Download Hosting Environment - ASAMCRITERIASOFTWARE

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
Document related concepts

Prognostics wikipedia , lookup

Intelligent maintenance system wikipedia , lookup

Fault tolerance wikipedia , lookup

Transcript 
Available Hosting Services for clients of The ASAM Criteria Software
Version Control
Date
8/19/2013
Version
1.0
Author(s)
Gordon
Campbell
Brief Description of Change
Initial draft
FEi Systems | 7175 Columbia Gateway Drive | Suite A | Columbia, Maryland 21046
tel: (443) 270-5100 fax: (410) 715-6538 | www.FEIsystems.com
Page 2
Intent of Document
This document describes the services which will be provided for those clients who opt to use FEi Systems to host data
related to The ASAM Criteria Software.
Hosting Environment
FEi uses Equinix Internet Business Exchange (IBX) centers located in Ashburn, Virginia and Omaha, Nebraska. Equinix
provides ‘network-neutral data centers’ serving as core hubs for critical IP networks and Internet operations. The stateof-the-art facility boasts industry-leading security, operating environment controls, and power resources and
management. This multisite hosting approach decreases the potential for environmental outages. The colocation vendor
used by FEi has a global uptime average of 99.9999%, with over 7 million square feet of datacenter space, across 13
countries in 5 continents.
The hosting facility uses biometrics to control access to the facility and the cages. The biometric devices are hand
geometry readers manufactured by Recognition Systems. The hand readers and required pass code restrict movements
between the following areas: welcome area to the “man trap”; “man trap” to the main center; main center to the server
area; and server area to the cages.
Server Configuration
Figure 4.1 presents the application topography we employ to ensure data security.
Figure 4.1






The only IP address permitted
to connect to the database
server is the app server.
No servers are placed in the
DMZ – instead the HTTPS
specific port is opened on the
external firewall.
Secured (HTTPS) access to the
website.
2 levels of firewall protection.
Backup and Recovery Plans.
Offsite data storage.
FEi Systems | 7175 Columbia Gateway Drive | Suite A | Columbia, Maryland 21046
tel: (443) 270-5100 fax: (410) 715-6538 | www.FEIsystems.com
Page 3
Facility Attributes
Environmental Factor
i.
Fire suppression
Facility Attributes
o Protected with a dual-alarmed, dual interlock
multi-zoned, dry pipe, water-based fire
suppression systems armed with sensory
mechanisms (HSSD) to sample the air and give
alarms prior to pressurization.
o System trip protected by multiple cross-linked
events, including ceiling mounted smoke-heads
and smoke ‘sniffers’ and required sprinkler-head
trip in order for dry-pipe system to activate.
o Fire suppression is localized at the event-point,
only.
ii. Flood control
o Facility is located above sea level.
o No basement.
o Dedicated pump rooms.
o Drainage / evacuation systems.
o Tightly sealed conduits.
o Moisture barriers on exterior walls.
o Moisture detection sensors
iii. Earthquake
o Structural systems meet or exceed seismic
design requirements of local building codes.
o Equipment and nonstructural components,
including cabinets, are anchored and braced in
accordance with the requirements of the 1997
Uniform Building Code.
Server and Connection Monitoring
The server and connection is continuously monitored 24 hours a day, 7 days a week. Technical support and problem
resolution will be handled through a multi-tiered notification arrangement. The following procedures cover all failure
FEi Systems | 7175 Columbia Gateway Drive | Suite A | Columbia, Maryland 21046
tel: (443) 270-5100 fax: (410) 715-6538 | www.FEIsystems.com
Page 4
types, e.g., electrical power, network connectivity, Firewall issues, VPN connectivity, environmental issues, or
hardware/software issues.
Level One – Microsoft System Center Operations Manager will be used to issue ‘managed automated alerts’ to
FEi support personnel.
Level Two – The automated system will use a ‘hunt sequence’ of notification to elicit a positive confirmation of
receipt response.
Level Three – Technical support will be dispatched to address error condition:
1st Action – Diagnosis of problem area and domain area classification. Create automated trouble report
for tracking, resolution, and documentation purposes.
2nd Action – Correct problem condition (or) assign to Domain expert for resolution. If required, FEi
technical staff may notify other appropriate personnel for support, e.g., hardware failure and required
parts replacement. Escalate, as necessary, to ensure prompt resolution of problem.
3rd Action – Problem resolved; trouble report documented within automated tracking system; email
alert to appropriate State and FEi personnel.
Redundancies
The hosting facility’s fully redundant and uninterruptible electrical system is designed to provide continuous service.
The configuration and back-up are as follows:
 Overall system is N+1 redundant.
 AC and DC raceways with 2N distribution.
 AC power deliver via distributed redundant UPS systems.
 Batteries with at least 7 minutes full load operation (diesel engine generators take roughly 8 seconds to
synchronize and assume load).
 48 hours’ worth of generator fuel with contracts with multiple fuel providers.
 Isolation K factor transformers used for 480 volt UPS to 208/120 volt.
FEi provides redundant storage through the use of Redundant Array of Independent Disks (RAID). Full data is written in
real time to multiple disks in the array. This prevents the loss of data in the event that a disk becomes inoperable.
Furthermore, our RAID configuration allows continued use of the system throughout a disk failure, service, or
replacement. When the out of service disk resumes operation, data mirroring across the array is regained by writing
from the disk that remained in service.
Firewall
The network’s firewall is provided by a Juniper Networks SRX 240. This device protects against worms, viruses, Trojans,
spam, and emerging malware at a firewall performance level of 400 Mbps. Additional firewall features include:
 Network attack detection.
 DoS and DDoS protection.
 TCP reassembly for fragmented packet protection.
 Brute force attack mitigation.
 SYN cookie protection.
 Zone-base IP spoffing.
 Malformed packet protection.
 Protocol anomaly protection.
 IPS/DI attack pattern obfuscation.
 Anti-keylogger.
FEi Systems | 7175 Columbia Gateway Drive | Suite A | Columbia, Maryland 21046
tel: (443) 270-5100 fax: (410) 715-6538 | www.FEIsystems.com
Page 5
Emergency Management/Business Continuity
In this section, we will provide details on how FEi responds to three types of system failures as examples of our effective
approach to emergency management. FEi’s emergency management plans are based on the method presented in
Section 4.1.7. These plans are designed to re-establish connectivity and application availability in less than 24 hours.
One of the keys to our ability to quickly resolve such problems is rapid identification of the failure and assignment to the
appropriate FEi specialist.
Physical security
Physical entries to the development datacenter is controlled and monitored through electronic means, allowing only IT
access. The production (hosting) data center is SAS-70 audit compliant, ensures DOD-class physical security including;
biometric scanning, government picture ID required for access, guard patrolling, redundant electronic activity
monitoring with power and cooling substructure that exceeds N+1 system standards.
Backups
FEi provides back-up and recovery services using Microsoft Data Protection Manager, a fully-automated and managed
service that includes data encryption. Backups are tapeless, disk to disk and multi layered. Complete snapshots of the
virtualized servers are completed every two hours using Microsoft data protection manager. Next is real-time, blocklevel replication of the production SAN in Ashburn, VA to the development SAN in Columbia, MD, completed over a 1GB
pure fiber connection. Finally the individual production databases are off-line copied to disk every twenty-four hours.
These systems are monitored by three teams – FEI customer support, database administrators and by IT personnel at
the network operations center (NOC) in Columbia, MD. Failure at any of these recovery points, initiates an alert message
for immediate attention by the support teams.
Back-ups can be kept for up to seven years according to client and/or regulatory requirements.
Disaster Recovery
FEi has a comprehensive Disaster Recovery Plan in the event that a failure occurs despite the many redundancies built
into the hosting environment. Datacenters are tested manually for three scenario types by the IT department on a
monthly basis. This testing is executed using backups from live customer production sites, spanning the application and
database systems. Details on FEi’s Disaster Recovery Plan can be provided upon request.
Assumptions


