D3S’s hosted computing environment uses connectivity provided by the hosting provider, Dial Telecom, a.s., an international provider and one of the leading backbone providers in the Czech Republic.
Data Center Locations
D3S’s hosted computing environment operates within two data centers, each located just over 200 km away from the other in Prague and Brno, which meets the precondition for minimal safe distance in the event of a natural disaster or terrorist attack.
Both data centers meet the highest safety and operational parameters required for data centers providing professional hosting services and secure hosting of sensitive data. Both centers are ISO 27001 certified (among other certifications) and are subject to regular corporate and government audits.
The hosting provider supports D3S with independent internet connectivity to our services.
Primary Data Center (PDC)
The primary data center (PDC) provides services necessary for the operation of client applications (such as Inception CRM) and their services. This data center has the following operational and technical parameters:
- The PDC is located in our lockable racks
- The PDC is geographically located in Prague (12 km from D3S HQ)
- The PDC is located on the secure premises of Dial Telecom, a.s.
- Dial Telecom is responsible for the physical security of (access perimeter security) of the data center and its assets.
- Physical access to data center is restricted to authorized persons only
- Internet connectivity and power supplies are secured by redundant connections and backup electricity (both diesel generators and multiple grids)
- Air-conditioned rack space
- VPN access for most administrative tasks
- Connectivity to secondary data center enabling continuous data exchange to ensure security of backups, availability of failover services, and overall business continuity
Secondary Data Center (2DC)
To reduce the risks associated with the possible failure of the PDC and the increase in resistance in the event of its failure, D3S operates a separate backup data center. This secondary data center (2DC) has the following operational and technical parameters:
- It is geographically distant from the PDC (more than 200 km away)
- Physical perimeter protection of the data center is at the same level as the PDC
- The 2DC has the same functionality as the PDC
- The 2DC contains full backups of customer data to meet RTO and RPO objectives
- The 2DC is connected to the PDC via permanent VPN
- Server Manager and other management roles are the same for both 2DC and PDC
All application, database, storage servers located in data centers use the D3S Active Directory structure: primary and secondary domain controllers running Windows Servers. Management of these domain controllers and domain accounts are performed by D3S technicians.
All server administrators (application, database, backup) in the data center have their own unique domain accounts for managing servers.
For remote data center management, we use a built-in IpSEC VPN provided by Fortigate Firewall.
A brief list of primary server types used in the D3S data center for DevOps and ITOps is provided for illustration:
|Server Type||Operating System||Available Functions|
|Firewalls||FortiOS||The main firewall of our data center|
|Hypervisors||VMWare ESXi||Hosting all other operating systems|
|Application Servers||Windows Servers||Hosted applications on IIS server|
|Database Servers||Windows Servers + Microsoft SQL Servers||Hosted customer data|
|Domain Controllers||Windows Servers||Active Directory, DNS|
|Storage Servers||Synology DSM||Backups, Application packages|
Our DMZ – or “demilitarized zone” – contains the following servers:
- Email server
- Web server
The email and web servers are the only servers located outside of our internal network.