What is the backup policy of Amazon Cloud Service (or the other servers you’d use)?
We have our own backup platform. Daily backups are replicated in 3 different data centers.
Backup history is kept during 3 months for each customer: 7 daily, 4 weekly, 3 monthly.
Manual backups available on demand via customer control panel.
See also here.
Does a partner have access to the shared IaaS to help Customer do database rollbacks?
No, for security purposes only OpenERP Engineers can access the platform directly.
When will OpenERP host servers in Singapore?
The server is currently located in HK and we do not plan to open a new one in Singapore.
If the data center servers or network is down, how does OpenERP managed that situation?
All servers are hosted on redundant network, redundant electrical power and with RAID hardware. In the event of a catastrophic failure that makes a data center or host totally unavailable, our disaster recovery procedure takes less than 1 hour to start a mirror copy of the servers in a different data center, on a different continent if necessary.
Will a Customer be informed of any downtime? What is the communication and escalation procedure?
Planned downtime are announced to Customers/Resellers via email and on the @OpenERPOnline twitter account. Unplanned downtime are very rare and also notified on the OpenERP Online Twitter account. We have always had better results than our 99.9% SLA (our IaaS providers give us 99.95% and also perform better than that).
What is the server architecture design?
It is simply done according to OpenERP best practices. Each OpenERP Online Host contains a fully
isolated OpenERP platform on bare metal hardware for best performance (key for database systems), with a dedicated OpenERP service and PostgreSQL RDBMS. The OpenERP service is load-balanced on many different identical OpenERP processes on the Host, all synchronized in real-time with the database.
Is there any failover, high-availability or redundant server design?
OpenERP service processes are automatically monitored, restarted and recycled as needed, transparently. In the event of a catastrophic failure, the disaster recovery procedure can restart a mirror of the service in less than 1 hour.
How do you secure the OpenERP servers for each IaaS or for each Customer?
We follow the Linux best practices for securing our Host machines:
● Up-to-date debian or ubuntu installations, with intrusion detection system
● Minimal installation for reducing vulnerability sources (no PHP, no mysql, etc. – only the minimum required for OpenERP and proper cloud management)
● SSH login with private keys only, limited to OpenERP engineers
● Isolation of each customer data in a completely different database in the local PostgreSQL cluster
Is there any network or host-based firewalls, intrusion detection or intrusion prevention systems implemented?
Yes. The exact details are normally not disclosed for security reasons.
Is there any encryption from the web browser to the OpenERP server via SSL?
Yes
How secure is the data in the database?
Please be more specific or see other answers.
What is the security policies that OpenERP implement to protect Customers data?
Please be more specific or see other answers.
Can the OpenERP Administration access the Customer’s OpenERP server or database?
Only a few qualified engineers from the SaaS team have SSH access to the Host servers.
If we use the OpenERP Hosted servers, how can we provide 24×7 server monitoring?
We have our own 24×7 monitoring service. You are free to perform your own monitoring on top of this by accessing the service remotely.
Can a customer install monitoring agents on the IaaS for our Customers?
No, any monitoring you want to do yourself has to be done remotely by accessing the public service. We
cannot let Customers/Resellers install anything our SaaS hosts, for obvious security and reliability reasons.
We need to know if OpenERP uses a backup software to backup the OpenERP servers or the PosgreSQL databases. If there is a backup software, what software is used? How can we help the Customer to do data recovery or database rollbacks?
See answer regarding backup policy. Customers/Resellers can manually take a real-time backup any time
they want in the control panel. Restoring to a previous backup needs to be requested by opening a ticket on
the OpenERP Online support (we do not let customers restore backups themselves as they tend to make
mistakes and it can result in data loss). Execution is done within a few hours, or faster during Europe
business hours.
What is the average server sizing (CPU, RAM, Disk, Network bandwidth) for a 20 – 50 user deployment? For OpenERP Hosted servers, what is the typical IaaS server size and capacity allocated to each Customer with: 10 to 20 users? 21 to 50 users? 51 to 100 users?
This is an implementation detail. We are currently using the following hardware specs for each SaaS Host: Xeon E5 with 6/12 c/t @ 3+GHz, 32-64GB RAM, 2x RAID-1 SAS disks, 100mbps symmetric network link. Such a SaaS Host can handle thousands of concurrent users (across hundreds/thousands of customers), and we allocate customers to Hosts according to their hardware spec and load. Moving a customer to a different Host can be done in a few minutes (depending on DB size and data center distance), starting a new host in 30 minutes. Moving to/from Asia is slower than between Europe and America.
If the access to the OpenERP servers are slow, how will OpenERP resolve the issue?
We solve all issues that can be solved on our side (we cannot do anything for local network problems on the customers’ premises, for example):
● Any performance issue on a given Host can be solved by starting new hosts and moving affected customers to them. This can be done within the same delay as for a disaster recovery, but has never happened because we do not overbook the hosts.
● Structural network delays have been solved in the past by deploying OpenERP points of presence in 3 different continents (more in the future). HK has been started in March 2014.
● We are in the process of adding CDNs for the central authentication server so we can accelerate the subscription process and login procedure (those are still centralized in Europe at the moment)
● And so on… we’ll come up with a quick solution for any issue that arises and is under our control..