Page 1 of 31ncpa.us › Files › docs › Due Diligence › Cloud... · we do have larger clients that require our services both nationally and internationally. CompuNet has a deep

Page 1 of 31

RFP # 22-16 July 11th, 2016

Page 2 of 31

RFP # 22-16 July 11th, 2016

July 11th, 2016

Region 14 Education Service Center 1850 Highway 351 Abilene, Texas 79601

RE: RFP # 22-16

NCPA:

It is a pleasure to introduce CompuNet, Inc. as a Northwest based, Enterprise Grade Systems Integrator. CompuNet offers Data Center, Networking, Security, Unified Communications, Automation, Cloud, and Carrier services to commercial, healthcare, enterprise, state, local, and education clients. As a full solution provider, we are strategically partnered with best-in-class technology manufacturers to provide a solution set that provides the breadth our customers demand. Key vendors include: Cisco, VMware, EMC, VCE, Pure, NetApp, CommVault, F5 Networks, Amazon Web Service, and Microsoft Azure. Our value continues to resonate with our customer base because of our unique “Engineering-Led” business model that provides a 5 to 1 Engineer to Account Manager ratio.

CompuNet, Inc., founded in 1998, is a northwest-based Network Engineering Company with offices in Bozeman, Montana; Meridian, Lewiston and Grangeville, Idaho; Portland Oregon, Spokane, Washington and Salt Lake City, Utah, Seattle, Washington and Phoenix, Arizona. Although our physical presence is concentrated in the Northwest, we do have larger clients that require our services both nationally and internationally. CompuNet has a deep and wide data center, cloud, colocation and ISP practice, with extensive certifications and experience with, AWS, EMC, Cisco, VMware and Microsoft and partnered with local, regional, national and global, cloud, colocation, and ISP providers. We staff over 180 people with 100 of those team members being engineers. With each hire, CompuNet pursues the best talent in the market and evaluates their ability to provide superior customer service, expertise in their respective technology focus, and ensures that they match the cultural values of CompuNet.

CompuNet, Inc. has had a great deal of direct experience supporting State, Local and Education divisions and a list is provided below under organization references section (Tab 6). CompuNet's engineering team has extensive knowledge, cloud certifications in architecture, sys ops, public sector, and is an approved Public Sector and Government Cloud reseller. We are committed to perform any and all services as required by this RFP. In addition to this document, which is the transmittal letter of the bid document set, we have enclosed all requested information, which will underscore value of our solution for your specific project. We look forward to your response on our bid. Please contact the undersigned for any further clarifications on this document.

Thomas McFarlin Director of Operations O. (208) 286-3000C. (208) [email protected]

Page 3 of 31

RFP # 22-16 July 11th, 2016

Table of Contents

Tab 1 – Signature Form Tab 2 – NCPA Administration Agreement Tab 3 – Vendor Questionnaire Tab 4 – Vendor Profile Tab 5 – Products and Services / Scope Tab 6 – References Tab 7 – Pricing Tab 8 – Value Added Products and Services Tab 9 – Required Documents

Page 4 of 31

RFP # 22-16 July 11th, 2016

Tab 1 - Signature Form

The undersigned hereby proposes and agrees to furnish goods and/or services in strict compliance with the terms, specifications and conditions at the prices proposed within response unless noted in writing. The undersigned further certifies that he/she is an officer of the company and has authority to negotiate and bind the company named below and has not prepared this bid in collusion with any other Respondent and that the contents of this proposal as to prices, terms or conditions of said bid have not been communicated by the undersigned nor by any employee or agent to any person engaged in this type of business prior to the official opening of this proposal.

Prices are guaranteed: 120 days

Company name CompuNet, Inc.

Address 2264 S. Bonito Way, Suite 150

City/State/Zip Meridian, ID 84652

Telephone No. (208)286-3000

Fax No. (208)286-3002

Email address [email protected]

Printed name Thomas McFarlin

Position with company Director of Operations

Authorized signature

Date 7/15/2016

Page 5 of 31

RFP # 22-16 July 11th, 2016

Tab 2 - NCPA Administration Agreement

This Administration Agreement is made as of , by and between National Cooperative Purchasing Alliance (“NCPA”) and CompuNet, Inc. (“Vendor”).

Recitals

WHEREAS, Region 14 ESC has entered into a certain Master Agreement dated , referenced as Contract Number , by and between Region 14 ESC and Vendor, as may be amended from time to time in accordance with the terms thereof (the “Master Agreement”), for the purchase of Cloud Collaboration and Storage Services;

WHEREAS, said Master Agreement provides that any state, city, special district, local government, school district, private K-12 school, technical or vocational school, higher education institution, other government agency or nonprofit organization (hereinafter referred to as “public agency” or collectively, “public agencies”) may purchase products and services at the prices indicated in the Master Agreement;

WHEREAS, NCPA has the administrative and legal capacity to administer purchases under the Master Agreement to public agencies;

WHEREAS, NCPA serves as the administrative agent for Region 14 ESC in connection with other master agreements offered by NCPA

WHEREAS, Region 14 ESC desires NCPA to proceed with administration of the Master Agreement;

WHEREAS, NCPA and Vendor desire to enter into this Agreement to make available the Master Agreement to public agencies on a national basis;

NOW, THEREFORE, in consideration of the payments to be made hereunder and the mutual covenants contained in this Agreement, NCPA and Vendor hereby agree as follows:

General Terms and Conditions The Master Agreement, attached hereto as Tab 1 and incorporated herein by reference as though fully

set forth herein, and the terms and conditions contained therein shall apply to this Agreement except asexpressly changed or modified by this Agreement.

NCPA shall be afforded all of the rights, privileges and indemnifications afforded to Region14 ESC underthe Master Agreement, and such rights, privileges and indemnifications shall accrue and apply withequal effect to NCPA under this Agreement including, but not limited to, the Vendor’s obligation toprovide appropriate insurance and certain indemnifications to Region 14 ESC.

Vendor shall perform all duties, responsibilities and obligations required under the Master Agreementin the time and manner specified by the Master Agreement.

NCPA shall perform all of its duties, responsibilities, and obligations as administrator of purchasesunder the Master Agreement as set forth herein, and Vendor acknowledges that NCPA shall act in thecapacity of administrator of purchases under the Master Agreement.

With respect to any purchases made by Region 14 ESC or any Public Agency pursuant to the MasterAgreement, NCPA (a) shall not be construed as a dealer, re-marketer, representative, partner, or agent ofany type of Vendor, Region 14 ESC, or such Public Agency, (b) shall not be obligated, liable orresponsible (i) for any orders made by Region 14 ESC, any Public Agency or any employee of Region 14ESC or Public Agency under the Master Agreement, or (ii) for any payments required to be made with

August 1, 2016

August 1, 201601-62

Page 6 of 31

RFP # 22-16 July 11th, 2016

respect to such order, and (c) shall not be obligated, liable or responsible for any failure by the Public Agency to (i) comply with procedures or requirements of applicable law, or (ii) obtain the due authorization and approval necessary to purchase under the Master Agreement. NCPA makes no representations or guaranties with respect to any minimum purchases required to be made by Region 14 ESC, any Public Agency, or any employee of Region 14 ESC or Public Agency under this Agreement or the Master Agreement.

The Public Agency participating in the NCPA contract and Vendor may enter into a separate supplemental agreement to further define the level of service requirements over and above the minimum defined in this contract i.e. invoice requirements, ordering requirements, specialized delivery, etc. Any supplemental agreement developed as a result of this contract is exclusively between the Public Agency and Vendor. NCPA, its agents, members and employees shall not be made party to any claim for breach of such agreement.

Term of Agreement This Agreement shall be in effect so long as the Master Agreement remains in effect, provided, however,

that the obligation to pay all amounts owed by Vendor to NCPA through the termination of this Agreement and all indemnifications afforded by Vendor to NCPA shall survive the term of this Agreement.

Fees and Reporting The awarded vendor shall electronically provide NCPA with a detailed monthly or quarterly report

showing the dollar volume of all sales under the contract for the previous month or quarter. Reports shall be sent via e-mail to NCPA offices at [email protected]. Reports are due on the fifteenth (15th) day after the close of the previous month or quarter. It is the responsibility of the awarded vendor to collect and compile all sales under the contract from participating members and submit one (1) report. The report shall include at least the following information as listed in the example below:

Entity Name Zip Code State PO or Job # Sale Amount

Total

Each quarter NCPA will invoice the vendor based on the total of sale amount(s) reported. From the

invoice the vendor shall pay to NCPA an administrative fee based upon the tiered fee schedule below. Vendor’s annual sales shall be measured on a calendar year basis. Deadline for term of payment will be included in the invoice NCPA provides.

Annual Sales Through Contract Administrative Fee

$0 - $30,000,000 2%

$30,000,000 - $50,000,000 1.5%

$50,000,001 + 1%

Page 7 of 31

RFP # 22-16 July 11th, 2016

Supplier shall maintain an accounting of all purchases made by Public Agencies under the MasterAgreement. NCPA and Region 14 ESC reserve the right to audit the accounting for a period of four (4)years from the date NCPA receives the accounting. In the event of such an audit, the requested materialsshall be provided at the location designated by Region 14 ESC or NCPA. In the event such audit revealsan underreporting of Contract Sales and a resulting underpayment of administrative fees, Vendor shallpromptly pay NCPA the amount of such underpayment, together with interest on such amount and shallbe obligated to reimburse NCPA’s costs and expenses for such audit.

General Provisions This Agreement supersedes any and all other agreements, either oral or in writing, between the parties

hereto with respect to the subject matter hereof, and no other agreement, statement, or promise relatingto the subject matter of this Agreement which is not contained herein shall be valid or binding.

Awarded vendor agrees to allow NCPA to use their name and logo within website, marketing materialsand advertisement. Any use of NCPA name and logo or any form of publicity regarding this contract byawarded vendor must have prior approval from NCPA.

If any action at law or in equity is brought to enforce or interpret the provisions of this Agreement or torecover any administrative fee and accrued interest, the prevailing party shall be entitled to reasonableattorney’s fees and costs in addition to any other relief to which such party may be entitled.

Neither this Agreement nor any rights or obligations hereunder shall be assignable by Vendor withoutprior written consent of NCPA. Any assignment without such consent will be void.

This Agreement and NCPA’s rights and obligations hereunder may be assigned at NCPA’s sole discretion,to an existing or newly established legal entity that has the authority and capacity to perform NCPA’sobligations hereunder All written communications given hereunder shall be delivered to the addressesas set forth below.

National Cooperative Purchasing Alliance: Vendor CompuNet, Inc.

Name: Name: Thomas McFarlin

Title: Title: Director of Operations

Address: Address: 2264 S. Bonito Way, suite 150 Meridian, ID 83642

Signature: Signature:

Date: Date: 7/15/2016

Matthew Mackel

Director, Business Development

PO Box 701273

Houston, TX 77270

August 1, 2016

Page 8 of 31

RFP # 22-16 July 11th, 2016

Tab 3 - Vendor Questionnaire

Please provide responses to the following questions that address your company’s operations, organization, structure, and processes for providing products and services.

States Covered Bidder must indicate any and all states where products and services can be offered. Please indicate the price co-efficient for each state if it varies.

50 States & District of Columbia (Selecting this box is equal to checking all boxes below)

Alabama Maryland South Carolina

Alaska Massachusetts South Dakota

Arizona Michigan Tennessee

Arkansas Minnesota Texas

California Mississippi Utah

Colorado Missouri Vermont

Connecticut Montana Virginia

Delaware Nebraska Washington

District of Columbia Nevada West Virginia

Florida New Hampshire Wisconsin

Georgia New Jersey Wyoming

Hawaii New Mexico

Idaho New York

Illinois North Carolina

Indiana North Dakota

Iowa Ohio

Kansas Oklahoma

Kentucky Oregon

Louisiana Pennsylvania

Maine Rhode Island

Page 9 of 31

RFP # 22-16 July 11th, 2016

All US Territories and Outlying Areas (Selecting this box is equal to checking all boxes below)

American Samoa Northern Marina Islands

Federated States of Micronesia Puerto Rico

Guam U.S. Virgin Islands

Midway Islands

Minority and Women Business Enterprise (MWBE) and (HUB) Participation It is the policy of some entities participating in NCPA to involve minority and women business

enterprises (MWBE) and historically underutilized businesses (HUB) in the purchase of goods and services. Respondents shall indicate below whether or not they are an M/WBE or HUB certified.

Minority / Women Business Enterprise Respondent Certifies that this firm is a M/WBE

Historically Underutilized Business Respondent Certifies that this firm is a HUB

Residency Responding Company’s principal place of business is in the city of Meridian,

State of Idaho.

Felony Conviction Notice Please Check Applicable Box; A publically held corporation; therefore, this reporting requirement is not applicable. Is not owned or operated by anyone who has been convicted of a felony. Is owned or operated by the following individual(s) who has/have been convicted of

a felony. If the 3rd box is checked, a detailed explanation of the names and convictions must be

attached.

Distribution Channel Which best describes your company’s position in the distribution channel:

Manufacturer Direct Certified education/government reseller

Authorized Distributor Manufacturer marketing through

reseller

Value-added reseller Other _______________________________________

Processing Information

Provide company contact information for the following: Sales Reports / Accounts Payable

Contact Person: Jancy Scott Title: Operations Analyst

Company: CompuNet, Inc. Address: 2264 S. Bonito Way, suite 150 City: Meridian State: Idaho Zip: 83642 Phone: (208) 286-3028 Email: [email protected]

Page 10 of 31

RFP # 22-16 July 11th, 2016

Purchase Orders Contact Person: Christopher Paskewich Title: Cloud Operations Company: CompuNet, Inc. Address: 2264 S. Bonito Way, suite 150 City: Meridian State: Idaho Zip: 83642 Phone: (503) 214-4608Email: [email protected]

Sales and Marketing Contact Person: Dan Beeler Title: Cloud Director Company: CompuNet, Inc. Address: 2264 S. Bonito Way, suite 150 City: Meridian State: Idaho Zip: 83642 Phone: (208) 286-3014Email: [email protected]

Pricing Information In addition to the current typical unit pricing furnished herein, the Vendor agrees to offer

If answer is no, attach a statement detailing how pricing for NCPA participants would be calculated for future product introductions.

Yes No

Pricing submitted includes the required NCPA administrative fee. The NCPA fee is calculated based on the invoice price to the customer.

Yes No

Vendor will provide additional discounts for purchase of a guaranteed quantity.

Page 11 of 31

RFP # 22-16 July 11th, 2016

Tab 4 - Vendor Profile

Please provide the following information about your company:

Company’s official registered name.

CompuNet, Inc.

Brief history of your company, including the year it was established.

CompuNet, Inc., founded in 1998, is a northwest-based Data Center, Cloud and Network Engineering Company with offices in Bozeman, Montana; Meridian, Lewiston and Grangeville, Idaho; Portland Oregon, Spokane, Washington, Salt Lake City, Utah, Seattle, Washington and Phoenix, Arizona. Although our physical presence is concentrated in the Northwest, we do have larger clients that require our services both nationally and internationally. CompuNet has a deep and wide data center, cloud, colocation and networking practice, with extensive experience with, AWS, EMC, Cisco, VMware and Microsoft, F5, Palo Alto to name a few. We are certified in cloud architecture, partnered with local, regional, national and global, cloud providers able to deliver customized, secure and compliant solutions based on organizational requirements. We staff over 180 people with 100 of those team members, including our executive leadership, being engineers. With each hire, CompuNet pursues the best talent in the market and evaluates their ability to provide superior customer service, expertise in their respective technology focus, and ensures that they match the cultural values of CompuNet.

Company’s Dun & Bradstreet (D&B) number.

62-702-4636

Company’s organizational chart of those individuals that would be involved in the contract.

Sales Technical Technical Technical Steve Frey Josh Guice Brandon Morgan Carl Norman Business Development Manager

Solutions Architect Solutions Architect Solutions Architect

(208) 286-3073 (503) 214-4638 (503) 214-4613 (503) [email protected] [email protected] [email protected] [email protected]

Director Operations/Contracts/Billing Support RFP Response Support Dan Beeler Christopher Paskewich Meredith Newton Jancy Scott Director Cloud Operations SLED Business Development

Manager Operations Analyst

(208) 286-3014 (503) 214-4608 (208) 488-7223 (208) [email protected] [email protected] [email protected] [email protected]

Corporate office location.

2264 S. Bonito Way Meridian, ID 83642

Page 12 of 31

RFP # 22-16 July 11th, 2016

List the number of sales and services offices for states being bid in solicitation.

Arizona: 1 Idaho: 3 Montana: 2

Oregon: 1 Utah: 1 Washington: 2

List the names of key contacts at each with title, address, phone and e-mail address.

Arizona & Southern California Idaho Idaho 1334 E. Chandler Blvd, Suite 5-A13

2264 S. Bonito Way, Suite 150 507 Thain Road

Phoenix, AZ 85048 Meridian, ID 83642 Lewiston, ID 83501 Scott Blasenak Jay Ellis Dominic Ponozzo Account Manager Vice President Account Manager (602) 300-4863 (208) 286-3030 (208) 791-3297 [email protected] [email protected] [email protected]

Idaho Montana & Wyoming Montana

1710 Daffodil Place 801 W. Main St., Suite 2C & 2D 55 W. 14th St., Suite 202 Idaho Falls, ID 83404 Bozeman, MT 59715 Helena, MT 59601 Randy Elsethagen Adam Kopczuk Adam Kopczuk Account Manager Account Manager Account Manager (208) 221-2475 (406) 410-0730 (406) 410-0730 [email protected] [email protected] [email protected]

Oregon & Northern California Utah & California & Nevada Western Washington 5400 Meadows Road, Suite 120 6985 S. Union Park Ctr., Suite

250 5400 Meadows Road, Suite 120

Lake Oswego, OR 97035 Cottonwood Heights, UT 84047 Lake Oswego, OR 97035 Mark DeMaine Shawn Heiden Colleen Tillman Vice President Vice President Account Manager (503) 214-4606 (801) 747-5052 (206) 200-5301 [email protected] [email protected] [email protected]

Eastern Washington 1326 N. Whitman Lane Liberty Lake, WA 99019 Dominic Casey Account Manager (208) 286-3047 [email protected]

Define your standard terms of payment.

Net 30

Who is your competition in the marketplace? CompuNet competes with other National and regional value-added resellers (VAR’s) and IT consulting firms.

Page 13 of 31

RFP # 22-16 July 11th, 2016

What differentiates your company from competitors?

Our engineering-centric engagement model. Each customer works with a dedicated local team who understands their business, their infrastructure, and their goals. This team takes ownership for the entire project lifecycle, from discovery and design through deployment, training, and handoff. Our engineering-led culture means that our engineers make decisions based on good engineering and design principles, not sales quotas. Decisions to bring in products and services to our customers are made by experienced and certified engineers who listen to customer demand. It is not driven by sales people or by manufacturer pressures. This autonomy of our engineers and our cultural respect for excellent engineering sets us apart from many of our sales-led competitors. This innovative company structure makes for happy employees and happy customers. Our people. Our team consists of highly skilled IT architects and enterprise engineers with a long history designing IT solutions that solve real-world business problems, and improve operational efficiency. Our Account Managers all have a consistent thread of; experience with long-term relationship first mentalities and who do not carry sales quotas Our track record. Because of our absolute commitment to helping customers achieve success, many of our engagements become long-term relationships. We are proud that our customers across many industries see us as a trusted advisor. You will hopefully hear this for yourself in communicating with the references we will provide in this response. Our relationships. Our partnerships bring you a broad ecosystem of technologies and solutions that can meet your business and technical requirements. Plus, we hold some of the industry’s most elite partner certifications. Our approach. While we know perfection is tough to achieve, we always have it in our sights. Every day we work to design, deliver, and support IT solutions that help our customers succeed, whether they need to cut costs, boost productivity, reach new markets, or all of the above.

Describe how your company will market this contract if awarded. CompuNet has an active; State, Local and Education

strategy with dedicated employees and resources with many long standing and new customers. We communicate to these as well as prospective customers frequently with information about new technologies, services and buying vehicles. We also hold exclusive public sector events to accomplish the same on a larger scale. We will also publish this information on our website. Should we be awarded with the ability to be named to NCPA, CompuNet will proactively market to all of the above with an email campaign, an official press release on our News feed on our Website and social media outlets as well as at all in-person events over the coming months

Describe how you intend to introduce NCPA to your company. CompuNet holds weekly all-staff meetings as well as leadership meetings in which we will announce our partnership and then we will write up an official press-release of the same and post to our internal communication hub.

