INFORMATION TECHNOLOGY SERVICE AGREEMENT This INFORMATION TECHNOLOGY SERVICE AGREEMENT (this "Agreement"), dated as of June, 25th 2002 (the "Effective Date"), is by and between CONEXANT SYSTEMS, INC., a Delaware corporation (together with its subsidiaries and affiliates, "Conexant") and ALPHA INDUSTRIES, INC., a Delaware corporation (together with its subsidiaries "Alpha"). Conexant and Alpha are individually referred to herein as a "Party" and collectively as the "Parties." BACKGROUND A. On December 16, 2001, Conexant, Washington Sub, Inc., a Delaware corporation and successor to the Washington Business ("Washington"), and Alpha entered into an Agreement and Plan of Reorganization, pursuant to which Washington will merge with and into Alpha, with Alpha being the surviving corporation (the "Merger"). Alpha, as the surviving corporation after the Merger, is referred to herein as "Skyworks". B. As a condition to the Merger, Skyworks desires to obtain from Conexant, and Conexant desires to provide to Skyworks, certain information technology services during the term of, and subject to the terms and conditions of, this Agreement. C. The information technology services provided under this Agreement are intended to provide Skyworks with the same level of information technology services that Conexant provides to the Washington Business as of the Effective Date. In addition, Conexant has agreed to provide such other information technology services beyond the Washington Business as set forth in this Agreement, as well as such Additional Services as may be mutually agreed upon from time to time. NOW, THEREFORE, in consideration of the mutual covenants herein and for good and valuable consideration, receipt of which is hereby acknowledged, the Parties agree as follows. AGREEMENT 1. DEFINITIONS. The following terms, when used in this Agreement with initial capital letters, have the meanings ascribed to such terms in this Section 1. 1.1 "ADDITIONAL SERVICES" means any services, functions, or responsibilities, other than the Base Services, that Conexant will provide pursuant to Additional Services Orders mutually agreed upon in accordance with the process identified in Attachment E. Additional Services include any Projects and any IT Services above the Base Services as well as the addition, deletion, transfer, migration, upgrade, modification, expansion, installation, creation, or implementation of any desktop, help desk, data center, infrastructure, programming, application, or other services, or any Supported Hardware or Supported Software. 1.2 "ADDITIONAL SERVICES ORDER" has the meaning given in Attachment E. 1.3 "ALPHA LOCATIONS" mean the locations listed in Attachment B-3. If the Parties mutually agree to add a new location pursuant to the provisions of Attachment E, it will be included in Alpha Locations as of the date of such agreement. 1.4 "BASE SERVICES" means the information technology services identified on Attachment A. 1.5 "CONEXANT HARDWARE" means Hardware that is owned or leased by Conexant, or obtained by Conexant (with or without Skyworks' assistance) from a third party. Conexant retains ownership and lease rights, as appropriate, to all Conexant Hardware, subject only to express rights granted in this Agreement. 1.6 "CONEXANT HOLIDAYS" for the balance of Conexant's fiscal year, ending September 27, 2002, include July 4th, July 5th and September 2nd. Conexant will determine, and notify Skyworks of, Conexant Holidays beyond September 27, 2002, by September 27, 2002. 1.7 "CONEXANT SOFTWARE" means Software that is owned, leased or licensed by Conexant, or obtained by Conexant (with or without Skyworks' assistance) from a third party. Conexant retains ownership, lease and license rights, as appropriate, to all Conexant Software, subject only to express rights granted in this Agreement. 1.8 "EMERGENCY" means a business critical situation that will cause a quantifiable, material impact to the operations, revenue or profit of the Washington Business. 1.9 "FIRST LEVEL SUPPORT" means that the Party providing such support will make every attempt to resolve the problem or issue prior to contacting the other Party. 1.10 "FISCAL YEAR" means the annual period ending on the Friday closest to September 30. 1.11 "HARDWARE" means computer and communications equipment, including data center class servers and peripherals, personal computers and peripherals, data, voice and video infrastructure and any related third party documentation. 1.12 "INTELLECTUAL PROPERTY RIGHTS" means all trademarks, trade names, and other indications of origin, trade secrets, copyrights and other rights of authorship whether copyrightable or not, copyright registrations and applications, and all extensions, renewals and derivatives thereof, patent and patent application rights, including divisions, continuations in part and renewals thereof, moral rights, and other proprietary rights throughout the world. 1.13 "IT SERVICES" means the Base Services and any Additional Services. 1.14 "PROJECT" means a discrete project agreed upon by the Parties as Additional Services pursuant to Attachment E. 1.15 "REMOTE LOCATIONS, SATELLITE LOCATIONS OR REMOTE SITES" means Washington Locations other than Newport Beach, CA. 1.16 "SECOND LEVEL SUPPORT" means that the Party providing such support shall be available to consult with the other Party to attempt to resolve the problem or issue. 1.17 "SERVICE HOURS" means, unless otherwise noted, the hours of 8 a.m. to 5 p.m. local time, at the location from which the service is being provided, Monday through Friday, excluding Conexant Holidays. 2 1.18 "SERVICE LEVELS" means the performance standards specifically designated on Attachment A as "Service Levels." 1.19 "SKYWORKS HARDWARE" means Hardware that is owned or leased by Skyworks, or obtained by Skyworks (with or without Conexant's assistance) from a third party. Skyworks retains ownership and lease rights, as appropriate, to all Skyworks Hardware, subject only to express rights granted in this Agreement. 1.20 "SKYWORKS LOCATIONS" means the combined Alpha Locations and Washington Locations. 1.21 "SKYWORKS SOFTWARE" means Software that is owned, leased or licensed by Skyworks, or obtained by Skyworks (with or without Conexant's assistance) from a third party. Skyworks retains ownership, lease and license rights, as appropriate, to all Skyworks Software, subject only to express rights granted in this Agreement. 1.22 "SOFTWARE" means software programs in object code, including supporting documentation and online help facilities. Software includes applications software programs and operating systems software programs. 1.23 "SUPPORTED SOFTWARE" means the items of Software listed on Attachment C.1 and C.2 (not C.3). In addition, Supported Software includes other Software listed in Attachment D which is resident on Supported Hardware. 1.24 "SUPPORTED HARDWARE" means the items of Hardware listed on Attachment D. 1.25 "SUPPORTED WASHINGTON PERSONNEL" means up to 3,500 employees of Skyworks located at the Washington Locations, including those who were employees of Conexant immediately prior to the Merger. 1.26 "TOWERS OF SERVICE" means each of the following five (5) general services: (i) data center operations management, as described in Sections 10 through 12 of Attachment A, (ii) remotesite support, as described in Section 3 of Attachment A, (iii) IT infrastructure, as described in Sections 4 through 9 of Attachment A, (iv) programming services, as described in Section 2 of Attachment A, and (v) applications support, as described in Section 1 of Attachment A. 1.27 "WASHINGTON BUSINESS" means the business conducted by the Wireless Communications Division and Mexicali operations of Conexant immediately prior to the Merger. 1.28 "WASHINGTON LOCATIONS" means the locations listed in Attachment B.2. If the Parties mutually agree to add a new location pursuant to the provisions of Attachment E, it will be included in the Washington Locations as of the date of such agreement. 1.29 "YEAR" means each twelve (12) month period beginning on the Effective Date and each anniversary thereof during the Term. 2. RIGHTS AND LICENSES 2.1 SKYWORKS SOFTWARE. Skyworks hereby grants to Conexant, at no charge, a nonexclusive license to install, execute, copy, modify, display, and otherwise use all Skyworks 3 Software that may be reasonably required by Conexant for the sole purpose of performing IT Services under this Agreement. 2.2 SKYWORKS HARDWARE. Skyworks hereby grants to Conexant, at no charge, the nonexclusive right to use Skyworks Hardware that may be reasonably required by Conexant for the sole purpose of performing IT Services under this Agreement. 2.3 REQUIRED CONSENTS (a) Prior to giving Conexant access to any Skyworks Software or Skyworks Hardware, Skyworks will use [commercially reasonable efforts] to obtain all consents, approvals, and agreements that may be required from third parties for the grant of rights under Sections 2.1 and 2.2 and for Conexant to perform the IT Services ("Skyworks Required Consents"). (b) Prior to giving Skyworks access to any Conexant Software or Conexant Hardware, Conexant will use [commercially reasonable efforts] to obtain all consents, approvals, and agreements that may be required from third parties for the grant of rights under Section 2.4 ("Conexant Required Consents"). (c) Skyworks will pay any and all fees or costs associated with acquiring any and all Skyworks Required Consents and Conexant Required Consents. If, after using [commercially reasonable efforts], Skyworks does not obtain any Skyworks Required Consent or Conexant does not obtain any Conexant Required Consent, and Conexant is unable to perform any or all IT Services without infringing any third party rights or breaching the terms of its contracts as a result thereof, the Parties will meet to mutually agree upon alternative approaches to permit Conexant to perform the IT Services. Alternative approaches may include Skyworks purchasing the rights to use such Software or Hardware pursuant to Section 2.4 or adjustments to the scope of the IT Services, the Service Levels and the charges for the IT Services. If an alternative approach is not agreed upon and adopted, then Conexant will be relieved of its obligations under this Agreement, and the charges for such IT Services or Services Levels adjusted accordingly, to the extent that Conexant's ability to perform is hindered, delayed or prevented due to Conexant's inability to access or use, or permit Skyworks to access or use, the affected Software or Hardware. 2.4 USE OF SUPPORTED HARDWARE AND SUPPORTED SOFTWARE. To the extent consents or approvals of third party vendors are not required, or are obtained pursuant to Section 2.3, Conexant hereby grants to Skyworks a nonexclusive, nontransferable license to use the Supported Hardware and Supported Software for the Washington Business for as long as Skyworks pays for the IT Services related to such Supported Hardware or Supported Software during the Term. If, after using [commercially reasonable efforts] Conexant does not obtain any required consents and approvals and adjustments are not agreed to pursuant to Section 2.3, or if the Parties determine that additional Software or Hardware is necessary to operate the Washington Business, Skyworks will buy such Software or Hardware and provide Conexant with the right to use such Software or Hardware for the sole purpose of performing IT Services under this Agreement in accordance with Sections 2.1, 2.2 and 2.3. To avoid any ambiguity, Software or Hardware purchased, leased or licensed by Skyworks under this Section 2.4 shall be Skyworks Software and Skyworks Hardware, respectively. 4 2.5 RETURN OF HARDWARE AND SOFTWARE; CONTINUED USE (a) Within 15 business days of the effective date of termination of any Tower of Service, Skyworks shall physically return to Conexant all Conexant Hardware set forth opposite such terminated Tower of Service on Attachment J.1 and delete all Conexant Software set forth opposite such terminated Tower of Service on Attachment J.2 from Skyworks personal computers (i.e. EPO, SMS) and servers, unless otherwise negotiated with the head of Conexant IT operations or such Conexant Hardware or Conexant Software is transferred to Skyworks pursuant to Section 2.6. If Skyworks continues to use Supported Hardware or Supported Software, or does not return or delete it as required, irrespective of use, after termination, Conexant will continue to bill Skyworks, and Skyworks will be required to pay, for use of such Supported Hardware or Supported Software. (b) Within 15 business days of the effective date of termination of any Tower of Service, Conexant shall physically return to Skyworks all Skyworks Hardware and delete all Skyworks Software from Conexant personal computers and servers, unless otherwise negotiated with the head of Skyworks IT operations. 2.6 TRANSFER OF CONEXANT SOFTWARE AND CONEXANT HARDWARE (a) Promptly following the Effective Date, Conexant will use commercially reasonable efforts to transfer the licenses for the Supported Software that are identified on Attachment J.2 (the "Identified Licenses"). The transfer of the Identified Licenses will occur no later than December 31, 2002, may be subject to restrictions on transfer imposed by third-party vendors and will only be transferred to the extent such transfer does not impair Conexant's use of any Identified License. As consideration for, and upon the transfer of, an Identified License, Skyworks will pay Conexant the amount set forth in the "Consideration" column of Attachment J.2 for that Identified License. If, after using commercially reasonable efforts, Conexant is unable to transfer an Identified License and Skyworks purchases such license directly from the vendor, the amount set forth in the "Consideration" column on Attachment J.2 for that Identified License will not be paid to Conexant. If any fees are required to be paid to transfer an Identified License, Conexant shall pay such fees; provided that if such fees, in the aggregate, exceed $200,000, Skyworks shall pay such excess amount. The parties agree that the transfers discussed above will not change the Base Services Fee until the Rate Review Date. (b) Within 5 business days following (i) the effective date of termination of the IT infrastructure Tower of Service or, if later, (ii) the date on which Conexant receives a payment of $500,000, Conexant will transfer ownership to Skyworks all Conexant Hardware set forth on Attachment J.1 2.7 STATISTICAL INFORMATION. Conexant may gather, copy, distribute, and use nonconfidential IT metrics gathered in connection with performing the IT Services; provided, that Conexant will not copy, distribute or use for non-internal purposes statistical information from which Skyworks can reasonably be identified as the source and Conexant will not identify Skyworks or its customers to any third party as the source of such statistics. 2.8 OWNERSHIP OF MODIFICATIONS. In the event Conexant, or a third party engaged by Conexant, develops any upgrades or updates or otherwise modifies any Conexant Software, with or without the assistance of Skyworks ("Modifications"), Conexant shall retain sole ownership to all such Modifications. If such Modifications are made in connection with Conexant providing any IT 5 Services for Skyworks, Conexant hereby grants to Skyworks a nonexclusive perpetual, royalty-free license to use such Modifications. 3. SERVICES 3.1 BASE SERVICES. Subject to the terms and conditions of this Agreement, Conexant will provide to Skyworks, and Skyworks will obtain from Conexant, the Base Services. The parties agree that Conexant will be the exclusive provider of the Base Services provided, however, that Skyworks shall have the right to internally provide such services, excluding data center operations management and IT infrastructure services described in Section 1.26. 3.2 ADDITIONAL SERVICES. Subject to the terms and conditions of this Agreement, Conexant will provide to Skyworks any Additional Services agreed upon by the Parties pursuant to the procedures of Attachment E. 3.3 SUBCONTRACTING. Skyworks understands that before and after the Effective Date, Conexant may have contracted, and may in the future contract, with third parties to provide services in connection with all or any portion of the IT Services to be provided under this Agreement. Conexant reserves the right to continue to contract with third parties to provide the foregoing or to enter into new contractual relationships for any of the foregoing. Provided, however, that should Conexant in the future enter into a contract with a third party or otherwise enter contract discussions or negotiations with a third party under this Section 3.3, then Conexant shall use commercially reasonable efforts to include in such contract the right to share the contract with, or to assign the contract to Skyworks, after the Term. In the event Conexant is not permitted to share or assign the contract after the Term, Conexant will notify Skyworks of such restriction and, at the end of the Term, will assist Skyworks in obtaining a contract directly between that third party and Skyworks. 3.4 PERFORMANCE. Conexant will use commercially reasonable efforts to perform the Base Services in conformance with the applicable Service Levels. In the event any third-party supplier fails to perform its obligations related to the IT Services, provided Conexant uses reasonable efforts to cause such third party to perform, Conexant shall not be responsible for any such failure to perform and any delay or suspension of IT Services arising from such failure will not result in any reduction to the Base Services Fee, as defined below. 4. OBLIGATIONS 4.1 CONEXANT POLICIES. Skyworks will comply with Conexant's computer security policies, procedures, requirements and restrictions with respect to Skyworks' use of IT Services, a current copy of which are set forth in Attachment G, and the standards set forth in Attachment C and D. Conexant's computer security policies, procedures, requirements and restrictions may change from time to time upon notice and delivery of an electronic copy of such policies, procedures, requirements and restrictions to Skyworks. 4.2 COOPERATION. In order to enable Conexant to perform IT Services, Skyworks will provide Conexant with such cooperation and assistance as Conexant reasonably and timely requests. Such cooperation and assistance shall include providing Conexant in a timely manner answers to questions, technical consultation and other information that is necessary for Conexant to perform the IT Services, is in the possession of Skyworks and not reasonably available to Conexant without out-of-pocket costs to Conexant. Skyworks' Account Manager (as described in Section 6.1 below) will 6 be Skyworks' principal point of contact for Conexant to obtain such cooperation and assistance. Conexant shall be excused from performing IT Services and meeting any Service Levels, unless the charges for IT Services and/or Services Levels are adjusted upon mutual agreement to account for the lack of cooperation and assistance, but only to the extent Conexant's performance is actually prevented or hindered by: (i) Skyworks' nonperformance; (ii) the failure by Skyworks personnel or any Skyworks third-party contractor to adequately perform its tasks related to the IT Services; (iii) unreasonable, untimely, inaccurate, or incomplete information from Skyworks; (iv) the failure of any Hardware or Software that is not the fault of Conexant; and (v) the occurrence of an event described in Section 13.3. 4.3 NEW SOFTWARE, HARDWARE AND PHONE LINES. Unless otherwise agreed to under a separate agreement, any new or additional Software, Hardware or phone lines (voice and data lines) that Conexant may require from time to time to perform the IT Services on behalf of Skyworks (including maintaining, upgrading, enhancing, and implementing new versions of existing Software) will be purchased, leased, or licensed by Skyworks in its own name and at its own expense. Should such purchase, lease or license restrict or prohibit Conexant's use thereof in connection with the IT Services, then to the extent that Conexant's performance is actually prevented or hindered by this restriction, Conexant shall be excused from performing such IT Services and meeting such Service Levels, and the charges for IT Services and Service Levels shall be adjusted accordingly. 4.4 FACILITIES. If IT Services are to be performed at Skyworks Locations, Skyworks will provide to Conexant, at no charge, the facilities and facilities related equipment, supplies and services that Conexant may reasonably require to perform such IT Services and that Skyworks provides to its own employees. To the extent reasonably necessary to perform the IT Services, Skyworks will provide Conexant access to the Skyworks Locations twenty-four (24) hours per day, seven (7) days per week. Skyworks will provide reasonable storage space for backup media as reasonably requested in connection with the IT Services. Skyworks will provide to Conexant reasonable advance notice of any alteration or relocation of the Skyworks Locations to allow Conexant to prepare for the relocation and, before any alteration or relocation is undertaken, the Parties will agree upon adjustments to the IT Services and Service Levels as may be reasonably required, and to a corresponding adjustment to the charges for such IT Services and Service Levels in connection with the alteration or relocation. 4.5 RISK OF LOSS. As between the Parties, risk of loss for Hardware and Software will remain with the Party at whose facility the Hardware or Software is located. 5. RESTORATION OF DATA 5.1 APPLICATIONS. (a) CORE APPLICATIONS. If Skyworks' machine-readable files relating to Core Applications identified in Attachment C are lost, destroyed or impaired due to the negligence of Conexant (including it's personnel, consultants or third party contractors under the control of Conexant), Conexant will use reasonable best efforts to recover a prior version of the files from backup media maintained by Conexant. If, after using reasonable best efforts, Conexant is unable to restore such files from back-up media, Conexant will use reasonable best efforts to perform such 7 restoration as can reasonably be performed using machine-readable source data furnished by Skyworks. (b) MAJOR APPLICATIONS. If Skyworks' machine-readable files relating to Major Applications identified in Attachment C (excluding Core Applications) are lost, destroyed or impaired due to the negligence of Conexant (including it's personnel, consultants or third party contractors under the control of Conexant), Conexant will use commercially reasonable efforts to recover a prior version of the files from back-up media maintained by Conexant. If, after using commercially reasonable efforts, Conexant is unable to restore such files from back-up media, Conexant will use commercially reasonable efforts to perform such restoration as can reasonably be performed using machine-readable source data furnished by Skyworks. 5.2 DATA. Conexant will use commercially reasonable efforts, at the sole expense of Skyworks, to recover and restore Skyworks data files on Conexant IT servers that are lost, destroyed, or impaired by the acts or omissions of Skyworks (including it's personnel, consultants or third party contractors under the control of Skyworks). If the acts or omissions of Skyworks impact files, servers or applications of Conexant or any third partie s, Conexant may attempt restoration in any manner it reasonably deems appropriate, at the sole expense of Skyworks. Conexant may use third parties to assist in such restoration efforts. 