Reflections from GPF 2025: 20 Years of Connecting the Global Internet

Policies

Shared Responsibility Model

Security and Compliance is a shared responsibility between NetActuate and the customer. This shared model helps relieve the customer’s operational burden, as NetActuate operates, manages, and controls the components from the host operating system and virtualization layer down to the physical security of the facilities in which the service operates. In many cases, NetActuate provides custom infrastructure or hosts customer infrastructure in its facilities. In this way, the customer can benefit from the physical security of the facilities and services that NetActuate provides, while maintaining their own controls.

The customer assumes responsibility and management of the guest operating system (including updates and security patches) and other associated application software, as well as its configuration. Customers should carefully consider the services they choose, as their responsibilities vary depending on the services used, the integration of those services into their IT environment, and applicable laws and regulations.

The nature of this shared responsibility also provides flexibility and control that permits various deployment strategies. As shown in the chart below, this differentiation of responsibility is commonly referred to as Security “of” the Cloud/Virtual Environments versus Security “in” the Cloud/Virtual Environments & Equipment.

NetActuate Responsibility

“Security of the Cloud/Virtual Environments & Equipment”
NetActuate is responsible for protecting the infrastructure that runs all of the services offered by NetActuate. This infrastructure is composed of the hardware, software, networking, and facilities.

Customer Responsibility

“Security of the Cloud/Virtual Environments”
Customer responsibility will be determined by the NetActuate services that a customer selects. This determines the amount of configuration work the customer must perform as part of their security responsibilities.

For example, virtual servers are categorized as Infrastructure as a Service (IaaS). When using IaaS, the customer must handle all necessary security configuration and management tasks. Customers deploying a virtual server are responsible for the management of the guest operating system (including updates and security patches), any application software or utilities installed by the customer on the instances, and the configuration of any NetActuate-provided firewall on each instance.

For more abstracted services, NetActuate operates the infrastructure layer, operating system, and platforms; customers access endpoints to store and retrieve data. Customers are responsible for managing their data (including encryption options), classifying their assets, and using IAM tools to apply appropriate permissions.

This customer/NetActuate shared responsibility model also extends to IT controls. Just as the responsibility to operate the IT environment is shared between NetActuate and its customers, so is the management, operation, and verification of IT controls shared.

NetActuate can help relieve the customer’s burden of operating certain controls by managing those controls associated with the physical infrastructure deployed in NetActuate’s environment, which may previously have been managed by the customer. As every customer is deployed differently in NetActuate’s environment, customers can take advantage of shifting management of certain IT controls to NetActuate, resulting in a (new) distributed control environment. Below are examples of controls that are managed by NetActuate, NetActuate customers, or both.

Inherited Controls

Controls that a customer fully inherits from NetActuate. This includes physical and environmental controls in the facilities.

Shared Controls

Controls that apply to both the infrastructure layer and the customer layers, but in separate contexts. Examples include:

  • Patch Management: NetActuate is responsible for patching and fixing flaws within the infrastructure, while customers are responsible for patching their guest OS and applications.

  • Configuration Management: NetActuate maintains the configuration of its infrastructure devices, while customers configure their guest operating systems, databases, and applications.

  • Awareness & Training: NetActuate trains its employees, while the customer must train their own employees.

Customer-Specific Controls

Controls that are solely the responsibility of the customer based on the application they are deploying within NetActuate’s services. Examples include custom hardware, network equipment, or specialized routing policies that the customer may need or choose to implement.

Redundancy and SLA

1. NetActuate Responsibilities (Infrastructure-Level Redundancy)

  • Redundant A+B Power: We deploy to facilities equipped with multiple, diverse power sources to mitigate the risk of single-source power failures.

  • Redundant Transit Providers: We utilize multiple transit providers to ensure diverse network paths and minimize downtime caused by any one provider’s service disruption.

  • Redundant Network Equipment: Each critical network device has redundant power supplies and backup hardware to ensure continued operation in case of component failure.

  • Redundant Compute Resources: Our servers are configured with redundant disks (for example, RAID configurations) and redundant power. This reduces the impact of hardware-level failures on customer workloads.

2. Customer Responsibilities (Application-Level Redundancy)

  • Power Redundancy: Use A+B feeds for bare metal servers, where available and ordered, to ensure continued operation during a power feed interruption.

  • Server Redundancy: Deploy multiple servers (bare metal or virtual machines) to handle workloads and fail over seamlessly in case of a single-node outage.

  • Network Redundancy: Employ multiple BGP sessions or upstream sessions to avoid single points of network failure.

  • Anycast for Higher Availability: For internet-facing applications, leverage BGP Anycast across multiple sites to distribute traffic and ensure better resilience.

  • Diverse Network Announcements: Avoid limiting announcements to a single provider or a restricted set of peers, preventing a single point of routing failure.

3. Designing for Reliability in a Shared Responsibility Model

NetActuate’s infrastructure-level redundancies are most effective when paired with the customer’s own redundancies at the application level. This alignment ensures that each party is fulfilling its portion of the design, operation, and maintenance of a resilient environment.

  • Professional Services: If desired, customers can engage NetActuate’s professional services to assist with designing and implementing optimal redundancy strategies. Our experts can help ensure that both the infrastructure and application layers are configured to meet or exceed SLA requirements.

  • Custom SLA(s): For customers with unique or higher availability needs, NetActuate can develop custom SLA(s) that incorporate additional redundancies and service guarantees. Such SLAs will be defined in the customer’s specific contract to reflect the scope of the services and design measures implemented.

By working together under this shared responsibility framework, NetActuate and its customers can significantly reduce the risk of downtime and ensure adherence to agreed-upon service levels.

Policies Overview

Terms of Service

Acceptable Use Policy

Service Level Agreement

Privacy Policy

GDPR FAQ

Shared Responsibility Model