FireEye in writing of any Service Outage no later than fifteen (15) calendar? days after the date the Service Outage occurred (“SLA Claim”) to be entitled to a Credit for that Service Outage.

6.2.3    Any Credits earned by Customer hereunder will be applied to the Subscription Fees owed by Customer for the next Subscription Term for which the Credit applies. If Credits cannot be applied to future Subscription Fees because the Subscription Term has terminated for non-renewal or for a material uncured breach by Customer, such credits shall become null and void. If Credits cannot be applied to future Subscription Fees because the Subscription Term has terminated due to a material uncured breach by FireEye, FireEye will promptly pay Customer the amount of the Credit.

6.2.4    Customer shall not be entitled to receive a Credit that exceeds 10% of its prorated monthly Subscription Fee for a Service Outage for the applicable calendar month.

 

Back To Top


EXHIBIT B-6
SUBSCRIPTION TERMS FOR FIREEYE ISIGHT INTELLIGENCE

In addition to the General Terms Applicable to all Offerings, the following terms govern the FireEye iSIGHT Intelligence Subscription (“iSIGHT” or “iSIGHT Subscription”). FireEye will provide the iSIGHT Subscription purchased by the Customer, as shown on the Order.

1.        Definitions

1.1       “Access Method(s)” or “Access Methods” means the MySIGHT Portal (“MySIGHT”), Software Development Kit (“SDK”), Application Programming Interface (“API”), Browser Plugin, iSIGHT App for Splunk, or any other method provided by FireEye for Customer to access the iSIGHT Subscription, individually or collectively.  All Access Methods are FireEye Material as defined in the Agreement.

1.2       “Analyst Access” means a request made by Customer to FireEye for additional research or information about a specific piece of Content, such as an Indicator.

1.3       “Application” is a software program the Customer creates, or causes to have created on its behalf, that is designed to access the Content, which includes the features of the SDK/API but adds significant functionality beyond that provided by the SDK/API.

1.4       “Application Programming Interface” or “API” means the latest version of the iSIGHT Application Programming Interface software made generally available by iSIGHT, with its developer’s guide and other related material.

1.5       “Browser Plugin” means the iSIGHT Browser Plugin which a Customer may install on Google Chrome and/or other commercially available and supported browsers that allows the Customer to access and view the Content when licensed to do so.  The Browser Plugin includes the latest version of the Browser Plugin software, its documentation and any html embedded code.

1.6       “Content” means the cyber threat intelligence data and any reports, Indicators of Compromise, trends, events, information, documentation or functionality provided in connection with the relevant Tier of iSIGHT Subscription.  All Content is FireEye Material as defined in the Agreement.

1.7       “End User” means the Customer or the Customer’s employees, as applicable.

1.8       “Executive Subscription” means a level of iSIGHT Subscription, purchased in addition to the purchased Tier of iSIGHT Subscription, as reflected in the applicable Order, which provides specific Content about attacker motivations and strategies, industry trends and other information of relevance to executive members of the Customer’s security team.

1.9       “Fusion Subscription” means a Tier of iSIGHT Subscription that consists of access to Content published by FireEye through the iSIGHT Subscription through MySIGHT and other Access Methods, along with access to Indicators through an API, and access to additional Content related to threat actor motivations and strategies.

1.10     “iSIGHT App for Splunk” means the application provided by FireEye, which a Customer may install on Splunk, that allows the Customer to access and view the Content in accordance with this Agreement. The iSIGHT App for Splunk includes the latest version of the iSIGHT App for Splunk software, its documentation and any html embedded code.

1.11     “iSIGHT Subscription” means the Tier of Subscription purchased by Customer as described on the applicable Order, including all Content available through that Tier of Subscription and Access Methods.

1.12     “iSIGHT Support Level” means the level of Support Services purchased by Customer in relation to the Tier of iSIGHT Subscription, as described in Section 3 below.

1.13     “Operational Subscription” means a Tier of iSIGHT Subscription that consists of access to intelligence Content published by FireEye through the iSIGHT Subscription through MySIGHT and other Access Methods, along with access to Indicators through an API.

