You are here: UK Essays » Essays » Information Technology » Network Management Hardware

Cookie Information

Privacy Information

Network Management Hardware

(a)There exist a wide variety of Network Management tools that benefit the Network Managers. Few of them are listed below:

(i)Security and Protection: Ensuring that Network is protected from malicious and unauthorized users

(ii)Performance and Speed: Removing any problems and bottlenecks from the network

(iii)Reliability and Robustness: Ensuring that the network is available to all users and overcome any hardware and software malfunctions.

Three different scenarios where we need the Network Management tools are:

Scenario 1: If one or more components of Network fails e.g. if the Router which is part of the network fails then this made lead to congestion in the network

Scenario 2: If the security of the network has been compromised e.g. Hacker or attack by malicious user will result in the network rendered as useless

Scenario 3: Traffic levels exceed a certain threshold on a link, causing packets to drop e.g. launching a DoS attack by flooding the network and channel cannot withstand any more packets

(b)SMI is acronym for Structure of Management Information. It's a data-definition language used to define the pieces of information in a SNMP MIB. SMI is part of ASN.1 (Abstract syntax notation One), which is primarily used in Simple Network Management Protocol SNMP. It names objects, defines the type of data that can be stored in objects and how data can be encoded for transmission over network. The three parts of SMI are as illustrated by RFC 1901 (Jan 1996) are as follows:

• Module definitions are used when describing information modules. An ASN .1 macro, MODULE-IDENTITY, is used to precisely convey the actual meaning of an information module.

• Object definitions are there to describe managed objects. An ASN.1 macro, OBJECT-TYPE, is used to concisely convey the syntax and semantics of a managed object.

• Notification definitions are used when describing unsolicited transmissions of management information. An ASN.1 macro, NOTIFICATION-TYPE, is used to concisely convey the syntax and semantics of a notification.

TASK 2

(a)Four advantages of using Universal Data gram Protocol (UDP) as transport layer protocol over TCP. Hypothetical situations where the protocol would be preferred over TCP would the following characteristics:

• Messages that require no acknowledgement

• Messages between hosts are sporadic or irregular

• Reliability is implemented at the process level

1.Fast: Universal Data gram Protocol is faster because there is no overhead of checking of the packet has actually arrived.

2.Connectionless Protocol: Establishing a connection is not required before sending data. It includes the full message

3.Stateless Protocol: in this type of protocol both client and the server system have no compulsion to keep track of the status of the communication session. The main advantages are lower operating cost and a degree of segregation between the client and the server. Connectionless protocols are characteristically stateless as well.

4.Unreliable Protocol: does not require that the receiving host to acknowledge each transmission.

(b)Three application layer protocols that employ UDP as transport layer protocol are:

(i)Real-Time Transfer Protocol RTP: The Real-Time Transport Protocol (RTP) is an Internet protocol standard that details a way for programs to manage the real-time transmission of multimedia data over either unicast or multicast network services. Applications generally run RTP on top of UDP to make use of its multiplexing and checksum services Monitoring allows the receiver to sense if there is any packet loss and to compensate for any delay jitter. RTP works independently of the underlying Transport layer and Network layer protocols. Information in the RTP header informs the receiver how to restructure the data and expresses how the codec bit streams are packetized. RTP runs on top of the User Data gram Protocol (UDP), although it can use other transport protocols.

(ii)Simple Network Management Protocol SNMP: SNMP uses UDP so there is no need to maintain connections between the SNMP manager and each and every agent which in turn lowers the overhead cost. As the communication protocol consists mainly of a request for data and a reply containing the requested data, UDPs lack of reliability issued is resolved by SNMP by re-sending a request if no response is received within a certain period of time.

(iii)Network Time Protocol NTP: A network time service is one of the simplest possible Internet applications. It returns the actual time as a 32-bit value, giving the number of seconds that have elapsed since midnight on 1st January 1900. Time servers use the well-known port number 37. When the client opens UDP port 37 on the server, the server responds by sending four bytes of time information. For such a simple transaction UDP is perfectly adequate, though as it happens many time servers do support connections using TCP as well.UDP is the most suitable protocol for real-time applications like this, and others like audio, video and network gaming (Todd Lammle, 2007:637)

(c) It is quite controversial for UDP to run multimedia applications because of lack of any form of congestion control. UDP lacks any type of congestion control. But congestion control is required to avoid the network from entering a congestion in which every task is jammed and nothing useful can be performed. Mahadavi (July 2001) suggests that if everybody at the same time were to start streaming high bit-rate video without using any congestion control, there would be so much packet overflow at routers that no one would see anything. Need of proper congestion control in UDP is a potentially serious problem. Researchers have anticipated new systems to compel all sources, including UDP sources, to perform adaptive congestion control

(d) Li, Min et al (IEEE International Conference 2-4 Nov. 2007:580) suggests an adaptive method or algorithm which is based on Packet Loss Rate another one is based on Round Trip Time (RTT). AAOWDCP acronym for Algorithm of adaptive one-way delay congestion prediction as the name suggests the algorithm can shorten the time interval of congestion feedback to substantial extend and helps in real time performance of congestion prediction. Simulation is done using NS simulator one is based on Packet Loss Rate and the second one is based on Round-trip time RTT

TASK 3

(a)

Client Server

DHCP DISCOVER

DHCP OFFER

DHCP REQUEST

DHCP ACKNOWLEDGE

Figure 1: Client to send request to obtain IP Address from DHCP Server

• S. Keshav and R. Sharma in their paper Issues and trends in router design Department of Computer Science, Cornell University stated FOUR major components of Router are:

• Input ports: is the point of attachment for a physical contact and packets enter through this port. Ports are attached on to the line cards, which typically support 4,8 or 16 pin ports.

• Switching Fabric: It connects the input port with output port. Routers are classified as input-queued or output queued depending on the relative speed of the input ports and the switching fabric. If the switching fabrics bandwidth is greater than total of bandwidths of input ports then packets are queued only at the outputs and this kind of router is called output-queued router. On the other hand if the queues build up at the input port then router is known as input-queued router

• Output ports: it stores the packets and schedules them to be transferred on to an output link

• Router processor: enables the routing protocols and creates a forwarding table used for packet forwarding, route calculation, maintenance of routing table and execution of routing protocols

Since router is hardwired device it consists of a motherboard that consists of some internal elements like CPU, Memory. Some of the internal elements of routers are:

Read Only Memory (ROM)

Flash

Random Access Memory (RAM)

Non-Volatile Random Access Memory (NVRAM)

Interfaces

ROM: The Read Only Memory include microcode for basic functions. It is basically a firmware unit and consists of built-in software. ROM consists of four major components. To check the status of ROM and its components the command is "show version". The main components are:

POST, BOOTSTRAP, MiniIOS, ROM Monitor

Flash: is a type of memory used to inherent the compressed file image of the IOS. Generally there is only one file residing in the flash of the router. The size of the flash varies according to the series and model of the router. It can range from 8 to 64 MB size. For booting, bootstrap loader loads the IOS from flash.

RAM: The Random Access Memory is the volatile or erasable memory used for temporary storage. Routers performance depends on the RAM. The IOS file is loaded in RAM. It is also known as running configuration.

NVRAM: The Non Volatile Random Access Memory is the saved configuration that loads during the start-up process of the router. That's why it is also known as startup configuration. It is a non-volatile type of memory that works in same manner as the secondary memory of the computer.

Interfaces: Router is just like a connection point that could have several interfaces. Each interface connects with a different network and router sends the data traffic of these networks through its interface. Each interface has its own specific configuration e.g. logical addressing. There are multiple types of interfaces accessible on the routers such as Ethernet AUI interfaces for LAN while synchronous serial interfaces and asynchronous interfaces for WAN connections.

(c)

Structure of IPv 6 Data gram

32 bits

Figure 2

IPv 4

Figure 3

Two advantages of IPv6 over IPv4

• Address field of IPv6 is 128 bits long while the address field of IPv4 is 32 bits in length. In this regard IPv6 offers a very large i.e. 296 address space as compared to IPv4

• Better header format: the header of IPv6 has been designed in a way to speed-up the routing process. In r of IPv6 header the options are separate from the header base.

TASK 4

WEP Vs WPA

Networks have been around for many years and with the advent of broadband Internet connections they are in every home and office. It ranges from simple LANs where two computers connected with Ethernet cable to Wireless networking. Security in Internet era had always been worrisome. Security ranging from simple password hacking to serious security breaches sends shivers down spines of Network Managers.

Wireless networks now allows users to access the Internet from anywhere within the range from your garden to living rooms. But there is one serious problem of security as wireless signals are broadcasted over radio signals that allow anyone with wireless adapter to easily connect.

Wireless standards were ratified in September 1999 and named as IEEE 802.11. These standards included Wireless Equivalent Privacy (WEP) encryption protocols as means of protecting data over wireless connection.

WEP defined in the 802.11b standard and aims to provide security by encrypting each frame of the payload or data over radio waves so that it is protected, as it is transmitted from one end to another. WEP attaches the user's key with the random-generated 24-bit Initialization Vector (IV). The IV can be altered for each frame, although it is not mandatory under IEEE 802.11.

Paul Salmon (www.technicallyeasy.net) states ‘the resulting packet is then inputted into a random number generator to produce a key stream equal to the length of the frame's payload and a 32-bit integrity check value (ICV). Before transmitting the data, the key stream and the payload/ICV are combined through a bitwise XOR process to produce cyphertext (encrypted data). The IV is included in the first few bytes of the frame body, and is not encrypted. The client then uses the IV and the shared key to decrypt the payload data.'

WEP encrypts data or packets between 802.11 stations only. The codes must to known to access point and the client for it to function. WEP has three basic settings: Off (no security), 64-bit (weak security), 128-bit (higher security)

Security Issues with WEP

Though WEP is encryption protocol, which is not difficult to crack, and using it reduces performance slightly. To save users from entering complicated strings for keys tirelessly WEP introduced the concept of passphrase. The entered passphrase is converted to hex keys. Static nature of the shared secret key is its main weakness. The problem can be mitigated by periodically changing the WEP key that's the reason router generally allows to store up to four keys. But very less users even think to do this because altering WEP keys is tiresome and time consuming it has to be done not only on the router but on each and every device too that is attached to it. As a consequent most user just set up a single key and then carry on using it infinitely.

The first problem with WEP is relatively small size of initialization vector IV and keys. Since only 24-bits are used for the IV and uses the same IV for different packets. This can be more of problem on a busy wireless network. If hackers intend to eavesdrop enough of the frames that comprise the same IV, it's quite easy for them to resolve the shared keys that are among the frames.

WEP uses the concept static and shared keys. Network Managers use the same key for weeks, months and years. This gives malicious users seeking entry enough time to check and hack into WEP enabled networks.

WEP has been proven to be defective and subject to number of attackers. But researchers in the Computer Science department of German University recently demonstrated the capability to compromise a WEP-protected network very quickly. Spending less then a minute intercepting data they were able to compromise a WEP key in just three seconds, and they did it using a system equipped with a mere 1.7 GHz Pentium M CPU, which is less powerful than the processor found in today's entry-level notebooks.

In response to the weakness of the WEP security protocol the Wi-Fi Alliance created Wi-Fi protected access. Joshua Wright (Networking World paper on Wireless Security 09/11/2006) suggests that In April 2003, the Wi-Fi Alliance introduced an interoperable security protocol known as WiFi Protected Access (WPA), based on draft 3 of the IEEE 802.11i amendment. WPA was intended to be a substitute for WEP networks without the hassle of hardware replacements, using a subset IEEE 802.11i amendment.

There are some differences between WEP and WPA. WEP uses 128 bit keys with 24-bit Initialization Vector, while WPA uses 128 bit keys with a 48-bit Initialization Vector. WPA uses the concept of Temporal Key Integrity Protocol (TKIP), which dynamically alters keys while the system is being used. The amalgamation of the larger IV and TKIP makes WPA more robust than WEP.

Ever if the router is several years old it almost certainly supports some form of WPA. The most easiest to use version of WPA is WPA Personal or referred as WPA Pre-Shared Key

Security Features of WPA

Charlie Russel et al (Microsoft XP Professional Resource kit, 3^rd Ed: 2005) suggests WPA is interim standard adopted by Wi-Fi Alliance and supported by Windows XP that increases security in three ways:

Data Encrytion: WEP's encryption algorithm is replaced by WPA's choice of two or more encryption methodologies. Temporal Key Integrity Protocol (TKIP) or Advanced Encryption Standard (AES). TKIP changes encryption key dynamically while still running on existing hardware while AES needs next generation hardware from vendors.

Data Integrity: WPA uses Message Integrity Check (MIC), which ensures that data sent is the same as date received and also helps prevent replay attacks.

User Authentication: User verification facility is available in WPA's encryption system.

Jouni Malinen suggests ‘WPA implements a new key handshake (4-Way Handshake and Group Key Handshake) for generating and exchanging data encryption keys between the Authenticator and Supplicant. This handshake is also used to verify that both Authenticator and Supplicant know the master session key. These handshakes are identical regardless of the selected key management mechanism (only the method for generating master session key changes).'

For home users the important characteristic is to setting up WPA security is to create a passphrase. Every clientintending to access wireless network should go through this passphrase. Unlike normal passwords, a passphrase should be between 8 and 63 characters in length. The closer a passphrase is to 63 characters, the more secure it becomes.

Encryption of WPA enabled Wireless network for Personal/PSK the router is offered with plain English passphrase between 8 and 63 characters long rather than encryption key. Using TKIP, the passphrase along with network SSID is used to generate a unique encryption keys for each client on the network, which are constantly changed. In contrast to WEP uses static shared keys that comprise of hex characters 0-9 and A-F.

WPA is able to achieve 500 trillion possible key combinations and re-keying of global encryption keys is required.

WPA2 is the latest implementation of WPA and provides better and stronger data protection and network access control. WPA is based on IEEE 802.11i standard and provides high level of security. It portrays encryption data transmission between systems of 802.11a and 802.11b wireless LANs. WPA2 comes in two different versions:

WPA2 Personal and WPA2 Enterprise where the former protects unauthorized network access by setting up password while the latter verifies network users through server.

In the end I have inferred the following conclusion:

Drawbacks of WEP are:

• Initialization vector can be used again and again which leads to vulnerability and insecurity

• Only 16.7 million possible combinations can be made using 24 bit IV

• Master keys are used instead of dynamically arranged keys

• Users and Managers do not change keys, as the process is boring and lengthy

Benefits of WPA over WEP

• Length of Initialization Vector is 48 bits, which gives 500 trillion combinations

• Initialization Vector is more secure

• Master keys are never directly used

• Data Integrity is much improved

Summary

In the end I would conclude that WPA provides better protection, security over WEP, which is more vulnerable to hackers because of its static shared key feature. As Network Manager I would recommend to use WPA even though the router installed are vintage but still some level of encryption is possible in WPA rather than WEP. Nevertheless to mention here that WEP is more like a Weak Encryption Protocol then Wired Encryption Privacy. Unfortunately there are wireless devices being sold today that don't support WPA. The only way to use WEP is if router does not support WPA at any level then its better to have some security then nothing. Windows Xp with Service pack 2 and Mac OS as well as Windows Vista support WPA. If the router or its firmware is quite recent it may support WPA2, which is a further improvement over WPA, including using AES encryption by default. In order to use WPA2 on Windows Xp system updates need to be downloaded because Xp does not provide usual support.

TASK 5

• Major steps of disaster recovery process for an IT Data center.

Hypothetically considering a situation of a data center which is full of computer wired together and then consider when all these computers are gone or the whole building is non-existent and if my job depends on recovery all or most of the data then there should be a disaster recovery plan which becomes almost important and by thinking that I am one step towards attaining disaster recovery.

Tammy (Linux Redhat: April 2007) states Disaster recovery is the ability to recover from an event impacting the functioning of organization's data center as quickly and efficiently as possible.

A back up site is important but of no use without a concrete disaster recovery plan, which indicates each and every aspect of disaster, recovery process that includes but not limited to the following:

Events that trigger possible disaster are:-

• Who is who in an organization and do they have authority to declare disaster

• Sequence of events necessary to prepare backup

• What is the role of different people involved in disaster recovery?

• Set of hardware and software needed

• Scheduling of staff involved in recovery and smooth running of recovery process round the clock

• Schedule of events needed to move operations

An important aspect of disaster recovery is that plans should be readily available but a copy should be kept of site possibly at backing store or archive of the company. In this way any disaster that destroys the company materials does not take the disaster recovery plan with it.

Ten steps to disaster recovery are illustrated below:

• Acquire Executive Support: Senior Management should be directly involved in developing a truly robust disaster recovery plan. Top Management approval is required for the resource and equipment e.g. hardware and software needed in order to design and maintain an efficient recovery plan. Secondly Top Management is generally the first point of call and need to be informed in case of disaster. This actually sets up a chain of events and personal involving management decisions about arranging an IT recovery team by declaring an emergency situation to the disaster and notifying services directly involved and physical security as well taking whatsoever emergency steps are needed to be taken. If the Top Management is informed at an early stage this involved them directly into the role of disaster recovery. The executive sponsor has several errands from selecting process owner to getting support from other managers and ensuring that the team is properly chosen and are committed to the job. These other managers can be direct reports, colleagues within the IT team or facilities available inside and outside. In the end it the responsibility of the Executive sponsor to express support and coordination by requesting reports and scrutinizing them frequently, giving expert advice and suggestions and query issues and resolving conflicting issues and problems.

• Choosing a process owner: Process owner plays a very important role in disaster recovery procedure and is a key personal. Process owner is the Project leader or project manager who leads and controls the functional team in preparing the business impact analysis, identifying and prioritizing requirements, developing concrete strategies, selecting external help or support and producing and conducting test cases. Process owner needs to demonstrate key skills so he/she should be selected very carefully. Good examples of candidates can be Operations Team Leader, Date center Manager and even an IT Infrastructure Manager.

• Prepare a functional team: Process owner assembles different personals from different departments who exhibit key skills. Departments typically required in the assembled team include computer operations, Application Development, Server Administrator, facilities, Customer service departments, data security and physical security and network operations. The team will do requirement planning, conduct business impact planning, carefully selecting third party, designing and final overall recovery process, conduct test cases and plan the document.

• Conduct business impact analysis: it's very difficult to justify the cost involved in the disaster recovery plan. It's pertinent to stock and prioritize critical business processes for the company. It's important that the team effort is there to coordinate with process owner. Processes needs to be prioritized according to the needs like critical process e.g. loss of revenue or major monetary effects needs priority over less critical jobs. Processes are categorized as A, B and C according to their critical nature.

• Requirement identification and prioritization: as per the business, technical and logistical processes, functional team's work is to identify these requirements. Disaster recovery includes defining criteria for declaring disaster and determining time frames for recovery. Technical requirements include hardware equipment needed like servers, desktop and network speed. Other requirements include time needed for disaster and shipping of arrangements from disaster site to recovery site.

• Business continuity strategy: the team should come up with alternative business continuity strategies based on business impact analysis. These include alternative sites within the same company or other sites outside the company within the same geographic limits. There are four steps involved in business continuity strategy

• Identify your needs and define what business continuity means to you

• Determine and document your recovery objectives

• Evaluate technologies that support your strategy

• Implement and test the technologies best suited to your requirements

• Choosing the recovery team with specific roles: the functional team makes a choice as to who will be included to participate in the recovery procedure aftermath of disaster. The recovery team might me more or less the same as functional team. The additional members of the team can be Executive sponsor, customer representatives and representatives from third party. The selected teams role should be clearly defined, documented and communicated.

• Filing the recovery plan: the last task of the functional team is to document the disaster recovery plan for use by the recovery team, which will be responsible for complete accuracy, convenience and allocation. The plan should also include configuration diagrams and figures of hardware, software and other related components involved in recovery.

• Execute regularly scheduled tests of plan: Disaster recovery plans should be tested regularly every year; some companies might do it for twice or thrice a year. Plan and maintain an audit report while testing the system against a list of planned tasks. Considering unit test plan would be helpful which can be used over a period of time may be three years, which progressively is more involved every six months. Starting with program and data restores and followed by processing data and print tests, then initial network connectivity tests and eventually full network and desktop load and functionality tests.

• Investigate each test case: the intention of doing this is to review exactly how that test can executed and analyze how test was completed, what improvements and efficiencies could be added to improve its robustness.

www.courtesycomputers.com suggests some examples of incidents what has caused havoc

Backup tapes are without data.

Restore process never been tested.

Restore tapes are mislabeled.

Restore tapes can't be located.

Offsite tape supplier hasn't been paid and can't retrieve tapes.

Recovery service to a classified defense program is not cleared.

Recovery service to a classified defense program is cleared, but individual personnel aren't cleared.

Operator can't carry tape canister onto the airplane.

Tape canisters are mislabeled.

(b) Business continuity and disaster recovery plan for IMZAK UK Ltd

Imzak was founded in 2002 as an IT consultancy and integration company and acquired UK services to run a broadband business. In 2004 signed an agreement with ZyXEL and CISCO for product partnership to provide DSL services in UK. IMZAK is also an IBM ISV partner. IMZAK is well known for providing high speed, reliable broadband using ADSL & SDSL connectivity to consumers initially in Southeast Asia also provides consultancy in network integration, which has strong relationship in sales and support with key organizations in India, Pakistan and Bangladesh.

Recovery Strategy

The recovery should be robust, efficient and quick. When a disaster interrupts in the organization, the disaster recovery will be able to kick in nearly automatically and begin providing support to recovery operations. The disaster recovery plan is be designed in such a manner that the first employees on the scene can immediately begin the recovery effort in an organized fashion, even if members of the official Disaster Recovery Process DRP team have not yet arrived on site. We'll examine the critical subtasks involved in designing an effective disaster recovery plan that will help in rapid restoration of normal business processes and the resumption of activity at the primary business location.

Business Unit Priorities

We have designed a disaster recovery plan so that the business units with the highest priority are recovered first. To achieve this goal, our DRP team will first identify those business units and agree on an order of prioritization. As a minimum requirement we have a list of business units in prioritized order

As a minimum requirement, the output from this task will be a simple listing of business units in prioritized order. However, there is more detailed list broken down into specific business processes listed in order of priority available as well which will be available in each department. The business process-oriented list is much more insightful of actual conditions, but it requires extensive additional attempt. This will help in the recovery process, as not every task performed by highest-priority business unit will be of the highest priority. It's imperative to restore the critical unit at priority and then move on to less critical units to achieve some minimum operating conditions in the organization before trying a full recovery method.

Crisis Management

If a disaster hit our organization, it is likely that panic will set in first. The best way to deal with this is organized disaster recovery plan. The people who will notice an emergency situation will be security guards, technical personnel, etc. and they will be fully trained in disaster recovery procedures and will know the proper notification procedures.

Many common issues that tend to slip the minds of panic-stricken personals in this situation are such as calling 999 or emergency services in the event of a fire, flood or tsunami and they tend to run away from the problem. The best way to fight this is with continuous training on disaster recovery responsibilities. For and instance in case of fire, all employees should be trained to activate the fire alarm or contact emergency officials when they spot a fire at the same time making sure to protect themselves. It's better that the fire department receives 5-6 different phone calls reporting a fire at our organization than its for everyone to assume that some action has been taken. I suggest it's the duty of the most senior executive or the operations manager to take care of this. Crisis management team is quite mandatory in such organization. According to the company's training budget, investing in crisis training for key employees would not be a bad idea. This will guarantee that at least some of our employees know the proper way to handle emergency situations and make sure everything happens according to plan.

Emergency Communications

In case of a disaster situation it is significant that the organization will be able to communicate inside and as well as with the outside world. A disaster of any level can happen any time and easily noticed, and organization should be able to communicate with outside world about its recovery condition, the public is appropriate to fear the worst situation thinking that the organization will unable to recover. It is also crucial that the organization will be able to communicate internally in the quickest ever way as they can so that during a disaster the staff knows what to do and how to do or whether they have to return to work or report at another location. Obviously in many instances means of communication e.g. telephones, email etc are damaged.

Restoration of Work group

It will be kept up most in the mind that our goal in disaster recovery plan is very clear. Our goal will be the restoration of work groups to the position from where they can resume their activities in their usual work locations. It's very easy to get off the track and start thinking disaster recovery as purely an IT effort focused on restoring systems and processing to working order.

It's sometimes better to develop alternative recovery facilities for different work groups. I would like to recommend here that the company has quite few subsidiary sites that communicate to Head Office and the subsidiary locations perform processes similar to the jobs that are performed at Head Office. I would insist on relocating those work groups to other unit and letting them communicate electronically via telephone or email until the main office is ready to perform the usual tasks.

Ed Tittel et al (2004) suggests alternate Processing Sites for efficient disaster recovery procedure. It's very important to choose an alternative-processing site, which can be used if the primary site fails. There four main types of sites to be used in disaster recovery planning as suggested by Ed Tittel: i.e. Cold sites, Warm sites, Hot sites, Mobile sites:

‘When choosing any type of alternate processing site, be sure to place it far away enough from your primary location that it won't likely be affected by the same disaster that disables your primary site!'

Further to this I would put some light on each of these sites:

Cold sites are simply reserve facilities large enough to hold the processing load of organization and with suitable electrical and environmental support systems. They can be large warehouses, empty office buildings, or other similar infrastructures. But there is one big disadvantage that the cold site has no computing facilities neither hardware nor software preinstalled and does not have activated broadband communications links. The major advantage of a cold site is it's reasonably priced —there is no computing base to uphold and no monthly telecommunications bill when the site is not in use. However, the drawbacks of such a site are apparent

Hot sites are the exact reverse of the cold site. In this type of design, a backup facility is maintained in steady working order, with a full balance of servers, workstations, and communications links ready to assume main operational responsibilities. The servers and workstations are all pre-configured and loaded with suitable operating system and application software. The data on the primary site servers is periodically simulated to the corresponding servers at the hot site, ensuring that the hot site has up-to-date data.

There is an option of maintaining a hot site at reasonable cost then we can opt for shared hot site facility managed by third party. But there is always a danger of being overcharged in an event of disaster and might not be able serve the organization efficiently, apart from that there is always risk of critical data going into wrong hands. So we have to leave this option because of potential risk to the company. There is another option of Warm sites.

Warm sites are a middle opinion between hot sites and cold sites for disaster recovery specialists. They contain the equipment and data circuits necessary to quickly establish maneuver. As it is in hot sites, this equipment is usually pre-configured and ready to run appropriate applications to support the organization's operations. In contrast hot sites, however, warm sites do not typically contain duplicates of the client's data. The main requirement in bringing a warm site to full operational status is the moving of appropriate backup media to the site and restoration of critical data on the standby servers. Activation of a warm site characteristically takes at least 12 hours from the time a disaster is confirmed.

There is another category i.e. Mobile sites are non-mainstream substitute to conventional recovery sites. They usually consist of self-sufficient trailers or other easily relocated units. These sites come with all of the ecological control systems necessary to maintain a safe computing environment. Mobile sites can be a good idea to implement as they can accommodate entire work group.

I think out of the four options Warm sites are the best option and this technique would be implemented in our organization.

Database Recovery

Unlike our organization many organizations rely upon databases to process and track operations, sales, logistics, and other activities vital to their continued viability. I think it's pertinent to include database recovery techniques in our disaster recovery plans and to have a database specialist on the DRP team to offer technical feasibility. I would like to discuss three main techniques used to create offsite copies of database: electronic vaulting, remote journaling, and remote mirroring.

In an electronic vaulting technique, database backups are transferred to a remote site in a volume transfer fashion. The remote location may be a dedicated recovery site such as a hot site or warm site or simply a mobile location managed within the company or by a service provider for the purpose of maintaining backup data. There is major disadvantage there is a considerable time delay between the time you announce a disaster and the time the database is ready for operation with current data. If the recovery site needs to be used then technicians will need to rescue the appropriate backups from the electronic vault and apply them servers at the recovery site. If this service is required from third party then written agreement should be done which includes storage, bandwidth link to electronic vault.

Remote journaling allows speedier data transfers. Data transfers are done in bulk transfer, but they occur on a more frequent basis, usually once every hour or less. Unlike electronic vaulting, where database backup files are moved, remote journaling setups transfer copies of the database transaction logs containing the transactions that occurred since the previous bulk transfer.

Remote mirroring is the most advanced database backup solution and it's the most expensive too Remote mirroring goes ahead of the technology used by remote journaling and electronic vaulting. Remote mirroring is a live database server which is maintained at the backup site al the time. The remote server receives copies of the database modifications at the same time they are applied to the production server at the primary site.

I think remote mirroring is a popular database backup strategy for organizations seeking to implement. I would actually implement this strategy though the cost of maintenance is high.

Recovery Plan Development

Since we have established business unit priorities and had a good idea of the appropriate alternative recovery sites for our organization, let me put down actual disaster recovery plan. Some of the important items that have been included in disaster recovery plan. Ed Tittel et al (2004) suggests following reports:

• Executive summary

• Department-specific plans

• Technical guides for IT personnel responsible for implementing and maintaining Critical backup systems

• Checklists for individual members of the disaster recovery team (more details available in Appendix)

• Full copies of the plan for critical disaster recovery team members

These documents become especially important when a disaster occurs and shall be included in the DRP. Critical disaster recovery team members will have these checklists to help guide their actions amidst critical times. IT personnel will have their technical manuals assisting them get the alternate sites up and in operation. Finally, managers and public relations personnel will have a simple documents assisting in a walk-through coordinated disaster recovery activity.

Emergency Response

The DRP consists of simple should contain simple and inclusive guidelines for vital workforce to follow straight away upon detection of a disaster. These instructions will depend on three things (i) the nature of the disaster (ii) the type of personnel responding and (iii) the time span available before organization need to be evacuated. For instance the instructions of fire related disaster will be much more brief than the instructions for how to prepare for a cyclone that is still 2 days away from Head office or main site.

Personnel Notification

The disaster recovery plan will also have list of people to contact in the event of a disaster like a Crisis Management list. This includes key members of the DRP team as well as those personnel who perform critical disaster recovery tasks throughout the organization.

The notification checklist should be issued to every personnel who might respond to a disaster.

Backups and Offsite Storage

The most important element of Business continuity and DRP is the backup strategy followed by organization. There are three main types of backups:

Full backups As the name suggests, full backups store a complete copy of the data contained on the protective device.

Incremental backups store only those files that have been changed since the time of the most recent full or incremental backup.

Differential backupsDifferential backups store all files that have been changed since the time of the most recent full backup. (More information is mentioned in Appendix)

As per our organizations we will make use of a combination of one or more backup strategies along with media rotation scheme. We will adapt a comprehensive strategy, which performs full backups over the weekend and incremental or differential backups on a daily basis.

External Communications

During the disaster recovery process, it will be really important to talk with various individuals outside the organization. You will need to contact vendors to provide provisions, and everything else needed to support DRP effort. Need to correspond with clients for guarantee of work. Public relations personnel will contact media or investment firms, and managers might need to speak to legislative authorities.

Logistics

Logistics and transportation will be another big issue in an event of disaster. Large number of manpower will be needed to move equipment, and supplies to alternate recovery sites. Our DRP has provisions for this type of operation and have an agreement with external vendors to cater our needs in such event.

Summary

Disaster recovery procedure or planning is a critical feature of a broad information security program. Its does not really matter how good the business continuity plan is some day the business gets interrupted by disaster of any type and any nature. The skill lies in how quickly and efficiently the system or process restoration can be done. Some critical tasks require quick recovery and some can wait. As an old saying prevention is better can cure. Contributing time, money and effort towards developing a comprehensive disaster recovery plan will immensely help in recovering operations in the midst of a frenzied emergency.

I think an organization's disaster recovery plan is one of the most essential credential under siege of security professionals. It should offers regulations to the personnel responsible for ensuring the continuity of operations in the event of disaster. The DRP offers a methodical series of events intended to trigger alternate processing sites while simultaneously restoring the primary site to operational status.

APPENDIX

Training and Documentation

As with the business continuity plan, it is important to provide training all concerned staff and personnel who will be concerned in the disaster recovery effort. The level of training required will vary according to an individual's role in the DRP and his/her position within the company. When designing a training plan, you should consider including the following elements:

Induction programs and training for all new employees.

Initial training for employees, those taking on a new disaster recovery role.

Detailed refresher course for disaster recovery team members.

Brief refresher training for all other employees

Tip Loose-leaf binders provide an excellent option for storage of disaster recovery plans. The disaster recovery plan should also be fully documented. Earlier in this chapter, we discussed several of the documentation options available to you. Implementation of important documentation programs and modification the documentation is necessary as changes to the plan occur.

Testing and Maintenance

Every disaster recovery plan must be tested on a periodic basis to ensure that the plan's requirements are still feasible and are up to company standards. The types of tests that you are able to conduct will depend upon the types of recovery facilities available to you, the culture of your organization, and the availability of disaster recovery team members. The main five types of test are: checklist tests, structured walk-throughs, simulation tests, parallel tests, and full-interruption tests.

Checklists

Checklist is a valuable tool in an event of disaster. They provide a sense of order amidst the chaotic events. A checklist in reaction to a building fire might include the following steps:

Activate the premises alarm.

Ensure an orderly evacuation is done.

After securely leaving the building, phone 999 to ensure that emergency authorities have received the notification.

Ensure that any injured personnel receive proper first aid and medical treatment.

Backup strategy

Ed Tittel et al (2004) suggest a backup strategy. ‘There are two commonly used tape rotation strategies: the “Grandfather-Father-Son” strategy (GFS) and the “Tower of Hanoi” strategy. An instance of the GFS strategy would be to use four backup media sets for the Monday, Tuesday, Wednesday, and Thursday backups. These tapes are overwritten each week. Another group of five sets is used for the weekly backups (in our scenario, this would be done on Friday). A final group of three sets is used to maintain monthly backups (performed on the last Friday of the month). This method allows you to keep an extensive record of backups with a minimal number of tapes. Note that the actual numbers used in the scenario are flexible. For example, some firms may choose to keep a year's worth of monthly backups. This would simply require using 12 sets in the monthly rotation instead of 3.

The Tower of Hanoi strategy uses five sets of backup media. The 1st set is used for every other backup, starting on Day 1 (i.e., Days 1, 3, 5, etc.). The 2nd set is used for every 4th backup, starting on Day 2 (i.e., Days 2, 6, 10, etc.). The 3rd set is used for every 8th backup, starting on Day 4 (i.e., Days 4, 12, 20, etc.). The 4th set is used for every 16th backup, starting on Day 8 (i.e., Days 8, 24, 40, etc.). The final set is used for every 16th backup, starting on Day 16 (i.e., Days 16, 32, 48, etc.).'

REFERENCES

• Ed Tittel, James Michael Steawart and Mike Chapple (2004) CISSP: Certified Information Systems Security Professional Study Guide, 2^nd Edition: Sybex

• Introduction to Community based SNMPv2 RFC 1901

• Andrew S. Tanenbaum (2004) Computer Networks, 4^th Edition: Pearson Education

• Todd Lammle (2007) Cisco Certified Network Associate Study Guide, 6^th Edition: Sybex

• Li, Min; Deng, Shaobo; Zhou, ChunHua (2007) Research on Adaptive Congestion Control Based on One Way Delay; Granular Computing IEEE International Conference 2-4 Nov. 2007 Page(s):580 - 580

• http://en.wikipedia.org/wiki/Structure_of_Management_Information

[19th July 2008]

• http://searchnetworking.techtarget.com/sDefinition/0,,sid7_gci812019,00.html [20^th July, 2008]

• http://gaia.cs.umass.edu/kurose/transport/UDP.html [20th July 2008]

• http://blurtit.com/q570064.html [20 July 2008]

• http://hostap.epitest.fi/wpa_supplicant [21 July 2008]

• http://www.wi-fiplanet.com/tutorials/article.php/3672711 [21 July 2008]

• http://www.tech-faq.com/router-elements.shtml [24 July 2008]

• http://www.courtesycomputers.com/DisasterRecoveryStepstodevelopinganeffectivedisasterrecoveryprocess.doc [24 July 2008]

Sign up and be the first to receive our latest offers: