From 9b818ed13689dc5e9d7779d3c4cbb3ef2cec353f Mon Sep 17 00:00:00 2001
From: jessica <jskajunior41@gmail.com>
Date: Mon, 30 Jun 2025 07:14:01 -0400
Subject: [PATCH 1/4] en translation

---
 .../security-specifications-dedicated-servers/guide.en-gb.md      | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 pages/account_and_service_management/account_information/security-specifications-dedicated-servers/guide.en-gb.md

diff --git a/pages/account_and_service_management/account_information/security-specifications-dedicated-servers/guide.en-gb.md b/pages/account_and_service_management/account_information/security-specifications-dedicated-servers/guide.en-gb.md
new file mode 100644
index 00000000000..e69de29bb2d

From 0fef034d0da89780acb579e1ab242b64aef06469 Mon Sep 17 00:00:00 2001
From: jessica <jskajunior41@gmail.com>
Date: Mon, 30 Jun 2025 07:17:30 -0400
Subject: [PATCH 2/4] en translation

---
 .../guide.en-gb.md                            | 184 ++++++++++++++++++
 1 file changed, 184 insertions(+)

diff --git a/pages/account_and_service_management/account_information/security-specifications-dedicated-servers/guide.en-gb.md b/pages/account_and_service_management/account_information/security-specifications-dedicated-servers/guide.en-gb.md
index e69de29bb2d..c86bfd84fad 100644
--- a/pages/account_and_service_management/account_information/security-specifications-dedicated-servers/guide.en-gb.md
+++ b/pages/account_and_service_management/account_information/security-specifications-dedicated-servers/guide.en-gb.md
@@ -0,0 +1,184 @@
+---
+title: "Dedicated Server Security Specifications"
+updated: 2024-06-30
+---
+
+## Objective
+
+In addition to the [responsibility model between OVHcloud and the customer on the Dedicated Server service](/pages/account_and_service_management/responsibility_sharing/dedicated-servers), this sheet aims to present the specific features and security features of this service. It also highlights best practices that will enable the customer to make the most of it.
+
+## 1 - Certifications
+
+- ISO/IEC 27001
+- ISO/IEC 27701
+- ISO/IEC 27017
+- ISO/IEC 27018
+- HDS
+- SOC 1 type II
+- SOC 2 type II
+- CSA type II
+- C5 type II
+- CISPE
+
+## 2 - Best practices to deploy on the service
+
+### 2.1 - Recommendations for getting started
+
+Once the service has been delivered, and after receiving the login credentials for connecting to its Dedicated Server, OVHcloud recommends that the customer change their credentials
+and harden its operating system. Hardening references and guides are discussed in [9.1 OS Image Delivery
+and hardening](#os-images) of this page.<br>
+Other guides are available in [the guide on Dedicated Servers](/products/bare-metal-cloud-dedicated-servers) to assist the customer with the transfer
+control and operation of the service.
+
+### 2.2 - Vulnerability Scan
+
+The customer is authorized to carry out vulnerability scans on the service they have subscribed to at OVHcloud from any service. OVHcloud does not need
+to be notified prior to the tests. The security measures deployed by OVHcloud (especially network protections) cannot be deactivated, even more so
+Reason for conducting such audits which should establish a clear view of the security of the customer’s infrastructure.
+The customer is not authorized to use their service to scan other infrastructure.
+
+## 3 - Service Guarantees
+
+### 3.1 - SLA
+
+Recovery of the SLAs of the specific conditions by service component.
+
+| **Component** | **SLA** | **Calculation method** | **Compensation** |
+| --- | --- | --- | --- |
+| Dedicated Server | 99.9% minimum (depending on the range) | The total number of minutes in the month, less the number of minutes of downtime in the month, divided by the total number of minutes in the month. For calculating compensation, the downtime is calculated from the moment the incident ticket is opened, until the issue is resolved. | Credit of 5% of the monthly cost of Dedicated Servers that are unavailable, in increments of 30 minutes of downtime beyond the SLA, up to a limit of 50% of the monthly cost. |
+
+### 3.2 - GIT
+
+| **Incident type** | **Intervention time** | **Recovery time** | **Compensation** |
+| --- | --- | --- | --- |
+| Level 1 incident: total unavailability of the service **detected by OVHcloud** | 1 hour | 1 hour from the beginning of the intervention | Incident detection by OVHcloud | Credit of 5% of the monthly cost of Dedicated Servers that are unavailable, in increments of 30 minutes of downtime beyond the SLA, up to a limit of 50% of the monthly cost. |
+| Level 1 incident: total service unavailability **reported by customer** | 1 hour | 1 hour from the beginning of the intervention | Creation of ticket by the customer | Credit of 5% of the monthly cost of Dedicated Servers that are unavailable, in increments of 30 minutes of downtime beyond the SLA, up to a limit of 50% of the monthly cost. |
+| Level 2 incident: substantial degradation of Dedicated Server performance | 1 hour | Ø | Creation of ticket by the customer | Credit of 5% of the monthly cost of Dedicated Servers that are unavailable, in increments of 30 minutes of downtime beyond the SLA, up to a limit of 50% of the monthly cost. |
+
+## 4 - Backups
+
+### 4.1 - Technical backups
+
+Technical backups are the backups taken by OVHcloud to ensure the service levels stipulated in the contract. These backups are not intended to be enabled at the customer's request. These backups do not contain any business data deposited by customers on their own dedicated servers.
+
+These are backups of infrastructure configurations that deliver the service to customers such as: router configuration, vRack configurations, IP allocation, etc.
+
+### 4.2 - Business backups
+
+List of features and backup options adapted to the service:
+
+| **Option name** | **Granularity** | **RTO** | **RPO** | **Documentation and tutorials**|
+| --- | --- | --- | --- | --- |
+| - FTP backup or Backup Storage is a 500GB storage space made available to the customer following subscription to the service.<br> - The service must be activated by the customer.<br> - No backup routine is configured by OVHcloud. | At the customer's choice | Depends on customer choice | N/A | [Use Backup Storage on a dedicated server](/pages/bare_metal_cloud/dedicated_servers/services_backup_storage) |
+| - Backup Storage is an additional storage option that allows you to have up to 10TB of additional disk space to deposit backups. | At the customer's choice | Depends on customer choice | N/A | [Use Backup Storage on a dedicated server](/pages/bare_metal_cloud/dedicated_servers/services_backup_storage) |
+
+## 5 - Logs
+
+> [!primary]
+> Read the guide [Getting started with OVHcloud APIs](/pages/manage_and_operate/api/first-steps) to get familiar with using OVHcloud APIv6.
+
+
+| **Source** | **Content** | **Links** |
+| --- | --- | --- |
+| Control Plane | Logs on all interactions made via API calls, launched by admin, technical or billing contacts, on the services they have access to. |- <https://api.ovh.com/console/#/me> (see `/me/api/logs` calls)<br>- [List of API calls done with your account](https://api.ovh.com/console/#/me/api/logs/self~GET)<br>- [List of API calls done on services you have access to](https://api.ovh.com/console/#/me/api/logs/services~GET) |
+| Service | List of tasks launched on a given server | [Dedicated Servers ToDos](https://api.ovh.com/console/#/dedicated/server/%7BserviceName%7D/task~GET)|
+| Service | List of interventions launched on a given server | [Technical interventions history](https://api.ovh.com/console/#/dedicated/server/%7BserviceName%7D/intervention~GET) |
+
+Tasks are actions launched by the client on a Dedicated Server: installing the OS, rebooting the OS, activating 'rescue' mode, etc ...
+
+Interventions are actions carried out by OVHcloud teams in the Datacentres on the physical servers: checking the state of the equipment, changing CPU, RAM or defective disk, etc.
+
+## 6 - API
+
+| **Name** | **Capabilities** | **Links** |
+| --- | --- | --- |
+| Control Plan and service | Manipulating customer accounts and services on which the account has service management rights | [API calls for Dedicated Servers](https://api.ovh.com/console/#/dedicated/server) |
+
+## 7 - User accounts
+
+### 7.1 - Control Plane
+
+Via the OVHcloud Control Panel, the customer can manage the service using [three typical contacts](/pages/account_and_service_management/account_information/managing_contacts#definition).
+
+To reference each customer who has subscribed to one or more services, OVHcloud uses a proprietary account with an internal NIC handle.
+
+To increase access to the customer account, the customer can enable [two-factor authentication (2FA)](/pages/account_and_service_management/account_information/secure-ovhcloud-account-with-2fa) or [single sign-on (SSO)](/products/account-and-service-management-account-information-users) by linking their account to an external Active Directory.
+
+### 7.2 - Data Plane
+
+Once the service has been delivered, at the OS installation stage, the customer has the choice between [using an SSH key](/pages/bare_metal_cloud/dedicated_servers/creating-ssh-keys-dedicated) (for Linux distributions) to access their server, or a single password, generated automatically by OVHcloud if they have not configured an SSH key.
+
+The client is autonomous in creating user accounts on its OS, once it has administrative rights on its server.
+
+## 8 - Anti-virus
+
+OVHcloud does not support installing antivirus software when installing the operating system.
+The customer is responsible for deploying security measures on the dedicated servers they operate.
+
+## 9 - Services available when the Service is installed
+
+### 9.1 - Providing OS images and hardening <a name="os-images"></a>
+
+> [!primary]
+> Read the guide [Getting started with OVHcloud APIs](/pages/manage_and_operate/api/first-steps) to get familiar with using OVHcloud APIv6.
+
+OVHcloud offers a catalog of operating systems, and is committed to providing operating systems that were last updated less than 30 days ago.
+
+- [List of operating systems available at OVHcloud](https://api.ovh.com/console/#/dedicated/installationTemplate/templateInfos~GET)
+- [List of operating systems available for a given business reference](https://api.ovh.com/console/#/dedicated/server/osAvailabilities~GET)
+- [List of operating systems available for a given server](https://api.ovh.com/console/#/dedicated/server/%7BserviceName%7D/install/compatibleTemplates~GET)
+
+The hardening of the operating systems provided is that of a nominal installation of the publisher. For advanced hardening, OVHcloud recommends referring to each publisher’s documentation .
+
+| **Publisher** | **Hardening Documentation** |
+| --- | --- |
+| Debian | <https://wiki.debian.org/Hardening> |
+| Redhat | <https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/overview-of-security-hardening-security-hardening> |
+| Ubuntu | <https://ubuntu.com/security/certifications/docs/usg> |
+| Windows | <https://docs.microsoft.com/en-gb/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines> |
+
+### 9.2 - Bring Your Own Image
+
+Bring Your Own Image is a feature that allows the customer to import an image of their choice to a server outside of the catalog offered by OVHcloud.
+Prerequisites and instructions are available on [this link](/pages/bare_metal_cloud/dedicated_servers/bring-your-own-image).
+
+### 9.3 - OVHcloud Monitoring
+
+A monitoring service is activated by default by OVHcloud to monitor the status of customers' servers, via the ICMP protocol. Customers can track the status of their own servers or disable this service, via their OVHcloud Control Panel or via an API call.
+
+The client can also enable monitoring of other network services that are disabled by default.
+
+It is the customer’s responsibility to follow the tightening guidelines of the OS publishers and to restrict ICMP flows to what is strictly necessary.
+
+In order to continue to benefit from the OVHcloud monitoring service, the customer must configure [filtering rules](/pages/bare_metal_cloud/dedicated_servers/network_ip_monitoring) on their servers’ internal firewall, and select the other services whose status they want to track.
+
+OVHcloud offers a feature called [OVHcloud Link Aggregation](/pages/bare_metal_cloud/dedicated_servers/ola-enable-manager) that can be activated by the customer and which allows them to benefit from a high-speed, redundant private network for their Dedicated Servers.
+
+If the customer activates this feature, the monitoring carried out by OVHcloud will be disabled.
+
+## 10 - Reversibility
+
+To ensure data portability and reversibility on the service, OVHcloud allows the customer to export and import their data autonomously.
+OVHcloud’s portability principles are described in its own [portability policy](/pages/account_and_service_management/reversibility/00-global-reversibility-policy), and those specific to the Dedicated Servers service are set out in its [specific policy](/pages/account_and_service_management/reversibility/01-dedicated-servers-reversibility-policy).
+
+### 10.1 - Business Data Erasure
+
+Following the customer’s decommission of the service and prior to the removal of the hard drive from the rack, an erasing robot applies a secure data erasure procedure based on the NIST SP 800-88 r1 level ‘Purge’.
+In case of technical constraints or limitations on certain ranges of hard drives and when the level 'Purge' cannot be applied, the erase at the level 'Clear' will run.
+
+### 10.2 - Technical data erasure
+
+Following the customer’s decommission of the service, OVHcloud frees up the resources allocated to them, such as the IP addresses and deletes the configurations made during service delivery.
+
+## 11. HDS guarantee representation
+
+> [!primary]
+>
+> This table is published prior to OVHcloud's effective certification on the 2024 version of the HDS repository. It allows OVHcloud customers to fuel their own compliance approach with the HDS version 2024 framework. OVHcloud has created and published this table in an effort to apply the different requirements of the repository as closely as possible. The versions audited by the auditors were posted online before February 2024.
+>
+
+| **Company name of the actor** | **Role in hosting service** | **HDS certified** | **SecNumCloud 3.2 Qualified** | **Hosting activities on which the player intervenes** | **HDS Repository Requirement #29** | **HDS Repository Requirement #30** |
+| --- | --- | --- | --- | --- | --- |--- |
+| OVHcloud | Web hosting provider | Yes | No | 1° The provision and maintenance in operational condition of the physical sites used to host the hardware infrastructure of the information system used for the processing of healthcare data.<br>2° The provision and maintenance in operational condition of the hardware infrastructure of the information system used for the processing of healthcare data.<br>3° The provision and maintenance in operational condition of the virtual infrastructure of the information system used for the processing of healthcare data.<br>4° The provision and maintenance in operational condition of the platform for hosting applications of the information system.<br>6° The backup of healthcare data. | No, no access to data from a third country in the European Economic Area | No(1) |
+
+(1) : OVHcloud complies with all the requirements of Chapter 19.6 of the SecNumCloud framework for protection against non-European law.
\ No newline at end of file

From f674c47bf39da583945cad76cb7dbae46926d442 Mon Sep 17 00:00:00 2001
From: Montrealhub <89825661+Jessica41@users.noreply.github.com>
Date: Mon, 30 Jun 2025 17:23:20 -0400
Subject: [PATCH 3/4] Update
 pages/account_and_service_management/account_information/security-specifications-dedicated-servers/guide.en-gb.md

Co-authored-by: Yoann Cosse <63302382+Y0Coss@users.noreply.github.com>
---
 .../security-specifications-dedicated-servers/guide.en-gb.md    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pages/account_and_service_management/account_information/security-specifications-dedicated-servers/guide.en-gb.md b/pages/account_and_service_management/account_information/security-specifications-dedicated-servers/guide.en-gb.md
index c86bfd84fad..7277d4ca0c6 100644
--- a/pages/account_and_service_management/account_information/security-specifications-dedicated-servers/guide.en-gb.md
+++ b/pages/account_and_service_management/account_information/security-specifications-dedicated-servers/guide.en-gb.md
@@ -181,4 +181,4 @@ Following the customer’s decommission of the service, OVHcloud frees up the re
 | --- | --- | --- | --- | --- | --- |--- |
 | OVHcloud | Web hosting provider | Yes | No | 1° The provision and maintenance in operational condition of the physical sites used to host the hardware infrastructure of the information system used for the processing of healthcare data.<br>2° The provision and maintenance in operational condition of the hardware infrastructure of the information system used for the processing of healthcare data.<br>3° The provision and maintenance in operational condition of the virtual infrastructure of the information system used for the processing of healthcare data.<br>4° The provision and maintenance in operational condition of the platform for hosting applications of the information system.<br>6° The backup of healthcare data. | No, no access to data from a third country in the European Economic Area | No(1) |
 
-(1) : OVHcloud complies with all the requirements of Chapter 19.6 of the SecNumCloud framework for protection against non-European law.
\ No newline at end of file
+(1): OVHcloud complies with all the requirements of Chapter 19.6 of the SecNumCloud framework for protection against non-European law.
\ No newline at end of file

From 50ffc9575e7cc0bb51d34cfaa32ca387acc872ce Mon Sep 17 00:00:00 2001
From: jessica <jskajunior41@gmail.com>
Date: Wed, 2 Jul 2025 09:19:17 -0400
Subject: [PATCH 4/4] create CA files

---
 .../guide.en-ca.md                            | 184 ++++++++++++++++++
 .../guide.fr-ca.md                            | 183 +++++++++++++++++
 2 files changed, 367 insertions(+)
 create mode 100644 pages/account_and_service_management/account_information/security-specifications-dedicated-servers/guide.en-ca.md
 create mode 100644 pages/account_and_service_management/account_information/security-specifications-dedicated-servers/guide.fr-ca.md

diff --git a/pages/account_and_service_management/account_information/security-specifications-dedicated-servers/guide.en-ca.md b/pages/account_and_service_management/account_information/security-specifications-dedicated-servers/guide.en-ca.md
new file mode 100644
index 00000000000..aa986deb943
--- /dev/null
+++ b/pages/account_and_service_management/account_information/security-specifications-dedicated-servers/guide.en-ca.md
@@ -0,0 +1,184 @@
+---
+title: "Dedicated Server Security Specifications"
+updated: 2025-07-02
+---
+
+## Objective
+
+In addition to the [responsibility model between OVHcloud and the customer on the Dedicated Server service](/pages/account_and_service_management/responsibility_sharing/dedicated-servers), this sheet aims to present the specific features and security features of this service. It also highlights best practices that will enable the customer to make the most of it.
+
+## 1 - Certifications
+
+- ISO/IEC 27001
+- ISO/IEC 27701
+- ISO/IEC 27017
+- ISO/IEC 27018
+- HDS
+- SOC 1 type II
+- SOC 2 type II
+- CSA type II
+- C5 type II
+- CISPE
+
+## 2 - Best practices to deploy on the service
+
+### 2.1 - Recommendations for getting started
+
+Once the service has been delivered, and after receiving the login credentials for connecting to its Dedicated Server, OVHcloud recommends that the customer change their credentials
+and harden its operating system. Hardening references and guides are discussed in [9.1 OS Image Delivery
+and hardening](#os-images) of this page.<br>
+Other guides are available in [the guide on Dedicated Servers](/products/bare-metal-cloud-dedicated-servers) to assist the customer with the transfer
+control and operation of the service.
+
+### 2.2 - Vulnerability Scan
+
+The customer is authorized to carry out vulnerability scans on the service they have subscribed to at OVHcloud from any service. OVHcloud does not need
+to be notified prior to the tests. The security measures deployed by OVHcloud (especially network protections) cannot be deactivated, even more so
+Reason for conducting such audits which should establish a clear view of the security of the customer’s infrastructure.
+The customer is not authorized to use their service to scan other infrastructure.
+
+## 3 - Service Guarantees
+
+### 3.1 - SLA
+
+Recovery of the SLAs of the specific conditions by service component.
+
+| **Component** | **SLA** | **Calculation method** | **Compensation** |
+| --- | --- | --- | --- |
+| Dedicated Server | 99.9% minimum (depending on the range) | The total number of minutes in the month, less the number of minutes of downtime in the month, divided by the total number of minutes in the month. For calculating compensation, the downtime is calculated from the moment the incident ticket is opened, until the issue is resolved. | Credit of 5% of the monthly cost of Dedicated Servers that are unavailable, in increments of 30 minutes of downtime beyond the SLA, up to a limit of 50% of the monthly cost. |
+
+### 3.2 - GIT
+
+| **Incident type** | **Intervention time** | **Recovery time** | **Compensation** |
+| --- | --- | --- | --- |
+| Level 1 incident: total unavailability of the service **detected by OVHcloud** | 1 hour | 1 hour from the beginning of the intervention | Incident detection by OVHcloud | Credit of 5% of the monthly cost of Dedicated Servers that are unavailable, in increments of 30 minutes of downtime beyond the SLA, up to a limit of 50% of the monthly cost. |
+| Level 1 incident: total service unavailability **reported by customer** | 1 hour | 1 hour from the beginning of the intervention | Creation of ticket by the customer | Credit of 5% of the monthly cost of Dedicated Servers that are unavailable, in increments of 30 minutes of downtime beyond the SLA, up to a limit of 50% of the monthly cost. |
+| Level 2 incident: substantial degradation of Dedicated Server performance | 1 hour | Ø | Creation of ticket by the customer | Credit of 5% of the monthly cost of Dedicated Servers that are unavailable, in increments of 30 minutes of downtime beyond the SLA, up to a limit of 50% of the monthly cost. |
+
+## 4 - Backups
+
+### 4.1 - Technical backups
+
+Technical backups are the backups taken by OVHcloud to ensure the service levels stipulated in the contract. These backups are not intended to be enabled at the customer's request. These backups do not contain any business data deposited by customers on their own dedicated servers.
+
+These are backups of infrastructure configurations that deliver the service to customers such as: router configuration, vRack configurations, IP allocation, etc.
+
+### 4.2 - Business backups
+
+List of features and backup options adapted to the service:
+
+| **Option name** | **Granularity** | **RTO** | **RPO** | **Documentation and tutorials**|
+| --- | --- | --- | --- | --- |
+| - FTP backup or Backup Storage is a 500GB storage space made available to the customer following subscription to the service.<br> - The service must be activated by the customer.<br> - No backup routine is configured by OVHcloud. | At the customer's choice | Depends on customer choice | N/A | [Use Backup Storage on a dedicated server](/pages/bare_metal_cloud/dedicated_servers/services_backup_storage) |
+| - Backup Storage is an additional storage option that allows you to have up to 10TB of additional disk space to deposit backups. | At the customer's choice | Depends on customer choice | N/A | [Use Backup Storage on a dedicated server](/pages/bare_metal_cloud/dedicated_servers/services_backup_storage) |
+
+## 5 - Logs
+
+> [!primary]
+> Read the guide [Getting started with OVHcloud APIs](/pages/manage_and_operate/api/first-steps) to get familiar with using OVHcloud APIv6.
+
+
+| **Source** | **Content** | **Links** |
+| --- | --- | --- |
+| Control Plane | Logs on all interactions made via API calls, launched by admin, technical or billing contacts, on the services they have access to. |- <https://ca.api.ovh.com/console/#/me> (see `/me/api/logs` calls)<br>- [List of API calls done with your account](https://ca.api.ovh.com/console/#/me/api/logs/self~GET)<br>- [List of API calls done on services you have access to](https://ca.api.ovh.com/console/#/me/api/logs/services~GET) |
+| Service | List of tasks launched on a given server | [Dedicated Servers ToDos](https://ca.api.ovh.com/console/#/dedicated/server/%7BserviceName%7D/task~GET)|
+| Service | List of interventions launched on a given server | [Technical interventions history](https://ca.api.ovh.com/console/#/dedicated/server/%7BserviceName%7D/intervention~GET) |
+
+Tasks are actions launched by the client on a Dedicated Server: installing the OS, rebooting the OS, activating 'rescue' mode, etc ...