1.14     “Software Development Kit” or “SDK” shall mean the latest publicly-available version of the iSIGHT Software Development Kit and any associated documentation, tools, libraries, technical notes, software code, or other materials.

1.15     “Tactical Subscription” means a Tier of iSIGHT Subscription that consists of access to Indicators published by FireEye through the iSIGHT Subscription through an API. Tactical Subscription Tier customers may not access Content through MySIGHT, the Browser Plug-in, or any Access Method other than the API.

1.16     “ThreatScapes Subscription” means a Tier of iSIGHT Subscription that consists of access to intelligence Content based on the type of cyber activity monitored (Cyber Espionage, Cyber Crime, Hacktivism, Enterprise, Critical Infrastructure, Vulnerability & Exploitation).

1.17     “Tier” means the tier of iSIGHT Subscription purchased by Customer, as reflected on the applicable Order, which would be either Tactical, Operational, Fusion, or ThreatScapes.

1.18     “Vulnerability Subscription” means a level of iSIGHT Subscription, purchased in addition to the purchased Tier of iSIGHT Subscription, as reflected in the applicable Order, which provides specific Content related to vulnerabilities discovered in various products and services offered by third parties.

2.         License; Access to iSIGHT Subscription and Content. 

2.1.      Grant of Limited License.  During the Subscription Term, FireEye grants to Customer in accordance with the terms of this Agreement and the Tier of iSIGHT Subscription purchased, a limited, worldwide, revocable, non-exclusive, non-transferable, non-assignable, non-sublicensable royalty-free right and license to:

(a)       use MySIGHT, the iSIGHT Subscription, and any Content provided by FireEye through the purchased Tier of iSIGHT Subscription for internal use only. The iSIGHT Subscription can be used by End Users who have a valid "need to know" within Customer’s organization, typically defined as a person or group that has a direct role in securing information system or networks. FireEye agrees to provide support for the iSIGHT Subscription in accordance with the iSIGHT Support Level purchased by Customer, as described in Section 3 below.

(b)       use the API to search, display, and otherwise access the Content.  The API can be used to develop, display, or integrate applications, scripts, tools or workflows that interoperate with iSIGHT Subscriptions for the Customer’s internal use.  FireEye agrees to provide Support for the latest version of the API in accordance with Section 3 below. 

(c)       if applicable to the purchased Tier of iSIGHT Subscription, download, install and use the Software Development Kit (“SDK”) to design, develop and test an Application(s), for the Customer’s internal use only, for the purpose of customizing access to the Content.  The Customer may modify the source code versions of sample files, if any, included with the SDK for the purpose of creating Customer’s Application(s), and may make a reasonable number of copies of the SDK as necessary to develop Customer’s Application(s), provided that Customer must reproduce complete copies of the SDK, including without limitation all "read me" files, copyright notices, and other legal notices and terms.  FireEye agrees to provide Support for the iSIGHT SDK in accordance with Section 3 below. 

(d)       if applicable to the purchased Tier of iSIGHT Subscription, use the Browser Plugin to search, display and otherwise access the Content for the Customer’s internal use only.  Customer may install and use one copy of the Browser Plugin on a single computer per license.  FireEye agrees to provide Support for the latest version of the Browser Plugin in accordance with Section 3 below

(e)       if applicable to the purchased Tier of iSIGHT Subscription, use the iSIGHT App for Splunk to search, display and otherwise access the Content for the Customer’s internal use only.  Customer may install and use one copy of the iSIGHT App for Splunk on a single computer per license.  FireEye agrees to provide Support for the latest version of the iSIGHT App for Splunk in accordance with Section 3 below.

