Chapter13  -- ensuring integrity and availability
Upcoming SlideShare
Loading in...5
×
 

Chapter13 -- ensuring integrity and availability

on

  • 970 views

Basic Networking Guide

Basic Networking Guide

Statistics

Views

Total Views
970
Views on SlideShare
970
Embed Views
0

Actions

Likes
1
Downloads
19
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Chapter13  -- ensuring integrity and availability Chapter13 -- ensuring integrity and availability Presentation Transcript

  • Chapter 13: Ensuring Integrity and Availability Network+ Guide to Networks
  • Objectives:
    • Identify the characteristics of a network that keep data safe from loss or damage
    • Protect an enterprise-wide network from viruses
  • Objectives: (continued)
    • Explain network- and system-level fault-tolerance techniques
    • Discuss issues related to network backup and recovery strategies
    • Describe the components of a useful disaster recovery plan
  • What are Integrity and Availability?
    • Integrity refers to the soundness of a network’s programs, data, services, devices, and connections.
    • Availability of a file or system refers to how consistently and reliably it can be accessed by authorized personnel
  • What are Integrity and Availability? (continued)
    • General guidelines for protecting your network
      • Allow only network administrators to create or modify NOS and application system files
  • What are Integrity and Availability? (continued)
      • Monitor the network for unauthorized access or changes
      • Record authorized system changes in a change management system
      • Install redundant components
  • What are Integrity and Availability? (continued)
    • General guidelines for protecting your network (continued)
      • Perform regular health checks on the network
      • Check system performance, error logs, and the system log book regularly
  • What are Integrity and Availability? (continued)
      • Keep backups, boot disks, and emergency repair disks current and available
      • Implement and enforce security and disaster recovery policies
  • Viruses
    • A virus is a program that replicates itself with the intent to infect more computers
    • Other unwanted and potentially destructive programs are called viruses, but technically do not meet the criteria used to define a virus
      • Program that disguises itself as something useful but actually harms your system is called a Trojan horse
  • Viruses (continued)
    • Types of Viruses
      • Boot sector viruses, Macro viruses, File-infected viruses, Worms, Trojan horse, Network viruses, Bots
    • Virus Characteristics
      • Encryption, Stealth, Polymorphism, Time-dependence
  • Viruses (continued)
    • Virus Protection
      • Antivirus Software
        • Suspecting a virus
          • Unexplained increases in file sizes
          • Significant, unexplained decline in system performance
          • Unusual error messages
          • Significant, unexpected loss of system memory
          • Fluctuations in display quality
  • Viruses (continued)
    • Virus Protection
      • Antivirus Software
        • Antivirus software should perform
          • Signature scanning
          • Integrity checking
          • Monitoring of unexpected file changes
  • Viruses (continued)
    • Virus Protection
      • Antivirus Software
        • Antivirus software should perform (continued)
          • Regular updates and modifications
          • Consistently report only valid viruses
            • Heuristic scanning -- most fallible
  • Viruses (continued)
    • Virus Protection
      • Antivirus Policies
        • Virus detection and cleaning software that regularly scans for viruses
        • Users not allowed to alter or disable
        • Users know what to do
        • Antivirus team appointed maintaining antivirus measures
  • Viruses (continued)
    • Virus Protection
      • Antivirus Policies (continued)
        • Users prohibited from installing any unauthorized software
        • System-wide alerts issued
    • Virus Hoaxes
      • Type of rumor consists of a false alert about a dangerous, new virus
      • Verify a possible hoax
  • Fault Tolerance
    • The capacity for a system to continue performing despite an unexpected hardware or software malfunction
      • Failure is a deviation from a specified level of system performance for a given period of time
      • Fault involves the malfunction of one component of a system
  • Fault Tolerance (continued)
    • Environment
      • Analyze the physical environment in which your devices operate
    • Power
      • Power Flaws
        • Surge—A momentary increase in voltage
        • Noise—A fluctuation in voltage levels
        • Brownout—A momentary decrease in voltage
        • Blackout—A complete power loss
  • Fault Tolerance (continued)
    • Power (continued)
      • Uninterruptible Power Supplies (UPSs)
        • Prevents A/C power from harming device or interrupting its services
          • Standby UPS provides continuous voltage to a device by switching
          • Online UPS providing power to a network device through its battery
  • Fault Tolerance (continued)
  • Fault Tolerance (continued)
    • Which UPS is right for your network
      • Amount of power needed
      • Period of time to keep a device running
      • Line conditioning
      • Cost
    • Generators
      • If your organization cannot withstand a power loss you might consider investing in an electrical generator for your building
  • Fault Tolerance (continued)
    • Topology and Connectivity
      • Each physical topology inherently assumes certain advantages and disadvantages
      • Supplying multiple paths data can use to travel from any one point to another
  • Fault Tolerance (continued)
  • Fault Tolerance (continued)
  • Fault Tolerance (continued)
  • Fault Tolerance (continued)
  • Fault Tolerance (continued)
    • Servers
      • Server Mirroring
        • Mirroring is a fault-tolerance technique in which one device or component duplicates the activities of another
        • In server mirroring, one server continually duplicates the transactions and data storage of another
  • Fault Tolerance (continued)
  • Fault Tolerance (continued)
    • Servers
      • Clustering
        • Fault-tolerance technique that links multiple servers together to act as a single server
  • Fault Tolerance (continued)
    • Storage
      • Redundant Array of Independent (or Inexpensive) Disks (RAID)
        • Collection of disks that provide fault tolerance for shared data and applications
        • Hardware RAID
          • Set of disks and a separate disk controller
        • Software RAID
