xAssets Cloud Hosted Infrastructure
SAAS solutions for fixed asset management and IT asset management

xAssets Hosted Infrastructure

Overview

xAssets began designing its hosted infrastructure from the ground up with specific targets in mind. We always have taken great care to ensure the experience of our customers is excellent, so we built the infrastructure around the design goals listed below.

We are always aware that some customers are cautious about purchasing hosted services from SAAS vendors, so we included in the design goals mitigating risk factors, ensuring that customers concerns are not just addressed, but completely resolved.

Design Goals

  • Reliable Data Center
  • Very fast response times
  • Secure
  • Scalable to the largest enterprises
  • Continuous Backup
  • Failover capability
  • Customers can copy their data onto their own network if desired
  • Alert mechanisms
  • Service Level Agreements exceeded
  • Commercially viable
  • 100% Uptime
  • SAS-70 Standards

Reliable Data Center

xAssets has chosen Rackspaceā„¢ as its primary data center provider. Rackspace well known as one of the most reliable hosting companies and their support, infrastructure and systems are excellent. They are SAS-70 compliant and recognised by Gartner as a leader in this space. We maintain failover servers outside of Rackspace at other SAS-70 compliant providers, to ensure that availability is maintained even if a major outage at Rackspace did occur. We now have a private cloud infrastructure based on dedicated hardware within Rackspace.

Scalability and Performance

xAssets products always perform and scale well because our databases are properly normalized and indexed, and bandwidth is kept to a minimum. We have been asked in the past to load data from databases storing data from competitive products and our DB Admins need heart surgery after looking at their not-normalised data models. Our products are written with the latest .NET and Sql Server technology and we use low level programming techniques for performance critical code.

We use hosting providers in the UK and the USA so each customers primary server is located within their country. This means that transatlantic bandwidth limitations do not affect the service.

The servers we host on are powerful bare metal servers, not virtual machines. This gives the fastest possible response times. We have looked at Virtualisation benefits, hosting VPNs and Amazon AWS Cloud and while the business model is attractive it did not meet our requirements on performance. We host large implementations on bare metal servers dedicated to each customer.

Target response times are 1 to 5 seconds per page refresh. We usually achieve this target although some reports on very large databases will take longer than this.

Security

We primarily choose data centers which are firewalled outside, and also we use a tightly locked down hardware firewall in front of each server cluster, and a locked down windows firewall on each server.

Our servers run Windows 2012 or 2016 Server are kept up to date with Windows update.

Our servers only run our SAAS service. They do not run other websites or other applications. HTTP is disabled at the firewall level, so all servers run SSL only.

Our servers are locked down by firewall and IIS IP security so that only xAssets staff and the customers web facing IP subnet can access the service.

Backup and Customer Backup Copying

We backup databases continuously and we maintain failover mirrors at a different data center with a different hosting provider. Backups are also moved to xAssets LAN in the UK. From there backups are stored encrypted on tape and kept at a secure facility.

Backup copies can be copied onto a customers LAN at any time. This enables customers to restore their sql server database and gives the reassurance some customers need that their data is accessible, protected and secure.

Failover Capability

We run failover servers in the UK and USA, and we also restore backed up databases onto VM's on the xAssets Corporate LAN. This enables multiple failover options and further options for remediation in the case of unexpected failures. Failover is a manual process, we know from experience that automated failover can be problematic and most outages are resolved in seconds or minutes, not hours. This means we are not losing data entered for the duration of an automated failover process.

Since we started hosting in 2006 we have only ever failed over to test the service, failover has never been needed on a production service. This is an excellent endorsement of our choice of hosting providers.

Alerts

We have developed a substantial customised alerts infrastructure, which meets our requirements for reporting on everything from backup success, DNS availability, job success, failover availability, firewall configuration and even whether duplicates got created in a customer database. This level of protection has allowed substantial improvements in the overall effectiveness of the hosted service.

Commercial Viability

Our excellent hosting infrastructure means that support incidents are minimised and access to the database to solve any questions or incidents is fast any easy for our support team. This means that the cost of running a hosted service is about the same as the cost of supporting a local implementation using remote admin tools despite the infrastructure costs.

The use of multiple hosting providers means we are not dependent on a single provider and therefore the resilience can be built into failover techniques rather than substantial investment in attempting to keep single servers 100% available.

100% Uptime

100% uptime is a goal we have achieved so far for all our hosting customers, but of course its never guaranteed. Any hosting provider can have an unplanned outage, regardless of the amount of money spent on avoiding that scenario. We think we have found the best way of managing this risk, through careful choice of multiple providers and a very successful backup and failover infrastructure.

SAS-70 Standards

We only choose hosting providers who follow SAS-70 standards AND have been successfully audited for SAS-70. We also require that providers are profitable, have a substantial staff base, and have an excellent online reputation. We look closely at their business model to spot any flaws and we look closely at their infrastructure and expertise to ensure the provider is as low risk as possible. We do not use providers who build their own servers, we only use Dell 1950 or higher specification Dell or HP servers.