View
218
Download
0
Category
Tags:
Preview:
Citation preview
“Assuring Reliable and Secure IT Services”
IT Redundancy: Its Value
How much reliability to buy? Customer Service impacted as a result of 15
minutes downtime? Privacy? Security? Normal Accidents?
Retool Your Data Center
Transforming a data center for e-business is almost like rebuilding a 747 while it's flying.
"The real challenge is to provide continuous application availability while changing everything around you."
The most fundamental way to ease the transition is to get a better understanding of your business model, customer needs and how applications interact with one another in a Web-enabled world.
Have an architecture that lets administrators add, remove, test or repair hardware and software - without taking down the complex.
CSPA
ProblemMgmt.
ChangeMgmt. Asset
Mgmt.
System& NetworkSecurity
VersionReleaseMgmt. Software
Distribution
Perform. Monitoring/CapacityPlanning Job
Scheduling
NetworkMgmt.
UserSecurity Access
Event Monitoring
ConsoleMgmt. Disk
Mgmt.
Data(Storage)
Mgmt. DisasterRecovery
Manageable
Serviceable
Reliable
Available
Availability Math
Availability of Components in Series The effect of Redundancy on Availability High Availability Facilities N+1 And N+N Redundancy
Availability Math The Availability of Components in the Series
C h a p t e r 6 F i g u r e 6 - 1
F i v e C o m p o n e n t s i n S e r i e s ( e a c h 9 8 % A v a i l a b l e )
C o m p o n e n t 1
9 8 %a v a i l a b i l i t y
C o m p o n e n t 2
9 8 %a v a i l a b i l i t y
C o m p o n e n t 3
9 8 %a v a i l a b i l i t y
C o m p o n e n t 4
9 8 %a v a i l a b i l i t y
C o m p o n e n t 5
9 8 %a v a i l a b i l i t y
. 9 8 x . 9 8 x . 9 8 x . 9 8 x . 9 8 = s e r v i c e a v a i l a b i l i t y o f 9 0 %
S o u r c e : A p p l e g a t e , L y n d a M . , R o b e r t D . A u s t i n , a n d F . W a r r e n M c F a r l a n , C o r p o r a t e I n f o r m a t i o n S t r a t e g y a n d M a n a g e m e n t . B u r r R i d g e , I L : M c G r a w - H i l l / I r w i n , 2 0 0 2 .
Chapter 6 Figure 6-2
Combining Components in Series Decreases Overall Availability
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
Number of Components In Series (each 98% available)
Av
ail
ab
ilit
y
Source: Applegate, Lynda M., Robert D. Austin, and F. Warren McFarlan, Corporate Information Strategy and Management. Burr Ridge, IL: McGraw-Hill/Irwin, 2002.
Availability Math The Effects of Redundancy on Availability
Five Components in Parallel (each 98% Available)
Chapter 6 Figure 6-3
Source: Applegate, Lynda M., Robert D. Austin, and F. Warren McFarlan, Corporate Information Strategy and Management. Burr Ridge, IL: McGraw-Hill/Irwin, 2002.
Chapter 6 Figure 6-4
Redundancy Increases Overall Availability
98.0%
98.5%
99.0%
99.5%
100.0%
1 2 3 4 5 6 7 8 9 10
Number of Components In Parallel (each 98% available)
Av
ail
ab
ilit
y
Source: Applegate, Lynda M., Robert D. Austin, and F. Warren McFarlan, Corporate Information Strategy and Management. Burr Ridge, IL: McGraw-Hill/Irwin, 2002.
Availability Math High-Availability Facilities
Uninterruptible Electric Power Delivery Physical Security Climate Control and Fire Suppression Network Connectivity Help Desk and Incident Response Procedures
Availability Math N + 1 and N + N Redundancy
N+1 means that for each type of critical component there should be at least one unit standing by.
N+N redundancy requires twice as many mission-critical components as are necessary to run a facility at any one time.
Chapter 6 Figure 6-5
A Representative E-Commerce Infrastructure
Router
Firewall 1
Firewall 2
Switch
Web Server1
Web Server2
DatabaseServer
Disk Array
PolicyServer 1
PolicyServer 2
ApplicationServer 1
ApplicationServer 2
Internet
Source: Applegate, Lynda M., Robert D. Austin, and F. Warren McFarlan, Corporate Information Strategy and Management. Burr Ridge, IL: McGraw-Hill/Irwin, 2002.