6. COORDINATION AND COMMUNICATION 6.1 ACCOUNT MANAGERS. Skyworks and Conexant will each appoint a single "Account Manager" who will serve as the primary point of contact for the other Party for matters related to this Agreement. Either Party may replace its Account Manager with an individual of comparable qualifications and experience by notifying the other Party of such new appointment. Either party may assign an alternate as needed in writing. 6.2 ESCALATION. All matters regarding the performance of IT Services under this Agreement will be brought to the attention of the Account Managers assigned to Skyworks and Conexant. It will be the responsibility of the Account Managers to promptly communicate and develop a timely resolution for such matters and only those matters handled in compliance with this procedure will be addressed and reported on pursuant to Section 6.3. If an Emergency is jointly declared by the Skyworks Account Manager and the Conexant Account Manager, the Conexant Account Manager will provide the Skyworks Account Manager with daily updates on the progress to resolve the Emergency. In the event the Account Managers are unable to resolve any matter, the dispute shall be resolved in accordance with the dispute resolution procedures set forth in Section 13.2. 6.3 REPORTS. Monthly during the Term, Conexant will furnish to Skyworks a report that shows Conexant's performance during the preceding month of the IT Services measured against the applicable Service Levels. 6.4 SERVICE PERFORMANCE REVIEWS. The Account Managers will meet formally each month and informally as needed in order to review Service Levels, address new requirements, review outstanding issues and new issues and other items as needed. Each Account Manager will submit to the other a list of agenda items no less than twenty-four (24) hours prior to the scheduled meeting. Meetings will be scheduled based on the availability of both Account Managers. 8 6.5 SOFTWARE LICENSE REPORTING. When either party recognizing a Software license utilization problem, such Party shall report the problem to both Account Managers immediately. 6.6 CHANGE REQUESTS. At the end of each calendar quarter, either Party may request changes to the lists of Supported Software and/or Supported Hardware by notifying the Account Manager of the other Party in writing of such change request. The receiving Party shall have ten (10) business days to accept or reject the requested change, provided that failure to respond to such change request within such ten (10) day period shall be deemed acceptance. 7. PRICING & PAYMENTS 7.1 FEES FOR BASE SERVICES. Skyworks will pay Conexant each month the Base Services Fee of $700,000 per month. The monthly Tower of Services fees are as follows: remote site support $39,000, data center operations management $210,000, IT infrastructure $205,000, applications $204,000, and programming services $42,000. The parties hereby agree that they will meet on or before February 1 of each year during the Term ("Rate Review Date") to discuss the fees and Service Levels of the Towers of Service. In the event that a particular Tower of Service is terminated pursuant to Section 12.2, the Base Services Fee charged for the terminated services between the Rate Review Date and the effective date of termination shall not be increased under this Section by more than 10% of the rate in effect on the date of receipt of notice of termination 7.2 FEES FOR ADDITIONAL SERVICES. For each month during which Conexant provides Additional Services, Skyworks will pay Conexant at the rates or fees set forth in the applicable Additional Services Order (the "Additional Services Fees"). 7.3 EXPENSES. In addition to the Base Services Fee and Additional Services Fees, Skyworks will reimburse Conexant for any actual and reasonable expenses of the type identified in Attachment F attached hereto that are incurred by Conexant in connection with performance of IT Services. 7.4 TAXES. The Base Services Fee and any Additional Services Fees exclude all applicable excise, sales, use, gross receipts, value added, goods and services, property, or other tax of any federal, state, or local taxing authority ("Taxes") that may be imposed on the Base Services Fee or any Additional Services Fees, and Skyworks will be responsible for payment of all such Taxes and any related penalties and interest. 7.5 INVOICING. On or about the first day of each month, Conexant will invoice Skyworks for an amount equal to the Base Services Fee for such month, any applicable Additional Services Fees for the preceding month, any expenses reimbursable under Section 7.3 and other amounts due under this Agreement. Skyworks will pay in full the amount invoiced no later than thirty (30) days after receipt of an invoice. Skyworks will pay interest on all payments received more than thirty (30) days after the invoice date at the rate of the lesser of the Prime rate published on the first day of the then most recent month by the Wall Street Journal, plus four percent (4%), or the maximum rate permitted by law. In the event Skyworks fails to pay any invoiced amount within sixty (60) days after the date of the invoice (a "Payment Default") Conexant shall have the right to suspend the performance of IT Services. 7.6 INVOICE RECORDS. Conexant will maintain complete and accurate records of the fees billed to Skyworks in accordance with generally accepted accounting principles. Conexant will 9 maintain such records applicable to fees for a period of one (1) year after Skyworks is invoiced for such fees. 8. CONFIDENTIALITY 8.1 GENERAL. Notwithstanding any termination, expiration or cancellation of this Agreement, the Parties agree that they will keep in confidence and prevent the unauthorized use of, or disclosure to, any Person or Persons (other than an employee, agent, subcontractor or division of a Party hereto with a need to know solely to exercise the Parties' respective rights or obligations under this Agreement and who are bound to protect such information against any other use or disclosure) all data marked or otherwise properly identified as proprietary or confidential and exchanged between the Parties and the terms of this Agreement ("Confidential Information"). The Parties agree to protect the Confidential Information by using the same degree of care, but no less than a reasonable degree of care, to prevent the unauthorized use, disclosure, dissemination or publication of the Confidential Information as the Parties use to protect their own comparable confidential and proprietary information. Confidential Information shall only be used by the receiving party for the purposes of providing services under this Agreement. Any oral disclosure of Confidential Information shall be identified as proprietary or confidential at the time of disclosure and shall be reduced to writing within thirty (30) days of such disclosure, and identified as Confidential Information by an appropriate stamp or other reasonable form of identification. 8.2 EXCLUSIONS FROM NONDISCLOSURE OBLIGATIONS. The obligation of confidentiality imposed on each Party pursuant to Section 8.1 above shall not apply to any particular item of Confidential Information that the receiving Party can prove was: (a) rightfully in the possession of the receiving Party without restrictions prior to receiving it from the disclosing Party; (b) in the public domain prior to the date of this Agreement or subsequently came into the public domain through no act of the receiving Party; (c) independently developed by the receiving Party, without use of the Confidential Information, by personnel, consultants or third party contractors under the control of the disclosing Party; (d) lawfully received by the receiving Party without restrictions from a source other than the disclosing Party; or (e) disclosed pursuant to a valid order by a court or other governmental body or otherwise necessary to comply with laws or regulations provided that such Party shall give the other Party reasonable advance notice of such proposed disclosure and shall use its commercially reasonable efforts to secure confidential treatment of any such Confidential Information. Any compelled disclosure shall be limited to the maximum disclosure required by such order or applicable law. 8.3 REMEDY. Each Party hereby acknowledges the other party's claim that any violation by such Party of the obligations described in this Section 8 will cause immediate and irreparable harm to the other Party. Accordingly, each Party shall have the right to seek preliminary and final injunctive relief without the requirement of posting a bond to enforce this Agreement in case of any 10 actual or threatened breach of this Section 8, in addition to any other rights and remedies in law or equity that may be available to such Party. 8.4 OWNERSHIP OF CONFIDENTIAL INFORMATION. All Confidential Information (including all copies thereof) of a Party hereto shall at all times remain the property of such Party. No rights or licenses to Intellectual Property Rights are implied or granted under this Agreement, except as expressly set forth herein. 9. ACCESS TO COMPUTER SYSTEMS BY IT PERSONNEL 9.1 SKYWORKS ACCESS. If Skyworks is given access to any Conexant Hardware, Conexant Software, networks or electronic files owned or controlled by Conexant, Skyworks shall limit such access and use solely to the extent required to receive IT Services under this Agreement and shall not access or attempt to access any Conexant Hardware, Conexant Software, networks or electronic files, other than those specifically required to receive the IT Services. Skyworks shall limit such access to those with a requirement to have such access in connection with this Agreement, shall advise Conexant in writing of the name of each such person and the duration (from date and to date) who will be granted such access, and shall comply with all Conexant security rules and procedures for use of Conexant's electronic resources that have been communicated in writing to Skyworks. All user identification numbers and passwords disclosed to Skyworks and any Conexant Confidential Information obtained by Skyworks as a result of their access to and use of any Conexant Hardware, Conexant Software, networks and electronic files owned or controlled by Conexant, shall be deemed to be, and shall be treated as, Conexant Confidential Information under applicable provisions of this Agreement. Skyworks agrees to cooperate with Conexant in the investigation of any apparent unauthorized access by Skyworks to any Conexant Hardware, Conexant Software, networks or electronic files owned or controlled by Conexant, or any apparent unauthorized release of Conexant Confidential Information by Skyworks employees. Nothing in this Agreement shall require Conexant to provide access to any of its Conexant Hardware, Conexant Software, networks or electronic files and any such access shall be at the reasonable discretion of Conexant. 9.2 CONEXANT ACCESS. If Conexant is given access to any Skyworks Hardware, Skyworks Software, networks, electronic files or clean rooms owned or controlled by Skyworks, Conexant shall limit such access and use solely to the extent required to provide IT Services under this Agreement and shall not access or attempt to access any Skyworks Hardware, Skyworks Software, networks, electronic files or clean rooms, other than those specifically required to provide the IT Services. Conexant shall limit such access to those with a requirement to have such access in connection with this Agreement, shall advise Skyworks in writing of the name of each such person and the duration (from date and to date) who will be granted such access, and shall comply with all Skyworks security rules and procedures for use of Skyworks' electronic resources that have been communicated in writing to Conexant. All user identification numbers and passwords disclosed to Conexant and any Skyworks Confidential Information obtained by Conexant as a result of their access to and use of any Skyworks Hardware, Skyworks Software, networks, electronic files and clean rooms owned or controlled by Skyworks, shall be deemed to be, and shall be treated as, Skyworks Confidential Information under applicable provision of this Agreement. Conexant agrees to cooperate with Skyworks in the investigation of any apparent unauthorized access by Conexant to any Skyworks Hardware, Skyworks Software, networks, clean-rooms or electronic files owned or controlled by Skyworks, or any apparent unauthorized release of Skyworks Confidential Information by Conexant employees. Nothing in this Agreement shall require Skyworks to provide access to any of its Skyworks Hardware, Skyworks Software, networks, electronic files or clean rooms and any 11 such access shall be at the reasonable discretion of Skyworks; provided, that if such access is required to perform IT Services and is denied by Skyworks, Conexant shall be relieved of its obligations to provide those IT Services that are dependent on access, without any adjustment to the Base Service Fees. 9.3 PHYSICAL ACCESS RIGHTS. Each Party shall only be provided access to the other Party's data center or data closet in accordance with this Section 9 during normal business hours, accompanied by an escort of the Party providing such access, and upon reasonable advanced notice of such access, which shall not be less than twenty-four (24) hours, or as otherwise mutually agreed between the Parties. 10. LIMITATIONS OF LIABILITY 10.1 WAIVER. IN NO EVENT SHALL EITHER PARTY BE LIABLE FOR ANY LOSS OF PROFIT, INDIRECT, INCIDENTAL, SPECIAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES ARISING OUT OF OR RELATING TO THIS AGREEMENT, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES OCCURRING. 10.2 LIABILITY LIMIT. IN NO EVENT WILL THE AGGREGATE LIABILITY OF CONEXANT OR SKYWORKS UNDER THIS AGREEMENT EXCEED $1 MILLION. 10.3 BASIS OF THE BARGAIN. EACH PARTY ACKNOWLEDGES THAT THE MUTUAL LIMITATIONS OF LIABILITY CONTAINED IN THIS SECTION 10 REFLECT THE ALLOCATION OF RISK SET FORTH IN THIS AGREEMENT AND THAT NEITHER PARTY WOULD ENTER INTO THIS AGREEMENT WITHOUT THESE LIMITATIONS ON LIABILITY. 10.4 DISCLAIMER. THE SERVICES PROVIDED UNDER THIS AGREEMENT ARE PROVIDED "AS IS." CONEXANT MAKES NO REPRESENTATIONS OR WARRANTIES UNDER THIS AGREEMENT, AND CONEXANT DISCLAIMS ANY AND ALL REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. 11. INDEMNIFICATION 11.1 Skyworks will, at its expense, defend, indemnify, and hold Conexant harmless from and against any and all claims, actions, demands, suits, losses, liabilities, judgments, expenses and costs (including reasonable attorneys' fees and fees of other professionals) ("Claims") (a) arising out of or related to any failure of Skyworks to obtain Required Consents, (b) alleging that Conexant's use, in accordance with this Agreement, of any Skyworks Intellectual Property Rights infringes or misappropriates a third party's Intellectual Property Rights, or (c) arising out of or relating to any personal injury (including death) or loss or damage to tangible property (other than data or information) to the extent such injury or damage is the result of negligence or wrongful misconduct of Skyworks or its employees. Conexant will use reasonable efforts to notify Skyworks promptly in writing of any Claim for which Conexant believes it is entitled to indemnification under this Section 11.1; however, Skyworks will be relieved of its indemnification obligations under this Section 11.1 only if and to the extent that the failure to receive prompt notice materially prejudices Skyworks' ability to defend the Claim. If Conexant tenders defense of any such Claim to Skyworks, Skyworks 12 must assume and bear the cost of the defense of the Claim. Conexant may, at its option and expense, retain its own counsel to participate in any proceeding related to a Claim. 11.2 Conexant will, at its expense, defend, indemnify, and hold Skyworks harmless from and against any and all Claims arising out of or relating to any personal injury (including death) or loss or damage to tangible property (other than data or information) to the extent such injury or damage is the result of negligence or wrongful misconduct of Conexant or its employees. Skyworks will use reasonable efforts to notify Conexant promptly in writing of any Claim for which Skyworks believes it is entitled to indemnification under this Section 11.2; however, Conexant will be relieved of its indemnification obligations under this Section 11.2 only if and to the extent that the failure to receive prompt notice materially prejudices Conexant's ability to defend the Claim. If Skyworks tenders defense of any such Claim to Conexant, Conexant must assume and bear the cost of the defense of the Claim. Skyworks may, at its option and expense, retain its own counsel to participate in any proceeding related to a Claim. 11.3 Neither Party shall have the right to settle any Claims in a manner that would reasonably be expected to materially diminish the rights or interests of the other Party without such other Party's prior written consent, which shall not be unreasonably withheld or delayed. If the Party to whom the defense is tendered fails to promptly assume the defense of such Claim, the other Party may assume the defense of such Claim at the expense of the Party to whom the defense was tendered. 12. TERM AND TERMINATION 12.1 TERM. The term of this Agreement (the "TERM") will begin on the Effective Date and will continue until terminated pursuant to this Section 12. 12.2 TERMINATION FOR CONVENIENCE. Examples of termination under this Section 12.2 are set forth in Attachment H. (a) On or before each of the following dates: February 1 and August 1 of each year (each, a "Notice Date"), either Party may notify of the intent to terminate this Agreement with respect to any Tower of Service by providing the other Party with at least six (6) months advance written notice of termination, unless the Parties mutually agree to a shorter period of notice. The effective date of termination of any Tower of Service pursuant to the previous sentence shall be six (6) months from the applicable Notice Date, whether such notice is delivered on or before such Notice Date. In the event either Party delivers notice of termination to the other Party pursuant to this Section, the recipient of such notice shall have five (5) business days to respond to such notice, during which time, the recipient Party may elect to terminate (1) a Tower of Service described in (i), (ii) or (iii) of Section 1.26 if the other Party delivers notice of termination of a Tower of Service described in (i), (ii) or (iii) of Section 1.26, or (2) a Tower of Service described in (iv) or (v) of Section 1.26 if the other Party delivers notice of termination of a Tower of Service described in (iv) or (v) of Section 1.26. (b) If a Party has a justifiable concern regarding the continuation of any Tower of Service, on or before the next Notice Date, such Party may provide the other Party written notice of its intent to evaluate termination of a Tower of Service on or before a date that is three (3) months following the applicable Notice Date (an "Evaluation Date"). If any such notice of evaluation is delivered in good faith, the Party delivering such notice may elect to terminate the applicable Tower of Service on or before the applicable Evaluation Date, which termination shall be effective six (6) 13 months following such Evaluation Date. If notice of termination is not received by the applicable Evaluation Date, the expressed concern shall be deemed alleviated. (c) If either Party delivers notice of termination as set forth in 12.2(a) or (b), such Party shall have up to ninety days (90) days to request an extension. The Tower of Service shall then be extended for six (6) months beyond the otherwise effective date of termination. The Parties may mutually agree to adjust the applicable IT Services, Service Levels and charges relating to the affected Tower of Service to reflect reduced IT Services during such extension period. (d) Only after delivery of notice of termination of a particular Tower of Service in accordance with this Section 12.2, Skyworks may utilize a third party for any such Tower of Service to ensure a smooth transition away from Conexant by the time such Tower of Service is terminated. In the event of termination of a Tower of Service, Conexant will use reasonable efforts to assist Skyworks in the transition of such services, including, but not limited to, data migration in a mutually agreed upon format, provided such assistance does not unreasonably interfere with ordinary business operations of Conexant. 12.3 TERMINATION FOR CAUSE. Each Party may terminate this Agreement immediately, upon written notice, (i) if the other Party breaches any material term of this Agreement and fails to cure such breach within thirty (30) days after receipt by the breaching Party of written notice from the non-breaching Party describing such breach; (ii) upon the institution by or against the other Party of insolvency, receivership or bankruptcy proceedings or any other proceedings for the settlement of the other Party's debts, (iii) upon the other Party's making an assignment for the benefit of creditors, (iv) upon the other Party's dissolution or ceasing to conduct business in the normal course, see 13.4 assignability or (v) the other Party's failure to pay its debts as they mature in the ordinary course of business. 12.4 TERMINATION FOR PAYMENT DEFAULT. Conexant may terminate this Agreement immediately, upon written notice, (i) if the Skyworks fails to satisfy its payment obligations when due under the terms of this Agreement and fails to cure such breach within ten (10) days after receipt of written notice from Conexant of a Payment Default, or (ii) any time after Skyworks has failed to satisfy its payment obligations when due under the terms of this Agreement on three separate occasions. The Parties agree that Conexant's right to terminate this Agreement under this Section shall not apply to amounts that are in dispute and are in the process of being resolved in accordance with Section 13.2. 12.5 SURVIVAL. Sections 1, 2.5, 2.6, 7, 8, 10, 11 and 13 shall survive termination of this Agreement for any reason. 12.6 FIRST CONSIDERATION. At the time that Skyworks discontinues utilizing Conexant, in part or in total, as its IT service provider, Skyworks will give Conexant IT employees first consideration for employment with Skyworks in lieu of reduction in force by Conexant. 12.7 EMPLOYEE TERMINATION. Within ten (10) business days of receipt of termination notification of any Tower of Service, payment of retention and severance packages, if any, will be mutually agreed to in writing by the Chief Information Officers and designated human resources officers of each Party. If agreement cannot be reached within such ten (10) day period, all Service Levels and charges relating to the terminated Tower of Servic e may be adjusted accordingly to the extent that Service Levels or charges are affected by the Parties inability to agree on retention and 14 severance packages. After receipt of termination notification of any Tower of Service, the Parties shall meet monthly to discuss resolution of retention and severance packages. 12.8 PASSWORDS AND DATA. Provided that termination of a Tower of Service is not the result of a breach by Skyworks, upon termination of a Tower of Service, Conexant will (i) deliver to Skyworks such passwords or other access codes associated with the terminated Tower of Service as deemed appropriate in Conexant's reasonable discretion and (ii) as soon as practicable, return all Skyworks data to Skyworks in a mutually agreed upon format. Conexant shall not be required to return data to Skyworks that is not readily separable from Conexant data without compromising Conexant data or otherwise impeding the operations of Conexant. 13. GENERAL 13.1 NOTICES. All notices, requests, claims, demands and other communications required or permitted to be given hereunder shall be in writing and shall be delivered and will be deemed given (a) when so delivered if delivered by hand, (b) when written confirmation is received if delivered by telecopier, (c) when e-mail confirmation is received if delivered by e-mail, (d) three (3) business days after mailing in the case of registered or certified mail, or (e) one (1) business day after mailing in the case of express mail or overnight courier service. All such notices, requests, claims, demands and other communications shall be addressed as set forth below, or pursuant to such other instructions as may be designated in writing by the party to receive such notice: If to Skyworks, to: Skyworks Solutions, Inc. 25 Computer Drive Haverhill, MA 01832-1236 Attention: President With copies to (not effective for purposes of notice): Skyworks Solutions, Inc. Skyworks Solutions, Inc. 4311 Jamboree Road 4311 Jamboree Road Newport Beach, CA 92660-3095 Newport Beach, CA 92660-3095 Attention: General Counsel Attention: Chief Information Officer or if to Conexant, to: Conexant Systems, Inc. 4311 Jamboree Road Newport Beach, CA 92660-3095 Attention: Chief Executive Officer With copies to (not effective for purposes of notice): Conexant Systems, Inc. Conexant Systems, Inc. 4311 Jamboree Road 4311 Jamboree Road Newport Beach, CA 92660-3095 Newport Beach, CA 92660-3095 Attention: General Counsel Attention: Chief Information Officer 15 13.2 CHOICE OF LAW; DISPUTE RESOLUTION. (a) This Agreement and the rights and obligations of the Parties hereunder shall be governed by the substantive laws of the State of California applicable to contracts made and to be performed therein, without reference to principles of conflicts of laws. In the event that any dispute, claim or controversy (collectively, a "Dispute") arises out of or relates to any provision of this Agreement or the breach, performance or validity or invalidity thereof, an appropriate authorized manager of Conexant and an appropriate authorized manager of Skyworks shall attempt a good faith resolution of such Dispute within thirty (30) days after either Party notifies the other of such Dispute. If such Dispute is not resolved within thirty (30) days of such notification, such Dispute will be referred for resolution to the Skyworks President and the Conexant Chief Executive Officer. Should they be unable to resolve such Dispute within thirty (30) days following such referral to them, or within such other time as they may agree, Skyworks and Conexant shall submit such Dispute to binding arbitration, initiated and conducted in accordance with the then-existing American Arbitration Association Commercial Arbitration Rules, before a single arbitrator selected jointly by Conexant and Skyworks. If Conexant and Skyworks cannot agree upon the identity of an arbitrator within ten (10) days after the arbitration process is initiated, then the arbitration shall be conducted before three (3) arbitrators, one (1) selected by Conexant, one (1) selected by Skyworks, and the third selected by the first two. The arbitration shall be conducted in the County of Orange, California and shall be governed by the United States Arbitration Act, 9 USC Section 116, and judgment upon the award may be entered by any court having jurisdiction thereof. The arbitrator(s) shall have case management authority and shall resolve the Dispute in a final award within one hundred eighty (180) days from the commencement of the arbitration action, subject to any extension of time thereof allowed by the arbitrators upon good cause shown. There shall be no appeal from the arbitral award, except for fraud committed by an arbitrator in carrying out his or her duties under the aforesaid rules; otherwise the Parties irrevocably waive their rights to judicial review of any Dispute arising out of or related to this Agreement. Notwithstanding the foregoing, either Party may pursue immediate equitable relief in the event of a breach of Section 8 or an alleged violation or misappropriation of the Intellectual Property Rights of either Party. (b) During any period in which the Parties are resolving a Dispute pursuant to this Section 13.2, the Parties shall continue to provide the services and support pursuant to the terms of this Agreement; provided, however, that (i) if the Parties jointly determine that any such services or support shall be suspended during the period in which the Parties are resolving a Dispute, then the deadlines and time periods in which such services and/or support are to be provided pursuant to this Agreement (as described herein) shall be extended for the same amount of time as the services and/or support were suspended, and (ii) if the Dispute pertains to the payment of fees due under the terms of this Agreement or any Additional Services Order, the Party claiming entitlement to such fees may suspend the provision of services until the other Party pays such amounts in Dispute or deposits such amounts with a neutral third party in escrow for distribution upon resolution of the Dispute. 13.3 FORCE MAJEURE. Neither Party will be liable for delays or failure to perform the Services if due to any cause or conditions beyond its reasonable control, including delays or failures due to acts of God, natural disasters, acts of civil or military authority, fire, flood, earthquake, strikes, wars, or utility disruptions (shortage of power). 13.4 ASSIGNMENT. Neither Party shall assign or subcontract its rights and obligations under this Agreement without the prior written consent of the other Party, which may not be unreasonably withheld or delayed. Notwithstanding the foregoing, each Party may assign, delegate 16 or sublicense all or any portion of its rights and obligations under this Agreement to (i) the surviving entity resulting from a merger or consolidation involving such Party, (ii) the acquiring entity of a sale or other disposition of all or substantially all of the assets of such Party as a whole or of any line of business or division of such Party, or (iii) any other party that is created as a result of a spin-off from, or similar reorganization transaction of, such Party or any line of business or division of such Party, including, without limitation, a subsidiary of Conexant into which the assets of Conexant's information technology organization are transferred; provided that, in no event shall either Party assign delegate or sublicense any of its rights or obligations under this Agreement to any party that is engaged in a business that is similar to or competitive with the other Party without such other Party's prior written consent, which may not be unreasonably withheld or delayed. In the event of an assignment pursuant to (ii) or (iii) above, Skyworks and Conexant shall, at the assigning Party's request, use good faith, commercially reasonable efforts to enter into separate agreements with each of the resulting entities and take such further actions as may be reasonably required to assure that the rights and obligations under this Agreement are preserved, in the aggregate, and divided equitably between such entities. 13.5 ENTIRE AGREEMENT; AMENDMENT; WAIVERS. This Agreement, together with all Attachments hereto, constitutes the entire agreement between the Parties pertaining to the subject matter hereof and supersedes all prior agreements, understandings, negotiations and discussions, whether oral or written, of the Parties. No supplement, modification or waiver of this Agreement shall be binding unless executed in writing by the Party to be bound thereby. No waiver of any of the provisions of this Agreement shall be deemed or shall constitute a waiver of any other provision hereof (whether or not similar), nor shall such waiver constitute a continuing waiver unless otherwise expressly provided. 13.6 INVALIDITY. In the event that any one or more of the provisions contained in this Agreement or in any other instrument referred to herein, is, for any reason, held to be invalid, illegal or unenforceable in any respect, such invalidity, illegality or unenforceability shall not affect any other provision of this Agreement or any other such instrument and the invalid, illegal or unenforceable provision shall be deemed modified so as to be valid, legal and enforceable to the maximum extent allowed under applicable law. 13.7 CONSTRUCTION. The headings of the Sections herein are inserted for convenience of reference only and are not intended to be a part of or to affect the meaning or interpretation of this Agreement. All Section and Attachment references in this Agreement are to Sections and Attachments, respectively, of or to this Agreement unless specified otherwise. Unless expressly stated otherwise, when used in this Agreement the word "including" means "including but not limited to." The Parties have participated jointly in the negotiation and drafting of this Agreement. If an ambiguity or question of intent or interpretation arises, this Agreement shall be construed as if drafted jointly by the Parties, and no presumption or burden of proof will arise or disfavoring any Party by virtue of the authorship of any provisions of this Agreement. 13.8 PARTIES OBLIGATED AND BENEFITED. This Agreement will be binding upon the Parties hereto and their respective permitted assigns and successors in interest and will inure solely to the benefit of such Parties and their respective permitted assigns and successors in interest, and no other Person. 13.9 RELATIONSHIP. Nothing in this Agreement shall be deemed or construed as creating a joint venture or partnership between the Parties. Neither Party is by virtue of this Agreement 17 authorized as an agent, employee, or legal representative of the other Party, and the relationship of the Parties is, and at all times will continue to be, that of independent contractors. 13.10 NO EMPLOYEE SOLICITATION. Without the other Party's written consent, during the Term of this Agreement and for a period of twelve (12) months thereafter, each Party agrees not to hire, contract with, or solicit for hire any IT personnel previously employed by such other Party in the twelve (12) months immediately preceding such hiring, contracting, or soliciting and with whom the hiring, contracting or soliciting Party had material contact in connection with the performance of IT Services during the Term of this Agreement. Notwithstanding the foregoing, this Section does not preclude either Party from contracting with third-party vendors engaged by the other Party. Nothing in this Section shall be deemed to reduce or otherwise amend each Party's non-solicitation obligations under the Contribution and Distribution Agreement between Conexant and Washington dated December 16, 2001 or any other documents executed in connection with the Merger. 13.11 COUNTERPARTS. This Agreement may be executed in one or more counterparts, each of which will be deemed to be an original but all of which will constitute one and the same agreement. 13.12 EXECUTION. This Agreement may be executed by facsimile signatures and such signature will be deemed binding for all purposes of this Agreement, without delivery of an original signature being thereafter required. 18 The Parties have executed this Information Technology Service Agreement as of the Effective Date. CONEXANT SYSTEMS, INC. By: /s/ Dennis E. O' Reilly ----------------------------------- Name: Dennis E. O' Reilly Title: Senior Vice President, General Counsel and Secretary ALPHA INDUSTRIES, INC. By: /s/ Paul E. Vincent ----------------------------------- Name: Paul E. Vincent Title: Vice President, Chief Financial Officer, Treasure and Secretary 19 ATTACHMENT A BASE SERVICES The Base Services consist of the services described in this Attachment A. A summary of the Service Levels described herein is set forth on Attachment I. The Service Levels may change from time to time upon mutual agreement of the Parties. 1. Application Support. Conexant will provide computer security, architecture & technology services and application support to the Skyworks Locations for the number of access accounts listed in Attachment B.1. a. Communication with the third-party application vendor on licenses, bug fixes, upgrades and updates, new products, and consulting services. b. Troubleshooting of Supported Software application issues. c. Changes to current configuration, if required to support business processes. d. Training on systems, explanation of current and future functionalities. e. Granting access privileges, account maintenance, new account creation, security architecture and other application infrastructure services. f. Attachment K represents the maximum support to be provided by each party. If and when any one of these limits are exceeded, both Account Managers will take action within one (1) month to reprioritize tasks and/or projects to bring the support requirement into compliance with Attachment K. g. Service Level. Each party will respond by confirming the receipt of all of the other party's questions, issues and requests within eight (8) Service Hours after receipt. Each party may require all issues to be communicated in a specific format that is reasonable, through a readily accessible specific media such as an intranet application. Each party will assign a priority to each request, and communicate an estimate of a completion date within a reasonable time. Each party shall assign priorities to support requests without regard to their source. 2. Programming Services. Conexant will provide modifications (to the extent permitted by any third party licensor) to Supported Software applications or their extensions, including reports. Programming services shall be provided by seven full-time equivalent personnel of Conexant dedicated to such support services. Such services will be provided for Skywork Locations as requested by Skyworks personnel. These services consist of First Level and Second Level Support for the following: a. Modifications to Supported Software applications or application extensions to fix bugs/issues, support changes in business processes, or to extend functionality. b. Modifications to change reporting databases or output reports, through addition of new data fields, changes to existing data fields, new formats and/or views. A-1 c. Modifications to interfaces to reflect minor database changes, and additions or modifications to data fields. d. Creation of new reports from existing applications or reporting databases. e. Conexant will be responsible for all communication with third party programming contract resources acquired by Conexant to complete any of Skyworks programming requests. f. The management, direction and selection of third-party programming resources engaged by Conexant will be the responsibility of Conexant. g. Service Levels. Conexant will respond by confirming the receipt of all Skyworks questions, issues and requests relating to the foregoing programming services within eight (8) Service Hours after receipt. If Conexant set priorities, Conexant will assign a priority to each request, and communicate an estimate of a completion date within a reasonable time, provided, however, that Conexant shall assign priorities to both Skyworks and Conexant requests without regard to their source. Conexant may require all issues to be communicated in a specific format that is reasonable, through a readily accessible specific media such as an intranet application. Skyworks may elect to expedite the request through a funded (by Skyworks) acquisition of additional programming effort as agreed as an Additional Service. 3. Remote Site Support Services. Conexant will provide reasonable support of Supported Software and Supported Hardware located on the desktops of Supported Washington Personnel at the Washington Locations in Europe and Asia Pacific. First Level and Second Level Support will be provided. a. Acquisition and installation of new printers, Supported Hardware PCs, and desktop Supported Software purchased by Skyworks for the Washington Business and upgrades of Supported Hardware PCs and remote-site Supported Software purchased by Skyworks are limited to an aggregate of six (6) installations, moves or upgrades per week in Asia Pacific or Europe. Support outside of Service Hours or more than an aggregate of six (6) installations, moves or upgrades per week during Service Hours will require Skyworks to cover expenses. All overtime and contract services must be approved in advance. b. Reasonable virus removal as requested from supported networked computers, in accordance with Conexant current policies. Infected Supported Hardware PCs must be first isolated from the network and will be put back in service only after the infection is cleaned. Remote Locations will be a coordinated effort through a local vendor. c. Reasonable troubleshooting of PC Supported Hardware and desktop Supported Software, within 2 releases of current standards. d. Creation and management of print queues for Asia Pacific and Europe. A-2 e. Service Levels. Conexant will respond within eight (8) Service Hours of the ticket being created. In addition, Conexant will resolve at least 50% of the problems reported within sixteen (16) Service Hours, according to the policies of the system used to track IT Operations Department related problems. In the event Remote Locations are moved or closed, the Parties shall mutually agree to adjustments in the IT Services, Service Levels and charges as appropriate to reflect the move or closure. 4. Infrastructure Services - Wire Line Telephony. Conexant will provide installation of new telephones and voicemail software purchased by Skyworks for the Washington Business, provided that no more than 600 wired telephone lines in Newport Beach shall be required to be managed simultaneously. Conexant will use commercially reasonable efforts to provide such services at all Washington Locations. Conexant will provide Second Level Support for Newbury Park and Mexicali and First and Second Level Support for all other Washington Locations. Telecommunications management will be provided for all Washington Locations. a. Moves, adds and changes will be coordinated with local support personnel for all Washington Locations for the following telephony, voicemail, cabling and network provided services. - Local dial-tone - Long distance dedicated or switched access - Toll-free service - Seven-digit dial plan - voice private network - Authorization codes - Phone cards - Voice network mgmt. - trouble tracking - Audio - conferencing - On-demand conferencing - Fax messaging - Global "voice" messaging - Local voicemail distribution list - System maintenance - Call accounting - Telco facilities - SOHO - Telecom lines and circuit tracking - Telecom billing b. Where Conexant utilizes its own personnel for moves, adds and changes to existing services during Service Hours, services are limited to three (3) moves, adds or changes per week on the Newport Beach campus. Support outside of Service Hours or more than three (3) moves, adds or changes per week during Service Hours will require Skyworks to cover expenses. Remote locations will be limited to ten (10) moves, adds or changes per week, supported remotely. c. Cabling services and dedicated telephony circuits and phone lines will be charged on a per job or per line basis as Additional Services. A-3 d. Service Levels. All administration related tasks (Ex: PBX and voice-mail moves, adds, and changes) will be responded to within four (4) Service Hours of the ticket being created. In addition, Conexant will address at least 50% of the problems reported within sixteen (16) Service Hours according to the policies of the system used to track IT Operations Department related problems. e. Conexant will inform the Skyworks Account Manager on a hourly basis as to when any phone outage impacts more than ten (10) people or a complete site and Conexant will use continuous efforts to resolve any such outage. 5. Infrastructure Services - Video Telephony. Conexant will provide all video services on a request basis. The request will be reported through the proper channels. Supported Washington Personnel will log a ticket to request support for the following services. a. El Capitan Auditorium IT support will be limited to three (3) meetings (not to exceed four (4) hours per meeting) per month. Any excess will be billed as an Additional Service. b. The following video telephony services are supported: (i) on-demand streaming video; (ii) web conferencing and on-line collaboration ; (iii) video-conferencing bridged calls; (iv) ISDN connectivity; (v) media ( streaming ) player management; (vi) global video - systems management; (vii) WAN - video IP; (viii) global address book; and (ix) company video broadcast. c. Service Levels. All requests will be responded to within four (4) Service Hours of the ticket being created. In addition, Conexant will address at least 50% of the problems reported within sixteen (16) Service Hours according to the policies of the system used to track IT Operations Department related problems. 6. Infrastructure Services - LAN Services. Conexant will provide support of current local area networks (data networks) in place at the Washington Locations. Conexant will provide First Level Support at all Washington Locations, except Newbury Park, Ottawa and Mexicali. Second Level Support will be provided at all Washington Locations, including Newbury Park, Ottawa and Mexicali. A-4 a. Reasonable configuration of the speed and duplex settings for existing switches in the Skyworks network for the Washington Business. b. Reasonable monitoring of the network switches in the Washington network. Identifying & correcting misbehaving devices by first isolating them from the Skyworks production network for the Washington Business. c. Reasonable configuration and management of the VLANs and their routing in the network for the Washington Business. d. Reasonable support of internal DNS changes using the Conexant tool during regular Service Hours. Support outside of Service Hours will require Skyworks to cover for overtime-related expenses. e. Reasonable support for primary & backup DHCP servers. 