2.2.      Access Keys.  Use of the Access Methods and access to the iSIGHT Subscription  and the Content by Customer’s End Users is provided through access keys or login credentials. Access keys in association with the Access Methods and purchased Tier of iSIGHT Subscription  shall be kept in confidence by Customer and Customer’s End Users. Access keys will be issued to individual End Users by FireEye in accordance with each particular Access Method’s parameters and that End User’s Tier and will not be shared between End Users. Customer may not establish group accounts. Any unauthorized disclosure or dissemination of access keys by Customer or End Users shall be deemed a material breach of this Agreement. Customer shall inform FireEye of any data breach concerning login credentials in a timely manner.  FireEye reserves the right to change, suspend, remove, or disable Customer’s access keys to the Access Methods, iSIGHT Subscription, and Content upon notice if a material breach is suspected and not rectified upon notification. FireEye may limit the number of queries that can be made in a day through the any Access Method.

2.3.      Latest Version.  The license granted to Customer under this Agreement is for the current version of the Access Methods.   FireEye may release future versions of the Access Methods as determined in the sole discretion of FireEye.  Nothing in this Agreement is a commitment to Customer of compatibility between the existing Access Methods and any future versions of the Access Methods.  FireEye reserves the right to discontinue offering particular Access Methods (or any updates thereto) or to modify the Access Methods at any time in its sole discretion.

2.4.      Multiple Copies.  Customer may receive software for an Access Method in more than one medium and/or in multiple copies.  The Customer’s license rights are in accordance with the Order regardless of the number of copies received.

2.5.      Additional Licenses.  If applicable to the purchased Tier of iSIGHT Subscription, Customer may purchase additional licenses for the Browser Plugin for its authorized End Users through the Chrome Web Store.  Customer may purchase additional licenses for the iSIGHT App for Splunk for its authorized End Users through Splunk. Additional licenses for the Browser Plugin and iSIGHT App for Splunk may be purchased and will be valid for the current Subscription Term as provided in the Order.

2.6.      Customer Application.  If applicable to the purchased Tier of iSIGHT Subscription, Customer may allow Customer’s employees to access and use the SDK/API on Customer’s behalf to design an Application.  The Customer may not rent, lease, sell, transfer, sublicense or time-share the Customer’s Application to any third-party without the express consent of FireEye. Customer shall retain all right, title or interest in the Application and as such, Customer agrees to indemnify and hold harmless FireEye for any claims of infringement made against FireEye in connection with any Application.  The Customer’s Application(s) must perform in accordance with the terms of this Agreement and must ensure the security and confidentiality of FireEye’s Confidential Information.  Customer assumes full responsibility for any breach of security caused by Customer’s Application(s) in connection with the Content, API, SDK, and specifically to any unauthorized disclosure of any FireEye Materials or FireEye Confidential Information.

2.7.      Content Modifications.  Customer may access the Content from the MySIGHT Portal, via email, SMS, HTML, API, any other Access Methods as officially distributed by FireEye or an FireEye sanctioned third-party integration. FireEye reserves the right to modify, amend, augment, reduce or alter the Content’s format, or Access Methods, or mode of retrieval of the Content, that in the sole judgment of FireEye is in its customers’ best interests. FireEye will determine what Content is appropriate for distribution to End Users in a particular Tier in its sole discretion. Customer will be entitled to retrieve the Content with any updates, modifications, additions or changes in the Content. These changes may require Customer to upgrade its systems, hardware or software and FireEye will not be responsible for the costs of any such changes.

2.8.      Prohibited Usage.  Customer must comply with any Intellectual Property rights in any materials contained in the Content.  The following conduct and usage restrictions apply during Customer’s download, installation, and use of the Content and/or Access Methods, and survive termination of the Agreement or Subscription Term.   Customer and its authorized End Users may not:

  1. rent, lease, lend, sell, redistribute or sublicense any part of the iSIGHT Subscription  or Access Methods to any other party;
  2. share the iSIGHT Subscription , Access Methods, Content or Confidential Information with any third-parties, except as expressly authorized in advance by this Agreement or by FireEye in writing;
  3. use the iSIGHT Subscription  or Access Methods in the operation of a service or in any way to provide services to any third-party;
  4. create derivative works for external distribution or use based upon the Content;
  5. create apps, extensions, or other products and services that use Content except as set forth herein;
  6. display, post, frame, or scrape the Content, except as allowed under this Agreement;
  7. use the Access Methods for any other purpose than to access the iSIGHT Subscription and the Content;
  8. use the Access Methods for any illegal or unauthorized purpose to promote or provide instructional information about illegal activities or to promote stalking, physical harm or injury against any group or individual, or any use that violates the rights of privacy and publicity of others;
  9. create, place, or disseminate any materials or other items that are inappropriate, defamatory, obscene, pornographic, harassing, threatening, abusive, hateful or otherwise offensive, or is unlawful (including any content that infringes any patent, trademark, service mark, copyright, trade secret or other proprietary right of any third-party without appropriate permissions);
  10. transmit any viruses, worms, defects, Trojan horses, time-bombs, malware, spyware, or any other computer code of a destructive or interruptive nature in connection with use of the Access Methods;
  11. use the Access Methods in connection with or to promote any products, services, or materials that constitute, promote or are used primarily for the purpose of dealing in spyware, adware, or other malicious programs or code, counterfeit goods, unsolicited mass distribution of email ("spam"), hacking, surveillance, interception, descrambling equipment, stolen products and items used for theft;
  12. create any Application that exposes or provides functionality of the Access Methods to any third party;
  13. interfere, restrict or inhibit any other customer from using the Access Methods or Content or disrupt any services offered by FireEye through any medium;
  14. attempt to exceed or exceed the usage limits established by FireEye for the Customer (https://docs.fireeye.com/iSight/index.html#/rate_limiting).

2.9.      Restrictions.  FireEye expressly reserves the right to limit the number and/or frequency of requests for Content made through the Access Methods in its sole discretion in line with technical design and performance standards as documented in the then-current publicly available developers guide.  FireEye may limit the number of network calls that any Application may make via the Access Methods, the maximum file size, or the maximum amount of iSIGHT material that may be accessed. FireEye may change such usage limitations at any time and without notice. In addition to any other rights under this Agreement, FireEye may utilize technical measures to prevent over-usage or to stop usage of any Access Methods or any Application after any usage limitations are exceeded.  The most current API/SDK documentation and developers guide can be found at https://docs.fireeye.com/iSight/index.html#/, and these documents detail the current rates and capabilities of the API.

2.10.    Customer recognizes and agrees that certain information and data that will be provided by Customer to FireEye pursuant to the iSIGHT Subscription is not owned by Customer and is not Confidential Information of Customer.  Malware submitted by Customer to FireEye for analysis, and other information submitted by Customer to FireEye that is not unique to and/or developed by Customer (collectively “Submissions”) shall not be considered Confidential Information or Intellectual Property of the Customer.  FireEye may use the Submissions, aggregate the Submissions with submissions from other FireEye customers as well as original research and analysis, and share that aggregated intelligence with Customer and with other FireEye customers to enhance the services FireEye provides to its customers.  FireEye will anonymize all Submissions prior to distribution, and will not identify the source of any Submission without written permission in each case.

3.        iSIGHT Support Levels.

Subject to Customer’s payment in full of all associated fees for FireEye Support Services, FireEye shall provide Support Services for the FireEye iSIGHT Subscription as set forth in Exhibit C, as may be updated by FireEye in its discretion. In addition to the technical support provided as part of Support Services, FireEye will provide the following content and intelligence-related support to the Customer (“Content Support”), according to the tier of such Content Support purchased: 

3.1.      Level One Content Support – Self-Help

Customers purchasing Level One iSIGHT Content Support will have access to:

  1. Content Support information through a support portal, Documentation provided by FireEye, and publications about the iSIGHT Subscription published by FireEye
  2. Customer onboarding support.
  3. One (1) Analyst Access request per calendar quarter.

3.2       Level Two Content Support – Intel Coordination

Customers purchasing Level Two iSIGHT Content Support will, in addition to receiving the support items available for purchasers of Level One iSIGHT Content Support, have access to a service desk through which FireEye assists its customers with content and intelligence related issues.  Customer may initiate a request for Content Support as follows:

Description

Details

FireEye Service Desk (Primary, escalation and off-hours contact)

servicedesk@isightpartners.com

Service Desk Hours

24 x 7

Service Call Response Time (“Response Time Standard”)

4 hours for initial response (confirmation of receipt is immediate through an automated ticketing system)

iSIGHT API

General information regarding iSIGHT API which can be accessed at https://docs.fireeye.com/iSight/index.html#/

Other resources (all other Subscription Support issues)

Existing Clients – Contact your assigned Intelligent Account Manager at: client-engagement@isightpartners.com

Prospective Clients – Contact your assigned Sales Engineer at: sales-engineering@isightpartners.com

Partners, Resellers, Referrals – Contact partners program representative at: partners@isightpartners.com

Customers purchasing Level Two iSIGHT Content Support will also receive:

  1. Up to two (2) hours of dedicated support for API technical integration. Any additional hours spent for API technical integration will be invoiced as Professional Services at FireEye’s then-current hourly rates.
  2. One (1) threat brief specific to Customer’s industry.
  3. An additional nine (9) Analyst Access requests (total of ten (10) requests) per calendar quarter, which Analyst Access requests will be given priority over requests from customers at a lower iSIGHT Content Support Level.
  4. A designated iSIGHT Account Manager (IAM), who will serve as a point of contact for Customer to FireEye related to the iSIGHT Subscription.

3.3       Level Three Content Support – Intel Optimization

Customers purchasing Level Three iSIGHT Content Support will, in addition to receiving the support items available for purchasers of the Levels One and Two iSIGHT Content Support Levels, receive the following:

  1. Up to two (2) additional hours (four (4) hours total) of dedicated support for API technical integration. Any additional hours spent for API technical integration will be invoiced as Professional Services at FireEye’s then-current hourly rates.
  2. One (1) threat brief specific to Customer.
  3. An additional fifteen (15) Analyst Access requests per calendar quarter (total of twenty-five (25) requests), which Analyst Access requests will be given priority over requests from customers at a lower iSIGHT Content Support Level.
  4. Access to workshops and other live support offerings provided by FireEye related to the iSIGHT Subscription.
  5.  When available, Content selected based on the specific threat concerns discussed with the Customer during onboarding.
  6. A designated Intel Account Analyst to respond to questions about specific Content.

3.4       Subscription Availability

(a)       The FireEye iSIGHT API will have at least 99% system uptime (“API Uptime Standard”).

(b)       The iSIGHT MySIGHT Portal will have at least a 99% system uptime (“Portal Uptime Standard”).

(c)       FireEye realizes that a failure to meet the Response Time Standard, API Uptime Standard and the Portal Uptime Standard (collectively, the “Service Level Standards”) could have an adverse impact to Customer. If FireEye fails to meet any of the Service Level Standards (“Service Level Failure”), FireEye will: (i) promptly investigate and report on the root cause of the problem; (ii) advise Customer of the remedial efforts being undertaken with respect to this failure to meet the Service Level Standards; (iii) use commercially reasonable efforts to correct the problem and begin meeting the Service Level Standards; and (iv) take appropriate preventative measures designed to ensure that the problem does not recur.

Back To Top


Exhibit C
FIREEYE SUPPORT SERVICES APPLICABLE FOR CERTAIN FIREEYE OFFERINGS

In addition to the General Terms Applicable to all Offerings, the following terms will govern the Support Services provided with respect to FireEye Products listed in Exhibit A, ETP Subscriptions, FireEye Helix Subscriptions, iSIGHT Subscriptions and TAP Subscriptions (“Supported Offerings”).

