Your SlideShare is downloading. ×
How New Data Center Technologies Impact Recoverability
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

How New Data Center Technologies Impact Recoverability


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide
  • IT is facing greater demand than ever for highly reliable disaster recovery plans at a time when budgets are tight. Now, companies are beginning to leverage their own internal data centers to provide a recovery capability (e.g., hot site). But does it make sense for your organization? Find out from business continuity expert, Damian Walch, Vice President of Consulting at T-Systems. Benefit from his focused insights on: • Why it may make sense to keep your disaster recovery facility in-house, and the benefits you can uncover. • What you, the decision maker, must consider when investigating internal recovery. • How you can perform a cost-benefit assessment on the internal recovery option. Mr. Walch also reveals the pitfalls you may encounter in moving to an internal recovery solution - and most importantly of course, how to avoid them. Damian shows you specific examples of problems that he has seen in the IT trenches, and addresses the technologies that can be used to facilitate the best recovery solution in your data center.
  • Regarding regulations, more and more industries have requirements for compliance. We’re all familiar with viruses, hackers and their ability to disrupt your on-line applications and your relationships with your suppliers and customers. Let’s talk about demand elasticity – If you experience one of these stressors, you now need to look beyond just information and IT. It’s essential to plan for internal and external communications – with employees, suppliers and customers. The impacts of these stressors can be enormous. Let’s turn to the next slide.
  • The Enterprise Business Continuity framework provides the disciplines necessary to integrate Business and IT capability in a structured manner, leveraging critical management processes to deliver results across the business. Governance provides the definition, clarity, and authoritative function for managing business continuity across the enterprise. Enterprise Risk management utilizes consistent process and procedures for identifying / mitigating / controlling / and monitoring all forms of corporate risk. Value Assurance provides the processes for measuring results – and the impact – of the EBCP across the enterprise. Company Culture is used as the guide for ensuring that the vision and goals of the corporation are incorporated into the EBCP strategy. Business Integration establishes the consistent process for identifying and managing the critical business processes that require protection, and delivers consistent results across the enterprise to centralize focus for continuous operations. Technology decisions require the integration business requirements and enterprise risk profile consideration to effective protect the corporate IT infrastructure. Program Execution provides the consistency that is required across the enterprise to ensure that the goals and objectives of the program are being realized. Standardizing plans, consolidating methods, and leveraging intellectual capital reuse greatly impacts the delivery of continuity and recovery across the business.
  • T he evolution of business needs and service capabilities has extended the requirement of continuity and recovery to a proactive plan for business availability and protection at the industry level, whereby the risk of an interruption has a systemic effect both inside and outside the enterprise. Top arrow depicts the evolution of data processing – from traditional glass house to virtual network computing. Business drivers will continue to extend business processes and their associated technology requirements for always available, network-centric access for products and services to clients and stakeholders. Key line items to focus on Technology base – from host to virtual computing Shortening of recovery time from days to seconds – or less! Extension of risk based profiles – from physical to informational Reactive response for fixing to proactive planning for prevention DR / IT planning to Continuity based, Business Process Management Bottom arrow – Effective approach to managing business continuity with disaster recovery capability – evolved from disaster recovery planning to business process management Question – Has your BC/ DR program followed the progression of your data processing growth? NOTE POTENTIAL FOR OUT OF SYNC CONDITION.
  • I will go more in depth during the facility tour about the chosen toolsets and their efficient operation. But I wanted to point out one of the keys to providing our Managed Services to our customers – it is called Micromuse. Micromuse provides the necessary integration between seemingly disparate pieces. It integrates software that monitors and manages IT infrastructure as well as Network infrastructure. It allows us to automatically set alarms and alert individuals, even through pager, to respond to an event that may be or is important to our customer environment.
  • Transcript

