BLOGGERSGROUP MEMBERS:

FARIDAH MOHD AMINNORLIN ABDULLAHNURAFIQAH ZARIRCHAI YU HUISIOW WEE LOWIT STRATEGY (MRB2113)

Redundancy and Availability Math High-Availability FacilitiesSecuring Infrastructure Against Malicious ThreatsRisk ManagementIncident Management and Disaster Recovery

KEY

POINTS

The reliability of processing systems depends on how they are designed and managed.The inherent reliability of internetworks is due to US Department of Defense research that led to technologies robust enough to withstand a military attack. The key to this inherent liability is redundancy

Redundancy: The exceptionally large number of potential paths a message can take between any two points in a network.Redundancy will cause more equipment to be purchased and it will incurred more budget.Some costs of failures are intangible and difficult to identify.

e.g: Tangible factors; How costly is a15-minute failure of the order management system?Redundant systems are more complex and difficult to manage than non-redundant systems.Technologies to assure 24x7 operations get better all the time.

High availability - service implementation that ensures a prearranged level of operational performance will be met during a contractual measurement period.Users want their systems, for example hospitals, production computers, and the electrical grid to be ready to serve at all times.

Uninterruptible Electric Power DeliveryPhysical SecurityClimate Control & Fire SuppressionNetwork ConnectivityHelp Desk & Incident Response ProceduresN+1 and N+N RedundancyHIGH-AVAILABILITY FACILITIES6

KEY

POINTs

HIGH-AVAILABILITY FACILITIESUninterruptible Electric Power Delivery Redundant power is provided to each piece of computing equipment housed - e power cables for each computer.

Power distribution inside the facility is fully redundant and includes uninterruptible power supplies (UPSs) to maintain power even if power delivery to the facility is interrupted. UPSs can employ battery less, flywheel-based technologies.

Connections to outside sources of power are redundantfacilities access 2 utility power grids.

1)

Physical Security

Security guards in bulletproof enclaves protect points of entry and patrol facilities regularly.

Closed-circuit TV monitors critical infrastructure and provides immediate visibility into any area of the facility from a security desk.

Access to internal area requires photo ID and presence on a prearranged list.

Entry is through single-person buffer zone with integrated metal and explosive detection that can be locked down.

HIGH-AVAILABILITY FACILITIES2)

Climate Control and Fire Suppression

Redundant heating, ventilating, and air-conditioning equipment that monitors and maintains suitable temperature conditions.

Mobile cooling units.

Integrated fire suppression systems.

3)

Network Connectivity- External connections to Internet backbone providers are redundant, involving at least 2 backbone providers, and enter the building through separate points.- A 24X7 network operations center (NOC) is staffed with network engineers who monitor the connectivity infrastructure of the facility.- A redundant NOC on another site is capable of delivering services of equal quality as those provided by the primary NOC.- 24X7 assistance to customers. Automated problem-tracking systems are integrated with similar systems at service delivery partner sites.4)

Help Desk & Incident Response Procedures5)

N + 1 and N + N Redundancy

N +1 level of redundancy (99.9%) is the least level that must be maintained for mission-critical components.

N + N redundancy (99.999) - twice as many mission-critical components as are necessary to run a facility.

Level 1 data centersN + 1 redundancy, are available 99 - 99.9% of the time.Level 2 and 3 data centersmore.Level 4 data centersN + N or better, achieving uptimes of 99.999 - 99.9999.

High levels of availability are costly.

Increasing the availability of a single web site from 99% to 99.999% costs millions of dollars.

Management decisions about the design of IT infrastructures involve tradeoffs between availability and the expense of additional components.

6)

Securing Infrastructure Against Malicious Threats

Chart1

46

54

Percentage

Sheet1

Percentage

Suffered security incident in 12 months46

Not Suffered security incident in 12 months54

To resize chart data range, drag lower right corner of range.

Security PoliciesFirewallsAuthenticationEncryption

One method of prioritizing is expected loss Managers attitudes toward risk could be complicatedDifficult to predict intangible costsNot all risks can be countered with well-defined management actions

Managing Incidents before They Occur:Sound Infrastructure DesignDisciplined execution of operating proceduresCareful documentationEstablished crisis management proceduresRehearsing incident response

Psychological obstacles of human decision makers:

Emotional responsesWishful thinking & groupthinkPolitical maneuvering, diving for cover & ducking responsibilityLeaping to conclusions and blindness to evidence that contradicts current beliefs

Sometimes, manager are reluctant to admit the seriousness of a problem because they do not want to take actions that communicate to others (customers, the public) that a serious incident has occurred- Public Relations Inhibition

Erasing or rebuilding parts of infrastructure after the incidentIf configurations & procedures have been carefully documented in advance, recovery can happen swiftlyIf records are not exact, a rebuild can result in lost functionality (problem solved earlier may reappear)

To avoid future incidents of the same type, managers need to understand and figure out exactly what caused an incident is sometimes difficult

It is essential to communicate the seriousness with which a company protects the information entrusted to it

The challenges of keeping real-time infrastructures always operational are formidable and evolvingManagement actions and frameworks will improve the chances of success if it applied with discipline and effortThe economic consequences of ignoring or failing to take effective action in these areas may be dire indeed