1.        Support Purchased Separately from the SUPPORTED OFFERINGS.  In the event Customer has purchased the Supported Offerings and pass-through Support Services from FireEye through a FireEye authorized reseller (a "Reseller"), Customer will be entitled to all the rights herein set forth related to the level of Support Service requested and paid for by it, provided Customer: (a) is the original purchaser of the Supported Offerings, (b) has provided true, accurate, current and complete information to FireEye included with its purchase; and (c) has maintained and updated this information to keep it true, accurate, current, and complete.

2.        SUPPORT SERVICES PROVIDED BY FIREEYE.

FireEye offers a range of programs for the support of its Supported Offerings as described below (“Support Programs”).  Customer shall be entitled to receive the Support Services specified on the applicable support invoice and described below to the extent that Customer has paid in full the applicable Fees for Support Services.

2.1      Software Maintenance Services – include each of the following:

Software Updates.  During the Support Term, FireEye shall provide Customer notification of bug fixes, maintenance patches and new releases which may contain minor enhancements to the features or functions of the Supported Offerings (“Updates”).  FireEye may designate a particular release of the Supported Offeringsas an Update at its sole discretion.  With respect to Products (which, for purposes of this Exhibit C only, includes any TAP Cloud Collector appliances), Customer may obtain Updates either through delivery of a machine-readable copy pursuant to instructions contained in the document notifying Customer of an available Update or by downloading the Update from FireEye’s server via the Internet.  FireEye reserves the right to impose additional charges for releases of Supported Offerings (i) that provide major enhancements to the features or functions of the Supported Offerings, as determined by FireEye at its sole discretion; or, (ii) that provide additional features or perform additional functions not provided or performed by the Supported Offerings.

Software Error Corrections.  During the Support Term, FireEye shall use commercially reasonable efforts to correct any reproducible programming error in the software associated with the Supported Offeringsattributable to FireEye, employing a level of effort commensurate with the severity of the error, provided, however, that FireEye shall have no obligation to correct all errors in the Supported Offerings.  Upon identification of any programming error, Customer shall notify FireEye of such error in writing and shall provide FireEye with enough information to locate and reproduce the error.  FireEye shall not be responsible for correcting any errors not attributable to FireEye.  Errors attributable to FireEye shall be those that are reproducible by FireEye on unmodified Supported Offerings. If it is found that a particular error is fixed in the most current Supported Offerings release, then FireEye shall have no obligation to fix the error in any prior Supported Offerings release and Customer will need to upgrade to the current Supported Offering release in order to obtain the fix.

2.2      Support Programs

(a)  Platinum Support includes all of the services set forth above under Software Maintenance Service (section 2.1) and additionally:

  • Email, Live Chat, Web or Telephone Support.  During the Support Term, FireEye shall provide Customer technical email, live chat, web or telephone support for the Supported Offerings twenty-four (24) hours per day, 365 days a year.  FireEye’s support technician shall only be obligated to respond to Customer’s fifteen (15) designated contacts.
  • FireEye shall use commercially reasonable efforts to respond to the request for support as detailed in the Initial Response Times table found at https://www.fireeye.com/support/programs.html regarding use or installation of the Supported Offering that is communicated to FireEye via one of the mechanisms above to the attention of FireEye’s support engineers.
  • Product Replacement. During the term of this Agreement, Customer shall have the right to return to FireEye any defective Product subject to the limited warranty. Additionally, FireEye will fulfill the following Advance Replacement provisions below.
  • Advance Replacement.  Prior to any return as to which Advance Replacement applies, Customer shall verify that said Product is defective by logging a Support request via one of the mechanisms described above and in accordance with FireEye’s RMA procedures, including providing the part number, serial number, quantity and reason for return, an explanation of all failure symptoms and other relevant information. Upon confirmation by FireEye of a defect, Customer shall obtain from FireEye an RMA number.  FireEye shall ship via a recognized express courier service a replacement Product to Customer to arrive no later than next business day after FireEye’s issuance of an RMA number, provided the RMA number was issued prior to the business day cutoff time local to the defective Product, provided the replacement does not require any custom pre-configuration, and provided no external-to-FireEye circumstances prevent the delivery.  The replacement Product may be a new or reconditioned Product (of equivalent or better quality) at FireEye’s sole discretion.  FireEye shall pay the shipping costs to ship the replacement Product to Customer, but Customer shall bear any and all risk of loss of or damage to said Product at all times after said Product is made available by FireEye to the common carrier.  The support service will transfer from the defective Product to the replacement Product. Within five (5) business days after Customer receives the replacement Product from FireEye, Customer shall package said defective Product in its original packing material or equivalent, write the RMA number on the outside of the package and return said defective Product, at FireEye’s cost provided Customer utilizes FireEye’s designated courier service and properly packages the defective Product according to FireEye’s instructions, shipped properly insured, FOB FireEye’s designated facility (except that FireEye shall pay for shipping). Customer shall enclose with the returned Product the applicable RMA form, and any other documentation or information requested by FireEye customer support.  Customer shall assume any and all risk of loss of or damage to such Product during shipping.  Title to the defective Product shall pass to FireEye upon FireEye’s receipt thereof.  When a replacement Product is provided and Customer fails to return the defective Product to FireEye within ten (10) business days after Customer receives the replacement Product from FireEye, FireEye may charge Customer, and Customer shall pay for the replacement Product at the then-current list price.
  •  