Securing Infrastructure against Malicious Threats
External Attacks and Intrusion
External attacks are actions against computing infrastructure that harm it or degrade its services without actually gaining access to it. The most common is DOS or “Denial of Service”. A distributed DOS attacks use automated routines secretly deposited on Internet-connected computers. Spoofing is used by clever attackers to simulate a distributed attack by inserting false origin information into packets to mislead filtering software at a target site.
Intrusion occurs when an intruder gains access to a company’s internal IT infrastructure by a variety of methods.
Viruses and worms are malicious software programs that replicate, spreading themselves to other computers.
Securing Infrastructure Against Malicious Threats
Classification of Threats– External Attacks– Intrusion– Viruses and Worms
Defensive Measures– Firewalls– Security Policies– Authentication– Encryption– Patching and Change Management– Intrusion Detection and Network Monitoring
Chapter 6 Figure 6-6
Normal and DoS Handshakes
WebUser’s PC
WebsiteServer
WebsiteServer
WebUser’s PC
SYN: User’s PC says “hello”
ACK-SYN: Server says “Do you want to talk”
ACK: User’s PC says “Yes, let’s talk”
Normal Handshake
DoS Handshake
SYN: User’s PC says “hello” repeatedly
ACK-SYN: Server says “Do you want to talk” repeatedly
No Response: User’s PC waits for server to “timeout”
Source: Austin, Robert D. "The iPremier Company, The (A), (B), and (C): Denial of Service Attack." Harvard Business School Teaching Note 602-033.
Chapter 6 Figure 6-7
A Distributed Denial of Service Attack
Source: Austin, Robert D. "The iPremier Company, The (A), (B), and (C): Denial of Service Attack." Harvard Business School Teaching Note 602-033.
W ebsiteServer
Attacker 1
Attacker 3
Attacker 2
Attacker 5
Attacker 4
Attacker 6
Attacker 7
Attacker 8
Attack Leader
Attack Leader facilitates SYN floods from multiple sources.
Chapter 6 Figure 6-8
“Spoofing”
Source: Austin, Robert D. "The iPremier Company, The (A), (B), and (C): Denial of Service Attack." Harvard Business School Teaching Note 602-033.
A ttacker
A ddress: 12345
T arget
A ddress: 54321
Inform ation Packets
N orm al
“Spoofing”
90817 54321
5432112345
SenderA ddress
D estinationA ddress
Target server correctly interprets sender address
Target server incorrectly interprets sender address
Securing Infrastructure against Malicious ThreatsDefensive measures
Security Policies Firewalls Authentication Encryption Patching and Change Management Intrusion Detection and Network Monitoring
Securing Infrastructure against Malicious ThreatsA Security Management Framework
Make Deliberate Security Decisions Consider Security a Moving Target Practice Disciplined Change Management Educate Users Deploy Multilevel Technical Measures, as Many as You Can Afford
A Security Management Framework
Make Deliberate Security Decisions Consider Security a Moving Target Practice Disciplined Change Management Educate Users Deploy Multilevel Technical Measures, as many as
you can afford
Securing Infrastructure against Malicious ThreatsRisk Management of Availability and Security
Risk Management of Availability and Security
See Figure 6.9 Managing Infrastructure Risk p445 Incident Management and Disaster Recovery
– Managing incidents before they occur– Managing incidents when they occur– Managing incidents after they occur
M anaging Infrastructure R isks: C onsequences and P robabilities
C hapter 6 Figure 6 -9
Source: A pp legate, Lynda M ., R obert D . A ustin , and F. W arren M cFarlan , C orporate Inform ation Strategy and M anagem ent . Burr R idge, IL : M cG raw -H ill/Irw in, 2002.
H IG H
H igh C onsequence
Low Probability
H igh C onsequence
H igh P robab ility
C R ITIC A L
TH R E A TS
LOW
Low C onsequence
Low Probability
M IN O R
TH R E A TS
Low C onsequence
H igh P robab ility
Co
ns
eq
ue
nc
es
P R IO R IT IZE TH R E A TS
0 Probability 1
Securing Infrastructure against Malicious ThreatsIncident Management and Disaster Recovery
Managing Incidents before They Occur Managing during an Incident Managing after an Incident
Executive questions to access their own preparedness for the 21st century challenges
Go to page 448.
Recommended