What is HaloPoint Secure Hosting? HaloPoint Secure Hosting Service provides clients with a 100% managed secure hosting environment built around the "defense in depth" security approach. What is Managed Secure Hosting? It is simple - we own 100% of the IT infrastructure. We work with clients to understand their server and application needs and then provide them server, data storage, backup, ongoing management and "proactive security services". We say secure hosting because our physical, network and IT infrastructure was built around layers of security. Data Protection is at the heart of our services. That is why every server on our network is constantly monitored for security breaches and vulnerabilities. In addition, clients receive a monthly deep penetration test and follow-up report on every hosted server. What we are and are not! Most hosting providers are nothing more than proprietors of rack space. Their approach is to provide a secure operation center, rack space and bandwidth. In their environment, the client is usually responsible for infrastructure maintenance, security and application management services. Indeed, they might offer clients on call 24 x 7 management services for a fee. However, their background is built around operation center management not infrastructure, operating system and application management and certainly not around security services. HaloPoint is the complete opposite of the normal hosting environments. asiGuardian built out our operation center around security and infrastructure management. Our parent company is a systems integrator with a long background in infrastructure, application management and security services. asiGuardian maintains 100% of all the technical support on every piece of network, server and storage infrastructure. (for additional information see "How we Maintain HaloPoint") The HP Relationship Our parent company Accent Systems provides us with a strong infrastructure and services relationship with HP. asiGuardian only uses HP Enterprise Servers and Storage infrastructure. Our Storage-On-Demand service runs on a completely redundant fibre Enterprise SAN from HP. Moreover, HP Services, Accent Systems and asiGuardian HP ASE (HP Accredited Systems Engineers) maintain the entire site. All servers run Hewlett Packard's Insight Manager software that provides proactive hardware failure notification and monitoring services. Our Physical Security Imagine a hardened bunkered data center, located 120 feet below the ground with fully redundant power grids, diversified data paths utilizing ground and high speed microwave pathways, custom built Caterpillar Olympian emergency power diesel generators... all protected by outdoor and indoor video surveillance systems and four security entry points controlled by state of the art GE Interlogix access control and monitoring systems. It's not a dream. its reality. Admission is limited to authorized personnel only, and only then with appropriate key card access. In addition, onsite personnel and video surveillance 24 hours a day, seven days a week guard each facility. Data is stored in a private, locked, caged vault space featuring: An environmentally controlled setting that includes air conditioning and power conditioning systems Humidity and water detection systems Location is fully supported by redundant Internet access and an auxiliary power generator, capable of maintaining independent operations for at least 40 hours in the event of a power disruption. Dedicated Support Personnel Of course, no data protection and recovery system is completely secure without the expertise and assistance of dedicated support personnel. Our multi-level Customer Support team is regularly trained to evaluate and assess our rigorous security network. In addition, every asiGuardian employee is carefully screened, monitored and tested for ongoing commitment to our strict information privacy procedures. From the initial Account Executive who helps design your program to the IT Support Team assigned to ensure your business continuity, every asiGuardian employee is focused on a single goal "Keeping your data. Online, All the Time". Network Security asiGuardian's security infrastructure is built on a "defense in depth" approach. We have implemented a layered approach to our security infrastructure that includes redundant routers, intrusion detection/prevention devices, multiple high availability firewalls from different manufacturers, virus gateways, and vulnerability scanning/monitoring tools. Intrusion Detection/Prevention The asiGuardian intrusion detection and prevention (NetScreen-IDP) system effectively identifies and stops attacks on our network, minimizing the time and costs associated with intrusions. It compliments our firewall solution, providing the next layer of security by looking deep into the network traffic to accurately identify intrusions and stopping the attacks from ever reaching their destination. More importantly, it can operate in-line, so it can drop malicious traffic during the intrusion detection process, completely eliminating the impact of an attack. asiGuardian not only has implemented IDS/P equipment on the perimeter of the network to monitor traffic entering and exiting the data center, we have also implemented IDS/P equipment on the internal network to ensure that a rouge server setting within the data center is not able to launch attacks against other hosted servers. State of the Art Firewalls asiGuardian uses state of the art firewalls to manage traffic as outlines by our strict security policies. We have selected the best of breed firewall equipment that is configured in high availability mode and constantly monitored for updates and vulnerabilities. Certain segments of the internal network are also protected by firewalls from a different set of manufacturers to further deepen our security defenses. Customers who will have a minimum number of firewall changes during the contract period can have the asiGuardian security team manage the changes to the firewall as part of their contract. Customers who require the ability to make constant changes to their firewall configuration can choose the option of managing their own firewall settings. Through the use of "virtual firewall", customers can use the same high performance, highly redundant firewalls protecting the data center, but only have access to control their own configurations without the risk of compromising other customer's configurations. Vulnerability Scanning and Monitoring An attacker need only detect one weakness to breach a network and take control; in other words, every potential security weakness must be identified - and secured - in order to protect your company's digital assets. That is why no matter what level of HaloPoint secure hosting you choose, we will scan your equipment once per month to identify potential vulnerabilities at a minimum. If vulnerabilities are detected, the customer receives notification of its severity and steps are taken to remedy the problem before outside hackers can exploit it. Reporting & Additional Security Offerings Monthly reports are generated to show the security status of your hosted equipment. Customers can also choose to have more frequent or detailed assessments on their equipment to meet their security. These are just a few of the steps we have taken to ensure that your HaloPoint Secure Hosted equipment is placed in the most secure data environment possible.