NETWORK+ GUIDE TO NETWORKS, FOURTH EDITION - CHAPTER 13 pptx

Network+ Guide to Networks, 4e 2Objectives • Identify the characteristics of a network that keeps data safe from loss or damage • Protect an enterprise-wide network from viruses • Explai

Trang 1

Network+ Guide to Networks,

Fourth Edition

Chapter 13 Ensuring Integrity and Availability

Trang 2

Network+ Guide to Networks, 4e 2

Objectives

• Identify the characteristics of a network that keeps data safe from loss or damage

• Protect an enterprise-wide network from viruses

• Explain network- and system-level fault-tolerance techniques

• Discuss issues related to network backup and

recovery strategies

• Describe the components of a useful disaster

recovery plan and the options for disaster

contingencies

Trang 3

What Are Integrity and Availability?

• Integrity: soundness of network’s programs, data, services, devices, and connections

• Availability: how consistently and reliably file or

system can be accessed by authorized personnel

– Need well-planned and well-configured network

– Data backups, redundant devices, protection from malicious intruders

• Phenomena compromising integrity and availability:

– Security breaches, natural disasters, malicious

Trang 4

(continued)

• General guidelines for protecting network:

– Allow only network administrators to create or modify NOS and application system files

– Monitor network for unauthorized access or changes – Record authorized system changes in a change

management system

– Install redundant components

– Perform regular health checks

Trang 5

– Keep backups, boot disks, and emergency repair

disks current and available

– Implement and enforce security and disaster

recovery policies

Trang 6

Viruses

• Program that replicates itself with intent to infect

more computers

– Through network connections or exchange of

external storage devices

– Typically copied to storage device without user’s

knowledge

• Trojan horse: program that disguises itself as

something useful but actually harms system

– Not considered a virus

Trang 7

Types of Viruses

• Boot sector viruses: located in boot sector of

computer’s hard disk

– When computer boots up, virus runs in place of

computer’s normal system files

– Removal first requires rebooting from uninfected,

write-protected disk with system files on it

• Macro viruses: take form of macro that may be

executed as user works with a program

– Quick to emerge and spread

Trang 8

Types of Viruses (continued)

• File-infected viruses: attach to executable files

– When infected executable file runs, virus copies itself

to memory

– Can have devastating consequences

– Symptoms may include damaged program files,

inexplicable file size increases, changed icons for

programs, strange messages, inability to run a

program

• Worms: programs that run independently and travel between computers and across networks

– Not technically viruses

– Can transport and hide viruses

Trang 9

Types of Viruses (continued)

• Trojan horse: program that claims to do something useful but instead harms system

• Network viruses: propagated via network protocols, commands, messaging programs, and data links

• Bots: program that runs automatically, without

requiring a person to start or stop it

– Many bots spread through Internet Relay Chat (IRC) – Used to damage/destroy data or system files, issue objectionable content, further propagate virus

Trang 10

Virus Characteristics

• Encryption: encrypted virus may thwart antivirus

program’s attempts to detect it

• Stealth: stealth viruses disguise themselves as

legitimate programs or replace part of legitimate

program’s code with destructive code

• Polymorphism: polymorphic viruses change

characteristics every time transferred

• Time-dependence: time-dependent viruses

programmed to activate on particular date

Trang 11

Virus Protection: Antivirus Software

• Antivirus software should at least:

– Detect viruses through signature scanning

– Detect viruses through integrity checking

– Detect viruses by monitoring unexpected file

changes or virus-like behaviors

– Receive regular updates and modifications from a centralized network console

– Consistently report only valid viruses

• Heuristic scanning techniques attempt to identify

Trang 12

Antivirus Policies

• Provide rules for using antivirus software and

policies for installing programs, sharing files, and using floppy disks

• Suggestions for antivirus policy guidelines:

– Every computer in organization equipped with virus detection and cleaning software

– Users should not be allowed to alter or disable

antivirus software

– Users should know what to do in case virus detected

Trang 13

Antivirus Policies (continued)

• Suggestions for antivirus policy guidelines

(continued):

– Antivirus team should be appointed to focus on

maintaining antivirus measures

– Users should be prohibited from installing any

unauthorized software on their systems

– Systemwide alerts should be issued to network

users notifying them of serious virus threats and

advising them how to prevent infection

Trang 14

Virus Hoaxes

• False alerts about dangerous, new virus that could cause serious damage to systems

