General Conditions

GENERAL CONDITIONS OF THE LICENSE AGREEMENT FOR THE USE OF “VENTUS” SOFTWARE.

1- ABOUT THESE CONTRACT GENERAL CONDITIONS.

  1. 1.1.  These “General Conditions” act as an inseparable annex to the License Agreement signed between you and the company VENTUS TECHNOLOGIES, S.L., (hereinafter VENTUS TECHNOLOGIES) with CIF B-64953706, located in Masnou, Avda. Joan XXIII, number 41-D, 1o 3a and that you accept completely and voluntarily, with regard to the use of the “VENTUS” program.
  2. 1.2.  The referred to License Agreement will be reflected in any document between you and the “Authorized Distributor” in which the product description is stated, the offer of “additional services” and the price fixed for the products and services you wish to purchase, either accepted order or detailed invoice. This Agreement is binding and you must be sure that you understand and accept its contents.
  3. 1.3.  The software “Ventus Proxy For Webservices VPFW” (hereinafter VENTUS) is subject to non-personalized licenses, and as such is packaged as a product of common use, and its exploitation rights are the exclusive property of VENTUS TECHNOLOGIES.
  4. 1.4.  These “General Conditions” are subject in Spanish territory to the General Law for the Defense of Consumers and Users passed by Royal Decree 1/2007 on the 16th of November, 2007, and also the Law 7/1998, on the 13th of April, for contract general conditions, however some of its provisions are specifically intended for Consumers and others for Non-Consumers.
  5. 1.5.  Starting to use the VENTUS software implies full acceptance of these “General Conditions”.

2- DEFINITIONS.

For the purposes of this agreement the following words and / or phrases shall be defined as follows, both singular and plural, unless the context in which they are included implies another meaning.

2.1.-PROGRAM/S: Software Product/s property of VENTUS TECHNOLOGIES or distributed by them, documentation of the same as well as updates acquired through technical support service.

2.2.-PROGRAM DOCUMENTATION: Program user and installation manuals.

2.3.-ACCESSORY PROGRAMS: Third-party materials, as specified in the documentation of the program, which may not be used for the purpose of installing or operating the programs with which the accessory programs are delivered..

2.4.-ADDITIONAL SERVICES: Technical support, training, “hosting” service, computer consulting or outsourcing that VENTUS TECHNOLOGIES is in the position to provide to the CLIENT.

2..5.-SOURCE CODE: Source code shall be defined as text written in a specific programming language that can be compiled, and that allows access to, and modification of the algorithms developed by the creators of the software.

2.6.-OBJECT CODE: Result of the compilation of the source code which with the use of a linker combines all of the source code files into an executable program.

2..7.-AUTHORIZED DISTRIBUTOR: Company dedicated to the distribution of software with which VENTUS TECHNOLOGIES maintains a trade agreement for

the distribution of VENTUS software.

2.8.-CONSUMER: Physical person that acquires Products and/or services from VENTUS TECHNOLOGIES.

2.9.-NON-CONSUMER: Physical or legal person that acquires Products and/or services from VENTUS TECHNOLOGIES for professional or business use.

3- RIGHTS GRANTED BY THIS LICENSE.

This license allows you to acquire a copy of the product VENTUS for personal or professional use, under no circumstances commercial, transferring to you the authority to create a copy of the PROGRAM for the sole purpose of its use. This license does not confer any other right of exploitation.

The right of use granted to you by the license is limited, perpetual, non-exclusive and non- transferable.

In addition, this license authorizes you to perform one (1) single installation using the guided auto-installation system, in one (1) single Server that meets the specifications listed in your LICENSE AGREEMENT

4- PROPERTY AND RESTRICTIONS.

The VENTUS software is a product protected by international intellectual property and / or industrial law, as well as Mixed Brand Number 2.2717.223, class 9, under which it is marketed, and includes the denomination “VENTUS CACHE”, its exploitation rights being the exclusive property of VENTUS TECHNOLOGIES.

