Transcript Business Continuity / Disaster Recovery

NETWORK PROFESSIONAL ASSOCIATION
Business Continuity
and
Disaster Recovery
Seminar presented by the
Network Professional Association
of the DC Metro Area
November 20th 2002
Agenda
• Introductions
– NPA Overview
– Seminar Objectives
– Vendors / Sponsors
• Seminar
– Expert Panel
– Interactive Presentations
– Closing
vendor & peer interaction
NETWORK PROFESSIONAL ASSOCIATION
The mission of the Network Professional
Association is to advance the
Networking Industry towards a
profession.
Our objective is to unite network
computing professionals in a
worldwide association; determine
member needs and interests; deliver
programs and services to meet those
needs and interests.
Workshop/Seminar Objectives
• Business Continuity
• Disaster Recovery and Planning
• Vendor Information
• Audience Participation
Sponsors
Contributing Vendors
Vendor Presentations
• Fortrex
Network Security and Disaster Recovery Planning
• Sun
Highly Available and Highly Utilized IT infrastructure
• Novell
Solutions for Business Continuity
• ServerVault
Secure Active-Active Disaster Recovery Configurations
• Ipswitch
Network Management / Monitoring
• Recovery Point
Integrated Disaster Recovery Site
• IBM
Business Continuity and Recovery Services
Speakers
• Fortrex
• Sun
Doug Ochs, President
Dave Brillhart, Datacenter Architect
• Novell
Ramesh Pattni Novell, Senior Strategist
• ServerVault
• Ipswitch
Rich Bates, VP of Operations
Kelly Anderson, Marketing Analyst
• Recovery Point
• IBM
Marc Langer, President
Ray Kearns, BCRS Sales Agent
EXPERT PANEL
Trends and Developments in
Business Continuity
Panel Members
Dave Brillhart
Doug Ochs
Jeff Berman
Mike Lee
Sun, Datacenter Architect
Fortrex, President
FatPipe, Regional Sales Manager
Network Computing Magazine, Editor
Paul Striedl
Association of Contingency
Planners, President Capital Area chapter
Ramesh Pattni
Novell, Senior Strategist
NPA PRESENTATION
Three Main Topic Areas
•Prevention
•Planning
•Recovery
PERSPECTIVE
PREVENTION
Prevention
• Areas for Concern
• High Availability
• Monitoring
• Security
• Servers
• Data
• Power Backup
• Telecommunications
Areas for Concern
• Power Outage
• Service Interruption
• Fire Damage
• System Failure
• Data Corruption
• Security Incident
• Natural Disaster
• Physical Attack
Prevention
High Availability
• Redundancy / Failover
• Hardware Products
• Software Products
• Manual Intervention
• Distributed Systems
• Self Healing
• Vendor Relationships
Prevention
Monitoring
• Network Monitoring / Alerting
• Know What You Have
• Mine Log Files
• Security Alerts
• Intrusion Detection
Prevention
monitoring - Ipswitch
Kelly Anderson – Product Marketing Analyst
Network Management
• Mapping
• Monitoring
• Notification
• Reporting
• Access
Prevention
Security
• Firewall
• Border Systems
• Intrusion Detection
• Vulnerabilities
• Awareness
• Audit
• Policies Drive Systems
• Outsourcing
Prevention
security - Computer Crime
• Tresspass
• Theft / Denial of Services
• Alteration of Data
• Damage to Software
• Theft of Information
• Theft of Money
Prevention
security - Services
Doug Ochs – President
Fortrex Technologies
• Managed Security
(intrusion detection, firewall, vulnerability scanning)
• Enterprise Security Management
(assessment, audit, training, deployment, policy)
• Information Security Process
(ongoing analysis, monitoring, continual process)
Prevention
security - Physical
• Physical Access
– Employees
– Contractors
• Intellectual Property
– Protection
– Inventory
• Computer Forensics
– Discovery / Investigation
– Experience
• Staff Issues
– Internal Threat
– Background Checks
Prevention
security - Viruses / Worms
• Gateway Scanning
– SMTP, POP and HTTP also
• Layered Approach
– Border
– Servers
– Desktops
• Appliances
• Acceptable Use
Prevention
Servers
• Downtime Costs $1,000 Minute
• Fault Tolerance
• Storage Area Network
• Offsite Processing
• Hot Spares
• Clustering
• Load Balancing
Prevention
Power Backup
• Power Outages
• Cost US Companies $80 Billion
• Interrupts 72% of US Businesses
• Most Common Disaster
• Cover in Recovery Section
Prevention
Data
• Architecture Developments
• Storage Area Networks
• Managed / Secure Hosting
• Geographic Distribution
• Data Center Facilities
Prevention
data - ServerVault
Richard Bates – Vice President of Operations
• Managed Hosting
• Storage Solutions
• Security Integration
• Site Mirroring
• VPN Services
• Application Services
Prevention
data - Sun Microsystems
Dave Brillhart – Datacenter Architect
• Highly Available and Highly Utilized
IT Infrastructure
• Service Delivery Platform
