|
Online Backup for Servers, PCs
and Laptops
|
|
Welcome to SME Backup Partner technical
information.
This page is designed to offer some further insight and
detail on the overall technical details of the SME Backup
operation for our partners and IT Support staff within
our clients companies.
The Data Centre
Our servers are located in a state of the art data
Tier 1 Data Centre meeting the most demanding of standards
on physical and data security as well as resilience
and business continuity.
The Centre is physically secure, environmentally
controlled and proactively monitored 24x7x365. Utilising
the best infrastructure it also gives access to high
speed, high capacity, resilient Internet network connections.
The Data Centre is accredited to the highest levels.
It's been passed by Government to handle data officially
classified as 'confidential' and it recently became
the only facility of its kind in the region to gain
ISO 17799/2 - the international quality mark for security
management.
CONTROLLED ENVIRONMENT
The Data Centre is monitored and optimised to ensure the
best possible environment.
The overall air conditioning is provided by a number of
40KW air handling units. These up-flow units supply conditioned
air into the rooms via vented ceilings. The return air
is drawn from the room by these units at floor level.
Each zone in each room is serviced by an N+1 configuration
of these units.
The three halls have been designed in the same way to
cater for heat loads of 650W/m2 maintaining environmental
conditions of 22°C ± 2°C with a relative
humidity of 50% ± 10%.
There is a high sensitivity aspiriting smoke detection
system, meeting '2 metre wire burn' standards, installed
throughout the computing areas.
The whole site is equipped with FFGD (Fire, Flood &
Gas Detection) monitoring and alarm equipment.
So even when the heat is on, SME Backup has everything
under control.
POWER AND BACKUP
The Data Centre has two of its own 6.6KV substations
with a feed taken directly from the Northern Ireland Electricity
grid.
Power to the Data Centre is distributed via a 1000KVA
transformer for which a spare is available. Back-up
power is provided by an auto-start standby diesel
generator with a capacity of 686KVA serviced by an
N+1 configuration of these units. An Uninterruptable
Power Supply (UPS), rated at 225KVA with a 15 minute
battery reserve, provides the essential power during
the period between the mains failing and the generators
starting-up. These are tested regularly.
NETWORK INFRASTRUCTURE
Our LANs have one point of connection to the
BT backbone and one connecting to Verizon Business
to ensure as high a level of resilience. The core
network is wholly dedicated to Internet traffic so
it delivers the speed and capacity you need for your
business-critical Internet operations such as SME
Remote Backup services. You benefit from a high performance,
dependable and resilient network, with high availability
and shortest distance routing. We can easily and economically
meet your network demands, even at peak times.
The Data centre has dramatically expanded its IP backbone
network from 14 to 104 points of presence (PoPs), using
its high-speed, high-capacity multi-service (MSP) broadband
platform. This gives us the greatest number of access points
of any UK IP network, opening the way to significantly
faster and more efficient on-line communications.
This new service will consist of 14 gigabit routers at
seven "super node" sites across the UK. These
routers, connected by high capacity WDM optical fibre links,
will support initial transmission speeds of up to 2.4gigabits,
with scope to increase to 40 gigabits within two years.
The Data Centre interconnects with over 70 UK and Global
ISP's at the London Internet Exchange (LINX) at London's
Telehouse, as well as operating its own multi-megabit connections
to the US (1Gbit/s) and Europe (100Mbit/s) to offer further
resilience and performance.
The Data Centre, in ventures with other leading suppliers,
deploys the world's largest global Internet infrastructure.
Concert, their global venture with AT&T, serves
the communications needs of multinational customers,
international carriers and ISPs worldwide.
They are currently investing over £7bn in a new
Internet backbone which will ultimately be 60 times faster
and capable of growing to 300 times the capacity of today's
network and can continue to grow in capacity in line with
new technical developments.
So with SME Backup as your backup partner you'll
be well connected, any time, any place.
PHYSICAL SECURITY
The extensive experience in designing, building and operating
such facilities means our partners are well-placed to provide
both the systems and the staff to keep everything running
smoothly. The Data Centre offers top-level, 24x7 physical
security, ensuring that our premises, power, hardware and
software are protected from malicious and accidental risk
at all times. The result: confident customers with one
less thing to worry about.
Staff: A 24x7 manned presence controls access. Trained
professionals accompany authorised visitors on site.
CCTV: There is comprehensive fully-alarmed 24x7 CCTV surveillance
linked in to on-site monitoring stations plus a Building
Management System (BMS).