7x24 support will be provided for DHCP related problems in the network for Skyworks Locations. f. Only Conexant will have both read and read/write (second level access) access to the network Hardware that is being managed. g. Service Levels. Conexant will respond within two (2) Service Hours of the ticket being created. In addition, Conexant will address at least 50% of the problems reported within sixteen (16) Service Hours according to the policies of the system used to track IT Operations Department related problems 7. Infrastructure Services - Remote Access & Small Office Home Office ("SOHO") Services. Conexant will provide support of current remote access for all Skyworks Locations. Conexant will provide First and Second Level Support. a. Reasonable installation, configuration, monitoring, and management of the remote access servers for the number of access accounts set forth opposite the services listed in Attachment B.1. These access servers may be shared with Conexant and other companies supported by Conexant. b. Reasonable installation, configuration, monitoring, and management of the Authentication, Authorization, and Accounting (AAA) servers. The AAA servers will be shared with Conexant and other companies that are supported by Conexant. c. Reasonable installation, configuration, monitoring, and management of the Ace servers for strong authentication of remote access users not to exceed 200 additional users. The Ace server will be shared with Conexant and other companies supported by Conexant. Skyworks will purchase all secure ID tokens and any necessary software licenses for new access that is needed by Skyworks personnel. d. Reasonable installation, configuration, monitoring, and management of the VPN servers. The VPN servers will be shared with Conexant and other companies supported by Conexant. e. Monitoring and management of the hardware and software VPN clients. A-5 f. Mutually agreed to Skyworks upgrades, other than Conexant upgrades, will be done as Additional Services. g. Service Levels. Conexant will respond within eight (8) Service Hours of the ticket being created. In addition, Conexant will address at least 50% of the problems reported within sixteen (16) Service Hours according to the policies of the system used to track IT Operations Department related problems. 8. Infrastructure Services - Internet Services. Conexant will provide support of Internet access for personnel at Skyworks Locations. Conexant will provide First and Second Level Support. a. The personnel must observe Conexant's Security and firewall policy while participating in any Internet activity. b. Only Skyworks client PCs with static IP addresses or an entire subnet will be blocked from accessing the Internet. c. Conexant will provide Internet access. This Internet access may be shared with Conexant and other companies supported by Conexant. d. Reasonable installation, configuration, monitoring, and management of the firewalls. These firewalls may be shared with Conexant and other companies supported by Conexant. e. Requests for planned changes to the firewall policy need to be received one week prior to the change for design validation & verification. Urgent changes will be accommodated within eight (8) Service Hours for an additional cost, as agreed as an Additional Service. f. Service Levels. Conexant will respond within 8 Service Hours of the ticket being created. In addition, Conexant will address at least 50% of the problems reported within sixteen (16) Service Hours according to the policies of the system used to track IT Operations Department related problems. g. Conexant will inform the Skyworks Account Manager on a hourly basis as to when any Internet outage impacts more than ten (10) people or a complete site and Conexant will use continuous efforts to resolve the outage. 9. Infrastructure Services - WAN Services. Conexant will provide support of the wide area network infrastructure at all Skyworks Locations. The network hardware may be shared with Conexant and other companies supported by Conexant. Conexant will provide First and Second Level Support. a. Reasonable monitoring of the WAN on a 7x24 basis. b. Reasonable monitoring of the network routers in the network. c. Reasonable configuration and management of the WAN circuits and their routing in the network. A-6 d. Reasonable configuration and management of existing network Hardware that meet Conexant's hardware standards in place today. e. Reasonable upgrades to the Hardware and Software in the network Hardware. f. WAN upgrades, WAN downgrades, WAN adds, moves and changes must be approved by Conexant in advance. g. WAN upgrades, WAN downgrades, WAN adds, moves and changes requested by Skyworks may be considered as Additional Services, depending on the scope. h. Monthly reporting on utilization will be made available to the Skyworks Account Manager. i. Only Conexant will have both read and read/write (second level access) access to the network Hardware that is being managed. j. Dedicated leased lines & frame relay connections will be charged on a per line basis as Additional Services. k. Service Levels. Conexant will respond within two (2) Service Hours of the ticket being created. In addition, Conexant will address at least 70% of the problems reported within eight (8) Service Hours according to the policies of the system used to track IT Operations Department related problems. l. Conexant will inform the Skyworks Account Manager on an hourly basis as to when any WAN outage impacts more than ten (10) people or a complete site and Conexant will use continuous efforts to resolve the outage. 10. Infrastructure Services - Email Services. Conexant will provide management of the email infrastructure at the Skyworks Locations. a. Reasonable support of email configuration until the transition from Lotus Notes is complete. b. Reasonable support of the data migration of email files from Lotus Notes to Microsoft Exchange. c. Validation of SMTP will be the responsibility of Skyworks. A-7 11. Infrastructure Services; Groupware Services. Skyworks will provide First Level Support, and Conexant will provide Second Level Support. a. Conexant will reasonably support the creation of new accounts; certification and troubleshooting of Lotus Notes Groupware for personnel at Skyworks Locations. New account creation is not to exceed 500 existing Skyworks employee accounts during the Term of this Agreement. Skyworks is responsible for the purchase of the associated account licenses. b. Conexant will provide reasonable infrastructure support to Groupware related applications accessed by personnel at Skyworks Locations. c. Conexant will provide reasonable web application hosting for "web based" Lotus Notes/Domino databases accessed by personnel at Skyworks Locations as of the Effective Date. d. Conexant will provide access to Lotus Notes based "Teamrooms, discussion databases, and group mail boxes" accessed by personnel at Skyworks Locations. e. Service Levels. Conexant will respond within eight (8) Service Hours of the ticket being created. In addition, Conexant will resolve at least 50% of the problems reported within sixteen (16) Service Hours, according to the policies of the system used to track IT Operations Department related problems. 12. Data Center Services. Conexant will provide reasonable support of all applications, hardware platforms and backup infrastructure hosted in a Conexant managed data center (except Newbury Park, Ottawa and Mexicali), including 7x24x365 service where necessary. Conexant will provide First and Second Level Support. These services consist of: a. Supports all Supported Hardware servers under current maintenance agreements. The system instances covered include production, training and development. b. Supports all Supported Hardware and Supported Software upgrades and patches. c. Conexant reserves the right to refuse upgrades on shared resources. d. Supports hardware configuration changes (e.g. disk space and printers). Configuration changes of Supported Software applications (e.g. new instances and database refreshes. e. System management, troubleshooting, performance tuning and capacity planning of system related issues f. Granting access privileges, account maintenance, and new account creation as reasonably requested. g. Transport application changes to production will be based on Conexant's current established procedures. h. Any new server installations will be treated as Additional Services. A-8 i. Data backup conducted in a manner consistent with past practices of Conexant. j. Service Level. Conexant will respond within eight (8) Services Hours of the ticket being created. Conexant may require all issues to be communicated in a specific format that is reasonable, through a readily accessible specific media such as an intranet application. If Conexant set priorities, Conexant will assign a priority to each request, and communicate an estimate of a completion date within a reasonable time, provided, however, that Conexant shall assign priorities to both Skyworks and Conexant requests without regard to their source. k. Mission Critical Support: Conexant will respond to mission critical problems within 1 hour and make continuous effort to resolve the problem to the extent that it is related to the data center operation management (SAP, Adexa, DMS and PROMIS). All mission critical problems will have a "root cause' analysis completed and sent to the Account Managers once the problem has been resolved. A-9 ATTACHMENT B B.1 - APPLICATIONS AND NUMBER OF SYSTEM ACCESS ACCOUNTS FOR THE WASHINGTON BUSINESS The number of users set forth below may increase or decrease by up to ten percent (10%) without affecting the Base Services Fee. Any increase in the number of users above ten percent (10%) shall be Additional Services. APPLICATIONS LICENSE TYPE ACCESS ACCOUNTS - ------------ ------------ --------------- Lotus Notes Named 1951 SAP - Production Named 258 PROMIS Concurrent 1636 Sherpa DMS Server and Concurrent 561 Viador Server 148 iPlanet LDAP Server 1315 Adexa Server 8 SERVICES ACCESS ACCOUNTS - -------- --------------- Remote - Modem Dial-up 620 Remote - Cox Cable 51 Remote - Private DSL 53 B-1 ATTACHMENT B B.2 - WASHINGTON LOCATIONS APAC (ASIA/PACIFIC REGION) BEIJING, CHINA Unit 2421 South Office Tower Beijing Kerry Centre 1 Guang Hua Road Chao Yang District TAEGU, KOREA 13F Sambee Bldg., 559-0 Bumeo-1 Dong Soosung-Gu, Taegu, Korea 706-011 SEOUL, KOREA Rm 1508 Textile Centre Building 944-31, Daechi-3 Dong Kangnam-Ku 135-283 Seoul Korea HONG KONG, CHINA Rm 2501-2513 & 2532-2540 Sun Hung Kai Centre 30 Harbour Road Wanchai Hong Kong SHANGHAI, CHINA Lucky Target Square Bldg. 31st flr Suite 3102, 500 Chengdu North Road, Shanghai 200003 P.R.C. TAIPEI, TAIWAN Room 2808, International Trade Bldg. 333 Keelung Road, Section 1 Taipei, 110 Taiwan R.O.C. TOKYO, JAPAN Shimomoto Building 1-46-3 Hatsudai, Shibuya-ku Tokyo, 151-0061 Japan EUROPE CAMBRIDGE, UK St. Johns Innovation Centre B-2 Cowely Road, Cambridge, Cb4 0WS UK DENMARK Parallelvej 10 2800 Lyngby, Copenhagen Denmark HELSINKI, FINLAND Ayritie 12a 01510 Vantaa Finland LEMANS, FRANCE 2 Ave. Pierre Piffault, 72100 Lemans, France MUNICH, GERMANY Paul-Gerhardt-Allee 50 A 81245 Munchen, Germany PARIS, FRANCE Immeuble "Le Franklin" 34 Avenue Franklin Roosevelt - BP92 92159 Suresnes Cedex France NICE, FRANCE Les Taissounieres B1 1680 Route des Dolines, BP 283 06905 Sophia Antipolis Cedex France READING, ENGLAND 100 Longwater Avenue Green Park Reading Berkshire RG2 6GP England NORTH AMERICA CEDAR RAPIDS, IA 4840 North River Blvd, NE Cedar Rapids, IA 52402 HILLSBORO, OR 3000 NW Stucki Place 3000 Bldg, Suite 220 Hillsboro, OR 97124 IRVING, TX B-3 750 W. Carpenter Suite 300 Irving, TX 75039 NEWBURY PARK, CA (includes all buildings at the Newbury Park campus) 2427 West Hillcrest Drive Newbury Park, CA 91320 NEWPORT BEACH, CA (includes all buildings at the Newport Beach campus) 4311 Jamboree Road Newport Beach CA 92660 RALEIGH, NC 1121 Situs Court Suite 330 Raleigh, NC 27606 SAN DIEGO, CA (includes all buildings at the San Diego campus) 9868 Scranton Road San Diego, CA 92121 SAN JOSE, CA 2075 Zanker Road San Jose, CA 95037 SANTA ROSA, CA 120 Stony Point Road, Suite 105 Santa Rosa, CA 95401 MEXICALI, MEXICO Ave. Ignacio Lopez Rayon 1699 21050 Mexicali, BC Mexico OTTAWA, CANADA 146 Colonnade Road S.Nepean, Ontario, Canada K2E 7Y1 CALEXICO, CA AF Romero Warehouse 291 Avenida Campillo Suite E Calexico, CA 92231 B-4 ATTACHMENT B B.3 - ALPHA LOCATIONS NORTH AMERICA HAVERHILL, MA 25 Computer Drive Haverhill, MA 01832 WOBURN, MA 20 Sylvan Road Woburn, MA 01801 SUNNYVALE, CA 1230 Bordeaux Drive Sunnyvale, CA 94089 MUNDELEIN, IL 112 Terrace Drive Mundelein, IL 60060 ADAMSTOWN, MD 5520 Adamstown Road Adamstown, Maryland 21710 FREMONT, CA 43194 Christy Street Fremont, CA 94538 APAC (ASIA/PACIFIC REGION) HONG KONG, CHINA 39/ F., One Pacific Place 88 Queensway, Admiralty Hong Kong EUROPE MILTON KEYNES, U.K. 494 Midsummer Boulevard Central Milton Keynes Buckinghamshire, MK9-ZEA B-5 MAZAN, FRANCE 430 La Venue de Mormoiron 84.380 Mazan France CO. CLARE IRELAND 9 Woodbrok Cratloekeel, Co. Clare Ireland B-6 ATTACHMENT C C.1 - SUPPORTED APPLICATIONS - -------------------------------------------------------------------------------- APPLICATION NAME - -------------------------------------------------------------------------------- MAJOR APPLICATIONS - FINANCE - -------------------------------------------------------------------------------- SAP R/3 - FI/CO/IM* PROMIS - Costing* Lotus Notes/Domino - EPRS/FAA* - -------------------------------------------------------------------------------- MAJOR APPLICATIONS - GENERAL COUNSEL - -------------------------------------------------------------------------------- Lotus Notes/Domino - IDS/NDA* - -------------------------------------------------------------------------------- MAJOR APPLICATIONS - PAYROLL - -------------------------------------------------------------------------------- ProBusiness - Payroll Kronos - -------------------------------------------------------------------------------- MAJOR APPLICATIONS - STOCK PROCESSING - -------------------------------------------------------------------------------- Chase Mellon Fidelity Exercise Excel System Deferred Compensation System - -------------------------------------------------------------------------------- MAJOR APPLICATIONS - HUMAN RESOURCES - -------------------------------------------------------------------------------- SAP HR Modules* Employ! ESS Employment Verification System Travel Arrangement System HR Datamart - -------------------------------------------------------------------------------- MAJOR APPLICATIONS - BENEFITS PROCESSING - -------------------------------------------------------------------------------- FSA Sageo - -------------------------------------------------------------------------------- MAJOR APPLICATIONS - ERP APPLICATIONS - -------------------------------------------------------------------------------- SAP R/3* SAP ITS (Internet Transaction System)* - -------------------------------------------------------------------------------- MAJOR APPLICATIONS - WEB APPLICATIONS - -------------------------------------------------------------------------------- Lotus Notes/Domino* Web development Custom developed Lotus Notes/Domino Workflow and Web applications* - -------------------------------------------------------------------------------- MAJOR APPLICATIONS - WORLD WIDE SALES - -------------------------------------------------------------------------------- SAP Sales & Distribution Module* SAP Incentive & Commissions Planning Module* SAP Foreign Trade Module* Design Tracking System (DTS) Field Sales Forecast (FSF) POS E-Biz (Order Status, Shipment Status, Account Status, Incentive Report and Order Entry) - -------------------------------------------------------------------------------- C-1 - -------------------------------------------------------------------------------- MAJOR APPLICATIONS - WORLD WIDE QUALITY - -------------------------------------------------------------------------------- SAP - Quality Management Module* QSI ISO Tracking System RMA Tracking System e-RMA System - -------------------------------------------------------------------------------- MAJOR APPLICATIONS - SUPPLY CHAIN MANAGEMENT - -------------------------------------------------------------------------------- Adexa Supply Chain Planning* SAP Sales and Distribution Module* SAP Materials Management Module* Supply Demand Data Mart Excess Inventory System Merlin forecasting system (Mimi) (or replacement) - -------------------------------------------------------------------------------- MAJOR APPLICATIONS - OPERATIONS - -------------------------------------------------------------------------------- PROMIS WIP Tracking* DMS - Product Data Management System* Lotus Notes Databases Extricity (or replacement) RS1 Ops Web Pages OEE Database DDR Reporting - -------------------------------------------------------------------------------- MAJOR APPLICATIONS - INFRASTRUCTURE - -------------------------------------------------------------------------------- Data Warehouse Tibco Middleware Accounts Security Database Oblix Single Sign-On Environment/LDAP Directories BMQ Multinet Oracle Replic Action Viador Informatica - -------------------------------------------------------------------------------- *Indicates that the application is a Core Application for purposes of Section 5.1(a) of the Agreement. C-2 ATTACHMENT C SUPPORTED SOFTWARE C.2 - DESKTOP SITE LICENSED SOFTWARE Netscape Netswitcher McAfee WinZip Adobe Acrobat Reader Ghost NON-SITE LICENSED SOFTWARE Lotus Notes R5 Windows 95 and subsequent versions of Windows MS Office Suites MS Access MS Project MS SMS Reflections Suite for X Exceed AutoCAD, Auto CAD Lite Visio Kea Term Adobe Acrobat Write C-3 ATTACHMENT C SUPPORTED SOFTWARE C.3 - APPLICATIONS NOT SUPPORTED This list should not be considered comprehensive. The exclusion of these applications from Supported Software does not affect Conexant's obligations to backup data pursuant to Section 12.i. of Attachment A. - ------------------------------------------------------ MAJOR APPLICATIONS - FINANCE - ------------------------------------------------------ Hyperion - ------------------------------------------------------ MAJOR APPLICATIONS - GENERAL COUNSEL - ------------------------------------------------------ CPI Intellectual Property Management System Case Track - Legal Matter Management System - ------------------------------------------------------ MAJOR APPLICATIONS - HUMAN RESOURCES - ------------------------------------------------------ Kadiri - ------------------------------------------------------ MAJOR APPLICATIONS - BENEFITS PROCESSING - ------------------------------------------------------ ProBusiness - Benesphere - ------------------------------------------------------ MAJOR APPLICATIONS - OPERATIONS - ------------------------------------------------------ RTD Dispatching Data Power - ------------------------------------------------------ C-4 ATTACHMENT D SUPPORTED HARDWARE D.1 - INFRASTRUCTURE This list includes all infrastructure standards currently used by Conexant irrespective of its use by Skyworks. SERVICE STANDARD - ------- -------- DATA NETWORKS LAN-DHCP CISCO NETWORK REGISTRAR LAN-DNS CISCO NETWORK REGISTRAR & OSI BIND LAN-AUDIT CISCO NETSONAR LAN-LAYER3 SWITCHING CISCO CAT 6500 MSFC LAN-GB BACKBONE CISCO CAT 6500 WAN-FRAME RELAY SPRINT WAN-PRIVATE LINE (DS3,T1, F/T1) SPRINT WAN-ISDN BACK UP SPRINT/PAC BELL WAN-SWITCHING CISCO 8420 IGX WAN-DSL/CABLE LOCAL PROVIDERS WAN-OUT-OF-BAND MGMT ANALOG LINES (PACBELL/LOCAL PROVIDERS) WAN-NTP SERVICES CONEXAT STRATUM 2 NTP SERVER, CISCO ROUTER RELAY WAN-VOIP CISCO RAS-SERVERS CISCO AS5300 CISCO 3640 RAS-AAA SERVICES CISCO SECURE SERVER (AUTHENTICATION, AUTHORIZATION, AND ACCOUNTING SERVICES) RAS-STRONG AUTHENTICATION SECURED TOKENS RAS-SERVICE PROVIDERS SPRINT TOLL FREE NUMBER & INTERNATIONAL EQUANT INTERNET-ISP MULTI-HOMING SPRINT (DS3-45MB) COX(10MB) AT&T(4MB) INTERNET-ROUTING BGP INTERNET-ASN ASN 2646 OWN INTERNET IP INTERNET-CACHING CISCO CACHE ENGINES INTERNET-SECURITY PIX FIREWALLS INTERNET-VPN NETSCREEN & NORTEL CONTIVITY INTERNET-DNS OSI BIND/UNIX INTERNET-IDS CISCO NETRANGERS INTERNET-URL MANAGEMENT WEBSENSE/SUPERSCOUT INTERNET-WEB TRAFFIC LOAD LOCAL DIRECTOR BALANCING SOHO-ISP COX COMMUNICATION & COVAD DSL & LOCAL DSL PROVIDERS SOHO-MANAGEMENT OUTSOURCE TO AXCELERANT NETMGMT-TRENDING CONCORD D-1 SERVICE STANDARD - ------- -------- NETMGMT-MONITORING HP OPENVIEW, CUSTOM SCRIPTS NETMGMT-LOGGING UNIX LOG SERVER NETMGMT-CONFIGURATION UNIX TFTP SERVER NETMGMT-ALERTING ATTENTION NETMGMT-TROUBLE TRACKING REMEDY NETMGMT-TRACING DISTRIBUTED SNIFFER (LAN, WAN, ATM, GB, RMON) VOICE NETWORK LOCAL DIAL-TONE XO COMMS, SBC, QWEST, VARIOUS LOCAL EXCHANGES LONG DISTANCE DEDICATED OR SWITCHED ACCESS SPRINT TOLL-FREE SERVICE SPRINT SEVEN-DIGIT DIAL PLAN -VOICE SPRINT PRIVATE NETWORK AUTHORIZATION CODES SPRINT PHONECARDS SPRINT VOICE NETWORK MGMT. - TROUBLE REMEDY TRACKING AUDIO -CONFERENCING BRIDGED CONFERENCE AMERICA CALLS ON-DEMAND CONFERENCING CONFERENCE AMERICA LAN - VOIP AVAYA 4624 PHONES WAN - VOIP AVAYA DEFINITY IP600'S FAX MESSAGING RIGHTFAX, AVAYA INTUITY AUDIX GLOBAL "VOICE" MESSAGING AVAYA INTERCHANGE HUB GLOBAL DISTRIBUTION LIST AVAYA INTERCHANGE HUB (VOICEMAIL ) VOICEMAIL VIA WEBMESSAGING AVAYA WEBMESSAGING PROTOCOL MOVES, ADDS, AND CHANGES AVAYA DEFINITY NETWORK ADMINISTRATION, IMPACT -MAC-EZ SYSTEM MAINTENANCE AVAYA, INTEGRATED TECHNOLOGIES CALL ACCOUNTING TELEMATE TELCO FACILITIES DS1'S, PRI'S, 1MB'S, TIE LINES BRI'S, CO/DID TRUNKS, SOHO 1MB LINES, ISDN BRI LINES TRACKING LOTUS NOTES DATABASE TELECOM LINES AND CIRCUIT CELL PHONES VERIZON WIRELESS PAGERS SKYTEL TELECOM BILLING PROFITLINE D-2 SERVICE STANDARD - ------- -------- VIDEO NETWORK ON - DEMAND STEAMING VIDEO REAL NETWORKS WEB - CONFERENCING AND ON-LINE COLLABORATION WEB-EX VIDEO - CONFERENCING BRIDGED GLOBAL CROSSING CALLS ISDN CONNECTIVITY LOCAL EXCHANGE, SPRINT CONTENT DEVELOPMENT AVID, REAL NETWORKS MEDIA PLAYER MGMT. REAL NETWORKS / PLAYER GLOBAL VIDEO - SYSTEMS MGMT POLYCOM GMS SOLUTION WAN - VIDEO IP POLYCOM VIEWTSATION GLOBAL ADDRESS BOOK POLYCOM GMS COMPANY VIDEO BROADCAST WEBEX, REAL NETWORKS E-MAIL SERVICES E-MAIL IBM/LOTUS GROUPWARE APPLICATION SUPPORT IBM/LOTUS WEB APPLICATION HOSTING IBM/LOTUS INSTANT MESSAGING IBM/LOTUS TEAMROOMS, DISCUSSIONS & GROUP IBM/LOTUS MAILBOXES D-3 ATTACHMENT D SUPPORTED HARDWARE D.2 - DATA CENTER This list is supported hardware that is located in the Newport Beach data center and may not be used exclusively for/by Skyworks and will be owned by Conexant. SERVER MANUFACTURER HARDWARE MODEL OPERATING SYSTEM APPLICATION - ------ ------------ -------------- ---------------- ----------- corona HP HP9000 735 / 125 HPUX DMS laguna HP HP9000 K410 HPUX DMS malibu HP HP9000 H60 HPUX DMS mozart SUN E4500 Solaris newport HP HP9000 K410 HPUX DMS sunset SUN Ultra 60 Solaris venice SUN Sparc 10 Solaris EUROPA Compaq GS 140 VMS PROMIS NBNSOPS1 Compaq Proliant 5000 Windows NT NBOPS2 Compaq Proliant DL380 Windows NT TRITON Compaq GS 140 VMS PROMIS COZI Compaq 2100 VMS PROMIS EXCEL Compaq GS 140 VMS PROMIS chewbaca SUN E3000 Solaris RTD hershel SUN E3500 Solaris RTD pollux Compaq 8200 Tru64 pine SUN E450 Solaris RTD NBCBSAPPS1 Compaq Proliant 1850R Windows NT Viador NBCBSAPPS2 Compaq Proliant 1850R Windows NT Viador NBCBSAPPS3 Compaq Proliant 1850R Windows NT Viador ravel SUN E250 Solaris stellar HP HP9000 E45 HPUX azuma Compaq DS10L Tru64 NBNSDEPT1 Compaq Proliant 5000 Windows NT NBNSDEPT2 Compaq Proliant DL380 Windows NT NBNSDEPT3 Compaq Proliant 5000 Windows NT NBNSDEPT4 Compaq Proliant 5000 Windows NT NBMCAFEE Compaq Proliant 1850R Windows 2000 NBMCAFEE2 Compaq Proliant 1850R Windows 2000 NBNSDNS01 Compaq Proliant 1600R Windows NT NBNSDNS02 Compaq Proliant 1600R Windows NT NBNSHOME1 Compaq Proliant 2500 Windows NT NBNSHOME2 Compaq Proliant 2500 Windows NT NBNSPDC Compaq Proliant 1600R Windows NT NBNSPRNT1 Compaq Proliant DL380 Windows 2000 NBNSWSDC2 Compaq Professional WS Windows NT 6000 NBVERITAS1 Compaq Proliant ML530 Windows NT REMEDY1 Compaq Proliant 1850R Windows NT NBNSSQL1 Compaq Proliant 1850R Windows NT NBSQL2 Compaq Proliant DL380 Windows NT D-4 SERVER MANUFACTURER HARDWARE MODEL OPERATING SYSTEM APPLICATION - ------ ------------ -------------- ---------------- ----------- NBSQL3 Compaq Proliant 6400R Windows 2000 NBSQL4 Compaq Proliant 6400R Windows 2000 NBNSDATA2 Compaq Proliant 4500 Windows NT NBTERMSRV3 Compaq Storage System Windows NT (former Appsrv1) NBCISCO1 Compaq Proliant 4500 Windows 2000 NBGNSDHCP2 Compaq Proliant 2500 Windows 2000 SENSOR03 Compaq Proliant 5000 Windows NT gateway HP9000 G50 HPUX regis18 Compaq DS20 Tru64 SAP regis30 