AiNET _ Data Center Security and Management

http://www.ai.net/data-centers/security-and-management

Data centers house the data and applications critical to the success of an organization. A
data center is a complex environment of physical and virtual systems, integrated and
optimized to deliver timely, secure, and trusted information without fail. As such, across
many dimensions the security profile and management of a data center must be a certainty.
In this article we discuss the many dimensions and features of the security and management
of a data center. These include:
Physical and Environmental Security
Secure Operations
Security of the Critical Power and Cooling Systems
Security Information Management
Personnel Management
External Validation
Physical and Environmental Security
Physical and environmental controls protect the data center itself from interruptions and
unauthorized intrusions, and technical controls on all platforms provide the capability to
protect applications and data from unauthorized disclosure and manipulation.
Data centers have physical access control procedures, high-precision climate control, and
backup and recovery systems.
Operating facility with 6 reinforced concrete walls to create a secure data vault with
physical separations on all sides.
Interior and exterior video monitoring and UL certified intrusion detection systems.
High security fencing, biometric mantrap, infrared video monitoring, and electronic
passage technology.
Primary entrance processing point inside secure, reinforced perimeter.
Isolated shipping/receiving and freight inspection facility.
No vehicle traffic in the vicinity of operating buildings, over 250 feet of separation
from main thoroughfares.

State-of-the-art fire detection and suppression systems using the latest advances in
non-water based, FM-200 and/or HALON 1301.
Multiple fiber-optic entrances to the building are concrete-encased and meet-point
rooms (MMR) are located in a secure, separate locations in each operating buildings, with
cross-connects and redundant tie cables to other buildings.
Secure Operations
Security management and operations procedures for all platforms and procedures ensure
the confidentiality, integrity, and availability of customer applications and data.
Security personnel stationed at the main entrance to the data center 247 provide
additional protection.
Entire buildings served by a Building Management System (BMS) monitored and
managed by on-campus & off-campus secure network operations centers (SNOC).
Multi-Level Security through Tiered Access Control Protocols compliant and flexible to
conform to all levels of established threat status conditions.
FIPS, FISMA and NIST security protocol compliance.
Full BellCore/Telcordia physical separation of all redundant network elements.
Security of the Critical Power and Cooling Systems
The fundamental operating systems of a data center are its power delivery and cooling
systems. Detailed diagramsare available on the site, but notable features of the security of
these systems include:
High degrees of redundancy, 2N and even 3N.
Full maintenance bypass switching throughout all systems.
Patented technology to protect against a class of power problems afflicting all data
centers without this technology.
7-day, on-site generator fuel supply.
For protection of cooling, a gravity-fed water reservoir backed by an on-site well.
Security Information Management
Real-time security information management (also known as SIEM) is the combination of
network and security analysis in an easy-to-use, high performance platform. AiNET uses
SIEM to protect all customer operations and assets. SIEM capabilities:
Mainstream device support
Event source monitoring
Event log and network flow data consolidation
Comprehensive, extensible analytics
Network, virtualization, and application intelligence
Identity and location intelligence
Configuration and configuration change monitoring
In-depth database security, availability and anomalous activity monitoring
Powerful, layer 7-9 rules engine
Real-time and historical cross-correlation
Prioritized, valid security incidents with correlated and raw details
Dynamic dashboards, topology maps and notification
Real-time and long-term search with web-like query and iterative filtering
Directory service integrated and custom asset and user grouping
Compliance and standards-based reports
Optimized event repository
Event log data integrity secured by HMAC
Unlimited data retention
Scalable performance and coverage capacity

Personnel Management
Personnel represents another dimension of security.
Background checks on all personnel
DoD-trained anti-terrorism personnel
Security Validation
Many organizations state they have certain protections, but without proper outside audit and
verification, there could be serious issues left unaddressed either by design or improper
procedures. All AiNET facilities undergo SAS-70/SSAE 16 security validation audits to insure
that all equipment, processes and personnel successfully meet the security objectives of
each facility. The SAS-70/SSAE 16 audit is a rigorous standard widely accepted by industry
and government. The audit assures managers of financial and other applications that AiNET
employs highly effective security and controls.
Other external validations of an overall secure data center:
FIPS, FISMA and NIST security protocol compliance certifications
TIA-942 Tier IV certification
DCID 6/9 and ICD 705.2/705.3
Finally, how a data center itself stands behind its security:
100% Service Level Agreement (SLA) on power, cooling & connectivity with monetary
penalties.