This license does not authorize you to exercise rights other than those set forth in the previous clause. Therefore you must not:

  1. a)  Sell, transfer, rent, lease, distribute, export, act as an intermediary or provider, or grant rights to the PROGRAM or any of its components, including PROGRAM DOCUMENTATION, to any third-party.
  2. b)  Perform, cause, permit or authorize the modification, translation or creation or derivative works, reverse engineering (the previous ban includes but is not limited to the changing of the PROGRAM’s data structures), dis-assembly, decompilation, dismantling or pirating of the PROGRAM supplied or any of its components, including PROGRAM DOCUMENTATION.
  3. c)  Alter in any way the OBJECT CODE or the SOURCE CODE of the PROGRAM.
  4. d)  Make public the results of any tests of the PROGRAM without previous consent from

    VENTUS TECHNOLOGIES.

Any violation of the above provisions entitles VENTUS TECHNOLOGIES to terminate the terms of this license and to appeal to the courts for any civil and criminal actions they may cover.

5- RIGHT OF WITHDRAWAL.

If you the CONSUMER cancel the order from the AUTHORIZED DISTRIBUTOR, without giving any reason, within 7 working days after the order is received, provided you have not started using the PROGRAM or any of its components, including the PROGRAM DOCUMENTATION.

6- GUARANTEES.

The acquisition of this license entitles you to receive all updates of the VENTUS software that are published, as well as receive VENTUS TECHNOLOGIES technical support, for ONE (1) YEAR after delivery (either physical shipment or electronic download). Technical support will provide answers to your questions about functionality or installation of the PROGRAM by phone at 93 415 73 96 or by electronic mail at [email protected], in both cases during office hours.

You must communicate to VENTUS TECHNOLOGIES any abnormality or deficiency detected while using the PROGRAM within a period of ONE (1) YEAR, or of any deficiency of any services provided under warranty within 90 days.

VENTUS TECHNOLOGIES does not guarantee that the PROGRAM will work without errors or continuously, especially if due to improper use on your part. If the deficiency is caused by normal use you may request that VENTUS TECHNOLOGIES fix it as long as it within the warranty period of ONE (1) YEAR.

VENTUS TECHNOLOGIES will repair or replace any defects or abnormalities in the PROGRAM within ONE (1) YEAR, that have not been caused by improper use thereof, or by repairs or modifications thereof without the previous written consent of VENTUS TECHNOLOGIES.

Under no circumstances will VENTUS TECHNOLOGIES be held responsible for defects caused by normal wear, software or hardware loaded or connected to the PROGRAM by you and that have not been provided by VENTUS TECHNOLOGIES.

The obligation of custody of the license on your part, means that the material loss of the purchased copy is solely your responsibility and that neither VENTUS TECHNOLOGIES nor its AUTHORIZED DISTRIBUTOR are obligated to replace it.

7- EXTENDED TECHNICAL SUPPORT AND ADDITIONAL SERVICES.

You may purchase ADDITIONAL SERVICES that VENTUS offers by signing the relevant agreements, as well as change your license to “upgrade” authorizations, in other words, authorizing you for other uses of the PROGRAM through software improvements, by paying additional amounts.

In technical support is purchased beyond the first year after delivery included in the guarantee of the previous clause, it will be provided according to the agreed to terms, or failing that, according to the first-year terms mentioned in the preceding clause, subject to current prices, and included in the contract.

8a- FEATURES AND TECHNICAL DESCRIPTION.
Ventus Proxy For Webservices (VPFW) is the first XML/SOAP webservices proxy server on

the market.

VPFW intercepts all client requests. The client connects directly to VPFW requesting a given service from the webservice provider, and VPFW returns the results of the execution of this service (either by connecting to the webservice servers to receive the results or by returning the results in VPFW’s own cache).