(b)  Platinum Priority Plus Support iincludes all of the services set forth above under Platinum Support [section 2.2(a)] and additionally:

  • Access to Support. Customer will be provided with direct priority access to Level 2 Advanced Support Engineering who shall respond to Customer’s unlimited number of designated contacts. A Designated Support Engineer (DSE) point of contact, who is available during Customer’s business hours (for single Customer site if Product(s) installed at multiple Customer sites), will be made available to be the focal point of contact within FireEye, to project manage Customer’s technical issues.
  • Onsite Support. Onsite visits for problem assistance at DSE’s sole discretion.
  • Reporting. FireEye will supply Customer with monthly reports detailing technical support provided during the previous month. Quarterly business reviews will also be conducted.

(c)  Government Support, if available, includes all of the services set forth above under Platinum Support [section 2.2(a)] and additionally:

  • Email, Live Chat, Web or Telephone Support.  For the specified country, access to citizens of that country for the fulfillment of Level 1, 2 and 3 technical support requests.

(d)  Government Priority Plus Support includes all of the services set forth above under Government Support [section 2.2(c)] and additionally:

  • Access to Support. Customer will be provided with direct priority access to Level 2 Advanced Engineering support who are citizens of that country and shall respond to Customer’s unlimited number of designated contacts. A Designated Support Engineer (DSE) point of contact who is a citizen of that country and available during Customer’s business hours (for single Customer site if Product(s) installed at multiple Customer sites), will be made available to be the focal point of contact within FireEye, to project manage Customer’s technical issues.
  • Onsite Support. Onsite visits for problem assistance at DSE’s sole discretion.
  • Reporting. FireEye will supply Customer with monthly reports detailing technical support provided during the previous month. Quarterly business reviews will also be scheduled.

(e)   Special Services.  FireEye agrees to use commercially reasonable efforts to respond to any requests by Customer for support services not specifically provided for above.  Customer acknowledges that all such services provided by FireEye shall be at FireEye's discretion and then-current fees and policies.

3.        CUSTOMER RESPONSIBILITIES.

3.1      Requesting Support Services. When requesting Support Services from FireEye under this Agreement, Customer should have the following information available to provide to FireEye, if requested:  (i) detailed problem description, including operating system (“OS”) version, Product model and serial number(s), of the affected Supported Offering, and a detailed description of the troubleshooting that has already been done to try to resolve the problem; (ii) detailed system log files; (iii) configuration and login details to allow FireEye access as needed to the Products via the Internet for the purpose of providing support services and permissions needed in order for FireEye to conduct such remote access; (iv) a detailed description of changes to the environment; and (v) Customer’s unique ID, Account ID, or other unique customer identifier as assigned to Customer by FireEye.  Customer acknowledges and agrees that failure to have any or all information or access available as needed by FireEye in order to provide the Support Services may result in delays in FireEye’s response, may hinder FireEye’s ability to perform the Support Services and/or may cause incorrect Support Program fulfillment. FireEye will not be responsible for any such delays and inability to perform due to causes not due to FireEye.

