To setup a website on the Common Web Platform, select from a small, medium or large instance, and within three working days everything is ready for development to begin.
An agency can buy one or more 'Instances' of the Common Web Platform (CWP). Instances come in three sizes, with different technical profiles. Whether you require a small, medium or large instance depends on the size of your website and how many people visit your website. If the standard sizes don't fit an agency's needs, a custom instance can be agreed.
|Size||Small||Medium||Large||Additional Dev/Test Environments|
|Daily Page Views||10,000||100,000||750,000||5,000|
|Disk Space||20 GB||40 GB||80 GB||20 GB|
|Daily Traffic||2 GB||15 GB||25 GB||1 GB|
|Max Pages in CMS||5,000||25,000||1,000,000||5,000|
|Co-funded development pool hours||2||4||6||0|
Above specfications were last updated and were changed on 31 March 2015.
In the case of a major disaster like an earthquake, taking the data centre offline, CWP has been designed to quickly respond and recover to another location in New Zealand. Depending on the importance of your websites, you can pay for three different recovery times as follows:
Cost: Production environment is bundled with the service. Backup of UAT and development/testing environments is optional, and costs a small additional monthly fee.
How it works: Based on a daily backup taken of your website. Stored offsite. Data changes since the last backup could be lost.
Recovery time: Sites will be restored, but no service level or guarantee is provided on time taken to recover.
Cost: Small extra monthly fee.
How it works: A copy of your site is continuously mirrored from the primary to the secondary data center, reducing potential data loss and increasing speed of recovery. However, some effort is still needed to restore the site: "booting" of virtual machines and networking changes at the secondary data-centre. Available for the production environment (but not UAT or additional test/UAT environments).
Recovery time: 20 hours (Contracted Service Level).
Cost: Larger extra monthly fee. Further fee if UAT environment protected (recommended).
How it works: The Environment (CMS application, files, database) will be actively replicated between the primary (Wellington) and disaster recovery (Auckland) data centre. Website traffic will be served jointly from both data centres, using a geographic load balancer provided by Incapsula. Where a failure occurs at either one of the two data centres, the system shall automatically react and promptly serve traffic only from the operational data centre, reducing the potential for a website outage. A third node (Christchurch) acts as a "witness", communicating with the databases in Auckland and Wellington on whether they should operate or not. (This enables what is known as a master-master database configuration). Should the geographic load balancer component fail, it is designed to automatically operate from another location, such as Sydney.
If Active DR is selected, it should (but is not required to) be used for the UAT environment as well. This enables agencies to accurately test performance, and locate issues otherwise only reproducible on a production environment. Without this, agencies might write code that works in a single-server configuration on UAT but then fails when deployed to the multiple-server configuration in production, thus creating a website outage. Having Active DR in UAT also enables development and deployment to occur more quickly following a failure of the primary data centre.
(Prior to 30 June 2014, Active DR worked differently: A copy of your site was continuously mirrored to a running server in another city; a manual DNS change was needed to restore the site)
Recovery time: 4 hours (Contracted Service Level), however the automatic nature of load balancing is designed to operate within a much shorter timeframe (usually minutes).
Agencies can purchase one or more further environments for various testing uses. These can have no backup, backup, or Active DR, as options.
CWP can be used to run intranets, and can support websites requiring secure access into other networks. For example to integrate into back-office systems holding important data. Agencies may use Virtual Private Networking (VPN) to provide a high level of security to enable these scenarios. In technical terms, the VPN End Point:
A VPN End Point is provided for a set upfront and ongoing monthly fee. Note that where an instance uses Active DR, a second End Point is provided for redundancy over two data centres, and will cost double.
A Web Application Firewall (WAF) comes standard with all Instances, bundled into the price of the Instance. This mitigates DDoS and malicious web traffic as shown by the by the diagram on the right. For an overview, watch a two minute video about Incapsula, used to provide this service.
Incapsula uses an intelligent automated rule-based system for detecting and preventing attacks and intrusions. The service is continuously updated to detect and automatically mitigate new attacks, much like a virus scanner gets regularly updated databases of signatures to detect.
Some Security incidents require human intervention to mitigate. These are only assessed and mitigated where they are discovered and raised by SilverStripe or an agency as a Priority Level 1 incident. Where automated detection is insufficient, an agency may wish to consider adding the Premium Managed Service.
Content Delivery Network (CDN)
Incapsula enables websites to be configured and architected to support extremely high traffic levels. Public pages and files can be cached and delivered via a global network of nodes that includes Auckland, and which enables hundreds of page requests per second. Website visitors retrieve their content from the node detected to be closest to them to reduce network latency and increase website performance. We recommend that you work with CWP team so that bandwidth, security, and architectural issues are well managed. See also: technical CDN configuration details.
Optional Premium Managed Service:
An additional monthly fee provides agencies with: