| |
|
| Infrastructure |
|
Netandhost.com functions
at various data centers across the world which meets our strictest criteria.
Common features of our Datacenter:
|
|
| |
 |
Multiple Redundant Internet Connection through
Fibre Optic Cable and Satellite
|
| |
|
|
24x7 Continuous uptime and High SLA |
| |
|
|
State of the Art Infrastructure like Precision controlled
Cooling systems,
|
| |
Power conditioning equipment, multiple generators etc..
|
| |
|
|
A 24x7 Help Desk providing round the clock Service
|
| |
|
|
A highly secure environment |
| |
|
|
Deployment of high-performance management tools |
| |
|
| Ultimately, our customers have
the following benefits: |
| |
| Maximum Efficiency: |
Your website is
hosted in a data center with a redundant network of multiple fiber trunk lines,
redundant power on the premises, and backup generators.
|
|
| |
|
| Maintenance: |
|
Each Data Center is maintained by
combining round-the-clock systems management with engineers trained in the
areas of networking and systems monitoring.
|
|
| |
|
| Privacy, Safety & Security: |
|
Our Data Centers
are supported by some of the most powerful physical security in the business
with 24/7 video camera surveillance, security breach alarms and biometric thumb
print scanners at all entrances.
|
|
| |
|
| Network Performance |
|
Our network has
been designed to accommodate the clients demanding the highest quality network
performance. We guarantee 99.9% uptime with the highest degree of security
against network downtime and the fastest possible data transfers.
|
|
| |
|
| 1) 24 x 7 Monitoring |
|
| |
|
Our
monitoring systems and tools provide our system administrators with a
comprehensive view into the health of our globally distributed infrastructure.
We monitor a large number of parameters related to the health of our servers
and individual services that reside on them. Services monitored include:
|
|
| |
|
|
Network Connectivity |
| |
|
|
Server Disk Space Utilization |
| |
|
|
Server CPU Utilization
|
| |
|
|
Server Memory Utilization
|
| |
|
|
Web Services - HTTP, HTTPS & FTP
|
| |
|
|
Email Services - SMTP, POP & IMAP |
| |
|
|
Database Services - MySQL, MSSQL
|
| |
|
|
DNS Services
|
| |
|
|
All Log Files
|
| |
|
| |
and much more ...
|
|
|
| |
|
If any
failure in the server or services or the resources employed, then a warning
pops-up immediately on the screens of all our Infrastructure Monitoring team,
which helps to resolve any issue within minutes of it occurrence thus ensuring
maximum uptime for the customer.
|
|
| |
|
| Top |
|
| 2) Security |
|
| |
|
Due to
the various interaction points that an application provides to the external
world, and the various users that can interact with these interfaces, the
likelihood of security threats are high.
|
|
| |
|
| Our Holistic Security Model |
|
Our
Security platform and process leverages on several levels of security -
consisting of Security Systems and Equipment combined with Security Procedures
and Practices and Auditing Processes, to ensure matchless security for all the
services we provide. The platform deals with security at 7 different levels as
follows:
|
|
| |
|
| 1. Datacenter Security |
|
Security
and stability are the most important variables in our due diligence process.
All datacenters are equipped with surveillance cameras, biometric locks,
authorization-based access policies, limited datacenter access, security
personnel, and similar standard security equipment, processes and operations.
What distinguish us however is the fact that our due diligence process also
incorporates a measure of proactiveness demonstrated by the datacenter towards
security. This is measured by evaluating past experiences, customer case
studies, and the amount of time the datacenter dedicates towards security
research and study.
|
|
| |
|
| 2. Network Security |
|
Our
world wide infrastructure deployments are integrated DDOS mitigators, Intrusion
Detection systems, and Firewalls both at the edge and the Rack level.
|
|
| |
|
| Protection
against Distributed Denial-of-Service (DDoS) Attacks |
|
Denial of Service is
presently the top source of financial loss due to cybercrime. The objective of
a Denial-of-Service attack is to disrupt your business activities by stopping
the operation of your web site, email or web applications. This is accomplished
by attacking the servers or network that host these services and overloading
the resources such as bandwidth, CPU and memory. The objectives of such attacks
are extortion, bragging rights, political statements, damaging competition etc.
Almost any organization that connects to the Internet is vulnerable to these
attacks. The business impact of large sustained DoS attacks is massive, as it
would lead to loss of profits, customer dissatisfaction, productivity etc due
to unavailability or deterioration of service. A DoS attack in most cases might
even land you with the largest bandwidth overage invoice that you have ever
seen.
We provide Distributed Denial-of-Service protection system which offer
unrivaled protection against DoS and DDoS attacks on your websites, email and
mission critical web applications, by using sophisticated state-of-the-art
technology which automatically triggers as soon as an attack is launched. The
DDoS mitigator's filtering system blocks almost all deceptive traffic and
ensures that valid traffic is allowed up to the largest extent possible. These
systems have seamlessly protected several web sites from large service outages
caused by simultaneous attacks as large as 300+ Mbps in the past, thus allowing
organizations to focus on their Business.
|
|
| |
|
| Firewall Protection |
|
Our
round-the-clock firewall protection system secures the perimeter and delivers
the very best first line of protection. It uses highly adaptive and advanced
inspection technology to protect your data, website, email and web applications
by blocking unauthorized network access. It ensures controlled connectivity
between the servers that store your data and the Internet through the
enforcement of security policies formulated by subject matter experts.
|
|
| |
|
| Network
Intrusion Detection system |
|
Our
network intrusion detection, prevention and vulnerability management system
provides rapid, accurate and complete protection against targeted attacks,
traffic anomalies, "unknown" worms, spyware/adware, network viruses, rogue
applications and other zero-day exploits. It uses ultramodern high-performance
network processors that carry out thousands of checks on each packet flow
simultaneously with no perceivable increase in latency. As packets pass through
our systems, they are fully scrutinized to determine whether they are
legitimate or harmful. This method of instantaneous protection is the most
effective mechanism of ensuring that harmful attacks do not reach their
targets.
|
|
| |
|
| Hardware
Standardization |
|
We have standardized on
hardware vendors that have a track record of high security standards and
quality support. The majority of our infrastructure and datacenter partners use
equipment from Cisco, Juniper, HP, Dell etc.
|
|
| |
|
| Host Based
Intrusion Detection System |
|
With the upcoming tools
that are capable to detour port blocking perimeter defense systems such as
firewalls, it is now must for enterprises to deploy Host-based Intrusion
Detection System (HIDS) which focuses on monitoring and analyising the
internals of a computing system. Our Host-based Intrusion Detection System
supports in detecting and pinpointing changes to the system and configuration
files - whether by accident, from malicious tampering, or peripheral intrusion
- using heuristic scanners, host log information, and by monitoring system
activity. Rapid discovery of changes reduces the risk of potential damage, and
also reduces troubleshooting and recovery times, thus decreasing overall impact
and improving security and system availability.
|
|
| |
|
| 3. Software Security |
|
| |
|
Our
applications run on myriad systems with myriad server software. Operating
Systems include various flavors of Linux, BSD, Windows. Server Software
includes versions and flavors of Apache, IIS, Resin, Tomcat, Postgres, MySQL,
MSSQL, Qmail, Sendmail, Proftpd etc etc. ResellerClub ensures security despite
the diverse range of software products we operate by following a
process-oriented approach
|
|
| |
|
| Timely
Application of Updates, Bug Fixes and Security Patches |
|
All
servers are registered for automatic updates to ensure that they always have
the most recent security patch installed and that any new vulnerabilities are
rectified immediately. The largest number of intrusions results from
exploitation of known vulnerabilities, configuration errors, or virus attacks
where countermeasures are already available. According to CERT, systems and
networks are impacted by these events as they have "not consistently" deployed
the patches that were released.
