Agencies can purchase one or more further environments for various testing uses. These can have no backup, backup, or Active DR, as options.
CWP can be used to run intranets, and can support websites requiring secure access into other networks. For example to integrate into back-office systems holding important data. Agencies may use Virtual Private Networking (VPN) to provide a high level of security to enable these scenarios. In technical terms, the VPN End Point:
A VPN End Point is provided for a set upfront and ongoing monthly fee. Note that where an instance uses Active DR, a second End Point is provided for redundancy over two data centres, and will cost double.
A Web Application Firewall (WAF) comes standard with all Instances, bundled into the price of the Instance. This mitigates DDoS and malicious web traffic as shown by the by the diagram on the right. For an overview, watch a two minute video about Incapsula(external link), used to provide this service.
Incapsula uses an intelligent automated rule-based system for detecting and preventing attacks and intrusions. The service is continuously updated to detect and automatically mitigate new attacks, much like a virus scanner gets regularly updated databases of signatures to detect.
Some Security incidents require human intervention to mitigate. These are only assessed and mitigated where they are discovered and raised by SilverStripe or an agency as a Priority Level 1 incident. Where automated detection is insufficient, an agency may wish to consider adding the Premium Managed Service.
Content Delivery Network (CDN)
Incapsula enables websites to be configured and architected to support extremely high traffic levels. Public pages and files can be cached and delivered via a global network of nodes that includes Auckland, and which enables hundreds of page requests per second. Website visitors retrieve their content from the node detected to be closest to them to reduce network latency and increase website performance. We recommend that you work with CWP team so that bandwidth, security, and architectural issues are well managed. See also: technical CDN configuration details.
Optional Premium Managed Service:
An additional monthly fee provides agencies with:
CWP production sites can be upgraded to use HTTP/2 through Incapsula. In order to get this activated please raise a service desk request and make sure to specify which Instance HTTP/2 should be activated on.
For more information on HTTP/2 please follow this link.(external link)