Presentation is loading. Please wait.

Presentation is loading. Please wait.

CEG 2400 FALL 2012 Chapter 14 Ensuring Integrity and Availability 1Ensuring Integrity and Availability.

Published byAnis Woods Modified over 8 years ago

Similar presentations

Presentation on theme: "CEG 2400 FALL 2012 Chapter 14 Ensuring Integrity and Availability 1Ensuring Integrity and Availability."— Presentation transcript:

1 CEG 2400 FALL 2012 Chapter 14 Ensuring Integrity and Availability 1Ensuring Integrity and Availability

2 What Are Integrity and Availability? Integrity –Soundness of network’s programs, data, services, devices, connections Availability –How consistently and reliably a file or system can be accessed Uptime –Measure of time functioning normally between failures –Often expressed as percent uptime 2Ensuring Integrity and Availability

3 What Are Integrity and Availability? Integrity and availability are compromised by: –Security breaches –Natural disasters –Malicious intruders –Power flaws –Human error 3Ensuring Integrity and Availability

4 Malware Malicious software Program designed to intrude upon or harm a system or resources –Examples: viruses, Trojan horses, worms, bots Virus –Replicating program intent to infect more computers –Copied to system without user knowledge Trojan horse (Trojan) –Program that disguises itself as something useful 4Ensuring Integrity and Availability

5 Malware Types Malware categorized by location and propagation method –Boot sector viruses –Macro viruses –File-infector viruses –Worms –Trojan horses –Network viruses –Bots 5Ensuring Integrity and Availability

6 Malware Characteristics Malware characteristics –Encryption –Stealth – hidden or disguised –Polymorphism - change characteristics every time –Time dependence - programs designed to start when certain conditions met Malware can exhibit more than one characteristic 6Ensuring Integrity and Availability

7 Malware Malware leaves evidence –Some detectable only by anti-malware software –User symptoms Unexplained file size increases Significant, unexplained system performance decline Unusual error messages Significant, unexpected system memory loss Periodic, unexpected rebooting Malware often discovered after damage done 7Ensuring Integrity and Availability

8 Fault Tolerance Capacity for system to continue performing despite unexpected hardware, software malfunction Fault –Malfunction of one system component Degrees of fault tolerance –Highest level System remains unaffected by most drastic problem Fault-tolerant system goal –Prevent faults from progressing to failures 8Ensuring Integrity and Availability

9 Environment Consider network device environment Protect devices from: –Excessive heat, moisture –Break-ins –Natural disasters 9Ensuring Integrity and Availability

10 Power Problems Types of power flaws that create damage –Surge Momentary increase in voltage –Noise Fluctuation in voltage levels –Brownout Momentary voltage decrease –Blackout Complete power loss Solution –Alternate power sources 10Ensuring Integrity and Availability

11 Power - UPS Uninterruptible power supplies (UPSs) –Battery-operated power source –Directly attached to one or more devices –Attached to a power supply UPS categories –Standby –Online Factors to consider when choosing UPS –Amount of power needed –Period of time to keep device running –Cost 11Ensuring Integrity and Availability

12 12 Standby and online UPSs Ensuring Integrity and Availability

13 Power - Generator Generators –Powered by diesel, liquid propane, gas, natural gas, or steam –Do not provide surge protection –Used in highly available environments Generator choice –Calculate organization’s crucial electrical demands –Determine generator’s optimal size 13Ensuring Integrity and Availability

14 14 UPSs and a generator in a network design Ensuring Integrity and Availability

15 Network Design Supply multiple paths for data to travel Topology –LAN: star topology and parallel backbone provide greatest fault tolerance –WAN: full-mesh topology –SONET technology: Uses two fiber rings for every connection 15Ensuring Integrity and Availability

16 16 Full-mesh WAN Ensuring Integrity and Availability

17 Network Design Possible solutions: supply duplicate connection –Two critical links –Use different service carriers –Use two different routes Critical data transactions follow more than one path Network redundancy advantages –Reduces network fault risk Disadvantage: cost 17Ensuring Integrity and Availability

18 Network Design Scenario - Integrity and Availability –Devices connect one LAN, WAN segment to another Experience a fault 1.VPN agreement with national ISP 2.Two T1 connections 18 Single T1 connectivity Ensuring Integrity and Availability

