Network Security
Download
Report
Transcript Network Security
Lawnet 2003
Networking & Education
Applications Track
August 21, 2003 10:00am
Business Resumption From An Application Perspective
Presented By:
Steven J. Skidmore
IT Director
Martin Clearwater & Bell LLP
Thomas Huson
Director, Professional Services
Advanced Legal Systems, Inc.
Session Overview
The session is based on a worst case scenario Total
devastation to computer room facilities
Core components of session
– Decision Process
– Build
– Rebuild
Disaster Recovery
Disaster Recovery – The process of
recovering from an event that has
negatively affected the operation of an
organization
– Disaster has occurred
– Management declares disaster
– Activate disaster recovery plan
Key Players
The Firm
– Litigation Firm
Main Office Located Midtown Manhattan
Two Satellite Offices
Medical Malpractice Defense
80 Attorneys
– IT Department
IT Director
2 Support Staff Employees
– Consulting Team
Sr. Engineer
Case Study Objective
To find and implement a disaster recovery
solution that will restore the Firm’s critical
business applications within 72 hours.
The Decision Process
Assessing Our Risk
– Changed Attitudes –Everything has changed
since 9/11.
– Could not afford not to
Interruption to business can be costly
– Responsibility to clients
– Our location puts us at a high risk
United Nations, Israeli Consulate, Grand
Central Station
– Anticipate the worst case scenario
The Decision Process
Factors determining a DR solution
– Cost Factor
Had
a fixed budget to deal with
– Comdisco Recovery Center
– Work with Consulting team and keep project
in house.
Utilize satellite office
The Decision Process
Time Factor
– Identify critical business processes
– How fast did we need to be operational
Connection Factor
– Who was going to access the recovery
system?
Identify Tier levels
– Where are they going to access from?
Onsite
Offsite
– How were they access the system?
Citrix
The Decision Process
Application Factor
– Essential Applications (0-72hrs) = Disruption in service
exceeding 72 hours would jeopardize the
operation of the Firm
Elite
– Time / Billing
– Case Management / Calendar Docket System
MSExhange
– Email
– Calendar
– Contacts
iManage / WordPerfect
– Document Management
– Word Processing
The Decision Process
Recommended Applications (72hrs – 1wk) = Disruption in
service exceeding 1 week would jeopardize the operation of
the Firm
–
–
–
–
–
Microsoft Office Suite
Summation
Record Access
CD-Rom Applications
Internet Access
The Decision Process
Non-Essential Applications ( > 1 week)
– Nice to have – but would not jeopardize the
operation of the Firm if they were missing
Decision Process Result
Warm Site
– Long Island Satellite Office
– T1 Connection
– Off Site Backup Tape Storage Facility
– Employees who live 15mins away
Designing a Recovery Environment
Challenges:
Application Functionality in the Live Environment
Spans 9 servers in 2 Domains
Compress basic functionality into other hardware
at minimal cost
The Mission Critical apps the Firm Identified not
conducive to simple tape restore. Specifically:
– Exchange
– SQL
– Elite’s Informix
Building a Recovery Warm Site
Solution
Communication Redundancy
Data Replication Scheme
Active Directory Configuration
Solid Hardware at Recovery Site
New Software Installations
Building a Recovery Warm Site
Solution
Communication configuration
– T-1 frame between sites
– T-1 at recovery site
– Redundant link
– Recovery site has own scope of valid ip’s
Hardware configuration
– Single high performance server to house
Majority of apps
– Additional “light-weight” box for 2nd domain
Building a Recovery Warm Site
Solution:
Software Configuration
– New install of mission critical software from
factory media
Server/Active Directory (Into existing forest)
Citrix
MS Exchange
SQL/iManage
RSASecureID
Elite
Arcserve
–Installed, Tested – Services disabled
Building a Recovery Warm Site
Solution:
Replication
– Arcserve copy utility
Runs every 4 hours
Copies over all files with archive bit flagged
Resets flag
Active Directory Configuration
– Disaster Recovery OU
– Security Group “Recovery”
For Different application pointers, drive mappings etc.
Rebuilding the Enterprise
Assumptions
– Catastrophic Event
– May not Have Access to the Most Recent
Backup Set
– Localized Event
– We Utilize a Full Backup Strategy
Rebuild Process
– Shares
– SQL
– Elite Informix
– MS Exchange
Rebuilding the Enterprise
Obtain Most Current Backup Set
– May be 48 Hrs old
Begin Restore Process to Bring Recovery Environment
Online
– Restore Shares
Merge Tape
“Replace newer files only”
(Should not actually lay down any data)
Apps
Data
Docs
Home
Share
StartMenus
Rebuilding the Enterprise
Restore SQL Database for iManage
– Merge SQL Backup tape
– Restore to . . .\SQLBACKUP directory
– Note Backup (BAK) file
– Note Transaction log files Newer than backup file
– Restore Database in SQL Enterprise Manager
“Restore database by device”
Select “Force restore over existing database
Select “Leave Database nonoperational but able to restore logs”
– Apply Transaction Log Files in SQL Enterprise Manager
Must be done individually if more than one
Select “Force restore over existing database”
When all Log Files Applied Set Database to Online Mode
Modify directory pointers in Database (File server/Index server)
Change application pointers in iManage
Start iManage Services
Rebuilding the Enterprise
Rebuilding the Enterprise
Rebuilding the Enterprise
Informix database for Elite
– Restore from tape via command line in
KORN Shell
– Does Not Involve ARCServe
Onstat – L
Onstat - K
Ontape – R
Onmode – M
Onstat – L (To Verify Online Status)
Rebuilding the Enterprise
Microsoft Exchange
– Merge Tape
– Start Exchange Services
– Modify User Accounts via ADSI
Launch ADSI Edit Application and CLEAR for
Each User:
–
–
–
–
homeMDB
homeMTA
mailNickname
All other msExch properties
Rebuilding the Enterprise
Rebuilding the Enterprise
Rebuilding the Enterprise
Microsoft Exchange (Cont. . .)
– Create New Mailbox in AD Users and
computers
– Send test mail to activate mailbox
– Brick level restore to new mailboxes
– Move user account into disaster recovery OU
– Add account to “recovery” group
Conclusion
Disaster Recovery Solution
– DR solution needs to be tailored to the
Firm’s size, resources and geographic
location
– Anticipate worst case scenario
– Buy as much as you can
– Documentation is key
– Stay honest
– Update