Introduction

The  Internet has become an  integral part of most companies’  operating environments. It is used to develop new  and existing market places and allows companies to  explore new channels to market at a fraction of  the cost of traditional marketing. The majority  of people use applications, in some form or another, over networks of either  a private or public infrastructure.

As more businesses sign up  to e-commerce and start trading online they must take into consideration  the changes in customer requirements. Customers  can now easily choose a different supplier without ever leaving their seats.  A customer attempting to connect to a site that is not available for some  reason will just shop elsewhere,  at the click of a mouse.

Security is another issue that is at the forefront of the  customer’s mind, unless the customer feels confident that the transaction is secure they will not use the services offered. Winning  back customers that have  lost confidence will be virtually impossible.

Problem  Description

During the last couple of years there have been some very  visible service outages — for example, on  June 10 — 11, 2000 ebay had a 22 hour service outage. As a result, ebays market cap fell £8.5 billion.  As customers face problems  in the web based services, the result is usually seen immediately and the potential  losses can be huge. Being available has become one of the key success factors for e-business. Financial  Times stated in an article  on February 12th, 2001 that businesses lost £128  million in 2000 because customers could not log  on to websites, according to a survey. The figure  is to double this year. The cost of downtime can be quite considerable in the more traditional forms  of business as well. These  costs come from various sources:

• Loss of sales orders or transactions
• Loss of customers to competitors  due to downtime
• Loss of productivity
• Loss of employees working time
• Loss of investor’s trust

A  typical cost for one hour of downtime depends on the industry, however IDC  has identified the four areas causing downtime:

• The  network,
• The  servers,
• Operating  systems and applications.

For  the network, the most common  cause for downtime is ISP connection downtime and network  LAN overload. In the system level the usual problems are caused by either CPU overload or by network interface card failure.  Slowed database performance and process hang-up’s  are the main problems on  the application level.  Another major cause for downtime is network maintenance. In many industries it has  been possible to do network and server updates during  the weekends. On the Internet, this is no longer possible.  As the customer can log on from any part of the  globe, from any time zone, it is practically impossible to find a time slot to perform maintenance operations without disturbing the business.

Secure High Availabity

Enterprises  are facing challenges from  the several sides: on the one hand the role of the Internet and the ever increasing amount of traffic; on the  other hand the security threats and the sensitivity  of the business critical  applications to all disturbances.  To overcome this situation  two basic elements must be in place — availability and security. These two  elements go hand in hand  and a total solution requires that they are both implemented at an adequate level. If security is lacking, it  is easy for an intruder to bring the network down. The same goes if there are single points of failure in the network. Third aspect is that the chosen solution  should be easy to scale up as  business needs grow and the amount of traffic increases. In order to fulfill the  requirements for a Secure Highly Available Enterprise the solution has to be secure, it has to be available round the clock and it has to provide scalability for future growth.

Availability

Enterprises  have to be able to guarantee  that the services they  provide are available whenever  needed. This requires that the whole network be designed  with high availability  as a design principle.  99% availability means  that the system is down  87,6 hours a year. In most  business the availability of the system has to be  99.999% or more, resulting  in less than 5.26 minutes  downtime a year. High availability  means that the system has to provide redundancy to every network element and  service, automatic detection  of failures and automatic recovery from failures.  The system has to allow  maintenance operations  online without traffic  disturbances. To avoid  overload problems, the  key elements should be protected with load balancing  functionality.

Redundancy means that the all possible  single-points-of-failures are made redundant in the  network. This means that  every switch, server and service has to work either as a pair or as a cluster. A basic element for a high availability system is  its ability to automatically  detect failures in the  system. At its best this  is done in several layers allowing detection of both  hardware and software faults. From the service point of view, the system has  to be application aware,  so that it can detect when a service is functioning and when it is not. If the system detects a failure,  it must switch the traffic  to a fully operational  unit and warn the administrator about the situation. The ultimate goal is that the  end-user of a service should not detect the failure in any way.

One  of the most common reasons  for service outages is  the maintenance of hardware,  software or the network itself. To ensure availability,  network administrators  have to be able to shut down a node, perform the maintenance operations and activate the node again  during normal business  hours without any disturbance in traffic. Another major  cause for problems is overload of a single element in the system. This causes  delays to customers as  they are using the system.  It is also possible that  a network element malfunctions  because of CPU overload.  To prevent this, all possible throughput bottlenecks should be equipped with  load balancing functionality. Ideal system allows even distribution of the load,  dynamic load balancing  as the traffic  changes, and automatic  prevention of node overloads. If the capacity needs are  increasing, it should be  easy to add new nodes to  the system to increase  its performance.

Security

A  basic element of a corporate  security is that the company  has defined a security  policy, which is implemented  and enforced. A security policy establishes accountability  for information protection  by defining a set of rules, conditions and practices  that regulate how an organization manages, protects and distributes  sensitive information.

A  Corporate Security Policy should address at least  the following issues:

• Security Organization
• Assets classification and control
• Personnel  Security
• Physical and environmental security
• Computer and network management
• System access control
• System development and maintenance  and
• Business continuity planning.

Five steps towards a Secure Highly Available Enterprise

1. 1. You have defined a security  policy
2. 2. You enforce your security  policy in your network
3. 3. You have identified all  possible single points  of failure and made them  redundant
4. 4. You have identified network  elements that might suffer  from overload and introduced  a load balancing  / clustering solution to protect them
5. 5. You have means to follow the traffic on your network  and you are prepared to scale up the most loaded network elements

It is important that the operating  procedures are created  for normal situations as  well as abnormal situations.

Summary

Security and availability are cornerstones  for creating a solid infrastructure for corporate IT systems.  They are a major concern  for any company that is connected to the Internet  or is doing business on the Internet. If security  and availability issues  are not addressed in the  corporate network, the  potential damage to business  can be huge in a very short  time.

This technology overview has  described the requirements  for the Secure Highly Available Enterprise. The five-step  checklist can be used to verify that you have considered  all the important aspects in your network design.  The end result should be a scalable system that is both secure and highly  available.

Please call 0870 421 4023 to find out how you can ensure that your organisation  is both secure and your key applications are always  available, or e-mail highavail.team@Whitehelm.com requesting more information.