– Generally an attempt to create panic

– Should not be passed on

– Can confirm hoaxes online

Trang 15

Fault Tolerance

• Capacity for system to continue performing despite unexpected hardware or software malfunction

• Failure: deviation from specified level of system

performance for given period of time

• Fault: involves malfunction of system component

– Can result in a failure

• Varying degrees

– At highest level, system remains unaffected by even most drastic problems

Trang 16

• Can purchase temperature and humidity monitors

– Trip alarms if specified limits exceeded

Trang 17

Power: Power Flaws

• Power flaws that can damage equipment:

– Surge: momentary increase in voltage due to

lightning strikes, solar flares, or electrical problems – Noise: fluctuation in voltage levels caused by other devices on network or electromagnetic interference – Brownout: momentary decrease in voltage; also

known as a sag

– Blackout: complete power loss

Trang 18

UPSs (Uninterruptible Power Supplies)

• Battery-operated power source directly attached to one or more devices and to power supply

– Prevents undesired features of outlet’s A/C power from harming device or interrupting services

– Standby UPS: provides continuous voltage to device

• Switch to battery when power loss detected

– Online UPS: uses power from wall outlet to

continuously charge battery, while providing power

to network device through battery

Trang 19

UPSs (continued)

• Factors to consider when deciding on a UPS:

– Amount of power needed

• Power measured in volt-amps

– Period of time to keep a device running

– Line conditioning

– Cost

Trang 20

Generators

Figure 13-2: UPSs and a generator in a network design

Trang 21

Topology and Connectivity

• Key to fault tolerance in network design is

supplying multiple possible data paths

– If one connection fails, data can be rerouted

– On LANs, star topology and parallel backbone

provide greatest fault tolerance

– On WANs, full mesh topology offers best fault

tolerance

– SONET networks highly fault-tolerant

• Redundancy in network offers advantage of

reducing risk of lost functionality and profits from

Trang 22

Topology and Connectivity (continued)

Figure 13-3: VPNs linking multiple customers

Trang 23

• Automatic fail-over: use redundant components

able to immediately assume duties of an identical component in event of failure or fault

• Can provide some level of fault tolerance by using hot swappable parts

• Leasing redundant T1s allows for load balancing

– Automatic distribution of traffic over multiple links or processors to optimize response

Trang 24

Figure 13-5: Fully redundant T1 connectivity

Trang 25

• Make servers more fault-tolerant by supplying them with redundant components

– NICs, processors, and hard disks

– If one item fails, entire system won’t fail

– Enable load balancing

Trang 26

Server Mirroring

• Mirroring: one device or component duplicates

activities of another

• Server Mirroring: one server duplicates

transactions and data storage of another

– Must be identical machines using identical

components

– Requires high-speed link between servers

– Requires synchronization software

– Form of replication

• Servers can stand side by side or be positioned in different locations

Trang 27

• Link multiple servers together to act as single

server

– Share processing duties

– Appear as single server to users

– If one server fails, others automatically take over

data transaction and storage responsibilities

– More cost-effective than mirroring

– To detect failures, clustered servers regularly poll

each other

Trang 28

Storage: RAID (Redundant Array of Independent (or Inexpensive) Disks)

• Collection of disks that provide fault tolerance for shared data and applications

– Disk array

– Collection of disks that work together in RAID

configuration, often referred to as RAID drive

• Appear as single logical drive to system

• Hardware RAID: set of disks and separate disk

controller

– Managed exclusively by RAID disk controller

• Software RAID: relies on software to implement

and control RAID techniques

Trang 29

RAID Level 0―Disk Striping

• Simple implementation of RAID

– Not fault-tolerant

– Improves performance

Trang 30

RAID Level 1—Disk Mirroring

• Data from one disk copied to another disk

automatically as information written

– Dynamic backup

– If one drive fails, disk array controller automatically switches to disk that was mirroring it

– Requires two identical disks

– Usually relies on system software to perform

mirroring

• Disk duplexing: similar to disk mirroring, but

separate disk controller used for each disk

Trang 31

RAID Level 1—Disk Mirroring

(continued)

Trang 32

RAID Level 3—Disk Striping with

• Even parity or odd parity

• Tracks integrity of data on disk

• Parity bit assigned to each data byte when written to disk

• When data read, data’s bits plus parity bit summed (parity should match)

Trang 33

Parity ECC (continued)