Access: Entry to the Data Centre itself is controlled
using proximity card identification, PIN-enabled door access
and Iris Scan Recognition.
FIREWALLS
We deploy Cisco PIX Security Appliances for our network
security, this delivers robust user and application policy
enforcement, multivector attack protection, and secure
connectivity services. These purpose-built appliances provide
multiple integrated security and networking services, including:
• Advanced application-aware firewall services
• Award-winning resiliency
• Intelligent networking services
• Flexible management solutions
So if you want to us to keep your data , there's one less
thing for you to worry about.
NETWORK SECURITY
Hackers can obtain sensitive or proprietary information
about your company or your customers straight from
your Intranet. Intruders can commit electronic vandalism.
The risks to an inadequately protected website or
server data include chaos, disruption, embarrassment,
huge financial loss and worse.
To combat this growing problem, along with our partners,
we have considerable experience developing and implementing
network security. We use advanced application layer
and stateful inspection firewalling to control unwanted
network and malicious user access, with a very high
specification and optimised firewall hardware and
software. The firewalled domains consist of a resilient
architecture (i.e. dual firewalls with ruleset, IP
state connections balancing and full fail over - the
fail over time, should one firewall become unusable
as a result of operating system or hardware fault,
is of the order of a few milliseconds). This design
produces a firewalled platform, which is highly resilient,
with a very high availability, and resistant, although
not impervious, to denial of service type of attacks.
Our partners have the largest number of corporate firewalls
in Europe, with a dedicated Command Centre to manage them.
Hadrian, as it is known, connects to over 100 external
networks with over 50 firewalls. It is the largest, most
complex firewall installation of its kind in Europe, offering
secure solutions to Internet and Intranet interconnectivity.
The firewall administration team is supported via a CERT
(Computer Emergency Response Team) which provides early
sight of recent attacks and preparation for specific hacker
activity.
SME Backup System
Secure 128-bit SSL communication
All communications between SME Backup Server and
your computer are transported in a 128-bit SSL (Secure
Socket Layer) channel. Although all your backup files
travel through a public network (internet), eavesdroppers
have no knowledge of what has been exchanged.
If you use our approved ISP's then we can divert
the traffic directly from your ISP's connection point
to our servers. Traffic in this case never goes transient
(actually enters the internet) offering added security
- ISP services from £23.99 per month inc. fixed
IP address.
Backup data are securely encrypted
All of your files are first zipped and encrypted
with your defined encrypting key before they are sent
to the SME Backup servers. To anyone but you, your
files stored on the SME Backup server are no
more than some garbage files with random content.
We don’t keep your encryption key
The encryption key used to encrypt your files resides
only on your computer and is known only to you. It
is never transmitted anywhere across the network.
If this key is lost, backup files can never be recovered.
Therefore, although we have access to all files, in
their encrypted form, you stored on our backup server,
we have no knowledge of the content of the files.
Reminder : Please make
sure you write down your encryption key and keep a
record of it in a safe place where it will never be
forgotten. Otherwise, you will never
be able to recover your backed up files.
Best encryption algorithm is used
Currently, the algorithm that we are using to encrypt
your files is 128-bit Twofish. It is a block cipher
designed by Counterpane Labs. It was also one of the
five Advanced Encryption Standard (AES) in a lists
chosen by the National Institute of Standard and Technology
(NIST). It is subject to frequent public reviews but
no known successful attack against this algorithm
has been reported.
Requires 8.77 x 1017 years to crack the 128-bit
encryption
A 128-bit key size has 2128 or around 3.4 x 1038
possible combinations. Even if you have the world's
best super computer, ASCI White, SP Power3 375 MHz
manufactured by IBM as of November 2000, it would
take 8.77 x 1017years to test all combinations. Assuming
your have the super computer, which has 8192 processors
totaling a capability of 12.3 teraflops (trillions
of operations/second), available to you. Also it just
needs one computer operation to test a possible combination
(which is already faster than what it can do). To
use brute force attack (checking all combinations)
on this encryption algorithm. It would take:
3.4 x 1038
-------------- seconds ~ 2.76 x 1025sec
12.3 x 1012
i.e. 876530835323573935 years or 8.77 x 1017 years
to successfully try all combinations.
ASCI White cannot process as fast as is described
above, therefore, you can be sure that your data stored
on our servers is secure.
Restrict access to data by IP addresses
You can also restrict access to your backup files
to a set of IP addresses you define. If someone tries
to access your data from an IP address not on your
defined list, their access will be denied. This additional
security ensures backup files are not open to all
location, even if username and password are known.
|