Compaq 8200 Tru64 SAP regis4 Compaq DS20 Tru64 SAP regis5 Compaq 8200 Tru64 SAP regis6 Compaq ES40 Tru64 SAP regis81 Compaq DS20E Tru64 SAP regis82 Compaq DS20E Tru64 SAP regis83 Compaq DS20E Tru64 SAP regis88 Compaq 8200 Tru64 SAP NBKRONOS1 Compaq Proliant DL380 Windows NT Kronos NBKRONOS2 Compaq Proliant DL380 Windows NT Kronos NBKRONOS3 Windows NT Kronos juniper SUN E3500 Solaris Kronos BREEZE Compaq Proliant 5000 DRAGONFLY Compaq WS AP200 Windows NT Lotus Notes NBLIBRARY2 Compaq Proliant 1850R Windows NT Lotus Notes NBLNADM1 Compaq Proliant 5000 Windows NT Lotus Notes NBLNAPPS1 Compaq Proliant 1850R Windows NT Lotus Notes NBLNAPPS2 Compaq Proliant 6500 Windows NT Lotus Notes NBLNAPPS3 Compaq Proliant 5000 Windows NT Lotus Notes NBLNAPPS4 Compaq Proliant 2500 Windows NT Lotus Notes NBLNAPPS5 Compaq Proliant 3000 Windows NT Lotus Notes NBLNBKUP1 Compaq Proliant 5000 Windows NT Lotus Notes NBLNDEVL1 Compaq Proliant 5000 Windows NT Lotus Notes NBLNEXT1 Compaq Proliant 5000 Windows NT Lotus Notes NBLNFAX1 Compaq Proliant 3000 Windows NT Lotus Notes NBLNHUB1 Compaq Proliant 5000 Windows NT Lotus Notes NBLNHUB2 Compaq Proliant 5000 Windows NT Lotus Notes NBLNHUB3 Compaq Proliant 5000 Windows NT Lotus Notes NBLNISO1 Compaq Proliant 1850R Windows NT Lotus Notes NBLNISO1B Compaq Proliant DL380 Windows NT Lotus Notes NBLNMAIL1A Compaq Proliant 6400R Windows NT Lotus Notes NBLNMAIL1B Compaq Proliant 6500 Windows NT Lotus Notes NBLNMAIL1C Compaq Proliant DL580 Windows NT Lotus Notes NBLNMAIL2 Compaq Proliant 5000 Windows 2000 Lotus Notes NBLNMAIL3 Compaq Proliant 5000 Windows NT Lotus Notes NBLNMAIL4 Compaq Proliant 6400R Windows NT Lotus Notes NBLNMAIL5 Compaq Proliant 5000 Windows NT Lotus Notes NBLNMAIL6 Compaq Proliant 1850R Windows NT Lotus Notes NBLNMON1 Compaq Proliant 2500 Windows NT Lotus Notes D-5 SERVER MANUFACTURER HARDWARE MODEL OPERATING SYSTEM APPLICATION - ------ ------------ -------------- ---------------- ----------- NBLNSMTP1 Compaq Proliant DL380 Windows NT Lotus Notes NBLNSMTP2 Compaq Proliant DL380 Windows NT Lotus Notes NBLNTRNG Compaq PC Clone Windows NT Lotus Notes NPBDOM1 Compaq Proliant 5000 Windows NT Lotus Notes NPBSMTP1 Compaq Proliant 5000 Windows NT Lotus Notes SAMETIME Compaq Proliant DL380 Windows 2000 Lotus Notes SAMETIME2 Compaq Proliant 5000 Windows NT Lotus Notes NBNSD815 Compaq Proliant 5500 Windows NT ATHENA Compaq Proliant 6400R NBNSTRAIN1 Compaq Proliant 6500 Windows NT NBCOMP Compaq Proliant DL380 Windows NT NBNSRESUMIX Compaq Proliant 3000 Windows NT NBTAX1 Compaq Proliant 1600R Windows NT CNXTDDS Compaq Deskpro PC Windows NT HORBIA Compaq Deskpro PC Windows NT NBEXODUS Compaq Proliant 1850R Windows NT NBMETROLOGY Compaq Proliant DL380 Windows NT D-6 ATTACHMENT E BUSINESS PROCEDURES/PROCESSES 1. ADDITIONAL SERVICES GENERALLY. a. Additional Services may be requested by either Party to cover changes to the Base Services, requested Projects, or other Additional Services as well as changes to the current planning parameters and assumptions, or the operating business environment. The Parties agree to use commercially reasonable efforts to agree upon and provide the requested Additional Services. b. If the Parties agree that Conexant will provide Additional Services, then they will document their agreement in an Additional Services order ("Additional Services Order") signed by both Parties. Each Additional Services Order will include (a) the effective date and term, (b) obligations of Conexant and a description of the Additional Services, (c) obligations of Skyworks, including facilities and additional hardware and software to be provided, (d) fees and/or rates for the Additional Service, and (e) any other agreed upon terms. When the Account Managers of each Party have executed an Additional Services Order, it will become effective and will become subject to the terms and conditions of this Agreement. In the event of any conflict, ambiguity, or inconsistency between the terms of the Additional Services Order and the terms of this Agreement, the terms of the Additional Services Order will control, but only with respect to such Additional Services Order. 2. PROJECT SERVICES. If the Account Managers mutually agree that an Additional Service will be performed as a discrete Project, the following terms apply: a. The Project objectives and scope must be documented and accepted by Skyworks and Conexant in an Additional Services Order before commencement of the Project. The Additional Services Order shall also include a detailed list of deliverables for the Project, a detailed Project schedule and a Project budget. b. The Project will have a Project Manager or Co-Project Manager from Conexant and a customer contact from Skyworks. These positions must be established, and accepted, prior to the commencement of the Project. c. Conexant will follow its current project methodology (trinITy) for conducting its Projects. This methodology will be clearly stated and documented, and will be accepted by Skyworks and Conexant, prior to the commencement of the Project. d. In order to enable Conexant to successfully complete the Project, Skyworks may be required to complete certain tasks and/or provide Conexant with cooperation and assistance, as may be reasonable under the scope of the Project. Skyworks acknowledges that its failure to perform its obligations under the scope of the Project could result in delays on the part of Conexant in completing the Project on schedule and under budget. Accordingly, Conexant shall be excused from performing its obligations to the extent Conexant's performance is prevented or hindered by Skyworks' nonperformance, and Skyworks agrees that Conexant shall be entitled to E-1 extension of time to complete the affected services and, if applicable, an adjustment of the applicable fee. e. Conexant and Skyworks will hold periodic management reviews to track the progress of the Project. The duration and frequency of these reviews will be established prior to the commencement of each Project. f. Conexant will invoice Skyworks according to the payment terms established in Section 7 of the Agreement g. The Parties shall set forth and allocate responsibility for all other expenses that are reasonably likely to be incurred in connection with any Additional Services, including Taxes, in the Additional Service Order. 3. ADJUSTMENTS TO BASE SERVICES. If any Additional Services affect the scope of the Base Services, the Account Managers shall mutually agree to revise the Base Services as they deem appropriate to reflect such change. If the Base Services are revised, the Account Managers may also mutually agree to corresponding adjustments of the Service Levels and charges to reflect such revisions, subject to the approval of each Party's Chief Information Officer. E-2 ATTACHMENT F REIMBURSABLE EXPENSES The following expenses, including any related Taxes, duties or customs, if incurred by Conexant for Supported Washington Personnel in connection with providing the IT Services, will be reimbursed by Skyworks. Conexant will not incur any new costs with respect to the following items except upon Skyworks' approval, except that the Parties agree that if any service charges detailed in (#3 - #7) below are incurred from devices or Skyworks personnel previously approved by WCD management will not require additional approvals. Any access service charges and other expenses incurred prior to the Merger and which have been incurred in the ordinary course of business with respect to the IT Services shall be deemed to have been approved. 1. Cost of desktop, laptop computers (PCs), printers and peripherals. 2. Cost of Software. 3. Cost of cell phones and monthly service cost from third parties. 4. Cost of pagers and monthly service cost from third parties. 5. Access charges for remote access/SOHO and monthly service cost from third parties. 6. Access and airtime for audio and video conferences. 7. Cost of long distance phone services. 8. Travel and travel related expenses when travel is incurred at Skywork's request, as long as the travel is within Conexant's then current travel policies. 9. Shipping and handling related expenses in the event such expenses exceed $100 with respect to any shipment. 10. Minor purchases of tools, equipment or services by Conexant as long as such tools, equipment or services are reasonably required to perform the IT Services. F-1 ATTACHMENT G CONEXANT POLICIES CONEXANT INFORMATION TECHNOLOGY SECURITY POLICY RESPONSIBILITY Conexant Information Technology organization (IT) has the ultimate responsibility for the development and implementation of the Conexant Information Technology Architecture. IT is responsible for providing leadership and coordination for IT Architecture development and related initiatives. ACCOUNTABILITY IT is responsible for ensuring that adequate controls are established and observed for all information resources of their respective businesses. Conexant shall appoint an Information Security Officer who shall act under the direction of the functional IT executive and the corporate Chief Information Security Officer to coordinate and oversee security issues at the business. Each business shall review its system and information security on at least an annual basis to determine the adequacy of the location's internal controls and compliance with this policy. Additional baseline controls may be established as needed at individual businesses through local attachments to the Conexant Information Security Baseline. Local attachments to this baseline may not detract from original baseline content, but may expand upon specific areas of concern. All information: security baselines, including local business attachments, must be approved by the Computer Security Committee. An effective segregation of responsibility shall be implemented to ensure that no individual has conflicting duties that would jeopardize their ability to protect computing resources. CONEXANT SHALL TAKE ADEQUATE MEASURES TO ENSURE AWARENESS AND COMPLIANCE TO THIS POLICY AND ITS SUPPORTING BASELINES BY EMPLOYEES AT EVERY LEVEL OF THE ORGANIZATION. VIOLATIONS OF THIS POLICY CAN RESULT IN DISCIPLINARY ACTION BY THE COMPANY UP TO AND INCLUDING EMPLOYEE TERMINATION. G-1 DEFINITIONS PURPOSE The purpose of this section is to define specific terms and concepts as they relate to this Conexant Corporate Computer Security Policy. LOCATIONS AFFECTED All locations of the Corporation, including subsidiaries. ACQUISITION OF PROTECTED COMPUTER SOFTWARE - The obtaining of a copy and a limited right to use protected computer software from a supplier or another party under a purchase, lease, license, gift, bailment, or proprietary agreement. The right to use may be for internal use by the Corporation, incorporation in products sold to a customer, or delivery to a customer. AUTHENTICATION TOKEN DEVICE - Portable device that employs one-time password technology to authenticate a user. Authentication tokens operate by time-based code sequences (synchronous), challenge-response (asynchronous) or other techniques. Authentication token devices are assigned to authorized users and are used as one of two factors in strong authentication. When used in conjunction with a Personal Identification Number or password, authentication token devices provide strong authentication. AUTHORIZING AGREEMENT - A written agreement which contains conditions governing the copying, disclosure, and use of protected computer software. The authorizing agreement may either be expressly negotiated with an owner or authorized licensor of protected computer software or a form agreement that accompanies packaged software. BUSINESS CRITICAL COMPUTING RESOURCES - Those Conexant computing resources that are vital to the ongoing operation of Conexant business, and maintaining its competitive position within the industry. Those computing resources required to run business critical systems. BUSINESS CRITICAL SYSTEMS - Those systems that are vital to the ongoing operation of Conexant business, and maintaining its competitive position within the industry. CHANGE CONTROL - A process whereby all organizations directly affected by a proposed change to systems or software, collectively collaborate and assess the readiness of the change and the timing of its implementation. COMPANY PROPRIETARY INFORMATION - Information applicable to the business, personnel, financial and legal affairs, including intellectual property of the Corporation which is generated by, or on behalf of, the Corporation and which is, by reason of its sensitivity, to have limited dissemination. As well as information applicable to research, development, and production technology which is generated by, or on behalf of, the Corporation and which is useful to the Corporation and would adversely affect the Corporation's interest if not properly protected. It may or may not be in documentary form and includes computer software programs, program descriptions and supporting materials and databases. COMPUTER PROGRAM - A set of instructions capable, when incorporated in a machine-readable form, of causing a machine having information-processing capabilities to indicate, perform or achieve a particular function, task or result. COMPUTER SECURITY COMMITTEE CONEXANT COMPUTING RESOURCES - Computer hardware, software, networks, and other assets related to any of the following: computer-based information technology, computer installations, and related communications systems. CONFIGURATION CONTROL - The process which documents how related hardware, system, or software components are changed. G-2 DATA SECURITY The protection of data against loss, modification, or unauthorized disclosure during its input, storage, transmission, or processing by an information technology- based system, DERIVATIVE SOFTWARE - A change, modification, or enhancement to protected computer software. DYNAMIC PASSWORD - A one-time password mechanism where the password is automatically changed by the system. It is generally used in conjunction with authentication token devices that generate random passwords than can be matched by the host verification system. EXECUTIVE COUNCIL (EC): Team consisting of the CEO and the company's senior vice presidents (and or other members) as approved by the Board of Directors. EXTERNAL ROUTER - A router that filters network traffic to the perimeter networks from the Internet or other untrusted network. Also referred to as a screening router. EXTRANET - Dedicated network connections between Conexant and non Conexant locations or Conexant partners. The Conexant network may, with due diligence, be extended into non- Conexant facilities, but may not be connected to that facilities network unless firewalls are utilized. FIREWALL - An integrated configuration of filtering, encrypting and logging devices, and/or secure application gateways, and proxies that are positioned between networks. GATEWAY - A dedicated server that interconnects two different services or applications (e.g., a gateway for internal and external e-mail service connections). GUEST USER ACCOUNT - A LogonID and password which is not issued to a person, but rather established for casual or convenient access to a systems. Establishing such accounts shall be prohibited. INFORMATION SECURITY ADMINISTRATION OF SENSITIVE TASKS - The administration of those tasks which oversee access of external, un-trusted systems or networks to internal, trusted Conexant systems or networks. This would include but not be limited to the principal information security officer of a business, firewall administrators, hosts systems security administrators, router administrators, authentication server administrators, and so forth. INFORMATION TECHNOLOGY ARCHITECTURE - A "blueprint" for the deployment of IT Resources that establishes standards and guidelines and defines the minimum criteria and infrastructure required for interoperability between locations on the Conexant network. INFORMATION TECHNOLOGY RESOURCE - Refers to any resource that contributes to the provision of digital electronic and telecommunication services to Company locations. This includes all Company-owned or leased computer hardware, including workstations and personal computers, software, networks, and other assets related to any of the following: computer-based information technology, computer installations, and related communications systems. For the purpose of this policy, Information Technology Resource also refers to the staff and intellectual property associated with the support and operation of these systems. LOGON-ID: Unique user identification for log on. NON-CONEXANT USERS - People (i.e., contractors, business partners, and suppliers) who are not employees of Conexant, yet are authorized to use Conexant computing resources. ONE-TIME PASSWORD - A password that can be used only one time with an associated LogonID. One-time passwords are changed immediately after they have been used to gain access to the system. PERIMETER NETWORKS -Subnets that are established on Conexant networks that use internal screening routers and firewalls are configured to permit traffic between networks. PHYSICAL SECURITY - The protection of hardware, facilities, and utilities used in data processing operations against damage, destruction, or misuse. It also encompasses the protection of information in hard copy form against loss or unauthorized disclosure during its production, distribution, and use. PRODUCTIONS DATA FILES - All data files used by Production Programs. G-3 PRODUCTION PROGRAMS - All software programs, including operating systems, utilities and application programs which are either (I) executed on a routine basis, or (ii) provide information to comply with contract requirements, manage corporate assets, or support business or operational decision making. PROGRAM DESCRIPTION - A complete procedural representation in verbal, schematic, or other form, in sufficient detail to define a set of instructions making up a computer program. PROTECTED COMPUTER SOFTWARE - The materials, whether in human or machine-readable forms, referred to in the definitions of Computer Program, Program Description, and Supporting Material, which are identified to be the proprietary or copyrighted information of a party other than the Corporation. SECURED FAX MACHINES - Those fax machines, which encrypt the faxes that are sent through them. SENSITIVE INFORMATION - Information existing in any electronic form (i.e., stored file, email message, data transmission, fax, etc.) that Conexant would not want to be made generally available to the public due to propriety, confidentially or competitive reasons. SOHO - Small Office/Home Office (high-speed connection, i.e. DSL; cable modem). STATIC PASSWORD - A password that can be used repeatedly with an associated LogonID. Static passwords generally expire after pre-established timeframes (e.g., 30, 60, 90 days). STRONG AUTHENTICATION - Generally referred to as a two-factor verification process used to positively authenticate the identity of a user attempting to gain access to a system. The first factor is something you possess (i.e., authentication token, finger print, retinal vascular pattern, encryption keys) and the second factor is something only you would know (i.e., Personal Identification Number (PIN) or password). These two factors used together constitute strong authentication. TRUSTED NETWORK - is a network that is owned or controlled by Conexant that is protected from non-authorized entry or use by non-Conexant personnel. Sometimes referred to as an internal network'. UNAUTHORIZED ACCESS - Use of a company computing resource by people who have not been given legal access by Conexant management or administrators in accordance with established security procedures, baselines, and policies. UNSECURED FAX MACHINES - Those fax machines, which do not encrypt the faxes that are sent through them. UN-TRUSTED NETWORK - is any network that is not administered or overseen by Conexant personnel. This would include the Internet, Conexant's supplier networks, customers' networks, and Conexant's partners' networks. Even a Conexant private network is deemed "un-trusted" if unauthorized access is allowed through dialup, IPX, DECNET, AppleTalk, etc. on any nonisolated segment of the divisional network. Obviously, not all un-trusted networks are equally dangerous. The Internet is the least trusted of all networks, and requires the most stringent security precautions. VIRTUAL PRIVATE NETWORK (VPN) - required when a Conexant office or employee is utilizing the Internet to communicate with the Conexant Intranet. A VPN will encrypt the data as it traverses the Internet to provide security. Authentication is required when using client VPN's for SOHO and Remote Access. IP Security Protocol (IPSEC) is the preferred solution for deploying client VPN's and the required solution when deploying LAN to LAN VPN's. G-4 ACQUISITION, DISSEMINATION, AND USE OF COMPUTER SOFTWARE OWNED BY ANOTHER PURPOSE The Corporation respects the copyright and proprietary information rights of others in protected computer software. To protect the Corporation from claims of infringement based upon those rights, the acquisition by the Corporation of rights in protected computer software and the copying, disclosure, or use of protected computer software by the Corporation will be in accordance with this Policy. GENERAL 1. The EC shall be responsible for authorizing the acquisition of protected computer software and shall be responsible for ensuring that it is acquired, safeguarded, and used in accordance with the applicable software agreement. 2. Protected computer software acquired pursuant to, or accompanied by, an authorizing agreement may only be copied, disclosed, or used as permitted by the authorizing agreement. 3. Protected computer software marked only with a copyright notice and not acquired pursuant to, or accompanied by, an authorizing agreement may only be copied for backup purposes, but the acquired copy may be used for any Corporation business purpose which does not involve making other than the backup copy. 4. Protected computer software marked with both proprietary and copyright markings or only proprietary markings may only be copied, disclosed, or used as permitted by the authorizing agreement and must have the written approval of the material owner before being allowed on Company computing resources. 5. Copying of protected computer software in, or its use as an integral part of, the products sold by the Corporation, or delivery of copies to a customer or another party must be expressly licensed by the authorizing agreement. Procedures required in this regard by the authorizing agreement must be followed. 6. A legend identifying protected computer software as proprietary to, or copyrighted by, another shall not be changed, removed or obliterated except with the prior written advice of the cognizant Patent Counsel. 7. An authorized copy, or portion thereof, of protected computer software shall be reproduced with the proprietary or copyright notice displayed in the same manner as the original or as otherwise required by the authorizing agreement. 8. Removal in any manner from Corporation premises of protected computer software may only be with the approval of the EC. 9. The generation of derivative software is not permitted unless authorized pursuant to the authorizing agreement. Where so authorized and unless otherwise provided by the authorizing agreement, that portion of the derivative software, which is unmodified, shall continue to be treated as protected computer software. The derivative software shall be treated as Corporation sensitive information under section Safeguarding Company Sensitive Information, or as otherwise required by the authorizing agreement. G-5 10. The supervisor of a terminating or transferring employee having access to protected computer software shall require the employee to promptly turn over to the supervisor any protected computer software and copies thereof that he or she has in his or her possession or control and certify in writing that it has been done. 11. Computer software which is generated within, or on behalf of, the Corporation, or to which all rights have been acquired by the Corporation, may be subject to the requirements of section Safeguarding Company Sensitive Information. G-6 - - GENERAL Protection adequate to ensure confidentiality, integrity and availability of information contained in information technology-based systems will be provided through management focus and action. Access will be restricted to those individuals having appropriate authorization. The following fundamental controls will be established: - There will be no unrestricted access to production programs and production data files. - There will be access controls to ensure against unauthorized use of production programs. - There will be physical procedural controls to ensure against unauthorized access to computing facilities. Physical and data security is the responsibility of the senior line executive of each operating location, who will designate one or more individuals as Information Systems Security Officers (ISSOs) to assume the responsibility for implementing and monitoring compliance with Corporate and location information security procedures and guidelines. The Vice President & General Manager - Conexant Information Systems will: - Provide Corporate - wide management direction and integration of information of information security as the focal point for planning, organizing, coordinating, directing and controlling this function for the benefit of all using organizations. - Review the development of major information technology-based systems undertaken by the Corporation to assure adherence to appropriate systems security considerations. - Operate a company wide program for maintaining information security. - Coordinate with company user organizations in the development of detailed procedures and guidelines for the achievement and maintenance of information security. G-7 TO BE REVIEWED BY HR/LEGAL DEPTS SAFEGUARDING COMPANY SENSITIVE INFORMATION PURPOSE Company Sensitive Information is a valuable asset of the Corporation and will be protected and used only to promote Corporation interests. The courts have generally provided protection for Company Sensitive Information, such as formulas, patterns, devices, or compilations of scientific, technical or commercial information (including computer programs and databases), provided the owner has taken reasonable precautions to maintain it as confidential and such information gives the owner a competitive advantage over others who do not know it. GENERAL The identification, availability and dissemination of Company Sensitive Information shall be governed by the following principles: a. Proprietary Information shall be prominently marked with the legend "Conexant Proprietary Information." Company Official Information shall be prominently marked with the legend "Company Official (Not to be disclosed to unauthorized persons)." Exceptions to these requirements are specified in paragraph c., below. b. The employee who originates Company Sensitive Information and the employee's supervisor are responsible for ensuring that such information is properly marked upon its origination and is safeguarded in accordance with this Policy. c. Company Sensitive Information otherwise requiring markings in accordance with this Policy need not be so marked when the EC (or a direct report to whom such authority has been expressly delegated) determines that it is not practicable or necessary to mark it, that it is for internal use only, and that all the following precautions are in effect and are reasonable to protect unmarked Company Sensitive Information: 1. Access thereto is restricted to a limited number of employees having a "need to know" in order to carry out their duties; 2. Those employees allowed access thereto are made aware of its sensitive nature; and 3. Procedures have been established to prevent the release thereof outside the Corporation unless it is appropriately marked before release. d. The release, either written or oral, of Company Sensitive Information to persons, firms or organizations outside the Corporation is authorized only: 1. If it is appropriately marked and a confidentiality agreement has been entered into between the recipient and the Corporation; 2. If required by a final order, no longer subject of stay or appeal, of a court of law of competent jurisdiction. 3. If furnished to the United States Government as material exempt from disclosure under the Freedom of Information Act. 4. Upon approval of the EC (or a direct report to whom such authority has been expressly delegated). G-8 e. Company Sensitive Information shall always be kept from "open view" by unauthorized persons and shall be handled, transmitted and stored in a manner consistent with its importance. f. Employees having access to Company Sensitive Information who are terminating or transferring shall be interviewed as to their responsibilities with respect to Company Sensitive Information. Interview guidelines or procedures shall be established in business units, with the advice and assistance of the Office of the General Counsel. The terminating or transferring employee shall be alerted to the legal consequences of (i) using or disclosing Company Sensitive Information for any purpose not expressly authorized by the Company, with the advice and assistance of the Office of the General Counsel, and (ii) retaining or using any correspondence, notes, depictions, models, data, experimental results or any other manifestation of Company Sensitive Information. g. The supervisor of a terminating or transferring employee having access to Company Sensitive Information shall require the employee to deliver promptly to the supervisor all materials, including documents and software which may contain Company Sensitive Information, and to acknowledge in writing that all such materials so required to be delivered have been delivered. UNAUTHORIZED RELEASE Any employee having knowledge of any unauthorized disclosure or removal of Company Sensitive Information will promptly inform his or her immediate supervisor and the Office of the General Counsel. G-9 USE AND MONITORING OF COMPUTING RESOURCES PURPOSE This policy provides guidance to employees on the proper use of the Company's Computing Resources, including use of the Internet and electronic mail. It is not intended to cover every imaginable situation that could arise concerning the use of such resources. When in doubt as to the proper use of Computing Resources, employees should ask their managers or, if appropriate, Human Resources. CONTENTS: - - POLICY A. PERSONAL USE B. SECURITY C. INTERNET D. ELECTRONIC MAIL E. MONITORING F. OWNERSHIP OF DATA G. RESPONSIBILITIES POLICY Computing Resources will continue to play an important part in the Company's ongoing success. While this policy directs Company managers to use their discretion in making responsible decisions concerning appropriate use of the resources they manage, it is grounded in the fundamental trust that all employees behave responsibly and use good judgment when using these resources. Although the Company intends that these resources be used for business purposes, occasional personal use may occur without adversely affecting the Company's interests. Employees are expected to exercise good judgment in using Computing Resources. Managers are responsible for the Computing Resources assigned to their respective organizations and are empowered to resolve issues concerning their proper use under the guidance of local information technology personnel. Use of Computing Resources for non-Company purposes is appropriate only when consistent with this Policy. Any personal use of Computing Resources must not result in significant added costs, disruption of business processes, or any other disadvantage to the Company. Employees can unknowingly compromise the security and integrity of Company information and Computing Resources through the improper use of such resources. Employees are accountable for their use of Computing Resources and must ensure that they are familiar with and abide by relevant security restrictions and information technology policies of the Company. A. PERSONAL USE Computing Resources are provided for the conduct of Company business. However, personal use by employees, including use of the Internet and electronic mail, may occur within the following guidelines: - It is of reasonable duration and frequency; - It does not interfere with Company business, an employee's or co-worker's performance or assigned duties, or the performance of the employee's organization; - It does not cause the Company to incur additional costs; - It is not related to any illegal activity or the conduct of an outside business; - It would not cause embarrassment to the Company. G-10 Issues concerning appropriate personal use of Computing Resources within a particular business or work group are to be resolved by the management of that organization in conjunction with Human Resources B. SECURITY All employees are responsible for ensuring that: - Computing Resources remain on Company property, unless use in another location has been authorized by local management; - Measures are taken to protect Company sensitive and/or proprietary information resident on Computing Resources from unauthorized access, use or removal. - Personal use of Computing Resources, including the downloading of software or other use of the Internet, does not compromise the security or integrity of Company information or software. C. INTERNET 1. Transmitting Data The Internet is a public network; users cannot expect that data transmitted over the Internet will be kept private. Company sensitive and/or proprietary information must not be transmitted over the Internet unless it is first encrypted. Employees should keep in mind that all messages transmitted over the Internet from Computing Resources bear a Company address and may be attributed to the Company. 2. Downloading Software Use of software obtained from the Internet or other on-line sources may expose the Company to significant legal liability, unless the user takes measures to ensure that the vendor has good title, and pertinent licensing provisions permit the user's intended use. Downloading of such software may also compromise the security and integrity of Computing Resources. For these reasons, employees may download or use software derived from the Internet or other on-line sources only in accordance with guidelines established by management and approved by Information Technology. If there is any question as to the propriety of such downloading or use, employees should seek prior approval of management. In no event, may such software be incorporated, either directly or in derivative form, in a product of or provision of service by the Company, unless the Company has first entered into a written license agreement with the software vendor pursuant to Corporate Policy. D. ELECTRONIC MAIL E-mail messages are stored on the sender's and recipient's local hard drives and/or mail servers and may be recorded on back-up tapes by the Company. In order to reduce the unnecessary proliferation of e-mail, employees should limit their dissemination of e-mail to those persons who have a need to know and should delete e-mail messages as soon as practicable after receipt. Local information systems personnel shall ensure that back-up tapes made by the Company of e-mail system repositories on Company networks are retained for no more than seven days. E. MONITORING The Company reserves the right to monitor any use of Computing Resources, whether business or personal, and to inspect, copy or delete any message or file transmitted, received or stored G-11 on Computing Resources, at any time with or without notice to users. Computer Security shall coordinate and approve all such monitoring requests. F. OWNERSHIP OF DATA All data, which is generated by means of Computing Resources for business purposes, is the property of the Company and may be used by the Company without limitation. Data may not be copyrighted, patented, leased or sold by individuals or otherwise used for personal gain. G-12 INFORMATION AND COMMUNICATIONS SECURITY PURPOSE The purpose of this policy is to ensure that the Corporation's computing resources and associated information are adequately protected by establishing mandatory internal controls. CONTENTS A. SCOPE B. PHYSICAL SECURITY C. INFORMATION SECURITY D. NETWORK SECURITY E. DISASTER RECOVERY AND BUSINESS RESUMPTION AND PROBLEM ESCALATION POLICY It is the policy of the Corporation that adequate protection be provided to ensure confidentiality, integrity, and availability of the company's computing resources and related information. A. SCOPE Controls specified in this policy are applicable to all computing resources owned or operated in behalf of all locations and subsidiaries of Conexant to process, store, and/or transmit information, wherein: - There is a risk that Company assets could be misappropriated; - There is a risk that privacy legislation could be violated; - The loss of such a system or related data could impair the ongoing operations of the company. All persons employed by the company are required to adhere to the principles set forth in this section. Company computing resources shall be implemented so as to safeguard Company Sensitive and/or proprietary Information. B. PHYSICAL SECURITY In order to limit accidental or intentional damage to company computing resources and information, physical access to computing resources shall be controlled and environmental precautions provided. In the least, password protected screen savers will be utilized in the period of no more than ten (10) minutes. System components; such as file servers, gateways, bridges, system consoles, concentrators, wiring cabinets, etc. shall be located in secured areas. Uninterruptible power sources and surge suppressers shall be provided for critical systems to provide for their protection and for the protection of the information they contain. Use of diagnostic probe equipment (software and hardware) such as protocol analyzers and sniffers is restricted to authorized personnel only. C. INFORMATION SECURITY User identification and authentication access controls are required by each person using company resources to ensure that only authorized persons can use appropriate company computer resources. Access shall be controlled by unique log-on ID's to identify users to the system, and user authentication mechanisms (minimum of a password), which verify that users are who they say they are. Management of authentication and password strength shall be adequate to protect information resources of the systems being accessed. All system installations and subsequent changes to multi-user or critical (non-personal) computing systems or files may be performed only by authorized personnel. Changes to such equipment, data, and software shall be processed through established change control procedures. G-13 Computing resources accessible from non-company locations shall provide for logs and audit trails to detect and report unauthorized access attempts. Such logs and reports shall be preserved for an appropriate time period (minimum of fourteen (14) days) during which they shall be protected from unauthorized access. Logs of systems that are particularly critical or sensitive (such as firewall systems) shall be reviewed on a regular basis. Portable computers used outside of company facilities shall be equipped with access protection mechanism in the form of bios password to prevent access to the system's data or software by unauthorized persons in the event that it is lost or stolen. Conexant shall take adequate measures to protect against the introduction and use of harmful or malicious software on there computing resources. All implementations of encryption within the company shall utilize encryption key recovery schemes to ensure company access to data resident on the system in the event that the holders of the encryption keys become unavailable. D. NETWORK SECURITY All company locations shall take adequate measures to prevent unauthorized network and dial-in access to company computing resources. Internal, trusted company network resources shall be segregated and protected from intrusion from external, untrusted networks. Access of internal, trusted computing resources from non-company, untrusted computing resources must be strongly authenticated. No system information shall be provided before users authenticate (e.g., supply a password). While logging into a company network, users shall receive a warning notice that the system is available only to authorized users and that the company reserves the right to monitor activities of all users who log on. E.DISASTER RECOVERY, BUSINESS RESUMPTION AND PROBLEM ESCALATION All company locations shall establish a disaster recovery and business resumption plan for their computing resources and they shall test those plans on a regular basis. The plans shall provide for the timely recovery of business-critical data generated on company computing resources. The plan shall provide for equipping the business with alternate or backup critical computing resources in the event that existing equipment becomes unavailable or unusable. Each business shall establish problem escalation plans to be executed in the event of security incidents. Serious incidents which compromise company sensitive information or the security of internal trusted networks should be reported to the business unit Corporate Chief Security Information Director. G-14 CONEXANT INFORMATION SECURITY BASELINE TABLE OF CONTENTS - PURPOSE - SCOPE - AUTHORIZATIONS, AGREEMENTS AND CONTRACTS - AUDITS, REVIEWS AND RISK ASSESSMENTS - SECURITY ADMINISTRATION - PHYSICAL SECURITY - NETWORK/COMMUNICATIONS SECURITY - USER IDENTIFICATION AND AUTHORIZATION - COMPUTER AND NETWORK SYSTEM SECURITY - ENGINEERING LABS - SECURITY AUDIT LOGS AND MONITORING - PROTECTION FROM MALICIOUS SOFTWARE - BUSINESS SYSTEMS DEVELOPMENT AND ACQUISITION - OPERATIONS - DISASTER RECOVERY AND BUSINESS CONTINUITY For comments and information contact Milena Hlavaty (VPN 483-6209). PURPOSE The purpose of this security baseline is to establish specific guidance to protect Conexant's networks, computers, workstations, file servers, and the information stored on them from unauthorized access, malicious action or inadvertent disclosures. This baseline establishes the fundamental mandatory controls and procedural considerations that are necessary to achieve compliance with Computer Security IT policy. SCOPE This Information Security Baseline addresses all configurations of one or more networked microcomputers and/or workstations. It includes the utilization of remote and local desktop, laptop, or notebook computers, host computers, communication servers, remote network switches, file application servers, routers, network communication lines, remote access devices, interconnected local area networks (LANs) or wide area networks (WANs) which are used to transmit, store or process information that is sensitive or critical to Conexant. At the same time, this baseline is not intended to be an exhaustive list of Information security imperatives and recommendations, but rather a minimum requirement. In those instances when exceptions to this baseline arise, they shall be documented and approved in a deviation process to be reviewed annually by the Corporate Chief Security G-15 Information Director. Records of the exceptions/deviations from this baseline shall be stored appropriately during the period of the deviation for one year. The security measures documented in this baseline shall be applied in a manner that is consistent with the level of sensitivity of the information to Conexant. The degree to which internal controls are established will vary according to management's assessment of Conexant's potential exposure to theft, destruction, alteration, or misuse of Conexant computing resources. In that regard, the directives specified in this baseline are in the form of: 1. "shall" statements - which are "control" requirements that must be adhered to by every Conexant location. AUTHORIZATIONS, AGREEMENTS AND CONTRACTS To best assure that the key hardware, software and service elements that make up Conexant's information security infrastructure are compatible with the guidelines identified in this baseline, contractual provisions need to be included in the selection and acquisition of these elements. Likewise, all services provided by contract laborers shall be governed by contract language that specifies the appropriate use of Conexant's computing resources and the consequences of misuse. 1. Contractual provisions and compliance procedures with vendors shall be established regarding the security aspects of their products and services as applicable. 2. Service agreements shall include ownership, confidentiality, and nondisclosure statements. 3. Formal contractual provisions with contractors shall be established to ensure compliance with enterprise security policies and standards. 4. All information technology users shall be required to read and acknowledge the information security policies and responsibilities. 5. The appropriate hiring organization shall be responsible for enforcing the above statements. G-16 AUDITS, REVIEWS AND RISK ASSESSMENTS In order for security measures to be effective, periodic reviews need to be performed to: a) identify deficiencies of any implemented security measures, b) identify discrepancies between documented directives and implemented security measures, c) assess potential risks of exposure to the business and the corporation, and d) develop corrective actions. 1. Conexant shall perform annual (minimum period) self-assessments of information security practices and mechanisms employing qualitative and quantitative measurements. 2. Conexant shall develop a plan of corrective actions to address discrepancies and deficiencies discovered by security reviews and audits. 3. Reports of security discrepancies, deficiencies and corrective actions shall be submitted to Conexant's CIO and the Corporate Chief Security Information Director. 4. Conexant shall retain records of all IT audit reports and associated documentation for a period of five years. SECURITY ADMINISTRATION In order for information security measures to be applied effectively across Conexant, each organization with system administration responsibilities shall establish accountability for the administration of appropriate security mechanisms. They shall also establish communication channels the Corporate Chief Security Information Director 1. Information Security efforts for each Conexant location shall be overseen and coordinated by the business unit's primary information security officer, who will act under the direction of the business's IT Executive and the corporate Chief Information Security Officer. 2. A problem escalation procedure shall be established and maintained that addresses attacks on Conexant's business critical computing resources (e.g. network attacks or intrusions, virus infestations, malicious behavior and natural disaster). 