Our infrastructure is designed for maximum security and maximum performance.
Our virtualisation technology is based on KVM servers. Our technology facilitates complete separation of VM and the hypervisor operating system. This separation is much safer than container based virtualisation in which VAM and host share certain operating system elements. Most VPS offers on the market work with container-based virtualisation that does not satisfy our security requirements.
Our Customer Isolation Module (CIM) has three main functions:
- Secure VLAN: CIM facilitates safe sharing of VLANs between VMs
- Private VLANs: CIM allows each customer to own an individual network segment (hardware VLAN)
- CIM firewall: CIM includes its own firewall that provides an additional level of security
High level segmentation
Each unit of our environment includes 12 hypervisor servers. This SecureRack vDatacenter unit is completely independent, has its own CISCO firewall, own storage access and own administration and backup logic. This high level of segmentation into completely independent units significantly improves security.
Fourfold firewall protection
- Our solution offers fourfold firewall protection. In each case this includes a firewall in the customer network, on the hypervisor and in the actual VMs. These firewalls can be supplemented by an additional firewall in our Datacenter network on request
- CISCO firewall in the Datacenter
- Hypervisor firewall: Use of the safety characteristics of the KVM server to ensure separation of the VM and the data
- CIM firewall: An additional firewall is integrated in the CIM module. This firewall offers additional protection
- VM firewall: This firewall is inside the actual VM
We always make use of the latest Dell Intel servers. The specifications for the servers in current use are as follows:
- CPU – 16 C (2x Intel Xeon E5-2450L with 8C, 20M Cache, 8.0 GT/s QPI, 70W, Turbo)
- RAM – 96 GB RAM with 1600 MHz
- DISK – 2x SSD with RAID 1 (for OS, customer data are saved in the storage unit)
- NETWORK – 2x 10 GbE
A variety of server templates is available to you. You can use them to configure a server with the desired properties within minutes.
We not only offer a selection of operating systems such as Linux or Windows, but also have various prepared server templates with commonly used applications. This allows you to provide a completely pre-configured server with the applications required.
- The datacentres offer maximum security in any regard. We use the Equinix ZH5, ZH4 and ZH1 datacentres for our IT infrastructure.
- Energy supply security is provided by using two independent power substations
- Medium voltage supply via separate transformers
- Two independent power circuits supported by an uninterruptible power supply (UPS)
- Generator backup with N+1 configuration
- Water-cooled system with an additional ammonia and hybrid cooling step
- Sensitive early-warning system for fires and automated fire-extinguishing system (Hi-FOG)
- Physical and biometric access control
- Central infrastructure monitoring (CCTV/BMS), 7 x 24 x 365 security service
- Certifications: PCI-DSS (FINMA directives), ISO9001/27001, FACT (Federation against
- Copyright Theft)
- Datacenter uptime: 99.999 (High Availability (HA) acc. to Harvard Research Group (HRG))