ASP network security comprises a combination of address filtering routers, multiple redundant firewalls and intrusion recognition devices to provide the highest protection level possible for our customers' information resources.
Firewalls maintain Stateful* filtering with external sessions for verifying each user and respective access privileges, as defined in a security database. These firewalls also "hide" the ASP internal address structure via address translation techniques, thereby limiting publication to only specific external addresses and ports, requiring clients to establish a connection.
| Windows 2000-based, back-end servers employ security programs such as STAT, coupled with defined permissions and access methods to prevent shared users from: |
| |
 |
- Seeing programs other than those specifically designated
- Running programs, including downloaded applications, other than those specifically designated
- Seeing share points other than the one specifically designated
- Accessing any data other than their own
|
DataComms operates in state-of-the-art data centers operated by trained IT professionals, allowing us to deliver the reliability and high performance upon which our customers depend. |
- Conditioned power
- Uninterruptible power supply with bypass switches
- Redundant backup generators with unlimited fuel capacity
- Redundant step-down transformers
- Separator circuits to hospital-grade power bars
- Raised flooring for entire computer facility
|
- Zoned air chiller floor and ceiling feed system
- Humidity and air cleaning controls
- Two-hour external fire-rated walls
- Security card access and twenty-four-hour security team
- Fire detection and suppression systems
- Water, smoke, heat and gas detection alarm systems with integration into building support
|
- Hot-swappable PCI and Memory
- Dual or Quad IntelT processors per server
- 1 to 4 GB of memory
- Gigabit Ethernet connectivity
- Dual path to mass storage with fail-over
- Dual path access to network via redundant switches
- RAID level one for operating system
|
- 24-hour access control to building
- Restricted access to physical equipment
- Video monitoring of equipment via 24-hour manned Network Operation Center
- Windows 2000 security authentication and authorization
- Security log monitoring
- Security detection via redundant, load balanced firewalls
- Dual intrusion detection monitoring device
- Data encryption capability (TBA)
- Backup media encryption and security control
- User assigned data access capability
|
- Staging area for all new software and migrated customer data
- Fully monitored production environment
- Business Continuity and Disaster plans
- Periodic testing of backup and recovery
|
- Gigabit Ethernet LAN backbone, 10/100 Ethernet and ATM support
- Fibre channel switched fabric for clustered Windows NT Servers
- Load-balanced redundant Citrix MetaFrameT and Web servers
- Redundant fail-over Cisco router and switch network system
- Attached mass storage
- Attached tape backup
- 11-second access time to any tape media
- Near-online storage capability
- Full tape backup schedule; including daily incremental, full weekly/monthly
- Tapes stored off-site in secure facility
|
*Stateful filtering is a secure method of analyzing data packets that places extensive, associated inform action in a table; to establish a session, information about the connection must match information stored in the table.
- Packet filtering routers authenticate source addresses and IP
ports against an ACL or Access Control List
- Intrusion-monitoring devices proactively detect, isolate and identify internal or external attacks and provide countermeasures to defeat them. The devices also communicate with firewalls, border and internal routers and security databases to verify requests and, if necessary, deny access to our networks
- VPN keys remote router/firewall or clients with a 2-way, 3DES/IPSec encryption algorithm that allows only two sites to exchange data directly
- Routine security includes audits and intrusion test
[-Back To The Top-] |
