Network, Facility And Security
Network
If you plan to take an Internet uplink from the colocation provider, and especially if you plan to use that uplink for you primary Internet connection, you’ll want to work with a provider that blends at least 2-3 major carriers at their core via BGP, and makes routes for all three available on your uplink. This means two things to you:
- 1. Your connectivity will contain the maximal number of routes (pathways) for data packets to travel, yielding the best chances for high availability and low latency;
- 2. You’ll have a transparent fail-over in the event of a single carrier going offline, without having to build it yourself.
You also want to know that the provider has built their network for high availability and redundancy – will it handle hardware failures as well as network outages, with little or no downtime? If you are taking a network drop from the provider as a backup to a primary Internet connection that you order separately from a dedicated carrier, this may not be as important to you. However, if the provider is at all serious about the quality of their offering, it should be robust.
A colocation facility that has super-fast, scale-able connections to the Internet is a must. Their “house blend” (if offered) should contain at least 2-3 Tier 1 carriers, as mentioned above, and speeds of 10Gbps or greater should be readily available to you. Don’t think you’ll ever need that much bandwidth? It does not matter – the fact is, the facility as a whole could see very high demand, and the capacity needs to be there, regardless of your individual requirements. Beware of providers who oversell bandwidth – this is quite common! Once they start to push the limits of their upstream connection(s), degraded performance can be expected as too many packets will be fighting for their limited capacity. Don’t be afraid to ask for an IP address target within their network, against which you can run some packet tests to see how their response times hold up.
Facility Features
Colcation data centers can vary widely as to what they offer the client. You’ll want a facility that offers you 24/7 physical access, and that is staffed around the clock with technical support personnel to assist you if needed. You’ll want security features, like secured access to the Colocation data center floor and other sensitive areas, multi-factor authentication, closed circuit TV monitoring, and access logging for all visitors. You’ll want the power they provide you to be fully conditioned and backed up by UPS and a continuous source generator – the ability to add A/B power at your cabinet may be important to you some day, so that’s another feature to look for. Finally, you’ll want environmental controls which optimize the cooling delivered to your equipment – things like active feedback control systems and cold-aisle isolation are definite pluses.
A tier system exists for rating data center infrastructure design topologies. Tier levels range from I – IV, with each higher number representing a greater level of availability, redundancy and fault tolerance. A in-depth examination of data center tiers can be found here. When choosing a provider, limit your candidates to tier III and tier IV facilities. Anything lower is no bargain, no matter how cheap the quoted price for service.
Security And Compliances
Security is a hot-button issue these days. Everyone is concerned about the safety of their online data, which means that, as an entity with a online presence, you must also be concerned or at least aware of a security issues and how they can affect both you and your customers. While colocation is largely a “hands off” service from the perspective of the provider, their is an aspect of the total security landscape that is the responsibility of your provider. From physical access to the colocation space that houses your servers, to logical security of the data center’s network, your provider must support the total security of your colocation in the areas that they administer.
Data centers that have undergone and passed an independent security audit will be able to produce reports attesting to their compliance to one or more standards, such as SSAE (Statement on Standards for Attestation Engagements) 16, or the newer SOC (Service Organization Control) 2 and SOC 3. In plain language, what this means is that an independent auditing firm performed in a in-depth examination and inspection of the data center’s procedures, controls and documentation to ensure that all meet or exceed a published standard which is designed to ensure system security and data integrity. A key part of this is that the audit was performed by an independent third party – there is no governing body that will certify compliance to these standards, and therefor any entity can perform a self-assessment and declare themselves to be in compliance. The third party audit, typically performed by an accounting firm, adds a very important extra layer of assurance that the data center is truly conforming to the prescribed controls. While SSAE 16 or SOC 2/3 compliance does not guarantee that a security incident will never take place, it does demonstrate that the risk of an incident has been minimized to the degree possible, that appropriate responses in the event of an incident are documented and enforced.