Describe your firm’s capabilities and functionality of your on-line catalog / ordering website. Our corporate website; www.compunet.biz has a marketplace login for participating organizations to log in. This login exists today and will be expanded if awarded the contract.

Describe your company’s Customer Service Department (hours of operation, number of service centers, etc.)

Sales and Sales Support: Monday-Friday, 8:00AM-5:00PM Mountain Time

VEC (Virtual Engineering Center): 24x7x365 - Managed Services/Support

Page 14 of 31

RFP # 22-16 July 11th, 2016

Green Initiatives

As our business grows, we want to make sure we minimize our impact on the Earth’s climate. We are taking every step we can to implement innovative and responsible environmental practices throughout NCPA to reduce our carbon footprint, reduce waste, energy conservation, ensure efficient computing and much more.

We have chosen partnerships with Cloud Service Providers and Data Centers that are located in “Energy Export States’ to offer our customers green, LEED certified options. We practice best of breed virtualization practices to enable our customers to reduce their IT footprint wherever possible. We also have developed a cloud consultancy, encouraging our customers to further reduce their data center, and infrastructure footprints.

Vendor Certifications (if applicable)

Provide a copy of all current licenses, registrations and certifications issued by federal, state and local agencies, and any other licenses, registrations or certifications from any other governmental entity with jurisdiction, allowing respondent to perform the covered services including, but not limited to, licenses, registrations, or certifications. Certifications can include M/WBE, HUB, and manufacturer certifications for sales and service

Yes, CompuNet, Inc. is a certified consulting partner of Amazon Web Services. Certifications:

AWS GOVCLOUD AWS Public Sector AWS Architecture AWS SYSOPS

Programs: Authorized Public Sector and Government Reseller, Amazon Marketplace Consulting Partner

http://www.aws-partner-directory.com/PartnerDirectory/PartnerDetail?Name=CompuNet

Page 15 of 31

RFP # 22-16 July 11th, 2016

Tab 5 - Products and Services

Respondent shall perform and provide these products and/or services under the terms of this agreement. The supplier shall assist the end user with making a determination of their individual needs. The following is a list of suggested (but not limited to) categories. List all categories along with manufacturer that you are responding with: Product, Description (hyperlinked and also printed copies are included in AWS package) and Services Below:

Compute Storage & Content Delivery Database

Amazon EC2 Amazon S3 Amazon RDS

Amazon EC2 Container Registry Amazon CloudFront AWS Database Migration Service

Amazon EC2 Container Service Amazon EBS Amazon DynamoDB

AWS Elastic Beanstalk Amazon Elastic File System Amazon ElastiCache

AWS Lambda Amazon Glacier Amazon Redshift

Auto Scaling AWS Import/Export Snowball Amazon SimpleDB

Elastic Load Balancing AWS Storage Gateway

Amazon VPC

Networking Analytics Enterprise Applications

Amazon VPC Amazon EMR Amazon WorkSpaces

AWS Direct Connect AWS Data Pipeline Amazon WorkDocs

Elastic Load Balancing Amazon Elasticsearch Service Amazon WorkMail

Amazon Route 53 Amazon Kinesis

Amazon Machine Learning

Amazon Redshift

Amazon QuickSight

Internet of Things

AWS IoT

Page 16 of 31

RFP # 22-16 July 11th, 2016

Mobile Services Developer Tools Management Tools

AWS Mobile Hub AWS CodeCommit Amazon CloudWatch

Amazon API Gateway AWS CodeDeploy AWS CloudFormation

Amazon Cognito AWS CodePipeline AWS CloudTrail

AWS Device Farm AWS Command Line Tool AWS Command Line Tool

Amazon Mobile Analytics AWS Config

AWS Mobile SDK AWS Management Console

Amazon SNS AWS OpsWorks

AWS Service Catalog

Amazon Trusted Advisor

Security and Identity Application Services Game Development

AWS Identity and Access Management (IAM)

Amazon API Gateway Amazon Lumberyard

AWS Certificate Manager Amazon AppStream

AWS CloudHSM Amazon CloudSearch

AWS Directory Service Amazon Elastic Transcoder

Amazon Inspector Amazon FPS

AWS Key Management Service Amazon SES

AWS WAF Amazon SNS

AWS Security Token Service Amazon SQS

Amazon SWF

Software Government

AWS Marketplace AWS GOVCloud

This Amazon Web Services, Inc. (AWS) package is provided for informational purposes only. The services included in this package are standard commercial services and due to the unique nature of the services, AWS’s standard

terms and conditions must govern any use of and access to AWS services and are available at http://aws.amazon.com/agreement/. This package may include a set of suggested solutions for this opportunity that

are based on our limited information, and should not be construed as a binding offer from AWS. For current prices for AWS services, please refer to the AWS website at www.aws.amazon.com.

Amazon Web Services Partner Package for: National Cooperative Purchasing Alliance (NCPA) Request for Proposal (RFP) for Cloud Collaboration and Storage Services Solicitation Number: 22-16 July 11, 2016 Submitted By: Amazon Web Services, Inc. 410 Terry Avenue North Seattle, WA 98109-5210 Cage Code: 66EB1 DUNS Number: 965048981 NAICS: 518210

AWS Partner Package

July 11, 2016 Page iii

AMAZON WEB SERVICES, INC. CONFIDENTIAL. THE INFORMATION IN THIS DOCUMENT MAY NOT BE DISCLOSED WITHOUT THE PRIOR WRITTEN CONSENT OF AMAZON WEB SERVICES, INC.

Guidance on Service Name Usage On first use, all service names must be written out completely. After that, you may abbreviate the service name, but only in strict conformance with the abbreviated service names noted in parentheses in the table below. Exception: The following service names must always include “Amazon” based on trademark rights and settlement agreements:

Amazon AppStream Amazon Kinesis Amazon Cognito Amazon Machine Learning (Amazon ML) Amazon Glacier Amazon Redshift

AWS CloudFormation Amazon FPS Account Management

Quick Start AWS Service Health Dashboard

Amazon CloudFront (Cloudfront) Amazon FPS Advanced Quick Start Amazon Silk

AWS CloudHSM (CloudHSM) Amazon FPS Aggregated Payments Quick Start

Amazon Simple Email Service (Amazon SES)

Amazon CloudWatch (Cloudwatch) Amazon FPS Basic Quick Start Amazon Simple Notification Service (Amazon SNS)

Amazon CloudSearch Amazon FPS Marketplace Quick Start Amazon Simple Pay

Amazon CloudWatch Amazon Fulfillment Web Service (Amazon FWS)

Amazon Simple Queue Service (Amazon SQS)

AWS Data Pipeline Amazon Glacier Amazon Simple Storage Service (Amazon S3)

Amazon DevPay (Devpay) AWS GovCloud Amazon Simple Workflow Service (Amazon SWF)

AWS Direct Connect AWS Identity and Access Management

Amazon SimpleDB

Amazon DynamoDB (DynamoDB) AWS Import/Export AWS Storage Gateway

AWS Elastic Beanstalk (Elastic Beanstalk)

AWS Management Console AWS Toolkit for Eclipse

Amazon Elastic Block Store (Amazon EBS)

AWS Marketplace AWS Toolkit for Visual Studio

Amazon Elastic Compute Cloud (Amazon EC2)

Amazon Mechanical Turk (Beta) AWS Tools for Windows PowerShell

Elastic Load Balancing Molecular Modeling Amazon Virtual Private Cloud (Amazon VPC)

Amazon Elastic MapReduce (Amazon EMR)

AWS OpsWorks AWS VPN CloudHub

Amazon Elastic Transcoder Amazon Redshift AWS Public Data Sets

Amazon ElastiCache Amazon Relational Database Service (Amazon RDS)

AWS SDK for .NET

Amazon Flexible Payments Service (Amazon FPS)

Amazon Route 53 (Route 53) AWS Solution Providers Program

AWS Flow Framework AWS Security Token Service (AWS STS)

AWS Toolkit for Eclipse

AWS Partner Package

July 11, 2016 Page 1


1.0 AWS Overview Amazon has a long history of using a decentralized IT infrastructure. This has enabled our development teams to access compute and storage resources on demand, and it has increased overall productivity and agility. By 2005, Amazon had spent over a decade and millions of dollars building and managing the large-scale, reliable, and efficient IT infrastructure that powers one of the world’s largest online retail platforms. Amazon launched Amazon Web Services, Inc. (AWS) so that other organizations could benefit from Amazon’s experience and investment in running a large-scale, distributed, transactional IT infrastructure. AWS has been operating since 2006 and now serves more than one million active customers every month worldwide.

1.1 The Differences that Distinguish AWS AWS is readily distinguished from other vendors in the traditional IT computing landscape because it is:

Flexible. AWS enables organizations to use the programming models, operating systems, databases, and architectures with which they are already familiar. In addition, this flexibility helps organizations mix and match architectures in order to serve their diverse business needs.

Cost effective. With AWS, organizations pay only for what they use, without up-front costs or long-term commitments.

Scalable and elastic. Organizations can quickly add and subtract AWS resources to and from their applications in order to meet customer demand and manage costs.

Innovative. AWS launched 722 new services and features in 2015, and as of June 1, we have released 368 new features and services in 2016. Our pace of innovation is funded and sustained through our economies of scale and commitment to delivering the products and services that matter most to our customers. Our continual innovation ensures that customers maintain state-of-the-art IT infrastructure without having to make recapitalization investments.

Secure. In order to provide end-to-end security and end-to-end privacy, AWS builds services in accordance with security best practices, provides the appropriate security features in those services, and documents how to use those features.

Experienced. When using AWS, organizations can leverage AWS’s many years of experience delivering large-scale, global infrastructure in a reliable, secure fashion.

1.2 Business Benefits of AWS Cloud Services There are additional business benefits that AWS Cloud services can help customers realize. A few of these are listed here:

Almost Zero Upfront Infrastructure Investment: If a customer wants to build a large-scale system, it may cost a fortune to invest in real estate, physical

AWS Partner Package



security, hardware (racks, servers, routers, backup power supplies), hardware management (power management, cooling), and operations personnel. Because of the high upfront costs, the project would typically require several rounds of management approvals before the project could even get started. With AWS’s utility-style cloud computing, there is no fixed cost or startup cost.

Just-In-Time Infrastructure: In the past, if an application became popular and a business’ systems or infrastructure did not scale, it became a victim of its own success. Conversely, if a developer invested heavily and did not get popular, it became a victim of failure. By deploying applications in the AWS Cloud with just-in-time self-provisioning, customers do not have to worry about pre-procuring capacity for large-scale systems. AWS’s cloud increases agility, lowers risk, and lowers operational cost, because customers can scale cloud resources as they grow and only pay for what they use.

More Efficient Resource Utilization: System administrators usually worry about procuring hardware (when they run out of capacity) and higher infrastructure utilization (when they have excess and idle capacity). With AWS, they can manage resources more effectively and efficiently by having the applications request and relinquish resources on-demand.

Usage-Based Costing: With utility-style pricing, AWS customers are billed only for the infrastructure that has been used. AWS customers do not pay for allocated but unused infrastructure. This adds a new dimension to cost savings, allowing customers to see immediate cost savings when they deploy an optimization patch to update their cloud application. For example, if a caching layer can reduce data requests by 70%, the savings begin to accrue immediately. Moreover, if customers build platforms on the cloud, they can pass on the same flexible, variable usage-based cost structure to their own customers.

Reduced Time to Market: Parallelization is the one of the great ways to speed up processing. If one compute-intensive or data-intensive job that can be run in parallel takes 500 hours to process on one machine, with cloud architectures, it would be possible to spawn and launch 500 instances and process the same job in 1 hour. Having available an elastic infrastructure provides the application with the ability to exploit parallelization in a cost-effective manner reducing time to market.

1.3 Technical Benefits of AWS Cloud Services Some of the key technical benefits of the AWS Cloud are:

Automation – “Scriptable Infrastructure”: AWS customers can create repeatable build and deployment systems by leveraging programmable (Application Programming Interface [API]-driven) infrastructure.

Auto Scaling: AWS customers can scale their applications up and down to match unexpected demand without any human intervention. Auto Scaling encourages automation and drives more efficiency.

AWS Partner Package



Proactive Scaling: Customers can scale applications up and down to meet anticipated demand with proper planning of traffic patterns so that costs remain low while scaling.

More Efficient Development Lifecycle: Production systems may be easily cloned for use as development and test environments. Staging environments may be easily promoted to production.

Improved Testability: Never run out of hardware for testing. Inject and automate testing at every stage during the development process. AWS customers can spin up an “instant test lab” with pre-configured environments only for the duration of the testing phase.

Disaster Recovery and Business Continuity: The cloud provides a lower cost option for maintaining a fleet of disaster recovery servers and data storage. With the cloud, customers can take advantage of geo-distribution and replicate the environment in other locations within minutes.

Overflow Traffic to the Cloud: With a few clicks and effective load balancing tactics, customers can create a complete overflow-proof application by routing excess traffic to the cloud.

2.0 Analyst Reports Gartner, Inc., a leading information technology research company, reported in its 2015 Magic Quadrant for Cloud Infrastructure as a Service (IaaS), Worldwide report that “AWS is a thought leader; it is extraordinarily innovative, exceptionally agile, and very responsive to the market. It has the richest array of IaaS features and PaaS-like capabilities. It continues to rapidly expand its service offerings and offer higher-level solutions.” The Gartner Magic Quadrant for May 2015 (Figure 1) depicts AWS in the Leaders Quadrant.

AWS Partner Package



Figure 1 – 2015 Gartner Magic Quadrant for Cloud Infrastructure as a Service

Additionally, Gartner positions AWS in the Leaders Quadrant of the new Magic Quadrant for Public Cloud Storage Services (Figure 2). Gartner defines leaders as offering innovative storage offerings built on a hardened platform, with global data centers and established credibility as a business.

AWS Partner Package



Figure 2 – 2015 Gartner Magic Quadrant for Public Cloud Storage Services

You can see more analyst reports at http://aws.amazon.com/resources/analyst-reports/.

3.0 Environmental Benefits of AWS AWS is committed to running our business in the most environmentally friendly way possible. In addition to the environmental benefits inherently associated with running applications in the cloud, AWS has a long-term commitment to achieve 100% renewable energy usage for our global infrastructure footprint.

We’ve made a lot of progress on this commitment. As of April 2015, approximately 25% of the power consumed by our global infrastructure comes from renewable energy sources1. We have a goal of increasing this to at least 40% by the end of 2016.

In June 2015, AWS announced that it has teamed with Community Energy, Inc. to support the construction and operation of an 80 megawatt (MW) solar farm in Accomack County, Virginia, called Amazon Solar Farm US East. This new solar farm is expected

AWS Partner Package



to start generating approximately 170,000 megawatt hours (MWh) of solar power annually as early as October 2016.

The energy generated by Amazon Solar Farm US East and Amazon Wind Farm (Fowler Ridge) will be delivered into the electrical grids that supply current and future AWS cloud data centers.

3.1 Options for Customers Seeking to Run 100% Carbon-Neutral Infrastructure

AWS introduced its first carbon-neutral region in 2011. Today, AWS offers customers three AWS Regions that are carbon-neutral:

US West (Oregon) EU (Frankfurt) AWS GovCloud (US)

3.2 The Greenest Power is That Which is Not Consumed Any analysis on the climate impact of a data center should take into consideration resource utilization and energy efficiency, in addition to power mix. Carbon emissions are a factor of three things: the number of servers running, the total energy required to power each server, and the carbon intensity of energy sources used to power these servers. A June 2015 blog post by Jeff Barr outlines why using fewer servers and powering them more efficiently is at least as important to reducing the carbon impact of a company’s data center as its power mix.

A typical large-scale cloud provider achieves approximately 65% server utilization rates versus 15% on-premises, which means when companies move to the cloud, they typically provision fewer than one-quarter of the servers than they would on-premises. In addition, a typical on-premises data center is 29% less efficient in their use of power compared to a typical large-scale cloud provider that uses world-class facility designs, cooling systems, and workload-optimized equipment. Adding these together (fewer servers used plus more power efficient servers), customers only need 16% of the power as compared to on-premises infrastructure. This represents an 84% reduction in the amount of power required.

This massive improvement in energy efficiency drives a huge reduction in climate impact because less energy consumed means fewer carbon emissions. The climate impact improvements get even better when you factor in that the average corporate data center has a dirtier power mix than the typical large-scale cloud provider. Large-scale cloud providers (AWS included) use a power mix that is 28% less carbon intense than the global average.

Combining the fraction of energy required with a less carbon-intense power mix, customers can end up with a reduction in carbon emissions of 88% by moving to the cloud and AWS.

For more information, please visit our AWS and Sustainability webpage.

AWS Partner Package



4.0 AWS Cloud Services Using AWS, customers can requisition compute power, storage, and other services in minutes and have the flexibility to choose the development platform or programming model that makes the most sense for the problems they are trying to solve. Error! Reference source not found. lists AWS’s Cloud services. Links are provided to the service website where you can find all service documentation, pricing information, FAQs, release notes, developer information and relevant case studies.

Table 1 – AWS Cloud Services and Links to Publicly Available Information Link to AWS Cloud

Services Information

Service Description Link to Documentation

Compute

Amazon EC2

Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides resizable computing capacity—literally, servers in Amazon's data centers—that you use to build and host your software systems.

http://aws.amazon.com/documentation/ec2/

Amazon EC2 Container Service

Amazon EC2 Container Service (Amazon ECS) is a highly scalable, high-performance container management service that supports Docker containers and allows you to easily run distributed applications on a managed cluster of Amazon EC2 instances.

http://aws.amazon.com/ecs/faqs/

Amazon EC2 Container Registry

Amazon EC2 Container Registry (Amazon ECR) is a fully managed Docker container registry that makes it easy for developers to store, manage, and deploy Docker container images. Amazon ECR is integrated with Amazon ECS, simplifying your development-to-production workflow. Amazon ECR eliminates the need to operate your own container repositories or worry about scaling the underlying infrastructure. Amazon ECR hosts your images in a highly available and scalable architecture, allowing you to reliably deploy containers for your applications.

https://aws.amazon.com/documentation/ecr/

AWS Lambda

AWS Lambda is a compute service that runs your code in response to events and automatically manages the compute resources for you, making it easy to build applications that respond quickly to new information. AWS Lambda starts running your code within milliseconds of an event such as an image upload, in-app activity, website click, or output from a connected device.

http://aws.amazon.com/documentation/lambda/

Auto Scaling Auto Scaling is a web service designed to launch or terminate Amazon EC2 instances automatically based on user-defined policies, schedules, and health checks.

http://aws.amazon.com/documentation/autoscaling/

AWS Partner Package



Link to AWS Cloud Services

Information Service Description Link to Documentation

AWS Elastic Beanstalk

AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services developed with Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker on familiar servers such as Apache, Nginx, Passenger, and IIS. Upload your code, and Elastic Beanstalk automatically handles the deployment, from capacity provisioning, load balancing, and auto scaling to application health monitoring.

https://aws.amazon.com/documentation/elastic-beanstalk/

Elastic Load Balancing

Elastic Load Balancing automatically distributes your incoming application traffic across multiple Amazon EC2 instances. It detects unhealthy instances and reroutes traffic to healthy instances until the unhealthy instances have been restored. Elastic Load Balancing automatically scales its request handling capacity in response to incoming traffic.

http://aws.amazon.com/documentation/elasticloadbalancing/

Networking

Amazon VPC

Amazon Virtual Private Cloud (Amazon VPC) enables you to launch AWS resources into a virtual network that you've defined. This virtual network closely resembles a traditional network that you'd operate in your own data center, with the benefits of using the scalable infrastructure of AWS.

http://aws.amazon.com/documentation/vpc/

AWS Direct Connect

AWS Direct Connect links your internal network to an AWS Direct Connect location over a standard 1 GB or 10 GB Ethernet fiberoptic cable. One end of the cable is connected to your router and the other to an AWS Direct Connect router. With this connection, you can create virtual interfaces directly to the AWS Cloud and Amazon VPC, bypassing Internet service providers in your network path.

http://aws.amazon.com/documentation/directconnect/

Amazon Route 53

Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) web service. It is designed as an extremely reliable and cost-effective way to route users to Internet applications by translating site names into IP addresses. Amazon Route 53 also connects user requests to infrastructure running in AWS, such as Amazon EC2 instances, Elastic Load Balancing load balancers, or Amazon S3 buckets.

https://aws.amazon.com/documentation/route53/

Storage and Content Delivery

Amazon S3 & Amazon S3 IA

Amazon Simple Storage Service (Amazon S3) is storage for the Internet. You can use Amazon S3 to store and retrieve any amount of data, at any time, from anywhere on the web. Amazon S3 offers a range of storage classes designed for different use cases: Amazon S3 Standard for general-purpose storage of frequently accessed data, Amazon S3 Standard − Infrequent Access (Standard − IA) for

http://aws.amazon.com/documentation/s3/

AWS Partner Package





long-lived, but less frequently accessed data, and Amazon Glacier for long-term archive.

Amazon Glacier

Amazon Glacier is a storage service optimized for infrequently used data, or “cold data.” The service provides secure, durable, and extremely low-cost storage for data archiving and backup. With Amazon Glacier, you can store your data cost effectively for months, years, or even decades. Amazon Glacier enables you to offload the administrative burdens of operating and scaling storage to AWS, so you don't have to worry about capacity planning, hardware provisioning, data replication, hardware failure detection and recovery, or time-consuming hardware migrations.

http://aws.amazon.com/documentation/glacier/

Amazon EBS

Amazon Elastic Block Store (Amazon EBS) provides block-level storage volumes for use with Amazon EC2 instances. Amazon EBS volumes are highly available and reliable storage volumes that can be attached to any running instance that is in the same Availability Zone. Amazon EBS volumes that are attached to an Amazon EC2 instance are exposed as storage volumes that persist independently from the life of the instance. With Amazon EBS, you only pay for what you use.

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AmazonEBS.html

Amazon EFS (Preview)

Amazon Elastic File System (Amazon EFS) is a file storage service for Amazon EC2 instances. Amazon EFS is easy to use and provides a simple interface that allows you to create and configure file systems quickly and easily. With Amazon EFS, storage capacity is elastic, growing and shrinking automatically as you add and remove files, so your applications have the storage they need, when they need it. Sign up for the preview here.

https://aws.amazon.com/documentation/efs/

Amazon CloudFront

Amazon CloudFront is a content delivery web service. It integrates with other AWS Cloud services to give developers and businesses an easy way to distribute content to end users with low latency, high data transfer speeds, and no commitments.

http://aws.amazon.com/documentation/cloudfront/

AWS Import/Export Snowball

AWS Import/Export Snowball accelerates transferring large amounts of data between the cloud and portable storage devices that you mail to us. AWS transfers data directly onto and off of your storage devices using Amazon’s high-speed internal network. Your data load typically begins the next business day after your storage device arrives at AWS. After the data export or import completes, we return your storage device. For large data sets, AWS Import/Export is significantly faster than Internet transfer and more cost effective than upgrading your connectivity.

http://aws.amazon.com/documentation/importexport/

AWS Partner Package

July 11, 2016 Page 10




AWS Storage Gateway

AWS Storage Gateway is a service that connects an on-premises software appliance with cloud-based storage to provide seamless and secure integration between your on-premises IT environment and AWS's storage infrastructure.

http://aws.amazon.com/documentation/storagegateway/

Databases

Amazon RDS

Amazon Relational Database Service (Amazon RDS) is a web service that makes it easier to set up, operate, and scale a relational database in the cloud. It provides cost-efficient, resizable capacity for an industry-standard relational database and manages common database administration tasks. Database engines available through Amazon RDS include Amazon Aurora, MySQL, Oracle, Microsoft SQL Server, PostgreSQL, and MariaDB.

http://aws.amazon.com/documentation/rds/

Amazon DynamoDB

Amazon DynamoDB is a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability. You can use Amazon DynamoDB to create a database table that can store and retrieve any amount of data and serve any level of request traffic. Amazon DynamoDB automatically spreads the data and traffic for the table over a sufficient number of servers to handle the request capacity specified by the customer and the amount of data stored, while maintaining consistent and fast performance.

http://aws.amazon.com/documentation/dynamodb/

Amazon Redshift

Amazon Redshift is a fast, fully managed, petabyte-scale data warehouse solution that makes it simple and cost effective to efficiently analyze all your data using your existing business intelligence tools. You can start small for just $0.25 per hour with no commitments or up-front costs and scale to a petabyte or more for $1,000 per terabyte per year, less than a tenth of most other data warehousing solutions.

http://aws.amazon.com/documentation/redshift/

Amazon ElastiCache

Amazon ElastiCache is a web service that makes it easy to set up, manage, and scale distributed, in-memory cache environments in the cloud. It provides a high-performance, resizable, and cost-effective in-memory cache, while removing the complexity associated with deploying and managing a distributed cache environment.

http://aws.amazon.com/documentation/elasticache/

AWS Database Migration Service

AWS Database Migration Service helps you migrate databases to AWS easily and securely. The source database remains fully operational during the migration. You can migrate your data to and from most widely used commercial and open-source databases. The service supports homogenous migrations such as Oracle to Oracle, as well as heterogeneous migrations between different database platforms, such as Oracle to

https://aws.amazon.com/documentation/dms/

AWS Partner Package

July 11, 2016 Page 11




Amazon Aurora or Microsoft SQL Server to MySQL. Analytics

Amazon EMR

Amazon Elastic MapReduce (Amazon EMR) is a web service that makes it easy to process large amounts of data efficiently. Amazon EMR uses Hadoop processing combined with several AWS products to perform such tasks as web indexing, data mining, log file analysis, machine learning, scientific simulation, and data warehousing.

http://aws.amazon.com/documentation/elasticmapreduce/

Amazon Kinesis

Amazon Kinesis is a managed service that scales elastically for real-time processing of streaming big data. The service takes in large streams of data records that can then be consumed in real time by multiple data processing applications that can be run on Amazon EC2 instances. The data processing applications use the Amazon Kinesis Client Library and are called “Amazon Kinesis applications.”

http://aws.amazon.com/documentation/kinesis/

AWS Data Pipeline

AWS Data Pipeline is a web service that helps you reliably process and move data between different AWS compute and storage services, as well as on-premises data sources, at specified intervals. With AWS Data Pipeline, you can regularly access your data where it’s stored, transform and process it at scale, and efficiently transfer the results to AWS Cloud services such as Amazon S3, Amazon RDS, Amazon DynamoDB, and Amazon EMR.

http://aws.amazon.com/documentation/data-pipeline/

Amazon Mobile Analytics

Amazon Mobile Analytics is a service that lets you easily collect, visualize, and understand application usage data at scale. Many mobile application analytics solutions deliver usage data several hours after the events occur. Amazon Mobile Analytics is designed to deliver usage reports within 60 minutes of receiving data from an application so that you can act on the data more quickly.

http://aws.amazon.com/documentation/mobileanalytics/

AWS QuickSight (Preview)

Amazon QuickSight is a very fast, cloud-powered BI service that makes it easy to build visualizations, perform ad-hoc analysis, and quickly get business insights from data. Amazon QuickSight integrates automatically with AWS data services. At one-tenth the cost of traditional solutions, Amazon QuickSight enables you to deliver rich BI functionality to everyone in your organization.

Amazon Machine Learning

Amazon Machine Learning makes it easy for developers to build smart applications, including applications for fraud detection, demand forecasting, targeted marketing, and click prediction. The powerful algorithms of Amazon Machine Learning create Machine Learning (ML) models by finding patterns in your existing data. The service uses these models to process new

https://aws.amazon.com/documentation/machine-learning/

AWS Partner Package

July 11, 2016 Page 12




data and generate predictions for your application. Security & Identity

AWS Identity & Access Management

AWS Identity and Access Management (IAM) is a web service that enables AWS customers to manage users and user permissions. The service is targeted at organizations with multiple users or systems that use AWS products such as Amazon EC2, Amazon SimpleDB, and the AWS Management Console. With AWS IAM, you can centrally manage users, security credentials such as access keys, and permissions that control which AWS resources users can access.

http://aws.amazon.com/documentation/iam/

AWS Certificate Manager

AWS Certificate Manager is a service that lets you easily provision, manage, and deploy Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS Cloud services. SSL/TLS certificates are used to secure network communications and establish the identity of websites over the Internet.

http://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html

AWS CloudHSM AWS CloudHSM provides secure cryptographic key storage to customers by making Hardware Security Modules (HSMs) available in the AWS Cloud.

http://aws.amazon.com/documentation/cloudhsm/

AWS Key Management Service

AWS Key Management Service (KMS) is a managed service that makes it easy for you to create and control the encryption keys used to encrypt your data. AWS KMS uses HSMs to protect the security of your keys. AWS KMS is integrated with other AWS Cloud services, including Amazon EBS, Amazon S3, and Amazon Redshift. AWS KMS is also integrated with AWS CloudTrail to provide you with logs of all key usage.

http://aws.amazon.com/documentation/kms/

AWS Directory Service

AWS Directory Service is a managed service that allows you to connect your AWS resources with an existing on-premises Microsoft Active Directory or to set up a new, standalone directory in the AWS Cloud. Connecting to an on-premises directory is easy, and when this connection is established, all users can access AWS resources and applications with their existing corporate credentials.

http://aws.amazon.com/documentation/directory-service/

Amazon Inspector

Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. Amazon Inspector automatically assesses applications for vulnerabilities or deviations from best practices. After performing an assessment, Amazon Inspector produces a detailed list of security findings prioritized by level of severity.

https://aws.amazon.com/documentation/inspector/

AWS WAF

AWS Web Application Firewall (WAF) is a web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise

https://aws.amazon.com/documentation/waf/

AWS Partner Package

July 11, 2016 Page 13




security, or consume excessive resources. Also, AWS WAF includes a full-featured Application Programming Interface (API) that you can use to automate the creation, deployment, and maintenance of web security rules.

Management Tools

Amazon CloudWatch

Amazon CloudWatch is a web service that enables you to collect, view, and analyze metrics. Amazon CloudWatch lets you programmatically retrieve your monitoring data, view graphs, and set alarms to help you troubleshoot, spot trends, and take automated action based on the state of your cloud environment.

http://aws.amazon.com/documentation/cloudwatch/

AWS CloudTrail

With AWS CloudTrail, you can get a history of AWS API calls for your account, including API calls made via the AWS Management Console, the AWS Software Development Kits (SDKs), the command line tools, and higher-level AWS Cloud services. You can also identify which users and accounts called AWS APIs for services that support AWS CloudTrail, the source IP address the calls were made from, and when the calls occurred. You can integrate AWS CloudTrail into applications using the API, automate trail creation for your organization, check the status of your trails, and control how administrators turn AWS CloudTrail logging on and off.

http://aws.amazon.com/documentation/cloudtrail/

AWS Config

AWS Config is a fully managed service that provides you with an AWS resource inventory, configuration history, and configuration change notifications to enable security and governance. With AWS Config you can discover existing AWS resources, export a complete inventory of your AWS resources with all configuration details, and determine how a resource was configured at any point in time. These capabilities enable compliance auditing, security analysis, resource change tracking, and troubleshooting.

http://aws.amazon.com/documentation/config/

AWS Service Catalog

AWS Service Catalog is a service that allows administrators to create and manage approved catalogs of resources that end users can then access via a personalized portal. You can control which users have access to which applications or AWS resources to enable compliance with your business policies, while users can easily browse and launch products from the catalogs you create.

http://aws.amazon.com/servicecatalog/

Development, Deployment, & Management

AWS Management Console

Access and manage Amazon cloud services through a simple and intuitive web-based user interface. You can also use the AWS Console

http://aws.amazon.com/console/faqs/

AWS Partner Package

July 11, 2016 Page 14




mobile app to quickly view resources on the go.

AWS Command Line Interface

The AWS Command Line Interface (CLI) is a unified tool used to manage your AWS Cloud services. With just one tool to download and configure, you can control multiple AWS Cloud services from the command line and automate them through scripts.

http://aws.amazon.com/documentation/cli/

APIs

AWS provides APIs for cloud computing services, with multiple interfaces to those services, including SDKs, Integrated Development environment (IDE) Toolkits, and CLI Tools for developing and managing AWS resources.

https://aws.amazon.com/tools/

AWS CloudFormation

AWS CloudFormation gives developers and system administrators an easy way to create and manage a collection of related AWS resources, provisioning and updating them in an orderly and predictable fashion. You can use the sample templates for AWS CloudFormation or create your own templates to describe the AWS resources, and any associated dependencies or runtime parameters, required to run your application.

http://aws.amazon.com/documentation/cloudformation/

AWS CodeDeploy

AWS CodeDeploy is a service that automates code deployments to Amazon EC2 instances. AWS CodeDeploy makes it easier for you to rapidly release new features, helps you avoid downtime during deployment, and handles the complexity of updating your applications. You can use AWS CodeDeploy to automate deployments, eliminating the need for error-prone manual operations, and the service scales with your infrastructure so you can easily deploy to one Amazon EC2 instance or thousands.

http://aws.amazon.com/documentation/codedeploy/

AWS CodeCommit

AWS CodeCommit is a secure, highly scalable, managed source control service that hosts private Git repositories. AWS CodeCommit eliminates the need for you to operate your own source control system or worry about scaling its infrastructure. You can use AWS CodeCommit to store anything from code to binaries, and it supports the standard functionality of Git, allowing it to work seamlessly with your existing Git-based tools.

http://aws.amazon.com/codecommit/

AWS CodePipeline

AWS CodePipeline is a continuous delivery and release automation service that aids smooth deployments. You can design your development workflow for checking in code, building the code, deploying your application into staging, testing it, and releasing it to production. You can integrate third-party tools into any step of your release process or you can use AWS CodePipeline as an end-to-end solution.

http://aws.amazon.com/codepipeline/

AWS OpsWorks

AWS OpsWorks provides a simple and flexible way to create and manage stacks and applications. With

http://aws.amazon.com/documentation/opsworks/

AWS Partner Package

July 11, 2016 Page 15




AWS OpsWorks, you can provision AWS resources, manage their configuration, deploy applications to those resources, and monitor their health.

Enterprise Applications

Amazon WorkDocs

Amazon WorkDocs is a fully managed, secure enterprise storage and sharing service with strong administrative controls and feedback capabilities to help improve user productivity. Users can comment on files, send them to others for feedback, and upload new versions without having to resort to emailing multiple versions of their files as attachments.

http://aws.amazon.com/documentation/workdocs/

Amazon Workspaces

Amazon WorkSpaces allows customers to easily provision cloud-based desktops that allow users to access the documents, applications, and resources they need with the device of their choice, including laptops, iPad, Kindle Fire, or Android tablets. With a few clicks in the AWS Management Console, customers can provision a high-quality cloud desktop experience for any number of users at a highly competitive cost that is half the cost of most Virtual Desktop Infrastructure (VDI) solutions.

http://aws.amazon.com/documentation/workspaces/

Amazon WorkMail

Amazon WorkMail is a secure, managed business email and calendar service with support for existing desktop and mobile email clients. Amazon WorkMail gives users the ability to seamlessly access their email, contacts, and calendars using Microsoft Outlook, their web browser, or their native iOS and Android email applications.

https://aws.amazon.com/documentation/workmail/

Application Services

Amazon AppStream

The Amazon AppStream web service deploys your application on AWS infrastructure and streams input and output between your application and devices such as personal computers, tablets, and mobile phones. Your application's processing occurs in the cloud, so it can scale to handle vast computational loads. Devices need only display output and return user input, so the client application on the device can be lightweight in terms of file size and processing requirements.

http://aws.amazon.com/documentation/appstream/

Amazon CloudSearch

Amazon CloudSearch is a fully managed service in the cloud that makes it easy to set up, manage, and scale a search solution for your website. Amazon CloudSearch enables you to search large collections of data such as web pages, document files, forum posts, or product information. With Amazon CloudSearch, you can quickly add search capabilities to your website without having to

http://aws.amazon.com/documentation/cloudsearch/

AWS Partner Package

July 11, 2016 Page 16




become a search expert or worry about hardware provisioning, setup, and maintenance. As your volume of data and traffic fluctuates, Amazon CloudSearch automatically scales to meet your needs.

Amazon SWF

Amazon Simple Workflow Service (Amazon SWF) makes it easy to build applications that coordinate work across distributed components. In Amazon SWF, a task represents a logical unit of work that is performed by a component of your application. Coordinating tasks across the application involves managing intertask dependencies, scheduling, and concurrency in accordance with the logical flow of the application. Amazon SWF gives you full control over implementing tasks and coordinating them without worrying about underlying complexities such as tracking their progress and maintaining their state.

http://aws.amazon.com/documentation/swf/

Amazon SQS

Amazon Simple Queue Service (Amazon SQS) is a messaging queue service that handles messages or workflows between other components in a system.

http://aws.amazon.com/documentation/sqs/

Amazon SES Amazon Simple Email Service (Amazon SES) is an outbound-only email-sending service that provides an easy, cost-effective way for you to send email.

http://aws.amazon.com/documentation/ses/

Amazon SNS Amazon Simple Notification Service (Amazon SNS) is a web service that enables applications, end users, and devices to instantly send and receive notifications from the cloud.

http://aws.amazon.com/documentation/sns/

Amazon Elastic Transcoder

Amazon Elastic Transcoder lets you convert media files that you have stored in Amazon S3 into media files in the formats required by consumer playback devices. For example, you can convert large, high-quality digital media files into formats that users can play back on mobile devices, tablets, web browsers, and connected televisions.

http://aws.amazon.com/documentation/elastictranscoder/

Amazon FPS Amazon Flexible Payments Service (Amazon FPS) facilitates the digital transfer of money between any two entities (humans or computers).

https://payments.amazon.com/developer

Mobile Services

Amazon Cognito

Amazon Cognito is a simple user identity and data synchronization service that helps you securely manage and synchronize application data for your users across their mobile devices. You can create unique identities for your users through a number of public login providers (Amazon, Facebook, and Google) and also support unauthenticated guests.

http://aws.amazon.com/cognito/dev-resources/

AWS Mobile Hub AWS Mobile Hub lets you easily add and configure features for your mobile apps, including user authentication, data storage, back-end logic, push

https://aws.amazon.com/documentation/mobile-hub/

AWS Partner Package

July 11, 2016 Page 17




notifications, content delivery, and analytics. AWS Mobile Hub gives you easy access to testing on real devices, as well as analytics dashboards to track app usage, all from a single, integrated console.

AWS Device Farm

Improve the quality of your iOS, Android, and web applications by testing against real phones and tablets in the AWS Cloud. AWS Device Farm is an app testing service that enables you to test your iOS, Android, and Fire OS apps on real, physical phones and tablets that are hosted by AWS. The service allows you to upload your own tests or use built-in, script-free compatibility tests.

https://aws.amazon.com/documentation/devicefarm/

Amazon Mobile Analytics

With Amazon Mobile Analytics, you can measure app usage and app revenue. By tracking key trends such as new vs. returning users, app revenue, user retention, and custom in-app behavior events, you can make data-driven decisions to increase engagement and monetization for your app. You can view key charts in the Mobile Analytics console and automatically export your app event data to Amazon S3 and Amazon Redshift to run custom analysis.

https://aws.amazon.com/documentation/mobileanalytics/

Internet of Things

AWS IoT

AWS IoT is a platform that enables you to connect devices to AWS Cloud services and other devices, secure data and interactions, process and act upon device data, and enable applications to interact with devices even when they are offline.

https://aws.amazon.com/documentation/iot/

AWS Support

AWS Support

AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced technical support engineers to help customers of all sizes and technical abilities successfully use the products and features provided by AWS.

https://aws.amazon.com/documentation/aws-support/

AWS Trusted Advisor

AWS Trusted Advisor acts like your customized cloud expert, and it helps you provision your resources by following best practices. AWS Trusted Advisor inspects your AWS environment and finds opportunities to save money, improve system performance and reliability, or help close security gaps.

https://aws.amazon.com/premiumsupport/faqs/

AWS Marketplace

AWS Marketplace AWS Marketplace is an online store that helps customers find, buy, and immediately start using the software and services they need to build products and run their businesses.

https://aws.amazon.com/marketplace/help/

AWS Partner Package

July 11, 2016 Page 18


5.0 AWS Regions and Availability Zones The AWS cloud infrastructure is built around regions and Availability Zones. A region is a physical location in the world where we have multiple Availability Zones. Availability Zones consist of one or more discrete data centers, each with redundant power, networking, and connectivity and housed in separate facilities. These Availability Zones offer you the ability to operate production applications and databases that are more highly available, fault tolerant, and scalable than would be possible from a single data center. AWS currently has 13 regions and 35 Availability Zones throughout the world: US East (Northern Virginia), US West (Oregon), US West (Northern California), AWS GovCloud (US) (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Singapore), Asia Pacific (Tokyo), Asia Pacific (Sydney), Asia Pacific (Seoul), Asia Pacific (Mumbai), South America (Sao Paulo), and China (Beijing). Information on each region can be found at the AWS Global Infrastructure webpage. Error! Reference source not found. depicts the current AWS regions and Availability Zones, along with 4 new regions and 9 Availability Zones that are coming online in 2016.

