Key takeaways
In this article
Data centres and server rooms create a particular combination of risks:
A small electrical fault, overheating connection or failing power supply can develop into a serious incident if it is not identified quickly. In many cases, the first priority is very early warning, allowing investigation and intervention before suppression is required.
The consequences of a fire can also extend far beyond the protected room. Loss of servers, communication systems, security systems, data availability or business-critical infrastructure can cause operational disruption, contractual issues, reputational damage and insurance complications.
This is why a data centre fire protection strategy should be based on the actual risk profile of the room, not a generic assumption that the wider building system is sufficient.
Early detection is one of the most important parts of data centre fire protection. The earlier a developing fire condition is identified, the greater the chance of preventing escalation, avoiding discharge and keeping the facility operational.
For many data centres and server rooms, **aspirating smoke detection** is a key technology. These systems continuously draw air samples through a pipe network and analyse them for very small smoke particles. This can provide very early warning of overheating cables, smouldering components or developing electrical faults before smoke becomes obvious in the room.
This is particularly useful in high-airflow environments. Traditional point smoke detectors can be affected by air movement, cabinet layouts, cold aisles, hot aisles, ceiling voids and return air paths. Aspirating systems can be designed to sample from the right locations, including above racks, within ceiling voids, underfloor spaces or return air paths where appropriate.
That does not mean aspirating detection is the only form of detection required. A robust strategy may also include:
The detection design should match the room layout and airflow strategy. If racks are reconfigured, cooling is changed, or containment is added, the detection arrangement may also need review.
The worst outcome is a detection system that technically exists but does not properly sample the real risk areas.
Suppression selection is one of the most important decisions in a data centre fire protection strategy. The chosen system must protect the equipment, suit the room, align with current standards and support safe operation over the life of the facility.
One important point is that **FM-200 should no longer be treated as a preferred solution for new data centre installations**.
FM-200, also known as HFC-227ea, is an HFC-based clean agent. Existing FM-200 systems may still be encountered and may still require service, maintenance, inspection, recharge planning or end-of-life advice. However, for new data centre installations, FM-200 should generally be treated as a legacy system issue rather than a forward-looking specification.
The reason is not that FM-200 does not work as a suppressant. It does. The issue is its long-term suitability. HFC agents are subject to phasedown under the wider Montreal Protocol framework, through the Kigali Amendment, and are also affected by UK F-gas controls. This means long-term availability, refill cost, environmental acceptability and client sustainability requirements are all moving against HFC-based systems.
For that reason, Astro would not normally recommend FM-200 for new data centre suppression installations. Existing systems can still be maintained and reviewed, but new projects should be designed around current, future-proof alternatives.
Modern clean agent systems are commonly selected for data centres because they are non-conductive, fast-acting and leave no residue. They are designed to suppress fire without the water damage or clean-up burden associated with traditional suppression methods.
For sensitive IT environments, a suitable clean agent system can protect equipment while supporting rapid recovery, provided the room has been properly surveyed, designed and maintained.
The design needs to consider:
The clean agent should be selected based on current standards, environmental position, system approval, availability, room characteristics and client requirements.
Inert gas systems are another option for data centre fire suppression. They work by reducing oxygen concentration to a level where combustion cannot continue, while still maintaining an atmosphere that can be tolerated for short-term evacuation when correctly designed.
Inert gases leave no residue, have strong environmental credentials and avoid the HFC issue. They can be well suited to some data centre environments, particularly where environmental policy is a major driver.
The main practical consideration is storage space. Inert gas systems generally require more cylinders than chemical clean agent systems. In some buildings this is perfectly manageable; in others, cylinder storage, pipe routes and discharge pressures make the design more challenging.
Once installed, a CO2 system needs regular inspection and maintenance. Because these systems may sit unused for years, faults can develop unnoticed unless they are actively checked.
Typical maintenance considerations include:
Any discharge, whether caused by a real fire, accidental activation or test event, must be treated seriously. Cylinders will need to be refilled or exchanged, the cause of activation investigated, and the system returned to service by a competent engineer.
Maintenance should also look beyond the system hardware. If the protected room has changed use, if equipment has been added, if ventilation has been altered, or if staff access patterns have changed, the system may need reassessment.
Water-based systems may form part of the wider building protection strategy, and some facilities use pre-action sprinkler systems or water mist in certain areas. However, water near critical IT equipment creates obvious concerns around equipment damage and downtime.
The correct position is not "water is always wrong" or "sprinklers are always sufficient". The correct position is that any water-based protection must be carefully assessed against the data centre's risk, resilience objectives, insurance requirements and business continuity plan.
Cooling is one of the reasons data centre fire protection needs specialist input.
Data centres depend on controlled airflow and heat removal. Server racks, UPS equipment and power distribution systems generate heat continuously. Fire detection and suppression systems must be designed around this airflow, not in isolation from it.
