Skip to main content
Product Description Certified Data Center Segment
Last update:

Product Description Certified Data Center Segment

certified data center segment (A-DDC) — IT infrastructure to host an information system with enhanced data protection requirements. Requirements are met according to the delineation of areas of responsibility.

Only dedicated servers of arbitrary configuration and network equipment provided by Selectel may be located in the A-Data Center.

Certified Data Center Segment is used for:

  • certification of the information system in accordance with the requirements of FSTEC Orders No. 17 and No. 21;
  • processing of personal data up to the first (maximum) level of security in accordance with the requirements of the 152-FZ;
  • maximizing security control at the infrastructure level;
  • increasing the loyalty of service users by meeting the requirements of Russian laws and international standards.

In terms of functioning and meeting security requirements, the Certified Data Center Segment consists of a set of certified information systems, and these are used in the delivery of services:

  • IS Infrastructure;
  • IS "Managed Security Services";
  • IS Administration;
  • IS "Information Security Monitoring".

When placing the IT infrastructure in the A data center, you can select only infrastructure-level services — Colocation in A data center, or connect additional information security services:

A-DC Services

Equipment placement in A-DC

Ensures fulfillment of requirements to the territorial site according to PCI DSS, 152-FZ (FSTEC Orders #17 and #21), GDPR, SOC-2 implements security measures related to physical access to equipment, maintains continuous functioning of the infrastructure.

If you select an infrastructure level service, infrastructure level services are provided:

All equipment is placed in racks belonging to the IS "Infrastructure".

When connecting servers in the Certified Data Center Segment, typical connection scheme is used.

Dedicated servers are switched behind a dedicated firewall and have no direct connection to Selectel's internal networks, nor to the networks of other customers. Because of this, internal Selectel systems do not have access to server information, and the server cannot be managed through the Selectel control panel. The Selectel Control Panel for these servers displays the message: "No power information". All connections to external networks go through a firewall.

You can only connect to servers in the Certified Data Center Segment through IPMI interfaces that are firewalled together.

When conducting performance evaluation (attestation) of the information system hosted by the Certified Data Center Segment, the following shall be provided:

  • extract from the IS Infrastructure threat model;
  • Confirmation of infrastructure placement;
  • serial numbers and special firewall security marks;
  • if additional information security services, serial numbers and special security marks are used.

Providing information security features

Provides protection from current threats, fulfillment of the requirements of FSTEC Orders No. 17 and No. 21, as well as the requirements of international standards for information systems in the client's area of responsibility.

When activating the service, access to the selected specialized software or hardware-software means of information protection is provided:

  • Secret Net LSP;
  • Secret Net Studio;
  • Dallas Lock SDZ;
  • Kaspersky Endpoint Security;
  • Maxpatrol SIEM.

Managed security services and administration

Allows for both one-time installation and configuration of information protection tools and full system support, including response to security incidents.

The service is provided using IS "Administration", IS "Managed Security Services" and IS "Information Security Monitoring", which allows the certified systems to be transferred to Selectel for administration without violating legal requirements.

Data protection requirements to be met

Compliance within Selectel's area of responsibility is regularly reviewed and confirmed by external auditors.

Information Protection RequirementConfirmation of compliance with Selectel requirement
Processes personal data up to UZ-1FSTEC Order No. 21

Information Protection Compliance Certificate No. 3479.00001.2022 dated March 10, 2022. IS "Infrastructure" LLC "Selectel"

Is a state information system up to K1Order of FSTEC No. 17

Certificate of compliance with information protection requirements No. 3479.00001.2022 dated March 10, 2022. IS Infrastructure Selectel LLC

Processes payment card dataPCI DSSPCI DSS
Processes personal data of EU citizens or people in the EUGDPRCan be issued DPA and SCC
Used for Commercial companies with high requirements for service providersAICPA SOC 2®SOC 2® Compliance Report
Used for handling confidential information and trade secretsGOST R ISO/IEC 27001-2021Certificate GOST R ISO/IEC 27001-2021

Areas of responsibility

Selectel is responsible for security related to physical access to the IT infrastructure and implements the portion of physical security measures that is within its area of responsibility.

Selectel is not responsible for the operation of the system and application software of the servers, firewall administration and security related to logical access to the information system. Selectel's internal systems do not have access to servers hosted in the Certified Data Center Segment.

Cost

Depending on the type of balances in the account, united-balance or basic-balance is used for payment. Before ordering the service, top-up balance.

The cost depends on the amount of equipment to be placed and additional services ordered. It includes:

  • cost of a dedicated server of a custom configuration;
  • firewall cost;
  • cost of the service "Placement of 1U equipment in the Certified Data Center Segment". The service must be ordered for each unit;
  • cost of additional information security services.