The AWS products and services that are available in each region are listed at the Region Table webpage.

Figure 3 – Global Map of AWS Regions and Availability Zones

AWS Partner Package

July 11, 2016 Page 19


How reliable is an application hosted by AWS?

In 2014, Nucleus Research surveyed 198 AWS customers that reported moving existing workloads from on-premises to AWS and found that they were able to reduce unplanned downtime by 32% (see Availability and Reliability in the Cloud: Amazon Web Services).

Figure 4 illustrates the relationship between regions and Availability Zones.

Figure 4 – Regions and Availability Zones

6.0 Availability and Reliability AWS takes extensive precautions to help ensure that we will remain fully operational, with no loss of service for our hosted applications. AWS replicates critical system components across multiple Availability Zones to ensure high availability both under normal circumstances and during disasters such as fires, tornadoes, or floods. Availability Zones consist of one or more discrete data centers, each with redundant power, networking, and connectivity and housed in separate facilities. Each AWS Availability Zone runs on its own independent infrastructure, engineered to be highly reliable so that even extreme disasters or weather events should only affect a single Availability Zone. The data centers’ electrical power systems are designed to be fully redundant and maintainable without impact to operations. Common points of failure, such as generators, UPS units, and air conditioning, are not shared across Availability Zones.

At AWS, we plan for failure by maintaining contingency plans and regularly rehearsing our responses. In the words of Werner Vogels, Amazon’s CTO: “Everything fails, all the time.” We regularly perform preventative maintenance on our generators and UPS units to ensure that equipment is ready when needed. We also maintain a series of incident response plans covering both common and uncommon events, and update them regularly to incorporate lessons learned and prepare for emerging threats. In the days leading up to a known event such as a hurricane, we make preparations such as increasing fuel supplies, updating staffing plans, and adding provisions like food and water to ensure the safety of the support teams.

AWS Partner Package

July 11, 2016 Page 20


Once it is clear that a storm will impact a specific region, the response plan is executed and we post updates to the Service Health Dashboard throughout the event.

Note that AWS far exceeds the Uptime Institute Tiering certification. Tiering aspects do not take into consideration the nature of the services of the cloud environment, and although the uptime institution tiering can be a great guide, it ultimately does not accurately map to a cloud service provider organization. AWS does not have a Certified Uptime Tiering level; however, we operate a data center environment using N+1 architecture. AWS offers SLAs for services such as Amazon EC2 and Amazon EBS at 99.95%, and Amazon S3 with an SLA of 99.9%. Our generator backup capabilities are detailed in our Service Organization Control (SOC) Reports (as is our discussion regarding business continuity planning and N+1 architecture).

6.1 Example: Hurricane Sandy As an example of AWS availability and reliability, during Hurricane Sandy—the second-costliest hurricane in United States history— AWS remained online throughout the entire storm. An extensive Hurricane Sandy Response Plan, including 24/7 staffing by all service teams, escalation plans and continuous status updates, assured normal operations and service quality for our customers.

In the aftermath of the storm, some companies established operations in the AWS Cloud to replace datacenters lost to flooding and power outages. One such example is NYU’s Langone Medical Center. As noted in the article Still Recovering from Sandy, “…NYU researchers [were] able to push forward with their sequencing experiments. They were able to salvage 200 terabytes of backup sequencing data, and have set up temporary data storage in a New Jersey facility, using computing power from the NYU Center for Genomics and Systems Biology and the Amazon cloud.”

What’s even more interesting is that AWS provided a unique capability for our customers to prepare for worst case scenarios by copying and replicating their data to other AWS regions proactively. Although ultimately this was not necessary, since US East (Northern Virginia) stayed up without any issues, our customers had peace of mind that they would be able to continue their business as usual even if it did fail. One example is the Obama 2012 Campaign: in a nine-hour period, they proactively replicated their entire environment from the US East (Northern Virginia) to the US West (Northern California) region, providing cross-continent fault tolerance on demand. The Obama campaign was able to copy over 27 terabytes of data from East to West in less than four hours (watch the video, Continuous Integration and Deployment Best Practices on AWS, to learn more). Leo Zhadanovsky, a DevOps engineer for the Obama Campaign & Democratic National Committee, who now works for AWS commented that “AWS’s scalable, on-demand capacity allowed Obama for America to quickly spin up a disaster-recovery copy of their infrastructure in another region in a matter of hours—something that would normally take weeks, or months in on premise environment.”

AWS Partner Package

July 11, 2016 Page 21


6.2 Architecting for Availability While AWS goes to great lengths to provide availability of the cloud, our customers share responsibility for ensuring availability within the cloud. These customers and others like them have succeeded because they designed for failure and have adopted best practices for high availability, such as taking advantage of multiple Availability Zones and configuring Auto Scaling groups to replace unhealthy instances. The Building Fault-Tolerant Applications on AWS whitepaper is a great introduction to achieving high availability in the cloud. In addition, the AWS Well-Architected Framework codifies the experiences of thousands of customers, helping customers assess and improve their cloud-based architectures and mitigate disruptions.

AWS customers can rest assured that our services and Availability Zones provide the most solid foundation upon which to build a reliable application. Together, we can build a highly available and resilient application in the cloud.

Please refer to the sample fault tolerant architecture diagram in Figure 5.

AWS Partner Package

July 10, 2016 Page 22


Figure 5 – Fault Tolerant Sample AWS Architecture

AWS Partner Package

July 11, 2016 Page 23


7.0 Scalability and Elasticity In a traditional IT environment scalability and elasticity is often equated with investment and infrastructure. In the cloud, scalability and elasticity provide an opportunity for savings and improved ROI. AWS uses the term “elastic” to describe the ability to scale computing resources up and down easily, with minimal friction. Elasticity helps you avoid provisioning resources up front for projects with variable consumption rates or short lifetimes. Instead of acquiring hardware, setting it up, and maintaining it in order to allocate resources to your applications, you use AWS to allocate resources using simple API calls.

Imagine what would happen to a traditional IT shop if traffic to an application doubled or tripled in a short period. Customers need to be confident that existing infrastructure can handle a spike in traffic, and that the spike will not interfere with normal business operations. Elastic Load Balancing and Auto Scaling can automatically scale your AWS cloud-based resources up to meet unexpected demand, and then scale those resources down as demand decreases.

7.1 Auto Scaling Auto Scaling allows customers to automatically scale their Amazon EC2 capacity up or down according to conditions that they define. Auto Scaling is well suited for applications that experience hourly, daily, or weekly variability in usage. Customers can automatically scale their Amazon EC2 fleet or maintain their Amazon EC2 fleet at a set size. Auto Scaling enables customers to closely follow the demand curve for their applications, reducing the need to provision Amazon EC2 capacity in advance. For example, customers can set a condition to add new Amazon EC2 instances in increments of three instances to the Auto Scaling Group when the average CPU utilization of the Amazon EC2 fleet goes above 70%; and similarly, customers can set a condition to remove Amazon EC2 instances in the same increments when CPU utilization falls below 10%. Often, customers may want more time before Auto Scaling adds or removes more Amazon EC2 instances. Customers can configure a cooldown period for their Auto Scaling Group, which tells Auto Scaling to wait for some time after taking an action before it evaluates the conditions again. Auto Scaling enables customers to run their Amazon EC2 fleet at optimal utilization.

7.2 Elastic Load Balancing Elastic Load Balancing automatically distributes incoming application traffic across multiple Amazon EC2 instances. It enables customers to achieve even greater fault tolerance in their applications, seamlessly providing the amount of load balancing capacity needed in response to incoming application traffic. Elastic Load Balancing detects unhealthy instances and automatically reroutes traffic to healthy instances until the unhealthy instances have been restored. Customers can enable Elastic Load

AWS Partner Package

July 11, 2016 Page 24


Balancing within a single Availability Zone or across multiple zones for even more consistent application performance.

7.2.1 Amazon CloudWatch Amazon CloudWatch is a monitoring service for AWS cloud resources and the applications that customers run on AWS. Customers can use Amazon CloudWatch to collect and track metrics, collect and monitor log files, and set alarms. Amazon CloudWatch can monitor AWS resources such as Amazon EC2 instances, Amazon DynamoDB tables, and Amazon RDS database instances, as well as custom metrics generated by applications and services and any log files your applications generate. Customers can use Amazon CloudWatch to gain system-wide visibility into resource utilization, application performance, and operational health, using these insights to react and keep application running smoothly.

Amazon CloudWatch's metrics and alarms can work together with Auto Scaling and ELB to dynamically deploy new instances on-demand, as depicted in Figure 6.

Figure 6 – Auto Scaling with Elastic Load Balancing and Amazon CloudWatch

8.0 Security The AWS virtual infrastructure has been designed to provide optimum availability while ensuring complete customer privacy and segregation. AWS’s highly secure data centers utilize state-of-the-art electronic surveillance and multi-factor access control systems. Environmental systems are designed to minimize the impact of disruptions to operations, and multiple geographic regions and Availability Zones allow customers to remain resilient in the face of most failure modes, including natural disasters or system failures.

AWS Partner Package

July 11, 2016 Page 25


8.1 Data Center Security and Access AWS does not disclose the exact location of data centers and does not allow data center access to customers as this exposes a wide range of customers to physical access of a third party. Instead of allowing customers to perform physical audits, AWS has an independent third party perform audits of its data centers. These audits are conducted in accordance with FedRAMP, the American Institute of Certified Public Accountants (AICPA): AT 801 (formerly Statement on Standards for Attestation Engagements [SSAE] 16), and the International Standards for Assurance Engagements No.3402 (ISAE 3402) professional standards. The auditors produce a Service Organization Controls 1 (SOC 1), Type 2 report in connection with the audit. Independent reviews of data center physical security are also part of an ISO 27001 audit, a Payment Card Industry (PCI) Data Security Standard (DSS) assessment, and an International Traffic in Arms Regulations (ITAR) audit.

Physical and Environmental Security: AWS’s data centers are state of the art, using innovative architectural and engineering approaches. AWS has many years of experience in designing, constructing, and operating large-scale data centers. This experience has been applied to the AWS platform and infrastructure. AWS data centers are housed in nondescript facilities. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means. Authorized staff must pass two-factor authentication a minimum of two times to access data center floors. All visitors and contractors are required to present identification and are signed in and continually escorted by authorized staff.

AWS only provides data center access and information to employees and contractors who have a legitimate business need for such privileges. When an employee no longer has a business need for these privileges, his or her access is immediately revoked, even if they continue to be an employee of Amazon or Amazon Web Services. All physical access to data centers by AWS employees is logged and audited routinely.

Fire Detection and Suppression: Automatic fire detection and suppression equipment has been installed to reduce risk. The fire detection system utilizes smoke detection sensors in all data center environments, mechanical and electrical infrastructure spaces, chiller rooms and generator equipment rooms. These areas are protected by either wet-pipe, double-interlocked pre-action, or gaseous sprinkler systems.

Power: The data center electrical power systems are designed to be fully redundant and maintainable without impact to operations, 24 hours a day, and seven days a week. Uninterruptible Power Supply (UPS) units provide back-up power in the event of an electrical failure for critical and essential loads in the facility. Data centers use generators to provide back-up power for the entire facility.

Climate and Temperature: Climate control is required to maintain a constant operating temperature for servers and other hardware, which prevents overheating and reduces the possibility of service outages. Data centers are conditioned to maintain atmospheric

AWS Partner Package

July 11, 2016 Page 26


conditions at optimal levels. Personnel and systems monitor and control temperature and humidity at appropriate levels.

Management: AWS monitors electrical, mechanical, and life support systems and equipment so that any issues are immediately identified. Preventative maintenance is performed to maintain the continued operability of equipment.

Storage Device Decommissioning: When a storage device has reached the end of its useful life, AWS procedures include a decommissioning process that is designed to prevent customer data from being exposed to unauthorized individuals.

AWS will provide the SOC 1 report to customers under NDA. The AWS Security Center provides up-to-date information on AWS audits by independent third-party auditors.

8.2 Built-in Security Features Not only are applications and data protected by highly secure facilities and infrastructure, they are also protected by extensive network and security monitoring systems. These systems provide basic but important security measures such as Distributed Denial of Service (DDoS) protection and password brute-force detection on AWS Accounts. Additional security measures include:

Secure Access: Customer access points, also called API endpoints, allow secure HTTP access (HTTPS) so that customers can establish secure communication sessions with their AWS cloud services using Secure Socket Layer (SSL)/Transport Layer Security (TSL).

Built-in Firewall: Customers can control how accessible their instances are by configuring built-in firewall rules—from totally public to completely private, or somewhere in between. And when instances reside within an Amazon Virtual Private Cloud (Amazon VPC) subnet, customers can control egress as well as ingress.

Unique Users: The AWS Identity and Access Management (IAM) tool allows AWS customers to control the level of access their own users have to AWS infrastructure services. With AWS IAM, each user can have unique security credentials, eliminating the need for shared passwords or keys and allowing the security best practices of role separation and least privilege.

Multi-Factor Authentication (MFA): AWS provides built-in support for MFA for use with AWS accounts as well as individual IAM user accounts.

Private Subnets: The Amazon VPC service allows customers to add another layer of network security to instances by creating private subnets and even adding an Internet Protocol Security (IPsec) Virtual Private Network (VPN) tunnel between a home network and Amazon VPC.

Encrypted Data Storage: Customers can have the data and objects they store in Amazon EBS, Amazon S3, Amazon Glacier, Amazon Redshift, and Amazon RDS on Oracle and SQL Server encrypted automatically using Advanced

AWS Partner Package

July 11, 2016 Page 27


Encryption Standard (AES) 256, a secure symmetric-key encryption standard using 256-bit encryption keys.

Dedicated Connection Option: The AWS Direct Connect service allows customers to establish a dedicated network connection from their premises to AWS. Using industry-standard 802.1q VLANs, this dedicated connection can be partitioned into multiple logical connections to enable access to both public and private IP environments within the AWS cloud.

Isolated GovCloud: For customers who require additional measures in order to comply with US ITAR regulations, AWS offers an entirely separate region called AWS GovCloud (US). This isolated region provides an environment where customers can run ITAR-compliant applications and provides special endpoints that utilize only Federal Information Processing Standard (FIPS) 140-2 encryption.

Dedicated, Hardware-Based Crypto Key Storage Option: For customers who must use Hardware Security Module (HSM) appliances for cryptographic key storage, AWS CloudHSM provides a highly secure and convenient way to store and manage keys.

Centralized Key Management: For customers who use encryption extensively and require strict control of their keys, the AWS Key Management Service provides a convenient management option for creating and administering the keys used to encrypt data at rest.

AWS Trusted Advisor: Provided automatically when AWS customers sign up for premium support, the AWS Trusted Advisor service is a convenient way for customers to see where they could use a little more security. It monitors AWS resources and alerts customers to security configuration gaps such as overly permissive access to certain Amazon EC2 instance ports and Amazon S3 storage buckets, minimal use of role segregation using AWS IAM, and weak password policies.

Amazon CloudWatch: Amazon CloudWatch enables customers to collect and track metrics, collect and monitor log files, and set alarms. Amazon CloudWatch can monitor AWS resources such as Amazon EC2 instances, Amazon DynamoDB tables, and Amazon RDS DB instances, as well as custom metrics generated by a customer’s applications and services, and any log files their applications generate. Customers can use Amazon CloudWatch to gain system-wide visibility into resource utilization, application performance, and operational health, using these insights to react and keep applications running smoothly.

Perfect Forward Secrecy: For even greater communication privacy, several AWS cloud services such as Elastic Load Balancing and Amazon CloudFront offer newer, stronger cipher suites. These cipher suites allow SSL/TLS clients to use Perfect Forward Secrecy, a technique that uses session keys that are ephemeral and not stored anywhere. This prevents the decoding of captured data, even if the secret long-term key itself is compromised.

Security Logs: AWS CloudTrail provides logs of all user activity within an AWS account. Please see the Logs and Auditing section later in this document for more information.

AWS Partner Package

July 11, 2016 Page 28


Asset Identification and Configuration: With the AWS Config service, customers can immediately discover all of their AWS resources and view the configuration of each. Customers can receive notifications each time a configuration changes as well as dig into the configuration history to perform incident analysis.

AWS security engineers and solution architects have developed whitepapers and operational checklists to help customers select the best options for their needs and to recommend security best practices, such as storing secret keys and passwords in a secure manner and rotating or changing them frequently.

8.3 Verifying Security In order to provide end-to-end security and end-to-end privacy, AWS builds services in accordance with security best practices, provides the appropriate security features in those services, and documents how to use those features. The AWS cloud infrastructure has been designed and managed in alignment with regulations, standards, and best-practices including:

For information on all of the security regulations and standards with which AWS comp Federal Risk and Authorization Management Program (FedRAMP)

Service Organization Controls (SOC) 1/American Institute of Certified Public Accountants (AICPA): AT 801 (formerly Statement on Standards for Attestation Engagements [SSAE] No. 16)/International Standard on Assurance Engagements (ISAE) 3402 (formerly Statement on Auditing Standards [SAS] No. 70)

SOC 2 SOC 3 Payment Card Industry Data Security Standard (PCI DSS) International Organization for Standardization (ISO) 27001 ISO 27017 ISO 27018 ISO 9001 Department of Defense (DoD) Security Requirements Guide (SRG) security

impact levels 2 and 4 Federal Information Security Management Act (FISMA) US Health Insurance Portability and Accountability Act (HIPAA) FBI Criminal Justice Information Services (CJIS) National Institute of Standards and Technology (NIST) 800-171 International Traffic in Arms Regulations (ITAR) Federal Information Processing Standard (FIPS) 140-2 Family Educational Rights and Privacy Act (FERPA) Information Security Registered Assessors Program (IRAP) (Australia) IT-Grundschutz (Germany)

AWS Partner Package

July 11, 2016 Page 29


For information on all of the security regulations and standards with which AWS complies, visit the AWS Compliance page.

9.0 Shared Responsibility As cloud computing customers are building systems on top of cloud infrastructure, the security and compliance responsibilities are shared between the Cloud Service Providers (CSP) and cloud customers. In an Infrastructure as a Service (IaaS) model, customers control how they architect and secure their applications and data put on the infrastructure, while CSPs are responsible for providing services on a highly secure and controlled platform and providing a wide array of additional security features. The level of CSP and customer responsibilities in this shared responsibility model depends on the cloud deployment model (see the NIST Definition of Cloud Computing models). Customers should be clear as to their responsibilities in each model. AWS’s shared responsibility/security model is depicted in Figure 7 – AWS Shared Responsibility Model.

Figure 7 – AWS Shared Responsibility Model

AWS Responsibility: AWS operates, manages, and controls the infrastructure components, from the host operating system and virtualization layer down to the physical security of the facilities in which the services operate.

Customer/Partner Responsibility: Customers/partners assume responsibility and management of the guest operating system (including updates and security patches), other associated application software, configuration of the AWS-provided security group firewalls, and other security, change management, and logging features.

AWS’s shared responsibility model is further explained on the AWS Compliance webpage at http://aws.amazon.com/compliance/shared-responsibility-model/.

