Omegabit directly operates a private VMWare based cloud infrastructure that is purpose built for Liferay secure operations.  Omegabit directly owns and manages all computing layers including edge routers and firewalls, servers, storage, and interconnecting equipment at each physical hosting location and relies on Digital West and its facilities providers for secure physical plant operations, redundant power, cooling, private redundant private cross-POP interconnects, and Internet connectivity.

All environments are provisioned within a firewall protected private VLAN that is exclusive to each customer's specific purpose.  Only public facing services are exposed via the firewall.  Customers may only access and control applications and data located within their respective private cloud, only.  

Common SAN storage is utilized at the abstracted VMWare layer and is completely isolated from customer access.  Encryption at rest is available.

All customer facing virtual machines, storage, access and network paths are exclusive to the use of that specific customer.

Omegabit uses industry leading VMWare based storage and virtualization technology combined with enterprise-class servers, storage, and network infrastructure to provide Liferay-optimized host environments. All servers and virtual host environments are fully patched and protected against Meltdown/Spectre and similar virtualization exploits.  Omegabit also operate 100% AMD chipset based server infrastructure, which is inherently more secure.

For a comprehensive explanation of VMWare based infrastructure please see:

http://www.vmware.com/pdf/vi_architecture_wp.pdf                                                                                                                                                                                

The proposed solution is based upon standard Liferay reference architecture optimized for the stated use case and cost efficiency. 

Omegabit is able to supply an always-on VPN connection that can support secure back-channel links to core infrastructure (e.g. system of record, SSO or directory services, e-commerce transaction processing) over a dedicated BOVPN link.

Omegabit is also able to support special security rules and configurations at the Firewall and Apache rules layers, which can be used to enforce specific client/destination restrictions (as a complement to Liferay logic).

Please see the supplied addendum "Third Party Privacy-Security Questionnaire" for a detailed explanation of Omegabit security features, controls, and options.

Data is segregated at the virtual machine disk image level. All control is limited exclusively to Omegabit authorized administrative personnel.

From the CLIENT perspective, all environments are dedicated for its sole purpose.  We operate a secure, private cloud infrastructure that runs on top of large-scale enterprise class servers and high performance SAN storage, which are clustered and shared collectively across our tenant installations using VMWare technology.  This provides more flexibility, scalability, and performance-on-demand as compared to dedicated physical hardware and is preferred for these reasons. 

All resources reservations are guaranteed.  Omegabit follows strict environment isolation, discrete configuration, and data management practices to ensure separation between hosted environments, and is PCI-I, HIPAA/FERPA, FEDRAMP compatible.

We are able to accommodate private dedicated host infrastructure but do recommend leveraging our secure, already redundant, and Liferay-optimized cloud infrastructure for the best balance of cost, performance, resilience and manageability.  

We build to suit and are happy to accommodate any special requirement in this regard.  However, building a similarly capable dedicated infrastructure specific to Babson many have a substantial impact to cost.