Technical Overview

Xervo Enterprise Class takes care of a number of important aspects of the developer operations stack.

Traffic Routing

When an application is running on the Xervo Enterprise Class platform it can handle large of amounts of traffic. This traffic, if SSL, is terminated and then routed to the correct application instance using our custom build load balancer. When an application is running in multiple regions the load balancer will direct traffic to correct region that an application is running in.

null

Benefits & Features

  • Powerful and flexible multi-region routing is made extremely simple through the platform’s orchestration tools.
  • Every piece in the routing and hosting layer is horizontally scalable and designed to serve enormous application needs.
  • Combine latency-based DNS with multiple regions and multiple load balancers to ensure a great user experience for global applications.
  • Smart load balancing ensures even distribution and auto-exclusion of bad nodes.
  • Unified routing experience for applications hosted on-premises, public cloud, or hybrid environments.

Deployment

Your developers will be able to take advantage of a deployment layer that consists of using either the web interface or the command line interface to deploy applications. One uploaded applications are distributed using our deployment coordinator to a number of servers determined intelligently to maximize resources.

null

Benefits & Features

  • Fast and easy deployment to any number of app instances across any number of servers.
  • API and scriptable CLI for easy integration into existing deployment processes and continuous integration tools.
  • Rolling updates to ensure limited downtime during production deploys.
  • Old instances remain active while new instances are installing to ensure extremely fast switchovers and limited downtime.

Security

Security is an important part of the Xervo Enterprise Class (M-EC) solution. Every precaution is taken to ensure installations and their data cannot be compromised. Xervo Enterprise Class uses a multi-layered network approach, strict communication restrictions, and dedicated resources to provide one of the most secure environments possible.

Private Network

No application host is exposed directly to the internet.

The load balancer is the only entry point inside the private network. Only HTTP(s) traffic on ports 80 and 443 is allowed. All other traffic is rejected.

Firewall rules are specifically created for each server’s purpose. Ports are only opened to internal endpoints that require access.

The load balancers provides DOS protection by rejecting connections that exceed abusive throughput thresholds.

Application instances are each on dedicated virtual networks and do not share or have access to resources from other instances.

null

Dedicated Resources

No resources are shared between Enterprise Class installations. All servers are dedicated instances.

Unique SSH keys are generated for each installation. Keys created for one installation cannot be used to access resources for another.

SSH access to servers can only be done using key files. There is no password access.

Each server has SSH abuse protected that rejects connections and mitigates brute-force attacks.

null