Best Practices

Sometimes things are so much easier when you get a few hints along the way. At SoftLayer, an IBM Company, we get that and want to help. We’ve put together this list of tips to ensure you have a great experience as a SoftLayer customer. We’ve divided the list into four categories, each containing various suggestions on what to do (or not do) to keep your systems running smoothly so you get the best of what we have to offer. If you’re able to implement these practices into your SoftLayer routine, chances are you’ll never have to say, “I wish they would have told me that.” Click on any category below to learn more.

Keep your company profile updated

The company profile contains important information that SoftLayer uses in the event that we need to contact you.  If your phone number or primary contact email changes, we may be unable to contact you about issues with your account, including things like billing and abuse.  Keeping your company profile up to date means you will never miss an important message from SoftLayer.

Maintain and verify your billing information

All of your billing details, from invoices to payment information, are securely stored in the Customer Portal.  SoftLayer utilizes automatic billing, so the card on your account will be charged at the same time every month. If your payment method changes, or the card is cancelled or expired, update your payment information soon as possible to avoid late charges.

Don't share master login credentials

Your account's master login credentials should be shared carefully, if at all. Your master login controls every aspect of your account and should be protected. To enable other users to use the Customer Portal, we recommend you set up individual or permission-based users. This allows you to have the most control over who is able to interact with certain aspects of your account.

Establish role-based or user-specific accounts

Different people within an organization have a different roles and responsibilities, and user permission sets are not one–size-fits-all. Because of this, establishing individual accounts for users or roles will ensure that each person or group only has access to what they should. If changes are made in error or were unauthorized, they can be traced back to the user or group to ensure proper training is received or user permissions can be updated. This minimizes risk in a variety of ways and allows users to focus on their specified role within the Customer Portal.

Manage your passwords responsibly

Each piece of software provisioned on a device is assigned a password that is automatically generated by our systems.  Software passwords for each device are stored on the Passwords tab on the Device Details screen within the Customer Portal.  We recommend changing your passwords after accessing the software for the first time.  Optionally, software credentials may be stored on the Passwords tab for each device; however, understand that when storing passwords within the Portal, any person with access to the account and appropriate permissions may view passwords stored within the Portal.

Secure your system

Firewalls are an add-on service to any device and must be manually configured and enabled to ensure they are effective. Port management allows you to lock down superfluous ports and disable public ports for private network-based systems to further manage outside accessibility to your systems. Performing regular vulnerability scans in the Customer Portal identifies any outstanding or unknown security risks so that they may be mitigated quickly.

Use the private network

SoftLayer's private network allows you to manage your devices in the most secure environment possible. When possible, interact with your devices using a VPN connection and enable network spanning so your systems can communicate over the private network. To access the private network, edit the user’s VPN access from the User List. Use the instructions on our Virtual Private Network page to connect to one of the various VPN options.

Safeguard your data through regular backups

SoftLayer offers multiple backup solutions to ensure your data may be retrieved in the event of drive failure or user error. Backup solutions currently include NAS, EVault Backup and R1Soft CDP, which are all available in a variety of storage options. Check out our Storage page for more information on each backup solution.

Don't leave your firewall in bypass mode

Purchasing a firewall is a start to protecting your systems, but merely purchasing a firewall will not protect you. After it is provisioned, your firewall is in Bypass Mode and has no rules set. To get your firewall up and running, you must create rules and activate the firewall so it can begin blocking unwanted activity. If you don't, it's like having a security system that you never turn on.

Don't leave RDP, SSH, or control ports on the public network

The public network is great for many things, but there are certain aspects that, when left available on the public network through open ports, can leave your system vulnerable. Protect yourself by disabling RDP or restricting SSH on the public network.  If these services must be available on the public network, consider moving RDP or SSH to a custom port number.

Don't assume you have redundancy; know you do

SoftLayer offers multiple add-on redundancies, including dual-path, redundant power supplies, and RAID configurations. Verify that you have provisioned one or more of these features to ensure you are working in a redundant environment and are protected in the event of a failure.

Don't perform an OS reload without confirming your information is backed up

OS reloads wipe a device's hard drive, which means information that was on the hard drive prior to the OS reload will not be there when the reload is complete. Prior to initiating the OS reload, back up your information and verify the success of that backup so no information is lost. After an OS reload has been completed, lost information cannot be retrieved.

Monitor your environment

Having a monitored environment means you have the ability to check on devices at any time and are automatically notified if one of your devices goes down. See Set Up a Bare Metal Server for monitoring options. We recommend using basic ping monitoring, at minimum, but encourage you to customize your monitoring options in a way that best suits your business needs.

