All of our servers are housed in a Data Center in Malaysia. This Data Center is an ultra modern facility which runs state-of-the-art equipment, with transmission speeds of OC-48/STM-16, 2.488 Gbps, on an Optical fiber Internet backbone, which is much faster than what runs in the US and many other areas.

State of Art Data Center

While the Data Center gives full access to completely outsourced hosting solutions, it also ensures full protection and security of the data equipment.

Electrical & Power System

Its systems are designed with the latest dual fed power sources from Power Grid to power sockets to provide the highest power available. Power Grid feeds a fully parallel redundant (N+1), lower input harmonics Uninterrupted Power System (UPS) with dual-fed redundant secondary switchboards and critical load distribution boards. The facility is also supported by a backup diesel generator with full load capability.

Environmental Control

It is maintained at a 22C with 50% Relative Humidity to provide an idyllic working environment for its equipments and N+1 redundancy.

Security

t is also equipped with surveillance cameras to monitor every section of the center and controlled by security guards 24x7.

24 Hours System Monitoring and Prevention

The round-the-clock Facility Monitoring System is installed to monitor the power supply, air-conditioning, temperature settings, fire detection, suppression system, water detection system and generators to solve any potential problems before they escalate. Nothing is left to chance.

Fire and Water Detection System.

All equipment is safeguarded by a fire detection and suppression system called Fire Master 200. The system uses an environmentally friendly gas to extinguish the flames within a minute of it being detected.

The line sensor water detection system covers the walls and drainage area routes of the Precision Air-Conditioners System to give early warning in the event of a defection.

Network Security Protection

The following measures have been taken to ensure adequate level of protection on the network where customer's servers are hosted.

Ingress and Egress Filtering

The network only accepts traffic with source addresses other than its own network block which aims at limiting the effectiveness and scope of Denial of Service Attacks. It will prohibit an attacker within the originating network from launching an attack of this nature using forged source addresses that do not conform to ingress filtering rules.

Anti-spoofing

Many network attacks rely on an attacker falsifying, or "spoofing," the source addresses of IP datagrams. Some attacks rely on spoofing to work at all, and other attacks are much harder to trace if the attacker can use somebody else's address instead of his or her own. Anti-spoofing measures have been adopted on the network's perimeter to prevent hosts on the Internet from assuming the addresses of its Co-Location servers.

There are at least three good reasons for doing anti-spoofing in both directions at our network perimeter:

1. Internal users will be less tempted to try launching network attacks and less likely to succeed if they do try.
2. Accidentally misconfigured internal hosts will be less likely to cause trouble for remote sites (and therefore less likely to generate angry telephone calls or damage your organization's reputation).
3. Outside crackers often break into networks as launching pads for further attacks. These crackers may be less interested in a network with outgoing spoofing protection.

Controlling Directed Broadcasts

IP directed broadcasts are used in the extremely common and popular "smurf" denial of service attack, and can also be used in related attacks.

In a "smurf" attack, the attacker sends ICMP echo requests from a falsified source address to a directed broadcast address, causing all the hosts on the target subnet to send replies to the falsified source. By sending a continuous stream of such requests, the attacker can create a much larger stream of replies, which can completely inundate the host whose address is being falsified.

Our border router has been configured with no IP directed-broadcast command to drop these directed broadcasts that would otherwise be "exploded" into link-layer broadcasts of a subnet.

IP Source Routing

The IP protocol supports source routing options that allow the sender of an IP datagram to control the route that datagram will take toward its ultimate destination, and generally the route that any reply will take. These options are rarely used for legitimate purposes in real networks. Some older IP implementations do not process source-routed packets properly, and it may be possible to crash machines running these implementations by sending them datagrams with source routing options.

Our border router has been configured with no IP source-route to deny forwarding an IP packet which carries a source routing option.