    • 1. How New Data Center Technologies Impact Recoverability Presented by: Damian Walch, CISA, CISSP, CBCP
    • 2. Stressors that Test Your Vulnerability
      • Terrorism
      • Cyber Attacks
      • Biological Threats
      • Employee Sabotage
      • Industrial Espionage
      • Regulation
      • Deregulation
      • Incentives
      • Legal
      • Global Marketplace
      • Partners/Suppliers
      • Demand Elasticity
      • IT Infrastructure
      • Technology Adoption
      • Innovation and Trends
      • 24x7 Expectations
      • Denial of Service Attack
      • Virus
      • Natural Disasters
      • Workplace Issues
      • National Programs
      Environmental Social Political Economic Technological
    • 3. The Problem is Viewed “Narrowly” Business & IT Processes Technology Organization Facilities & Security Strategy Applications & Data
      • 9/11 Lessons
        • Business not linked to IT Strategy
        • Roles poorly defined… no ownership
        • Outdated, overly complicated processes
        • Processes didn’t cross LOBs
        • “ Shared Services” forgotten
        • Lack of standardization
        • No true redundancy
        • Supply Chain not covered
        • B/U components not maintained
        • Little geographic spread
    • 4. Enterprise Business Continuity Framework Corporate Culture Position the corporate mission and values within the continuity and recovery program to ensure that the EBCP can adapt to business change Technology Solutions Identify and implement technology solutions to support business integration and availability to protect against interruptions and/or outages Governance Provide clarity, definition, and guidance for the EBCP at the Enterprise level to ensure that the initiatives are carried out Enterprise Risk Management Identify, mitigate, and control threats to the business in order to protect the enterprise in a consistent manner Business Integration Integrate all lines of business into the EBCP to provide end-to-end availability and protection of business process across the organization Quantify, track, and communicate the continuity and recovery value to the organization and ensure the EBCP investment is managed Value Assurance Manage the execution of the EBCP to ensure that the program is executing as designed and is providing a consistent approach throughout the enterprise Program Execution
    • 5. Evolution of Service Delivery Time Productivity/Value Individual Data Centers e-Utility Consolidated Delivery Centers
      • Consolidation
      • Economies of Scale
      • Common Processes
      • H/W & S/W Standards
      • Virtual Consolidation
      • Further Economies
      • Dynamic Allocation
      • Collaboration/Alliances
      • Commoditization
      • Resource on demand
      • Standardize Measures/billing
      • Expand ASP Model
    • 6. Evolution of Business Resilience Centralized Computing Distributed Computing
      • '60's - Early 80's
        • Mainframe model: centralized control, standardization, batch reporting
        • Focus: data center, internal stresses, very localized disruptions
        • IT: reactive Business: none
        • Recovery Time in weeks
        • Mindset: insurance
      Disaster Recovery
      • Mid - Late 80's
        • Midrange & client-server model: departmental computing, creativity, independence
        • Focus: satellite hubs, internal stresses, very localized disruptions
        • IT: reactive/none Business: reactive
        • Recovery Time in days
        • Mindset: insurance
      Business Recovery
      • The '90's - 2000
        • Hybrid model: connectivity, data sharing cross-bu, re-standardization
        • Focus: enterprise I/S, internal/external stress, localized disruptions
        • IT: reactive Business: reactive
        • Recovery time in hours
        • Mindset: insurance
      Business Continuity
      • Year 2001 - today
        • Virtualized model: extended supply chain, mobility, direct customer access
        • Focus: extended global I/S, internal/external stress, broad disruptions
        • IT: proactive Business: proactive
        • Always up
        • Mindset: survival
      Business Resiliency Network Centric Computing On-Demand Computing
    • 7. Service Level Agreement Management
      • Element Monitoring
      • Event Detection
      • Event Correlation
      • Service Level Management
      Automated Call Dispatch: Apropros Trouble Ticketing Systems: Remedy ARS event root cause reports exceptions event mgmt apps, actions root cause Micromuse Netcool Quallaby Network Performance HP Internet, Firehunter Internet Services Fault/Performance OpenView NNM Network Fault CiscoWorks 2000 OpenView VPO Server Fault event event topology view Micromuse Slam Service Level Agreement Manager Storage Manager (SNMP) Robot Manager (SNMP) Fabric Manager (SNMP) OpenView VPO SPI Application Fault/ Performance event
    • 8. Emergency Messaging Services
      • EMRS performs multi channel device notification
      • Notification messages, directions, and critical information sent to cell phones (SMS), pagers, RIM, alternate email addresses, etc.
      • Employees access e-mail from any web browser
      • Home, temporary offices, Kinko’s
      • Transparent failover to rest of world
      • Use original e-mail addresses
      • 128-bit SSL encrypted
      • Users can be authenticated with SecureID or passwords
    • 9. onDemand or Utility Computing Services Mediation Transaction Management Corporate Finance ERP (e.g. SAP, PeopleSoft) Consolidation Engine 3rd Party Partner Switches Routers Probes Equipment Business Process Applications ERP CRM SFA E-mail Manual Process Automation Tools Reporting Invoicing IT Mediation SingleView Mediation Existing Solution 3rd Party Solutions IT Infrastructure
    • 10. Grid Computing
    • 11. Characteristics of a Resilience physical security -- possibly biometrics in place   E-mail recovery or replication solution is in place   SPAM engine storage mirroring established for the highest priority (tier 1) applications automated process for restoring OS footprint on recovery platforms   24x7 monitoring of IDS logs SLA management (SLAM) tool implemented change management process that considers disaster recovery (each checkpoint) knowledge of risks and regulations that are required of functions patch management team disaster recovery process integrated with problem management and help desk processes application design process that is integrated with the business continuity process clear incident response and crisis management procedures tested firewalls, virus protection and intrusion detection is implemented and kept up-to-date all applications are properly assigned a "recovery tier" monitor the backups of all applications and platforms across the enterprise knowledge of which business processes supported by which applications SECURITY AVAILABILITY IT RECOVERY BUSINESS CONTINUITY
    • 12. 8 Pragmatic Approaches to Resilience
      • Make executives aware of program (and risks)
      • Understand the most critical business processes
      • Create “commitments” (i.e. policies for corporations)
      • Implement call trees and exercises
      • Explain objectives for the year and measure results
      • Ensure backup and offsite storage - audit
      • Backup workstations and laptops
      • Conduct desktop exercises for operations staff
    • 13. Closing Comments
      • “ Resilience” should be our goal and will ultimately be achieved by most organizations, but it’s not here today
      • Resilience is the integration of DR, BC, physical security, information security and operational availability…aligned with business processes
      • Poor results in the BC industry are our fault for not simplifying messages, measuring results and providing a clear roadmap
      • Great strides can be achieved by focusing on 8 to 10 reasonable principles for increasing recovery and “resilience”
      • By integrating the disciplines and processes for DR, BC, physical security and information security you can reduce overall effort, increase results and in many cases address regulatory requirements