数据中心安全性：

让我们开始运动...

Let’s be honest, how secure is your data center? You’re initial thoughts might go something like “it’s ironclad, the Fort Knox of all data centers, nothing could possibly be more secure.” And virtually, yes, you’re ready for anything. You probably have firewalls, VPN gateways, intrusion detection systems, monitoring systems, the whole nine-yards. No one will be manipulating their way into your network anytime soon. Your network is impenetrable!

But what about your data centers 物理安全? Sure you’ve thought about it, set up some precautions, installed a few security features, made some regulations, some rules. You’re probably thinking you’re well protected. However, you more than likely didn’t spend nearly as much time creating the master plan to protect your facility, as you did when you considered your network. Unfortunately, that is all too typical in the industry. Physical security is often placed on the back burner, largely forgotten until an unauthorized party manages to break into or sneak onto a site. So with that in mind…

现在是时候物理地保护和保护数据中心了。

As with all things, there will always be someone who takes things to the extreme. Physical Data Center Security is no exception. Iron Mountain houses four of its 数据中心 地下22层，位于一个废弃的旧石灰石矿山中。众所周知，谷歌将其服务器机箱保持在完全黑暗的环境中，为矿工配备技术人员，例如矿工，并在需要进行任何更新或维修时，将他们的头颅灯带入洞穴中。 Visa不仅有护城河，而且还设有一个简介室。它的墙壁像其他任何墙壁一样不透明，但是只要按一下按钮，它们就会变成透明的玻璃，展现出无与伦比的效果–像NASA一样的指挥中心，上面有40乘14英尺的屏幕墙，其中包括Visa网络覆盖的世界地图。但是，这些情况很少见。像上面列出的三个公司一样，公司存储着大量宝贵的，不可替代的重要数据。可以理解，他们对自己的安全性有些偏执。

数据中心安全清单

那你该怎么做才能保护自己 数据中心 from attack you ask? Read below to find out how a fictional data center is designed to withstand everything from corporate espionage artists to terrorists to 自然灾害. Sure, the extra precautions can be expensive. But they’re simply part of the cost of building a secure facility that also can keep humming through disasters.

• 位置，位置，位置
• Have Redundant bandwidth providers
• 不要做任何事情来宣传所在地点，这里没有数据中心的迹象
• 控制所有访问权限，以防止潜在的piggy带入侵者
• 固定所有门，窗和墙壁
• 有一个 Disaster Recovery Plan 到位
• 雇用一家公司来查找您的所有物理安全漏洞
• 如果可能，使用提供弹道防护的材料（例如凯夫拉尔）进行构造
• 植被和美化环境是您最好的朋友
• 在场地周围保持100英尺的缓冲区
• 在车辆入口处使用自动护柱和防护站
• 炸弹检测计划
• 限制入口点，也不要忘记看着它的存在
• 具有闭路电视等安全系统，并确保24×7备用电源
• 安装至少一个门架
• 保持训练有素的警卫和保安人员
• 使防火门仅退出
• 使用大量相机
• 实施协议以禁止讨论与工厂有关的任何事情
• 锁定所有笼子，橱柜和保险库
• 通过其他身份验证要求强化数据中心核心
• 计划进行安全的空气处理，以防止入侵者和化学物质入侵
• 确保没有人可以在墙壁和天花板上玩捉迷藏的游戏
• 使用两因素身份验证，例如生物特征识别或电子访问控制系统（ACS）
• 有一个有效的 服务器设备 handling solution, such as a ServerLIFT^®，以防止在高威胁时间内停机
• 在计算机室中执行禁止饮食的规定
• 制定“威胁条件政策”
• 销毁所有纸张，磁盘和数据后，再将其丢弃到设施外
• 对访客使用额外的预防措施，它们构成最大的威胁之一

If you would like to see some of these security measures in action, Google, interestingly enough released a video showcasing the security and 数据保护实践 they use in their data centers. However, in true secretive Google fashion, near the end of the video there’s a reference to their use of additional security measures not shown–which can only be a reference to the sharks with friggin’ laser beams on their heads!

如果您要进行数据中心迁移，请参阅以下有用的文章 数据中心迁移步骤.