| Managerial Considerations/Staffing |
|---|
|
Team of cloud experts to architect your platform
|
|
3 fully trained security teams dedicated to securing the platform and implementing best practices
|
|
Expert Drupal support available 24/7/365
|
|
Team training (including yearly training on security best practices)
|
|
Simple, value-based pricing
|
| Drupal Development Tools and Services |
|---|
|
Low-code Drupal site builder included
|
|
Separate development, staging, and production environments
|
|
Automated code deployment across environments controlled by a drag-and-drop interface
|
|
Built in code security and performance quality testing
|
|
Build APIs to integrate your development platform with external systems
|
|
Code tests automatically run when you push code from development to staging environments to ensure code quality
|
|
Integration between development platform and third-party services
|
|
Automated synching between file systems and databases across all environments
|
|
Ready to use development environments deployed within minutes without installing any extra software
|
|
Built-in critical system health monitoring (99.95% SLA)
|
|
Built in infrastructure health insights (Stack Metrics)
|
|
Built-in Application Performance Monitoring (APM, New Relic Pro APM)
|
| Fully Managed, Scalable Cloud Platform |
|---|
|
Fully configured and maintained operating system
|
|
Fully configured and maintained ephemeral storage
|
|
Fully configured and maintained database servers
|
|
Fully configured and maintained persistent network file system with built-in replication and redundancy
|
|
Fully configured and maintained web servers (including Apache, PHP, and Drupal Application)
|
|
Fully automated server deployment to accommodate increasing traffic demands
|
|
Reverse proxy caching with Varnish
|
|
Fully configured and managed load balancing servers
|
|
Built-in CDN for optimal performance
|
|
Highly available across entire stack
|
|
LAMP stack availability monitoring
|
|
Fully managed database backups
|
|
Software updates (e.g. OS updates, security patches, bug fixes)
|
| System Monitoring |
|---|
|
LAMP stack availability monitoring
|
|
Database backup restoration tests and alerting for failed backups
|
|
Monitoring CPU stats (e.g. load time, user time, system time, I/O wait time, idle time, and CPU steal time)
|
|
Web server run state monitoring
|
|
Packet monitoring (e.g. dropped received, errors received, received overruns, errors transferred, dropped transferred, transferred overruns, and collisions)
|
|
PHP process and fatal error monitoring
|
|
MySQL availability monitoring
|
|
Varnish monitoring (e.g. client connections, dropped connections, client requests, cache hit rate, cache hit/pass, cache miss, backend fail, n_expired, and uptime)
|
| Security Features |
|---|
|
Multi-factor authentication
|
|
Built-in roles and credential
|
|
Real-time log streaming
|
|
IPv6 Support
|
|
Shell access via SSH
|
|
ClamAV support
|
|
GeoIP available
|
|
Apache mod_proxy support to improve LAMP security
|
|
Built-in security and performance optimization monitoring (Acquia Insight)
|
|
Drupal Steward Program member
|
| Security Add-Ons |
|---|
|
Advanced WAF with customizable WAF rules (layer 7)
|
|
Secure Virtual Private Cloud (Acquia Shield VPC)
|
|
Secure Virtual Private Network (VPN)
|
|
Specify application access by IP address in the Cloud UI (Access Control List)
|
|
Centralize view of logs (Log Forwarding)
|
|
Leverage internal organizational security policies to authenticate users (Enterprise SSO)
|
| Platform Security Audits |
|---|
|
Yearly third party security audits including: malicious user testing, insider threat assessments, and spearphishing exercise
|
|
Monthly server and web application vulnerability scans
|
|
Monthly operating system scans
|
|
Monthly database and web application scans
|
|
DDoS Detection
|
| Compliance |
|---|
|
FedRAMP Authorized
|
|
PCI
|
|
HIPAA
|
|
ISO 27001
|
|
SOC 1 & SOC 2
|
|
GDPR
|
|
CSA STAR
|
|
FISMA
|
| Drupal Application Maintenance and Security |
|---|
|
Automatically track Drupal core updates and ensure they are administered to all applications
|
|
Automatically track Drupal module updates and ensure they are administered to all applications
|
|
Automatically track Drupal security updates and ensure they are administered to all applications
|
|
Vulnerability scans
|