TLC BASIC
Great if you need the must-have essentials of proactive management.
50% off on Non-Production and Redundant Servers
You know that the core servers need loving care. For reliable and responsive services for your clients, you may need additional servers to provide the uptime and performance they need. And for a smooth flow from development to testing to production, you may need additional servers for that too. You only pay full price on the primary servers; the redundant and non-mission-critical servers are discounted by 50%.
North American based Linux Engineers
If you're in Canada or the USA, you can enjoy working with engineers who speak your language fluently, work in your timezone, and you could actually meet for lunch in a post-lockdown world.
If you're in Australia, New Zealand, the UK, or Europe, you can take advantage of different time zones so we can watch your network and do maintenance while you're sleeping!
Basic Server and Network Monitoring
Monitor your systems and react fast to fix production bugs, security or performance issues while keeping the inconvenience to your customers to a minimum. In the Basic plan, regular system metrics like network connectivity, CPU usage, memory usage, and disk space are monitored and alerted on.
Patching
Frequent patching is one of the fundamentals to avoiding leaking or losing your client's data and keeping your Linux systems and data secure.
File-level backups
Rest easy knowing that every file, including customized system configuration files, is securely backed up offsite on incremental daily basis. No need to panic when something goes sideways, goes missing, gets corrupted, or accidentally deleted. 200GB of backup storage for file and SQL backups is included per server with up to 90 days of retention. Addons for additional storage, retention, and a disaster recovery SLA are available.
Database backups (SQL dump)
When you need to roll back the database or find something that may have been deleted a few weeks ago, you'll hear: 'we have in the daily backups!'
Quarterly Meetings (Zoom)
Stay in the know by attending regular Zoom meetings with a technology advisor familiar with your systems.
Basic Reporting
Keep a pulse on your server health and the results of the Proactive management.
TLC STANDARD
Perfect if you need an IT partner to look out for your technical blind spots
Application, DB, Network, Cronjob Monitoring
This is in addition to the basic network and server monitoring in the TLC Basic plan. Individual Linux application services like PHP, Nginx, and MySQL are monitored. We can run in-depth DBA monitoring MySQL/PostgreSQL internals and run specific SQL queries to watch the health of your database. We can call specific APIs within either your application or standard Linux applications to determine if they are healthy and performing correctly. With advanced network monitoring, we'll look for packet loss, latency, and jitter. Scheduled running of scripts (CronJobs) are created to keep your systems and applications in a healthy state. The failure of these behind-the-scene automations often goes unnoticed until it affects a critical process in your business. We monitor these jobs to ensure they are doing the job!
Business Technology Reviews
The BTR meetings allow you to be updated on health of your systems, provide feedback on our service, review our best practice recommendations, and discuss the future roadmap for your systems. The typical frequency is 1 to 4 per year, depending on the complexity of your business and servers and how much is changing.
Distribution upgrades
We cover major distribution upgrades, for example from CentOS 6 to 7 or Debian 9 to 10. If your system is very behind on updates or it's not safe to upgrade, we'll need to discuss a stabilization project.
Extended 3rd party patching
If you have a dedicated Non-Production server for the purpose of testing patches before deploying to production, we will also manage patches for some 3rd party systems like WordPress and FreePBX.
Engineer health checks
In the Basic plan, all health monitoring is automated. With the Standard plan, every quarter our engineers will perform a manual hands-on-keyboard review of your servers to identify issues that are hard for robots to detect. This analysis can detect additional security issues, design issues, capacity limits, and human errors before they impact your servers and customers.
Scheduled Reboots
Your servers need to be rebooted for a variety of reasons, even though Linux itself is super reliable. It may be for hosting provider outage. It could be for a Linux kernel update. And besides, it's good practice to proactively reboot at a convenient time, to prevent an unwanted outage should it reboot at an inconvenient time. Reboots are scheduled quarterly during business hours. If your systems are mission-critical and covered by the 24x7 NOC offering, reboots can be scheduled afterhours during your off-peak hours.
