Network+ Guide to Networks, Fourth Edition Chapter 13 Ensuring Integrity and Availability Objectives • Identify the characteristics of a network that keeps data safe from loss or damage • Protect an enterprise-wide network from viruses • Explain network- and system-level fault-tolerance techniques • Discuss issues related to network backup and recovery strategies • Describe the components of a useful disaster recovery plan and the options for disaster contingencies Network+ Guide to Networks, 4e What Are Integrity and Availability? • Integrity: soundness of network’s programs, data, services, devices, and connections • Availability: how consistently and reliably file or system can be accessed by authorized personnel – Need well-planned and well-configured network – Data backups, redundant devices, protection from malicious intruders • Phenomena compromising integrity and availability: – Security breaches, natural disasters, malicious intruders, power flaws, human error Network+ Guide to Networks, 4e What Are Integrity and Availability? (continued) • General guidelines for protecting network: – Allow only network administrators to create or modify NOS and application system files – Monitor network for unauthorized access or changes – Record authorized system changes in a change management system – Install redundant components – Perform regular health checks Network+ Guide to Networks, 4e What Are Integrity and Availability? (continued) • General guidelines for protecting network (continued): – Check system performance, error logs, and system log book regularly – Keep backups, boot disks, and emergency repair disks current and available – Implement and enforce security and disaster recovery policies Network+ Guide to Networks, 4e Viruses • Program that replicates itself with intent to infect more computers – Through network connections or exchange of external storage devices – Typically copied to storage device without user’s knowledge • Trojan horse: program that disguises itself as something useful but actually harms system – Not considered a virus Network+ Guide to Networks, 4e Types of Viruses • Boot sector viruses: located in boot sector of computer’s hard disk – When computer boots up, virus runs in place of computer’s normal system files – Removal first requires rebooting from uninfected, write-protected disk with system files on it • Macro viruses: take form of macro that may be executed as user works with a program – Quick to emerge and spread – Symptoms vary widely Network+ Guide to Networks, 4e Types of Viruses (continued) • File-infected viruses: attach to executable files – When infected executable file runs, virus copies itself to memory – Can have devastating consequences – Symptoms may include damaged program files, inexplicable file size increases, changed icons for programs, strange messages, inability to run a program • Worms: programs that run independently and travel between computers and across networks – Not technically viruses – Can transport and hide viruses Network+ Guide to Networks, 4e Types of Viruses (continued) • Trojan horse: program that claims to something useful but instead harms system • Network viruses: propagated via network protocols, commands, messaging programs, and data links • Bots: program that runs automatically, without requiring a person to start or stop it – Many bots spread through Internet Relay Chat (IRC) – Used to damage/destroy data or system files, issue objectionable content, further propagate virus Network+ Guide to Networks, 4e Virus Characteristics • Encryption: encrypted virus may thwart antivirus program’s attempts to detect it • Stealth: stealth viruses disguise themselves as legitimate programs or replace part of legitimate program’s code with destructive code • Polymorphism: polymorphic viruses change characteristics every time transferred • Time-dependence: time-dependent viruses programmed to activate on particular date Network+ Guide to Networks, 4e 10 Backup Media and Methods • To select appropriate solution, consider following questions: – – – – – – – – Sufficient storage capacity? Reliability? Data error checking techniques? System efficient enough to complete backup process before daily operations resume? Cost and capacity? Compatibility? Frequent manual intervention? Scalability? Network+ Guide to Networks, 4e 40 Optical Media • Capable of storing digitized data – Uses laser to write and read data – CD-ROMs and DVDs • Requires proper disk drive to write data • Writing data usually takes longer than saving data to another type of media Network+ Guide to Networks, 4e 41 Tape Backups • Relatively simple, capable of storing large amounts of data, at least partially automated • On relatively small networks, standalone tape drives may be attached to each server • On large networks, one large, centralized tape backup device may manage all subsystems’ backups – Usually connected to computer other than file server Network+ Guide to Networks, 4e 42 External Disk Drives • Storage devices that can be attached temporarily to a computer via USB, PCMCIA, FireWire, or Compact-Flash port – Removable disk drives • For backing up large amounts of data, likely to use external disk drive with backup control features, high capacity, and fast read-write access • Faster data transfer rates than optical media or tape backups Network+ Guide to Networks, 4e 43 Network Backups • Save data to another place on network – Must back up data to different disk than where it was originally stored • Most NOSs provide utilities for automating and managing network backups • Online backup: saves data across Internet to another company’s storage array – Strict security measures to protect data in transit – Backup and restoration processes automated Network+ Guide to Networks, 4e 44 Backup Strategy • Strategy should address following questions: – – – – – – – – What data must be backed up? Rotation schedule? Time backups occur? Method of accuracy verification? Where and how long will backup media be stored? Who will take responsibility? How long will backups be saved? Where will documentation be stored? Network+ Guide to Networks, 4e 45 Backup Strategy (continued) • Archive bit: file attribute that can be checked or unchecked – Indicates whether file must be archived • Backup methods use archive bit in different ways – Full backup: all data copied to storage media, regardless of whether data is new or changed • Archive bits set to “off” for all files – Incremental backup: copies only data that has changed since last full or incremental backup • Unchecks archive bit for every file saved – Differential backup: does not uncheck archive bits for files backed up Network+ Guide to Networks, 4e 46 Backup Strategy (continued) • Determine best possible backup rotation scheme – Provide excellent data reliability without overtaxing network or requiring a lot of intervention – Several standard backup rotation schemes • Grandfather-father-son: Uses DAILY (son), weekly (father), and monthly (grandfather) backup sets • Make sure backup activity recorded in backup log • Establish regular schedule of verification Network+ Guide to Networks, 4e 47 Backup Strategy (continued) Figure 13-13: The “grandfather-father-son” backup rotation scheme Network+ Guide to Networks, 4e 48 Disaster Recovery: Disaster Recovery Planning • Disaster recovery: process of restoring critical functionality and data after enterprise-wide outage • Disaster recovery plan accounts for worst-case scenarios – Contact names and info for emergency coordinators – Details on data and servers being backed up, backup frequency, backup location, how to recover – Details on network topology, redundancy, and agreements with national service carriers – Strategies for testing disaster recovery plan – Plan for managing the crisis Network+ Guide to Networks, 4e 49 Disaster Recovery Contingencies • Several options for recovering from disaster – Cold site: place where computers, devices, and connectivity necessary to rebuild network exist • Not configured, updated, or connected – Warm site: same as cold site, but some computers and devices appropriately configured, updated, or connected – Hot site: computers, devices, and connectivity necessary to rebuild network are appropriately configured, updated, and connected to match network’s current state Network+ Guide to Networks, 4e 50 Summary • Integrity refers to the soundness of your network’s files, systems, and connections • Several basic measures can be employed to protect data and systems on a network • A virus is a program that replicates itself so as to infect more computers, either through network connections or through external storage devices passed among users • A good antivirus program should be able to detect viruses through signature scanning, integrity checking, and heuristic scanning Network+ Guide to Networks, 4e 51 Summary (continued) • The goal of fault-tolerant systems is to prevent faults from progressing to failures • Fault tolerance is a system’s capacity to continue performing despite an unexpected hardware or software malfunction • A UPS is a battery power source that prevents undesired features of the power source from harming the device or interrupting its services • For utmost fault tolerance in power supply, a generator is necessary Network+ Guide to Networks, 4e 52 Summary (continued) • Critical servers often contain redundant NICs, processors, and/or hard disks to provide better fault tolerance • Server mirroring involves utilizing a second, identical server to duplicate the transactions and data storage of one server • Clustering links multiple servers together to act as a single server • RAID is an important storage redundancy feature Network+ Guide to Networks, 4e 53 Summary (continued) • Backups can be saved to optical media (such as CDs and DVDs), tapes, external disk drives, or to another location on a network • The aim of a good backup rotation scheme is to provide excellent data reliability but not to overtax your network or require much intervention • Disaster recovery is the process of restoring your critical functionality and data after an enterprisewide outage that affects more than a single system or a limited group of users Network+ Guide to Networks, 4e 54 ... conditioning – Cost Network+ Guide to Networks, 4e 19 Generators Figure 1 3-2 : UPSs and a generator in a network design Network+ Guide to Networks, 4e 20 Topology and Connectivity • Key to fault tolerance... clients Network+ Guide to Networks, 4e 36 NAS (continued) Figure 1 3-1 0: Network attached storage on a LAN Network+ Guide to Networks, 4e 37 SANs (Storage Area Networks) Figure 1 3-1 1: A storage... from network faults Network+ Guide to Networks, 4e 21 Topology and Connectivity (continued) Figure 1 3-3 : VPNs linking multiple customers Network+ Guide to Networks, 4e 22 Topology and Connectivity