VPFW has the following features:

  1. A proxy server for caching XML/SOAP documents.

    VPFW can handle requests without connecting to the webservice servers. When the client requests a service, VPFW stores a local copy of the results of the execution of this service. If afterwards the same or a different client requests the same service, VPFW will return its local copy.

    VPFW can establish a series of cache rules that assure VPFW’s local copy of the content that is returned is correct.

    VPFW puede establecer toda una serie de reglas de cacheo que aseguren que el contenido entregado desde la copia local de VPFW es correcto.

  2. A non-transparent proxy server.

    VPFW can modify the incoming request and the response to that request in order to provide additional services such as response compression, value substitution in the response document according to values in the request document, load balancing of incoming requests against a group of webservice servers, etc.

  3. A reverse proxy server.
    VPFW is configured as a reverse proxy for server mode webservices (in other words, webservices in which the owner of the VPFW acts as a data provider). In this case, VPFW is installed in front of the webservice servers, intercepting all incoming client requests. With this configuration, VPFW provides the following funcionality:

    Document validation: VPFW can validate XML and SOAP documents using xsd schemas.

    SSL request processing: VPFW unencrypts the received secure client request and transforms it into an unsecure request before redirecting it to the webservice servers, freeing them from having to unencrypt and afterwards encrypt the request.

    Load balancing: VPFW can load balance between a group of webservice servers, re- writing each request’s URL to send it to the correct server. This is achieved by the external URL to internal URL transformation.

Compression: VPFW can return the response to the client compressed if the client has placed an accept-encoding header in the request, freeing the webservice servers from the compression process.
Both gzip and deflate algorithms are supported.

Server protection: VPFW can decide if a given request, not found in cache, should be sent to the webservice servers or not. There are 4 different criteria used to restrict the requests’ access to the webservice servers, and these restrictions can be applied at the webservice service (call) level or at the client level.

Security: IP address access restriction, access denial for requests that do not correspond to any of the provider’s webservices and access denial to webservice services for non-authenticated users.

4. A forward proxy server.
VPFW is cofigured as a forward proxy server for client mode webservices (in other words, webservices in which the owner of the VPFW acts as a client of data provided by a webservice provider). In this case, VPFW is installed directly behind the webservice servers, intercepting all out-going client application requests. With this configuration, VPFW provides the following funcionality:

Document validation: VPFW can validate XML and SOAP documents using xsd schemas.

SSL request processing: VPFW encrypts the unsecure client request received from the client application and transforms it into a secure request before redirecting it to the webservice servers, freeing them from having to encrypt and afterwards unencrypt the request.

Load balancing: VPFW can load balance between a group of webservice servers, re- writing each request’s URL to send it to the correct server. This is achieved by the internal URL to external URL transformation.

Compression: VPFW can request that the provider webservice servers compress the response by modifying the accept-encoding request header. If the provider is capable of returning the response in the requested format (gzip and deflate algoritnms are supported), VPFW automatically uncompresses the response before returning it to the client application, thus freeing it from the compression process.

  1. Content analysis proxy server.

    VPFW can trace all requests and their responses, thus generating detailed statistics for all webservice activity: client access, webservices call usage, server response time, incoming and outgoing data transfer volume, webservices-generated error analysis, etc.

  2. A proxy server with the ability to monitor webservices.

    Keeping ahead of problems in a webservices environment is critical. The VPFW monitorisation tool allows you to:

     determine if the threshold for requests considered “erroneous” has been exceeded.

     determine if the system response time for each message type is “acceptable” or not.

    If either of these conditions aren’t met, the system will send an alert (via email, SMS, etc.) to the assigned administrator so they can take action. Furthermore, all of these incidents will be registered so that later on, system incident reports may be generated (daily, weekly or monthly).

FEATURES

CACHE PROXY

• Definition of XML/SOAP webservices, and input of providers, clients and calls associated with these webservices.

