Enterprise Cloud

Table of contents

    1. Service Level
    2. Monitoring
      1. Authenticated vulnerability scanning
      2. VMware Tools and Hardware-Compatibility
    3. Management
    4. Backup

As part of the server and service consolidation, the ZIH has created the possibility of providing virtual servers as a central service. Thus, the ZIH offers its customers the opportunity to operate their own services within the ZIH infrastructure. You may provide services via virtual servers (virtual machines - VMs) that you yourself can manage.

Service Level

  • Infrastructure-as-a-Service (IaaS), here the ZIH only manages the virtual server and not the operating system or logins. This means that only the virtual server in adjustable size is offered here. An initial operating system is also provided on request, but this is not maintained by the ZIH.
  • Platform-as-a-Service (PaaS), where one of several operating systems can be selected and initially installed. Furthermore, the system is included in the monitoring and the automatic installation of security updates is configured. If problems occur during operation, ZIH can provide support on request. Upgrading the operating system to a newer version (e.g. Debian version 11 to 12, Windows Server 2016 to 2019) is not part of PaaS.

Two service classes are distinguished from Infrastructure-as-a-Service (IaaS):

  • Enterprise Cloud: with high demands on availability (HA clusters)
  • Research Cloud: for research and test purposes

Monitoring

Virtual machines in the Enterprise Cloud are tethered to the Monitoring System Centreon. For VMs with the PaaS service level, support includes availability, pending software updates, and periodic checking for known security vulnerabilities. With the service level IaaS, the installation of software updates is the responsibility of the user. Therefore, only vulnerability scans are performed for VMs of this service level.

Authenticated vulnerability scanning

All VMs are subject to regular scans for known security vulnerabilities. For VMs of the PaaS service level, an authenticated scan is usually performed, which can provide more details about security vulnerabilities. In an authenticated scan the VM is scanned both from the outside via the network and from the inside via a valid user logon.

VMware Tools and Hardware-Compatibility

The latest available version of VMware Tools and the hardware compatibility layer guarantees the best performance and most reliable behavior of the applications running on your virtual machine.
The VMware Tools are part of the VM templates provided by ZIH and, if necessary, are automatically updated during the VM startup process. On Linux, the open-vm-tools are usually used, which are managed and updated by the operating system.
The hardware compatibility layer version is basically the current available version on the underlying hosts at the time of VM provisioning. You can perform an update manually in the Self Service Portal if required.

Management

If you already have one or more virtual machines, you can manage them in the Self Service Portal. The tabular overview shows you the current status (on/off), the IP address, and the names of the administrators responsible for the respective VM. You can also switch VMs on and off, create and delete snapshots, adjust firewall rules for incoming traffic, and access the VM console.

Backup

An image backup of each VM in the Enterprise Cloud is created every two days and kept for a maximum of 90 days. A backup cannot be guaranteed if special conditions of the VM prevent this. The request for a restore is made informally via the Service Desk.

About this page

ZIH Web
Last modified: Aug 15, 2023