Stay informed of network maintenance and unplanned events

From time to time, scheduled and emergency network maintenance is unavoidable. SoftLayer has maintains many channels, such as  our Twitter account, to keep you informed of all scheduled and emergency maintenance events. Additionally, you may subscribe to email notifications from our Event Management System. This complimentary service automatically emails subscribed users regarding unplanned events which may impact services.

Use SoftLayer Mobile

SoftLayer Mobile allows you to manage your SoftLayer devices on the go using your iOS or Android mobile device. Functionality within SoftLayer Mobile includes ticketing support, basic device control, and bandwidth monitoring.

Read the Cloud Service Agreement (CSA)

Our Cloud Service Agreement (CSA) contains all of the important details that you agreed to when you became a SoftLayer customer. The CSA is our primary legal document and outlines the responsibilities you have as our customer and the responsibilities we have as your Service Provider. This includes things like our Terms of Service (TOS), Service Level Agreements (SLA), and Acceptable Use Policy (AUP). By taking some time to read the CSA, you’ll have a clear understanding of what to expect throughout your relationship with SoftLayer.

Don’t filter or ignore emails from SoftLayer

Filtering out and skipping over emails from SoftLayer may mean that you miss important information regarding your account. If an issue arises, you will generally be notified via email so you have a record of the events that occurred and what, if anything, we need from you, and a timeline in which action is required. By skipping over or filtering out emails, you may miss those important notifications, but will still be held accountable for anything that we’ve requested. Be sure to read every email from SoftLayer to ensure that you don’t miss any important information.

Our Support team’s mission is to make sure you have the help you need, exactly when you need it; that’s why they run 24/7/365. And in order to best serve you, we need your cooperation.

Don’t create multiple tickets for the same issue

Tickets are assigned and handled using an “emergency room” methodology. This means our support team works through the tickets queue based on the severity of the issue submitted. Rather than creating multiple tickets for each device that is experiencing the same issue (i.e. an outage), associate up to five devices in your ticket and they can all be handled at once. This also ensures that we are aware of a widespread issue on your account and that the same Support engineer will resolve the issue in all locations.

Don’t remove Adaptec Storage Manager (ASM)

ASM is how SoftLayer monitors your RAID array status. If you delete this software, we lose the ability to monitor your device. If ASM is removed from your device, we are not alerted for RAID failures on your device and will be unable to notify you of the failure through our automatic notification system.

Support Escalation Flow

  1.  Open a support ticket (via portal, chat, or phone [866-403-7638]).
    1. When creating/updating a ticket, it's important to include any errors, logs, or troubleshooting that has occurred as this will help in resolving the issue the quickest.
  2. Work with SoftLayer Support Team in the ticket (i.e., if they ask for info, please respond).
  3. If progress on the ticket stalls, you can escalate via the ticket, chat, or phone (i.e., Update the ticket with "please escalate this ticket due to customer impact/etc.").
  4. If the ticket escalated in step 3 does not progress, it can be escalated to Support Supervisor (staffed 24x7x365) by requesting in the ticket.
  5. If you are still not getting the progress needed after exhausting step 4, you can email the Support Management team at
    1. This distribution list will notify all of our Support Management team to make sure we have all of the right resources engaged to resolve your issue.


From time to time, events occur in the SoftLayer Cloud that require SoftLayer to take action. Sometimes these events are unexpected and sometimes there are planned maintenance activities required to keep the Cloud operating at its peak condition. While SoftLayer makes every effort to isolate our customers from these events, sometimes it becomes necessary to take certain equipment off-line. Regardless of the impact to our customers, it is always necessary to be transparent, timely and informative. We believe it is best to put our customers in control of their Cloud experience, and so our policy is to push information to our customers that explicitly subscribe to this process on the customer Portal. Therefore it is important that our customers understand how to make notifications work for them. This article is intended to provide a brief primer on this capability. 

SoftLayer Notifications

Getting Started with Notifications

SoftLayer deploys an effective notification process using the Event Management System (EMS) for three types of important operational events that include unplanned infrastructure issues that may cause an outage under certain conditions for specific customers, planned service maintenance, which is required from time to time to keep the infrastructure operating at optimal status and opened support tickets which alerts subscribed users of tickets opened on their account. SoftLayer notifications have been designed for Cloud environments by adhering to three key principles: 1) Automated through the customer portal, 2) Scalable to reach a large and growing community and 3) Targeted enabling SoftLayer to identify only the customers and subset of resources affected by the event. The effectiveness of the system depends on customers subscribing to the process and establishing 24 hour coverage for critical environments, if required.
An overview of SoftLayer Notifications is provided in the links below. The first link provides a brief tutorial of how to subscribe to notifications. The second link is a BLOG that describes the use of the system in greater detail.

