Blue Tower Dedicated Hosting

	Server Administration
	Security Administration
	Service Matrix
	Database Administration
	Web/Email Administration
	VPN Administration
	Intrusion Detection
	Load Balancing
	Clustering
	Server Monitoring
	Back up Solutions
	Business Continuance

Microsoft Windows Update and Red Hat Enterprise Network
We provide comprehensive Microsoft and Red Hat Linux update and Security patch services. Red Hat Linux customers are subscribed to the Red Hat Network at the Enterprise level. Microsoft customers are configured with Windows Update, which is monitored and managed centrally by our Information Security team.

General release patches are applied using a customer defined maintenance window. Security updates are typically tested and installed within 8-20 hours of their release from Microsoft or Red Hat. Our Information Security team monitors Cert advisories, SANS advisories, Slashdot, Microsoft TechNet and other operating system watchdog services.

Network Based IDS
Our Network Based Intrusion Detection System monitors our network 24x7 for suspicious traffic. The system monitors individual packets as they cross our network and looks for suspicious traffic based on certain signatures. When a network event is captured, our GIAC and CISSP certified Information Security Team is automatically alerted. This system is also monitored by our NOC to watch for abnormal trends in network traffic.

Secure VLAN's
We secure VLAN's to shield customer traffic on our network. We use customer VLAN's to prevent customer-to-customer browsing, and allow our network to operate more efficiently.

Host Based IDS
Our Host Based IDS solution provides automated, real-time intrusion monitoring, detection, and protection by analyzing events, host logs, and inbound and outbound network activity on critical enterprise servers to block malicious activity from damaging critical assets. Host Based IDS protects the Linux and Windows operating systems by preventing attackers from exploiting operating system and application vulnerabilities through log audit analysis, monitoring, locking and the baseline of files for system integrity, connection blocking for unused ports/services, and identification of vulnerabilities.

In addition, Host-Based IDS provides application layer intrusion monitoring, analysis, and response capability for both Apache and IIS web servers. When a Host Based attack is detected, our GIAC and CISSP certified Information Security team is automatically alerted to conduct Security Incident Response to maintain and defend the security of our customers.

Host Based IDS monitors all traffic to and from the server or network to detect and prevent inbound attacks as well as block new and unknown outbound attacks such as buffer overflows, Trojans, brute force attacks, unauthorized access and network worms.

Antivirus Protection
Virus writers are working around the clock to attack you; anti-virus vendors and bluetower are working around the clock to help protect you.

Help protect your computer files and e-mail by using and updating your anti-virus software. To help reduce the risk of a virus exploiting vulnerability in your Microsoft and Red Hat software, we provide fully managed, monitored and updated antivirus services.

O/S Hardening Services
Hardening your servers can serve to mitigate your risk of being hacked or suffering a denial of service attack by over 90%. Because most hackers use fingerprinting to identify what is running on your system, O/S hardening techniques can hide this information or send misleading information that will make them think, for example, that your Windows 2000 system is a Novell system. This would, of course, cause all of their Novell hacks to be completely ineffective. O/S hardening tactics are frequently updated, and require high levels of security and system administration expertise.

Security Event Monitoring
We use SNARE to monitor Windows' event logging sub-system or the Red Hat Kernel event monitoring process to read, filter and send event alerts. This enables The Information Security team to monitor your server for hacking attempts, system failures and server trends. The SNARE Core service is centrally managed, monitored and controlled by our Information Security team.

Vulnerability Assessments
A good place to start with your risk mitigation is with a vulnerability assessment. Vulnerability assessments identify your systems and the components operating on your servers, and then test these components using a vulnerability database The updates daily. Using the resulting list of vulnerabilities, the client can either repair these vulnerabilities on their own or have We apply the appropriate patches and updates.

Penetration Testing Service
Our Information Security team can conduct a Vulnerability Assessment with a live "Ethical" hacking test, performed by our most experienced CISSP and GIAC certified engineers. A report will be provided to the customer of techniques used, weaknesses found and how system access can be gained. We require that this testing be scheduled during a maintenance window or during the customer's off-peak hours. This is a live hacking event which requires a variable timeline depending on the security of the customer's servers.

Counter-Penetration Services
Some of our customers periodically host high visibility, high risk e-commerce events. These world-class events can have a critical impact on our customer's profitability. To secure such events, We can dedicate a CISSP certified security engineer to actively monitor and aggressively respond to any security incident that may arise.

Managed Firewalls
Most of our customers choose to protect their businesses with a firewall. We provide day-to-day firewall operation including firewall troubleshooting, firewall maintenance and scheduled or emergency firewall rule-set changes.We have certified firewall support available 24 x 7. Our customers can rely on our expertise and the security of the firewall systems that we implement and manage.

We are able to deliver extreme performance and bleeding edge INFOSEC technology through our Managed Snap Gear firewalls. Our fully managed Snap Gear firewalls provide the latest developments in traffic inspection, stateful firewalling, appliance-based firewall IDS, traffic inspection, source address trace-backs and hardware crypto-acceleration.

Managed VPNs / IPSec Tunnels
We offer fully managed point-to-point and remote access ("Road Warrior") VPN services. Our VPN services include Microsoft PPTP, IPSec and L2TP tunnels with CAST, Blowfish, 2fish, RC4 and 3des encryption algorithms with key lengths up to 8196 bits. We can completely manage all VPN connections, users, passwords and tunnel certificates.

Data Forensics
Should our customers ever need to present their information in Court to reclaim damages from a third party, We can stand behind them with expert recovery, verification and preservation of our customer's data. Our Data Forensics team members are trained by SANS and are admitted to testify in any State of Texas courtroom as Expert Data Forensics Investigators. In the event that legal action is required, our forensic experts are available to provide testimony.

Data Recovery
In the event of data loss due to non-hardware related issues, our forensics team can assist in the recovery of our customer's data. We offer robust backup and restore systems for our customer's use, but in the event of accidental catastrophic data loss between backup increments, our forensic engineers can help recover your data.

Third Party Audit and Verification Services
Some of our customers have premium financial partners, who require an additional Vulnerability Scan by a trusted third party. The Information Security team can facilitate such a scan of the customer's environment.