19 19 VPNs linking multiple customers Ensuring Integrity and Availability

20 20 Fully redundant T1 connectivity Ensuring Integrity and Availability

21 Network Design Integrity and Availability Failover capable or hot swappable components –Desired for switches or routers supporting critical links Link aggregation (bonding) –Combination of multiple network interfaces to act as one logical interface –Example: NIC teaming Load balancing –Automatic traffic distribution over multiple components or links 21Ensuring Integrity and Availability

22 22 Link aggregation between a switch and server Ensuring Integrity and Availability

23 Network Design Integrity and Availability of DNS –Failure causes nearly all traffic to come to a halt DNS can point to redundant locations for each host name –Round-robin DNS –Load balancer Also can have DNS caching servers –Allows local name resolution –Faster performance –Reduces burden on master name server 23Ensuring Integrity and Availability

24 24 Redundant name servers Ensuring Integrity and Availability

25 Data Backup Backup –Copies of data or program files –Store off site Without backup: risk losing everything Many backup options available –Performed by different software and hardware and can use different storage media types Can be controlled by NOS utilities, third-party software 25Ensuring Integrity and Availability

26 Backup Media and Methods Optical media –Uses laser to write data, read data –Examples: CDs, DVDs, Blu-rays Backup requirements –Recordable CD or DVD drive, software utility –Disadvantage: Writing data takes longer than other media Tape Media, backups requirements –Tape drive connected to network –Management software –Backup media (tape) 26Ensuring Integrity and Availability

27 Backup Media and Methods External disk drives (removable disk drives) –Storage device attached temporarily to computer USB, PCMCIA, FireWire, CompactFlash port Small network tape backups –Stand-alone tape drives attached to each server Large network tape backups –One large, centralized tape backup device Extremely large environments –Robots retrieve, circulate tapes from tape storage library 27Ensuring Integrity and Availability

28 Backup Media and Methods Network backups –Save data to another place on network –Different server, another WAN location –Use SAN, NAS storage device Online backup (cloud backup) –Saves data to another company’s storage array using Internet –Evaluate online back up provider Test speed, accuracy, security, recovery 28Ensuring Integrity and Availability

29 Backup Strategy Determine best backup rotation scheme –Plan specifies when and how often backups occur –Goal Provide excellent data reliability without overtaxing network, requiring intervention Full backup –All data copied Incremental backup –Copy data changed since last full, incremental backup Differential backup –Copy only data changed since last backup 29Ensuring Integrity and Availability

30 Backup Strategy Grandfather-Father-Son strategy Daily (son) incremental Weekly (father) full Monthly (grandfather) full Ensure backup activity recorded in backup log –Backup date –Media identification –Type of backup –Files backed up –Backup location Establish regular verification schedule –Attempt to recover files periodically 30Ensuring Integrity and Availability

31 31 The Grandfather-Father-Son backup rotation scheme Ensuring Integrity and Availability

32 Disaster Recovery Disaster recovery –Restoring critical functionality and data after enterprise-wide outage Affecting more than a single system, limited group Consider possible extremes –Not minor outages, failures, security breaches, data corruption 32Ensuring Integrity and Availability

33 Disaster Recovery Planning Account for worst-case scenarios Identify disaster recovery team Provide contingency plans –Restore and replace: Computer systems Power Telephony systems Paper-based files Have plan as a document Goal: Lessen risk of critical data loss 33Ensuring Integrity and Availability

34 Disaster Recovery Possibilities Sites at another location Cold site –Components necessary to rebuild network –Not appropriately configured, updated, or connected Warm site –Components necessary to rebuild network –Some appropriately configured, updated, and connected Hot site –Components exist and match network’s current state –All appropriately configured, updated, and connected –Not necessary near by 34Ensuring Integrity and Availability

35 Summary Integrity and availability: important concepts Malware Fault tolerance allows system to continue performing despite unexpected malfunction Various types of backup power Backup strategies Disaster recovery 35Ensuring Integrity and Availability

