Frequently Asked Questions
Packages and Pricing
|
How is my bandwidth charge calculated?
You can purchase bandwidth in one of two ways: rate-based bandwidth billing or volume-based bandwidth billing. Units for rate-based billing are generally Mbps (megabits per second). Units for volume-based billing are generally GB (gigabytes). You can ask us for advice as to which model will be the most advantageous for your application.
In the case of rate-based billing measurements are collected every 5 minutes during the course of the billing period. At the end of the billing period we sort the collected measurements and throw out the top 5% of the largest values. The largest remaining value is your 95th percentile bandwidth usage. The benefit of rate-based billing is that it effectively eliminates any short lived peaks, or surges in traffic from your bandwidth bill. If you have a steady stream of traffic or a fairly constant load then rate-based billing is often the best choice. Rate-based bandwidth billing is commonly known as 95th percentile billing and is also commonly misunderstood. Keep in mind there is no mystery here other than the fact that you are being billed by the rate of traffic, rather than the volume of traffic.
Using volume-based bandwidth billing you simply pay for all of the data your servers send & receive during the course of the billing period. If your servers send traffic for a limited time, or perhaps use a large rate of traffic for only a day or two then you should be using volume-based biling.
Tell me about security offerings for dedicated and virtualized hosting infrastructures.
You can add a managed Cisco ASA series firewall to any of our hosting infrastructure offerings. The firewall is attached to your hosting infrastructure via a private VLAN. You can access your servers using the CISCO VPN client from your PC - Windows, Macs, & LInux are supported.
Do you offer a shared hardware firewall service?
At Central Host hardware firewalls are never multi-tenant. Our Cisco firewall devices are hardware dedicated to your account. Experience has shown us that firewall hardware lacks sufficient resource isolation features for reliable multi-tenant operation.
How does a managed firewall change my bandwidth billing?
Customers with a single dedicated server won’t notice any changes in bandwidth billing. Customers with multiple servers will find that they actually use less bandwidth with a dedicated firewall added to their account. The reason for this is that the outside network interface of the firewall becomes on the only metered, or billable network interface on the account. This means that all intra-server traffic is no longer metered, which can result in significant savings.
How are changes to the firewall configuration handled?
We manage the entire firewall configuration and will make any requested changes within 60 minutes during normal business hours. Emergency change requests are handled within 20 minutes 24x7. Central Host keeps all firewall configurations in a source control repository so previous versions of your firewall configuration can be restored, or your last change reverted. We have out-of-band access to all firewall equipment on our network so configuration changes can be made regardless of whether or not the firewall is actually accessible on the network. Customers who have experience managing their own firewalls are welcome to do so, simply ask us for adminsitrator privileges.
What’s the best way to handle DNS for privately addressed hosts inside my firewall?
It’s common practice to have a private IP range [RFC 1918] in use on the inside, or trusted, network behind your firewall. Servers on private network rely on firewall network address translation (NAT) for exposure to the internet. A web server, for example, may be known by both a private IP address & public IP address. From the vantage point of servers on the inside network it’s best to access this web server by it’s private IP address, while internet hosts will use the public address. The CISCO hardware has the capability to filter and inspect packets at the application layer (OSI layer 7). This allows the firewall hardware to actually rewrite the DNS responses based on origin so that DNS requests made from the private network receive the translated private address in the DNS response even though the DNS server may have returned the public IP address in the response. This feature is known as “DNS fixup” and resolves a great deal of problems and inconsistancies with split DNS views, or multiple DNS servers for the same zone with different data.
What server load balancing options are available?
Central Host utilizes hardware load balancing equipment to perform high speed distribution of traffic across a group of two or more web servers. Each load balancing solution performs the same basic function and can be utilized to keep a site online even if a servers fails. Under normal operation the load balancer distributes traffic across all of your servers while periodically verifying that each server is operating correctly. If one of the servers is not operating correctly the load balancer will remove it from the group. Currently Central Host deploys Citrix NetScaler and Foundry ServerIron hardware load balancers. |
