Transcript Network Security

Lawnet 2003
Networking & Education
Applications Track
August 21, 2003 10:00am
Business Resumption From An Application Perspective
Presented By:
Steven J. Skidmore
IT Director
Martin Clearwater & Bell LLP
Thomas Huson
Director, Professional Services
Advanced Legal Systems, Inc.
Session Overview


The session is based on a worst case scenario Total
devastation to computer room facilities
Core components of session
– Decision Process
– Build
– Rebuild
Disaster Recovery

Disaster Recovery – The process of
recovering from an event that has
negatively affected the operation of an
organization
– Disaster has occurred
– Management declares disaster
– Activate disaster recovery plan
Key Players

The Firm
– Litigation Firm




Main Office Located Midtown Manhattan
Two Satellite Offices
Medical Malpractice Defense
80 Attorneys
– IT Department


IT Director
2 Support Staff Employees
– Consulting Team

Sr. Engineer
Case Study Objective

To find and implement a disaster recovery
solution that will restore the Firm’s critical
business applications within 72 hours.
The Decision Process

Assessing Our Risk
– Changed Attitudes –Everything has changed
since 9/11.
– Could not afford not to
 Interruption to business can be costly
– Responsibility to clients
– Our location puts us at a high risk
 United Nations, Israeli Consulate, Grand
Central Station
– Anticipate the worst case scenario
The Decision Process

Factors determining a DR solution
– Cost Factor
 Had
a fixed budget to deal with
– Comdisco Recovery Center
– Work with Consulting team and keep project
in house.
 Utilize satellite office
The Decision Process


Time Factor
– Identify critical business processes
– How fast did we need to be operational
Connection Factor
– Who was going to access the recovery
system?

Identify Tier levels
– Where are they going to access from?


Onsite
Offsite
– How were they access the system?

Citrix
The Decision Process

Application Factor
– Essential Applications (0-72hrs) = Disruption in service
exceeding 72 hours would jeopardize the
operation of the Firm


Elite
– Time / Billing
– Case Management / Calendar Docket System
MSExhange
– Email
– Calendar
– Contacts

iManage / WordPerfect
– Document Management
– Word Processing
The Decision Process

Recommended Applications (72hrs – 1wk) = Disruption in
service exceeding 1 week would jeopardize the operation of
the Firm
–
–
–
–
–
Microsoft Office Suite
Summation
Record Access
CD-Rom Applications
Internet Access
The Decision Process

Non-Essential Applications ( > 1 week)
– Nice to have – but would not jeopardize the
operation of the Firm if they were missing
Decision Process Result

Warm Site
– Long Island Satellite Office
– T1 Connection
– Off Site Backup Tape Storage Facility
– Employees who live 15mins away
Designing a Recovery Environment
Challenges:
Application Functionality in the Live Environment
Spans 9 servers in 2 Domains
 Compress basic functionality into other hardware
at minimal cost
 The Mission Critical apps the Firm Identified not
conducive to simple tape restore. Specifically:
– Exchange
– SQL
– Elite’s Informix

Building a Recovery Warm Site
Solution





Communication Redundancy
Data Replication Scheme
Active Directory Configuration
Solid Hardware at Recovery Site
New Software Installations
Building a Recovery Warm Site
Solution
Communication configuration
– T-1 frame between sites
– T-1 at recovery site
– Redundant link
– Recovery site has own scope of valid ip’s
Hardware configuration
– Single high performance server to house
Majority of apps
– Additional “light-weight” box for 2nd domain

Building a Recovery Warm Site
Solution:

Software Configuration
– New install of mission critical software from
factory media







Server/Active Directory (Into existing forest)
Citrix
MS Exchange
SQL/iManage
RSASecureID
Elite
Arcserve
–Installed, Tested – Services disabled
Building a Recovery Warm Site
Solution:

Replication
– Arcserve copy utility




Runs every 4 hours
Copies over all files with archive bit flagged
Resets flag
Active Directory Configuration
– Disaster Recovery OU
– Security Group “Recovery”

For Different application pointers, drive mappings etc.
Rebuilding the Enterprise


Assumptions
– Catastrophic Event
– May not Have Access to the Most Recent
Backup Set
– Localized Event
– We Utilize a Full Backup Strategy
Rebuild Process
– Shares
– SQL
– Elite Informix
– MS Exchange
Rebuilding the Enterprise
Obtain Most Current Backup Set
– May be 48 Hrs old
 Begin Restore Process to Bring Recovery Environment
Online
– Restore Shares

Merge Tape
 “Replace newer files only”
 (Should not actually lay down any data)
 Apps
 Data
 Docs
 Home
 Share
StartMenus

Rebuilding the Enterprise

Restore SQL Database for iManage
– Merge SQL Backup tape
– Restore to . . .\SQLBACKUP directory
– Note Backup (BAK) file
– Note Transaction log files Newer than backup file
– Restore Database in SQL Enterprise Manager



“Restore database by device”
Select “Force restore over existing database
Select “Leave Database nonoperational but able to restore logs”
– Apply Transaction Log Files in SQL Enterprise Manager






Must be done individually if more than one
Select “Force restore over existing database”
When all Log Files Applied Set Database to Online Mode
Modify directory pointers in Database (File server/Index server)
Change application pointers in iManage
Start iManage Services
Rebuilding the Enterprise
Rebuilding the Enterprise
Rebuilding the Enterprise

Informix database for Elite
– Restore from tape via command line in
KORN Shell
– Does Not Involve ARCServe





Onstat – L
Onstat - K
Ontape – R
Onmode – M
Onstat – L (To Verify Online Status)
Rebuilding the Enterprise

Microsoft Exchange
– Merge Tape
– Start Exchange Services
– Modify User Accounts via ADSI
Launch ADSI Edit Application and CLEAR for
Each User:

–
–
–
–
homeMDB
homeMTA
mailNickname
All other msExch properties
Rebuilding the Enterprise
Rebuilding the Enterprise
Rebuilding the Enterprise

Microsoft Exchange (Cont. . .)
– Create New Mailbox in AD Users and
computers
– Send test mail to activate mailbox
– Brick level restore to new mailboxes
– Move user account into disaster recovery OU
– Add account to “recovery” group
Conclusion

Disaster Recovery Solution
– DR solution needs to be tailored to the
Firm’s size, resources and geographic
location
– Anticipate worst case scenario
– Buy as much as you can
– Documentation is key
– Stay honest
– Update