36 Misc 20 notorious worms, viruses and botnets –http://www.networkworld.com/slideshow/72275/20- notorious-worms-viruses-and- botnets.html?source=NWWNLE_nlt_daily_pm_2012- 11-01http://www.networkworld.com/slideshow/72275/20- notorious-worms-viruses-and- botnets.html?source=NWWNLE_nlt_daily_pm_2012- 11-01 Baddest Botnets of 2012 –http://www.networkworld.com/slideshow/70773/badde st-botnets-of- 2012.html?source=NWWNLE_nlt_security_2012-10- 24 36Ensuring Integrity and Availability

37 End of Chapter 14 Questions 37Ensuring Integrity and Availability

Download ppt "CEG 2400 FALL 2012 Chapter 14 Ensuring Integrity and Availability 1Ensuring Integrity and Availability."

Similar presentations

Chapter 3: Planning a Network Upgrade

Chapter 3: Planning a Network Upgrade
A new standard in Enterprise File Backup. Contents 1.Comparison with current backup methods 2.Introducing Snapshot EFB 3.Snapshot EFB features 4.Organization.

A new standard in Enterprise File Backup. Contents 1.Comparison with current backup methods 2.Introducing Snapshot EFB 3.Snapshot EFB features 4.Organization.
Network+ Guide to Networks 5th Edition

Network+ Guide to Networks 5th Edition
Backup Strategy. An Exam question will ask you to describe a backup strategy. Be able to explain: Safe, secure place in different location. Why? – For.

Backup Strategy. An Exam question will ask you to describe a backup strategy. Be able to explain: Safe, secure place in different location. Why? – For.
1 COMPUTER SECURITY AND ETHICS Chapter Five. Computer Security Risks 2.

1 COMPUTER SECURITY AND ETHICS Chapter Five. Computer Security Risks 2.
Chapter 5: Server Hardware and Availability. Hardware Reliability and LAN The more reliable a component, the more expensive it is. Server hardware is.

Chapter 5: Server Hardware and Availability. Hardware Reliability and LAN The more reliable a component, the more expensive it is. Server hardware is.
11 BACKING UP AND RESTORING DATA Chapter 4. Chapter 4: BACKING UP AND RESTORING DATA2 CHAPTER OVERVIEW Describe the various types of hardware used to.

11 BACKING UP AND RESTORING DATA Chapter 4. Chapter 4: BACKING UP AND RESTORING DATA2 CHAPTER OVERVIEW Describe the various types of hardware used to.
Chapter Thirteen Maintaining and Upgrading a Network.

Chapter Thirteen Maintaining and Upgrading a Network.
Network+ Guide to Networks 6th Edition

Network+ Guide to Networks 6th Edition
Network+ Guide to Networks, Fourth Edition

Network+ Guide to Networks, Fourth Edition
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Lesson 11 – NETWORK DISASTER RECOVERY Disaster recovery plans Network backup and restoration OVERVIEW.

Lesson 11 – NETWORK DISASTER RECOVERY Disaster recovery plans Network backup and restoration OVERVIEW.
Processing Integrity and Availability Controls

Processing Integrity and Availability Controls
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 5: User Environment and Multiple Languages.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 5: User Environment and Multiple Languages.
1 Lesson 3 Computer Protection Computer Literacy BASICS: A Comprehensive Guide to IC 3, 3 rd Edition Morrison / Wells.

1 Lesson 3 Computer Protection Computer Literacy BASICS: A Comprehensive Guide to IC 3, 3 rd Edition Morrison / Wells.
®® Microsoft Windows 7 for Power Users Tutorial 10 Backing Up and Restoring Files.

®® Microsoft Windows 7 for Power Users Tutorial 10 Backing Up and Restoring Files.
Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.
Term 2, 2011 Week 3. CONTENTS Network security Security threats – Accidental threats – Deliberate threats – Power surge Usernames and passwords Firewalls.

Term 2, 2011 Week 3. CONTENTS Network security Security threats – Accidental threats – Deliberate threats – Power surge Usernames and passwords Firewalls.
Copyright © 2015 Pearson Education, Inc. Processing Integrity and Availability Controls Chapter 10 10-1.

Copyright © 2015 Pearson Education, Inc. Processing Integrity and Availability Controls Chapter
November 2009 Network Disaster Recovery October 2014.

November 2009 Network Disaster Recovery October 2014.

Similar presentations

Ads by Google