We provide client-specific Network, Compute, and Storage resources ´ a virtual data center (vDC) ´ on a fully-managed, extremely secure platform accessible via the Internet ´ or, for greater flexibility and security, Layer 3 VPN connectivity.
Clients add and remove resources (´virtual machines´) via an intuitive point-and-click interface (vCloud Director 5.1) to extract the application performance they require on a very flexible and cost-efficient basis.
There are two basic pricing models with AIS BusinessCloud1, both of which include real-time support and easy access to the secure, browser-based self-provisioning portal for full command over all resources: Pay-as-You-Go and Allocated Resources.
This cloud service features state-of-the-art hardware from market leaders Arista, Cisco, Dell, NetApp, and VMware ´ the market leader in virtualization with wide adoption, enterprise functionality, a superior roadmap, and a robust support ecosystem.
Network, compute, and storage resources are provided in the form of a Virtual Data Center (vDC) which is completely isolated and secure for each client.
From the secure, browser-based control portal ´ VMware vCloudDirector 5.1 ´ clients have API access and full command over all their resources:
VMware HA (high availability) for automatic recovery from physical host failure Built-in QoS for both network and storage access vShield Edge included (firewall, VPN, load-balancing) Snapshot capability for rolling back VM configurations Private template catalog for client VM configuration management Import facility for VMware VMs and ISOs Direct VM console capability with ISO booting Hot-add RAM for running VMs Complex Multi-VM ´cloning´ through API and vCD interface Intuitive multi-layered private networking
Using the vCloud Director pop-out console utility, clients can access any of their virtual machine control consoles. This tool may be used even if a virtual machine itself has no network connectivity.
The vCloud Director self-provisioning system requires no human intervention, which means tasks are completed quickly with fewer errors.
Dual Arista 7000 Series switches and dual Cisco Catalyst 6500 Series switch/routers provide redundant Internet connectivity for client Virtual Data Centers ´ or more conveniently, Layer 3 VPN access to clients´ colocation or corporate facilities.
It is this secure, high availability (dual handoff) Layer 3 VPN connectivity that makes it particularly easy and powerful for AIS colocation clients to use AIS BusinessCloud1 services as a seamless extension of their existing networks.
The Arista and Cisco switches are configured with 2N redundancy and are dedicated to the cloud environment; they also have both power and link redundancy. There is 10GigE dedicated storage connectivity to each Dell compute node.
The Cisco 6500 Enterprise access routers are integrated into the AIS regional MPLS environment and provide flexible networking options for colo, multi-site, and metro-ethernet applications.
Security: AIS BusinessCloud1 has a full array of networking options to accommodate all security requirements:
100% Private Network: all operations kept internal to the client´s Virtual Data Center Firewalled Access to internal or external networks (VMware vShield) Internet Access via client colocation or corporate facilities Direct Internet Access
Clients may also configure unlimited, completely isolated internal networks with VMware´s built-in security features.
Compute resources consist of Dell R610/620 compute servers packed with fast 2.5Ghz processors and RAM ´ with each server being the equivalent in processing power to more than 100 standard servers.
These AIS BusinessCloud1 compute platforms use on-board SSD and network attached storage (NAS) for data instead of traditional disk drives.
The compute nodes are fully redundant in power, disk, and front-end/back-end connectivity
Since cloud performance is completely dependent upon data access, each remote host has dual, redundantly-configured 10Gbps links to the NAS devices for maximum availability and throughput.
AIS provides two grades of NetApp FAS3240 Enterprise Storage: high-performance SAS for transactional data and robust SATA for standard data storage.
The NetApp storage devices have dual controllers with HA configuration and RAID-DP (dual-parity) for maximum fault-tolerance and spindles.
The NetApp system is fully redundant and has additional features to enhance performance and efficiency, such as:
NetApp Flash Cache Proprietary WAFL file system
AIS BusinessCloud1 is packed with enterprise-class features that would be prohibitively expensive if acquired by a single business just for its own use. Security
Hardware Storage ´ Storage partitions are not directly exposed to VMs. Compute ´ Control and monitoring systems are physically isolated from the operational environment with dedicated security systems and access control. Network ´ Explicit segregation of control, client, and storage access. Private client connectivity (internal and external) provided via dedicated VLANs.
Network AIS does 24x7x365 monitoring from three separate facilities. Netflows and other tools are used to identify potential security issues such as DDoS. AIS uses BGP communities in conjunction with our transit providers and internal systems to mitigate potential service-affecting attacks.
Software VMware built-in security features include vShield Edge, which provides sophisticated firewall capabilities such as NAT and VPN access. AIS has also hardened the underlying subsystems to circumvent common attack methods. Template catalogs allow simple configuration management to ensure standards compliance. VMware control domain is segregated between facilities to prevent multi-site security breaches.
Facility AIS cloud facilities are SSAE 16 SOC 1, SOC 2, SOC 3 audited for compliance. All facilities require two-factor authentication for physical access. Availability
Hardware Storage ´ Data distribution across multiple disk shelves to optimize I/O availability. RAID-DP with data striping ensures I/O efficiency under load conditions. Compute ´ Each compute node has dual uplinks to the storage and external networks that are load-shared. Network ´ Cisco and Arista enterprise-grade switches using HA technologies such as MLAG, HSRP, and BGP.
Network Cisco access routers are meshed to facility border routers. BGP and MPLS technology is tuned to provide efficient service even under load. Paired access routers allow router upgrades without service disruption. MPLS backbone is tuned to self-heal in the event of a network service issue.
Software AIS has implemented VMware´s vCloud Director suite of software with Enterprise+ features including HA, DRS, Network and Storage I/O. Using the built-in load-balancing, clients can perform hitless service upgrades. NetApp / VMware integration allows clients to perform snapshots of VM, providing a recovery point for software upgrades.
Facility AIS cloud facilities are designed to operate independently with separate physical security and operations staff. Fault-Tolerance & Redundancy
Hardware Storage ´ Dual NetApp controllers with dual power supplies, dual NICs, and dual 10Gbps uplinks into NAS switching. Disk shelves connected to both controllers. RAID-DP provides dual parity and a hot spare drive for redundancy at the shelf level. Compute ´ All servers have dual power supplies and dual uplinks to both the storage and external networks. Each server has RAID SSD boot disks. Network ´ Cisco and Arista enterprise-grade switches with dual power supplies and redundant links to both storage and external networks. Client interconnections use HSRP with dual Layer 3 VPN physical handoffs.
Network AIS operates its own BGP autonomous system to ensure IPv4 and IPv6 connectivity independent from external transit providers. All transit providers have dual entrance facilities. All inter-facility links (10Gbps MPLS) are redundant with different paths and providers Upstream transit connectivity is spread across 8 major backbone carriers and 4 facilities. Critical client resources such as DNS are anycast across all facilities.
Software VMware´s High Availability (HA) is built into BusinessCloud1; it intelligently manages recovery from a hardware node failure, restarting the affected VMs on other nodes. VMware control domain is segregated between facilities to prevent cascading service failure. AIS has designed in N+2 redundancy for VM resources.
Facility All AIS cloud facilities have 2N power redundancy and cooling. Performance
Hardware Storage ´ NetApp controllers are equipped with 1TB of Flashcache for performance caching. AIS has both standard (SATA) and performance (SAS) storage options. Compute ´ Processors are the latest Intel model with multiple DMA channels and on-chip caching. Network ´ Dual 10GigE connections to storage network to maximize I/O access. Dual 1GigE uplinks to external network for VM-VM and VM-world communications.
Network BusinessCloud1 routers have access to 45Gbps of upstream transit connectivity and more than 40Gbps of inter-facility transport. AIS has more than 80 direct and paid peering connections to optimize traffic flow. AIS uses Avaya performance routing to detect performance issues and reroute traffic. Servers use Load-Based Teaming (LBT) to detect and normalize traffic distribution.
Software VMware´s DRS provides dynamic, automated distribution of workload to optimize performance. Storage I/O Control monitors storage I/O performance and mitigates ´noisy neighbor´ issues. VMware´s VSS optimizes traffic flows between hosts even if they reside on different physical nodes. vApp template system allows rapid scaling of applications in a production environment. Scalability
Hardware Storage ´ Scalable to 1.2 Petabytes of storage with existing configuration. Storage network access scalable to 80Gbps. Compute ´ Scalable up to 768GB RAM per node. AIS design will support 32 servers per cluster and more than 100 VMs/server. Network ´ Scalable to 2 x 10GigE on external connections.
Network AIS network design is fully scalable for transit, transport, and dark fiber integrations.
Software AIS design allows for up to 1024 distinct virtual data centers per cluster. Client may create as many internal VLANs as required.
Facility AIS facilities are capable of sustaining any power, cooling, or space requirements for the next 5 years.