Report Offensive Message
Tier 3 Security and Monitoring Capabilities...
Thoran, this was a great article and I can really appreciate the approach you have taken to compare each provider across common dimensions. While i absolutely respect your view, I believe this may highlight an opportunity for Tier 3 to better clarify some of the security features of our platform which may not have been apparent in your research but are commonly brought out when we are working with enterprise customers.
Tier 3 believes strong security is the cornerstone of our business relationship with our customers. As a result, we place the highest possible level of focus on security for the systems they entrust to us with the goal of meeting or exceeding our customers own security policies. Some highlights from our security capabilities include:
SSAE16 audited, support for HIPAA and PCI compliance
Full session state based Juniper firewalls
o The perimeter is protected by a series of redundant Juniper SRX series firewalls which employ Unified Thread Management (UTM) technology.
o We isolate the virtual machine with zone-based firewalls, where each customer service runs on its own private VLAN.
o IDS and IDP on external data transmission. For complex environments customers also can enable IPSEC at the operating system level to encrypt all network traffic.
o We provide Microsoft Forefront for all customers.
In addition to real-time monitoring and NOC support, we perform monthly Nessus vulnerability scans of all customer environments (may be performed more frequently upon request) and work with customers for remediation of any identified vulnerabilities.
Private VLAN and VPN connections for all environments. Customers can also use secure connections such as Persistent\User VPN, Direct Connection, or MPLS.
Access: Role-based approach to authentication and authorization with permissions set explicitly per resource type. Access to the Control System is only via username and password. All actions performed through the Control System are logged and auditable.
Another area of the comparison which may not have fully captured the breadth of capabilities that Tier 3 makes available to its customers would be around Monitoring.
We offer two levels of monitoring at no additional cost to our customers:
Self service - Monitors exist for Bandwidth, CPU, Memory, Disk, Ping and can be set directly with our Control Portal or API.
NOC configured - Our NOC leverages an industry leading, comprehensive monitoring solution which we leverage for clients that require more complex monitoring (e.g. Exchange, SQL Server, etc). A customer simply submits a ticket through the control portal requesting any of the following monitors .(http://help.tier3.com/entries/21080248-monitors-that-are-supported and our NOC will promptly configure the monitoring for a severs or groups of servers. This complex monitoring into the control portal in the coming months.
System administrators can apply an overarching set of monitors that cascade down groups of servers. These settings can be easily overridden on a per-group or per-server basis to generate unique monitoring policies.
In addition to the infrastructure monitoring, users of the Tier 3 Web Fabric (PaaS) environment instantly get access to the industry-leading application monitoring framework from New Relic (http://www.tier3.com/blog/web-fabric-app-monitoring). This service is provided at no charge and gives users sophisticated insight into how their web applications are performing.
Custom alerts can be configured for either monitoring solution at no additional cost.
Again, I really like the article and your approach, and appreciate this opportunity to provide additional clarity into the Tier 3 public offering.
Regards and Thanks,
Bryan Thompson
VP of Product Management
Tier 3
Tier 3 believes strong security is the cornerstone of our business relationship with our customers. As a result, we place the highest possible level of focus on security for the systems they entrust to us with the goal of meeting or exceeding our customers own security policies. Some highlights from our security capabilities include:
SSAE16 audited, support for HIPAA and PCI compliance
Full session state based Juniper firewalls
o The perimeter is protected by a series of redundant Juniper SRX series firewalls which employ Unified Thread Management (UTM) technology.
o We isolate the virtual machine with zone-based firewalls, where each customer service runs on its own private VLAN.
o IDS and IDP on external data transmission. For complex environments customers also can enable IPSEC at the operating system level to encrypt all network traffic.
o We provide Microsoft Forefront for all customers.
In addition to real-time monitoring and NOC support, we perform monthly Nessus vulnerability scans of all customer environments (may be performed more frequently upon request) and work with customers for remediation of any identified vulnerabilities.
Private VLAN and VPN connections for all environments. Customers can also use secure connections such as Persistent\User VPN, Direct Connection, or MPLS.
Access: Role-based approach to authentication and authorization with permissions set explicitly per resource type. Access to the Control System is only via username and password. All actions performed through the Control System are logged and auditable.
Another area of the comparison which may not have fully captured the breadth of capabilities that Tier 3 makes available to its customers would be around Monitoring.
We offer two levels of monitoring at no additional cost to our customers:
Self service - Monitors exist for Bandwidth, CPU, Memory, Disk, Ping and can be set directly with our Control Portal or API.
NOC configured - Our NOC leverages an industry leading, comprehensive monitoring solution which we leverage for clients that require more complex monitoring (e.g. Exchange, SQL Server, etc). A customer simply submits a ticket through the control portal requesting any of the following monitors .(http://help.tier3.com/entries/21080248-monitors-that-are-supported and our NOC will promptly configure the monitoring for a severs or groups of servers. This complex monitoring into the control portal in the coming months.
System administrators can apply an overarching set of monitors that cascade down groups of servers. These settings can be easily overridden on a per-group or per-server basis to generate unique monitoring policies.
In addition to the infrastructure monitoring, users of the Tier 3 Web Fabric (PaaS) environment instantly get access to the industry-leading application monitoring framework from New Relic (http://www.tier3.com/blog/web-fabric-app-monitoring). This service is provided at no charge and gives users sophisticated insight into how their web applications are performing.
Custom alerts can be configured for either monitoring solution at no additional cost.
Again, I really like the article and your approach, and appreciate this opportunity to provide additional clarity into the Tier 3 public offering.
Regards and Thanks,
Bryan Thompson
VP of Product Management
Tier 3
Posted by bjthompson
24th Aug
