Hosting & Security Specifications

Provide an overview the hosting services and capabilities.

MAG10 LMS is hosted in a secure server environment that uses the latest software updates, firewalls and intrusion detection systems to prevent interference or access from outside intruders. The system utilizes some of the most advanced technology for Internet security available today. Both server authentication and data encryption are used to protect your information ensuring that your data is safe, secure, and available only to registered Users in your organization. Sessions are limited to a short period of inactivity and unusual activity is monitored through logs.

Standard features of the Hosting Services:

  • Level 1 NOC staff in the Data Center 24x7x365
  • Redundant Cisco 7000 Series routers configured for failover and load balancing via Hot Standby Routing Protocol
  • 24x7x365 monitoring
  • Real time network reports Self-healing scripts
  • Focused security configuration based on client requirements
  • 100% Data Center Network uptime since August 1999
  • 100% Electrical uptime since August 1999
  • 100% Network uptime SLA
  • Optional patching services for Microsoft and Linux Operating Systems
  • Dedicated support staff
  • High performance network, zero packet loss design
  • Secure DNS Services
  • Backup Services included as a standard feature on our managed servers

How is the hosting environment kept physically secure?

Facility Security:

  • Savvis LA1 Data Center
  • 24x7x365 Building Management / Alarm Monitoring System. Guards patrol the interior and exterior of the facility and have to an elaborate closed circuit camera system.
  • Continuous Video Surveillance via hundreds of cameras; camera footage recorded
  • Multiple Biometric hand scanners required for access and exit sensors
  • 2 stage, man-trap, security access; before actually being able to enter the Data Center
  • No public access
  • No signage on building
  • Security service is bonded
  • Janitorial service is bonded, insured and licensed
  • Bullet-resistant front door and walls in lobby, guard station, and shipping and receiving
  • Controlled keys and access to customer cabinets, cages, and vaults

Power:

  • Dual power grids
  • Primary and Redundant Un-interruptible Power Supplies (UPS’s)
  • Emergency back-up generators have enough on-site diesel fuel to power the facility in the event of an extended utility outage; local fuel companies are on contract to provide additional on-site fuel within two hours of generators starting
  • UPS batteries support data center load until automatic transfer to generator is completed; battery validation system continuously monitors and provides early detection of UPS battery conditions
  • Power is served to the Power Distribution Units (PDUs) via 2 separate independent UPS power sources; each PDU has it’s own Automatic Static Transfer Switch which can switch the power to the alternate source within 4 milliseconds
  • Each PDU Power Management Module has 168 – 20 amp power circuits; circuits are available up to 60 amp 3-phase

Fire Suppression:

  • Very Early Smoke Detection and Alarm system comprised of small white ‘air sampling tubes’ that draw air into chambers where lasers analyze the air for smoke content; system activates pre-alarms at the earliest sign of smoke
  • Double Interlock Dry-Pipe Pre-Action Fire Sprinklers are deployed through out the facility; sprinklers will not operate unless the fuse on the sprinkler head is melted – and then only that one sprinkler will activate.
  • Heat detectors and smoke detectors are located on the ceilings around the building
  • Clean-Gas hand-held fire extinguishers are throughout the building
  • Fire station located across the street from the data center

Air Conditioning:

  • Data Center temperature maintained at 74 degrees +/- 2 degrees
  • Air temperature entering the IDC averages 55 – 62% varying with load conditions
  • Thermostats are located around the building on the walls, posts and ceilings
  • Air conditioning is 100% ceiling fed; ring duct in ceiling allows diffusers (vents) to be added where needed to provide additional airflow; air conditioners run continuously w/redundant capacity
  • 25% of the air conditioning can be lost and adequate cooling still maintained
  • Provide any data sheets or specification documents related to your hosting environment. Note equipment, systems and back-up procedures that will ensure the security and integrity of our data.

Network and Internet Access:

The hosting utilizes the Savvis Tier 1 network. Savvis is a true Tier 1 provider and owns its own global backbone. Savvis is the second largest Tier 1 Internet provider in terms of customers and network bandwidth.

Network Highlights:

  • Tier 1 17,000 mile US fiber network
  • OC-192 backbone
  • 24 data centers in US, UK, Asia
  • Multiple redundant network paths
  • Telco fiber leading to street runs through junction boxes landing in NODE room; conduits leading to street land in MPOE; conduits connect MPOE and NODE room
  • All network operators certified Internet Systems Engineers (ISE)
  • 21,000 managed network end points
  • Power and data cables are run perpendicular from each other to minimize any electrical field interaction

HSRP (Hot Standby Router Protocol):

A Hot Standby Router Protocol (HSRP) has been chosen for the path from the Client equipment out to the Internet. Hot Standby Router Protocol is used to provide high availability of the default gateway for each network block directly connected to the routers. HSRP allows an IP address to failover to a secondary device almost instantaneously in the event of a failure by creating a "virtual" IP address and MAC address which will be migrated between routers automatically.

  • Servers are hosted on a fault tolerant network configuration. The routers are configured for high-availability so that traffic coming into or going out of the network will automatically and nearly instantaneously switch over to a redundant network path in the event of a failure.
  • Access is through two high speed Internet connections to Savvis, our Tier 1 network provider.
  • On the server side, there are two high performance Cisco 7000 series routers. Each router is connected to two different Foundry routers on the Savvis side. The Savvis side has multiple network paths out to the rest of the Internet.

Back Ups:

  • Backup services are provided onto our raid-10 terabyte network attached backup server.
  • The servers are backed up every 1 to 3 days via a pooling system during specific backup hours of 10 PM to 6 AM PST.
  • The initial backup is a full backup and then incremental backups are performed nightly. Backed up data is stored for 30 days.
  • Upon request, restores are recovered from the backup servers file system and then copied to a specified restore directory on a target server.

Access:

  • Each User is provided with a unique user name and password that must be entered each time a User logs on.
  • The Administration section has multiple layers of security controlling access to user set up, reporting and broadcast messaging capabilities.
  • Describe how you can provide a “total training solution.”