the beneficent the merciful in the name of. “assuring reliable and secure it services”
TRANSCRIPT
the Beneficent
“ASSURING RELIABLE AND SECURE IT SERVICES”
RedundancyAvailability MathHigh-Availability FacilitiesSecuring Infrastructure against
ThreatsIncident Management and Disaster
Recovery
IT Redundancy: Its Value
”The key to reliable systems is redundancy”How much reliability to buy? Some costs of failure are intangible and hard to quantify. It
is difficult to estimate the probability of such failure. Redundant systems are more complex than non-redundent
systems, and this complexity must be managed.
Technologies To assure 24/7 operations get better all the time.
Retool Your Data Center
Transforming a data center for e-business is almost like rebuilding a 747 while it's flying.
"The real challenge is to provide continuous application availability while changing everything around you."
The most fundamental way to ease the transition is to get a better understanding of your business model, customer needs and how applications interact with one another in a Web-enabled world.
Have an architecture that lets administrators add, remove, test or repair hardware and software - without taking down the complex.
Availability Math
Availability of Components in Series The effect of Redundancy on AvailabilityHigh Availability FacilitiesN+1 And N+N Redundancy(six sigma
99.999%)
Availability Math The Availability of
Components in the Series
C h a p t e r 6 F i g u r e 6 - 1
F i v e C o m p o n e n t s i n S e r i e s ( e a c h 9 8 % A v a i l a b l e )
C o m p o n e n t 1
9 8 %a v a i l a b i l i t y
C o m p o n e n t 2
9 8 %a v a i l a b i l i t y
C o m p o n e n t 3
9 8 %a v a i l a b i l i t y
C o m p o n e n t 4
9 8 %a v a i l a b i l i t y
C o m p o n e n t 5
9 8 %a v a i l a b i l i t y
. 9 8 x . 9 8 x . 9 8 x . 9 8 x . 9 8 = s e r v i c e a v a i l a b i l i t y o f 9 0 %
S o u r c e : A p p l e g a t e , L y n d a M . , R o b e r t D . A u s t i n , a n d F . W a r r e n M c F a r l a n , C o r p o r a t e I n f o r m a t i o n S t r a t e g y a n d M a n a g e m e n t . B u r r R i d g e , I L : M c G r a w - H i l l / I r w i n , 2 0 0 2 .
Chapter 6 Figure 6-2
Combining Components in Series Decreases Overall Availability
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
Number of Components In Series (each 98% available)
Av
ail
ab
ilit
y
Source: Applegate, Lynda M., Robert D. Austin, and F. Warren McFarlan, Corporate Information Strategy and Management. Burr Ridge, IL: McGraw-Hill/Irwin, 2002.
Availability Math The Effects of Redundancy
on Availability
Five Components in Parallel (each 98% Available)
Chapter 6 Figure 6-3
Source: Applegate, Lynda M., Robert D. Austin, and F. Warren McFarlan, Corporate Information Strategy and Management. Burr Ridge, IL: McGraw-Hill/Irwin, 2002.
Chapter 6 Figure 6-4
Redundancy Increases Overall Availability
98.0%
98.5%
99.0%
99.5%
100.0%
1 2 3 4 5 6 7 8 9 10
Number of Components In Parallel (each 98% available)
Av
ail
ab
ilit
y
Source: Applegate, Lynda M., Robert D. Austin, and F. Warren McFarlan, Corporate Information Strategy and Management. Burr Ridge, IL: McGraw-Hill/Irwin, 2002.
Availability Math High-Availability Facilities
Uninterruptible Electric Power Delivery
Physical Security
Climate Control and Fire SuppressionNetwork ConnectivityHelp Desk and Incident Response Procedures
Availability Math N + 1 and N + N Redundancy
N+1 means that for each type of critical component there should be at least one unit standing by.
N+N redundancy requires twice as many mission-critical components as are necessary to run a facility at any one time.
Chapter 6 Figure 6-5
A Representative E-Commerce Infrastructure
Router
Firewall 1
Firewall 2
Switch
Web Server1
Web Server2
DatabaseServer
Disk Array
PolicyServer 1
PolicyServer 2
ApplicationServer 1
ApplicationServer 2
Internet
Source: Applegate, Lynda M., Robert D. Austin, and F. Warren McFarlan, Corporate Information Strategy and Management. Burr Ridge, IL: McGraw-Hill/Irwin, 2002.
Who are the AttackersHacker: An outside person who has penetrated a
computer system, usually with no criminal intent.Cracker: A malicious hacker.Social engineering: Getting around security
systems by tricking computer users into revealing sensitive information or gaining unauthorized access privileges.
Cybercrimes: Illegal activities executed on the Internet.
Cyber war: War in which a country’s information systems could be paralyzed from a massive attack by destructive software.
Virus: Software that can attach itself to (“infect”) other computer programs without the owner of the program being aware of the infection.
Securing Infrastructure:
Defensive Measures
Security policies
Fire walls
AuthenticationsEncryptions
1. Security Policies
What kinds of passwords are to be used, and how often should they be changed?Who is allowed to have accounts on company systems?What security features must be activated before a company can connect to a network?What are users allowed to download?
2. FirewallsFirewalls provide a boundary at the distant so that not everyone without authorize access can enter the system.
It is not the full proof system but is very effective in controlling unauthorized access.
3.Authentication•Passwords expire regularly and forms of passwords are restricted. •User name/password plus one other factor, such as biometric verification of identity (figure prints, DNA’s, Voice waves).
4.Encryption•Encryption is encoding the messages and sending to the recipient's and the recipient is decoding the message. •The sender and user both should have access to the key for this purpose and key should be kept safe so that no user in between and other than intended reads the message.