Regular Scrum-style IT meetings
Bi-weekly Scrum meetings are common in the software development world to review work recently completed, identify how we both be more effective and efficient, and agree on the work commitments until the next meeting. Frequency depends on client needs, but typically between weekly and monthly. The length of the meeting depends on how much there is to discuss - it could be 10 minutes to sync up, or an hour if more is going on.
Standard reporting
Keep a pulse on your server health and the results of the Proactive management.
Managed Server Configurations with SaltStack
Traditionally, Linux servers are managed with unique configuration files and custom scripts that have been created 15/24 by smart engineers. That leads to your servers being hard to rebuild, duplicate, or fix. We call them snowflakes because each one is unique. With SaltStack, automation is used to build and configure your servers. This simplifies ongoing management, makes it easy to add more servers, is self-documenting, and allows a team of people to support your systems. Using managed configuration makes the rebuilding of infrastructure (i.e. during disaster recovery) much faster and more reliable than working from backup images alone.
DarkWeb Monitoring on your domain
We help protect you from a cybersecurity breach, by alerting you when any of your employees' credentials are detected online. Exposures can come from many breaches including Dropbox, LinkedIn, other social media sites, and e-commerce shopping websites. This is works by finding any matches for anyone @yourdomain.com. Even if that password was already changed or the user no longer works with your organization, the data can be used by a criminal to launch a phishing attack on your team. Darkweb monitoring is an early warning system that helps mitigate the effects caused by a breach.
TLC HIGH SECURITY
For companies that have higher compliance and cybersecurity needs.
Real-time security compliance monitoring
Companies like you need on-demand profile-based auditing, real-time security event notifications, alerting and reporting. This means that any misconfiguration or nefarious behaviour will be immediately alerted on, reviewed and resolved by our team. For example, if a lazy developer uploads files with permissions to 777 allowing anyone to write, change, and execute it, we'll know ASAP. Or, if somebody configures the WordPress upload or content directories to allow PHP scripts to run, we'll pick up on the trojans as soon as they appear.
Regular security penetration testing
Even if you hired a company to do a manual network and server penetration test on an annual basis and quickly remediated the vulnerabilities they may find, it could leave you unprotected for up to a year. With automated testing and regularly manual testing, we will detect bugs, misconfigurations, human error, and changed settings much sooner. There are new vulnerabilities every day so this is critical.
Firewall audits
Your firewall is your first line of defence against the ever-existing threat from the internet. The rules created need to be reviewed and adjusted to current needs. An engineer will periodically manually review your firewall and load balancer rules and policies to ensure they are well documented and designed with least privilege in mind.
Access and authorization auditing
Linux permissions, root accounts, sudo access, and SSH keys can get out of control. You'll have a lot more peace of mind knowing that we're looking for stray accounts that don't belong, identifying accounts with too much access, and reviewing log files for failed logins and brute force attempts.
Additional security reporting
The regular Proactive report bundle you receive has an extended section for the TLC High Security specific metrics and other things you should keep a pulse on.
TLC 24x7 NOC Addon
Are your servers critical to your mission? We will monitor them and jump on any issues like white on rice. Even at 3 in the morning!
Support time is covered by either your flat-fee Full-Helpdesk Add-on or Prepaid Hourly Retainer agreement.
24/7 Response for critical monitoring alerts
Without the 24x7 NOC add-on, we review alerts within a couple of our business hours. Hard drive full? 100% CPU? Website down? Server under attack? We'll be alerted but probably won't see the message until the next business day.
With the 24x7 NOC add-on, we work with you to clarify what is truly critical and requires immediate attention. These alerts are sent to our 24x7 answering service. They then call the scheduled on-call engineer, who is committed to responding within an hour, worst case. Should they be missing in action and not responding, the dispatcher will move on and call through the rest of our team.
With the 24x7 NOC add-on, our entire team is briefed on the basics of your systems. They have remote access, clear documentation, and sufficient training to assess the issue.
24x7 Phone Support Access to on-call engineers
With the 24x7 NOC Add-on, designated contacts from your team can call our 24x7 answering service. Just dial the regular Crafty Penguins number (403 399-0790) and identify yourself. The dispatcher will then reach out to the on-call engineer.