3.2       Customer AssistanceCustomer agrees to:  (i) ensure that their site complies with any and all applicable FireEye published system environmental specifications; (ii) follow FireEye’s procedures when requesting Support Services; (iii) provide FireEye reasonable access to all necessary personnel to answer questions or resolve problems reported by Customer regarding the Supported Offerings; (iv) promptly implement all Updates and error corrections provided by FireEye under this Agreement; (v) maintain FireEye supported versions of required third party software, if any; and (v) notify FireEye promptly of any relocation of the Products from the location to which the Products were originally shipped. Customer agrees to use reasonable efforts to resolve internally any support questions prior to requesting Support Services pursuant to this Agreement.  During the Support Term, FireEye may obtain information regarding Customer’s use of the Supported Offerings and communications with FireEye and Customer agrees that, as a condition to FireEye’s provision of Support Services, FireEye may use statistical data generated regarding Customer’s use of the Supported Offerings and communications with FireEye so long as the source or content of such communications is not being disclosed.

3.3      Contact People. Customer shall appoint the specified number of individuals (depending upon the Support Program purchased) within Customer's organization to serve as contacts between Customer and FireEye and to receive support through FireEye's telephone support center.  Customer’s contacts shall have been adequately trained on the Products and shall have sufficient technical expertise, training and experience.  All of Customer's support inquiries shall be initiated through these contacts.

4.     EXCLUSIONS.  Notwithstanding anything else contained in this Agreement to the contrary, FireEye shall have no obligation or responsibility to provide any Support Services relating to problems arising out of or related to (i) Customer's failure to implement all Updates to the Supported Offeringswhich are made available to Customer under this Agreement; (ii) the failure to provide a suitable installation environment; (iii) any alteration, modification, enhancement or addition to the Products performed by parties other than FireEye; (iv) use of the Supported Offeringsin a manner, or for a purpose, for which they were not designed; (v) accident, abuse, neglect, unauthorized repair, inadequate maintenance or misuse of the Products; or relocation of the Products (including without limitation damage caused by use of other than FireEye shipping containers), (vi) operation of the Products outside of environmental specifications; (vii) interconnection of the Supported Offerings with other products not supplied by FireEye; (viii) use of the Supported Offerings on any systems other than the specified hardware platform for such Supported Offerings; or (ix) introduction of data into any database used by the Supported Offerings by any means other than the use of the software associated with the Supported Offerings.  Notwithstanding anything else contained in this Agreement to the contrary, FireEye will support all generally available ("GA") versions of the FireEye OS, for a minimum of one (1) year from GA release date, regardless of the number of supported OS GA versions.  FireEye will also support the two (2) most current OS GA versions, regardless of the elapsed time from GA release date.  If available, and at FireEye’s sole discretion, support for any other OS versions or for other problems not covered under this Agreement may be obtained at FireEye's then-current fees and policies for such services. FireEye’s complete end of life policy can be found on the supported products web page.

5.        Lapsed Support and Upgraded Support.

5.1      Lapsed Support.  After any lapse of Support Services, the parties subsequently may elect to reinstate such Support Services for Supported Offerings for which the Support Services lapsed pursuant to the terms and conditions set forth in this Agreement; provided, however, that (i) Customer agrees to pay for the period of time that has lapsed as well as any renewal term, and (ii) with respect to Products, such Products must be in good working condition, as solely determined by FireEye or its designee.

5.2      Support Program Upgrade. At any time during the Term, Customer may upgrade to FireEye's next level of Support Services by (i) notifying FireEye of Customer's desire to upgrade; (ii) acknowledging in writing the then-current terms and conditions for the relevant Support Services; and (iii) paying FireEye the additional Support Fee owed in connection with such upgraded Support Services.

Back To Top