AWS Partner Package

July 11, 2016 Page 30


AWS does not access customer data, and customers are given the choice as to how they store, manage, and protect their data. There are four important basics regarding data ownership and management in the shared responsibility model:

1. Customers continue to own their data. 2. Customers choose the geographic location(s) in which to store their data—it

does not move unless the customer decides to move it. 3. Customers can download or delete their data whenever they like. 4. Customers should consider the sensitivity of their data and decide if and how

to encrypt the data while it is in transit and at rest.

10.0 Managing AWS Resources All AWS cloud services are driven by robust APIs that allow for a wide variety of monitoring and management tools to integrate easily with AWS cloud resources. Common tools from vendors such as Microsoft, VMware, BMC Software, Okta, RightScale, Eucalyptus, CA, Xceedium, Symantec, Racemi, and Dell already support AWS, to name just a few. This flexibility allows AWS customers to easily provision, manage, and monitor all of their IT resources through a “single pane of glass” with the tool that best fits their unique needs. This also means a full inventory of those resources is only a few clicks away.

10.1 Management Console The AWS Management Console is a single destination for managing all AWS resources, from Amazon Elastic Compute Cloud (Amazon EC2) instances to Amazon DynamoDB tables. Use the AWS Management Console to perform any number of tasks, from deploying new applications to monitoring the health of applications. The AWS Management Console also enables customers to manage all aspects of their AWS account, including accessing monthly spending by service, managing security credentials, or even setting up new AWS Identity and Access Management (AWS IAM) users. The AWS Management Console supports all AWS regions and lets customers provision resources across multiple regions.

10.2 Command Line Interface The AWS Command Line Interface (CLI) is a unified tool used to manage AWS cloud services. With just one tool to download and configure, customers can control multiple AWS resources from the command line and automate them through scripts. The AWS CLI introduces a new set of simple file commands for efficient file transfers to and from Amazon Simple Storage Service (Amazon S3).

10.3 Use Existing Management Tools Many of the tools that organizations use to manage on-premises environments can be integrated with AWS as well. Integrating an AWS environment can provide a simpler and quicker path for cloud adoption, because a customer’s operations team does not need to learn new tools or develop completely new processes. For example:

AWS Partner Package

July 11, 2016 Page 31


AWS Management Portal for vCenter enables customers to manage their AWS resources using VMware vCenter. The portal installs as a vCenter plug-in within the existing vCenter environment. Once installed, it enables customers to migrate VMware VMs to Amazon EC2 and manage AWS resources from within vCenter. The AWS resources that customers create using the portal can be located in their AWS account, even though those resources have been created using vCenter. For experienced VMware administrators, AWS Management Portal for vCenter provides a familiar look and feel that can make it easy to start using AWS. AWS Management Portal for vCenter is available at no additional charge.

The Amazon EC2 VM Import Connector extends the capabilities of VMware vCenter to provide a familiar graphical user interface customers can use to import their preexisting Virtual Machines (VMs) to Amazon EC2. Using the connector, importing a VM is as simple as selecting a VM from the vSphere infrastructure, and specifying the AWS region, Availability Zone, operating system, instance size, security group, and Amazon Virtual Private Cloud (Amazon VPC) details (if desired) into which the VM should be imported. Once the VM has been imported, customers can launch it as an instance from the AWS Management Console and immediately take advantage of all the features of Amazon EC2.

AWS Management Pack for Microsoft System Center enables customers to view and monitor their AWS resources directly in the Operations Manager console. Customers can use a single, familiar console to monitor all of their resources, whether they are on-premises or in the AWS cloud with a consolidated view of all AWS resources across regions and Availability Zones. Built-in integration with Amazon CloudWatch allow you to access defined metrics and alarms as performance counters and alerts in the Operations Manager console. Information about AWS Management Pack for Microsoft System Center can be found here.

11.0 Logs and Auditing Logging and monitoring Application Program Interface (API) calls are a key component of security and operational best practices, as well as requirements for industry and regulatory compliance. AWS customers can leverage multiple AWS features and capabilities, along with third-party tools, to monitor their instances and manage/analyze log files.

11.1 AWS CloudTrail AWS CloudTrail is a web service that records API calls to supported AWS services in an AWS account, delivering a log file to an Amazon Simple Storage Service (Amazon S3) bucket. AWS CloudTrail alleviates common challenges experienced in an on-premise environment by making it easier for customers to enhance security and operational processes while demonstrating compliance with policies or regulatory standards.

AWS Partner Package

July 11, 2016 Page 32


With AWS CloudTrail, customers can get a history of AWS API calls for their account, including API calls made via the AWS Management Console, AWS SDKs, command line tools, and higher-level AWS services (such as AWS CloudFormation). The AWS API call history produced by AWS CloudTrail enables security analysis, resource change tracking, and compliance auditing.

For information on the services and features supported by AWS CloudTrail, visit the AWS CloudTrail FAQs on the AWS website.

The AWS whitepaper Security at Scale: Logging In AWS provides an overview of common compliance requirements related to logging, detailing how AWS CloudTrail features can help satisfy these requirements.

The AWS whitepaper Auditing Security Checklist for Use of AWS provides customers with a checklist to assist in evaluating AWS for the purposes of an internal review or external audit.

11.1.1 AWS CloudTrail: Features and Benefits Some of the many features and benefits of AWS CloudTrail include:

Increased Visibility: AWS CloudTrail provides increased visibility into user activity by recording AWS API calls. Customers can answer questions such as, what actions did a given user take over a given time period? For a given resource, which user has taken actions on it over a given time period? What is the source IP address of a given activity? Which activities failed due to inadequate permissions?

Durable and Inexpensive Log File Storage: AWS CloudTrail uses Amazon S3 for log file storage and delivery, so log files are stored durably and inexpensively. Customers can use Amazon S3 lifecycle configuration rules to further reduce storage costs. For example, customers can define rules to automatically delete old log files or archive them to Amazon Glacier for additional savings.

Easy Administration: AWS CloudTrail is a fully managed service; customers simply turn on AWS CloudTrail for their account using the AWS Management Console, the Command Line Interface, or the AWS CloudTrail SDK and start receiving AWS CloudTrail log files in the specified Amazon S3 bucket.

Notifications for Log File Delivery: AWS CloudTrail can be configured to publish a notification for each log file delivered, thus enabling customers to automatically take action upon log file delivery. AWS CloudTrail uses the Amazon Simple Notification Service (Amazon SNS) for notifications.

Choice of Partner Solutions: Multiple partners including AlertLogic, Boundary, Loggly, Splunk, and Sumologic offer integrated solutions to analyze AWS CloudTrail log files. These solutions include features like change tracking, troubleshooting, and security analysis. For more information, see the AWS CloudTrail partners section.

Log File Aggregation: AWS CloudTrail can be configured to aggregate log files across multiple accounts and regions so that log files are delivered to a single

AWS Partner Package

July 11, 2016 Page 33


bucket. For detailed instructions, refer to the Aggregating CloudTrail Log Files to a Single Amazon S3 Bucket section of the user guide.

11.1 Amazon CloudWatch Amazon CloudWatch is a monitoring service for AWS cloud resources and the applications run on AWS. Customers can use Amazon CloudWatch to collect and track metrics, collect and monitor log files, and set alarms. Amazon CloudWatch can monitor AWS resources such as Amazon EC2 instances, Amazon DynamoDB tables, and Amazon RDS DB instances, as well as custom metrics generated by customer applications and services, and any log files that applications generate. Customers can use Amazon CloudWatch to gain system-wide visibility into resource utilization, application performance, and operational health, using these insights to react and keep their application running smoothly.

Customers can use CloudWatch Logs to monitor and troubleshoot systems and applications using their existing system, application, and custom log files. Customers can send their existing system, application, and custom log files to CloudWatch Logs and monitor these logs in near real-time. This helps customers better understand and operate their systems and applications, and they can store their logs using highly durable, low-cost storage for later access.

11.2 LogAnalyzer for Amazon CloudFront LogAnalyzer allows customers to analyze their Amazon CloudFront Logs using Amazon Elastic MapReduce (Amazon EMR). Using Amazon EMR and the LogAnalyzer application customers can generate usage reports containing total traffic volume, object popularity, a break down of traffic by client IPs, and edge location. Reports are formatted as tab delimited text files, and delivered to the Amazon S3 bucket that customers specify.

Amazon CloudFront's Access Logs provide detailed information about requests made for content delivered through Amazon CloudFront, AWS's content delivery service. The LogAnalyzer for Amazon CloudFront analyzes the service's raw log files to produce a series of reports that answer business questions commonly asked by content owners.

11.2.1 Reports Generated The LogAnalyzer application produces four sets of reports based on Amazon CloudFront access logs.

The Overall Volume Report displays total traffic delivered by CloudFront over the specified period.

The Object Popularity Report shows how many times each customer object is requested.

The Client IP Report shows the traffic from each individual Client IP that made a request for content.

AWS Partner Package

July 11, 2016 Page 34


The Edge Location Report shows the total traffic delivered through each edge location.

Each report measures traffic in three ways: the total number of requests, the total number of bytes transferred, and the number of request broken down by HTTP response code. The LogAnalyzer is implemented using Cascading (http://www.cascading.org) and is an example of how to construct an Amazon Elastic MapReduce application. Customers can also customize reports generated by the LogAnalyzer.

12.0 AWS Marketplace AWS Marketplace is an online software store that helps customers find, buy, and immediately start using software that runs on the AWS cloud. It includes software from trusted vendors like SAP, Zend, Microsoft, IBM, Canonical, and 10gen as well as many widely used open source offerings including WordPress, Drupal, and MediaWiki.

The growth of the AWS Partner Network and AWS Marketplace continues to accelerate as customers actively seek partners with the products and expertise to help them take advantage of the AWS cloud. The technology research company, Gartner Inc., states in its Magic Quadrant for Cloud Infrastructure as a Service, Worldwide for 2015 that AWS has attracted “a very large technology partner ecosystem that includes software vendors that have licensed and packaged their software to run on AWS, as well as many vendors that have integrated their software with AWS capabilities. It also has an extensive network of partners that provide application development expertise, managed services, and professional services such as data center migration.”

12.1 Highlights AWS Marketplace offers more than 2,700 software products in 35 categories that

customers can launch on AWS with one click. For software companies interested in making their products available to AWS

customers, AWS Marketplace provides an easy ramp to the cloud. Customers use 205 million hours a month of Amazon EC2 for AWS Marketplace

products.

12.2 AWS Marketplace Works With Qualified Partners The AWS Marketplace enables qualified partners to market and sell their software to AWS Customers. The AWS Partner Network (APN) is the global partner program for AWS. APN is a tiered program comprising Consulting and Technology Partners, who graduate through the tiers based on their level of engagement with AWS. APN is focused on helping qualified partners build a successful AWS-based business by providing great business, technical, marketing, and GTM support.

The AWS Marketplace is designed to help customers interact with APN’s Independent Software Vendors (ISVs), Value-Added Resellers (VARs), and Systems Integrators

AWS Partner Package

July 11, 2016 Page 35


(SIs) who have software products to offer to customers in the cloud. Partners use AWS Marketplace to be up and running in days and offer their software products to customers around the world.

12.3 Buy from Popular Software Vendors on AWS Marketplace AWS Marketplace is pleased to announce support for buying software along new pricing dimensions that are intended to better match the value you receive from software you use. These new dimensions include pricing by user, by host or by data.

12.3.1 New Pricing Dimensions Match the Way You Consume Software With these new pricing dimensions, you can scale your software usage up or down without modifying your EC2 Instance and still pay through your AWS Marketplace bill. When your usage changes, the price you pay per hour changes. This means you only pay for the amount of software you need to operate your workloads. All usage will still be calculated at the end of the month, along with other AWS usage, and added to your existing AWS bill. This is a new level of flexibility in consumption based pricing.

Over the coming months, we anticipate dozens of our top sellers will make the minor changes to their products offered in AWS Marketplace to use our new flexible metering capability. We are pleased at launch to have worked with four vendors who moved to exploit our innovation and be ready with our software capability in AWS Marketplace: Aspera, Chef, SoftNAS, and Trend Micro. Learn more by exploring their products below.

The growth of the AWS Partner Network and AWS Marketplace continues to accelerate as customers actively seek partners with the products and expertise to help them take advantage of the AWS cloud.

Figure 8 below highlights the breadth of the APN and the AWS Marketplace.

Figure 8 − AWS's Extensive Partner Ecosystem

AWS Partner Package

July 11, 2016 Page 36


12.4 Pricing AWS Marketplace offers free trials and hourly and monthly pricing models. Customers can get started with Software Free Trials or AWS Free Tier Eligible Software.

13.0 AWS Service Catalog AWS Service Catalog allows IT administrators to create, manage, and distribute catalogs of approved products to users, who can then access the products they need in a personalized portal. Administrators can control which users have access to each application or AWS resource to enforce compliance with organizational business policies. AWS Service Catalog allows your organization to benefit from increased agility and reduced costs because users can find and launch only the services and products they need from a catalog that you control.

These IT services, available from AWS, can include everything from virtual machine images, servers, software, and databases to complete multi-tier application architectures. AWS Service Catalog provides additional benefits, such as service and version control, catalog customization, and IT lifecycle management. Read more about AWS Service Catalog details, below:

Ensure compliance with corporate standards. With AWS Service Catalog, you can control which IT services and versions are available, control the configuration of the available services, and grant access permission by individual, group, department, or cost center.

Help employees quickly find and deploy approved IT services. With AWS Service Catalog, you define your own collection of AWS services and AWS Marketplace software to create a customized catalog, which you can make available to your organization. Then, your users can use a self-service portal to quickly access and deploy the IT services they want.

Manage the IT service lifecycle. AWS Service Catalog enables you to add new versions of IT services as necessary, and users are notified to access the latest updates.

Customize IT service access controls. With AWS Service Catalog you can control the use of IT services by specifying constraints, such as the AWS region or IP address range in in which a product can be launched

13.1 Products and Portfolios A product is an IT service that you want to make available for deployment on AWS. A product can be comprised of one or more AWS resources, such as EC2 instances, storage volumes, databases, monitoring configurations, and networking components, or packaged AWS Marketplace products. A product can be a single compute instance running AWS Linux, a fully configured multi-tier web application running in its own environment, or anything in between. You create your products by importing AWS CloudFormation templates. These templates define the AWS resources required for the product, the relationships between resources, and the parameters that the end user can

AWS Partner Package

July 11, 2016 Page 37


plug in when they launch the product to configure security groups, create key pairs, and perform other customizations.

A portfolio is a collection of products bundled together with configuration information. Portfolios help you to manage product configuration and also to define who can use specific products and how they can use them. With AWS Service Catalog, you can create a customized portfolio for each type of user in your organization and selectively grant access to the appropriate portfolio.

When you add a new version of a product to a portfolio, that version is automatically available to all current users of that portfolio. For example, for developers, you can define a portfolio of development environments, such as a LAMP stack with approved versions that users can use for software development and testing. You could also define a portfolio for the marketing organizations that includes campaign websites and market analysis applications.

13.2 Versioning AWS Service Catalog allows you to manage multiple versions of the products in your catalog. This allows you to add new versions of templates and associated resources based on software updates or configuration changes. When you create a new version of a product, the update is automatically distributed to all users who have access to the product, allowing the user to select which version of the product to use. Users can update running instances of the product to the new version quickly and easily.

13.3 Access Control Granting a user access to a portfolio enables that user to browse the portfolio and launch the products in it. You can apply AWS Identity and Access Management (IAM) permissions to control who can view and modify your products and portfolios. IAM permissions can be assigned to IAM users, groups, and roles. When a user launches a product that has an IAM role assigned to it, AWS Service Catalog uses the role to launch the product's cloud resources using AWS CloudFormation. By assigning an IAM role to each product, you can avoid giving users permissions to perform unapproved operations, and enable them to provision resources using the catalog.

13.4 Constraints Constraints restrict the ways that specific AWS resources can be deployed for a product. You can use them to apply limits to products for governance or cost control. There are two types of constraints: template and launch. Template constraints restrict the configuration parameters that are available for the user when launching the product (for example, EC2 instance types or IP ranges). Launch constraints allow you to specify a role for a product in a portfolio. This role is used to provision the resources at launch, so you can restrict user permissions without impacting users’ ability to provision products from the catalog. For example, for marketing users, you can enable them to

AWS Partner Package

July 11, 2016 Page 38


create campaign websites, but use constraints to restrict their access to provision the underlying databases.

13.5 Stack Every AWS Service Catalog product is launched as an AWS CloudFormation stack, which is a set of resources provisioned for that instance of the product. AWS CloudFormation stacks make it easier to manage the lifecycle of your product by allowing you to provision, tag, update, and terminate your product instance as a single unit. In the AWS Service Catalog console, administrators can create portfolios, add products, and grant users permissions to use them with just a few clicks. End users logged into the AWS Service Catalog console can see and launch the products that administers have created for them

To get started with the AWS Service Catalog, go to the AWS Management Console and choose AWS Service Catalog in Administration & Security.

14.0 AWS Resources The best source of Amazon Web Services (AWS) information is the AWS website: http://aws.amazon.com/. We advise that you leverage the vast amount of AWS resources on the site, which contains product descriptions, FAQs, documentation, case studies, and tutorials.

14.1 Cloud Overview What is Cloud Computing: https://aws.amazon.com/what-is-cloud-computing/ Enterprise Cloud Computing: http://aws.amazon.com/enterprise/

14.2 Whitepaper resources All whitepapers are found at: http://aws.amazon.com/whitepapers/. We advise starting with the three key AWS whitepapers listed below:

AWS Overview: http://d0.awsstatic.com/whitepapers/aws-overview.pdf AWS Risk and Compliance:

http://d0.awsstatic.com/whitepapers/compliance/AWS_Risk_and_Compliance_Whitepaper.pdf

Overview of Security Processes: http://d0.awsstatic.com/whitepapers/Security/AWS Security Whitepaper.pdf

14.3 Product Information Information on all AWS products: https://aws.amazon.com/products/ Amazon Elastic Compute Cloud (Amazon EC2): http://aws.amazon.com/ec2/ Amazon Elastic Block Store (Amazon EBS): http://aws.amazon.com/ebs/ Amazon Simple Storage Service (Amazon S3): http://aws.amazon.com/s3/ Amazon Virtual Private Cloud (Amazon VPC): http://aws.amazon.com/vpc/

AWS Partner Package

July 11, 2016 Page 39


Databases: http://aws.amazon.com/running_databases/ AWS Identity and Access Management (IAM): http://aws.amazon.com/iam/

14.4 Security and Compliance AWS Cloud Security Center: http://aws.amazon.com/security/ AWS Cloud Compliance: http://aws.amazon.com/compliance/ AWS GovCloud (US) Region: http://aws.amazon.com/govcloud-us/ FedRAMP: http://aws.amazon.com/compliance/fedramp-faqs/ Securing Data at Rest with Encryption:

http://d0.awsstatic.com/whitepapers/AWS_Securing_Data_at_Rest_with_Encryption.pdf

14.5 Economics Economics overview: https://aws.amazon.com/economics/ Pricing: http://aws.amazon.com/pricing/ How AWS Pricing Works:

http://media.amazonwebservices.com/AWS_Pricing_Overview.pdf Pricing Calculator: http://calculator.s3.amazonaws.com/index.html TCO Calculator: http://aws.amazon.com/tco-calculator/

14.6 Architecture AWS Architecture center: http://aws.amazon.com/architecture/ Hybrid Architecture: http://aws.amazon.com/enterprise/hybrid/ AWS Cloud Architecture Best Practices:

http://d0.awsstatic.com/whitepapers/AWS_Cloud_Best_Practices.pdf

14.7 Case Studies Search through a wide range of AWS success stories:

http://aws.amazon.com/solutions/case-studies/

14.8 Support & Training AWS Support Tiers and Features: https://aws.amazon.com/premiumsupport/ AWS Training and Certification: http://aws.amazon.com/training/

14.9 Legal Legal page: http://aws.amazon.com/legal/

Page 19 of 31

RFP # 22-16 July 11th, 2016

Tab 8 - Value Added Products and Services

Include any additional products and/or services available that vendor currently performs in their normal course of business that is not included in the scope of the solicitation that you think will enhance and add value to this contract for Region 14 ESC and all NCPA participating entities.