These services do not take into account any data feeds or data exchanges with third party systems. If that is
needed, it will be considered an enhancement and subject to additional costs.
Alaska currently writes their own SSRS reports and this proposal assumes that this would continue to be the
case. Alaska would be provided with access to their production data in such a manner that reporting would not
be negatively affected.
Stakeholders
Role
ASAM Criteria Software Product Manager
ASAM Criteria Software Technical Support
Name
Gordon Campbell
Tony Calice
FEi Systems | 7175 Columbia Gateway Drive | Suite A | Columbia, Maryland 21046
tel: (443) 270-5100 fax: (410) 715-6538 | www.FEIsystems.com
Related documents
Marketing Manager
Marketing Manager
CMSC 426: Image Processing (Computer Vision)
CMSC 426: Image Processing (Computer Vision)
PHS 398 (Rev. 9/04), Biographical Sketch
PHS 398 (Rev. 9/04), Biographical Sketch
PowerPoint Presentation - The City College of New York
PowerPoint Presentation - The City College of New York
Congressional Charter
Congressional Charter
Electrical Drives and Power Electronics - EDPE 2013
Electrical Drives and Power Electronics - EDPE 2013
Chapter 6 Bluetooth digitizes an image and transmits the
Chapter 6 Bluetooth digitizes an image and transmits the
Transversals_and_Triangle_sum_proof
Transversals_and_Triangle_sum_proof
Acta Electrotechnica et Informatica Vol
Acta Electrotechnica et Informatica Vol
Synopsium Abstract
Synopsium Abstract
Lower Columbia River ANS Survey
Lower Columbia River ANS Survey
This incredible act of generosity - University of Rochester Medical
This incredible act of generosity - University of Rochester Medical
Here - CCPN Global
Here - CCPN Global