3. In the event encryption keys get lost or become otherwise unavailable, businesses shall establish "Key" recovery procedures to aid in the recovery of encrypted sensitive or critical Conexant data. PHYSICAL SECURITY In order to limit accidental or intentional damage resulting from unauthorized use or access, or prevent damage resulting from a natural disaster - physical access to critical computing resources will be controlled, and effective environmental precautions established. 1. Critical computing resources, such as file servers, remote access hardware, gateways, bridges, routers, switches, and their consoles, etc. shall be secured using physical security devices, and/or placement in controlled access areas. 2. Critical networked systems shall be documented to include the inventory and logical location of network components, the LAN operating system including version, release, and maintenance levels. 3. All wiring cabinets shall be physically secured to prevent access by unauthorized individuals. G-17 4. Guidelines for the use and control of backup media shall be developed for those occasions when that media is outside company facilities or the company's direct control. 5. Removable media containing sensitive or critical information shall be secured when not in use (e.g., using locked containers or cabinets). 6. Surge suppressers or voltage regulators and uninterruptible power sources shall be used to protect business critical computing resources (hardware components) against power fluctuations and against the loss of data due to power interruptions. 7. Shutdown and recovery procedures shall be established for business critical computing resources. 8. Business critical computing resources shall be located in facilities equipped with heat/smoke/water detection and fire protection/suppression mechanisms. 9. Business critical computing resources shall be adequately protected from moisture, falling debris and toppling over, in those areas susceptible to natural disturbances such as earthquakes, tornadoes, hurricanes, floods and blizzards. NETWORK/COMMUNICATIONS SECURITY 1. The use of system attack, probing, or sniffing tools such as (but not limited to) port scanning software, network sniffers, password sniffers, etc. is prohibited except where authorized individuals are allowed by the Corporate Chief Security Information Director to use them in the performance of their job responsibilities. 2. Access to critical network components shall be limited to specifically designated personnel in accordance with their job responsibilities. 3. Logon to Conexant systems and networks from non-Conexant computing locations shall be required to use strong authentication. 4. Administration of network devices via remote access shall require strong authentication where feasible or modem enforcing log on ID and password. 5. Warning banners with proprietary and monitoring notices shall be displayed at login time for a reasonable amount of time of no less than eight seconds or until acknowledged by the user. 6. Firewalls, segmentation, and routing controls shall be used to protect against connections to untrusted networks. 7. A system of formal approval and record keeping shall be used for the assignment of communication lines for modems and fax machines. 8. Authorized communication servers and/or modem pools shall be used to enable remote user dial-in connections. In bound dial in on modem connections are not allowed on individual user PC or workstations. 9. Sensitive information shall be encrypted prior to transmission over external or untrusted networks. G-18 10. Network operating systems that support business critical systems shall be kept current (vendor supported) to the extent that it is operationally feasible. 11. E-mail delivered to systems within Conexant's trusted networks may not be automatically forwarded across untrusted networks or to systems residing on untrusted networks. 12. Unauthorized connection of an operating system to the network that allows admin/root privileges to the network shall be denied access. USER IDENTIFICATION AND AUTHENTICATION System access controls are required in order to ensure that only authorized individuals use the system resources necessary to perform their job duties. Access is controlled by a secure LogonID. 1. Unique user identifications (LogonIDs) shall be established for each individual user and for automated processes (such as a time-scheduled job or daemon acting on behalf of users) that utilize Conexant computing resources. 2. The shared use of LogonIDs to systems and applications is prohibited except in cases which are specifically approved by the principal business information security officer. 3. Users of Conexant computing resources shall be registered and assigned a unique LogonID and an obscure, temporary password that is a minimum of six characters. Network and/or Operating System security mechanisms shall be implemented which require users of new LogonIDs to change their password when logging on to Conexant computing resources for the first time where technically feasible. 4. Each user's identity shall be authenticated by the system in a manner consistent with the protection requirements set forth in this baseline. For remote access, this means that users shall use strong authentication. For Local access, users may use static passwords. 5. Static passwords, when used, are for local authentication and shall be a minimum of 6 characters in length 6. Guest user accounts shall not be permitted. 7. Password files shall be protected with appropriate access controls and stored only in encrypted format. 8. A network session shall be terminated and a new network session will be initiated after a specified number of unsuccessful logon attempts (not to exceed 10). After a maximum of 10 unsuccessful logon attempts within a 60 minute period, the system shall force an automatic session termination, whereby the LogonID will be suspended. A log file of unsuccessful logon attempts will be maintained and reviewed daily. 9. Information regarding limits and actions taken on unsuccessful log-on attempts shall not be provided to users attempting to log on to Conexant computing resources. 10. An authentication token device shall only be assigned to and used by a single user. Authentication token devices shall not be shared. G-19 11. The assignment of authentication token devices shall be recorded and maintained in a secure inventory system. 12. All users of authentication token devices shall return the devices upon a) termination of employment, or b) reassignment to functions not requiring token usage. 13. All LogonIDs of personnel who leave the employ of the company shall be disabled within 48 hours of termination. 14. Default system passwords, supplied by the vendors, shall be changed immediately after system installation. Default system user accounts, supplied by the vendors, shall be eliminated or disabled. 15. The use of LogonIDs by non-Conexant users shall be re-affirmed upon contract expiration. 16. LogonIDs shall be removed from all systems after 180 days of non-use. 17. Passwords shall not be echoed during the login process. 18. Passwords shall not be written down. 19. Access privileges for system and security administrators shall be reviewed at least annually to ensure the access is required and necessary. COMPUTER AND NETWORK SYSTEM SECURITY 1. The Information Security organization shall have oversight authority for how security and passwords are managed in privileged (admin/root) accounts on multi-user computing resources. 2. All installations and subsequent changes to critical or multi-user systems or network devices shall be performed only by authorized individuals. 3. Access and procedural controls shall be implemented to limit the use of network/computer utility software and diagnostic tools to trained support personnel, in accordance with their job responsibilities. 4. Change control procedures shall be established and implemented which govern all changes to Network and system configurations. 5. A warning banner shall be displayed prior to network login. The wording of the banner shall comply with the wording recommended by Corporate Legal Counsel, as follows: "This computer system is the property of Conexant. Unauthorized access and improper use is prohibited. Any activity on the system is subject to monitoring by the Company at any time. Anyone who uses the system consents to such monitoring and agrees that the Company may use the results of such monitoring without limitation." 6. Personal computers or desktops with modems shall not be connected to phone lines for inbound calls. 7. Sensitive information shall not be sent over unsecured fax machines. Communication servers or modem pools shall be used in lieu of individual workstation dial-up access ports. G-20 8. Dial-up access telephone numbers, authorization codes, LogonIDs, passwords, shall be protected from unauthorized disclosure. 9. Systems that are not physically secured and that are left logged in unattended in excess of ten minutes require workstation lockdown utilities or screen savers that incorporate passwords. Lock down utilities and secure screen savers shall be approved by local information security officers. 10. The Information Security organization shall directly oversee all systems that reside on the perimeter networks. ENGINEERING LABS 1. Labs with connections to untrusted networks or dial inbound remote access capability shall be protected by a firewall. SECURITY AUDIT LOGS AND MONITORING 1. Multi-user systems shall be equipped with security audit log features. 2. All significant security-relevant events, such as unsuccessful access attempts, shall be recorded on security audit logs. 3. Audit trails, obtained from a security audit log records, shall identify source/location of unauthorized attempts, LogonID, date/time of event, and target system or requested service where feasible. 4. Security audit log file information (especially violation reports) shall be reviewed on a daily basis. 5. Security audit log records shall be retained for at least 7 days. 6. Monitoring of systems, networks or applications may be performed only by personnel that have been duly authorized by the company. PROTECTION FROM MALICIOUS SOFTWARE 1. Virus-checking software shall be installed on all desktop and notebook PCs, as well as all file servers, network drives, and email servers where technically feasible. The anti-virus files used by virus-checking software shall be updated frequently. 2. Conexant shall establish well defined and publicized mechanisms for distributing, installing and maintaining virus-checking software across all the locations. 3. System administrators, vendors, service technicians, and users shall use virus-checking software to scan all software media and files prior to loading them onto Conexant computing resources where technically feasible. 4. Original application and operating system software media shall be write-protected (whenever possible) and stored in a secure manner. 5. Emergency response procedures, including setting up an emergency response team, shall be established for dealing with malicious software incidents. G-21 SYSTEMS DEVELOPMENT AND ACQUISITION 1. Software libraries shall be established for storing and securing all files associated with a business unit's application, systems and utility software. 2. Separate software libraries shall be established in support of the business unit's development, test and production environments. 3. Access controls, including activity logging, shall be established for the business unit's development, test and production software libraries, to ensure that only authorized personnel have access to the libraries and that they only have access to those components necessary to perform their job assignments. 4. Procedures shall be established to ensure that software changes are made in accordance with business requirements, and are satisfactorily tested prior to promoting them into production from development/test. 5. Procedures shall be established to ensure that all business system software configurations (how the technical components fit together) are adequately documented, and that software versions as well as source-code to executable-code continuity can be verified. 6. Change control procedures shall be established and implemented which govern all hardware, software and services changes to ensure they are properly authorized and documented, and that appropriate security controls are not compromised. 7. Security controls and mechanisms which are utilized by all applications and systems software shall be documented and maintained. OPERATIONS 1. Procedures shall be established to control the disposition of printed output that contains sensitive information. 2. Printed output containing sensitive information shall be marked with appropriate classification and proprietary notices. 3. Conexant data shall be backed up on a regular basis, depending upon the criticality of the data, the frequency of change, the utilization of raid and disk mirroring techniques and the probability of data loss or damage. 4. Critical system configuration and data files (those required to recover the operating system) shall be backed up - at least weekly. The frequency of backups will be affected by the frequency of systems changes and the availability of systems installation software on high-speed storage media (i.e., CDs or hard disks). 5. At least two generations of backup files for all critical business systems data shall be maintained at a secure storage location that is significantly removed from the data's primary location. 6. Email backup files, stored both on and off site, shall be retained for no more than 7 days. G-22 7. Sensitive data stored on workstation or file server hard drive(s) shall be erased or purged using complete erasure techniques prior to the transfer of ownership of the workstation or server, scrapping, or off-site maintenance. DISASTER RECOVERY AND BUSINESS CONTINUITY 1. Conexant shall develop disaster recovery and business continuation plans in accordance with corporate guidelines. 2. Disaster recovery and business continuation plans shall be documented and submitted to the EC. 3. Conexant shall test disaster recovery and business continuation plans on an annual basis. MERGERS AND ACQUISITIONS: - - Compliance with Conexant's IT Security Policy and IT Security Baseline shall be completed within a reasonable amount of time, not to exceed 90 days from the finalization of the acquisition. Acquired domain names shall remain active for the purposes of receiving email and web site access for a period not to exceed one year from the finalization of the acquisition. G-23 CONNECTIONS FROM/TO UNTRUSTED NETWORKS BASELINE TABLE OF CONTENTS 1.0 INTRODUCTION 2.0 PURPOSE 3.0 SCOPE 4.0 RELEVANT POLICIES, BASELINES AND REFERENCES 5.0 ACCOUNTABILITIES 6.0 FIREWALL ARCHITECTURE 6.1 FILTERING ROUTERS 6.2 PERIMETER NETWORKS 7.0 PROTOCOL CONTROLS 7.1 BGP 7.2 DNS 7.3 FINGER 7.4 FTP COMMAND 7.5 FTP DATA 7.6 HTTP 7.7 ICMP 7.8 LP 7.9 MICROSOFT SQL 7.10 MICROSOFT NETMEETING 7.11 NFS 7.12 NNTP 7.13 NTP 7.14 OPENWINDOWS 7.15 REALAUDIO 7.16 REXEC 7.17 RLOGIN 7.18 RSH 7.19 SMTP 7.20 SQL*NET 7.21 SSL FOR ENCRYPTED HTTP 7.22 TALK 7.23 TELNET 7.24 UNSPECIFIED IP PACKETS 7.25 UNSPECIFIED UDP PACKETS 7.26 X11 8.0 AUTHENTICATION 9.0 VIRTUAL PRIVATE NETWORK 10.0 INTERNET INFORMATION SERVERS 10.1 INFORMATION SERVER GUIDELINES 11.0 SCREENING OF MALICIOUS SOFTWARE 12.0 EXTERNAL SERVICE PROVIDERS 13.0 REQUESTS FOR WAIVERS AND BASELINE CHANGES For comments and information contact Milena Hlavaty (VPN 483-6209). G-24 1.0 INTRODUCTION The Internet is a global untrusted network that uses a common protocol, which connects devices and users around the world. The Internet is a public place and unprotected communications are not private, nor can their integrity and confidentiality be guaranteed. Conexant shall take all requisite steps to safeguard their trusted networks and adhere to the rules and guidelines set forth in this baseline. 2.0 PURPOSE The purpose of this baseline is to reduce to acceptable levels the risk entailed in connecting a trusted Conexant network to the Internet or other untrusted networks. This baseline sets the standards for securing connections between Conexant's internal trusted TCP/IP networks and external, untrusted networks, such as the Internet. This baseline prescribes specific security measures and requirements for network and system administration, and the configuration, operation and service use restrictions between untrusted networks and Conexant's trusted networks. All persons are responsible and accountable for complying with the network security safeguards established herein. 3.0 SCOPE The standards and guidelines set forth in this document apply to all connections that are made to the Internet or any other untrusted network from any Conexant location. 4.0 RELEVANT POLICIES, BASELINES, AND REFERENCES Information and Communications Security Conexant Information Security Baseline Safeguarding Company Sensitive Information Acquisition, Dissemination, and Use of Computer Software Owned by Another Use and Monitoring of Computing Resources 5.0 ACCOUNTABILITIES The safety and security of Conexant connection to untrusted networks is the responsibility of Conexant's CIO. Corporate Chief Security Information Director has oversight responsibilities for all information security activities at the business, including connections to untrusted networks. Network security violations of the safeguards described within this baseline must be brought to the immediate attention of the Corporate Chief Security Information Director. Requests for firewall changes must be reviewed and approved by corporate firewall administration to ensure compliance to this baseline. Probing, scanning, and other activities that may be considered hostile or event generating shall be performed only with the concurrence of corporate network security administration Breaches of Conexant network defenses from untrusted networks must be brought to the immediate attention of the Corporate Chief Security Information Director and the CIO. Unauthorized intrusions into Conexant's trusted networks shall be reviewed by the security incident review board who will inform the CIO. 6.0 FIREWALL ARCHITECTURE All Conexant connections to untrusted networks shall be secured with a firewall. Conexant firewalls shall be secured by utilizing industry best practices. Strict change control, implementation of strong authentication for remote administration, regular internal audits, adequate physical security, implementation testing, regular backups, and security incident response procedures are illustrative of industry best practices for firewall administration. To the extent feasible, firewall administrators shall maintain the most current version of firewall devices/software in order to take advantage of product and security enhancements. Internal, trusted subnets may only contain devices that utilize IP addresses assigned by the Global Support Group in IT. Conexant corporate shall act as the coordination point for documenting the RFC private addresses in use across the company. G-25 6.1 FILTERING ROUTERS An important component of the firewall is the filtering router placed between untrusted networks and the perimeter network. This router shields the perimeter network against dangerous or unwanted untrusted network traffic (see Figure 1 below). Such routers will be referred to hereafter in this document as 'external routers'. External routers shall be configured to only permit administrative telnet access from a specific, limited number of administrative hosts. Remote access by administrators to external routers shall require strong authentication. In those cases where external routers employ fixed or static password technology, that password file must be encrypted. 6.2 PERIMETER NETWORKS Perimeter networks logically reside between the company's external routers and firewalls. They are to be used to host computing resources that must directly interface with public (untrusted, non-Conexant) systems. Computing resources resident on perimeter networks must be "security hardened" by removal of all non-essential programs and services and by conscientious application of security patches and fixes on a regular basis. Access to trusted Conexant networks from a perimeter network may only be permitted via a firewall. There shall be a perimeter network at virtually every interface between Conexant's trusted networks and an untrusted network. 7.0 PROTOCOL CONTROLS Conexant businesses shall implement the controls presented in this section into their firewalls. Applicable gateway and external router controls for each protocol are presented. All services in the direction of from less secured networks to more secured networks which are not specifically permitted in the controls set forth below shall be denied at company firewalls. Documentation of a specific protocol in section 7 below (whether specifically denied or allowed) signifies that it has undergone scrutiny and has been dispositioned as stated. All traffic from the internal interface of the firewall shall be allowed to pass through the external router. 7.1 BGP Guidelines: From Internet to perimeter network: Allow through external router From perimeter network to Internet: Allow through external router From perimeter network to Internal: Secure at firewall From internal to perimeter network: Secure at firewall 7.2 DNS Protocol: UDP - TCP Server Port: 53 Client Port: >=1023 Guidelines: From Internet to perimeter network: Allow through external router Secure at firewall From perimeter network to Internet: Allow from external DNS servers From perimeter network to internal: Secure at firewall From internal to perimeter network: Allow through firewall G-26 Implementation guidelines: Zone transfers request will be permitted from known hosts. It is secured at the DNS servers. Conexant networks shall employ an external and internal DNS implementation. All Conexant entities with an Internet connection shall establish an external DNS on their perimeter network, and only those hosts and devices on Conexant's perimeter networks shall be visible outside the Conexant domain. The public shall not be directly given address information for Conexant's internal, trusted network resources. Internal DNS's shall be maintained that contain all of the hosts and devices on Conexant's internal trusted networks and information on how to access the external DNS. 7.3 FINGER Protocol: TCP Server Port: 79 Client Port: >=1023 Guidelines: From Internet to perimeter network: Block at external router From perimeter network to Internet: Block at external router From perimeter network to internal: Secure at firewall From internal to perimeter network: Allow through firewall 7.4 FTP COMMAND Protocol: TCP Server Port: 21 Client Port: >= 1023 Guidelines: From Internet to perimeter network: Allow at external router Secure at firewall From perimeter network to Internet: Allow at external router and firewall From perimeter network to internal: Secure at firewall From internal to perimeter network: Allow through firewall 7.5 FTP DATA Protocol: TCP Server Port: 20 Client Port: >=1023 Guidelines: From Internet to perimeter network: Secure at firewall From perimeter network to Internet: Allow through firewall From perimeter network to internal: Secure at firewall From internal to perimeter network: Allow through firewall G-27 7.6 HTTP Protocol: TCP Server Port: 80 Client Port: >=1023 Guidelines: From Internet to perimeter network: Allow at external router Secure at firewall From perimeter network to Internet: Allow at external router and firewall From perimeter network to internal: Secure at firewall From internal to perimeter network: Allow through firewall 7.7 ICMP Protocol: ICMP Guidelines: Allow the following types through external router: 0 - Echo-reply 8 - Echo-request 11 - Time-xceeded 12 - Parameter-problem Secure at firewall From perimeter network to internal: Secure at firewall From internal to perimeter network: Secure at firewall 7.8 LP Protocol: TCP Server Port: 515 Guidelines: From Internet to perimeter network: Allow at external router Secure at firewall From perimeter network to Internet: Allow at external router and firewall From perimeter network to internal: Secure at firewall From internal to perimeter network: Allow through firewall 7.9 MICROSOFT SQL Protocol: Tcp Server Port: 1612 Client Port: >=1023 Guidelines: From Internet to perimeter network: Block at external router From perimeter network to Internet: Allow at external router and firewall From perimeter network to internal: Secure at firewall From internal to perimeter network: Allow through firewall G-28 7.10 MICROSOFT NETMEETING Protocol: TCP and UDP Ports: 389, 522, 1503, 1720, 1731, and various dynamic Guidelines: From Internet to perimeter network: Block at external router From perimeter network to Internet: Block at external router From perimeter network to internal: Secure at firewall From internal to perimeter network: Allow through firewall 7.11 NFS Protocol: TCP Server Port: 2049 Guidelines: From Internet to perimeter network: Block at external router From perimeter network to Internet: Block at external router From perimeter network to internal: Secure at firewall From internal to perimeter network: Allow through firewall 7.12 NNTP Protocol: TCP Server Port: 119 Guidelines: From Internet to perimeter network: Allow through external router Secure at firewall From perimeter network to Internet: Allow through external router and firewall From perimeter network to internal: Secure at firewall From internal to perimeter network: Allow through firewall Implementation guideline: The nntp server must be placed on the perimeter network and adequately security 'hardened'. Internal newsgroups should utilize Lotus Notes servers. 