+
+Interventions are actions carried out by OVHcloud teams in the Datacentres on the physical servers: checking the state of the equipment, changing CPU, RAM or defective disk, etc.
+
+## 6 - API
+
+| **Name** | **Capabilities** | **Links** |
+| --- | --- | --- |
+| Control Plan and service | Manipulating customer accounts and services on which the account has service management rights | [API calls for Dedicated Servers](https://ca.api.ovh.com/console/#/dedicated/server) |
+
+## 7 - User accounts
+
+### 7.1 - Control Plane
+
+Via the OVHcloud Control Panel, the customer can manage the service using [three typical contacts](/pages/account_and_service_management/account_information/managing_contacts#definition).
+
+To reference each customer who has subscribed to one or more services, OVHcloud uses a proprietary account with an internal NIC handle.
+
+To increase access to the customer account, the customer can enable [two-factor authentication (2FA)](/pages/account_and_service_management/account_information/secure-ovhcloud-account-with-2fa) or [single sign-on (SSO)](/products/account-and-service-management-account-information-users) by linking their account to an external Active Directory.
+
+### 7.2 - Data Plane
+
+Once the service has been delivered, at the OS installation stage, the customer has the choice between [using an SSH key](/pages/bare_metal_cloud/dedicated_servers/creating-ssh-keys-dedicated) (for Linux distributions) to access their server, or a single password, generated automatically by OVHcloud if they have not configured an SSH key.
+
+The client is autonomous in creating user accounts on its OS, once it has administrative rights on its server.
+
+## 8 - Anti-virus
+
+OVHcloud does not support installing antivirus software when installing the operating system.
+The customer is responsible for deploying security measures on the dedicated servers they operate.
+
+## 9 - Services available when the Service is installed
+
+### 9.1 - Providing OS images and hardening <a name="os-images"></a>
+
+> [!primary]
+> Read the guide [Getting started with OVHcloud APIs](/pages/manage_and_operate/api/first-steps) to get familiar with using OVHcloud APIv6.
+
+OVHcloud offers a catalog of operating systems, and is committed to providing operating systems that were last updated less than 30 days ago.
+
+- [List of operating systems available at OVHcloud](https://ca.api.ovh.com/console/#/dedicated/installationTemplate/templateInfos~GET)
+- [List of operating systems available for a given business reference](https://ca.api.ovh.com/console/#/dedicated/server/osAvailabilities~GET)
+- [List of operating systems available for a given server](https://ca.api.ovh.com/console/#/dedicated/server/%7BserviceName%7D/install/compatibleTemplates~GET)
+
+The hardening of the operating systems provided is that of a nominal installation of the publisher. For advanced hardening, OVHcloud recommends referring to each publisher’s documentation .
+
+| **Publisher** | **Hardening Documentation** |
+| --- | --- |
+| Debian | <https://wiki.debian.org/Hardening> |
+| Redhat | <https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/overview-of-security-hardening-security-hardening> |
+| Ubuntu | <https://ubuntu.com/security/certifications/docs/usg> |
+| Windows | <https://docs.microsoft.com/en-gb/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines> |
+
+### 9.2 - Bring Your Own Image
+
+Bring Your Own Image is a feature that allows the customer to import an image of their choice to a server outside of the catalog offered by OVHcloud.
+Prerequisites and instructions are available on [this link](/pages/bare_metal_cloud/dedicated_servers/bring-your-own-image).
+
+### 9.3 - OVHcloud Monitoring
+
+A monitoring service is activated by default by OVHcloud to monitor the status of customers' servers, via the ICMP protocol. Customers can track the status of their own servers or disable this service, via their OVHcloud Control Panel or via an API call.
+
+The client can also enable monitoring of other network services that are disabled by default.
+
+It is the customer’s responsibility to follow the tightening guidelines of the OS publishers and to restrict ICMP flows to what is strictly necessary.
+
+In order to continue to benefit from the OVHcloud monitoring service, the customer must configure [filtering rules](/pages/bare_metal_cloud/dedicated_servers/network_ip_monitoring) on their servers’ internal firewall, and select the other services whose status they want to track.
+
+OVHcloud offers a feature called [OVHcloud Link Aggregation](/pages/bare_metal_cloud/dedicated_servers/ola-enable-manager) that can be activated by the customer and which allows them to benefit from a high-speed, redundant private network for their Dedicated Servers.
+
+If the customer activates this feature, the monitoring carried out by OVHcloud will be disabled.
+
+## 10 - Reversibility
+
+To ensure data portability and reversibility on the service, OVHcloud allows the customer to export and import their data autonomously.
+OVHcloud’s portability principles are described in its own [portability policy](/pages/account_and_service_management/reversibility/00-global-reversibility-policy), and those specific to the Dedicated Servers service are set out in its [specific policy](/pages/account_and_service_management/reversibility/01-dedicated-servers-reversibility-policy).
+
+### 10.1 - Business Data Erasure
+
+Following the customer’s decommission of the service and prior to the removal of the hard drive from the rack, an erasing robot applies a secure data erasure procedure based on the NIST SP 800-88 r1 level ‘Purge’.
+In case of technical constraints or limitations on certain ranges of hard drives and when the level 'Purge' cannot be applied, the erase at the level 'Clear' will run.
+
+### 10.2 - Technical data erasure
+
+Following the customer’s decommission of the service, OVHcloud frees up the resources allocated to them, such as the IP addresses and deletes the configurations made during service delivery.
+
+## 11. HDS guarantee representation
+
+> [!primary]
+>
+> This table is published prior to OVHcloud's effective certification on the 2024 version of the HDS repository. It allows OVHcloud customers to fuel their own compliance approach with the HDS version 2024 framework. OVHcloud has created and published this table in an effort to apply the different requirements of the repository as closely as possible. The versions audited by the auditors were posted online before February 2024.
