Lebanese Government websites
must be accessible on a 24X7 basis. It is important that the selection of the hosting provider be done with extreme care keeping the following in mind:
- The Hosting Provider must possess an advanced security infrastructure on both the physical and the network levels.
- The Hosting Provider must make use of firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS).
- The Hosting Provider must have a redundant server infrastructure to ensure quick turnaround for restoration of the website in the event of any unforeseen hardware or software failure.
- The Hosting Provider must have a strict and clear backup policy in place which enforces performing regular backups of the websites and its related components. The backup strategy must cover the following:
- Full files backup frequency
- Differential files backup between any 2 consecutive full files backups
- Full databases backup frequency
- Differential databases backup between any 2 consecutive full databases backups
- A clear restoration procedure
- The Hosting Provider should have a Disaster Recovery (DR) remote location which is geographically in a distant location and a well-defined DR plan for quick turnaround restoration of the services during any disaster.
- The Hosting Provider should provide web server statistics that are used to analyze the website performance on a regular basis. Online access to the analysis tools should be provided to the government department administrators in order to have all-the-time access to such evaluation-critical information.
- The Hosting Provider must provide a 24x7/year helpdesk and technical support.
- The hosting provider must provide operating system maintenance and database server maintenance as services part of his offering.
Example:
Whenever an operating system patch is available, the hosting provider must have this patch installed and also make sure that this patch would not affect any of the website related services on the operating system.
- Splitting the different physical applications tiers among different physical servers should be considered in order to balance the load on different servers and increase the capacity and scalability of the platform.
Example:
Having the database hosted on a server different than the server hosting the website is highly recommended.