| | | | | | | | | | | | Overview
We recognize that network security cannot be handled at a single point. We have integrated security
at every point of our network. First, we provide redundant firewalls. Then these firewalls attach to
physically-isolated networks. Each of these networks is fully comprised of managed switches. Finally, unique
ports of these managed switches go to each server. The result is that servers are separated from servers and
each network is firewalled from the other networks. Thus, a compromised Virtual-Hosting Account has no more
privileges to a Managed Server than does an intruder from the outside.
Firewalls
AO Industries maintains redundant firewalls to ensure network security while maintaining network
reliability. Firewalls are an essential tool in providing network security. Besides only granting
access to authorized services, our firewalls are an integral part of our defense against Distributed
Denial of Service (DDoS) attacks.
Private Networks
Each firewall divides our IP range into private, isolated networks. Each of these networks
is protected from each other, as well as the Internet. An intruder on one network
has no more access to the other networks than they would from the outside.
We use an intruder on a compromised server as an example because we recognize that people and software are not
perfect. There will be security holes in software; there will be compromised servers. We minimize these
risks by providing isolation between hosts.
Another benefit of the isolated networks is related to hardware failures. It is theoretically
possible for hardware to fail in such a way that it causes havoc on the network. If this were to ever
occur, our routers could completely isolate this server while maintaining service through the other
networks.
Managed Switches
Each port of our firewalls is connected with gigabit uplinks to managed 24-port switches. These switches are then
connected to each server. By using managed switches we have the ability to control and monitor each port, and
therefore each server, individually.
Intrusion Detection Systems (IDS)
For those who need the maximum level of protection, we work with ProtectPoint,
a Florida-based business specializing in network security. They offer advanced network security features including
Managed Firewalls,
Intrusion Detection (IDS),
Virtual Private Networks (VPN),
Content Filtering,
SPAM Protection,
Virus Protection,
and Traffic Analysis.
By letting ProtectPoint specialize in and focus on network security, we stay focused on
Operating System and
Application Infrastructure
security.
| | | | | Copyright © 2000-2024 AO Industries, Inc. |
|
|