7.13 NTP Protocol: UDP Client Port: 123 Guidelines: From Internet to perimeter network: Block at external router From perimeter network to Internet: Block at external router From perimeter network to internal: Secure at firewall From internal to perimeter network: Secure at firewall Implementation guideline: Network time shall be obtained from internal, trusted G-29 ntp servers. 7.14 OPEN WINDOWS Protocol: TCP Server Port: 2000 - 2FFF Guidelines: Same as X11 7.15 REAL AUDIO Guidelines: From Internet to perimeter network: Allow through external router Secure at firewall From perimeter network to Internet: Allow through external router and firewall From perimeter network to internal: Secure at firewall From internal to perimeter network: Allow through firewall Implementation guidelines: Allow port 7070 only 7.16 REXEC Protocol: TCP Server Port: 512 Guidelines: From Internet to perimeter network: Block at external router From perimeter network to Internet: Allow at external router Secure at firewall From perimeter network to internal: Secure at firewall From internal to perimeter network: Allow through firewall 7.17 RLOGIN Protocol: TCP Server Port: 513 Guidelines: From Internet to perimeter network: Block at external router From perimeter network to Internet: Allow at external router Secure at firewall From perimeter network to internal: Secure at firewall From internal to perimeter network: Allow through firewall 7.18 RSH Protocol: TCP Server Port: 514 Guidelines: From Internet to perimeter network: Block at external router From perimeter network to Internet: Allow at external router Secure at firewall From perimeter network to internal: Secure at firewall From internal to perimeter network: Allow through firewall G-30 7.19 SMTP Protocol: TCP Server Port: 25 Client Port: >=1023 Guidelines: From Internet to perimeter network: Allow at external router. E- mail only forwarded to firewall From perimeter network to Internet: Allow at external router Secure at firewall From perimeter network to internal: Secure at firewall From internal to perimeter network: Allowed through firewall. 7.20 SQL*NET Protocol: TCP Server Port: 1525 Client Port: >=1023 Guidelines: From Internet to perimeter network: Block at external router From perimeter network to Internet: Allow through external router Secure at firewall From perimeter network to internal: Secure at firewall From internal to perimeter network: Allow through firewall Implementation guidelinek: The SQL*Net application proxy can be used to allow internal Oracle clients to access external database servers. The proxy can also be used to allow a perimeter web server running Oracle's Web Request Broker to send SQL*Net transactions to a backend Oracle database server on the internal network. 7.21 SSL FOR ENCRYPTED HTTP Protocol: TCP Server Port: 443 Guidelines: From Internet to perimeter network: Allow through external router Secure at firewall From perimeter network to Internet: Allow through external router Secure at firewall From perimeter network to internal: Secure at firewall From internal to perimeter network: Allow through firewall Implementation guideline: Although SSL is not limited to G-31 the HTTP protocol, only HTTP is allowed to pass in SSL. 7.22 TALK Protocol: UDP Server Port: 517,518 Client Port: >=1023 Guidelines: From Internet to perimeter network: Block at external router From perimeter network to Internet: Block at external router From perimeter network to Internal: Secure at firewall From internal to perimeter network: Secure at firewall 7.23 TELNET Protocol: TCP Server Port: 23 Client Port: >=1023 Guidelines: From Internet to perimeter network: Allow to application gateway at external router Secure at firewall From perimeter network to Internet: Allow through firewall From perimeter network to internal: Secure at firewall From internal to perimeter network: Allow through firewall 7.24 UNSPECIFIED IP PACKETS Protocol: IP Ports: All TCP and UDP Guidelines: From Internet to perimeter network: Allow established TCP at external router Secure at firewall From perimeter network to Internet: Allow at external router and firewall From perimeter network to internal: Secure at firewall Additional guidelines: Incoming and outgoing spoofing rules for the Conexant and RFC 1918 private addresses shall be applied. Packets having the source or destination of broadcast shall be blocked. 7.25 UNSPECIFIED UDP PACKETS Protocol: UDP Guidelines: G-32 From Internet to perimeter network: Block at external router From perimeter network to Internet: Will fail due to blocked inbound From perimeter network to internal: Secure at firewall 7.26 X11 Protocol: TCP Server Port: 6000 - 6063 Guidelines: From Internet to perimeter network: Secure at firewall From perimeter network to Internet: Allow through firewall From perimeter network to internal: Secure at firewall From internal to perimeter network: Allow through firewall Implementation Guidelines: Internal X servers: Allow only with xforward or other proxy. The window manager must be an internal client. External X servers: Allow running internal X clients; access to machine that has X client via telnet only. 8.0 AUTHENTICATION Router administrators shall ensure that default privileged command passwords and console and virtual terminal line access passwords are changed or assigned immediately upon installation, and changed thereafter at 90 day intervals. These passwords shall also be changed within 24 hours whenever router administrators are terminated or transferred. Dial-in access by administrators to routers and other sensitive network devices shall require strong authentication. Systems that are connected to Conexant's internal trusted networks and which can be accessed from external networks (including dial-in) must implement strong authentication mechanisms and comply with applicable Conexant host security baselines. 9.0 VIRTUAL PRIVATE NETWORK A VPN shall be required for connectivity between Conexant trusted networks or Conexant SOHO users when traversing an untrusted network. 10.0 INTERNET INFORMATION SERVERS Servers such as ftp and World Wide Web have been established throughout Conexant for rapid dissemination and central updating of public and private information. These information servers provide fast and convenient information to employees, customers, suppliers and the general public. Those who establish such servers must safeguard their security in order to protect against unauthorized disclosure of sensitive and competitive information, as well as ensure the integrity of information which they contain 10.1 INFORMATION SERVER GUIDELINES 1. Information available to an untrusted network shall be hosted on the perimeter networks. Access to company sensitive information from an UNTRUSTED network to a perimeter network shall require authentication technologies. Connectivity from the perimeter network to information within the TRUSTED network shall require strong authentication. G-33 2. Servers on the perimeter networks shall run with as little privilege as necessary. If at all possible, server software must not run as "root," or "administrator" thus limiting possible damage if an intruder discovers vulnerability. 3. System administrators shall closely monitor the integrity of the system and the information to be distributed. Whenever feasible, system administrators shall run the most secured version of the information server software which is free of known bugs or vulnerabilities. 11.0 SCREENING OF MALICIOUS SOFTWARE (PENDING ACTION ITEMS) Executable programs embedded within HTML entering Conexant trusted networks via HTTP or other protocols will vary across time based upon the state of the technology. Until security shortcomings are resolved, to the extent possible Microsoft ActiveX (and follow-on products of like content but different marketing names) are not allowed into trusted Conexant networks from untrusted, foreign networks. Java applets may be allowed into Conexant trusted networks from foreign, untrusted network domains. 12.0 EXTERNAL SERVICE PROVIDERS Dedicated network connection between to Conexant network security administration shall be responsible for ensuring the security of all computing services and connections. When business needs dictate, Conexant networks may, with due diligence, be extended into non-Conexant facilities, but may not be connected to that facility's untrusted networks unless firewalls are put into place. Under conditions where there is no direct Conexant control or supervision of the non-Conexant users who log on to trusted Conexant networks, logins require strong authentication. The management of authentication devices remains at all times the responsibility of the Conexant business unit issuing them. Clearly defined agreements must be established with third party service providers who issue Conexant authentication devices to their employees. Those agreements must spell out the third party's responsibilities in the management and protection of Conexant's security devices, computing resources, and private data. 13.0 REQUESTS FOR WAIVERS AND BASELINE CHANGES Requests for waivers and deviations to this IT security baseline shall be sent to the Corporate Chief Security Information Director. Each request for waiver and deviation will be considered on an individual basis and for a specific duration. Any change to the requirement, technical approach, or other pertinent circumstances on which the request is granted, must be reported to the Corporate Chief Security Information Director for reconsideration of the waiver or deviation. In order to consider the request, as a minimum the following information must be specified in each written request: 1. Reference to the baseline requirement and technical description of the requested waiver or deviation. 2. Business justification or contractual requirement. 3. Specific duration of requested waiver or deviation, not to exceed 26 weeks. If the duration is expected to exceed 26 weeks, the request must be resubmitted for reconsideration prior to expiration of the granted waiver/deviation duration. 4. Alternative technical approaches and solutions considered/rejected. 5. Requested technical approach and technical point of contact. G-34 6. Concurrence from the business unit's IT executive that the deviation is warranted. Requests to change the Internet Security baseline should be forwarded to the Corporate Chief Security Information Director, who is the custodian of the document. G-35 ATTACHMENT H TERMINATION FOR CONVENIENCE ATTACHMENT H EXAMPLE OF SECTION 12.2 TERMINATION FOR CONVENIENCE [GRAPHIC] H-1 ATTACHMENT I SERVICE LEVEL MATRIX ATTACHMENT I SERVICE LEVEL MATRIX CATEGORY OF SERVICE SERVICE HOURS RESPONSE CLOSURE TIME MISSION CRITICAL MISSION CRITICAL SUPPORT LEVEL TIME SYSTEMS RESPONSE TIME - ----------------------------------------------------------------------------------------------------------------------------------- Application Support 8-5 Local Time of 8 Service Mutually Agreed See Attachment K Service Request Hours - ----------------------------------------------------------------------------------------------------------------------------------- Programming Services 8-5 Local Time of 8 Service Mutually Agreed 1st and 2nd Level Service Request Hours Support - ----------------------------------------------------------------------------------------------------------------------------------- Remote Site Support 8-5 Local Time of 8 Service 50% within 16 1st and 2nd Level (Asia Pacific and Service Request, 6 Hours Service Hours Support Europe) installations and/or upgrades/week between the regions. - ----------------------------------------------------------------------------------------------------------------------------------- Infrastructure Services - 8-5 Local Time of 4 Service 50% within 16 Phone Outages Account Manager 2nd Level Support Wire Line Telephony Service Request Hours Service Hours will be given informed on a for Newbury Park highest priority hourly basis to and Mexicali, 1st problem is Level support for solved all other Washington Locations - ----------------------------------------------------------------------------------------------------------------------------------- Infrastructure Services - 8-5 Local Time of 4 Service 50% within 16 1st and Video Telephony Service Request Hours Service Hours 2nd Level Support - ----------------------------------------------------------------------------------------------------------------------------------- Infrastructure Services - 7x24 Monitoring 2 Service 50% within 16 1st Level support LAN Services Hours Service Hours at all Washington locations except Newbury Park, Mexicali, and Ottawa. 2nd Level support at all Washington Locations - ----------------------------------------------------------------------------------------------------------------------------------- I-1 CATEGORY OF SERVICE SERVICE HOURS RESPONSE CLOSURE TIME MISSION CRITICAL MISSION CRITICAL SUPPORT LEVEL TIME SYSTEMS RESPONSE TIME - ------------------------------------------------------------------------------------------------------------------------------------ Infrastructure Services - 8-5 Local Time of 8 Service 50% within 16 1st and 2nd Remote Access and Service Request Hours Service Hours Level SOHO Support - ------------------------------------------------------------------------------------------------------------------------------------ Infrastructure Services - 8-5 Local Time of 8 Service 50% within 16 All Internet Account Manager 1st and 2nd Internet Services Service Request Hours Service Hours Outages will informed on a Level be given highest hourly basis Support priority until problem is solved when an entire site is affected - ------------------------------------------------------------------------------------------------------------------------------------ Infrastructure Services - 7x24 Monitoring 2 Service 70% within 8 All WAN Outages Account Manager 1st and 2nd Wan Services Hours Service Hours will be given informed on a Level highest priority hourly basis Support until problem is solved when an entire site is affected - ------------------------------------------------------------------------------------------------------------------------------------ Infrastructure Services - 8-5 Local Time of 8 Service 50% within 16 2nd Level Groupware Services Service Request Hours Service Hours Support - ------------------------------------------------------------------------------------------------------------------------------------ Data Center Services 7x24x365 8 Service 50% within 16 SAP, Adexa, 1 hour response 1st and 2nd Hours Service Hours Promis, DMS and continuous Level effort Support until resolved - ------------------------------------------------------------------------------------------------------------------------------------ I-2 ATTACHMENT J J.1 - HARDWARE THE FOLLOWING ASSETS WILL HAVE THE OWNERSHIP TRANSFERRED TO SKYWORKS WHEN THE INFRASTRUCTURE TOWER OF SERVICE IS TERMINATED AND PAYMENT IS RECEIVED FOR CONSIDERATION OF SUCH HARDWARE. ASSET TAG # LOCATION DESCRIPTION - -------------------------------------------------------------------------------- 1079146 NP MODULE ETHERNET SMARTSWITCH - -------------------------------------------------------------------------------- 1079147 NP MODULE ETHERNET SMARTSWITCH - -------------------------------------------------------------------------------- 1079148 NP MODULE ETHERNET SMARTSWITCH - -------------------------------------------------------------------------------- 1082033 NP SERVER - -------------------------------------------------------------------------------- 1082034 NP SERVER - -------------------------------------------------------------------------------- 1082035 NP SERVER - -------------------------------------------------------------------------------- 1083012 NP TAPE LIBRARY, AUTOMATED - -------------------------------------------------------------------------------- 1079605 NP SERVER, COMPAQ PROLIANT - -------------------------------------------------------------------------------- 1079606 NP SERVER, COMPAQ PROLIANT - -------------------------------------------------------------------------------- 1079607 NP SERVER, COMPAQ PROLIANT - -------------------------------------------------------------------------------- 1079608 NP SERVER, COMPAQ PROLIANT - -------------------------------------------------------------------------------- 1079609 NP SERVER, COMPAQ PROLIANT - -------------------------------------------------------------------------------- 1082325 NP LAPTOP COMPUTER - -------------------------------------------------------------------------------- 1082326 NP LAPTOP COMPUTER - -------------------------------------------------------------------------------- 1079777 NP CHASSIS, WIRING CLOSET BUNDLE - -------------------------------------------------------------------------------- 1079778 NP CHASSIS, WIRING CLOSET BUNDLE - -------------------------------------------------------------------------------- 1083653 NP DATA/TELEPHONE EQUIPMENT - -------------------------------------------------------------------------------- 1078530 NP NETWORK SERVER - -------------------------------------------------------------------------------- 1079072 MEXICALI CHASSIS, CATALYST 5500 BUNDLE - -------------------------------------------------------------------------------- 1079072 MEXICALI CHASSIS, CATALYST 5500 BUNDLE - -------------------------------------------------------------------------------- 1079074 MEXICALI CHASSIS, CATALYST 5500 BUNDLE - -------------------------------------------------------------------------------- 1079285 MEXICALI CHASSIS, CATALYST 5500 BUNDLE - -------------------------------------------------------------------------------- 1079151 MEXICALI CHASSIS, RACK-MOUNT - -------------------------------------------------------------------------------- 1083651 MEXICALI DNS/SMS SERVER - -------------------------------------------------------------------------------- 1085700 MEXICALI ROUTER, CISCO 3660 - -------------------------------------------------------------------------------- 1083564 MEXICALI SAP PRINTERS (2) FOR MEXICALI - -------------------------------------------------------------------------------- 40007 MEXICALI VIDEO CONFERENCING SYSTEM - -------------------------------------------------------------------------------- 1084337 NEPEAN, CANADA BRIDIAL BUNDLE - -------------------------------------------------------------------------------- 1084338 NEPEAN, CANADA CATALYST CHASSIS 5500 - -------------------------------------------------------------------------------- 1084345 NEPEAN, CANADA NETWORK PROBE DAS PRO 2 PORT 10/100 - -------------------------------------------------------------------------------- 1084340 NEPEAN, CANADA SERVER, PRINTER/FILER/LOTUS NOTES - -------------------------------------------------------------------------------- 1084341 NEPEAN, CANADA SERVER, PRINTER/FILER/LOTUS NOTES - -------------------------------------------------------------------------------- 1084331 NEPEAN, CANADA VIDEO CONFERENCING EQUIPMENT - -------------------------------------------------------------------------------- 1082375 CEDAR RAPIDS MICROWAVE UNIT - -------------------------------------------------------------------------------- 1082376 CEDAR RAPIDS MICROWAVE UNIT - -------------------------------------------------------------------------------- 1085582 IRVING, TX AUTOMATED TAPE LIBRARY - -------------------------------------------------------------------------------- CIP NP COMPUTER SYSTEM BACKUP - -------------------------------------------------------------------------------- CIP NP DLT EXPANSION - -------------------------------------------------------------------------------- CIP NP UPGRADE OF PBX - -------------------------------------------------------------------------------- CIP NP POKLYCOM FOR NP SALES - -------------------------------------------------------------------------------- J-1 ATTACHMENT J J.2 - SOFTWARE APPLICATIONS LICENSE TYPE LICENSES SUBJECT TO CONSIDERATION - ------------ ------------ ------------------- ------------- TRANSFER (IDENTIFIED -------------------- LICENSES) --------- Lotus Notes Named 1951 $ 59,000 SAP - Production Named 250 $ 795,000 PROMIS Concurrent 256 $ 845,000 Sherpa DMS Server and 1 and 25 $ 53,000 Concurrent iPlanet LDAP Server 1 0 Adexa Server 1 $ 748,000 Total $2,500,000 J-2 ATTACHMENT K APPLICATION SUPPORT MATRIX CONEXANT TO SKYWORKS APPLICATION GROUP MONTHLY FTE SUPPORT LEVEL - ----------------------------------------------------------------------- Architecture & technology 1 2nd - ----------------------------------------------------------------------- Computer security 1 1/2 1st and 2nd - ----------------------------------------------------------------------- SAP 2 2nd - ----------------------------------------------------------------------- PROMIS 1 2nd - ----------------------------------------------------------------------- Quality Systems Inc. 1/4 1st - ----------------------------------------------------------------------- Extricity (or its replacement) 1/4 1st and 2nd - ----------------------------------------------------------------------- Sherpa DMS 1/4 1st and 2nd - ----------------------------------------------------------------------- SKYWORKS TO CONEXANT APPLICATION GROUP MONTHLY FTE SUPPORT LEVEL - ----------------------------------------------------------------------- Adexa 1 1st and 2nd - ----------------------------------------------------------------------- Lotus Notes 1/4 2nd - ----------------------------------------------------------------------- J-2