Lippis Report Issue 74: Business Continuity and Disaster Recovery Strategies
Two events which have had the largest impact on business this century are the September 11, 2001 terrorist attacks and corporate scandals/bankruptcies of Enron, WorldCom, Global Crossing, Adelphia, et al. These two events ushered in sweeping changes in disaster preparedness and corporate governance. Often preparedness plus regulatory/legislative/presidential orders are linked and managed under an umbrella term of ?¬¢‚Äö√á¬®?√¨compliance" and ?¬¢‚Äö√á¬®?√¨business continuity". Most if not all public concerns have a compliance officer who is tasked with planning, budgeting and implementing business continuity. Depending on the size of the firm, a compliance budget can be huge, measured in the tens of millions of dollars or more. In the networking industry business continuity is being addressed as network architecture attributes.
One of the first projects I did as a young engineer at Digital Equipment Corporation in the mid 1980s was to design and implement a 400-mile private fiber optic network. This was unheard of at the time; a company building its own fiber optic network. But the ROI was strong with savings of 10s of millions of dollars and unlimited bandwidth available between 90 buildings. After the project was completed my manager´s boss was concerned about an outage or disaster hitting, which would wipe out communications for an unknown about of time. I was tasked with a vulnerability identification and disaster plan. I analyzed all the fiber routes and identified single points of failure. The topology was a distributed star with approximately 30 buildings being homed to three major sites. To avoid loosing communications to one of these major sites I proposed a back up microwave system, redundant fiber and equipment, special contract clauses and cost with contractors to increase fiber restoration priority for Digital, and changing the physical topology from star to ring to assure two paths to every building. In the end, the topology was changed to a ring, a new contractor contract was signed and spare equipment and fiber was housed on Digital property. The business continuity plan cost the project a few million dollars but was justified on the cost of lost business and productivity to Digital.
Today network architects can leverage key attributes associated with their corporate networks to deliver business continuity without incurring huge cost as I had to back in the 1980s. I identify a few of these network attributes here.
Mobility is being added to corporate networks. Smartphones and PDAs offer access to e-mail and voice communications independent of a physical building. As explored in Lippis Report Issue 72, the mobile industry is quickly moving to connect mobile end-points to enterprise IT services such as IP telephony features and functions, calendar synchronization, presence, data bases, etc. The barriers for mobile devices to access enterprise data will be eliminated. In addition to smartphones and PDAs, WLANs offer mobility to laptop and desktop users. Most important is the fact that network administrators can deploy a WLAN solution quickly, offering network access to knowledge workers in short order, assuming that internet access is available. In short, the combination of mobile service providers and WLANs offer network architects redundant network access to corporate infrastructure. In addition WLANs can be constructed quickly for operations located in an alternative facility.
One of the key network attributes of IP telephony is that it´s based on IP. That is, end-point addresses are assigned by a DHCP server eliminating the time and cost associated with moves, adds and changes. So, IP telephony users can plug their soft or hard IP phone into a network jack and be presented with connectivity, which includes their preferences and settings. No operator needs to be available. This was a key network attribute for many in the financial services industry in NY during the September 11, 2001 terrorist attack. These firms were able to bring their network and communications operations back on-line one day after the attacks thanks to IP telephony´s mobility features.
Network Access Control
Stratifying, segmenting and controlling user access to conform to regulatory compliance requirements is a business continuity requirement. Controlling guest, contractor and user access to network segments, applications, data, work product and services with visibility into a user´s behavior and use of IT resources provides a level of flexibility network and IT departments have not had in LAN systems. Network Access Control or NAC solutions are helping compliance managers meet regulatory requirements. To comply with various regulations, organizations need a means to segment users so that only authorized users can access sensitive data and demonstrate compliance to auditors. For example, some organizations need to restrict access to credit card data to comply with the Payment Card Industry (PCI) data security standard. Hospitals and medical facilities must protect patient records to comply with the Health Insurance Portability and Accountability Act (HIPAA).
Enterprises need the ability to restrict access to critical information based on a user´s role. In addition, to prove they have effective controls in place, organizations need a means to audit data and application usage and to document that access is indeed restricted. A NAC solution will protect sensitive data, limit the scope of an audit to a subset of user and server systems subject to the regulation and provide reports and views, which are friendly to auditors.
NACs are being funded with compliance budgets if they provide the following key services: policy-based access controls which track all user activity and traffic flows on the network; application access control at layer 7 limits whose applications a user can run on the network; documented polices that allow IT to document what control policies are in place and to whom they apply. This is a key auditing tool for demonstrating that users excluded by a policy cannot reach sensitive data. Further controls include activity reports for both users and application/services; user reports including every application, server, and resource a user touched in a given timeframe; application/service reports providing details about all users who ran a particular application or accessed a particular resource during a given period.
Network management systems have taken on a new role beyond element management to compliance management. Compliance auditors have influence and when they tell a Board of Directors (BoD) to audit the network for compliance, the network needs to be audited. Network management systems are enforcing regulatory requirements and demonstrating compliance. For example, when configuring network change orders on a router, the approval process needs to be documented. If a router configuration change is made a corporation needs to show who did it and when.
CIOs are getting pressure from their BoD to audit their networks. If a node in the network goes down, is the network still in compliance? Does a configuration change bring the network out of compliance? Whom do you trust to do the configuration changes knowing that they have to be documented and journaled? If you have an encrypted link and a node goes down are you still encrypted?
A centralized change entitlement system can control configuration changes and provide tools to produce reports and compliance validation. New rules such as HIPAA, encryption, safety of information, encrypted medical data at point of access, etc., are required by most today. These regulatory requirements can be configured and its changes tracked at the physical layer of the network and network management can now support regulation auditors with reports in a form they understand. Some network management systems such as Cisco Works include templates for customers to configure compliance tracking for requirement such as HIPAA, PCI, etc.
Some of my high-end clients are able to cost justify gigabit links across the country and into Europe. Gigabit Ethernet over the wide area fundamentally changes corporate asset placement decisions as LAN-like performance is now available over the WAN. This means that shadow data centers can be placed on different continents. Business continuity can be assured for data centers and major IT resources as single geographic points of failure/disaster can be eliminated. Also placement of employees can be reviewed and analyzed too; as application performance becomes independent of geography, so too can employees.
Other important network architecture attributes are broadband access to home and remote offices, IP addressing and the role of highly available DHCP servers and Communications-Enabled Business Process. We´ll get to these topics in future Lippis Reports.