Software Partners Infrastructure Partners/Certs Public Cloud Partners Managed Cloud Partners

Chef Cisco CCIE certifications Amazon Web Services DataPipe Puppet Labs Cisco Master Unified Communications Microsoft Azure Rackspace

QliK Cisco Gold ViaWest Veeam Palo Alto Opus Zerto EMC Involta

Splunk Net App Gold Faction Pure Storage Cisco Cloud Center (CliQr) VMware Premier

CompuNet has core competencies in the following solution areas and will assists in any areas (course of business) including:

Data Center & Cloud

Data centers are experiencing tremendous change. They are transitioning from simply operating siloed physical infrastructure to delivering IT as a service. As part of this transformation, resources are becoming more and more virtualized, infrastructure is converging, and some critical functions are moving to the public cloud. And now that business units are realizing that tangible insights can be drawn from synthesizing disparate data, all of your data is much more valuable. But the path to tomorrow’s data center isn’t always smooth. While you may want to install new solutions in a hosted space or move them to the cloud, you may have substantial investments tied up in legacy sites and infrastructure. Fortunately, we’re here to help. CompuNet’s consultants, IT architects, and highly experienced engineers can help you create a roadmap for your private data center that will bring you piece of mind and create maximum value for your infrastructure investments.

Our Data Center infrastructure ecosystem partners We work with a broad range of strategic partners to bring you today’s most advanced technology. They include: Cisco, EMC, VMware, NetApp, Pure Storage, f5 Networks, Citrix, Veeam, Puppet Labs, Chef, CliQr (now Cisco Cloud Center) and many more.

Cloud Enablement Services

Wherever you are in your cloud journey, it is our goal to be your partner and help you along on your way to success. Our team of workload placement specialists has developed relationships with all of the leading cloud providers, and we can help you assess each of them in relation to your workloads and your organizational needs. Our team can help you put the cost, security, and governance controls in place to optimize your cloud environment. Our top Cloud Partners Amazon Web Services, Microsoft Azure, DataPipe, Rackspace, Equinix, ViaWest, Involta, Chef, VMware, Cisco, CliQr, Puppet Labs.

Collaboration

Collaborate everywhere, and on any device. A new generation of technologies is emerging to improve collaboration across organizations and empower people to engage and innovate anywhere, and on any device. Together, these

Page 20 of 31

RFP # 22-16 July 11th, 2016

technologies are often described as unified communications, and they may include advanced conferencing solutions, intelligent contact center systems, collaboration endpoints, and more. Building a unified communications framework for your business can yield extraordinary value in terms of productivity, innovation, and cost savings. CompuNet’s engineers can help you design it, plan it, and get it done.

Our collaboration partner Our close relationship with CISCO allows us to address a broad spectrum of today’s collaboration challenges the industry’s most advanced collaboration solutions.

Enterprise Networks & Mobility

Network solutions that accelerate enterprise mobility. How people work is changing fast. Employees want to work from any device, anywhere, and at any time. Business users are demanding more apps on more devices and faster, more pervasive Wi-Fi, and you’re committed to making it happen. But making it happen isn’t going to be easy. All the apps your users want to access—the lifeblood of your organization—run over your network infrastructure. You’ll need to adopt network-centric solutions for mobile device management (MDM) and mobile application management (MAM), and keep it all secure. In other words, you need managed mobility.

Fortunately, CompuNet can help. Our engineers can help evolve your network infrastructure to deliver fast and secure managed mobility to your workforce.

Our network infrastructure ecosystem partners We work with a broad range of strategic partners to bring you today’s most advanced networking hardware, software, and solutions. They include:

Cisco, f5 Networks, VMware, Fluke Networks

Information Security

Secure your data, your systems, and your reputation. We are now storing more information about more people and more subjects than ever before. Businesses are using this information to build insightful new connections, offer personalized new products and services, and conduct a wide variety of complex and interrelated transactions. The opportunities are limitless, but so are the risks. Because it’s stored in so many locations and handled by so many systems, information is now more vulnerable than ever before. And, as information systems grow both more powerful and more interdependent, security breaches can have a tremendous impact on individuals and organizations. For businesses of all sizes, having a solid security strategy is more important than ever. And that’s where we come in. CompuNet designs security solutions that are custom-tailored for today’s workforce. We offer comprehensive secure network design, architecture and implementation.

Our security ecosystem partners Our partners provide a rich ecosystem of security solutions to address a broad spectrum of today’s challenges. We have selected our security partners based on our engineering expertise and industry experts. Our partners represent the best products available to organizations based on recommendations from trusted resources, such as, Gartner, SANS, NIST, ISC2, ISSA, and ISO to name a few. These partners include:

AWS, Palo Alto Networks, CISCO, Tenable, F5, Imperva, RSA, Carbon Black, Gemalto, Splunk

Page 21 of 31

RFP # 22-16 July 11th, 2016

Physical Security

Physical security you and your people can rely on Severe weather

Power failures. Equipment failures. Unpredictable actions by individuals or groups. All of these events can threaten your people and make it hard—or even impossible—for them to do what they do best. That’s why you want to adopt the most advanced security technologies for your facilities. However, you may have existing investments in analog systems that could make the transition to truly intelligent physical security a major challenge. And you may need to integrate multiple solutions into a single, collaborative whole. CompuNet can help. Our engineers can work with you to build network-centric physical security solutions that deliver multidimensional protection for your organization’s unique environment. We offer sophisticated physical security with a simple goal: to keep your people and your facilities safe.

Our physical security ecosystem partners We work with strategic partners to bring you the most advanced physical security technologies available today. They include:

Genetec Unified Elite Partner, AXIS Gold Partner, HID Global, ASSA ABLOY, Altronix

Managed Services

Predict problems and stop them before they happen It breaks, and IT fixes it. For years, this was how IT organizations operated. But not anymore. IT is now so critical to business operations and profitability that the break-fix model exposes businesses to unprecedented risks. Today, business units are insisting on internal service-level agreements (SLAs) that guarantee uptime and high levels of responsiveness when issues do occur. And a growing number of IT organizations are transitioning to a managed service model, in which they work with a single service provider to proactively manage multiple aspects of their IT environment. CompuNet offers flexible managed services to help you monitor your environment for signs of trouble, head off emerging issues, and plan for the future.

Managed services partnership We partner with AccelOps to provide a broad spectrum of enterprise-class managed services, including cloud security, network monitoring, compliance reporting, operations, change management, and more.

Integrated Media Solutions

Reinvent how your business works

There’s nothing like flying to a meeting or a conference to visit colleagues and make new connections. But, with limited travel budgets and busy schedules, we usually have to settle for conference calls, screen sharing, and online chat. It’s not great, but it works reasonably well, and it’s a lot more convenient than getting on a plane every day or two. Video conferencing, when it’s integrated with dynamic collaboration tools, can provide a collaborative experience that’s infinitely closer to the real thing. Teams can communicate face-to-face even if their members are mobile or based in offices thousands of miles away from each other, and share the same digital workspace. The right combination of solutions can make it easier to share ideas, innovate, and plan for success.

Page 22 of 31

RFP # 22-16 July 11th, 2016

We believe integrated media solutions will provide the foundation for tomorrow’s work experience. CompuNet’s engineers can help you choose, configure, and deploy solutions that will get you there.

Our integrated media solutions ecosystem partners

Our partners offer advanced solutions that provide the foundation for a connected and productive work experience.

Cisco, Crestron

Page 23 of 31

RFP # 22-16 July 11th, 2016

Tab 9 - Required Documents

Clean Air and Water Act / Debarment Notice

Contractors Requirements

Antitrust Certification Statements

FEMA Standard Terms and Conditions Addendum for Contracts and Grants

Required Clauses for Federal Assistance by FTA

State Notice Addendum

Page 24 of 31

RFP # 22-16 July 11th, 2016

Clean Air and Water Act & Debarment Notice

I, the Vendor, am in compliance with all applicable standards, orders or regulations issued pursuant to the Clean Air Act of 1970, as Amended (42 U.S. C. 1857 (h), Section 508 of the Clean Water Act, as amended (33 U.S.C. 1368), Executive Order 117389 and Environmental Protection Agency Regulation, 40 CFR Part 15 as required under OMB Circular A-102, Attachment O, Paragraph 14 (1) regarding reporting violations to the grantor agency and to the United States Environment Protection Agency Assistant Administrator for the Enforcement.

I hereby further certify that my company has not been debarred, suspended or otherwise ineligible for participation in Federal Assistance programs under Executive Order 12549, “Debarment and Suspension”, as described in the Federal Register and Rules and Regulations

Potential Vendor CompuNet, Inc.

Print Name Thomas McFarlin

Address 2264 S. Bonito Way

City, Sate, Zip Meridian, ID 83642


Date 7/15/2016

Page 25 of 31

RFP # 22-16 July 11th, 2016

Contractor Requirements Contractor Certification

Contractor’s Employment Eligibility

By entering the contract, Contractor warrants compliance with the Federal Immigration and Nationality Act (FINA), and all other federal and state immigration laws and regulations. The Contractor further warrants that it is in compliance with the various state statues of the states it is will operate this contract in.

Participating Government Entities including School Districts may request verification of compliance from any Contractor or subcontractor performing work under this Contract. These Entities reserve the right to confirm compliance in accordance with applicable laws.

Should the Participating Entities suspect or find that the Contractor or any of its subcontractors are not in compliance, they may pursue any and all remedies allowed by law, including, but not limited to: suspension of work, termination of the Contract for default, and suspension and/or debarment of the Contractor. All costs necessary to verify compliance are the responsibility of the Contractor.

The offeror complies and maintains compliance with the appropriate statutes which requires compliance with federal immigration laws by State employers, State contractors and State subcontractors in accordance with the E-Verify Employee Eligibility Verification Program.

Contractor shall comply with governing board policy of the NCPA Participating entities in which work is being performed

Fingerprint & Background Checks

If required to provide services on school district property at least five (5) times during a month, contractor shall submit a full set of fingerprints to the school district if requested of each person or employee who may provide such service. Alternately, the school district may fingerprint those persons or employees. An exception to this requirement may be made as authorized in Governing Board policy. The district shall conduct a fingerprint check in accordance with the appropriate state and federal laws of all contractors, subcontractors or vendors and their employees for which fingerprints are submitted to the district. Contractor, subcontractors, vendors and their employees shall not provide services on school district properties until authorized by the District.

The offeror shall comply with fingerprinting requirements in accordance with appropriate statutes in the state in which the work is being performed unless otherwise exempted.

Contractor shall comply with governing board policy in the school district or Participating Entity in which work is being performed

Business Operations in Sudan, Iran In accordance with A.R.S. 35-391 and A.R.S. 35-393, the Contractor hereby certifies that the contractor does not have scrutinized business operations in Sudan and/or Iran.


Date 7/15/2016

Page 26 of 31

RFP # 22-16 July 11th, 2016

Antitrust Certification Statements (Tex. Government Code § 2155.005)

I affirm under penalty of perjury of the laws of the State of Texas that:

(1) I am duly authorized to execute this contract on my own behalf or on behalf of the company, corporation, firm,partnership or individual (Company) listed below;

(2) In connection with this bid, neither I nor any representative of the Company has violated any provision of the TexasFree Enterprise and Antitrust Act, Tex. Bus. & Comm. Code Chapter 15;

(3) In connection with this bid, neither I nor any representative of the Company has violated any federal antitrust law;and

(4) Neither I nor any representative of the Company has directly or indirectly communicated any of the contents of thisbid to a competitor of the Company or any other company, corporation, firm, partnership or individual engaged in thesame line of business as the Company.





Fax No. (208)286-3002





Date 7/15/2016

Page 27 of 31

RFP # 22-16 July 11th, 2016

FEMA Standard Terms and Conditions Addendum for Contracts and Grants If any purchase made under the Master Agreement is funded in whole or in part by Federal Emergency Management Agency (“FEMA”) grants, Contractor shall comply with all federal laws and regulations applicable to the receipt of FEMA grants, including, but not limited to the contractual procedures set forth in Title 44 of the Code of Federal Regulations, Part 13 (“44 CFR 13”). In addition, Contractor agrees to the following specific provisions: 1) Pursuant to 44 CFR 13.36(i)(1), University is entitled to exercise all administrative, contractual, or other remedies

permitted by law to enforce Contractor’s compliance with the terms of this Master Agreement, including but not limited to those remedies set forth at 44 CFR 13.43.

2) Pursuant to 44 CFR 13.36(i)(2), University may terminate the Master Agreement for cause or convenience in accordance with the procedures set forth in the Master Agreement and those provided by 44 CFR 13.44.

3) Pursuant to 44 CFR 13.36(i)(3)-(6)(12), and (13), Contractor shall comply with the following federal laws: a. Executive Order 11246 of September 24, 1965, entitled “Equal Employment Opportunity,” as amended by

Executive Order 11375 of October 13, 1967, and as supplemented in Department of Labor (“DOL”) regulations (41 CFR Ch. 60);

b. Copeland “Anti-Kickback” Act (18 U.S.C. 874), as supplemented in DOL regulations (29 CFR Part 3); c. Davis-Bacon Act (40 U.S.C. 276a-276a-7) as supplemented by DOL regulations (29 CFR Part 5); d. Section 103 and 107 of the Contract Work Hours and Safety Standards Act (40 U.S.C. 327-30) as supplemented by

DOL regulations (29 CFR Part 5); e. Section 306 of the Clean Air Act (42 U.S.C. 1857(h), section 508 of the Clean Water Act (33 U.S.C. 1368), Executive

Order 11738, and Environmental Protection Agency regulations (40 CFR part 15); and f. Mandatory standards and policies relating to energy efficiency which are contained in the state energy

conservation play issued in compliance with the Energy Policy and Conservation Act (Pub. L.94-163, 89 Stat. 871).

4) Pursuant to 44 CFR 13.36(i)(7), Contractor shall comply with FEMA requirements and regulations pertaining to reporting, including but not limited to those set forth at 44 CFR 40 and 41.

5) Pursuant to 44 CFR 13.36(i)(8), Contractor agrees to the following provisions 72 regarding patents: a. All rights to inventions and/or discoveries that arise or are developed, in the course of or under this Agreement,

shall belong to the participating agency and be disposed of in accordance with the participating agencies policy. The participating agency, at its own discretion, may file for patents in connection with all rights to any such inventions and/or discoveries.

6) Pursuant to 44 CFR 13.36(i)(9), Contractor agrees to the following provisions, regarding copyrights: a. If this Agreement results in any copyrightable material or inventions, in accordance with 44 CFR 13.34, FEMA

reserves a royalty-free, nonexclusive, and irrevocable license to reproduce, publish or otherwise use, for Federal Government purposes: 1) The copyright in any work developed under a grant or contract; and 2) Any rights of copyright to which a grantee or a contactor purchases ownership with grant support.

7) Pursuant to 44 CFR 13.36(i)(10), Contractor shall maintain any books, documents, papers, and records of the Contractor which are directly pertinent to this Master Agreement. At any time during normal business hours and as often as the participating agency deems necessary, Contractor shall permit participating agency, FEMA, the Comptroller General of United States, or any of their duly authorized representatives to inspect and photocopy such records for the purpose of making audit, examination, excerpts, and transcriptions.

8) Pursuant to 44 CFR 13.36(i)(11), Contractor shall retain all required records for three years after FEMA or participating agency makes final payments and all other pending matters are closed. In addition, Contractor shall comply with record retention requirements set forth in 44 CFR 13.42.

Page 28 of 31

RFP # 22-16 July 11th, 2016

Required Clauses for Federal Assistance provided by FTA

ACCESS TO RECORDS AND REPORTS Contractor agrees to:

a) Maintain all books, records, accounts and reports required under this Contract for a period of not less than three (3) years after the date of termination or expiration of this Contract or any extensions thereof except in the event of litigation or settlement of claims arising from the performance of this Contract, in which case Contractor agrees to maintain same until Public Agency, the FTA Administrator, the Comptroller General, or any of their duly authorized representatives, have disposed of all such litigation, appeals, claims or exceptions related thereto.

a) Permit any of the foregoing parties to inspect all work, materials, payrolls, and other data and records with regard to the Project, and to audit the books, records, and accounts with regard to the Project and to reproduce by any means whatsoever or to copy excerpts and transcriptions as reasonably needed for the purpose of audit and examination.

FTA does not require the inclusion of these requirements of Article 1.01 in subcontracts. Reference 49 CFR 18.39 (i)(11).

CIVIL RIGHTS / TITLE VI REQUIREMENTS

1) Non-discrimination. In accordance with Title VI of the Civil Rights Act of 1964, as amended, 42 U.S.C. § 2000d, Section 303 of the Age Discrimination Act of 1975, as amended, 42 U.S.C. § 6102, Section 202 of the Americans with Disabilities Act of 1990, as amended, 42 U.S.C. § 12132, and Federal Transit Law at 49 U.S.C. § 5332, Contractor or subcontractor agrees that it will not discriminate against any employee or applicant for employment because of race, color, creed, national origin, sex, marital status age, or disability. In addition, Contractor agrees to comply with applicable Federal implementing regulations and other implementing requirements FTA may issue.

2) Equal Employment Opportunity. The following Equal Employment Opportunity requirements apply to this Contract: a. Race, Color, Creed, National Origin, Sex. In accordance with Title VII of the Civil Rights Act, as amended, 42 U.S.C. §

2000e, and Federal Transit Law at 49 U.S.C. § 5332, the Contractor agrees to comply with all applicable Equal Employment Opportunity requirements of U.S. Dept. of Labor regulations, “Office of Federal Contract Compliance Programs, Equal Employment Opportunity, Department of Labor, 41 CFR, Parts 60 et seq., and with any applicable Federal statutes, executive orders, regulations, and Federal policies that may in the future affect construction activities undertaken in the course of this Project. Contractor agrees to take affirmative action to ensure that applicants are employed, and that employees are treated during employment, without regard to their race, color, creed, national origin, sex, marital status, or age. Such action shall include, but not be limited to, the following: employment, upgrading, demotion or transfer, recruitment or recruitment advertising, layoff or termination, rates of pay or other forms of compensation; and selection for training, including apprenticeship. In addition, Contractor agrees to comply with any implementing requirements FTA may issue.

b. Age. In accordance with the Age Discrimination in Employment Act (ADEA) of 1967, as amended, 29 U.S.C. sections 621 through 634, and Equal Employment Opportunity Commission (EEOC) implementing regulations, “Age Discrimination in Employment Act”, 29 CFR Part 1625, prohibit employment discrimination by Contractor against individuals on the basis of age, including present and prospective employees. In addition, Contractor agrees to comply with any implementing requirements FTA may issue.

c. Disabilities. In accordance with Section 102 of the Americans with Disabilities Act of 1990, as amended (ADA), 42 U.S.C. Sections 12101 et seq., prohibits discrimination against qualified individuals with disabilities in programs, activities, and services, and imposes specific requirements on public and private entities. Contractor agrees that it will comply with the requirements of the Equal Employment Opportunity Commission (EEOC), “Regulations to Implement the Equal Employment Provisions of the Americans with Disabilities Act,” 29 CFR, Part 1630, pertaining to employment of persons with disabilities and with their responsibilities under Titles I through V of the ADA in employment, public services, public accommodations, telecommunications, and other provisions.

Page 29 of 31

RFP # 22-16 July 11th, 2016

d. Segregated Facilities. Contractor certifies that their company does not and will not maintain or provide for their employees any segregated facilities at any of their establishments, and that they do not and will not permit their employees to perform their services at any location under the Contractor’s control where segregated facilities are maintained. As used in this certification the term “segregated facilities” means any waiting rooms, work areas, restrooms and washrooms, restaurants and other eating areas, parking lots, drinking fountains, recreation or entertainment areas, transportation, and housing facilities provided for employees which are segregated by explicit directive or are in fact segregated on the basis of race, color, religion or national origin because of habit, local custom, or otherwise. Contractor agrees that a breach of this certification will be a violation of this Civil Rights clause.

3) Solicitations for Subcontracts, Including Procurements of Materials and Equipment. In all solicitations, either by competitive bidding or negotiation, made by Contractor for work to be performed under a subcontract, including procurements of materials or leases of equipment, each potential subcontractor or supplier shall be notified by Contractor of Contractor's obligations under this Contract and the regulations relative to non-discrimination on the grounds of race, color, creed, sex, disability, age or national origin.