          • Software to implement and control RAID
  • Fault Tolerance (continued)
    • Storage
      • RAID (continued)
        • RAID Level 0—Disk Striping RAID Level 0
          • data is written in 64 KB blocks equally across all disks in the array
  • Fault Tolerance (continued)
  • Fault Tolerance (continued)
    • Storage
      • RAID (continued)
        • RAID Level 1—Disk Mirroring RAID Level 1
          • provides redundancy through a process called disk mirroring
  • Fault Tolerance (continued)
  • Fault Tolerance (continued)
    • Storage
      • RAID (continued)
        • RAID Level 3—Disk Striping with Parity ECC RAID Level 3
          • Involves disk striping with a special error correction code (ECC)
  • Fault Tolerance (continued)
  • Fault Tolerance (continued)
  • Fault Tolerance (continued)
    • Storage
      • RAID (continued)
        • RAID Level 5—Disk Striping with Distributed Parity
          • Highly fault-tolerant
          • Data is written in small blocks across several disks
          • Parity error checking information is distributed among the disks
  • Fault Tolerance (continued)
  • Fault Tolerance (continued)
    • Storage
      • Network Attached Storage
        • specialized storage device or group of storage devices that provides centralized fault-tolerant data storage for a network
  • Fault Tolerance (continued)
  • Fault Tolerance (continued)
    • Storage
      • Storage Area Networks (SANs)
        • Distinct networks of storage devices that communicate directly with each other and with other networks
  • Fault Tolerance (continued)
  • Data Backup
    • A backup is a copy of data or program files created for archiving or safekeeping
    • Tape Backups
      • Copying data to a magnetic tape
  • Data Backup (continued)
  • Data Backup (continued)
      • Tape Backups (continued)
        • Select the appropriate tape backup solution
          • Sufficient storage capacity
          • Proven to be reliable
          • Data error-checking techniques
          • Is the system quick enough
  • Data Backup (continued)
      • Tape Backups (continued)
        • Select the appropriate tape backup solution
          • Tape drive, software, and media cost
          • Hardware and software be compatible with existing network
          • Frequent manual intervention
          • Accommodate your network’s growth
  • Data Backup (continued)
    • Online Backups
      • Companies on the Internet now offer to back up data over the Internet
  • Data Backup (continued)
    • Backup Strategy
      • What data must be backed up
      • What kind of rotation schedule
      • When will the backups occur
      • How will you verify
  • Data Backup (continued)
    • Backup Strategy (continued)
      • Where will backup media be stored
      • Who will take responsibility
      • How long will you save backups
      • Where will backup and recovery documentation be stored
  • Data Backup (continued)
    • Backup Strategy (continued)
      • Different backup methods
        • Full backup
        • Incremental backup
        • Differential backup
  • Data Backup (continued)
  • Disaster Recovery
    • A disaster recovery plan should identify a disaster recovery team
      • Contact for emergency coordinators
      • Which data and servers are being backed up
      • Network topology, redundancy, and agreements
      • Regular strategies for testing
      • A plan for managing the crisis
  • Chapter Summary
    • Integrity refers to the soundness of your network’s files, systems, and connections
    • Several basic measures can be employed to protect data and systems
    • A virus is a program that replicates itself
    • Boot sector viruses position their code in the boot sector
    • Macro viruses take the form of a macro
  • Chapter Summary (continued)
    • File-infected viruses attach themselves to executable files
    • Network viruses take advantage of network protocols
    • A virus bot is a virus that spreads automatically between systems
    • Worms are not technically viruses
    • A Trojan horse claims to do something useful but instead harms
  • Chapter Summary (continued)
    • Any type of virus may have additional characteristics that make it harder to detect and eliminate
    • A good antivirus program should be able to detect viruses through signature scanning, integrity checking, and heuristic scanning
    • Antivirus software is merely one piece of the puzzle in protecting your network
  • Chapter Summary (continued)
    • A virus hoax is a false alert about a dangerous, new virus
    • A failure is a deviation from a specified level of system performance for a given period of time
  • Chapter Summary (continued)
    • A fault is the malfunction of one component of a system
    • Fault tolerance is a system’s capacity to continue performing despite an unexpected hardware or software malfunction
  • Chapter Summary (continued)
    • Networks cannot tolerate power loss or less than optimal power
    • A UPS is a battery power source directly attached to one or more devices and to a power supply
    • A standby UPS provides continuous voltage to a device by switching
  • Chapter Summary (continued)
    • An online UPS uses the A/C power from the wall outlet to continuously charge its battery
    • For utmost fault tolerance in power supply, a generator is necessary
  • Chapter Summary (continued)
    • Network topologies such as a full mesh WAN or a star-based LAN with a parallel backbone offer the greatest fault tolerance
    • Hot swappable components can be changed (or swapped) while a machine is still running (hot)
    • Critical servers often contain redundant components
  • Chapter Summary (continued)
    • Utilizing a second, identical server to duplicate the transactions and data storage of one server is called server mirroring
    • Server clustering links multiple servers together to act as a single server
  • Chapter Summary (continued)
    • An important storage redundancy feature is a Redundant Array of Independent (or Inexpensive) Disks (RAID)
    • Network attached storage (NAS) is a dedicated storage device
    • A storage area network (SAN) is a distinct network of multiple storage devices and servers
  • Chapter Summary (continued)
    • A backup is a copy of data or program files created for archiving or safekeeping
    • A popular, economical method for backing up networked systems is tape backup
    • You can also back up data over the Internet
  • Chapter Summary (continued)
    • The aim of a good backup rotation scheme is to provide excellent data reliability
    • Every organization should have a disaster recovery team