Prestige IT

David Chapman

Factomize
Thank you for your application! To start, a quick comment:
Defer a minimum of 50% gross income to the Protocol Grant Pool to foster further development
It's very important to note that the proper nomenclature here is that you'll be operating at 50% Efficiency. You won't be deferring any income as you'll never receive that FCT because you're operating so efficiently.
 

David Chapman

Factomize
Based upon your stated Efficiency of 50% (with one server) and your estimated expenses, at what USD price does FCT need to be for your Authority Node operation to break even on a monthly basis with one server?
 

Saul Schwartzbach

Prestige IT
Good Afternoon,

Factomize.com has now been whitelisted on our email server. I apologize for the wrong terminology in our application/introduction. I will make sure to use the proper nomenclature from now on. With one server, we should remain profitable with a FCT price as low as $5 USD @ 50% efficiency.

Thank you.
 
Last edited:

Niels Klomp

BI Foundation
Core Committee
Governance Working Group
Thank you for your application

NK01)
Prestige IT will provide 24x7 support for the nodes we host. We have a support email (support@prestigeit.io) that can be used to communicate issues, needed actions, etc. This email address generates a ticket into our ticketing system which is visible by all team members.
Could you elaborate how this is "visible" by all team members. What is the mechanism behind it?
 

Niels Klomp

BI Foundation
Core Committee
Governance Working Group
NK02)
You state that 5 people can administer the nodes in you application, with one team member taking the lead, given his extensive experience. You also state that the 5 people have 20 years of knowledge between them. Could you break down this knowledge (you don't have to mention names if you don't want to)?
 

Niels Klomp

BI Foundation
Core Committee
Governance Working Group
NK05)
You mention public key and password related to SSH in your application. Is the password in this case the passphrase connected to the key?
 

Niels Klomp

BI Foundation
Core Committee
Governance Working Group
NK06)
In your application you mention having experience with HA systems. In your document you mention the following goal:
Provide multiple high availability and elastic Authority and Follower nodes while maintaining
99.99% uptime
Could you explain what you mean with "high availability" in this context? Could you also do the same for the term "highly available server infrastructure" in chapter 3 on the same page?
 
Last edited:

Niels Klomp

BI Foundation
Core Committee
Governance Working Group
NK07)
In order for this community and project to thrive, all contributing members
should continue to invest back as an act of good faith and belief in the underlying project and platform.
What do you mean with "invest back" in this context?
 

Niels Klomp

BI Foundation
Core Committee
Governance Working Group
NK08)
You mention security and hardening throughout your document but most of the time mention common security practices like reverse path filtering, disabling source routing and logging martians for instance, which should be in the default toolbox of administrators. Could you give some other hardening examples you employ? How did you secure the mentioned memory?
 

Saul Schwartzbach

Prestige IT
To answer your questions:

NK01) - We use an enterprise ticketing system called TeamWork Desk. Part of its core functionality is to have designated support personnel alerted and copied on incoming tickets. Whenever a someone sends an email to support@prestigeit.io, a ticket is generated within the system and a copy is sent to all agents so that they are able to view, assign a resource, respond, add notes, etc. This keeps us organized with a central channel of communication, and allows for rapid response.

NK02) - 20 years was a tad bit of an understatement. Our team experience is broken down as follows:

Saul Schwartzbach - 5 years server admin experience
Colin Blumer - 8 years server admin experience
Nathan Johnston - 4 years server admin experience
Chris Orem - 4 years server admin experience
Ransom Christofferson - 2 years server admin experience

NK03) - I apologize for our oversight on this. As an organization, we currently manage 97 production servers.

NK04) - Apport, ICMP, SSH root login, redirect connections, execute and write access to shared memory, and host spoofing have all ben disabled

NK05) - Yes, this is referring to the passphrase connected to the authentication key The key pair was generated on a separate secured host using a long complex passphrase before being imported into AWS. SSH login requires public key and password authentication factors.

NK06) - In both cases we have a similar meaning for the term "high availability". In the first case, we are referring to our goal of providing systems with four 9's of uptime (99.99%). In the second case, we are referring particularly to experience managing systems with availability requirements set by upper management. This a key reason we chose to go with a cloud infrastructure vs on-premises for the Factom use case.

NK07) - This was a reference to Prestige IT pledging to operate our nodes @ 50% efficiency

NK08) - The shared memory space permissions have been restricted to read-only by default, but can be modified to allow for read/write if needed for the Factom services. The SSH service has been configured to a non-standard port, inbound firewall rules are set to individual source IPs, public key + password authentication required for login. Fail2Ban service installed and configured. ipv6 is disabled.

Thank you for your feedback.
 
Last edited:

Saul Schwartzbach

Prestige IT
TH #1

Could you please expand on this:
Good Afternoon,

We're currently in the process standing up our own dedicated node health monitoring server which will use the CloudWatch API to pull metrics from the Factom nodes into a backend database, and display them on a public-facing web page which will be accessible behind a login prompt. Access will be given to third parties upon request.

Thank you.
 

Niels Klomp

BI Foundation
Core Committee
Governance Working Group
Could you use the quote functionality on a individual basis please? Then we have context. Thx :)

Some follow up questions.

To answer your questions:

NK01) - We use an enterprise ticketing system called TeamWork Desk. Part of its core functionality is to have designated support personnel alerted and copied on incoming tickets. Whenever a someone sends an email to support@prestigeit.io, a ticket is generated within the system and a copy is sent to all agents so that they are able to view, assign a resource, respond, add notes, etc. This keeps us organized with a central channel of communication, and allows for rapid response.
Is your monitoring connected to this is well?
 

Niels Klomp

BI Foundation
Core Committee
Governance Working Group
To answer your questions:
NK05) - Yes, this is referring to the passphrase connected to the authentication key The key pair was generated on a separate secured host using a long complex passphrase before being imported into AWS. SSH login requires public key and password authentication factors.
So the public key and it's passphrase is the 2FA you mentioned in your application?
 
Last edited:

Niels Klomp

BI Foundation
Core Committee
Governance Working Group
To answer your questions:
NK06) - In both cases we have a similar meaning for the term "high availability". In the first case, we are referring to our goal of providing systems with four 9's of uptime (99.99%). In the second case, we are referring particularly to experience managing systems with availability requirements set by upper management. This a key reason we chose to go with a cloud infrastructure vs on-premises for the Factom use case.
Could you confirm. We are talking about systems with high uptime and not about HA systems?
 

Niels Klomp

BI Foundation
Core Committee
Governance Working Group
To answer your questions:
NK07) - This was a reference to Prestige IT pledging to operate our nodes @ 50% efficiency
Yes but you suggest that other operators should strive to do it as well (50%). Aren't there other ways to "invest back"?
 

Niels Klomp

BI Foundation
Core Committee
Governance Working Group
To answer your questions:
NK08) - The shared memory space permissions have been restricted to read-only by default, but can be modified to allow for read/write if needed for the Factom services. The SSH service has been configured to a non-standard port, inbound firewall rules are set to individual source IPs, public key + password authentication required for login. Fail2Ban service installed and configured. ipv6 is disabled.
Thank you. Could you elaborate on the fail2ban setup. What is monitored for instance?
 

Saul Schwartzbach

Prestige IT
Could you use the quote functionality on a individual basis please? Then we have context. Thx :)

Some follow up questions.


Is your monitoring connected to this is well?
Niels,

I can absolutely do that going forward, I apologize for confusion or lack of context.

Our CloudWatch monitoring alarms are indeed configured to send alerts to our ticketing system. The flexibility granted by a ticketing system like this is that we are able to route alerts from all critical services/systems into the system, which can then be viewed, sorted, and assigned by all team members in a central location.

Thank you.
 

Saul Schwartzbach

Prestige IT
Yes but you suggest that other operators should strive to do it as well (50%). Aren't there other ways to "invest back"?
In Section 6 of our team introduction, the intent was not to imply that all teams should strive to meet 50% efficiency, as there are certainly many other ways to invest back into the project and community, such as time or services. In fact, in addition to our efficiency, we plan to also offer ourselves as a cybersecurity resource to other selected teams and the community as a whole. Currently, we work with several prominent blockchain projects, and we have designed a playbook as well as protocols in order to protect crypto holdings by businesses and at the individual level. Given the fact every team chosen to host nodes in the Authority Set will be given FCT, we want to provide our expertise to help them protect their funds.
 

David Chapman

Factomize
B. Let's say you get an Authority Node. How it performs will be easy to monitor. However, as part of your campaign you also discuss additional development work (though not well-defined) which is important as well. The Standing Parties will likely want to see what progress you're making since it was part of your campaign. My questions are:

1. How would you communicate with the Standing Parties. Examples would be blog, twitter, Discord, Reddit, etc.
2. What would you communicate and how often?
3. What metrics should be used to gauge your success?
 

Matt Osborne

Go Immutable
Exchange Working Group
Legal Working Group
Hey Everyone! Can you do me a favor and break this down for me? Specifically, "existing customer base" and how you will "direct traffic and talent to the Factom Community." Thanks

Screen Shot 2018-04-25 at 3.06.13 PM.png
 

Saul Schwartzbach

Prestige IT
B. Let's say you get an Authority Node. How it performs will be easy to monitor. However, as part of your campaign you also discuss additional development work (though not well-defined) which is important as well. The Standing Parties will likely want to see what progress you're making since it was part of your campaign. My questions are:

1. How would you communicate with the Standing Parties. Examples would be blog, twitter, Discord, Reddit, etc.
2. What would you communicate and how often?
3. What metrics should be used to gauge your success?

Thank you for the question, we are happy to expand on some of the development we have in progress to help foster the community as a whole. As you have seen in our introduction and application we have called out several times that we believe we can be an asset to the community through our cyber and blockchain security expertise. In addition to the many policies and procedures we have developed and implemented with companies we advise; we have also developed a website/tool to backup your private keys. Please see https://cryptocoinbackup.com. Although the tool is still in development, in the coming weeks/months, we plan to implement features such as multi-password backup which will be ideal for companies who want to avoid a single point of failure. We would be happy to provide more detail on this project if requested. Regarding your three points:

1. Since we are already active on Discord and use it internally as our primary means of communication, we would prefer this to be our channel to communicate with the Standing Parties
2. We would communicate changes, updates, requests for stress testing, and offer bug bounties to the community. These items will be announced as they occur (slightly before).
3. Adoption would be the primary metric in which we could measure the success of offerings like https://cryptocoinbackup.com.
 

Saul Schwartzbach

Prestige IT
Hey Everyone! Can you do me a favor and break this down for me? Specifically, "existing customer base" and how you will "direct traffic and talent to the Factom Community." Thanks

View attachment 31

As new projects are introduced to us either through the many conferences we attend such as Consensus, recommendations, or word-of-mouth, we will highlight Factom as a potential solution should the use-case align. Such as: data validation, data integrity, auditing, record keeping, recording auditing, etc... Regarding our existing customer base, we are currently looking for opportunities to leverage the Factom protocol in a security context, to assist with identity validation and disaster recovery.
 

Saul Schwartzbach

Prestige IT
Could you confirm. We are talking about systems with high uptime and not about HA systems?
I am a bit confused as to what you mean here, could you please elaborate? Are you referring to HA systems as something like a clustered ESXi environment, a fault-tolerant SAN, or a redundant GLBP routing configuration, as opposed to a high uptime system? If so, then yes we have worked with and managed HA systems and infrastructure.
 
Top