+>
+
+| **Company name of the actor** | **Role in hosting service** | **HDS certified** | **SecNumCloud 3.2 Qualified** | **Hosting activities on which the player intervenes** | **HDS Repository Requirement #29** | **HDS Repository Requirement #30** |
+| --- | --- | --- | --- | --- | --- |--- |
+| OVHcloud | Web hosting provider | Yes | No | 1° The provision and maintenance in operational condition of the physical sites used to host the hardware infrastructure of the information system used for the processing of healthcare data.<br>2° The provision and maintenance in operational condition of the hardware infrastructure of the information system used for the processing of healthcare data.<br>3° The provision and maintenance in operational condition of the virtual infrastructure of the information system used for the processing of healthcare data.<br>4° The provision and maintenance in operational condition of the platform for hosting applications of the information system.<br>6° The backup of healthcare data. | No, no access to data from a third country in the European Economic Area | No(1) |
+
+(1) : OVHcloud complies with all the requirements of Chapter 19.6 of the SecNumCloud framework for protection against non-European law.
\ No newline at end of file
diff --git a/pages/account_and_service_management/account_information/security-specifications-dedicated-servers/guide.fr-ca.md b/pages/account_and_service_management/account_information/security-specifications-dedicated-servers/guide.fr-ca.md
new file mode 100644
index 00000000000..1ae19ad702a
--- /dev/null
+++ b/pages/account_and_service_management/account_information/security-specifications-dedicated-servers/guide.fr-ca.md
@@ -0,0 +1,183 @@
+---
+title: "Spécifications de sécurité du service Serveurs Dédiés"
+updated: 2025-07-02
+---
+
+## Objectif
+
+En complément au [modèle de responsabilité entre OVHcloud et le client sur le service Serveurs Dédiés](/pages/account_and_service_management/responsibility_sharing/dedicated-servers), cette fiche a pour objectif de présenter les particularités et fonctions de sécurité propres à ce service. Elle met aussi en avant des bonnes pratiques qui permettront au client de l'exploiter au mieux.
+
+## 1 - Certifications
+
+- ISO/IEC 27001
+- ISO/IEC 27701
+- ISO/IEC 27017
+- ISO/IEC 27018
+- HDS
+- SOC 1 type II
+- SOC 2 type II
+- CSA type II
+- C5 type II
+- CISPE
+
+## 2 - Bonnes pratiques à déployer sur le service
+
+### 2.1 - Recommandations à la prise en main du service
+
+Une fois le service délivré et après réception des identifiants de connexion à son Serveur Dédié, OVHcloud recommande au client de changer ses identifiants 
+et de procéder au durcissement de son système d'exploitation. Des références et guides de durcissement sont présentés dans la section [9.1 Fourniture d'image OS 
+et durcissement](#os-images) de cette page.<br>
+D'autres guides sont disponibles dans [le corpus documentaire sur les Serveurs Dédiés](/products/bare-metal-cloud-dedicated-servers) pour assister le client à la prise 
+en main et l'exploitation du service.
+
+### 2.2 - Scan de vulnérabilités
+
+Le client est autorisé à réaliser des scans de vulnérabilités sur le service qu'il a souscrit chez OVHcloud depuis n'importe quel service. OVHcloud n'a pas besoin 
+d'être prévenu préalablement aux tests. Les mesures de sécurité déployées par OVHcloud (notamment les protections réseau) ne sont pas désactivables, à plus forte 
+raison dans le cadre de ce type d'audits qui doivent établir une vision claire de la sécurité de l'infrastructure du client.
+Le client n'est pas autorisé à utiliser son service pour scanner d'autres infrastructures.
+
+## 3 - Garanties de service
+
+### 3.1 - SLA
+
+Reprise des SLA des conditions particulières par composante du service.
+
+| **Composant** | **SLA** | **Méthode de calcul** | **Dédommagement** |
+| --- | --- | --- | --- |
+| Serveur Dédié | 99,9% minimum (dépend de la gamme) | Nombre total  de minutes du mois considéré, déduction faite du nombre de minutes d’indisponibilité du mois concerné, le tout divisé par le nombre total de minutes du mois considéré. Pour le calcul des dédommagements, le temps d’indisponibilité est calculé à partir de l’ouverture du ticket incident, jusqu'à la résolution du dysfonctionnement. | Crédit de 5% du coût mensuel des Serveurs Dédiés indisponibles, par tranches de 30 minutes entamées d'indisponibilité au-delà du SLA, dans la limite de 50% dudit coût mensuel. |
+
+### 3.2 - GTI
+
+| **Typologie d'incident** | **Temps d'intervention** | **Temps de rétablissement** | **Dédommagement** |
+| --- | --- | --- | --- |
+| Incident niveau 1 : indisponibilité totale du service **détectée par OVHcloud** | 1h | 1h à compter du début de l'intervention | Détection de l'incident par OVHcloud | Crédit de 5% du coût mensuel des Serveurs Dédiés indisponibles, par tranches de 30 minutes entamées d'indisponibilité au-delà du SLA, dans la limite de 50% dudit coût mensuel. |
+| Incident niveau 1 : indisponibilité totale du service **signalée par le client** | 1h | 1h à compter du début de l'intervention | Création du ticket par le client | Crédit de 5% du coût mensuel des Serveurs Dédiés indisponibles, par tranches de 30 minutes entamées d'indisponibilité au-delà du SLA, dans la limite de 50% dudit coût mensuel. |
+| Incident niveau 2 : dégradation substantielle des performances des Serveurs Dédiés | 1h | ∅ | Création du ticket par le client | Crédit de 5% du coût mensuel des Serveurs Dédiés indisponibles, par tranches de 30 minutes entamées d'indisponibilité au-delà du SLA, dans la limite de 50% dudit coût mensuel. |
+
+## 4 - Backups
+
+### 4.1 - Sauvegardes techniques
+
+Les sauvegardes techniques sont les sauvegardes réalisées par OVHcloud pour assurer les niveaux de service prévus au contrat. Ces sauvegardes ne sont pas prévues pour être activées à la demande du client. Ces backups ne contiennent aucune donnée métier déposée par les clients sur leurs propres serveurs dédiés.