We completely understand the requirement for strong patch and update management
procedures. As operating systems and server software get more complex, each new
release is littered with security holes. Information and updates for new
security threats are released on an almost daily basis. We have built
consistent, repeatable processes and a reliable auditing and reporting
framework which ensures that all our systems are always up-to-date.
|
|
| |
|
| Periodic Security Scans |
|
To determine if any
servers have any known vulnerabilities frequent checks are made using
enterprise grade security software. The servers are scanned against the most
comprehensive and up-to-date databases of known vulnerabilities. Thus enabling
us to proactively protect our servers from attacks and ensure business
continuity by identifying security holes or vulnerabilities before an attack
occurs.
|
|
| |
|
| Pre-Upgrade Testing Processes |
|
Software upgrades are
released frequently by various software vendors. While each vendor follows
their own testing measures prior to release of any upgrade, they cannot test
inter-operability issues between the software. For instance a new release of a
database may be tested by the Database vendor. However the impact of deploying
this release on a production system running various other FTP, Mail, Web Server
software cannot be directly determined. Our system administration team
documents the impact analysis of various software upgrades and if any of them
are perceived to have a high-risk, they are first beta-tested in our labs
before live deployment
|
|
| |
|
| 4.
Application Security
|
|
| |
|
All of the application
software that is used in the platform is integrated, customized and deployed
only by us. Any 3rd party Products or Components go through comprehensive
training and testing procedures where all elements of such products are broken
down and knowledge about their architecture and implementation is transferred
to our team, thus allowing us to completely control all variables involved in
any particular Product. All applications are engineered using our proprietary
Product Engineering Process which follows a proactive approach towards
security. Each application is broken down into various components such as User
Interface, Core API, Backend Database etc. Each layer of concept has its own
security checks, in spite of the security checks performed by a higher
abstraction layer. All sensitive data is stored in an encrypted format. Our
engineering and development practices ensure the highest level of security with
regards to all application software
|
|
| |
|
| 5. Personnel Security |
|
| |
|
The
weakest link in the security chain is always the people you trust. Personnel,
Development staff, Vendors, essentially anyone that has privileged access to
your system. At NetandHost.com our Holistic Security Approach attempts to
minimize security risk brought on by the "Human Factor". Information is
divulged only on a "need-to-know" basis. Authorization expires upon the expiry
of the requirement. Personnel are coached specifically in security measures and
the criticality of observing them.
|
|
| |
|
| 6. Security Audit Processes |
|
| |
|
During
the deployment of globally distributed servers, audit processes one need to
ensure process imitation and authority. Are all servers being patched
regularly? Are the backup scripts running all the time? Are offsite backups
being rotated as desired? Are appropriate reference checks being performed on
all personnel? Is the security equipment sending out timely alerts? Such
questions are frequently verified in an out-of-band process .Our audit
mechanisms alert us to the security processes before it is exposed by external
users.
|
|
| Top |
|
| |
|
| 3) Data Protection and Disaster Recovery |
|
Data is
the most important asset in today’s business world thus requires 100%
uptime, where data is constantly online and accessible. We have therefore
employed solid solutions to protect your data in the adverse event of software
malfunction
|
|
| |
|
| Live Backup (RAID Technology) |
|
| |
|
We use
cutting-edge RAID Hardware to protect all data on the server. This technology
works by creating a mirror of all data on more than one harddisk automatically,
without any delay Thus you need not make any changes or special code
modifications in your website/web application for this technology to function.
|
|
RAID
systems offer a significant advantage over non-RAID systems, in terms of data
protection and ability to maintain 100% uptime, because the system continues to
function perfectly in case of disk failures. RAID technology also improves the
performance of the services on the server.
|
|
| |
|
| Daily & Weekly Server Backups |
|
| |
|
Important
data is available on various locations in the server. Our subject-matter
experts have primed complex backup scripts that automatically maintain copies
of all important data, in a secure manner, on a regular interval, such that we
can refurbish a server in the short span, in the event of a total failure.
|
|
| Top |
|