Infrastructure

Datacenter Security , Maintanence and Monitoring

 

Netandhost.com functions at various data centers across the world which meets our strictest criteria. Common features of our Datacenter:

  • Multiple Redundant Internet Connection through Fibre Optic Cable and Satellite
  • 24x7 Continuous uptime and High SLA
  • State of the Art Infrastructure like Precision controlled Cooling systems, Power conditioning equipment, multiple generators etc..
  • A 24x7 Help Desk providing round the clock Service
  • A highly secure environment
  • Deployment of high-performance management tools
 


Ultimately, our customers have the following benefits
 
Maximum Efficiency

Your website is hosted in a data center with a redundant network of multiple fiber trunk lines, redundant power on the premises, and backup generators.

Maintenance

Each Data Center is maintained by combining round-the-clock systems management with engineers trained in the areas of networking and systems monitoring.


Privacy, Safety & Security

Our Data Centers are supported by some of the most powerful physical security in the business with 24/7 video camera surveillance, security breach alarms and biometric thumb print scanners at all entrances.

Network Performance

Our network has been designed to accommodate the clients demanding the highest quality network performance. We guarantee 99.9% uptime with the highest degree of security against network downtime and the fastest possible data transfers.

 
1
 

24 x 7 Monitoring

Our monitoring systems and tools provide our system administrators with a comprehensive view into the health of our globally distributed infrastructure. We monitor a large number of parameters related to the health of our servers and individual services that reside on them. Services monitored include:

  • Network Connectivity
  • Server Disk Space Utilization
  • Server CPU Utilization
  • Server Memory Utilization
  • Web Services - HTTP, HTTPS & FTP
  • Email Services - SMTP, POP & IMAP
  • Database Services - MySQL, MSSQL
  • DNS Services
  • All Log Files
and much more ...

If any failure in the server or services or the resources employed, then a warning pops-up immediately on the screens of all our Infrastructure Monitoring team, which helps to resolve any issue within minutes of it occurrence thus ensuring maximum uptime for the customer.

 
 
2

Security

Due to the various interaction points that an application provides to the external world, and the various users that can interact with these interfaces, the likelihood of security threats are high.

Our Holistic Security Model

Our Security platform and process leverages on several levels of security - consisting of Security Systems and Equipment combined with Security Procedures and Practices and Auditing Processes, to ensure matchless security for all the services we provide. The platform deals with security at 7 different levels as follows:

  • 1.Datacenter Security

    Security and stability are the most important variables in our due diligence process. All datacenters are equipped with surveillance cameras, biometric locks, authorization-based access policies, limited datacenter access, security personnel, and similar standard security equipment, processes and operations. What distinguish us however is the fact that our due diligence process also incorporates a measure of proactiveness demonstrated by the datacenter towards security. This is measured by evaluating past experiences, customer case studies, and the amount of time the datacenter dedicates towards security research and study.

  • 2.Network Security

    Our world wide infrastructure deployments are integrated DDOS mitigators, Intrusion Detection systems, and Firewalls both at the edge and the Rack level.

    • Protection against Distributed Denial-of-Service (DDoS) Attacks

      Denial of Service is presently the top source of financial loss due to cybercrime. The objective of a Denial-of-Service attack is to disrupt your business activities by stopping the operation of your web site, email or web applications. This is accomplished by attacking the servers or network that host these services and overloading the resources such as bandwidth, CPU and memory. The objectives of such attacks are extortion, bragging rights, political statements, damaging competition etc. Almost any organization that connects to the Internet is vulnerable to these attacks. The business impact of large sustained DoS attacks is massive, as it would lead to loss of profits, customer dissatisfaction, productivity etc due to unavailability or deterioration of service. A DoS attack in most cases might even land you with the largest bandwidth overage invoice that you have ever seen.
      We provide Distributed Denial-of-Service protection system which offer unrivaled protection against DoS and DDoS attacks on your websites, email and mission critical web applications, by using sophisticated state-of-the-art technology which automatically triggers as soon as an attack is launched. The DDoS mitigator's filtering system blocks almost all deceptive traffic and ensures that valid traffic is allowed up to the largest extent possible. These systems have seamlessly protected several web sites from large service outages caused by simultaneous attacks as large as 300+ Mbps in the past, thus allowing organizations to focus on their Business.

    • Firewall Protection

      Our round-the-clock firewall protection system secures the perimeter and delivers the very best first line of protection. It uses highly adaptive and advanced inspection technology to protect your data, website, email and web applications by blocking unauthorized network access. It ensures controlled connectivity between the servers that store your data and the Internet through the enforcement of security policies formulated by subject matter experts.

    • Network Intrusion Detection system

      Our network intrusion detection, prevention and vulnerability management system provides rapid, accurate and complete protection against targeted attacks, traffic anomalies, "unknown" worms, spyware/adware, network viruses, rogue applications and other zero-day exploits. It uses ultramodern high-performance network processors that carry out thousands of checks on each packet flow simultaneously with no perceivable increase in latency. As packets pass through our systems, they are fully scrutinized to determine whether they are legitimate or harmful. This method of instantaneous protection is the most effective mechanism of ensuring that harmful attacks do not reach their targets.

