How secure is the connection to servers at MacStadium?
MacStadium’s engineering team has spared no expense in providing a variety of standard and optional, premium security measures.
Standard Hardware Traffic Segmentation
Our Cisco switching infrastructure keeps 100% of all traffic (Broadcast, Unicast, Multicast, etc), from getting from one customer’s Mac to another (If you have multiple Macs with us, you can request we turn this feature off for your servers only). When you open finder in macOS on your Mac, you will not see any other devices on the network at all.
By default we leave all ports open to the Internet to allow for maximum flexibility to our customers. We recommend that you enable a software firewall such as the options that are included in your operating system, or a 3rd party software firewall like Murus, the successor to our previous recommendation, IceFloor.
Please take the time to understand the side effects of enabling a third party firewall. If errors exist in your configuration, you may lock yourself out of the Mac. As long as you can provide us administrative access in a support ticket, one of our support agents should be able to get your server back online. Be advised that we do not have the resources to support software firewall solutions.
Premium Hardware Firewalls
We offer two types of hardware firewall subscriptions for rental; shared and dedicated.
As a subscription option of $50/month, you can place an unlimited number of Mac servers behind a firewall cluster which we manage for you. This is a very high end solution that is capable of also being configured for Site to Site VPN, and Dialup VPN.
We also offer rental of one of several dedicated Cisco ASA firewalls. This is a self-managed option. We’ll complete the initial setup based on a request form we provide you and then provide access instructions for your use and further configuration.
We understand that many customers have unique security requirements and may wish to host their own firewalls in our data centers. Our engineering team is well-versed in Cisco’s ASA line, but we also have experience with security appliances from many other manufacturers.
We are open to working with you to develop the best network security implementation possible using your hardware and ours.