4) Sanctions of Non-Compliance. In the event of Contractor's non-compliance with the non-discrimination provisions of this Contract, Public Agency shall impose such Contract sanctions as it or the FTA may determine to be appropriate, including, but not limited to: 1) Withholding of payments to Contractor under the Contract until Contractor complies, and/or; 2) Cancellation, termination or suspension of the Contract, in whole or in part.

Contractor agrees to include the requirements of this clause in each subcontract financed in whole or in part with Federal assistance provided by FTA, modified only if necessary to identify the affected parties.

DISADVANTAGED BUSINESS PARTICIPATION

This Contract is subject to the requirements of Title 49, Code of Federal Regulations, Part 26, “Participation by Disadvantaged Business Enterprises in Department of Transportation Financial Assistance Programs”, therefore, it is the policy of the Department of Transportation (DOT) to ensure that Disadvantaged Business Enterprises (DBEs), as defined in 49 CFR Part 26, have an equal opportunity to receive and participate in the performance of DOT-assisted contracts.

1) Non-Discrimination Assurances. Contractor or subcontractor shall not discriminate on the basis of race, color, national origin, or sex in the performance of this Contract. Contractor shall carry out all applicable requirements of 49 CFR Part 26 in the award and administration of DOT-assisted contracts. Failure by Contractor to carry out these requirements is a material breach of this Contract, which may result in the termination of this Contract or other such remedy as public agency deems appropriate. Each subcontract Contractor signs with a subcontractor must include the assurance in this paragraph. (See 49 CFR 26.13(b)).

2) Prompt Payment. Contractor is required to pay each subcontractor performing Work under this prime Contract for satisfactory performance of that work no later than thirty (30) days after Contractor’s receipt of payment for that Work from public agency. In addition, Contractor is required to return any retainage payments to those subcontractors within thirty (30) days after the subcontractor’s work related to this Contract is satisfactorily completed and any liens have been secured. Any delay or postponement of payment from the above time frames may occur only for good cause following written approval of public agency. This clause applies to both DBE and non-DBE subcontractors. Contractor must promptly notify public agency whenever a DBE subcontractor performing Work related to this Contract is terminated or fails to complete its Work, and must make good faith efforts to engage another DBE subcontractor to perform at least the same amount of work. Contractor may not terminate any DBE subcontractor and perform that Work through its own forces, or those of an affiliate, without prior written consent of public agency.

Page 30 of 31

RFP # 22-16 July 11th, 2016

3) DBE Program. In connection with the performance of this Contract, Contractor will cooperate with public agency in meeting its commitments and goals to ensure that DBEs shall have the maximum practicable opportunity to compete for subcontract work, regardless of whether a contract goal is set for this Contract. Contractor agrees to use good faith efforts to carry out a policy in the award of its subcontracts, agent agreements, and procurement contracts which will, to the fullest extent, utilize DBEs consistent with the efficient performance of the Contract.

ENERGY CONSERVATION REQUIREMENTS

Contractor agrees to comply with mandatory standards and policies relating to energy efficiency which are contained in the State energy conservation plans issued under the Energy Policy and Conservation Act, as amended, 42 U.S.C. Sections 6321 et seq. and 41 CFR Part 301-10.

FEDERAL CHANGES

Contractor shall at all times comply with all applicable FTA regulations, policies, procedures and directives, including without limitation those listed directly or by reference in the Contract between public agency and the FTA, as they may be amended or promulgated from time to time during the term of this contract. Contractor’s failure to so comply shall constitute a material breach of this Contract.

INCORPORATION OF FEDERAL TRANSIT ADMINISTRATION (FTA) TERMS The provisions include, in part, certain Standard Terms and Conditions required by the U.S. Department of Transportation (DOT), whether or not expressly set forth in the preceding Contract provisions. All contractual provisions required by the DOT, as set forth in the most current FTA Circular 4220.1F, dated November 1, 2008, are hereby incorporated by reference. Anything to the contrary herein notwithstanding, all FTA mandated terms shall be deemed to control in the event of a conflict with other provisions contained in this Contract. Contractor agrees not to perform any act, fail to perform any act, or refuse to comply with any public agency requests that would cause public agency to be in violation of the FTA terms and conditions.

NO FEDERAL GOVERNMENT OBLIGATIONS TO THIRD PARTIES

Agency and Contractor acknowledge and agree that, absent the Federal Government’s express written consent and notwithstanding any concurrence by the Federal Government in or approval of the solicitation or award of the underlying Contract, the Federal Government is not a party to this Contract and shall not be subject to any obligations or liabilities to agency, Contractor, or any other party (whether or not a party to that contract) pertaining to any matter resulting from the underlying Contract. Contractor agrees to include the above clause in each subcontract financed in whole or in part with federal assistance provided by the FTA. It is further agreed that the clause shall not be modified, except to identify the subcontractor who will be subject to its provisions.

PROGRAM FRAUD AND FALSE OR FRAUDULENT STATEMENTS

Contractor acknowledges that the provisions of the Program Fraud Civil Remedies Act of 1986, as amended, 31 U.S.C. §§ 3801 et seq. and U.S. DOT regulations, “Program Fraud Civil Remedies,” 49 CFR Part 31, apply to its actions pertaining to this Contract. Upon execution of the underlying Contract, Contractor certifies or affirms the truthfulness and accuracy of any statement it has made, it makes, it may make, or causes to me made, pertaining to the underlying Contract or the FTA assisted project for which this Contract Work is being performed. In addition to other penalties that may be applicable, Contractor further acknowledges that if it makes, or causes to be made, a false, fictitious, or fraudulent claim, statement, submission, or certification, the Federal Government reserves the right to impose the penalties of the Program Fraud Civil

Page 31 of 31

RFP # 22-16 July 11th, 2016

Remedies Act of 1986 on Contractor to the extent the Federal Government deems appropriate. Contractor also acknowledges that if it makes, or causes to me made, a false, fictitious, or fraudulent claim, statement, submission, or certification to the Federal Government under a contract connected with a project that is financed in whole or in part with Federal assistance originally awarded by FTA under the authority of 49 U.S.C. § 5307, the Government reserves the right to impose the penalties of 18 U.S.C. § 1001 and 49 U.S.C. § 5307 (n)(1) on the Contractor, to the extent the Federal Government deems appropriate.

Contractor agrees to include the above clauses in each subcontract financed in whole or in part with Federal assistance provided by FTA. It is further agreed that the clauses shall not be modified, except to identify the subcontractor who will be subject to the provisions.





Fax No. (208)286-3002





Date 7/15/2016

StateNoticeAddendum

Pursuanttocertainstatenoticeprovisionsthefollowingpublicagenciesandpoliticalsubdivisionsofthereferencedpublicagenciesareeligibletoaccessthecontractawardmadepursuanttothissolicitation.Publicagenciesandpoliticalsubdivisionsareherebygivennoticeoftheforegoingrequestforproposalforpurposesofcomplyingwiththeproceduralrequirementofsaidstatutes:

Nationwide:http://www.usa.gov/Agencies/Local_Government/Cities.shtml

OtherStates:Cities,Towns,Villages,andBoroughs

No.Cities,Towns,VillagesandBoroughsinOregon

1 CEDARMILLCOMMUNITYLIBRARY2 CITYCOUNTYINSURANCESERVICES3 CITYOFADAIRVILLAGE4 CITYOFALBANY5 CITYOFASHLAND6 CITYOFASTORIAOREGON7 CITYOFAUMSVILLE8 CITYOFAURORA9 CITYOFBEAVERTON10 CITYOFBOARDMAN11 CITYOFBURNS12 CITYOFCANBY13 CITYOFCANNONBEACHOR14 CITYOFCANYONVILLE15 CITYOFCENTRALPOINTPOLICEDEPARTMENT16 CITYOFCLATSKANIE17 CITYOFCOBURG18 CITYOFCONDON19 CITYOFCOOSBAY20 CITYOFCORVALLIS21 CITYOFCOTTAGEGROVE22 CITYOFCRESWELL23 CITYOFDALLAS24 CITYOFDAMASCUS25 CITYOFDUNDEE26 CITYOFEAGLEPOINT27 CITYOFECHO28 CITYOFESTACADA29 CITYOFEUGENE30 CITYOFFAIRVIEW31 CITYOFFALLSCITY32 CITYOFGATES33 CITYOFGEARHART34 CITYOFGERVAIS35 CITYOFGOLDHILL36 CITYOFGRANTSPASS37 CITYOFGRESHAM38 CITYOFHAPPYVALLEY39 CITYOFHILLSBORO40 CITYOFHOODRIVER41 CITYOFJOHNDAY42 CITYOFKLAMATHFALLS43 CITYOFLAGRANDE44 CITYOFLAKEOSWEGO45 CITYOFLAKESIDE46 CITYOFLEBANON47 CITYOFMALIN48 CITYOFMCMINNVILLE49 CITYOFMEDFORD50 CITYOFMILLCITY51 CITYOFMILLERSBURG52 CITYOFMILWAUKIE53 CITYOFMORO

54 CITYOFMOSIER55 CITYOFNEWBERG56 CITYOFNORTHPLAINS57 CITYOFOREGONCITY58 CITYOFPHOENIX59 CITYOFPILOTROCK60 CITYOFPORTORFORD61 CITYOFPORTLAND62 CITYOFPOWERS63 CITYOFREDMOND64 CITYOFREEDSPORT65 CITYOFRIDDLE66 CITYOFSALEM67 CITYOFSANDY68 CITYOFSANDY69 CITYOFSCAPPOOSE70 CITYOFSEASIDE71 CITYOFSHADYCOVE72 CITYOFSHERWOOD73 CITYOFSPRINGFIELD74 CITYOFST.PAUL75 CITYOFSTAYTON76 CITYOFTIGARD,OREGON77 CITYOFTUALATIN,OREGON78 CITYOFWARRENTON79 CITYOFWESTLINN/PARKS80 CITYOFWILSONVILLE81 CITYOFWINSTON82 CITYOFWOODVILLAGE83 CITYOFWOODBURN84 CITYOFYACHATS85 FLORENCEAREACHAMBEROFCOMMERCE86 GASTONRURALFIREDEPARTMENT87 GLADSTONEPOLICEDEPARTMENT88 HOUSINGAUTHORITYOFTHECITYOFSALEM89 KEIZERPOLICEDEPARTMENT90 LEAGUEOFOREGONCITIES91 MALINCOMMUNITYPARKANDRECREATIONDISTRICT92 METRO93 MONMOUTH-INDEPENDENCENETWORK94 PORTLANDDEVELOPMENTCOMMISSION95 RAINIERPOLICEDEPARTMENT96 RIVERGROVEWATERDISTRICT97 SUNSETEMPIREPARKANDRECREATION98 THENEWPORTPARKANDRECREATIONCENTER99 TILLAMOOKPEOPLESUTILITYDISTRICT100 TUALATINVALLEYFIRE&RESCUE101 WESTVALLEYHOUSINGAUTHORITYNo. CountiesandParishes1 ASSOCIATIONOFOREGONCOUNTIES2 BENTONCOUNTY3 CLACKAMASCOUNTYDEPTOFTRANSPORTATION4 CLATSOPCOUNTY5 COLUMBIACOUNTY,OREGON6 COOSCOUNTYHIGHWAYDEPARTMENT7 CROOKCOUNTYROADDEPARTMENT

8 CURRYCOUNTYOREGON9 DESCHUTESCOUNTY10 DOUGLASCOUNTY11 GILLIAMCOUNTY12 GILLIAMCOUNTYOREGON13 GRANTCOUNTY,OREGON14 HARNEYCOUNTYSHERIFFSOFFICE15 HOODRIVERCOUNTY16 HOUSINGAUTHORITYOFCLACKAMASCOUNTY17 JACKSONCOUNTYHEALTHANDHUMANSERVICES18 JEFFERSONCOUNTY19 KLAMATHCOUNTYVETERANSSERVICEOFFICE20 LAKECOUNTY21 LANECOUNTY22 LINCOLNCOUNTY23 LINNCOUNTY24 MARIONCOUNTY,SALEM,OREGON25 MORROWCOUNTY26 MULTNOMAHCOUNTY27 MULTNOMAHCOUNTY28 MULTNOMAHLAWLIBRARY29 NAMILANECOUNTY30 POLKCOUNTY31 SHERMANCOUNTY32 UMATILLACOUNTY,OREGON33 UNIONCOUNTY34 WALLOWACOUNTY35 WASCOCOUNTY36 WASHINGTONCOUNTY37 YAMHILLCOUNTY1 BOARDOFWATERSUPPLY2 COUNTYOFHAWAII3 MAUICOUNTYCOUNCILNo. HigherEducation1 BIRTHINGWAYCOLLEGEOFMIDWIFERY2 BLUEMOUNTAINCOMMUNITYCOLLEGE3 CENTRALOREGONCOMMUNITYCOLLEGE4 CHEMEKETACOMMUNITYCOLLEGE5 CLACKAMASCOMMUNITYCOLLEGE6 COLUMBIAGORGECOMMUNITYCOLLEGE7 GEORGEFOXUNIVERSITY8 KLAMATHCOMMUNITYCOLLEGEDISTRICT9 LANECOMMUNITYCOLLEGE10 LEWISANDCLARKCOLLEGE11 LINFIELDCOLLEGE12 LINN-BENTONCOMMUNITYCOLLEGE13 MARYLHURSTUNIVERSITY14 MT.HOODCOMMUNITYCOLLEGE15 MULTNOMAHBIBLECOLLEGE16 NATIONALCOLLEGEOFNATURALMEDICINE17 NORTHWESTCHRISTIANCOLLEGE18 OREGONHEALTHANDSCIENCEUNIVERSITY19 OREGONUNIVERSITYSYSTEM20 PACIFICUNIVERSITY21 PORTLANDCOMMUNITYCOLLEGE22 PORTLANDSTATEUNIV.23 REEDCOLLEGE24 ROGUECOMMUNITYCOLLEGE25 SOUTHWESTERNOREGONCOMMUNITYCOLLEGE26 TILLAMOOKBAYCOMMUNITYCOLLEGE27 UMPQUACOMMUNITYCOLLEGE28 WESTERNSTATESCHIROPRACTICCOLLEGE29 WILLAMETTEUNIVERSITY1 ARGOSYUNIVERSITY2 BRIGHAMYOUNGUNIVERSITY-HAWAII3 COLLEGEOFTHEMARSHALLISLANDS4 RESEARCHCORPORATIONOFTHEUNIVERSITYOFHAWAII5 UNIVERSITYOFHAWAIIATMANOANo. K-121 ARCHBISHOPFRANCISNORBERTBLANCHETSCHOOL2 BAKERCOUNTYSCHOOLDIST.16J-MALHEURESD

3 BAKERSCHOOLDISTRICT5-J4 BANDONSCHOOLDISTRICT5 BANKSSCHOOLDISTRICT6 BEAVERTONSCHOOLDISTRICT7 BEND/LAPINESCHOOLDISTRICT8 BEND-LAPINESCHOOLDISTRICT9 BROOKINGHARBORSCHOOLDISTRICTNO.17-C10 CANBYSCHOOLDISTRICT11 CANYONVILLECHRISTIANACADEMY12 CASCADESCHOOLDISTRICT13 CASCADESACADEMYOFCENTRALOREGON14 CENTENNIALSCHOOLDISTRICT15 CENTRALCATHOLICHIGHSCHOOL16 CENTRALPOINTSCHOOLDISTRICTNO.617 CENTRALSCHOOLDISTRICT13J18 CLACKAMASEDUCATIONSERVICEDISTRICT19 COOSBAYSCHOOLDISTRICT20 COOSBAYSCHOOLDISTRICTNO.921 COQUILLESCHOOLDISTRICT822 COUNTYOFYAMHILLSCHOOLDISTRICT2923 CRESWELLSCHOOLDISTRICT24 CROSSROADSCHRISTIANSCHOOL25 CULVERSCHOOLDISTRICTNO.26 DALLASSCHOOLDISTRICTNO.227 DAVIDDOUGLASSCHOOLDISTRICT28 DAYTONSCHOOLDISTRICTNO.829 DELASALLENCATHOLICHS30 DESCHUTESCOUNTYSDNO.6-SISTERSSD31 DOUGLASCOUNTYSCHOOLDISTRICT11632 DOUGLASEDUCATIONSERVICEDISTRICT33 DUFURSCHOOLDISTRICTNO.2934 ELKTONSCHOOLDISTRICTNO.3435 ESTACADASCHOOLDISTRICTNO.10836 FORESTGROVESCHOOLDISTRICT37 GASTONSCHOOLDISTRICT511J38 GENCONFOFSDACHURCHWESTERNOR39 GLADSTONESCHOOLDISTRICT40 GLENDALESCHOOLDISTRICT41 GLIDESCHOOLDISTRICTNO.1242 GRANTSPASSSCHOOLDISTRICT743 GREATERALBANYPUBLICSCHOOLDISTRICT44 GRESHAM-BARLOWSCHOOLDISTRICT45 HARNEYCOUNTYSCHOOLDIST.NO.346 HARNEYEDUCATIONSERVICEDISTRICT47 HEADSTARTOFLANECOUNTY48 HERITAGECHRISTIANSCHOOL49 HIGHDESERTEDUCATIONSERVICEDISTRICT50 HOODRIVERCOUNTYSCHOOLDISTRICT51 JACKSONCOSCHOOLDISTNO.952 JEFFERSONCOUNTYSCHOOLDISTRICT509-J53 JEFFERSONSCHOOLDISTRICT54 KLAMATHFALLSCITYSCHOOLS55 LAGRANDESCHOOLDISTRICT56 LAKEOSWEGOSCHOOLDISTRICT7J57 LANECOUNTYSCHOOLDISTRICT4J58 LANECOUNTYSCHOOLDISTRICT6959 LEBANONCOMMUNITYSCHOOLSNO.960 LINCOLNCOUNTYSCHOOLDISTRICT61 LINNCO.SCHOOLDIST.95C-SCIOSD62 LOSTRIVERJR/SRHIGHSCHOOL63 LOWELLSCHOOLDISTRICTNO.7164 MARIONCOUNTYSCHOOLDISTRICT103-WASHINGTONES65 MCMINNVILLESCHOOLDISTRICTNO.4066 MEDFORDSCHOOLDISTRICT549C67 MITCHCHARTERSCHOOL68 MOLALLARIVERACADEMY69 MOLALLARIVERSCHOOLDISTRICTNO.3570 MONROESCHOOLDISTRICTNO.1J71 MORROWCOUNTYSCHOOLDISTRICT72 MT.ANGELSCHOOLDISTRICTNO.9173 MT.SCOTTLEARNINGCENTERS74 MULTISENSORYLEARNINGACADEMY

