Server Security and Protection

The Datacentre

Our servers are housed in a secure high speed Internet data centre, owned and operated:

Oz Servers
26 Hampton Street
East Brisbane, QLD 4169
Australia

This secure datacentre facility has double entry doors on all entry points. The building was formerly used as an unmarked State Police Technical Lab and much of the physical security, alarms and fire protection was inherited from them when the building was taken over.

Physical Security

General Security

Authorised Access

There are policies and procedures in place that prevent unauthorised access; however we are not able to discuss specifics of procedure or electronic systems in place to maintain the integrity of those systems. One notable policy however is that we do not allow ANY unauthorised access to the datacentre office or equipment areas, and sub-contractor authorised access for performing maintenance work is escorted at all times by full-time staff. (We do not do tours of datacentre space, for this particular reason.)

Fire Protection

The Network

The network has been setup for maximum redundancy, scalability and performance.

The datacentre’s fibre installation plan incorporates multiple points of entry into the datacentre Facility as well as multiple internal fibre paths leading to geographically isolated secure core-switching ('carrier') rooms.

Your sites are hosted on servers that are connected to a switched backbone using 100Mbps Ethernet ensuring data transit as fast as your applications demand. Switches are uplinked at 1GBPS to core switching.

Network Security

The datacentre implements a firewall at the network edge to protect against any denial of services attacks or similar, and feed all inbound and outbound data into a traffic collector that identifies suspicious behaviour. This is primarily for the protection of the datacentre as a whole.

The datacentre uses Cisco Switches and routers on all edge of network and core switching, and configured with Cisco access control lists that adhere to best-practice recommendations by Cisco.

We have packet-level network-monitoring and firewalling for suspected attacks, based on network traffic signatures that are being constantly updated and maintained, e.g. DDOS, Syn flooding, port scanning, brute force cracking, etc.

Monitoring

We have both passive and active monitoring systems.

We have console-based applications that generate live reports for on-duty staff stationed at their workstations, (With about a 30 second resolution) (System has beeps and buzzers etc that set off audio and visual warnings on suspect events/warnings, and critical events) and emergency pagers / SMS alerting systems for active notification of emergency / critical events to grab the immediate attention of a human operator. This system is manned and monitored 24x7.

The Servers

We use specially sourced 2RU rack mounted server enclosures. These cases provide superior cooling with six extraction fans and more internal area for airflow than standard 1RU server cases. The cases also feature washable dust filters, lockable drive bay access, and excellent earthing for minimal electrical interference.

We use specifically chosen hardware that will support Intel and AMD processors. Great care is taken to make sure that the supporting components, for example mainboards, memory and storage devices, are 100% compatible, and support the operating systems and applications for which they are intended.

Chipsets, Transfer Rates, Error Correction, Compatibility and Performance are all factors when our in-house hardware selection team design a package. Every attempt is made to utilise the dynamic nature of the computer hardware industry by selecting only those components that will provide an economical and technically superior upgrade path for your server.

Backups

We perform nightly rotation, and weekly rotational backups, however we expect clients to retain their own backups in case of loss of data (Even though we do endeavour to have a backup available).

Restores

If it is a hardware failure, we always have hardware on hand, our staff are available 24x7 and respond as soon as we are physically able, i.e. straight away, and try and have a resolution within 2 to 4 hours, depending on the hardware, for example a power supply may only take 15 to 30 mins.

Accreditation

We are recognised by the Microsoft Service Providers Licensing Agreement (SPLA) as an SPLA datacentre, which has a minimum level of fire protection and network connectivity, staff technical accreditation and general capacity.

We are a Plesk recognised hosting Gold Partner, and house many web hosting servers running Plesk software.

We are an Ensim trained and Accredited Hosting provider, and house many Ensim based web hosting servers.

We are an AMD Certified Gold reseller, having undertaken technical training.