Operation of Applications

If we run your application, you can sleep soundly. ENDA operates web applications in a secure server infrastructure developed in accordance with the requirements of the BSI (German Federal Office for Information Security). Depending on your individual security requirements, we can create redundancies, perform load, unit and/or end-to-end tests or an analysis of your existing system.


Secure updating through staging. When installing updates for the operating system, server components such as Java or the hosted application, there are conflicting goals: On the one hand, the update should be installed as quickly as possible to close security gaps as quickly as possible - on the other hand, thorough testing is necessary to avoid downtime due to incompatibilities or incorrect updates. The compromise we chose is a staging system identical to the productive environment, on which updates can be tested quickly. In case of success, a very prompt installation of updates is still possible. And your customers will not be greeted by a "500 Internal Server Error" after updates.


Create redundancies, backups. We protect you and ourselves against hard disk failure with RAID systems[1], against accidentally deleted or overwritten data with backups (which take place automatically once a day, with seven days, four weeks and three months). And should the server hardware itself be affected, we have an identically equipped cold standby, which can stand in until the replacement delivery two days later. If that is not secure enough, a hot standby or redundancy can be set up in another data center. Redundancy should not be lacking.


End-to-End-Tests. Applications that we operate are monitored. Particularly sensitive systems can be tested end-to-end. In contrast to a simple test à la "the web server runs", here a full run of a typical user interaction is carried out. This includes all steps from controlling the page via login, data view and input to the final logout. The result of each action is checked. If deviations from the expected result occur, the monitoring reports a problem. In this way, you will also recognize more subtle problems than a crashed service. Whether the application runs on our systems or not is irrelevant.


Load Tests. Load tests are closely related to end-to-end tests, but are more part of development and rollout than productive operation. Once a user session has been completely recorded or re-enacted, it is easy to release a true legion of virtual users onto the system at the same time. In this way, bottlenecks can be detected and eliminated in the application. At the same time you get hard data about the response times of the system under load. ENDA can provide you with this data - and when we develop the application, load tests are part of it anyway.


Surveillance. For us, surveillance does not mean that we monitor the telephone on which customers call us when their services are down. We monitor every virtual machine, every critical system service and every web application. Our admins will be notified within 5 minutes if there are problems. And can intervene.