| 1.6.02 Three Tier Architecture: | | Bespoke application services are an implementation of the IBM WebSphere Three Tier Architecture - the safest and most secure architecture the world has designed. | | The Three Tier Architecture means that (1) Web Servers are connected to the Internet, (2) Application Servers are connected to Web Servers, but not the internet and (3) Database Servers are connected to Application Servers but not the Internet. | | This means it is not possible for an Internet hacker to access a database server - they are not connected. |
| Date Center Architecture: | | We operate a three-tier architecture of servers in each data center to provide elastic capacity with business continuity. | | No other hardware architecture has ever been so well received by the IT industry with the finest minds in the world refining it to resist intrusion. |
| Typical Rack: (top to bottom) | | 12. Email server. | | 11. FTP Message Switch server. | | 10. Database server. | | 9. Router applications to database. | | 8. Application 1 server. | | 7. Application 2 server. | | 6. Router web servers to applications. | | 5. Web 1 server. | | 4. Web 2 server. | | 3. Web 3 server. | | 2. Intrusion Prevention server. | | 1. Load Balancing Firewall server. | | 0. Battery Power distribution. |
| Servers: | | 1. A large number of redundant servers, each dedicated to one and only one job. | | 2. No virtualization. | | 3. No shared tenancies. | | 4. Total ownership of all dedicated hardware, networking and system software. | | 5. A bespoke application stack with one and only one program that can be seen from the Internet. |
| | | Ten Data Centers: | | Rack space is rented in the largest European data centers - the most secure buildings that can exist. More and more data centers are being connected so data can be rapidly replicated from one data center to another. When data is stored in more than three remote data centers its hard to imagine that data could be lost. When application services are being provided by ten secure data centers, then the service is continual and data cannot be lost. | | Almost two-hundred-thousand pounds worth of equipment is installed and in use by many hundreds of customers. Excessive Encryption is a Unique Selling Point. Business Continuity is a Unique Selling Point. |
| Physical: | | 1. No server has a screen, a keyboard, a USB port, a disk media or any way for it to be physically accessed. | | 2. Every server does one and only one dedicated operating system job and is not able to run any other program. | | 3. Business data is only encrypted and stored by the database server. | | 4. A rack can run from its batteries for at least one hour in the event of a power failure. | | 5. Uploaded documents are stored by the application servers but these documents cannot be opened on the server because such services are disabled. | | 6. Server operating system software is replaced once or twice a year - patching and updates cannot happen. | | 7. No programs, no vulnerabilities, no maintenance, no downtime, no bugs, very little for the criminal to attack. |
| Software-Defined Networking: | | The networks connecting the data centers and the Internet are dynamic and can be altered by software settings. | | In the event that an IP address is being attacked by a criminal, business can switch to an alternative data center so business can continue, while the criminal continues to attack a null firewall. | | People in one part of the country can enjoy the benefit of a local data center, while people in another part of the country may use a different data center - data is shared. | | Computer loads can migrate as different countries come on-line and other countries close down at the end of the day. | | The benefits of a dynamic network are considerable and these benefits are expected to grow in the next decade. |
|