While there are many convenience features associated with having LEAP operate as a web-based system, they are only worthwhile as long as we can maintain 24/7 system operation with a high degree of reliability and security.

To accomplish those goals, EDR-LEAP (www.leapmodel.net) operates on a different web server than our information web site (www.leapmodel.com ). The working system is password controlled and users have control of that password security process, determining the form of access allowed for various users.

The server is housed in private, locked cabinet at a data center located in Dallas, TX, which was chosen for its relatively mild climate, central geographic location, lack of seismic activity, and inland distance from any coast. It is part of a bank of servers composed of dual Intel Xeon 3.20Ghz FSB 1MB on-die cache processors, 4GB memory and 6 x 36GB Seagate hard drives with hot and cold spares.

The data center has redundant and multi-homed managed connections, all at a minimum DS3 level, provided by InterNap, Level3, Savvis, XO, Time Warner and Broadwing, among others. There are three redundant fiber entry points and active BGP4 for IP failover. The data center has live IPS backup, utility power from three separate metropolitan grids and there is a TXU Power Vault located in the building. There is also a diesel generator for standby power with auto-failover via ATS switching.

Console access to the unix system is limited to SSH using shared keys; there is no password access. Console access to W2K3 systems is limited to RDP. All console access is limited at all firewalls by IP. All unix servers operate apache with mod_security and mod_evasive. There is no direct access to our database servers from outside the network perimeter and access within the perimeter is limited only to those IPs requiring access. Indirect access to databases is supplied via phpMyAdmin and phpPgAdmin; traffic to both is SSL-encrypted. There is no direct or indirect access to MS SQL Server from outside the network perimeter and access within the network is limited to the local W2K3 server and the control panel server. Backups are performed using rdiff-backup every evening, both locally via private subnet and off-site via SSH.