Notification Timing Policy

The period of time SoftLayer gives to users in advance of a pending event differs between whether the event is an unplanned infrastructure issue or planned or scheduled maintenance. Generally, the SoftLayer policy is to remedy problems as quickly as possible in order to remove or minimize the risk of further issues developing which could have a larger impact on customers. This means that sometimes even planned maintenance is performed with only a short advanced notification.

Policy Overview

  • For unplanned issues or outages, SoftLayer will endeavor to communicate with affected customers as soon as possible with information pertaining to infrastructure scope, workarounds or resolution estimates as soon as that information is known. Timely communication gives customers information they need to plan for contingencies and provides assurance that SoftLayer is aware of and addressing the issue. 
  • For notifications involving scheduled maintenance, SoftLayer provides notification for scheduled maintenance in advance of the event. There are times when SoftLayer deems maintenance to be an emergency which could result in shorter advanced notification. Our goal is to find an ideal balance between giving a reasonable amount of advanced notice to allow customers to make plans for contingencies and upgrading / enhancing infrastructure which typically results in improvements in overall stability or adds needed capabilities. 
  • For security vulnerabilities there is a process that SoftLayer undergoes to isolate the affected area, create a patch to close the vulnerability and test the patch to ensure no collateral function is impacted. Often this work is done with another vendor that may supply parts of the affected technology. There is typically a public notification embargo for security patches which are kept short by design to protect the public, but necessitates a shorter advanced notification period so that SoftLayer can implement the patches across the affected infrastructure before the public is made aware of the issue, which would otherwise heighten the risk. The faster the vulnerability is closed, the sooner the customer's risk is removed which means that security issues require a short notification window.
    • One of the more frequent targets for security breaches is virtual infrastructure software. SoftLayer utilizes popular open source and partner technology to deliver its Virtual Server offering. To implement a security fix, customer servers running virtual infrastructure software may have to be taken off-line to patch and re-boot the environment, causing disruption. To minimize the impact on our customers, SoftLayer has recently implemented an enhancement to the notification process for virtual infrastructure: Improved communications.  Customers are notified with a specific start time and 90 minute window for each pod, which will result in a shorter disruption as well as more pinpoint timing so better preparation can occur. Our notification system is sophisticated to be able to isolate maintenance to each account, allowing SoftLayer to notify customers as soon as their specific hosts are serviced, which will most often occur well before the 90 minute window. 
  • When multiple PODs or data centers are affected by the issue, SoftLayer endeavors to give longer advanced notice unless there is an extreme urgency to implement the fix to avoid even greater secondary impact.

Ability to Add Additional Subscribers For Receiving Event Notifications via the SoftLayer Control Portal

  • Increasingly IBM customers rely on SoftLayer Cloud infrastructure services (IaaS), either by contracting with IBM for Managed Infrastructure Services, by contracting for IBM Cloud services that run on SoftLayer infrastructure or contracting directly with SoftLayer for infrastructure services. When Cloud services involve SoftLayer infrastructure, only SoftLayer account users are authorized to receive SoftLayer Notifications, as described above. In some cases, the IBM Customer would prefer not to grant the IBM Account or Managed Service teams involved in the operations or support of SoftLayer infrastructure services, access to their SoftLayer accounts. A new feature has been added to the SoftLayer Control Portal that allows customers with SoftLayer accounts to designate a list of subscribers, for example IBM personnel, to receive notifications without having any privileges on their accounts.
    • Master Users can log in to their SoftLayer Control Portal account and under the Support Tab, choose the drop-down called Additional Subscribers. In this pop-up box, the client Master User can add the email address and click Create. Multiple email addresses can be added (Note: email addresses can either be IBM or non-IBM). Email addresses added as Additional Subscribers will receive the following notifications: Planned and Unplanned Event Notifications, and Opened Support Tickets
  1. The notifications will contain technical details; consider who should have those details when considering adding subscribers.

    The UI provides this caution: This notification will be sent in clear text and may contain the name & IP address of servers and VSIs.
  2. Due to the detailed technical nature of the notifications, the intended subscribers are those who can understand in detail how the notification impacts the client's SoftLayer environment. Subscribing recipients who are not able to understand the potential client impact based on the details in the notification is counter-productive and strongly advised against.


Contact info