Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 13 Business Continuity

Similar documents
After the Attack. Business Continuity. Planning and Testing Steps. Disaster Recovery. Business Impact Analysis (BIA) Succession Planning

Business Continuity and Disaster Recovery. Ed Crowley Ch 12

Certified Information Systems Auditor (CISA)

IT CONTINUITY, BACKUP AND RECOVERY POLICY

Introduction to Business continuity Planning

BME CLEARING s Business Continuity Policy

HP Designing and Implementing HP Enterprise Backup Solutions. Download Full Version :

High Availability and Disaster Recovery Solutions for Perforce

Module 4 STORAGE NETWORK BACKUP & RECOVERY

Specifications for WebDocs On-Demand

10 Reasons Why Your DR Plan Won t Work

In this unit we are going to review a set of computer protection measures also known as countermeasures.

Audit & Advisory Services. IT Disaster Recovery Audit 2015 Report Date January 28, 2015

An introductory guide to Disaster Recovery and how it can ultimately keep your company alive. A Publication of

DATA BACKUP AND RECOVERY POLICY

Disaster Recovery (DR) Planning with the Cloud Desktop

University Information Systems. Administrative Computing Services. Contingency Plan. Overview

High Availability through Warm-Standby Support in Sybase Replication Server A Whitepaper from Sybase, Inc.

Dude Solutions Business Continuity Overview

Aljex Software, Inc. Business Continuity & Disaster Recovery Plan. Last Updated: 1/30/2017.

DISASTER RECOVERY PRIMER

Achieving Rapid Data Recovery for IBM AIX Environments An Executive Overview of EchoStream for AIX

University Information Technology Data Backup and Recovery Policy

Information Storage and Management TM Volume 2 of 2 Student Guide. EMC Education Services

Rediffmail Enterprise High Availability Architecture

BUSINESS CONTINUITY: THE PROFIT SCENARIO

Disaster Recovery and Business Continuity

Protecting Microsoft Hyper-V 3.0 Environments with Arcserve

Business Continuity Plan Executive Overview

arcserve r16.5 Hybrid data protection

OL Connect Backup licenses

Financial CISM. Certified Information Security Manager (CISM) Download Full Version :

A CommVault White Paper: Business Continuity: Architecture Design Guide

Protecting VMware vsphere/esx Environments with CA ARCserve

NN CS 704 NEURONEXT NETWORK STANDARD OPERATING PROCEDURE FOR DATA BACKUP, RECOVERY, AND CONTINGENCY PLANS

Protecting VMware vsphere/esx Environments with Arcserve

INFORMATION SECURITY- DISASTER RECOVERY

DISASTER RECOVERY AND BUSINESS CONTINUITY PLANNING

Disk-Based Data Protection Architecture Comparisons

Information Systems. Data Protection Disaster recovery Backups

Wong Tze Chuan General Manager. Gadget Wearable Tech (M) Sdn Bhd

CANVAS DISASTER RECOVERY PLAN AND PROCEDURES

What's in this guide... 4 Documents related to NetBackup in highly available environments... 5

The Key to Disaster Recovery

Network Performance, Security and Reliability Assessment

TSM Paper Replicating TSM

3.3 Understanding Disk Fault Tolerance Windows May 15th, 2007

HYBRID CLOUD BACKUP & DISASTER RECOVERY

SAP HANA Disaster Recovery with Asynchronous Storage Replication

Contingency Planning and Disaster Recovery

Pro2SQL. OpenEdge Replication. for Data Reporting. for Disaster Recovery. March 2017 Greg White Sr. Progress Consultant Progress

Netapp Exam NS0-510 NCIE-Backup & Recovery Implementation Engineer Exam Version: 7.0 [ Total Questions: 216 ]

"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary

PowerVault MD3 Storage Array Enterprise % Availability

Continuity of Business

Disaster recovery planning for health care data and HIPAA compliance regulations

TUFTS HEALTH PLAN CORPORATE CONTINUITY STRATEGY

Disaster Recovery Solutions With Virtual Infrastructure: Implementation andbest Practices

Disaster Recovery Self-Audit

Roadmap to Availability

Business Resiliency in the Cloud: Reality or Hype?

Data Recovery Policy

White Paper. How to select a cloud disaster recovery method that meets your requirements.

What you need to know about cloud backup: your guide to cost, security, and flexibility. 8 common questions answered

A Practical Guide to Cost-Effective Disaster Recovery Planning

Oracle E-Business Availability Options. Solution Series for Oracle: 2 of 5

BUSINESS CONTINUITY PLAN Document Number: 100-P-01 v1.4

BUSINESS CONTINUITY. Topics covered in this checklist include: General Planning

Course Description. Audience. Prerequisites. At Course Completion

OUR CUSTOMER TERMS CLOUD SERVICES - INFRASTRUCTURE

WELCOME TO TIVOLI NOW!

High-Availability Practice of ZTE Cloud-Based Core Network

Disaster Recovery and Mitigation: Is your business prepared when disaster hits?

UF CEMP Support Group Annex: IT Group

ECE Engineering Robust Server Software. Spring 2018

Disaster Recovery Options

Maximum Availability Architecture: Overview. An Oracle White Paper July 2002

PlateSpin Forge Guide Book. IT Business Continuity Planning and Management with PlateSpin Forge

New England Data Camp v2.0 It is all about the data! Caregroup Healthcare System. Ayad Shammout Lead Technical DBA

Balancing RTO, RPO, and budget. Table of Contents. White Paper Seven steps to disaster recovery nirvana for wholesale distributors

InterSystems High Availability Solutions

COUNTY GOVERNMENT OF BUSIA P.O. PRIVATE BAG BUSIA, KENYA. Disaster Recovery & Business Continuity Plan for ICT Services

Welcome! Considering a Warm Disaster Recovery Site?

High Availability for Cisco Unified Communications on the Cisco Unified Computing System (UC on UCS)

Protecting Mission-Critical Application Environments The Top 5 Challenges and Solutions for Backup and Recovery

Business Continuity & Disaster Recovery

Disaster Recovery Planning: Is Your Plan in Place? Presented by: Steve Shofner, CISA, CGEIT

Chapter 1. Storage Concepts. CommVault Concepts & Design Strategies:

EA-ISP Business Continuity Management and Planning Policy

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 12 Contingency Planning

How Does Failover Affect Your SLA? How Does Failover Affect Your SLA?

Managed Service. Managed Services. High Availability / Disaster Recovery Solutions. Cloud and Hosting Solutions. Security Solutions.

Disaster Recovery Planning Blackout. Katrina

Aras Innovator 11. Backup and Recovery Procedures

Disaster Recovery Planning: Weighing your customer s options

Exploring Options for Virtualized Disaster Recovery. Ranganath GK Solution Architect 6 th Nov 2008

SOUTH AFRICAN LIBRARY FOR THE BLIND (SALB)

VMware Backup and Replication using Vembu VMBackup

Template. IT Disaster Recovery Planning: A Template

Designing Data Protection Strategies for Oracle Databases

Transcription:

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 13 Business Continuity

Objectives Define business continuity Describe the components of redundancy planning List disaster recovery procedures 2

Business Continuity Business continuity is the process of assessing risks and developing a management strategy to ensure that the organization business can continue if case of a disruptive event (electrical outage or as catastrophic as a hurricane). Business continuity management is concerned with developing a business continuity plan addressing how the organization can continue in the event that risks materialize. Business continuity is a critical element for all organizations However it remains sadly lacking. Many organizations are either unprepared or have not tested their plans. 3

Redundancy Planning One of the primary ways to ensure business continuity is to use redundancy planning Which involves building excess capacity in order to protect against failures Redundancy planning can involve redundancy for servers, storage, networks, power, and even sites 4

Servers A crash of a single server that supports a critical application can have a significant impact Single point of failure The loss of one entity would adversely affect the organization One common approach is for the organization to design the network infrastructure So that multiple servers are incorporated into the network yet appear to users and applications as a single computing resource 5

Servers (continued) Server cluster The combination of two or more servers that are interconnected to appear as one There are two types of server clusters: Asymmetric server cluster A standby server exists only to take over for another server in the event of its failure Symmetric server cluster Every server in the cluster performs useful work 6

Servers (continued) 7

Storage Mean time between failures (MTBF) Refers to the average (mean) time until a component fails, cannot be repaired, and must be replaced Calculating the MTBF involves taking the total time measured divided by the total number of failures observed Fault tolerance The ability to endure failures Prevents a single problem from escalating into a major failure Can often be achieved by maintaining redundancy 8

