Server co-location agreement

This document represents an agreement between a client and UITS for server co-location in Indiana University Data Centers. The responsibilities and services provided are outlined, which include equipment installations, data center access, and operational procedures.


ACF: Advanced Cyberinfrastructure Facility (the IU Data Centers at IU Bloomington and IUPUI)

UITS: The party providing service within the ACF

Client: The IU party receiving service through UITS


This document describes the server co-location services that University Information Technology Services will provide. Departments can lease physical space in the Data Centers for their servers as a transition strategy to standard options provided by UITS that improve efficiency and reduce environmental impact:

  • Virtualization: Intelligent Infrastructure (II) is the recommended path for departmental web, application, and database servers. Moving to IU's virtual environment achieves benefits of hardware efficiencies, reduced environmental impact, and increased flexibility to respond quickly to changing service needs. For more, see .
  • Consolidation: A co-location service provided by IU's Research Technologies consolidates physical servers and components into fewer physical entities, achieving economies of scale and allowing greater flexibility for shifting resources from one application area to another.

UITS will support co-location through current equipment lifecycles, and help devise migration plans to the preferred options. To protect the finite power and cooling capacity, the UITS System Assurance Group (SAG) has final approval for co-location agreements, and will determine the priority for acceptance if multiple requests are pending. The SAG will work with departments to best use the capacity at hand.

The document may be updated or canceled only with the written consent of both parties. The term of this document is for one (1) fiscal year and must be renewed on an annual basis. UITS will not charge or refund for a partial month. Charges will be applied monthly.


Machine Room environmental services and security in the ACF will be provided by UITS as follows:

  • Power backup: UPS service and generator backup are provided as a secondary source of power in the event of utility power failure. UPS service is designed to provide power for seamless transition to an emergency generator. In the event of a lengthy power failure, the generator can be refueled as necessary and run indefinitely until power is restored. UITS may determine that it is not in the university's best interest to run the generator for extended periods if power has not been restored, and every effort to inform the client will be made.
  • Fire protection: Fire suppression is provided via dry pipe, pre-action sprinkler system, in accordance with university risk management policy. All other fire protection is provided in accordance with university policy and procedure and Indiana state code.
  • Cooling: Air conditioning is provided via chilled water coils in computer room air conditioner (CRAC) units:
    • ACF Indianapolis: Primary source of chilled water is campus (CTE) water, with a dedicated backup chiller in case of a loss of primary supply
    • ACF Bloomington: Dedicated chilled water plant with redundant chillers and cooling towers
  • Client will accept and verify that appropriate environmental protections, including power, cooling, fire protection, and uninterruptible power supply, have been provided by UITS.
  • Client will follow shipping/receiving and storage (equipment, supplies, boxes) guidelines set forth and provided by UITS.
  • Client will coordinate their installation activities, including any temporary need for secure storage, with UITS.
  • Client is responsible for removing debris, supplies, etc., from the area after installation. Only the equipment can be stored in the rack.
  • Client will be assessed a de-installation fee (not to exceed $500) at the end of this agreement. This charge is to cover removal of power, network cables, and floor tile replacement.

Security/access provisions

Security system: Video cameras digitally record activity at each machine room entrance door. Access through the machine room doors is provided to those individuals who possess an authorized proximity card. Proximity card logs are retained for 365 days. Given the sensitive nature of the facility, it is important that access be granted only to those that enter the card-protected areas frequently (daily or nearly daily). For non-regular visitor access, the procedures outlined in the Data Center access control policy document should be followed.

Proximity cards: UITS will activate and provide proximity cards, per agreement. Additional cards can be requested and will cost $20 per proximity card. UITS personnel will activate and deactivate proximity card access per the instruction of client's management.

  • Clients agree to operate within the security and access policies and procedures of the ACF. This includes access limitations and sign-in procedures. A copy of these procedures will be provided by UITS and updated on a periodic basis.
  • Clients will provide UITS with a list of personnel who are authorized for access.
  • Upon termination of this agreement or the resignation/termination of staff, it is the client's responsibility to notify UITS of staff changes. UITS will immediately deactivate card access privileges.
  • Clients that occupy an entire rack and/or require isolation from shared rack space may install additional physical rack security measures at their own cost, provided these measures have been reviewed and approved by UITS in advance. Examples of such measures include cameras, locked racks, and rack door sensors. If the client chooses additional methods, UITS must also have access on-site (keys for locked racks in case of an emergency).

Data network provisions

All cabinets will have network switches installed at the top of the cabinet to provide 10/100/1000 Mbps Ethernet connections into the ACF switching infrastructure (10000 Mbps available and priced on an individual request). All public and private Ethernet connections are provided by UITS unless very special circumstances are reviewed and approved by Network Engineering and Campus Network Infrastructure.

