Network's security is a crucial element to the quality of service we provide. The Data Center strives to protect its network and assure the availability, integrity, and confidentiality of the servers and their data. We run a world class high-bandwidth network infrastructure. Our skilled technical security experts (who often advise the local FBI office on Linux security) constantly strive to ensure secure and uninterrupted service.
Among the measures we take to thwart attacks and ensure network availability are:
- Redundant Cisco 7513 Routers, capable of routing up to 4.2 Gigabits of total traffic.
- Multiple DS-3 lines connecting us with five different Tier-1 providers, use of a Sonet ring network architecture.
- Fully switched network to prevent the packet sniffing of TCP connections.
- Resistant routing to hold network attacks at bay by configuration.
- Tracking systems to trace malicious acts (attacks, spamming) to their sources.
We provide 24 x 7 managed network monitoring service, and respond within minutes to server failures, attacks or Internet backbone problems. As a result, we have minimized and nearly eliminated the adverse effects of distributed denial of service (DDoS) and other attacks, and our network uptime is over 99.9%.
Preventing attacks can be far easier and less costly than responding to them after the fact. To that end, we discourage the use of IRC bots and shell accounts on our servers, and encourage our customers to use secure shell accounts rather than telnet to communicate with their servers.
Other security related services we offer include a managed firewall for increased security, security update service which guarantees our supported software is updated with security patches and bug fixes, and a professional security analysis and consulting by our technical experts.
The NOC lobby is protected around the clock, seven days a week by building security personnel, a closed-circuit TV system with 16 cameras inside and outside the premises, and video tape recording. Access to the data center area is individually authenticated, so those entering the building must pass through turnstiles.
To get to a server with customer data on it, an intruder would have to pass through numerous points of authentication or identification via key, camera, or human.
The security system provides a record of who has entered a room, and at what time, thus allowing us to audit access to the systems.
We have designed our control center to maintain a high level of security from within our facilities. All servers requiring console access by our support and administration groups are accessible from this secured monitor room. This maximizes security and limits the number of people who have physical access to the servers. Our primary system monitoring tools have a "distributed" console, so there is no need for the traditional big-screen setup.
To ensure maximum connectivity and minimal downtime, we use redundant systems. This includes our Cisco routers, switches, and sub master switches, our power system (three diesel fueled generators in addition to our regular grid electrical power), and our backbone (multiple DS-3 with 5 providers on a dual OC-12 smart ring).
Each server is connected to an uninterruptible power supply, protected by our fire suppression system and multiple air conditioning (HVAC) systems. We keep a ready supply of drives, network cards, processors, motherboards and every piece of equipment that has even a remote chance of failure.