75 MULTNOMAHEDUCATIONSERVICEDISTRICT76 MYRTLEPOINTSCHOOLDISTRICTNO.4177 NEAH-KAH-NIEDISTRICTNO.5678 NESTUCCAVALLEYSCHOOLDISTRICTNO.10179 NOBELLEARNINGCOMMUNITIES80 NORTHBENDSCHOOLDISTRICT1381 NORTHCLACKAMASSCHOOLDISTRICT82 NORTHSANTIAMSCHOOLDISTRICT29J83 NORTHWASCOCTYSCHOOLDISTRICT21-CHENOWITH84 NORTHWESTREGIONALEDUCATIONSERVICEDISTRICT85 NYSSASCHOOLDISTRICTNO.2686 ONTARIOMIDDLESCHOOL87 OREGONTRAILSCHOOLDISTRICTNO.4688 OURLADYOFTHELAKESCHOOL89 PHILOMATHSCHOOLDISTRICT90 PHOENIX-TALENTSCHOOLDISTRICTNO.491 PORTLANDADVENTISTACADEMY92 PORTLANDJEWISHACADEMY93 PORTLANDPUBLICSCHOOLS94 RAINIERSCHOOLDISTRICT95 REDMONDSCHOOLDISTRICT96 REEDSPORTSCHOOLDISTRICT97 REYNOLDSSCHOOLDISTRICT98 ROGUERIVERSCHOOLDISTRICTNO.3599 ROSEBURGPUBLICSCHOOLS100 SALEM-KEIZERPUBLICSCHOOLS101 SCAPPOOSESCHOOLDISTRICT1J102 SEASIDESCHOOLDISTRICT10103 SEVENPEAKSSCHOOL104 SHERWOODSCHOOLDISTRICT88J105 SILVERFALLSSCHOOLDISTRICT106 SIUSLAWSCHOOLDISTRICT107 SOUTHCOASTEDUCATIONSERVICEDISTRICT108 SOUTHLANESCHOOLDISTRICT45J3109 SOUTHERNOREGONEDUCATIONSERVICEDISTRICT110 SOUTHWESTCHARTERSCHOOL111 SPRINGFIELDSCHOOLDISTRICTNO.19112 STANFIELDSCHOOLDISTRICT113 SWEETHOMESCHOOLDISTRICTNO.55114 THECATLINGABELSCHOOL115 TIGARD-TUALATINSCHOOLDISTRICT116 UMATILLA-MORROWESD117 VERNONIASCHOOLDISTRICT47J118 WESTHILLSCOMMUNITYCHURCH119 WESTLINNWILSONVILLESCHOOLDISTRICT120 WHITEAKERMONTESSORISCHOOL121 YONCALLASCHOOLDISTRICTNO.321 CONGREGATIONOFCHRISTIANBROTHERSOFHAWAII,INC.2 EMMANUALLUTHERANSCHOOL3 HANAHAU`OLISCHOOL4 HAWAIITECHNOLOGYACADEMY5 ISLANDSCHOOL6 KAMEHAMEHASCHOOLS7 KEKULAOS.M.KAMAKAU8 MARYKNOLLSCHOOL9 PACIFICBUDDHISTACADEMYNo. Nonprofit&Other1 211INFO2 ACUMENTRAHEALTH3 ADDICTIONSRECOVERYCENTER,INC4 ALLFOURONE/CRESTVIEWCONFERENCECTR.5 ALVORD-TAYLORINDEPENDENTLIVINGSERVICES6 ALZHEIMERSNETWORKOFOREGON7 ASHLANDCOMMUNITYHOSPITAL8 ATHENALIBRARYFRIENDSASSOCIATION9 BARLOWYOUTHFOOTBALL10 BAYAREAFIRSTSTEP,INC.11 BENTONHOSPICESERVICE12 BETHELCHURCHOFGOD13 BIRCHCOMMUNITYSERVICES,INC.14 BLACHLYLANEELECTRICCOOPERATIVE15 BLINDENTERPRISESOFOREGON

16 BONNEVILLEENVIRONMENTALFOUNDATION17 BOYSANDGIRLSCLUBSOFPORTLANDMETROPOLITANAREA18 BROADBASEPROGRAMSINC.19 CANBYFOURSQUARECHURCH20 CANCERCARERESOURCES21 CASCADIABEHAVIORALHEALTHCARE22 CASCADIAREGIONGREENBUILDINGCOUNCIL23 CATHOLICCHARITIES24 CATHOLICCOMMUNITYSERVICES25 CENTERFORRESEARCHTOPRACTICE26 CENTRALBIBLECHURCH27 CENTRALCITYCONCERN28 CENTRALDOUGLASCOUNTYFAMILYYMCA29 CENTRALOREGONCOMMUNITYACTIONAGENCYNETWORK30 CHILDPEACEMONTESSORI31 CITYBIBLECHURCH32 CLACKAMASRIVERWATER33 CLASSROOMLAWPROJECT34 COASTREHABILITATIONSERVICES35 COLLEGEHOUSINGNORTHWEST36 COLUMBIACOMMUNITYMENTALHEALTH37 COMMUNITYACTIONORGANIZATION38 COMMUNITYACTIONTEAM,INC.39 COMMUNITYCANCERCENTER40 COMMUNITYHEALTHCENTER,INC41 COMMUNITYVETERINARYCENTER42 CONFEDERATEDTRIBESOFGRANDRONDE43 CONSERVATIONBIOLOGYINSTITUTE44 CONTEMPORARYCRAFTSMUSEUMANDGALLERY45 CORVALLISMOUNTAINRESCUEUNIT46 COVENANTCHRISTIANHOODRIVER47 COVENANTRETIREMENTCOMMUNITIES48 DECISIONSCIENCERESEARCHINSTITUTE,INC.49 DELIGHTVALLEYCHURCHOFCHRIST50 DOGSFORTHEDEAF,INC.51 DOUGLASELECTRICCOOPERATIVE,INC.52 EASTHILLCHURCH53 EASTSIDEFOURSQUARECHURCH54 EASTWESTMINISTRIESINTERNATIONAL55 EDUCATIONALPOLICYIMPROVEMENTCENTER56 ELMIRACHURCHOFCHRIST57 EMERALDPUD58 EMMAUSCHRISTIANSCHOOL59 ENAVANT,INC.60 ENTERPRISEFOREMPLOYMENTANDEDUCATION61 EUGENEBALLETCOMPANY62 EUGENESYMPHONYASSOCIATION,INC.63 EUGENEWATER&ELECTRICBOARD64 EVERGREENAVIATIONMUSEUMANDCAP.MICHAELKING.65 FAIRSHARERESEARCHANDEDUCATIONFUND66 FAITHCENTER67 FAITHFULSAVIORMINISTRIES68 FAMILIESFIRSTOFGRANTCOUNTY,INC.69 FANCONIANEMIARESEARCHFUNDINC.70 FARMWORKERHOUISNGDEVCORP71 FIRSTCHURCHOFTHENAZARENE72 FIRSTUNITARIANCHURCH73 FORDFAMILYFOUNDATION74 FOUNDATIONSFORABETTEROREGON75 FRIENDSOFTHECHILDREN76 GATEWAYTOCOLLEGENATIONALNETWORK77 GOALONECOALITION78 GOLDBEACHPOLICEDEPARTMENT79 GOODSHEPHERDCOMMUNITIES80 GOODWILLINDUSTRIESOFLANEANDSOUTHCOASTCOUNTIES81 GRANTPARKCHURCH82 GRANTSPASSMANAGEMENTSERVICES,DBA83 GREATERHILLSBOROAREACHAMBEROFCOMMERCE84 HALFWAYHOUSESERVICES,INC.85 HEARINGANDSPEECHINSTITUTEINC86 HELPNOW!ADVOCACYCENTER87 HIGHLANDHAVEN

88 HIGHLANDUNITEDCHURCHOFCHRIST89 HIVALLIANCE,INC90 HOUSINGAUTHORITYOFLINCOLNCOUNTY91 HOUSINGAUTHORITYOFPORTLAND92 HOUSINGNORTHWEST93 INDEPENDENTINSURANCEAGENTSANDBROKERSOFOREGON94 INTERNATIONALSOCIETYFORTECHNOLOGYINEDUCATION95 INTERNATIONALSUSTAINABLEDEVELOPMENTFOUNDATION96 IRCO97 JASPERMOUNTAIN98 JUNIORACHIEVEMENT99 KLAMATHHOUSINGAUTHORITY100 LACLINICADELCARINOFAMILYHEALTHCARECENTER101 LAGRANDEUNITEDMETHODISTCHURCH102 LANEELECTRICCOOPERATIVE103 LANEMEMORIALBLOODBANK104 LANECOFEDERALCREDITUNION105 LAURELHILLCENTER106 LIFEWORKSNW107 LIVINGWAYFELLOWSHIP108 LOAVES&FISHESCENTERS,INC.109 LOCALGOVERNMENTPERSONNELINSTITUTE110 LOOKINGGLASSYOUTHANDFAMILYSERVICES111 MACDONALDCENTER112 MAKINGMEMORIESBREASTCANCERFOUNDATION,INC.113 METROHOMESAFETYREPAIRPROGRAM114 METROPOLITANFAMILYSERVICE115 MIDCOLUMBIACOUNCILOFGOVERNMENTS116 MID-COLUMBIACENTERFORLIVING117 MID-WILLAMETTEVALLEYCOMMUNITYACTIONAGENCY,INC118 MORNINGSTARMISSIONARYBAPTISTCHURCH119 MORRISONCHILDANDFAMILYSERVICES120 MOSAICCHURCH121 NATIONALPSORIASISFOUNDATION122 NATIONALWILDTURKEYFEDERATION123 NEWAVENUESFORYOUTHINC124 NEWBEGINNINGSCHRISTIANCENTER125 NEWHOPECOMMUNITYCHURCH126 NEWBERGFRIENDSCHURCH127 NORTHBENDCITY-COOS/URRYHOUSINGAUTHORITY128 NORTHWESTFOODPROCESSORSASSOCIATION129 NORTHWESTLINEJOINTAPPRENTICESHIP&TRAININGCOMMITTEE130 NORTHWESTREGIONALEDUCATIONALLABORATORY131 NORTHWESTYOUTHCORPS132 OCHIN133 OHSUFOUNDATION134 OLIVETBAPTISTCHURCH135 OMNIMEDIXINSTITUTE136 OPENMEADOWALTERNATIVESCHOOLS,INC.137 OREGONBALLETTHEATRE138 OREGONCITYCHURCHOFTHENAZARENE139 OREGONCOASTCOMMUNITYACTION140 OREGONDEATHWITHDIGNITY141 OREGONDONORPROGRAM142 OREGONEDUCATIONASSOCIATION143 OREGONENVIRONMENTALCOUNCIL144 OREGONMUSUEMOFSCIENCEANDINDUSTRY145 OREGONPROGRESSFORUM146 OREGONREPERTORYSINGERS147 OREGONSTATEUNIVERSITYALUMNIASSOCIATION148 OREGONSUPPORTEDLIVINGPROGRAM149 OSLCCOMMUNITYPROGRAMS150 OUTSIDEIN151 OUTSIDEIN152 PACIFICCASCADEFEDERALCREDITUNION153 PACIFICFISHERYMANAGEMENTCOUNCIL154 PACIFICINSTITUTESFORRESEARCH155 PACIFICSTATESMARINEFISHERIESCOMMISSION156 PARALYZEDVETERANSOFAMERICA157 PARTNERSHIPSINCOMMUNITYLIVING,INC.158 PENDLETONACADEMIES159 PENTAGONFEDERALCREDITUNION

160 PLANNEDPARENTHOODOFSOUTHWESTERNOREGON161 PORTCITYDEVELOPMENTCENTER162 PORTLANDARTMUSEUM163 PORTLANDBUSINESSALLIANCE164 PORTLANDHABILITATIONCENTER,INC.165 PORTLANDSCHOOLSFOUNDATION166 PORTLANDWOMENSCRISISLINE167 PREGNANCYRESOUCECENTERSOFGRETERPORTLAND168 PRINGLECREEKSUSTAINABLELIVINGCENTER169 PUBLICDEFENDERSERVICESOFLANECOUNTY,INC.170 QUADRIPLEGICSUNITEDAGAINSTDEPENDENCY,INC.171 REBUILDINGTOGETHER-PORTLANDINC.172 REGIONALARTSANDCULTURECOUNCIL173 RELEVANTLIFECHURCH174 RENEWABLENORTHWESTPROJECT175 ROGUEFEDERALCREDITUNION176 ROSEVILLA,INC.177 SACREDHEARTCATHOLICDAUGHTERS178 SAIFCORPORATION179 SAINTANDREWNATIVITYSCHOOL180 SAINTCATHERINEOFSIENACHURCH181 SAINTJAMESCATHOLICCHURCH182 SALEMALLIANCECHURCH183 SALEMELECTRIC184 SALMON-SAFEINC.185 SCIENCEWORKS186 SEWORKS187 SECURITYFIRSTCHILDDEVELOPMENTCENTER188 SELFENHANCEMENTINC.189 SERENITYLANE190 SEXUALASSAULTRESOURCECENTER191 SEXUALASSAULTRESOURCECENTER192 SHELTERCARE193 SHERIDANJAPANESESCHOOLFOUNDATION194 SHERMANDEVELOPMENTLEAGUE,INC.195 SILVERTONAREACOMMUNITYAID196 SISKIYOUINITIATIVE197 SMART198 SOCIALVENTUREPARTNERSPORTLAND199 SOUTHCOASTHOSPICE,INC.200 SOUTHLANEFAMILYNURSERYDBAFAMILYRELIEFNURSE201 SOUTHERNOREGONCHILDANDFAMILYCOUNCIL,INC.202 SOUTHERNOREGONHUMANESOCIETY203 SPARCENTERPRISES204 SPIRITWIRELESS205 SPONSORS,INC.206 SPOTLIGHTTHEATREOFPLEASANTHILL207 SPRINGFIELDUTILITYBOARD208 STVINCENTDEPAUL209 ST.ANTHONYCHURCH210 ST.ANTHONYSCHOOL211 ST.MARYSOFMEDFORD,INC.212 ST.VINCENTDEPAULOFLANECOUNTY213 STANDFORCHILDREN214 STAROFHOPEACTIVITYCENTERINC.215 SUMMITVIEWCOVENANTCHURCH216 SUNNYSIDEFOURSQUARECHURCH217 SUNRISEENTERPRISES218 SUSTAINABLENORTHWEST219 TENASILLAHEECHILDCARECENTER220 THEEARLYEDUCATIONPROGRAM,INC.221 THENATIONALASSOCIATIONOFCREDITMANAGEMENT-OREGON,

INC.222 THENEXTDOOR223 THEOREGONCOMMUNITYFOUNDATION224 THESALVATIONARMY-CASCADEDIVISION225 TILLAMOOKCNTYWOMENSCRISISCENTER226 TILLAMOOKESTUARIESPARTNERSHIP227 TOUCHSTONEPARENTORGANIZATION228 TRAILSCLUB229 TRAININGEMPLOYMENTCONSORTIUM230 TRI-COUNTYHEALTHCARESAFETYNETENTERPRISE

231 TRILLIUMFAMILYSERVICES,INC.232 UMPQUACOMMUNITYDEVELOPMENTCORPORATION233 UNIONGOSPELMISSION234 UNITEDCEREBRALPALSYOFORANDSWWA235 UNITEDWAYOFTHECOLUMBIAWILLAMETTE236 USCONFERENCEOFMENONNITEBRETHRENCHURCHES237 USFISHANDWILDLIFESERVICE238 USAGENCIESCREDITUNION239 VERMONTHILLSFAMILYLIFECENTER240 VIRGINIAGARCIAMEMORIALHEALTHCENTER241 VOLUNTEERSOFAMERICAOREGON242 WECAREOREGON243 WESTERNRIVERSCONSERVANCY244 WESTERNSTATESCENTER245 WESTSIDEBAPTISTCHURCH246 WILDSALMONCENTER247 WILLAMETTEFAMILY248 WILLAMETTEVIEWINC.249 WOODBURNAREACHAMBEROFCOMMERCE250 WORDOFLIFECOMMUNITYCHURCH251 WORKSYSTEMSINC252 YOUTHGUIDANCEASSOC.253 YWCASALEM1 ALOCHOLICREHABILITATIONSVSOFHIINCDBAHINAMAUKA2 ALOHACARE3 AMERICANLUNGASSOCIATION4 BISHOPMUSEUM5 BUILDINGINDUSTRYASSOCIATIONOFHAWAII6 CTRFORCULTURALANDTECHINTERCHNGBETWEASTANDWEST7 EAH,INC.8 EASTERSEALSHAWAII9 GOODWILLINDUSTRIESOFHAWAII,INC.10 HABITATFORHUMANITYMAUI11 HALEMAHAOLU12 HAROLDK.L.CASTLEFOUNDATION13 HAWAIIAGRICULTURERESEARCHCENTER14 HAWAIIEMPLOYERSCOUNCIL15 HAWAIIFAMILYLAWCLINICDBAALAKUOLA16 HONOLULUHABITATFORHUMANITY17 IUPAT,DISTRICTCOUNCIL5018 LANAKILAREHABILITATIONCENTERINC.19 LEEWARDHABITATFORHUMANITY20 MAUICOUNTYFCU21 MAUIECONOMICDEVELOPMENTBOARD22 MAUIECONOMICOPPORTUNITY,INC.23 MAUIFAMILYYMCA24 NAHALEOMAUI25 NALEIALOHAFOUNDATION26 NETWORKENTERPRISES,INC.27 ORIANUENUEHALE,INC.28 PARTNERSINDEVELOPMENTFOUNDATION29 POLYNESIANCULTURALCENTER30 PUNAHOUSCHOOL31 ST.THERESACHURCH32 WAIANAECOMMUNITYOUTREACH33 WAILUKUFEDERALCREDITUNION34 YMCAOFHONOLULUNo. Special/IndependentDistricts1 BAYAREAHOSPITALDISTRICT2 CENTRALOREGONINTERGOVERNMENTALCOUNCIL3 CENTRALOREGONIRRIGATIONDISTRICT4 CHEHALEMPARKANDRECREATIONDISTRICT5 CITYCOUNTYINSURANCESERVICES6 CLEANWATERSERVICES7 COLUMBIA911COMMUNICATIONSDISTRICT8 COLUMBIARIVERPUD

9 DESCHUTESCOUNTYRFPDNO.210 DESCHUTESPUBLICLIBRARYSYSTEM11 EASTMULTNOMAHSOILANDWATERCONSERVANCY12 GASTONRURALFIREDEPARTMENT13 GLADSTONEPOLICEDEPARTMENT14 GLENDALERURALFIREDISTRICT15 HOODLANDFIREDISTRICTNO.7416 HOODLANDFIREDISTRICT#7417 HOUSINGAUTHORITYANDCOMMUNITYSERVICESAGENCY18 KLAMATHCOUNTY9-1-119 LANEEDUCATIONSERVICEDISTRICT20 LANETRANSITDISTRICT21 MALINCOMMUNITYPARKANDRECREATIONDISTRICT22 MARIONCOUNTYFIREDISTRCT#123 METRO24 METROPOLITANEXPOSITION-RECREATIONCOMMISSION25 MONMOUTH-INDEPENDENCENETWORK26 MULTONAHCOUNTYDRAINAGEDISTRICT#127 NEAHKAHNIEWATERDISTRICT28 NWPOWERPOOL29 OAKLODGEWATERDISTRICT30 ORINT'LPORTOFCOOSBAY31 PORTOFSTHELENS32 PORTOFUMPQUA33 REGIONALAUTOMATEDINFORMATIONNETWORK34 RIVERGROVEWATERDISTRICT35 SALEMAREAMASSTRANSITDISTRICT36 SANDYFIREDISTRICTNO.7237 SUNSETEMPIREPARKANDRECREATION38 THENEWPORTPARKANDRECREATIONCENTER39 THEPORTOFPORTLAND40 TILLAMOOKPEOPLESUTILITYDISTRICT41 TUALATINHILLSPARKANDRECREATIONDISTRICT42 TUALATINVALLEYFIRE&RESCUE43 TUALATINVALLEYWATERDISTRICT44 UNIONSOIL&WATERCONSERVATIONDISTRICT45 WESTMULTNOMAHSOILANDWATERCONSERVATIONDISTRICT46 WESTVALLEYHOUSINGAUTHORITY47 WILLAMALANEPARKANDRECREATIONDISTRICT48 YOUNGSRIVERLEWISANDCLARKWATERDISTRICTNo. StateAgencies1 BOARDOFMEDICALEXAMINERS2 OFFICEOFMEDICALASSISTANCEPROGRAMS3 OFFICEOFTHESTATETREASURER4 OREGONBOARDOFARCHITECTS5 OREGONCHILDDEVELOPMENTCOALITION6 OREGONDEPARTMENTOFEDUCATION7 OREGONDEPARTMENTOFFORESTRY8 OREGONDEPTOFTRANSPORTATION9 OREGONDEPT.OFEDUCATION10 OREGONLOTTERY11 OREGONOFFICEOFENERGY12 OREGONSTATEBOARDOFNURSING13 OREGONSTATEPOLICE14 OREGONTOURISMCOMMISSION15 OREGONTRAVELINFORMATIONCOUNCIL16 SANTIAMCANYONCOMMUNICATIONCENTER17 SEIULOCAL503,OPEU1 ADMIN.SERVICESOFFICE2 HAWAIICHILDSUPPORTENFORCEMENTAGENCY3 HAWAIIHEALTHSYSTEMSCORPORATION4 SOH-JUDICIARYCONTRACTSANDPURCH5 STATEDEPARTMENTOFDEFENSE6 STATEOFHAWAII7 STATEOFHAWAII8 STATEOFHAWAII,DEPT.OFEDUCATION