Um no? I can go to my colo any time I want (24x7 badge access) and pull my gear out, or add gear. I'm on a month to month contract for a full cabinet (42U).

I have my own (managed) pdus,console server, switches, routers, servers and storage in that cab. All they provide is ethernet drops and a live power outlet box in the ceiling above the cab.

As for anyone being able to dump the data, I would say it's more likely that would happen at a dedicated storage as a service provider then a colo. But I don't have any statistics, as they are all hiding behind national security letters. :)

To OP,

I think you've got a great kernel of an idea in this question and I'm glad /. posted it up. Let's turn this into a high level RFP shall we?

First a bit of background:

I've stopped at every point along the spectrum of data ownership for my personal and business (it consulting (Known Element Enterprises) and mesh network non profit startup (Free Network Foundation) data:

1) most (legally and maybe physically, but that's debatable) safe option of running compute/storage/network gear at my house (in Los Angeles). Single grid/point of entry for power (run to a dedicated sub panel naturally), single net uplink (DSL, homed to the CO two blocks away, fiber to same CO available for me to cross connect if desired)

2) Using shared hosting at HostGator (while employed there as a Linux admin)

3) Using various VPS providers (MediaTemple while in Los Angeles and knowing numerous admins who built out the environment, HG while working there)

(previous two options were due to moving to Austin and not having a house like I did in LA). Started out with shared hosting, moved to VPS when I needed OpenFire,OpenVPN,Chili etc. Basically moving beyond simple PHP apps.

4) Having the gear that used to be hosted at my house placed into Joes DataCenter in KC MO and maintaining a fantastic relationship with them. I added Cyclades ACS48 and PDUs for full OOB access/management.

So I have firsthand experience with the full spectrum. From full management/control/legal protection, to fully outsourced managed hosting, to hybrid model (colo).

RFP framework

1) Willing to treat the hosting package as truly business critical and able to pay accordingly (100.00 to 300.00 a month base, reasonable per user/per month charge).

2) You want this to be a turnkey (ala Google apps) solution, with things like zero backup window, live migration of state in the event of failure, redundant switches/routers/drives etc. All very doable with ZFS, open source virt flavor of choice, x86 servers, 10/100 (2950 et al) Cisco switch hardware off the gray market (to keep costs down)

3) You want encryption of everything so that even in the event of a NSL, you'll be protected. You have some sort of key management system in place to handle the private keys that are generated. Look at startssl for an example of how they do things. They use client side SSL certs for all auth. It's quite slick.

4) You are OK with a single facility and remote snapshots (ie hot active/cold standby). (Maybe the hot site is in a reliable colo, the cold site is s3/ec2 with the various issues that entails).

You'll be willing to pay a premium for hot active/warm standby) if a particular client requires that level of recovery.

From the above, I'll let others expand this and see if the community can put an RFP together for hosting companies.

Hmmmmm. See I think this would be packaged as the "small enterprise" offering, charge 99.00 a month for it, plus 5.00 per user. Template it out and be good to go.

Yes. EIG destroyed the last good hosting company (HostGator). I worked there for a year (pre EIG purchase), and have several friends who worked through the transition. I can't count how many times we migrated folks from Dreamhost/GoDaddy/*EIG companies to HG. Every single customer absolutely abhorred those companies and had always heard good things about HG and wanted to migrate. We focused on great service/uptime and we delivered. Pre purchase, we went above/beyond for each and every customer. We made everything work. For 3.00 a month, you could call a Linux admin and we would help you. 24x7x365. We never closed. I worked weekend graveyard (Wednesday to Sunday night), and helped countless US based customers with all kinds of off hours migrations (mostly on VPS/dedicated hosts, but also on shared/resell). I also supported customers all over the globe during their business hours. This was across a global data center footprint (sjc/lax/iah/dfw just in the US) on 10s of thousands of servers. We always went out of our way to never say no. I encountered a huge amount of highly intelligent individuals doing all kinds of things with our shared hosting. The VPS/dedicated customers were always fun to work on. Cpanel/WHM is actually pretty slick. Really it's almost an entire OS. Yeah it's Centos underneath, but it does all kinds of stuff on top of that. The backend CLI tools are quite nice. Post purchase, support went down the drain. EIG pumped/dumped HG and just IPOed. They force migrated everyone to a data center with horrible staff, network gear that was garbage, too little bandwidth etc. All to save on monthly hosting costs with Softlayer. They don't realize the economies of scale and horizontal growth model that was the core of HG business model. (We were adding almost 100 shared/reseller servers a week) Ah well. The 90s and 00s are over. It's all big business and horrible service now.

Geek providers with exactly that level of service exist. They are called colocation providesr. They exist in pretty much every major city. I host with Joes Data Center in Kansas City Mo. Pretty much equidistant from the entire CONUS. They have 24x7 smart hands/NOC, cameras covering the entire floor, badge access etc. Reverse DNS? Check. Smart technical folks I can call? Check. Redundant power/fiber? Check. On top of all that I have fully redundant servers,network,PDU. Plus out of band Cyclades. Yeah I could set all that up in my house, but it's just not worth it.

No they don't require you to get cable with the internet service. Not in Austin anyway. It's cheaper to get cable+internet, that might be what you are referring to? Please don't spread misinformation, that's really not helpful. We need to have informed arguments with facts about the various carriers.

Hello, You'll want to look at mininet and opendaylight: http://mininet.org/ http://www.opendaylight.org/ for network device learning. I highly recommend proxmox for managing the virtual machines. Container based is the way to go if all you need is a lightweight guest on an isolated VLAN. If you want to have an all in one solution to manage networking and everything, I highly recommend OpenNebula.

Um. The US govt is the trusted third party with paper money.

Um..... no. Anyone can get a cert and sign the driver. It's documented here: http://www.microsoft.com/whdc/driver/install/drvsign/kmsigning.mspx (word doc attached has all the details). Essentially you just get a cert from a CA. What is that $100.00? If you don't want to do that, then just run in test mode. What's wrong with that?