+
+Ce sont des sauvegardes de configurations des infrastructures qui permettent de délivrer le service aux clients telles que : configuration des routeurs, configurations vRack, affectation des IP, etc ...
+
+### 4.2 - Sauvegardes métier
+
+Liste des fonctionnalités et options de backups adaptées au service :
+
+| **Nom de l'option** | **Granularité** | **RTO** | **RPO** | **Documentation et tutoriels**|
+| --- | --- | --- | --- | --- |
+| - FTP backup ou Backup Storage est un espace de stockage de 500Go mis à disposition du client suite à la souscription au service.<br> - Le service doit être activé par le client.<br> - Aucune routine de backup n'est configurée par OVHcloud. | Au choix du client | Dépend du choix du client | N/A | [Utiliser Backup Storage sur un serveur dédié](/pages/bare_metal_cloud/dedicated_servers/services_backup_storage) |
+| - Backup Storage est une option de stockage supplémentaire qui permet d'avoir un espace disque supplémentaire pouvant atteindre 10To pour déposer des sauvegardes. | Au choix du client | Dépend du choix du client |  N/A | [Utiliser Backup Storage sur un serveur dédié](/pages/bare_metal_cloud/dedicated_servers/services_backup_storage) |
+
+## 5 - Logs
+
+> [!primary]
+> Consultez le guide [Premiers pas avec les API OVHcloud](/pages/manage_and_operate/api/first-steps) pour vous familiariser avec l'utilisation des APIv6 OVHcloud.
+
+| **Source** | **Contenu** | **Liens** |
+| --- | --- | --- |
+| Control Plane (Espace Client) | Logs sur toutes les interactions réalisées via des appels API, lancés par les contacts administrateur, technique ou de facturation, sur les services auxquels ils ont accès. |- <https://ca.api.ovh.com/console/#/me> (voir les appels `/me/api/logs`)<br>- [List of API calls done with your account](https://api.ovh.com/console/#/me/api/logs/self~GET)<br>- [List of API calls done on services you have access to](https://ca.api.ovh.com/console/#/me/api/logs/services~GET) |
+| Service | Liste des tâches lancées sur un serveur donné | [Dedicated Servers ToDos](https://ca.api.ovh.com/console/#/dedicated/server/%7BserviceName%7D/task~GET)|
+| Service | Liste des interventions lancées sur un serveur donné | [Technical interventions history](https://ca.api.ovh.com/console/#/dedicated/server/%7BserviceName%7D/intervention~GET) |
+
+Les tâches sont des actions lancées par le client sur un Serveur Dédié : installation de l'OS, redémarrage de l'OS, activation du mode 'rescue', etc ...
+
+Les interventions sont des actions réalisées par les équipes OVHcloud dans les Datacentres sur les serveurs physiques : vérification de l'état de l'équipement, changement de CPU, RAM ou disque défectueux, etc ...
+
+## 6 - API
+
+| **Nom** | **Capacités** | **Liens** |
+| --- | --- | --- |
+| Control Plane et service | Manipulation des comptes client et des services sur lesquels le compte a des droits de gestion du service | [API calls for Dedicated Servers](https://ca.api.ovh.com/console/#/dedicated/server) |
+
+## 7 - Comptes utilisateurs
+
+### 7.1 - Control Plane
+
+A travers son espace client OVHcloud, le client a la possibilité de gérer le service à l'aide de [trois contacts types](/pages/account_and_service_management/account_information/managing_contacts#definition).
+
+Afin de référencer chaque client ayant souscrit à un ou plusieurs services, OVHcloud utilise un compte propriétaire avec un NIC interne. 
+
+Pour renforcer l'accès au compte client, le client a la possibilité d'activer [une authentification à double facteur (2FA)](/pages/account_and_service_management/account_information/secure-ovhcloud-account-with-2fa) ou [l'authentification SSO (Single Sign-On)](/products/account-and-service-management-account-information-users) en associant son compte à un Active Directory externe.
+
+### 7.2 - Data Plane
+
+Une fois le service livré, à l'étape d'installation de l'OS, le client a le choix entre l'[utilisation d'une clé SSH](/pages/bare_metal_cloud/dedicated_servers/creating-ssh-keys-dedicated) (pour les distributions Linux) pour accéder à son serveur où d'un mot de passe unique, généré automatiquement par OVHcloud s'il n'a pas configuré de clé SSH.
+
+Le client est autonome pour créer les comptes utilisateurs sur son OS, une fois qu'il a les droits d'administration sur son serveur.
+
+## 8 - Antivirus
+
+OVHcloud ne prend pas en charge l'installation d'un antivirus lors de l'installation du système d'exploitation.
+Le client est responsable du déploiement des mesures de sécurité sur les serveurs dédiés qu'il opère.
+
+## 9 - Services disponibles à l'installation du Service
+
+### 9.1 - Fourniture d'images d'OS et durcissement <a name="os-images"></a>
+
+> [!primary]
+> Consultez le guide [Premiers pas avec les API OVHcloud](/pages/manage_and_operate/api/first-steps) pour vous familiariser avec l'utilisation des APIv6 OVHcloud.
+
+OVHcloud met à disposition un catalogue de systèmes d'exploitation et s'engage à fournir des systèmes d'exploitation dont la dernière mise à jour date de moins de 30 jours.