    • Hardware Standardization

      We have standardized on hardware vendors that have a track record of high security standards and quality support. The majority of our infrastructure and datacenter partners use equipment from Cisco, Juniper, HP, Dell etc.

    • Host Based Intrusion Detection System

      With the upcoming tools that are capable to detour port blocking perimeter defense systems such as firewalls, it is now must for enterprises to deploy Host-based Intrusion Detection System (HIDS) which focuses on monitoring and analyising the internals of a computing system. Our Host-based Intrusion Detection System supports in detecting and pinpointing changes to the system and configuration files - whether by accident, from malicious tampering, or peripheral intrusion - using heuristic scanners, host log information, and by monitoring system activity. Rapid discovery of changes reduces the risk of potential damage, and also reduces troubleshooting and recovery times, thus decreasing overall impact and improving security and system availability.

3.Software Security

Our applications run on myriad systems with myriad server software. Operating Systems include various flavors of Linux, BSD, Windows. Server Software includes versions and flavors of Apache, IIS, Resin, Tomcat, Postgres, MySQL, MSSQL, Qmail, Sendmail, Proftpd etc etc. ResellerClub ensures security despite the diverse range of software products we operate by following a process-oriented approach

    • Timely Application of Updates, Bug Fixes and Security Patches

      All servers are registered for automatic updates to ensure that they always have the most recent security patch installed and that any new vulnerabilities are rectified immediately. The largest number of intrusions results from exploitation of known vulnerabilities, configuration errors, or virus attacks where countermeasures are already available. According to CERT, systems and networks are impacted by these events as they have "not consistently" deployed the patches that were released.
      We completely understand the requirement for strong patch and update management procedures. As operating systems and server software get more complex, each new release is littered with security holes. Information and updates for new security threats are released on an almost daily basis. We have built consistent, repeatable processes and a reliable auditing and reporting framework which ensures that all our systems are always up-to-date.

    • Periodic Security Scans

      To determine if any servers have any known vulnerabilities frequent checks are made using enterprise grade security software. The servers are scanned against the most comprehensive and up-to-date databases of known vulnerabilities. Thus enabling us to proactively protect our servers from attacks and ensure business continuity by identifying security holes or vulnerabilities before an attack occurs.

    • Pre-Upgrade Testing Processes

      Software upgrades are released frequently by various software vendors. While each vendor follows their own testing measures prior to release of any upgrade, they cannot test inter-operability issues between the software. For instance a new release of a database may be tested by the Database vendor. However the impact of deploying this release on a production system running various other FTP, Mail, Web Server software cannot be directly determined. Our system administration team documents the impact analysis of various software upgrades and if any of them are perceived to have a high-risk, they are first beta-tested in our labs before live deployment

4.Application Security

All of the application software that is used in the platform is integrated, customized and deployed only by us. Any 3rd party Products or Components go through comprehensive training and testing procedures where all elements of such products are broken down and knowledge about their architecture and implementation is transferred to our team, thus allowing us to completely control all variables involved in any particular Product. All applications are engineered using our proprietary Product Engineering Process which follows a proactive approach towards security. Each application is broken down into various components such as User Interface, Core API, Backend Database etc. Each layer of concept has its own security checks, in spite of the security checks performed by a higher abstraction layer. All sensitive data is stored in an encrypted format. Our engineering and development practices ensure the highest level of security with regards to all application software

5.Personnel Security

The weakest link in the security chain is always the people you trust. Personnel, Development staff, Vendors, essentially anyone that has privileged access to your system. At NetandHost.com our Holistic Security Approach attempts to minimize security risk brought on by the "Human Factor". Information is divulged only on a "need-to-know" basis. Authorization expires upon the expiry of the requirement. Personnel are coached specifically in security measures and the criticality of observing them.

6.Security Audit Processes

During the deployment of globally distributed servers, audit processes one need to ensure process imitation and authority. Are all servers being patched regularly? Are the backup scripts running all the time? Are offsite backups being rotated as desired? Are appropriate reference checks being performed on all personnel? Is the security equipment sending out timely alerts? Such questions are frequently verified in an out-of-band process .Our audit mechanisms alert us to the security processes before it is exposed by external users.

 
3
 

Data Protection and Disaster Recovery

Data is the most important asset in today's business world thus requires 100% uptime, where data is constantly online and accessible. We have therefore employed solid solutions to protect your data in the adverse event of software malfunction:

Security Audit Processes

We use cutting-edge RAID Hardware to protect all data on the server. This technology works by creating a mirror of all data on more than one harddisk automatically, without any delay Thus you need not make any changes or special code modifications in your website/web application for this technology to function.
RAID systems offer a significant advantage over non-RAID systems, in terms of data protection and ability to maintain 100% uptime, because the system continues to function perfectly in case of disk failures. RAID technology also improves the performance of the services on the server.

Daily & Weekly Server Backups

Important data is available on various locations in the server. Our subject-matter experts have primed complex backup scripts that automatically maintain copies of all important data, in a secure manner, on a regular interval, such that we can refurbish a server in the short span, in the event of a total failure.