  • Client will not deploy switching gear or other networking devices in their rack unless some specific exception is requested, documented, and granted by UITS.
  • All servers will be place behind the ACF firewall.


Server rack space will be assigned and all servers will be installed in the standard cabinets provided by UITS unless the server manufacturer specifically dictates the equipment must be housed in their proprietary cabinets. Proof of vendor requirements for proprietary cabinets must be submitted to UITS. Such cabinets should have front, back, and side panels. Doors on the cabinet must be closed when no one is working in the unit. Server racks should not exceed 5 kW per rack (additional cost to be applied based on power consumption).

  • Clients will provide a space plan to UITS. The space plan will include the number of servers, equipment, storage devices, and other devices having space and power considerations. UITS will approve these plans before Clients begin installing equipment.
  • Clients will be responsible for delivery arrangements of equipment to the ACF and notifying UITS of the delivery date. Clients are responsible for all costs associated with this process and are liable for any equipment damaged during transportation.
  • Clients are responsible for the installation of the equipment in the racks, and retain responsibility for the equipment and liability for any damages to that equipment during the installation and through to the initial power-up process. After installation, UITS assumes responsibilities as outlined in this agreement.
  • Clients will adhere to the "Data Center standards" document.
  • All servers in the ACF are expected to be administered in a secure manner using industry best practices (Security of Information Technology Resources (IT-12)), including employment of host based firewalls and to be operated behind the ACF firewall. Clients agree to provide UITS with firewall rules that restrict incoming traffic to include only those protocols, ports, and properly sourced packets as needed for operation of each server.
  • Clients will not store cardholder data on equipment without compliance to Payment Card Industry Data Security Standards (PCI DSS). The PCI DSS security requirements apply to all system components. In the context of PCI DSS, system components are defined as any network component, server, or application that is included in or connected to the cardholder data environment. System components also include any virtualization components, such as virtual machines, virtual switches/routers, virtual appliances, virtual applications/desktops, and hypervisors. The cardholder data environment is comprised of people, processes, and technology that store, process, or transmit cardholder data or sensitive authentication data. If there is an exception to process cardholder data, you must be compliant with the PCI DSS. This will require review and approval from UISO and the IU Office of the Treasurer.

Disaster recovery

The current UITS disaster recovery plan for the ACF does not include replacement of co-located systems. Systems in the ACF are not insured by UITS. In the unlikely event that the ACF is substantially damaged or destroyed, UITS will make a best effort to restore services starting with those systems critical to the business needs of the university. Co-located systems remain the responsibility of their owners. Should the ACF be disabled, but owners' systems remain undamaged, UITS will attempt to find an acceptable alternate site or return the systems temporarily to their owners. UITS may be able to assist owners with disaster recovery planning.

UITS cannot be responsible for system owner's business continuity or any losses directly or indirectly associated with use of UITS co-location services.

Operational support

  • UITS will provide contact information to Clients for use in requesting "eyes and hands" assistance with Clients' equipment when problems arise. System monitoring and failure notification will be provided by UITS operations staff on site 24x7x365. There are no service-level guarantees for the availability of such resources.
  • Clients will provide contact information to UITS for use in notifications.
  • UITS will provide timely notification to Clients for planned and unplanned outages of power and/or cooling.
  • UITS will make a good faith effort to provide workstation space to Clients. However, the amount of space available to Clients may be minimal. Clients should plan accordingly.
  • Clients will provide timely notification to UITS for all activities and agrees to coordinate with UITS Data Center Operations for any rack space changes.
  • Clients will not sublet rack space or resale the functional equivalent of the service to another project, department, or third party.
  • Service:
    • Server co-location
  • Monthly rates:
    • Rack space: One rack minimum (42U); $397 ($4,764/yr.)
  • One-time charges:
    • Power cord cost and installation (approximately $300/cord)
    • Floor tile cutout ($150)
    • Additional proximity cards ($20 each)
    • De-installation fee (not to exceed $500)

    These charges are estimates; actual cost will be incurred by client.

Rack definitions

Rack space: The rack space is assigned for the server co-location. The rack space may not be contiguous and could possibly be shared with other co-location customers. Rate includes standard power consumption, uninterruptible power supply, air cooling charges, environmental monitoring, and Enterprise Infrastructure Operations Group support for system monitoring, incident reporting, and notification 24x7.

Rack U: There is a one rack minimum charge.

This is document bhqq in the Knowledge Base.
Last modified on 2023-07-21 15:29:17.