“Assuring Reliable and Secure IT Services”. IT Redundancy: Its Value How much reliability to buy? Customer Service impacted as a result of 15 minutes

“Assuring Reliable and Secure IT Services”

IT Redundancy: Its Value

How much reliability to buy? Customer Service impacted as a result of 15

minutes downtime? Privacy? Security? Normal Accidents?

Retool Your Data Center

Transforming a data center for e-business is almost like rebuilding a 747 while it's flying.

"The real challenge is to provide continuous application availability while changing everything around you."

The most fundamental way to ease the transition is to get a better understanding of your business model, customer needs and how applications interact with one another in a Web-enabled world.

Have an architecture that lets administrators add, remove, test or repair hardware and software - without taking down the complex.

CSPA

ProblemMgmt.

ChangeMgmt. Asset

Mgmt.

System& NetworkSecurity

VersionReleaseMgmt. Software

Distribution

Perform. Monitoring/CapacityPlanning Job

Scheduling

NetworkMgmt.

UserSecurity Access

Event Monitoring

ConsoleMgmt. Disk

Mgmt.

Data(Storage)

Mgmt. DisasterRecovery

Manageable

Serviceable

Reliable

Available

Availability Math

Availability of Components in Series The effect of Redundancy on Availability High Availability Facilities N+1 And N+N Redundancy

Availability Math The Availability of Components in the Series

C h a p t e r 6 F i g u r e 6 - 1

F i v e C o m p o n e n t s i n S e r i e s ( e a c h 9 8 % A v a i l a b l e )

C o m p o n e n t 1

9 8 %a v a i l a b i l i t y

C o m p o n e n t 2


C o m p o n e n t 3


C o m p o n e n t 4


C o m p o n e n t 5


. 9 8 x . 9 8 x . 9 8 x . 9 8 x . 9 8 = s e r v i c e a v a i l a b i l i t y o f 9 0 %

S o u r c e : A p p l e g a t e , L y n d a M . , R o b e r t D . A u s t i n , a n d F . W a r r e n M c F a r l a n , C o r p o r a t e I n f o r m a t i o n S t r a t e g y a n d M a n a g e m e n t . B u r r R i d g e , I L : M c G r a w - H i l l / I r w i n , 2 0 0 2 .

Chapter 6 Figure 6-2

Combining Components in Series Decreases Overall Availability

0%

10%

20%

30%

40%

50%

60%

70%

80%

90%

100%

Number of Components In Series (each 98% available)

Av

ail

ab

ilit

y

Source: Applegate, Lynda M., Robert D. Austin, and F. Warren McFarlan, Corporate Information Strategy and Management. Burr Ridge, IL: McGraw-Hill/Irwin, 2002.

Availability Math The Effects of Redundancy on Availability

Five Components in Parallel (each 98% Available)




Redundancy Increases Overall Availability

98.0%

98.5%

99.0%

99.5%

100.0%

1 2 3 4 5 6 7 8 9 10

Number of Components In Parallel (each 98% available)

Av

ail

ab

ilit

y


Availability Math High-Availability Facilities

Uninterruptible Electric Power Delivery Physical Security Climate Control and Fire Suppression Network Connectivity Help Desk and Incident Response Procedures

Availability Math N + 1 and N + N Redundancy

N+1 means that for each type of critical component there should be at least one unit standing by.

N+N redundancy requires twice as many mission-critical components as are necessary to run a facility at any one time.


A Representative E-Commerce Infrastructure

Router

Firewall 1

Firewall 2

Switch

Web Server1

Web Server2

DatabaseServer

Disk Array

PolicyServer 1

PolicyServer 2

ApplicationServer 1

ApplicationServer 2

Internet


Securing Infrastructure against Malicious Threats

External Attacks and Intrusion

External attacks are actions against computing infrastructure that harm it or degrade its services without actually gaining access to it. The most common is DOS or “Denial of Service”. A distributed DOS attacks use automated routines secretly deposited on Internet-connected computers. Spoofing is used by clever attackers to simulate a distributed attack by inserting false origin information into packets to mislead filtering software at a target site.

Intrusion occurs when an intruder gains access to a company’s internal IT infrastructure by a variety of methods.

Viruses and worms are malicious software programs that replicate, spreading themselves to other computers.

Securing Infrastructure Against Malicious Threats

Classification of Threats– External Attacks– Intrusion– Viruses and Worms

Defensive Measures– Firewalls– Security Policies– Authentication– Encryption– Patching and Change Management– Intrusion Detection and Network Monitoring


Normal and DoS Handshakes

WebUser’s PC

WebsiteServer

WebsiteServer

WebUser’s PC

SYN: User’s PC says “hello”

ACK-SYN: Server says “Do you want to talk”

ACK: User’s PC says “Yes, let’s talk”

Normal Handshake

DoS Handshake

SYN: User’s PC says “hello” repeatedly

ACK-SYN: Server says “Do you want to talk” repeatedly

No Response: User’s PC waits for server to “timeout”

Source: Austin, Robert D. "The iPremier Company, The (A), (B), and (C): Denial of Service Attack." Harvard Business School Teaching Note 602-033.


A Distributed Denial of Service Attack


W ebsiteServer

Attacker 1

Attacker 3

Attacker 2

Attacker 5

Attacker 4

Attacker 6

Attacker 7

Attacker 8

Attack Leader

Attack Leader facilitates SYN floods from multiple sources.


“Spoofing”


A ttacker

A ddress: 12345

T arget

A ddress: 54321

Inform ation Packets

N orm al

“Spoofing”

90817 54321

5432112345

SenderA ddress

D estinationA ddress

Target server correctly interprets sender address

Target server incorrectly interprets sender address

Securing Infrastructure against Malicious ThreatsDefensive measures

Security Policies Firewalls Authentication Encryption Patching and Change Management Intrusion Detection and Network Monitoring

Securing Infrastructure against Malicious ThreatsA Security Management Framework

Make Deliberate Security Decisions Consider Security a Moving Target Practice Disciplined Change Management Educate Users Deploy Multilevel Technical Measures, as Many as You Can Afford

A Security Management Framework

Make Deliberate Security Decisions Consider Security a Moving Target Practice Disciplined Change Management Educate Users Deploy Multilevel Technical Measures, as many as

you can afford

Securing Infrastructure against Malicious ThreatsRisk Management of Availability and Security

Risk Management of Availability and Security

See Figure 6.9 Managing Infrastructure Risk p445 Incident Management and Disaster Recovery

– Managing incidents before they occur– Managing incidents when they occur– Managing incidents after they occur

M anaging Infrastructure R isks: C onsequences and P robabilities

C hapter 6 Figure 6 -9

Source: A pp legate, Lynda M ., R obert D . A ustin , and F. W arren M cFarlan , C orporate Inform ation Strategy and M anagem ent . Burr R idge, IL : M cG raw -H ill/Irw in, 2002.

H IG H

H igh C onsequence

Low Probability

H igh C onsequence

H igh P robab ility

C R ITIC A L

TH R E A TS

LOW

Low C onsequence

Low Probability

M IN O R

TH R E A TS

Low C onsequence

H igh P robab ility

Co

ns

eq

ue

nc

es

P R IO R IT IZE TH R E A TS

0 Probability 1

Securing Infrastructure against Malicious ThreatsIncident Management and Disaster Recovery

Managing Incidents before They Occur Managing during an Incident Managing after an Incident

Executive questions to access their own preparedness for the 21st century challenges

Go to page 448.

Documents

“Assuring Reliable and Secure IT Services”. IT Redundancy: Its Value How much reliability to buy? Customer Service impacted as a result of 15 minutes