Storage (continued) A system of hard drives based on redundancy can be achieved through using a technology known as RAID RAID (Redundant Array of Independent Drives) Uses multiple hard disk drives for increased reliability and performance RAID, is a technology that provides increased storage functions and reliability through redundancy. This is achieved by combining multiple disk drive components into a logical unit, where data is distributed across the drives in one of several ways called RAID levels. 9

10

Networks Redundant network Waits in the background during normal operations Uses a replication scheme to keep its copy of the live network information current Virtually all network components can be duplicated to provide a redundant network In addition, some organizations contract with more than one Internet Service Provider (ISP) for remote connectivity 11

Power Uninterruptible power supply (UPS) A device that maintains power to equipment in the event of an interruption in the primary electrical power source Two primary types of UPS Off-line UPS On-line UPS UPS systems can also communicate with the network operating system on a server To ensure that an orderly shutdown occurs 12

Power (continued) A UPS can complete the following tasks: Send a message to the network administrator s computer, or page or telephone the network manager to indicate that the power has failed Notify all users that they must finish their work immediately and log off Prevent any new users from logging on Disconnect users and shut down the server Because a UPS can only supply power for a limited amount of time, some organizations turn to using a backup generator to create power Security+ Guide to Network Security Fundamentals 13

Sites Redundancy can also be planned for the entire site itself Hot site Generally run by a commercial disaster recovery service Allows a business to continue computer and network operations to maintain business continuity Cold site Provides office space but the customer must provide and install all the equipment needed to continue operations 14

Sites (continued) Warm site Has all of the equipment installed but does not have active Internet or telecommunications facilities, and does not have current backups of data 15

Disaster Recovery Procedures Disaster recovery Procedures and processes for restoring an organization s IT operations following a disaster Focuses on restoring computing and technology resources to their former state Disaster recovery procedures include planning, disaster exercises, and performing data backups 16

Planning Disaster recovery plan (DRP) A written document that details the process for restoring IT resources Following an event that causes a significant disruption in service Comprehensive in its scope, a DRP is intended to be a detailed document that is updated regularly All disaster recovery plans are different 17

Planning (continued) 18

Planning (continued) Most disaster recovery plans address the common features included in the following typical outline: Unit 1: Purpose and Scope Unit 2: Recovery Team Unit 3: Preparing for a Disaster Unit 4: Emergency Procedures Unit 5: Restoration Procedures It is important that a good DRP contains sufficient detail 19

Planning (continued) 20

Disaster Exercises Disaster exercises are designed to test the effectiveness of the DRP Objectives of these disaster exercises: Test the efficiency of interdepartmental planning and coordination in managing a disaster Test current procedures of the DRP Determine the strengths and weaknesses in responses 21

Data Backups Data backup Information copied to a different medium and stored at an offsite location so that it can be used in the event of a disaster Five basic questions that should be answered: What information should be backed up? How often should it be backed up? What media should be used? Where should the backup be stored? What hardware or software should be used? 22

Data Backups (continued) Backup software can internally designate which files have already been backed up By setting an archive bit in the properties of the file Backing up to magnetic tape has been the mainstay of data backups for over 30 years Grandfather-father-son backup system Divides backups into three sets: a daily backup (son), a weekly backup (father), and a monthly backup (grandfather) 23

24

Data Backups (continued) 25

26

Data Backups (continued) Recovery point objective (RPO) The maximum length of time that an organization can tolerate between backups Recovery time objective (RTO) The length of time it will take to recover the data that has been backed up An alternative to using magnetic tape is to back up to magnetic disk Such as a large hard drive or RAID configuration This is known as disk to disk (D2D) 27

Data Backups (continued) D2D offers better RPO than tape However, as with any hard drive, the D2D drive may be subject to failure or data corruption Disk to disk to tape (D2D2T) Combines the best of magnetic tape and magnetic disk Uses the magnetic disk as a temporary storage area Continuous data protection (CDP) Performs continuous data backups that can be restored immediately 28

Data Backups (continued) 29

Data Backups (continued) 30

Summary One method for ensuring business continuity is to use redundancy planning Power redundancy can be attained by using an uninterruptible power supply (UPS) Disaster recovery is defined as the procedures and processes for restoring an organization s IT operations following a disaster 31

Resources http://en.wikipedia.org/wiki/raid http://www.techwench.com/raid-5-one-level-abovedata-recovery/# 32

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback