Whitehekm - High Availability

Resilient Infrastructures

Introduction

The Internet has become an integral part of most companies’ operating environments. It is used to develop new and existing market places and allows companies to explore new channels to market at a fraction of the cost of traditional marketing. The majority of people use applications, in some form or another, over networks of either a private or public infrastructure.

As more businesses sign up to e-commerce and start trading online they must take into consideration the changes in customer requirements. Customers can now easily choose a different supplier without ever leaving their seats. A customer attempting to connect to a site that is not available for some reason will just shop elsewhere, at the click of a mouse.

Security is another issue that is at the forefront of the customer’s mind, unless the customer feels confident that the transaction is secure they will not use the services offered. Winning back customers that have lost confidence will be virtually impossible.

Problem Description

During the last couple of years there have been some very visible service outages — for example, on June 10 — 11, 2000 ebay had a 22 hour service outage. As a result, ebays market cap fell £8.5 billion. As customers face problems in the web based services, the result is usually seen immediately and the potential losses can be huge. Being available has become one of the key success factors for e-business. Financial Times stated in an article on February 12th, 2001 that businesses lost £128 million in 2000 because customers could not log on to websites, according to a survey. The figure is to double this year. The cost of downtime can be quite considerable in the more traditional forms of business as well. These costs come from various sources:

Loss of sales orders or transactions
Loss of customers to competitors due to downtime
Loss of productivity
Loss of employees working time
Loss of investor’s trust

A typical cost for one hour of downtime depends on the industry, however IDC has identified the four areas causing downtime:

adobe acrobat 9 pro crack

microsoft office visio 2010

order microsoft windows vista ultimate with

buying microsoft office 2010 professional (32 online

buy Adobe Creative Suite 4 Master Collection MAC (Macintosh) full version

microsoft office project viewer

purchase Adobe Dreamweaver CS4 MAC (Macintosh) program

buy microsoft office home and student 2007

order intuit quicken rental property manager 2009 software

adobe creative suite 5 torrent

adobe indesign torrent

adobe creative suite 4 production premium

windows 7 ultimate 32 bit vs 64 bit

order downloadable Autodesk AutoCAD 2010

adobe photoshop cs3 serial number

download adobe photoshop cs4 trial

windows 7 ultimate keygen

buy Microsoft Office 2010 Professional (32-bit) full version

buy Adobe InDesign CS4 full version

nero 9 keygen

intuit quickbooks 2010 for mac torrent

windows 7 ultimate 32 bit product key

adobe creative suite 4 web premium torrent

microsoft office visio professional 2007 crack

microsoft office visio viewer

buy Adobe Photoshop CS4 Extended MAC (Macintosh) license

microsoft visual studio 2008 shell

adobe creative suite 4 design

adobe photoshop cs4 extended free download

where to buy adobe dreamweaver cs4

intuit quicken rental property manager

buy cheapest Microsoft Office Visio Professional 2007 SP2

microsoft windows vista ultimate download

intuit quickbooks 2010 upgrade

order Microsoft Office Visio Professional 2003 software

download Windows 7 Professional (64 bit) software

microsoft works 9 free trial

microsoft visual studio 2008 professional edition with msdn embedded

windows xp professional key

used microsoft office

works microsoft free

adobe dreamweaver cs5 torrent

The network,
The servers,
Operating systems and applications.

For the network, the most common cause for downtime is ISP connection downtime and network LAN overload. In the system level the usual problems are caused by either CPU overload or by network interface card failure. Slowed database performance and process hang-up’s are the main problems on the application level. Another major cause for downtime is network maintenance. In many industries it has been possible to do network and server updates during the weekends. On the Internet, this is no longer possible. As the customer can log on from any part of the globe, from any time zone, it is practically impossible to find a time slot to perform maintenance operations without disturbing the business.

Secure High Availabity

Enterprises are facing challenges from the several sides: on the one hand the role of the Internet and the ever increasing amount of traffic; on the other hand the security threats and the sensitivity of the business critical applications to all disturbances. To overcome this situation two basic elements must be in place — availability and security. These two elements go hand in hand and a total solution requires that they are both implemented at an adequate level. If security is lacking, it is easy for an intruder to bring the network down. The same goes if there are single points of failure in the network. Third aspect is that the chosen solution should be easy to scale up as business needs grow and the amount of traffic increases. In order to fulfill the requirements for a Secure Highly Available Enterprise the solution has to be secure, it has to be available round the clock and it has to provide scalability for future growth.

Availability

Enterprises have to be able to guarantee that the services they provide are available whenever needed. This requires that the whole network be designed with high availability as a design principle. 99% availability means that the system is down 87,6 hours a year. In most business the availability of the system has to be 99.999% or more, resulting in less than 5.26 minutes downtime a year. High availability means that the system has to provide redundancy to every network element and service, automatic detection of failures and automatic recovery from failures. The system has to allow maintenance operations online without traffic disturbances. To avoid overload problems, the key elements should be protected with load balancing functionality.

Redundancy means that the all possible single-points-of-failures are made redundant in the network. This means that every switch, server and service has to work either as a pair or as a cluster. A basic element for a high availability system is its ability to automatically detect failures in the system. At its best this is done in several layers allowing detection of both hardware and software faults. From the service point of view, the system has to be application aware, so that it can detect when a service is functioning and when it is not. If the system detects a failure, it must switch the traffic to a fully operational unit and warn the administrator about the situation. The ultimate goal is that the end-user of a service should not detect the failure in any way.

One of the most common reasons for service outages is the maintenance of hardware, software or the network itself. To ensure availability, network administrators have to be able to shut down a node, perform the maintenance operations and activate the node again during normal business hours without any disturbance in traffic. Another major cause for problems is overload of a single element in the system. This causes delays to customers as they are using the system. It is also possible that a network element malfunctions because of CPU overload. To prevent this, all possible throughput bottlenecks should be equipped with load balancing functionality. Ideal system allows even distribution of the load, dynamic load balancing as the traffic changes, and automatic prevention of node overloads. If the capacity needs are increasing, it should be easy to add new nodes to the system to increase its performance.

Security

A basic element of a corporate security is that the company has defined a security policy, which is implemented and enforced. A security policy establishes accountability for information protection by defining a set of rules, conditions and practices that regulate how an organization manages, protects and distributes sensitive information.

A Corporate Security Policy should address at least the following issues:

Security Organization
Assets classification and control
Personnel Security
Physical and environmental security
Computer and network management
System access control
System development and maintenance and
Business continuity planning.

Five steps towards a Secure Highly Available Enterprise

1. You have defined a security policy
2. You enforce your security policy in your network
3. You have identified all possible single points of failure and made them redundant
4. You have identified network elements that might suffer from overload and introduced a load balancing / clustering solution to protect them
5. You have means to follow the traffic on your network and you are prepared to scale up the most loaded network elements

It is important that the operating procedures are created for normal situations as well as abnormal situations.

Summary

Security and availability are cornerstones for creating a solid infrastructure for corporate IT systems. They are a major concern for any company that is connected to the Internet or is doing business on the Internet. If security and availability issues are not addressed in the corporate network, the potential damage to business can be huge in a very short time.

This technology overview has described the requirements for the Secure Highly Available Enterprise. The five-step checklist can be used to verify that you have considered all the important aspects in your network design. The end result should be a scalable system that is both secure and highly available.

Please call 0870 421 4023 to find out how you can ensure that your organisation is both secure and your key applications are always available, or e-mail sales@whitehelm.com requesting more information.