Results 1 to 11 of 11
  1. #1

    Secure, Reliable and Flexible Server Host

    Hello. I will need servers to run an application and website. I don't know if anyone can recommend a good host?

    One problem I have is that it is difficult to give precise demand estimations and hence estimate resource requirements. It seems flexible cloud-based hosting would solve this problem by allowing for easy scaling of resources. I see some hosts offer automatic scaling systems which would be the easiest method and protect against downtime or lag from overload.

    The servers would need to be very secure, so any host would need to abide by the best security standards. The application wont be managing debit/credit card information but hosting that keeps to PCI DSS standards would be a bonus. And yes, I do know the application needs to be secure.

    The application will need to be vey reliable. Any downtime at all can be very damaging. I understand that it's impossible to expect 100% uptime with any host but I've come across Round Robin DNS, DNS Failover and BGP failover that can switch websites onto new IP addresses in case one IP is unavailable. DDoS prevention is obviously a factor too. Does anyone have any advice for providing the best uptime possible?

    I will get some expert guidance on this further on so I can ensure all my requirements are met. For now I need a reasonable idea what to expect for a business plan.

    Thanks.

  2. #2
    Join Date
    Jan 2011
    Location
    UK
    Posts
    776
    The only cloud platforms I know of which are PCI Level 1 Service Provider certified are Amazon and Datapipe. This doesn't mean other platforms aren't secure just that these two have been audited by PCI certified auditors.
    Advania Thor Data Centre Iceland - www.thordc.com
    High Spec Colocation and Dedicated Servers, powered by cheap, abundant and 100% renewable energy.
    Enterprise grade hosting, ISO27001 accredited for security, and all at fantastic pricing.

    brian.rae@thordc.com

  3. #3
    Join Date
    Jul 2011
    Location
    Melbourne, Australia
    Posts
    347
    FireHost also offer PCI compliant cloud hosting. It's not cheap though.

    http://www.firehost.com/secure-hosting/pci
    Cloudstra Pty Ltd - Do you have a VPS?? Then move to a Cloud VPS today!!
    █ Cloud VPS - A new kind of VPS powered by OnApp!
    █ Real Cloud Setup = Auto Failover | High Availability | Instant Scalability | Redundancy
    █ Cloud Locations: San Jose, Dallas, Washington DC, Frankfurt, Amsterdam, Singapore & Tokyo

  4. #4
    Join Date
    Aug 2011
    Location
    Dub,Lon,Dal,Chi,NY,LA
    Posts
    1,616
    Most IAAS platforms will let you build a PCI compliant architecture, irrespective of whether the host or the entire platform has been audited.

    Also, there are multi/intercloud failover options now available too, so you can redirect to another geographical cloud location in the event of any problem
    dediserve www.dediserve.com
    Leading provider of enterprise SSD cloud platforms with 14 clouds in 3 regions
    Clouds in Dublin, London, Amsterdam, Vienna, Frankfurt, New York, Chicago, Dallas, Los Angeles, Singapore, Jakarta, Hong Kong

  5. #5
    Thank you for the answers. I wont need PCI compliance for the service I'm doing, I meant that the host would need to be very secure, next to PCI DSS level of standards. It's because my service will be an emoney service. It wont handle card information though.

    With Amazon EC2 you would need to scale by adding instances that run in parallel. They can be synchronised with data storage/databases. Is this correct? And instances can be placed in different data-centres which protects against single data-centre failure? Also it seems databases can be backed-up in different data-centres. Would a reliable and flexible service be possible in these ways?

  6. #6
    Join Date
    Jun 2010
    Location
    Chandler, AZ
    Posts
    79
    A good service mainly depends upon your budget according to me. The cheap hosting and a good reliable consistent hosting hardly go together.Cloud hosting is the latest technology and most preferable now a days, with fair uptime and support. You can opt for this without any hesitation !!

  7. #7
    Join Date
    Aug 2011
    Location
    Dub,Lon,Dal,Chi,NY,LA
    Posts
    1,616
    Also bear in mind Amazon have suffered region-wide outages, where the entire US west coast (multiple sites) was down due to network issues.

    Depending on the level of reliability you need, don't place all your eggs in one basket (ie: one provider)
    dediserve www.dediserve.com
    Leading provider of enterprise SSD cloud platforms with 14 clouds in 3 regions
    Clouds in Dublin, London, Amsterdam, Vienna, Frankfurt, New York, Chicago, Dallas, Los Angeles, Singapore, Jakarta, Hong Kong

  8. #8
    Join Date
    Jan 2011
    Location
    UK
    Posts
    776
    Quote Originally Posted by MatthewLM View Post
    Thank you for the answers. I wont need PCI compliance for the service I'm doing, I meant that the host would need to be very secure, next to PCI DSS level of standards. It's because my service will be an emoney service. It wont handle card information though.

    With Amazon EC2 you would need to scale by adding instances that run in parallel. They can be synchronised with data storage/databases. Is this correct? And instances can be placed in different data-centres which protects against single data-centre failure? Also it seems databases can be backed-up in different data-centres. Would a reliable and flexible service be possible in these ways?
    Yes, you can do all of these things with Amazon (and with other large cloud vendors also). The application is responsible for resilience and synchronisation across availability zones, so you do lose some of the simplicity of using a cloud solution, but it will work. One thing I would suggest is to at least backup to another provider, so that if Amazon implodes for whatever reason (v unlikely but who knows) you can at least get you data back. You can rent SAN space to store backups in from a number of reputable providers.

    Oh, and not relevant given your comment on PCI, but Firehost are not PCI certified - they do claim PCI compliance but have not been audited http://usa.visa.com/download/merchan...-providers.pdf. This is not necessarily a bad thing, many good providers take the same approach.
    Advania Thor Data Centre Iceland - www.thordc.com
    High Spec Colocation and Dedicated Servers, powered by cheap, abundant and 100% renewable energy.
    Enterprise grade hosting, ISO27001 accredited for security, and all at fantastic pricing.

    brian.rae@thordc.com

  9. #9
    Thanks again to everyone. I've got quite a large list of potential hosts so I'll have to do some deciding.

    I did find that with Amazon is that some security experts found problems with them. Is Amazon really secure?

    "Oh, and not relevant given your comment on PCI, but Firehost are not PCI certified - they do claim PCI compliance but have not been audited (URL removed since I need 5 posts apparently...). This is not necessarily a bad thing, many good providers take the same approach."


    So it's fraudulent then?

  10. #10
    Join Date
    Jan 2011
    Location
    UK
    Posts
    776
    Quote Originally Posted by MatthewLM View Post
    Thanks again to everyone. I've got quite a large list of potential hosts so I'll have to do some deciding.

    I did find that with Amazon is that some security experts found problems with them. Is Amazon really secure?

    "Oh, and not relevant given your comment on PCI, but Firehost are not PCI certified - they do claim PCI compliance but have not been audited (URL removed since I need 5 posts apparently...). This is not necessarily a bad thing, many good providers take the same approach."


    So it's fraudulent then?
    No, it's not fraudulent, just carefully phrased - it's the difference between 'PCI Compliant' and 'PCI Certified'. It's not unusual and Firehost have been around for a while - indeed they had a surprisingly large stand at Infosec in London this week.

    Is Amazon secure? Well, it's probably as secure as any public cloud, but the issue is you'll never be able to prove that as you can't get access to the details to be able to audit it. What you lose with public cloud (v dedicated servers or private cloud on hardware dedicated to you) is control and visibility, you just have to trust the provider and their certifications to a much greater extent. That's the trade off you make to gain the flexibility and expandability.
    Advania Thor Data Centre Iceland - www.thordc.com
    High Spec Colocation and Dedicated Servers, powered by cheap, abundant and 100% renewable energy.
    Enterprise grade hosting, ISO27001 accredited for security, and all at fantastic pricing.

    brian.rae@thordc.com

  11. #11
    Join Date
    Nov 2005
    Location
    Nassau, The Bahamas
    Posts
    74
    Quote Originally Posted by Brian_R View Post
    No, it's not fraudulent, just carefully phrased - it's the difference between 'PCI Compliant' and 'PCI Certified'. It's not unusual and Firehost have been around for a while - indeed they had a surprisingly large stand at Infosec in London this week.

    Is Amazon secure? Well, it's probably as secure as any public cloud, but the issue is you'll never be able to prove that as you can't get access to the details to be able to audit it. What you lose with public cloud (v dedicated servers or private cloud on hardware dedicated to you) is control and visibility, you just have to trust the provider and their certifications to a much greater extent. That's the trade off you make to gain the flexibility and expandability.
    Well said Brian.

    Compliant and Certified are not the same, but might meet most people's needs as long as you understand what you're getting - and what you're responsible for.

    Daily scans/audits are an important - and often overlooked - consideration as well.

    - Richard
    Secure Hosting | Premium Cloud & Dedicated hosting solutions since 2001
    email: sales(at)securehost(dot)com +1-242-502-8700 24/7 support by phone/helpdesk
    Located in The Bahamas & Bermuda: Redundant Cooling, Power & Network, PCI DSS compliant, 7ms from USA

Similar Threads

  1. Reliable, secure, non-oversold, non-cPanel host?
    By goosmurf in forum Web Hosting
    Replies: 14
    Last Post: 01-04-2009, 06:43 PM
  2. looking for flexible reliable host
    By whiskyd in forum Web Hosting
    Replies: 1
    Last Post: 02-06-2006, 03:23 PM
  3. Reliable big PRO host that is semi-flexible?
    By PatrickBatem in forum Web Hosting
    Replies: 4
    Last Post: 01-21-2004, 08:47 PM
  4. Need a Secure and reliable host? check out these discounts.
    By eBoundary in forum Shared Hosting Offers
    Replies: 0
    Last Post: 07-23-2003, 12:29 PM
  5. A new flexible and secure host
    By dietmonday in forum Shared Hosting Offers
    Replies: 1
    Last Post: 01-25-2002, 06:48 PM

Related Posts from theWHIR.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •