Virtual private cloud servers offer scale and flexibility, along with the unique security, performance, and management that today’s businesses require. Whether you’re a one-person development initiative or a member of a robust enterprise IT operation, our cloud platform delivers.
The best of both worlds — the computing power and single tenancy of a physical server, with the automation and pay-as-you-go flexibility of a virtual machine. Bare Metal servers deploy in minutes and are managed from the same Control Portal. Easily integrate them with VMs for a Hybrid IT solution.
Automate daily server administration and cloud management functions and expert-intensive processes, freeing up IT staff, with the CenturyLink Cloud Control Portal. Power operations, logical grouping and APIs remove the tedium and opportunity for error inherent in complex tasks.
CenturyLink Infrastructure-as-a-Service (IaaS) Cloud Platform offers on-demand provisioning of high-performing virtual machines with any combination of operating system, storage, and memory. Our cloud servers rely on fully redundant enterprise-class hardware connected through private high-speed virtual LANs and leverage storage that delivers up to 20,000 IOPS.
On our Cloud Platform you’re able to provision servers that run Windows Server, CentOS, Debian, Red Hat Enterprise Linux, and Ubuntu. We stay abreast of the latest versions and OS updates so you don’t have to worry about it. You can also upload your own images of supported OSs.
Few cloud platforms are capable of giving you as many data center options. Each security-audited data center contains “Nodes” that are engineered to include fully redundant enterprise-class hardware from front-end firewalls to storage. Additionally, CenturyLink offers SOC1, SOC2, HIPAA, and PCI Compliant Solutions.
No pre-defined instance sizes here. Choose up to 128GB of RAM, 16 vCPU cores and 4TB of storage for any given cloud server. All resources are priced on an hourly basis, so you’ll only pay for what you need, when you need it. And you can scale up on-demand, delivering true cloud flexibility.
Each node has a robust SAN storage system that leverages both SATA and SSD drives for optimal performance and reliability.
The CenturyLink Cloud Platform utilizes dedicated servers for networking and usage monitoring, terminal services access and platform management.
These high-performing switches are dedicated to traffic among servers and are optimized for transferring large amounts of data quickly.
The CenturyLink Cloud Platform’s cutting-edge network relies on an ISP-neutral Internet connection and enterprise-grade hardware to reliably deliver safe traffic to the servers on our infrastructure, whether they’re VMs or Bare Metal cloud servers. Customers integrate with our network through VPN tunnels and intra-data center Direct Connect.
The CenturyLink Cloud network is engineered to be highly available, secure, and fast.
Our ISP-neutral Internet connection provides high availability in the case of downtime for a given provider.
CenturyLink Cloud data centers rely on best-in-class, fully-redundant hardware for firewalls and switches on the perimeter as well as between customers/subnets. Interconnects within the data center use 100% 10GB networking.
Data centers are connected through a site-to-site VPN that encrypts the data as it passes among any of our global data center locations.
Each customer gets their own VLAN(s), included at no additional cost with each account, and an unlimited number of private subnets to further define security zones.
The CenturyLink Cloud should be a logical and physical extension of your own data center. Multiple options exist for connecting on-premises assets to our cloud.
Set up secure IPSec point-to-point VPN tunnels or MPLS VPN tunnels between networks.
Connect to the CenturyLink Cloud from a client machine through software like OpenVPN.
Using a CenturyLink Cloud colocation partner for your own data center? Connect to your assets in our cloud using Single Mode Fiber (SMF, 1310nm) 1Gbps (1000base-LX) or 10Gbps (10G-LR) fiber. Also use 1 Gbps copper if the cross connect is less than 100m in length.
The network contains robust network traffic management technology as well as self-service firewall policies.
The firewalls deployed in our global data centers provide intrusion detection services and protection by screening incoming traffic for potential attacks. This Knowledge Base article provides more details.
Our Platform relies on components produced by an industry-leading vendor to provide web application load balancing with SSL offloading. Additionally, dedicated load balancers (virtual appliances) can be deployed for customers with more stringent requirements.
Run your application on a cloud platform built with enterprise-class hardware all the way from the firewalls to the virtual machine host servers. High-speed 10GB networking between application tiers prevents bottlenecks and hybrid SAN/spindle disks deliver a minimum of 2,500 IOPS and up to 20,000 IOPS.
Network speed between application tiers will never be an issue on our Cloud Platform, as we deliver up to 10Gbps per vNIC, employ load balancers that deliver up to 1Gbps, and leverage firewalls that delivery up to 6Gbps.
For all CenturyLink Cloud storage options, the I/O throughput will reach 6 Gbps, latency is less than 5ms, and storage performance has a maximum IOPS of 20,000.
The CenturyLink Cloud is engineered to meet rigorous compliance and regulatory standards. This includes role-based administration, the use of hardware with no removable media, support for data encryption in transit and at rest, destruction of data on failed drives, and hardware housed in secured physical cages (including ceiling).
Our global data centers are SSAE 16 audited and available for customer audits upon request.
We protect your sensitive information through policies and procedures to wipe undamaged drives prior to discarding them.
CenturyLink offers SOC1, SOC2, HIPAA, PCI, ISO, and other compliant solutions. To learn more visit our Compliance center.
Keep your server backups in-region is a critical best practice. That's why our Simple Backup Service supports multiple regions for your file-level backups.
System Access to the CenturyLink Cloud Platform is aligned with specific roles (e.g. Account Administrator, Server Administrator) that govern what users can do in the system, and more granular permissions can be added to individual server groups. This structured account management approach supports multiple business cases, including Enterprise IT scenarios, Resellers and SaaS.
All activities against cloud servers are automatically logged and stored indefinitely. This ensures that you can quickly identify who has performed what actions on our Cloud Platform. What’s more, these logs cannot be edited by humans.
CenturyLink Cloud data centers enforce strict “defense in depth” controls to secure access to the physical hardware. This includes fully-secured server cages and 24/7 monitoring.
Our Cloud Platform was built with an overarching focus on security and the “defense in depth” approach tackles platform security from multiple angles. From isolated customer VLANs to role-based access, the CenturyLink Platform is engineered to aggressively ward off unscrupulous traffic while enforcing a “least privilege” policy for its users.
Servers on the CenturyLink Cloud are assigned to specific roles (e.g. terminal access) in order to reduce the attack surface and require each server to run with the fewest possible OS services and open ports. Customers have no access to physical hardware or hypervisor layer.
Our firewalls create customer-specific VLANs that don’t permit traffic to flow between networks (except if specifically authorized by the account holder).
By default, no CenturyLink Cloud server gets connected to the Internet, unless public ports are explicitly opened by the customer. Each customer uses a certificate-based VPN connection to securely log into cloud servers.
Users are assigned area roles (such as “Account” or “Server”), resource type permissions (e.g. “blueprints”), and permissions to individual Servers and Groups. This lets customers assign users a minimal — but functional — set of permissions.
Intrusion Detection Systems (IDS) and Intrusion Detection and Prevention (IDP) are provided through our enterprise-class firewall hardware. These products protect customer environments from harm using detection and prevention features (also called “screens”). These screens focus on specific — and common — types of attack traffic. In very unique and specific cases, deep content inspection services are available upon request. Read this Knowledge Base article for more details on our capabilities in this area.
Our cloud infrastructure supports Autoscale. Create and manage Autoscale policies that automatically scale deployments up and down based on the real-world performance of that environment. Users may configure Autoscale policies for CPUs “vertically” on a per server basis.
Point and click for easy access to the details of configured Autoscale policies, including the servers assigned to each one.
Ensure cloud environments are always using the optimal amount of resources. Both horizontal and vertical Autoscale options are built in and available.
Quickly and efficiently manage and automate workflows and infrastructure on any cloud, or on any physical server, and in any datacenter using Runner.
Create jobs via our dashboard and easily rerun them with a simple click, or search our Marketplace for jobs that meet your needs, click the run button and you’re off!
Runner is state-based and idempotent, so you get the same result every time you run a job. And sharing jobs is a breeze. Share a job's payload, YAML files, or an entire job catalog.
Runner is a hybrid IT management tool for quickly and easily automating infrastructure, wherever it is. Control devices in data centers or on-premises, or scale infrastructure in any cloud environment.
Create reusable models of complex environments for rapid deployment and automation using our growing library of Blueprints.
Our Platform Engineers and even other customers have authored best practice Blueprints that automatically build complex multi-server environments to support things like Microsoft Exchange, Microsoft SharePoint, Basho Riak, and more. Blueprints are a unique feature of our Cloud Platform that save valuable IT resource time and ensure consistency across multiple deployments.
You can always add servers and software to Blueprints, as well as configure servers with default or user-uploaded software packages. Other Blueprint tasks can include adding a public IP address to a server, installing SQL Server, joining an Active Directory domain, adding storage disks, and more. You can also invoke one Blueprint from another to allow for highly modularized templates that can be easily reused.
Deploying a Blueprint on the CenturyLink Cloud involves adding its tasks to a build queue that is monitored by the highly parallelized build engine. This allows you to view detailed build logs and provides the option of resuming failed Blueprints from their offending step.
The CenturyLink Cloud Platform has been engineered to surface significant management capability to customers. This includes the ability to orchestrate complex server environments with Blueprints, manage customer accounts, and programmatically administer the platform through an expansive API.
Our Account Management capabilities allow you to use parent and child accounts to define distinctive business units with an organization and detailed billing system to see both overall and specific charges. Add users to accounts and assign them specific Area (Account/Server) and Resource (blueprints/storage/group/server) permissions.
Account holders may create sub-accounts which can be billed and managed separately from the parent. Blueprints are designed with a setting to allow “private shared” privacy which means that only sub-accounts can see certain Blueprints of a parent account.
The CenturyLink Cloud Control Portal allows you to view detailed billing history for each account and sub-account. Within each invoice, see charges for Groups, servers, storage, VPN, network bandwidth, external IP addresses, and more. This is particularly useful for enterprise IT groups providing infrastructure for different cost centers within the organization. It’s equally valuable for Resellers or SaaS deployments.
Single Sign-On (SSO) is provided between a customer’s Identity Provider (IdP) and the Control Portal. CenturyLink Cloud supports service-provider-initiated SSO via SAML authentication. Customers use a specific URL that initiates a redirect to the customer’s IdP. The IdP authenticates the user and securely sends the authentication details to the Control Portal where the user is logged in without providing CenturyLink Cloud-specific credentials.
The CenturyLink Cloud includes deeply integrated server Group management. This allows customers to use inherited settings to create and manage a practical structure for cloud servers.
Create and customize monitors for CPU, Bandwidth, Disk, Memory, Drive, and ping. Additional monitors supported by contacting the CenturyLink Cloud NOC.
Power on, power off, reboot, pause, reset, and shutdown any or all servers in a Group with a single command.
Install a software package from the public or private library, or execute a script against the Group’s servers.
Set the operating system, memory, CPU, and storage preference for any new servers in a Group.
Aggressively using automation on cloud infrastructure is a way to ensure a safe, high-performing environment. Our Cloud Platform features a comprehensive self-service Control Portal that empowers you to intricately or broadly manage server Groups, define sophisticated firewall policies, craft multi-tier environment templates, and closely monitor usage and performance of all your cloud servers.
Accounts may contain a variety of user types, each with their own role and responsibilities. The CenturyLink Cloud encourages segmentation based on predetermined account permissions. All activities within the platform are checked against the active user’s role (e.g. “Server Administrator,” “Account Administrator,” “Billing Manager”), and individual resource permissions.
Define or inherit server alerts of interest and thresholds for alerts. Metrics such as CPU, memory and disk usage are automatically monitored and reported for each individual server. Additional custom monitors may be deployed by contacting the NOC.
The Platform records user access and activities in log files. All actions performed through the Control Portal — such as server provisioning, server reboot, Blueprint deployment — are logged and auditable.
Cloud eExperts are at the ready to maintain and administer your cloud deployments for optimum performance and value. Available managed services include operating systems, web server, middleware, database, directory services and more.
Scheduled Tasks let users choose a time, frequency, and expiration date for a power command (“Pause,” “Power On,” “Reboot,” “Shutdown”) against a server or Group of servers.
Create additional VLANs and define firewall rules. Firewall rules are created between VLANs and comprise a source IP address range, destination IP address range, and a list of ports to open.
Our Cloud Platform enables you to manage your cloud environments from afar through an industry-leading API offering. Manage Cloud Servers and Groups, deploy Blueprints, create accounts, view invoices, add a public IP address, and much more through a SOAP and HTTP API that supports both XML and JSON for all operations.
The API includes all of the operations necessary to create, modify, delete, snapshot, archive, restore, and issue Power Commands against a server.
You can also easily create, archive, delete, and issue Power Commands against predefined Groups of servers via API.
Use the API to retrieve and publish Blueprints that make up self-contained server environments on our Cloud Platform.
Use the API to get network details including the gateway, network mask, list of IP addresses and host data center, as well as adding or releasing a public IP.
Create, update, suspend, and delete accounts — or individual users within an account — on the CenturyLink Cloud.
The easy-to-use billing API allows you to lookup current server/Group charges, estimated monthly charges, past invoices, and more.
Enterprise-grade public cloud servers available on-demand for legacy and greenfield business applications.
The computing power of a physical server, with the automation and pay-as-you-go flexibility of a virtual machine.
Manage and gain insight on a collection of servers, organized to your preferences, manageable in bulk.