Search leicester city council
Main menu
About Us
.

Infrastructure Standards and Guidelines

Our Standards


Hosting Standards

All web applications must be compatible with and hosted on Leicester City Council hosting environment.

Email us for full technical details of our hosting environment

 

There are situations where it is appropriate the application on supplier provided hosting or further third party hosting.  In this case, please follow the hosting guidelines set out below

 

Domain Name Standards

All domain names must be registered through Leicester City Council. We will check to see if a name is available for you and offer tips on choosing a good domain. Email us to be put in contact with domain name purchaser

 

Under certain circumstances we will purchase non leicester.gov.uk domain names on your behalf.  This is usually for partnership sites or where we want to prevent people setting up sites with similar names to one of ours.
 

Guidelines


Hosting Security

 

  • Have BS7799 certification (now ISO27001)

  • Carry out penetration testing and confirm annually this has taken place 

  • Set up services with Microsoft High Security policy to disable unnecessary services on the system.

  • Provide a service level agreement that guarantees 99.8% availability of the service

  • Provide an acceptable response to support calls with a service level agreement

  • Monitors the service availability and responds to outages

  • Ensure patches applied to the operating system, firewall and any other server software. 

  • Dedicated firewall to prevent access from co-hosted servers belonging to other organisations, in a shared environment, or to isolate the internet facing server from the council network

  • Monitoring of network access for threats

  • Methods for dealing with denial of service DOS attacks

  • An incident reporting scheme

 

Business Continuity

To ensure the service or application stays available to the public you need to consider what will happen in the event of an emergency. 

  • Backups - We would require the equivalent to a daily backup to tape, verification of tapes, weekly tape rotation and off site storage routine to be specified

  • Resilient link - It is desirable that the hosting service provides at least one resilient link to the Internet in case of failure to the main link. 

  • Failover servers – onsite - The most likely cause of loss of service will be problems on a particular server.  It is highly desirable for there to be a hot standby server ready to take over should the need arise.  If no hot standby is available, it is essential that a SLA is in place to get parts for existing servers replaced within 1 hour.

  • Failover service – offsite - what would happen if the hosting site disappeared?

 

Bandwidth

Ensure the contract supplies sufficient bandwidth for your service and that there is scope to increase it as your service becomes more popular

 

Version History

Version: 1.0

Date: 11/11/11

Change: First draft

Author: Yasin Jassat