• Definition of identification rules for webservice, client, call, request document and response document.

• Analysis of the incoming XML/SOAP document by generating index elements (those elements of the document that must be considered to establish the cache criteria), which uniquely identify a given document by creating a unique document identifier (IDU). The response is cached in the disk with its associated IDU.

• Up to 3 different criteria to expire cache documents: time to cache for calls, expiration rules and external events.

LOAD BALANCING

• Capable of balancing at both the server and port level.
• Capable of balancing at the webservice level: in other words, different sets of balancing

servers may be defined for each webservice.

• Capable of rewriting the target url before redirecting it to the servers.

• Capable of balancing by cookie and by input document element

• Load balancing rule used is call based round-robin.

• Features a graphic monitoring tool that shows which clients and calls are currently active in each load balancing server

SERVER PROTECTION

• VPFW can decide if a given request, not found in cache, should be sent to the webservice servers or not. There are 4 different criteria used to restrict the request’s access to the webservice servers, and these restrictions can be applied at the webservice service (call) level or at the client level:

  1. Access restriction by maximum simultaneous requests quota.
  2. Access restriction by quota for nominal requests.
  3. Access restriction by time zone.

SSL

• Capable of unencrypting the received secure client request and transforming it into an unsecure request before redirecting it to the webservice servers, thus freeing them from this task.
• Capable of encrypting received unsecure client request and transforming it into a secure request before redirecting it to the webservice servers, thus freeing the application from this task.

COMPRESSION

• Capable of returning the response to the client compressed if the accept-encoding header is present in the request, thus freeing the webservice servers from the compression process. Gzip and deflate algorithms supported.

• Capable of requesting the compressed response to the webservice servers by modifying the accept-encoding header of the request.

CONTENT ANALYSIS

Capable of tracing all incoming requests, and generate up to 4 log files:

1. System log: system events are registered (VPFW startup and shutdown details, the results of the running of a task, etc.)
2. Access log: in VPFW every request sent to the system by a client is registered.

3. Error log: errors generated by requests are registered, with information about the IP address that caused the error, interface and/or client and/or call where the error occurred, a description of the error (with optional information if any) and the request and/or response document that caused the error (if any).

4. Debug log: this is a log which can be activated from the administration of the interface. Once active, it registers a series of response times which correspond to the different processes that are executed within VPFW for each request..

Using the access log, detailed statistics are generated for all webservice activity: client access information, webservice call usage, server response time, incoming and outgoing data transfer volume, webservices-generated error analysis, etc.

MONITORISATION

Monitorisation tests to make sure that the webservices are running correctly. Alerts are configured either at the interface level or at the interface call level. It works like this:

  •   General alert data is entered: interface and/or call to monitor, alert code and description, and the number of requests that will be processed each time (packets of N requests are tested).
  •   Reason to trigger the alert: either because the threshold for requests considered “erroneous” has been exceeded, or because a given number of requests has exceeded the “unacceptable” response time.
  •   Errors for which a request is considered incorrect are specified: for example, because the request provoked a response timeout, or because the request provoked a “credit card expired” error, etc.
  •   If any of the aforementioned limits are exceeded, an alert is sent to the interface administrator (o the person specified) vía email or SMS and, optionally, you may also disconnect the interface for a specified amount of time, after which VPFW will try to reconnect.

    Using this analysis detailed webservices monitorisation statistics are generated, where we can view data like the number of alertas triggered, amount of time the interfaces were disconnected,

documents that provoked the errors, etc. These statistics are used to generate daily, weekly or monthly reports in html.

WEBSERVICES IN SERVER OR CLIENT MODE

• Within VPFW there are two webservice modes: server mode, which means that the webservice acts as a data provider for its clients, and client mode, which means that the webservice acts as a client that gets its data from a webservice provider.
With VPFW you may have as many webservices as you like in the mode which corresponds to each case.