Cooling can affect fire protection in several ways:
With gaseous suppression, the room must be able to hold the required concentration for the required period. If cooling systems continue to move air in or out of the space, the agent may not remain at the correct concentration for long enough to prevent re-ignition.
This is why suppression design must include ventilation shutdown, damper control, pressure relief and room integrity testing where applicable. It is also why the design team needs to understand how the room actually operates, not just its floor area and ceiling height.
A proper data centre fire protection system is not just a set of cylinders connected to pipework. It is a coordinated infrastructure package.
A suitable system may include:
The cause-and-effect strategy is especially important. Facilities managers need to understand exactly what happens when the system enters first-stage alarm, second-stage alarm, pre-discharge warning, discharge and post-discharge lockout.
For example:
A data centre suppression system that no one understands is not a properly managed system.
Data centre fire protection in the UK needs to be considered under a combination of legal duties, British and European standards, insurer requirements and site-specific risk assessment.
Relevant considerations may include:
The important point is that compliance is not achieved by naming a standard in a document. The system must be designed, installed, commissioned and maintained in a way that reflects the actual room, the actual risk and the current use of the facility.
Existing installations also need periodic review. A system designed for a small server room ten years ago may not be suitable after rack expansion, containment changes, new UPS equipment, additional cabling or altered cooling arrangements.
The most common data centre fire protection problems are rarely dramatic. They are usually practical issues that develop over time.
Typical examples include:
A particularly common issue is the assumption that because a data centre has a suppression system, it is automatically protected. That is not true. The system only protects the room if the detection, enclosure, agent quantity, discharge arrangement, interfaces and maintenance regime are still correct.
Data centre fire protection is an investment in business continuity.
The cost of a properly designed detection and suppression system can seem significant, especially for a smaller server room.
But the cost of a serious data centre fire can include:
Even a minor incident can become expensive if the fire protection system activates incorrectly, fails to activate, or cannot be reinstated quickly.
The strongest fire protection strategies are designed to reduce both fire damage and unnecessary disruption. Very early warning detection may allow intervention before suppression discharges. Correct suppression design may prevent equipment contamination. Proper room integrity may prevent re-ignition. Good documentation and maintenance may allow faster reinstatement.
That is the real value: not just extinguishing a fire, but helping the facility recover quickly and safely.
Data centre fire protection should start with a proper technical review.
For a new installation, that means understanding the room, equipment, cooling strategy, power infrastructure, business continuity requirements and insurer expectations before selecting the system.
For an existing installation, that means asking:
FM-200 should now be treated as a legacy issue, not a recommended route for new data centre projects. Existing systems may still need support, but new designs should be based on current, future-proof suppression options.
The right system depends on the site. For some rooms, a modern clean agent system will be the best fit. For others, inert gas may be more appropriate. In some facilities, the suppression strategy may need to be combined with pre-action sprinklers, building systems, very early warning detection and enhanced monitoring.
The key is specialist design. Data centre fire protection is not a generic product. It is an engineered solution that needs to protect people, equipment, data, continuity and compliance at the same time.
Regulatory Reform (Fire Safety) Order 2005
Building Regulations and Approved Document B
BS 5839-1
BS 6266
BS EN 15004
BS EN 17966:2024
Manufacturer design manuals and system approvals
Insurer requirements
Site-specific fire risk assessment
Plus insurer requirements and site-specific fire risk assessment
Not every server room requires gaseous fire suppression, but for many business-critical environments it is one of the most effective ways of protecting equipment and reducing downtime following a fire. Gaseous suppression can extinguish a fire without the water damage associated with traditional sprinkler systems and is often used alongside aspirating smoke detection to provide the earliest possible warning of a developing incident.
BS 6266 recommends that the level of fire protection provided to electronic equipment installations should be based on the criticality of the facility and the potential consequences of a fire. The standard categorises environments as medium, high or critical risk according to factors such as equipment replaceability, business continuity arrangements and tolerance to downtime.
As the risk category increases, BS 6266 recommends progressively more sophisticated fire detection and suppression arrangements. High and critical risk environments commonly incorporate high-sensitivity aspirating smoke detection and automatic fire suppression systems to minimise damage and business interruption.
Organisations should also consider insurer requirements. Where server rooms, communications equipment or other business-critical systems are involved, insurers may require or strongly recommend enhanced fire protection measures as part of a wider risk management strategy.
The decision to install gaseous fire suppression should therefore be based on a risk assessment, business continuity requirements, acceptable downtime, equipment value and any insurer expectations, rather than simply the size of the room.
Reviewed by David Cullis, Managing Director, Astro Fire Systems Ltd. Astro Fire Systems Ltd is BAFE certificated under SP203-1 (Fire Detection & Alarm Systems) and SP203-3 (Fixed Fire Suppression Systems).
