Essential 8
Hosting

Be compliant.

Hosting to meet the Australia Cyber Security Centre's Essential 8 Levels

Many organisations in government are required to meet Essential 8 Level 3 as a minimum for internet connected services. Essential 8 is a fantastic framework to judge your level of cybersecurity and we encourage all our customers to select a level between level 1 and level 3 for their hosted server. Summary details of the Essential 8 guidelines can be viewed on the Australian Cyber Security Centre's web site here.

About Our Essential 8 Hosting

INCUB8 has a servers housed in an airconditioned secure computer room in our Welshpool office.

  • Groups of three physical hosts with the third host acting as a redundant mirror of the other two
  • Failover within 10 minutes in the event of server hardware failure
  • Exclusive access to a 500Mbits business-grade uncontested fibre link
  • UPS power with endurance of 8 hours
  • Border firewall
  • Sophos XG Intrusion Protection System available to protect hosted machines
  • SSD cached and redundant storage providing fast performance
  • Nightly incremental backups and full backups monthly

Basic Hosting Costs

1 Core

$66/month
2GB Memory
1 CPU core
20GB hard disk storage
Centos 7 operating system
LAMP Platform

2 Core

$99/month
4GB Memory
2 CPU core
200GB hard disk storage
Centos 7 operating system
LAMP Platform

4 Core

$129/month
8GB Memory
4 CPU core
300GB hard disk storage
Centos 7 operating system
LAMP Platform

Configurations can be customised to suit the requirements of your applications and of course, Windows Server VMs can also be hosted (contact us to discuss requirements).

The monthly hosting fee includes

  • Nagios monitoring of disk space, cpu load, and memory usage
  • Standard backups with 6 weeks retention and offsite duplication within 48 hours
  • Customised firewall rules on our border firewall and standard IPS policies applied

All machines incur a once of setup fee of $149, which includes setting up the virtual machine, insertion of custom firewall rules (not IPS) in the border firewall, Nagios monitoring of CPU load, memory use and disk space, and configuration of standard backups.

Essential 8
Software Patching Requirements

CentOS LAMP

Level 1

$70/month

Security vulnerabilities in operating systems and firmware assessed as extreme risk are patched, updated or mitigated within one month of the security vulnerabilities being identified.

Level 2

$90/month

Security vulnerabilities in operating systems and firmware assessed as extreme risk are patched, updated or mitigated within two weeks of the security vulnerabilities being identified.

Level 3

$120/month

Patches for extreme risk security vulnerabilities in web server software, server applications that store important (sensitive or high-availability) data, and other internet-accessible server applications are applied and verified within 48 hours for all servers.

For Centos LAMP systems we deploy yum-cron to install updates as per the frequency required by your selected Essential 8 level. Automated emails to our helpdesk summarising patches applied which these are reviewed by staff and marked resolved.

Reboots required for kernel upgrades are managed by INCUB8 at times suitable to the customer.

Please note that at some time the hosted version of the operating system will cease to be supported by the relevant Vendor, INCUB8s patching service does not include version migrations required to return the system to vendor supported status.

Sometimes the automated application of Vendor patches results in a system failure, requiring recovery of the system and/or unwinding of patching to restore services. We don't anticipate this happening often (hopefully not at all), but if patching fails or causes a failure we offer remedial services on an hourly rate

Essential 8
Software Patching Requirements

Windows 2012 / 2016 / 2019

Level 1

$120/month

Security vulnerabilities in operating systems and firmware assessed as extreme risk are patched, updated or mitigated within one month of the security vulnerabilities being identified.

Level 2

$150/month

Security vulnerabilities in operating systems and firmware assessed as extreme risk are patched, updated or mitigated within two weeks of the security vulnerabilities being identified.

Level 3

$250/month

Patches for extreme risk security vulnerabilities in web server software, server applications that store important (sensitive or high-availability) data, and other internet-accessible server applications are applied and verified within 48 hours for all servers.

For Windows 2012 / 2016 / 2019 systems we subscribe the server to our Windows Software Updates Service and manage deployment of patches there. Patches applied by policy and checked by INCUB8 staff via WSUS console to meet timeline requirements dictated by your selected patching subscription level.

Please note that at some time the hosted version of the operating system will cease to be supported by the relevant Vendor, INCUB8s patching service does not include version migrations required to return the system to vendor supported status.

Sometimes the automated application of Vendor patches results in a system failure, requiring recovery of the system and/or unwinding of patching to restore services. We don't anticipate this happening often (hopefully not at all), but if patching fails or causes a failure we offer remedial services on an hourly rate

Essential 8
Back Up Requirements

Virtual machines managed by INCUB8 are backed up overnight as standard.

A full backup is taken once a month with incremental updates each day using bacula, which is capable of backing up both Linux and Windows servers and is VSS capable for Windows.