• In the best-case scenario, in which the owner of the webservice data provider has a VPFW and clients of this provider also have a VPFW, these two VPFW’s will recognize each other and automatically (and transparently to the user applications) activate a series of added functions:

1. Automatic communication compression: the VPFW server compresses the response, the VPFW client decompresses it and serves it to the client application.

2. Syncronization of expiry of documents received from server: when the client VPFW saves a document from the provider in cache, it always does so with the expiry of the VPFW provider.

• The deactivation of the VPFW server does not affect the operation of the client VPFW, and vice versa.

DEPLOYMENT, CONFIGURATION AND UPDATES
• VPFW is non-intrusive: it is installed within the client’s infrastructure without the need to

change code in existing applications.

• Quick and easy deployment: since existing applications do not need to be modified, you may activate a VPFW in a production environment the same day it is installed.

• Administration and configuration via web: VPFW comes with a powerful web tool that allows simple and intuitive administration and configuration of all of its components.

• Updates without service downtime: VPFW can be updated without stopping the client system.

BENEFITS

Faster webservice call response time; up to 99% faster than the original response time.

Resource optimization:
1. Savings in server costs (smaller CPU time consumption, reduction in sessions open in DB., …).
2. Bandwidth savings (data compression) up to 90% per client/server pair assuming that both have a VPFW (the compression percentage will vary depending on the type of response document) and also requests that demand a compressed response by using the accept-encoding header.
3. Save time finding and correcting incidences.

Time to market: 3 days to install and configure Ventus Proxy, to do training, to run production tests and finally to put Ventus Proxy in production.

ROI: Estimated ROI between 4 and 6 months for installations between 60 and 120 thousand euros.

Business information: activity statistics and monitorisation reports. Without having to modify a single line of code in existing applications.

8.- OBLIGATION OF CONFIDENTIALITY.

By accepting these “General Conditions” you accept the obligation of confidentiality as to the technical aspects and functionality of the software as long as that information does not become public.

9.- LIMITATION OF LIABILITY.

VENTUS TECHNOLOGIES will not be liable for any direct or indirect damages that may be caused by improper use of the program, including loss of data, nor for damages caused by force majeure, including but not limited to damages caused by power, Internet or telecommunications outage, accident, electrical surge, natural disaster, or other environmental conditions not considered safe. The above list of acts of force majeure is not exhaustive or exclusive.

10.- DIFFERENTIATON FROM OTHER TYPES OF CONTRACTS.

These “General Conditions” do not include an “Escrow” clause, ie. VENTUS TECHNOLOGIES is not obligated to deposit a copy of the SOURCE CODE with third parties.

Nor is it a so-called “Turnkey License Agreement”, meaning that VENTUS TECHNOLOGIES does not guarantee the operation of the PROGRAM in accordance with the specific needs of the customer, nor does VENTUS TECHNOLOGIES have any additional obligations such as

installation, training, consulting, parametrization or implementation of the PROGRAM at a fixed or hourly rate.

11.- PROTECTION OF DATA.

VENTUS TECHNOLOGIES agrees to preserve all personal data given to it in accordance with the current Organic Law for the protection of data, for commercial and operative purposes, to ensure the right to the access, deletions and/or corrections of records.

12.- JURISDICTION.

The contracting parties, for any disagreement, dispute or question arising between them in connection with the fulfillment, breach or interpretation of these “General Conditions” will submit to the Commercial Courts of Barcelona and all applicable Spanish laws, waiving their jurisdiction if not the same.

13.- MISCELLANEOUS. 13.1.- Notifications.

For any notification, communication, request, etc. having to do with these “General Conditions”, VENTUS TECHNOLOGIES states that the address to be used is that of the heading thereof.

13.2.- Nullity.

The invalidity of a given clause will not void the remaining clauses of these “General Conditions” unless said clause is deemed special, meaning that it is the cause or motive for having signed the License Agreement.