Yes, existing FM-200 systems can still provide effective protection for data centres and other critical electronic environments, but organisations should understand the regulatory position surrounding the HFC-227ea agent they
contain. FM-200 is a trade name for HFC-227ea, a clean extinguishing agent that has been widely used in server rooms and data centres for many years.
HFC-227ea has been subject to a long-term phasedown programme under international environmental agreements and F-Gas legislation aimed at reducing the use of high Global Warming Potential (GWP) gases. Over time, these measures have progressively reduced the availability of HFCs and increased the focus on recovery, recycling and reclamation.
As part of this ongoing phasedown, further restrictions took effect from January 2025 affecting the placement of new HFC-based fire suppression systems on the market. Existing systems can continue to be operated, maintained and supported, but refilling increasingly relies on reclaimed and recycled HFC-227ea rather than newly produced agent. This has contributed to rising recharge costs and increased lifecycle planning considerations for system owners.
For organisations with existing FM-200 systems, the focus should be on lifecycle management rather than immediate replacement. A well-maintained system can continue to provide effective protection, but future maintenance costs, agent availability, insurer expectations and long-term business resilience should all be considered when planning ahead.
Many FM-200 systems installed during the late 1990s and early 2000s are now reaching an age where wider refurbishment and resilience reviews naturally prompt consideration of alternative suppression technologies. The most suitable replacement will depend on the risk, occupancy, room characteristics and operational requirements of the facility.
Aspirating Smoke Detection (ASD) is a highly sensitive form of smoke detection designed to identify the earliest signs of a developing fire. Rather than waiting for smoke to reach a conventional ceiling-mounted detector, an ASD system continuously draws air samples through a network of small pipes installed throughout the protected area and analyses those samples within a dedicated detection unit.
This approach allows smoke particles to be detected at a much earlier stage, often before a fire becomes visible or produces sufficient smoke to activate conventional detectors. In server rooms, data centres and other electronic equipment environments, this early warning can provide valuable time to investigate a fault, isolate equipment or initiate fire suppression measures before significant damage occurs.
BS 6266 specifically identifies aspirating smoke detection as being particularly suitable for electronic equipment installations and commonly recommends high-sensitivity Class A ASD systems for high and critical risk environments. When combined with an appropriate fire suppression strategy, ASD can form an important part of a business continuity and asset protection programme.
In many cases, the objective is not simply to detect a fire, but to identify overheating components, failing power supplies or developing electrical faults before they escalate into a serious incident.
As a general rule, room integrity testing should be carried out annually and whenever significant changes are made to the protected room.
The purpose of room integrity testing is to demonstrate that the protected enclosure can retain the extinguishing agent for the period required by the system design. In simple terms, the room integrity test provides the evidence that the suppression system should be capable of achieving and maintaining its design concentration if a discharge occurs.
For this reason, annual room integrity testing remains the preferred approach for many organisations. Unless a fully documented and controlled management-of-change process can provide clear evidence that absolutely no alterations have taken place which could affect the enclosure, it is difficult to confidently verify that the room's
integrity remains unchanged. In practice, this level of control is uncommon, which is why annual testing is generally regarded as the most reliable method of confirming ongoing compliance and system performance.
Where room integrity testing has lapsed and there is no robust evidence demonstrating that the enclosure remains unchanged from the last verified test, the ability of the room to retain the extinguishing agent cannot be confirmed. From a maintenance and compliance perspective, this would typically be identified as a non-compliance requiring further investigation or re-testing.
A data centre cause-and-effect strategy should clearly define how every fire protection system will respond to a developing incident, from the earliest warning stage through to any suppression system discharge. The objective is to ensure that detection, alarm, suppression, building services and operational procedures work together in a predictable and controlled manner.
In many environments, the sequence begins with high-sensitivity aspirating smoke detection providing an early warning of abnormal conditions. Staged alarm levels may then be used to trigger investigation, escalation procedures and operational responses before a fire develops further. Depending on the system design, subsequent actions may include conventional fire alarm activation, HVAC shutdown, damper closure, equipment shutdown, remote monitoring notifications and signalling to an alarm receiving centre.
Where automatic gaseous fire suppression is provided, the cause-and-effect strategy should clearly define the conditions required for release, any pre-discharge warning periods, manual release arrangements, abort functions and post-discharge actions. The strategy should also consider business continuity requirements and minimise unnecessary disruption whilst maintaining life safety and system effectiveness.
Most importantly, the cause-and-effect strategy should be fully documented, tested during commissioning and understood by those responsible for operating the facility. If the people responsible for operating the facility cannot clearly explain what happens during a fire event, the strategy may require further review.
Whether you need a new system, an existing installation reviewed, or maintenance support, our engineers can help. Call 01905 964703 or request a free site survey.
Get in touch
BAFE accredited fire protection specialists (SP203). Over 20 years of experience in fire suppression and detection for data centres, manufacturing, commercial and public sector clients across the UK.
BAFE 302724 | Worcester, UK | Nationwide service