Virtualization

Our virtualization technology is based on KVM servers. Our technology facilitates complete separation of VM and the hypervisor operating system. This separation is much safer than container-based virtualization in which VAM and host share certain operating system elements. Most VPS offers on the market work with container-based virtualization that does not satisfy our security requirements.

Customer Isolation Module (CIM)

Our Customer Isolation Module has three main functions:

  • Secure VLANs: CIM facilitates safe sharing of VLANs between VMs.
  • Private VLANs: CIM allows each customer to own an individual network segment (hardware VLANs).
  • CIM firewall: CIM includes its own firewall that provides an additional level of security.

High-level segmentation

Each unit of our environment includes 12 hypervisor servers. Each unit is completely independent, has its own CISCO firewall, own storage access and own administration and backup logic. This high level of segmentation into completely independent units significantly improves security. 

Fourfold firewall protection

Our solution offers fourfold firewall protection. In each case this includes a firewall in the customer network, on the hypervisor and in the actual VMs. These firewalls can be supplemented by an additional firewall in our Datacenter network on request.

  • CISCO firewall in the data centre.
  • Hypervisor firewall: Use of the safety characteristics of the KVM server to ensure separation of the VM and the data.
  • CIM firewall: An additional firewall is integrated in the CIM module. This firewall offers additional protection.
  • VM firewall: This firewall is inside the actual VM.

Storage

We always select the best and fastest storage to achieve top access times.

Samsung flash memory is produced according to an innovative 3D-VNAND architecture in which 32 cell layers are stacked onto each other, which represents an alternative approach to reducing the cell length and width to fit the memory into increasingly smaller devices. The result is higher density and higher performance using less space and a breakthrough in overcoming the density limitation of the conventional NAND architecture.

Server

For your cloud server we always make use of the latest Dell Intel servers. The specifications for the servers in current use are as follows:

  • CPU: 16 C (2 x Intel Xeon E5-2450L with 8C, 20M Cache, 8.0 GT/s QPI, 70W, Turbo).
  • RAM: 96 GB RAM with 1600 MHz.
  • DISK: 2 x SSD with RAID 1 (for OS, customer data are saved in the storage unit).
  • NETWORK: 2 x 10 GbE.
Datacenter

Our data centre offers highest security in all matters. We use the Equinix ZH5, ZH4 und ZH1 for our IT infrastructure.

  • Secure power supply provided by two different, independent substations.
  • Medium voltage utility feed using inhouse transformers for low voltage supply.
  • Two independent power circuits supported by uninterruptible power supplies (USV/UPS).
  • Generator back-up with N+1 configuration.
  • Chilled water system for cooling: ammoniac and hybrid cooling in a future step.
  • Very early smoke detection.
  • Automated fire extinguishing system (Hi-FOG).
  • Hot/cold aisle cooling layout.
  • Physical and biometric access controls.
  • Central infrastructure monitoring system (CCTV/BMS); perimeter.
  • Fence around the whole building; 7x24x365 security.
  • 99.999% uptime.

Due to the use of internet connectivity between two data centres we have a fully redundant network-installation within the Equinix-campus.