Axis12 Ltd

Axis12 host some of the UK’s most technically challenging and engaging digital projects. Our hosting clients cover a range of organisations across a diverse range of requirements and budgets. We provide one of the most secure hosting environments in Europe. Our ISO 27001 certified data centres are ex-military nuclear bunkers which been upgraded with millions of pounds of investment in power, cooling and infrastructure, as well as fire suppression and Carrier Neutral connectivity. They are List-X, List-N rated and backed by ‘The Bunker’s’ Risk Management and Accreditation Document Set (RMADS). We use a combination of physical infrastructure based in a secure N+1 datacentre and cloud-based hosting. This virtual hypervised architecture provides a scalable and fault-tolerant solution. The hypervised KVM layer uses the full range of hardware virtualisation support, and directly uses the regular Linux scheduler and I/O device drivers. Provisioning of servers is automated with configuration management controlled by puppet. This allows us to scale the infrastructure quickly and efficiently using a set of version controlled ‘recipes’ that can be tailored to customer requirements where necessary. Resilience is provided across our Priority 1 systems through load-balanced firewalls and switches, multiple reverse proxy servers with automatic failover capability, multiple high- availability webservers and a scale-out NAS file system. We subject our data centres to independent security testing on an annual basis. Two layers of authentication protect access to the service and management console. To protect our cloud boundaries, we use Snort Intrusion Detection System (IDS) monitoring. Alerting at the along with hardened server builds if required to disable unused ports. Our management systems continually analyse data. Removing any traffic that matches known attack or unusual traffic patterns and passing only clean traffic on to our server. In the event of a Distributed Denial of Service (DDoS) attack, traffic is automatically redirected for 'Scrubbing'. We manage smaller scale DDoS attacks through IP blacklisting at the edge. Keeping our customers informed of progress from discovery through to re.