When making such a big decision, such as who to chose as your IT provider. At Sagari we feel it is important to be transparent from the start, by arming you will all the details so you can feel confident when making your decision.
Our ‘Products and Services Overview’ was created to provide you with all the necessary information about our products and services, detailing what you will receive with each of our main services and how much they will cost.
We try to answer a lot of the common questions surrounding security, resilience, support, backup and service delivery to name and few.
Our Sagari team have all played a part in building this blog entry and adding information where they feel it adds value.
It has also been created as a reference blog entry you can keep coming back to quickly to answer important question about security, resillience, servce delivery etc..
Terminology
It is important we provide all the relevant definitions and terminology so you understand all the terms listed throughout this document. Please see below for the term and the definition below:
VMware – VMware is a provider of virtualization software.
Hosted Services – Services that house, serve, and maintain files. Servers are either owned and managed by the client or by the vendor, and are either dedicated or shared.
Virtualisation – in computing, is the creation of a virtual (rather than actual) version of something, such as a hardware platform, operating system, a storage device or network resources
Datacentre – is a facility used to house computer systems and associated components, such as telecommunications and storage systems. It generally includes redundant or backup power supplies, redundant data communications connections, environmental controls (e.g., air conditioning, fire suppression) and security devices.
Network (computer network) – often simply referred to as a network, is a collection of computers and devices interconnected by communications channels that facilitate communications and allows sharing of resources and information among interconnected devices
Internet Exchanges – is a physical infrastructure through which Internet service providers (ISPs) exchange Internet traffic between their networks
ISO27001 - formally specifies a management system that is intended to bring information security under explicit management control. Being a formal specification means that it mandates specific requirements. Organizations that claim to have adopted ISO/IEC 27001 can therefore be formally audited and certified compliant with the standard.
Network Operations Centre – NOCs are responsible for monitoring the network/services provided for alarms or certain conditions that may require special attention to avoid impact on the network’s performance or services provided.
Server Farm – A server farm or server cluster is a collection of computer servers usually maintained by an enterprise to accomplish server needs far beyond the capability of one machine
Private Cloud - Or Virtual Private Cloud (VPC) is a private cloud existing within a shared or public cloud (i.e. the Intercloud).
PCI DSS Compliance – The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organisations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards
Disaster Recovery – Disaster recovery is the process, policies and procedures related to preparing for recovery or continuation of technology infrastructure critical to an organization after a natural or human-induced disaster
Blowfish Encryption – Blowfish is a keyed, symmetric block cipher, designed in 1993 by Bruce Schneier and included in a large number of cipher suites and encryption products. Blowfish provides a good encryption rate in software and no effective cryptanalysis of it has been found to date.
Continuous Data Protection (CDP) – also called continuous backup or real-time backup, refers to backup of computer data by automatically saving a copy of every change made to that data, essentially capturing every version of the data that the user saves. It allows the user or administrator to restore data to any point in time
Snapshot – (computer storage), a set of computer files and directories kept in storage as they were some time in the past
Asymmetric Digital Subscriber Line – (ADSL) is one form of the Digital Subscriber Line technology, a data communications technology that enables faster data transmission over copper telephone lines than a conventional voiceband modem can provide
Symmetric Digital Subscriber Line – (SDSL) In the wider sense it is a collection of Internet access technologies based on DSL that offer symmetric bandwidth upstream and downstream
MPLS - Multiprotocol Label Switching (MPLS) is a mechanism in high-performance telecommunications networks which directs and carries data from one network node to the next with the help of labels
Sagari Hosted Platform
We utilise 3 highly secure datacentres based in the UK to provide all of our hosted service. They have 1GB fibre connections to each datacentre for resilience. Here is some of the main reason we chose our datacentres:
- The network has been independently rated by SpeedTest.net as the fastest network in the UK, and third fastest network in the World.
- Connectivity is excellent with dual entry diverse fibre routes encompassing Telecity Williams House and Reynolds House data centres in Manchester as well as numerous others in the North
- Direct links into Telehouse North and Harbour Exchange, which are Londons more prestigious Tier 4 internet exchanges.
- The network our datacentre utilise has the coveted ISO27001 accreditation which is the highest security standard as well as a 24/7 manned NOC (Network Operations Centre)
Security
We want to make sure we provide the highest level of security, when managing your critical data and applications. We have taken every step to ensure you feel confident when choosing Sagari as an IT Provider.
Here is some of the main security measure we put in place:
- Sagari’s servers farms (VMware) are all separated away from any other company, installed in their own rack with key access.
- Sagari only provide ‘private clouds’. This means you are not sharing resources (applications, processing power, memory) with any other company, but more importantly it means we know exactly where your data is. Most companies do not like the idea of having their data somewhere they don’t know how to retrieve it physically. Your data will be stored securely within our Datacentre which can be accessed 24/7 365
- All data is encrypted (448 blowfish) and can only be accessed if you know the self generated password
- We run PCI DSS compliance checks on all of our infrastructure on a monthly basis to ensure it passes all tests
- Unique password for every user for access to our hosted solution
- Sagari can provide key fobs with a 30 character number which changes ever 30 seconds for an added level of security for accessing our hosted desktop solutions
Disaster Recovery
Ensuring all of our cloud services run seamlessly for our customer’s means we have to deliver a resilient solution.
All of the services we provide are built on our VMfarm which are a cluster of servers all interconnected. Our engineers have built the sever farms using best practice methodology so every aspect from hardware to routing has fail-over (resilience) built in at every level and no noticeable downtime to our customers.
At Sagari we work very closely with our partners to ensure we are building out platform to the highest standards. Microsoft, VMware and Cisco all dial in to our systems and make recommendations that will improve our resilience further
We implement fail-over for all of our core routers and switches. If for any reason a core router crashes or fails, all routing will be passed to the secondary router
Sagari NOC
Our Network Operations Centre (NOC) is where all support of our services is delivered centrally.
The NOC is responsible for monitoring the network for alarms or certain conditions that may require special attention to avoid impact on your network’s performance. This includes monitoring for power failures, communication line alarms (such as bit errors, framing errors, line coding errors, and circuits down) and other performance issues that may affect your network. If necessary our NOC escalates problems to the appropriate personnel.
It is the role of the NOC to ensure seamless and timely delivery of services and also to escalate issues in a hierarchic manner.
Data Backup
Traditional backup solutions meant you would schedule a backup at the end of the day. We use a new technique to backup using a system called continuous data protection (CDP). What this means is as soon as you make a change to a file such as a document or spreadsheet. It is backed up automatically as you change it.
This allows our customers to restore from earlier that day, rather than only being able to restore from the backup the day before.
Server Snapshots
Everything related to your server (applications, accounts, profiles etc) is backed up differently. We take a snapshot of your system which is literally a snapshot of how the system is at that point in time, and we push this to the 2 other data centres VMfarms. This happens all the time and is more of a focus on resilience, so if in the event the primary server fails. All customers can be pushed to the next high availability datacentre.
We complete a snapshot of the server farms every hour so we can always restore our servers with minimum changes
Please keep an eye on this blog for the next part, discussing more about security, resillience and service delivery.