Backups are synced offsite with a latency of 48 hours. Our standard hosting charges includes approximately six weeks retention. We have mapped this to Essential 8 levels below

Level 1

Included with hosting

Essential 8 Level 1 requirements are met by standard practice with a once off test of a full restore, see below for restore testing. Optionally longer retention times can be purchased from $25/month.

Level 2

Included with all hosting

Essential 8 Level 2 requirements are met by standard practice with a once off test of a full restore and annual test of partial restores, see below for restore testing. Longer retention times can be purchased from $25/month.

Level 3

FROM $25/month

Essential 8 Level 3 requirements are met by opting in to longer retention times (starting from $25/month) and a once off test of a full restore and annual test of partial restores, see below for additional restore testing pricing.

Additional Back Up Retention & Restoration Testing

  • For most virtual machines extending retention time to 3 months is a $25/month option.
  • Where large amounts of storage are involved additional costs may be levied.
  • Tests of full system restores are conducted by instantiation an offline copy of the virtual machine and restoring to that as test. This allows effective testing without interrupting services. Typical costs are approx $400 per occassion.
  • Tests of partial restores are performed by restoring a number of files to a test area, typical costs are $75
  • For Windows Servers it's possible to use commercial products such as Shadow Protect and Veritas System Recovery to provide greater ease of use with disaster recovery, and restores. These products involve substantial initial costs between $1200 and $2400 per server, and annual maintenance subscriptions. Price on Application.

Beyond Essential 8

Where the hosted system has features accessible from the public internet we strongly recommend enhancing security by deploying an application/use specific Intrusion Protection Policy and firewall rules on the Sophos XG border firewall.

This includes tailoring of an IPS policy to specifically target attacks on the platform and services used on the server. Additionaly, we strongly encourage limiting access to the server to defined geographic regions if the business case allows, as a great deal of hacking activity may originate from regions of the world not relevant to your business.

Our experience suggests this needs review about once every three months to ensure any new categories of signatures that are relevant have been included. New signatures in targeted categories are automatically included.

Intrusion protection reports are reviewed daily by INCUB8 staff and indications of elevated hacking activity affecting a clients machine will result in notification of the client and discussion of mitigation strategies. These tools are very helpful in identifying attacks before systems have been penetrated.

  • Once off - setup tailored IPS policy - $200
  • Ongoing review - $50 /qtr or $200/yr

Ad Hoc System Administration, and System Architect Services

INCUB8 has a wealth of experienced people well used to deploying servers and applications for small and medium corporates and government.  Our five most senior staff have over 100 years of experience between them.   Should a client have additional requirements beyond the hosting services offered above we are happy to plan, price and implement a system or systems to meet those requirements.  If a hosted machine requires additional software installed or applications upgraded we are also able to assist with that.  Our hourly rates start from a very reasonable $150 for an experienced Systems Administrator

Remote Desktop Support & On Site IT Support

Remote – Often the most efficient way to resolve issues is to reach out using Team Viewer. One of our qualified, experienced and Perth-based technical support consultants can connect and remotely resolve your problem, having you back up and running in no time.

On Site – If an issue cannot be resolved remotely, such as hardware problems, internet connectivity issues – or if you just want to see one of our pretty faces, an INCUB8 technical support consultant can provide onsite IT support in your workplace.

Specialised services to extend your internal IT department

Do you need eggspert third-level technical support? How about a database administrator or programmer? INCUB8 have people who can provide the IT services & expertise you need on an hourly, daily or project basis.

VPN Services

INCUB8 are able to offer VPN services for

  •  individual client machines accessing a hosted system using a Sophos tools including a web based user portal allowing easy deployment of VPN software and configuration files
  • site to site VPNs to allow client offices access to the hosted system,  typically we deploy a virtual machine or a hardware appliance on the clients site to provide the VPN endpoint.
These services allow for hosted systems to be used securely as a resource internal to an organisation, or for secure administrative access to systems providing publicly accessible services.  Typical costs are
  • Client or road warrior VPN access - $4.50/user per month.  Discounts apply for larger numbers of users
  • Site to Site VPN - typical setup costs of $680 for VM on site implementations and $20/month per site

Strategic IT Consulting & Managed IT Services

INCUB8 can manage the complete lifecycle of your ICT Infrastructure using an agile process model.

Requirements – One of our Senior Eggsperts will meet with you to understand the requirements and constraints.

Design – Using the requirements, we develop a plan and provide independent technology advice.

Procure – We will work with your hardware suppliers or ours to procure the best equipment.

Implement – A dedicated Project Manager will plan the implementation and communicate with you throughout the project.

Maintain & Monitor – We will develop a maintenance schedule to ensure your ICT Infrastructure is secure and operating effectively. We understand that this stage must balance your business needs and budget.

Review – We will schedule regular reviews to assess new requirements and technology options available to further improve business operations.

© 2019 INCUB8 Applications & Hosting Pty Ltd. All rights reserved. Privacy Policy. Terms & Conditions.

Be social!