Figure 13-8: RAID Level 3—disk striping with parity ECC

Trang 34

Distributed Parity

• Data written in small blocks across several disks

– Parity error checking information distributed among disks

– Highly fault-tolerant

– Very popular

– Failed disk can be replaced with little interruption

• Hot spare: disk or partition that is part of array, but used only in case a RAID disks fails

• Cold spare: duplicate component that can be

installed in case of failure

Trang 35

Distributed Parity (continued)

Trang 36

NAS (Network Attached Storage)

• Specialized storage device that provides

centralized fault-tolerant data storage

– Maintains own interface to LAN

– Contains own file system optimized for saving and serving files

– Easily expanded without interrupting service

– Cannot communicate directly with network clients

Trang 37

NAS (continued)

Trang 38

SANs (Storage Area Networks)

Figure 13-11: A storage area network

Trang 39

losing everything unless you make backups on

separate media and store them off-site

• Many options exist for making backups

Trang 40

Backup Media and Methods

• To select appropriate solution, consider following questions:

– Sufficient storage capacity?

– Reliability?

– Data error checking techniques?

– System efficient enough to complete backup process before daily operations resume?

– Cost and capacity?

– Compatibility?

– Frequent manual intervention?

– Scalability?

Trang 41

Optical Media

• Capable of storing digitized data

– Uses laser to write and read data

– CD-ROMs and DVDs

• Requires proper disk drive to write data

• Writing data usually takes longer than saving data

to another type of media

Trang 42

Tape Backups

• Relatively simple, capable of storing large amounts

of data, at least partially automated

• On relatively small networks, standalone tape

drives may be attached to each server

• On large networks, one large, centralized tape

backup device may manage all subsystems’

backups

– Usually connected to computer other than file server

Trang 43

External Disk Drives

• Storage devices that can be attached temporarily

to a computer via USB, PCMCIA, FireWire, or

Compact-Flash port

– Removable disk drives

• For backing up large amounts of data, likely to use external disk drive with backup control features,

high capacity, and fast read-write access

• Faster data transfer rates than optical media or

tape backups

Trang 44

Network Backups

• Save data to another place on network

– Must back up data to different disk than where it was originally stored

• Most NOSs provide utilities for automating and

managing network backups

• Online backup: saves data across Internet to

another company’s storage array

– Strict security measures to protect data in transit

– Backup and restoration processes automated

Trang 45

Backup Strategy

• Strategy should address following questions:

– What data must be backed up?

– Rotation schedule?

– Time backups occur?

– Method of accuracy verification?

– Where and how long will backup media be stored? – Who will take responsibility?

– How long will backups be saved?

– Where will documentation be stored?

Trang 46

Backup Strategy (continued)

• Archive bit: file attribute that can be checked or

unchecked

– Indicates whether file must be archived

• Backup methods use archive bit in different ways

– Full backup: all data copied to storage media,

regardless of whether data is new or changed

• Archive bits set to “off” for all files – Incremental backup: copies only data that has

changed since last full or incremental backup

• Unchecks archive bit for every file saved

– Differential backup: does not uncheck archive bits for

files backed up

Trang 47

• Determine best possible backup rotation scheme

– Provide excellent data reliability without overtaxing network or requiring a lot of intervention

– Several standard backup rotation schemes

• Grandfather-father-son: Uses DAILY (son), weekly (father), and monthly (grandfather) backup sets

• Make sure backup activity recorded in backup log

• Establish regular schedule of verification

Trang 48

Figure 13-13: The “grandfather-father-son” backup rotation

scheme

Trang 49

Disaster Recovery:

Disaster Recovery Planning

• Disaster recovery: process of restoring critical

functionality and data after enterprise-wide outage

• Disaster recovery plan accounts for worst-case

agreements with national service carriers

– Strategies for testing disaster recovery plan

Trang 50

Disaster Recovery Contingencies

• Several options for recovering from disaster

– Cold site: place where computers, devices, and

connectivity necessary to rebuild network exist

• Not configured, updated, or connected

– Warm site: same as cold site, but some computers and devices appropriately configured, updated, or connected

– Hot site: computers, devices, and connectivity

necessary to rebuild network are appropriately

configured, updated, and connected to match

network’s current state

Tiêu đề	Ensuring Integrity and Availability
Trường học	Unknown University
Thể loại	lecture notes
Năm xuất bản	2023

Định dạng
Số trang	54
Dung lượng	371 KB