+
+- [Liste des systèmes d'exploitation disponibles chez OVHcloud](https://ca.api.ovh.com/console/#/dedicated/installationTemplate/templateInfos~GET)
+- [Liste des systèmes d'exploitation disponibles pour une référence commerciale donnée](https://ca.api.ovh.com/console/#/dedicated/server/osAvailabilities~GET)
+- [Liste des systèmes d'exploitation disponibles pour un serveur donné](https://ca.api.ovh.com/console/#/dedicated/server/%7BserviceName%7D/install/compatibleTemplates~GET)
+
+Le durcissement des systèmes d'exploitation fournis est celui d'une installation nominale de l’éditeur. Pour un durcissement avancé, OVHcloud recommande de se référer aux documentations de chaque éditeur .
+
+| **Editeur** | **Documentation de durcissement** |
+| --- | --- |
+| Debian | <https://wiki.debian.org/Hardening> |
+| Redhat | <https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/overview-of-security-hardening-security-hardening> |
+| Ubuntu | <https://ubuntu.com/security/certifications/docs/usg> |
+| Windows | <https://docs.microsoft.com/fr-fr/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines> |
+
+### 9.2 - Bring Your Own Image
+
+Bring Your Own Image est une fonctionnalité qui permet au client d'importer une image de son choix sur un serveur en dehors du catalogue proposé par OVHcloud. 
+Les prérequis et modes d'emploi sont disponibles sur [ce lien](/pages/bare_metal_cloud/dedicated_servers/bring-your-own-image).
+
+### 9.3 - Monitoring OVHcloud
+
+Un service de monitoring est activé par défaut par OVHcloud pour suivre l'état des serveurs des clients, via le protocole ICMP. Le client a la possibilité de suivre l'état de ses propres serveurs ou de désactiver ce service, via son espace client OVHcloud ou via un appel API.
+
+Le client a également la possibilité d'activer la supervision d'autres services réseaux qui sont désactivés par défaut.
+
+Il appartient au client de suivre les guides de durcissement des éditeurs d'OS et de restreindre les flux ICMP au strict nécessaire.
+
+Afin de continuer à bénéficier du service de monitoring OVHcloud, le client doit configurer [des règles de filtrage](/pages/bare_metal_cloud/dedicated_servers/network_ip_monitoring) sur le pare-feu interne de ses serveurs et sélectionner les autres services dont il souhaite suivre l'état.
+
+OVHcloud propose une fonctionnalité appelée [OVHcloud Link Aggrégation](/pages/bare_metal_cloud/dedicated_servers/ola-enable-manager) qui peut être activée par le client et qui lui permet de bénéficier d'un réseau privé à haut débit et redondé pour ses Serveurs Dédiés.
+
+Si le client active cette fonctionnalité, le monitoring réalisé par OVHcloud sera désactivé.
+
+## 10 - Réversibilité
+
+Afin d'assurer la portabilité et la réversibilité des données sur le service, OVHcloud permet au client d'exporter et importer ses données en toute autonomie.
+Les principe de portabilité d'OVHcloud sont décrits dans sa propre [politique de portabilité](/pages/account_and_service_management/reversibility/00-global-reversibility-policy) et ceux spécifiques au service Serveurs Dédiés sont indiqués dans sa [politique spécifique](/pages/account_and_service_management/reversibility/01-dedicated-servers-reversibility-policy).
+
+### 10.1 - Effacement des données métier
+
+Suite au décommissionnement du service par le client et avant l'extraction du disque dur du rack, un robot d'effacement applique une procédure d'effacement sécurisé des données basée sur le standard NIST SP 800-88 r1 niveau 'Purge'.
+En cas de contraintes ou limitations techniques sur certaines gammes de disques durs et quand le niveau 'Purge' ne peut s'appliquer, c'est l'effacement au niveau 'Clear' qui s'exécute.
+
+### 10.2 - Effacement des données techniques
+
+Suite au décommissionnement du service par le client, OVHcloud procède à la libération des ressources qui lui sont allouées, comme les adresses IP et la suppression des configurations réalisées lors de la livraison du service.
+
+## 11. Représentation des garanties HDS
+
+> [!primary]
+>
+> Ce tableau est publié préalablement à la certification effective d'OVHcloud sur la version 2024 du référentiel HDS. Il permet aux clients d'OVHcloud d'alimenter leur propre démarche de conformité par rapport au référentiel HDS version 2024. OVHcloud a réalisé et publié ce tableau en s'efforçant d'appliquer au mieux les différentes exigences du référentiel. Les versions vérifiées par les auditeurs ont été mises en ligne avant février 2024.
+>
+
+| **Raison sociale de l'acteur** | **Rôle dans le cadre de la prestation d'hébergement** | **Certfié HDS** | **Qualifié SecNumCloud 3.2** | **Activités d'hébergement sur laquelle l'acteur intervient** | **Exigence n°29 du référentiel HDS** | **Exigence n°30 du référentiel HDS** |
+| --- | --- | --- | --- | --- | --- |--- |
+| OVHcloud | Hébergeur | Oui | Non | 1° La mise à disposition et le maintien en condition opérationnelle des sites physiques permettant d'héberger l'infrastructure matérielle du système d'information utilisé pour le traitement des données de santé.<br>2° La mise à disposition et le maintien en condition opérationnelle de l'infrastructure matérielle du système d'information utilisé pour le traitement de données de santé.<br>3° La mise à disposition et le maintien en condition opérationnelle de l'infrastructure virtuelle du système d'information utilisé pour le traitement des données de santé.<br>4° La mise à disposition et le maintien en condition opérationnelle de la plateforme d'hébergement d'applications du système d'information.<br>6° La sauvegarde des données de santé. | Non, aucun accès aux données depuis un pays tiers à l’Espace Économique Européen | Non(1) |
+
+(1) : OVHcloud respecte l'ensemble des exigences du chapitre 19.6 du référentiel SecNumCloud relatif à la protection vis-à-vis du droit extra-européen.