I work for a company that is in the market to get a dedicated server.

The server has to be Windows 2003, and it must have MS SQL Server on it also. It must be Windows because the site is created in ASP.NET. No "PHP is better than ASP" comments or whatever -- I didnt make it, it's a corporation and we have multimillion dollar contracts with MS, etc. More politics than brains at work here.

The server will not get very heavy usage, only a website running on it with about 200 daily visitors, but the information that the server will contain is incredibly valuable (I work for a financial company, the server would contain login information for mass numbers of accounts in the hundreds of thousands -- if a hacker were to get into it, damage could be in the billions, literally.)

SO, we need *****GOOD***** security. We also need relatively good stability, although 5 9's is probably more than we need.

This being said, my company has a very stingy side to it and the cheaper the better, so, I'm here asking for any advice as to where I could get a ded server (doesnt have to be too high end, anything in the mid 1ghz range with 512MB ram and a bit of bandwith and storage would do the trick probably), with really good security (preferably someone to manage it/firewall/etc) and decent stability for cheap.

Any/all comments welcome.

Check out rackspace.com, they offer managed firewall/security services.

Definitely would recommend Rackspace.com as well.

RackSpace.com from me too. They have established themselves as one of the leading managed services providers.

How much would a rackspace solution cost along the specs that I provided? (I could find links on their page for server specs etc, but again, it's the security thats the thing -- so I don't know if that's extra, etc)


BTW - Everyone who PM' d me about this thank you, I'll be getting back to all of them.

Originally posted by Flare
How much would a rackspace solution cost along the specs that I provided? (I could find links on their page for server specs etc, but again, it's the security thats the thing -- so I don't know if that's extra, etc)


BTW - Everyone who PM' d me about this thank you, I'll be getting back to all of them.
I'd reccomend them too, just click on the live support on their site and you can talk to the live person who will have you give them your number so someone can call you about it.

Sorry in advance, that this post isn't going to help you with choosing a provider, but it has to be said.

Why are you placing such sensative information on the public internet? What you'd be far better off doing is keeping the login information off the net, so in the simplest case, that means having a second server as a database server, that isn't accessible via a public IP, or is locked down so it can only be access from a very limited set of IPs/MAC addresses, then you can have the public facing server connect to the DB server - That way, if someone wants those login details, they have to hack the public box, then the private box going via the public box. I'm sure others will recommend some more points on security for you, but what I suggested above is a start.

Thanks,

Put my vote in for Rackspace, ring them up they'll answer within two rings (in my experience!) and they'll be able to advise you fully. They wont be the cheapest provider sure, but you certainly get what you pay for.

Andrew

I totally agreed with Karl, with being hack will cause loss of billion. Then I really think having just 1 box will not be enough.
And also you mentioned the word CHEAP. Really you want to spend a bit more money and get a decent firewall with someone who know how to set it up.
And have FIREWALL + IDS - > WEBSERVER - > DATABASE SERVER
The chance that it will have to get pass 2 boxes to get to your database server harder than just having one box.
+ by the time the hacker breach the firewall and webserver you should have noticed ..

The issue of having two servers -- that's actually probably going to be what happens. In my original post I see I made it sound like we wanted only one machine, however, we probably will get two, like you said, one for the WWW one for the SQL.

Greetings:

Rackspace.com, Interland.com, and Verio.com are good providers for Windows hosting.

Please note that while all of them offer managed hosting services, you should clarify with each one what will be your responsibilities, and what will be their responsibilities when it comes to security.

Not all of them are proactive.

Thank you.

I would never, ever, ever, ever, ever host with Interland. Their network is completely hacked up the a$$.

Rackspace/Verio sound good, I definately will pursue more information on both companies.

Right now you have to train your company to not be stingy. You won't get security if you don't pay for it. That said, you won't be safe with Windows either. Are you sure you can't use Apache and MONO for .NET? That way you could keep the webserver on OpenBSD ( way more secure ) and your DB can be on another box using Windows 2k3.

He said it has to be Windows. No sense in saying Windows cant be secure either. If you have admins who know how to run it, there will not be an issue.

Windows and Linux are equally safe if you know how to patch it and keep it up2date. But at the end of the day without firewall and IDS, chances are that getting hack will be bigger than having it all patched up and firewalled.

If windows is not safe, then how many times how you seen mircosoft website got hacked?

The Planet has a fully managed offerings, also, and a better reputation for Windows hosting than either Rackspace or Verio. Their security team is very strong, also.

Originally posted by Satori
and a better reputation for Windows hosting than either Rackspace or Verio.

I wouldn't agree with that - I agree The Planet is a good provider don't get me wrong but it's support is certainly not of Rackspace quality!

Andrew

If I remember right Plant has about 10ish support staff and how many servers have they got again ...
few thousand at least...

10ish support staff? That's ridiculous.

Hopefully someone from TP will post a correction to that...