• N1 Datacenter Architecture
• Geographically Dispersed Clusters
• SunCluster 3 Replication Techniques
• End-to-End Solution Architectures
Prevention
telecommunications - Voice
• Additional Phone Lines
• Call Forwarding Options
• Loop Diversity
• Alternate Serving Wire Center
• Switch Redirect
Prevention
telecommunications - Services
Peter Borstelmann – Vice President of Sales
Choice Network Solutions
• Verizon Products & Services
• Planning and Consulting
• Coordination
(long distance carriers, ISPs & installs)
• Frame, BRIs/PRIs, T1-DS3
Prevention
telecommunications - Data
• Hardware Fault Tolerance
• Hot Spares
• High End Protocols
• Loop Diversity / Divergent Paths
• VPN as Backup
• ISDN Backup
• Redundant ISPs
Prevention
telecommunications - FatPipe
Jeff Berman – Regional Sales Manager
Router Independent Traffic Dynamically
Load Balanced
Works with T1, T3, E1, E3, DSL, OCN,
ISDN, and Wireless Routers
No ISP
Cooperation
required
Prevention
FatPipe Benefits
• Dynamically senses router status, and
automatically reroutes traffic to available
lines when services fail
• Dynamic load balancing of IP traffic without
use of BGP
• Bonds any combination of T3, T1, E1, E3,
DSL, ISDN, or wireless connections
• Sits transparently in the network
• Plug and play solution to prevent WAN
downtime
• Does not require any hardware or software
at the ISP site
Prevention
FatPipe Products
• Xtreme - For medium to large companies requiring
redundancy for outbound Internet access e.g. Thin
Clients.
• WARP - For companies hosting internal servers,
requiring reliability & redundancy for inbound and
outbound traffic.
• Multi-Path VPN (MPVPN) - Bonds multiple VPN paths
for up to three time the redundancy, and nine time
the security.
• Multi-Path Frame Relay (MPFR) - Bonds frame relay
networks from multiple providers into one seamlessly
connected network at the customer site, giving
customers total control of the reliability and
efficiency of their networks.
• IPVPN - Bonds multiple managed and CPE based
VPNs in to one single seamless WAN. No BGP or NNI
programming is needed.
Prevention
PLANNING
Planning
• Risk Analysis
• Spending
• Assets
• Formal Plan
• Team
• Testing
• Team
• Training
• Assistance
Risk Analysis
• Mission Critical Systems
• Audits
• Business Priorities
• Stakeholder Interviews
• Downtime Timeframes
• Redundant Systems
• Disaster Levels
• Diagrams
Planning
Spending
• How Much Is Enough
• Costs of Downtime
• $1M/hr Major Industry Average
• Senior Management
• Awareness / Tactics
Planning
Assets
• Mission Critical Applications
• Data
• Servers
• Storage
• LAN/WAN
• Telecommunications
• Desktop/Laptop PCs
• Remote Access
• Business Processes
Planning
Assets - Telecommunications
Planning Services from
Choice Network Solutions
• Define Critical Business Functions
• Conduct Financial Analysis
• Design Disaster Recovery Plan
• Conduct Tests of Effectiveness
• Analyze Results
• Define Areas of Concern
Planning
Formal Plan
• Ownership
• Publishing
• Updating
• Distribution
Planning
Formal Plan - Outline
• Introduction
• Business Impact Analysis
• Recovery Strategy
• Disaster Recovery Organization
• Emergency Procedures
• Plan Administration
• Appendix
Planning
Testing
• Formal Tests Corporate Wide
• Test Redundancy / Failover
• Test the Plan with Rehearsals
• Quarterly Team Meetings
• Vendor /Partner Plans
Planning
Team
• Disaster Recovery Team
• Responsibilities
• Communications
• Formal Procedures
• Training
Planning
Training
• Various Seminars / Conferences
• Disaster Recovery Institute
• Certifications
– Associate Business Continuity Planner
– Certified Business Continuity Professional
– Master Business Continuity Professional
• Association of Contingency Planners
Planning
Assistance
• Consultants
• Red Cross
• Government Agencies
• Vendors
• Customers
Planning
IBM Global Services
Raymond Kearns – BCRS Sales Agent
Business Continuity and
Recovery Services
•
•
•
•
•
•
•
Backup and Recovery Options
Assess and Improve Recoverability
Protect Critical Business Processes
Assess Disruption Impact
Continuity Services Managed
Managed Security Services
E-Business Management Services
Planning
RECOVERY
Recovery
• Components
• Prioritization of Work
• Communications
• Human Factors
• Insurance
• Lessons Learned
Components
• Data / Apps Backup
• Offsite Storage
• Backup Power
• Fire Prevention
• Alternate Facilities
• Other
– Spare Equipment
– Offsite Processing/Systems
– Manual Services
Recovery
components - Recovery Services
Marc Langer – President
Recovery Point Systems
• Offsite Storage
• Disaster Recovery Hotsite
(end-user hotsite with high speed access)
• Web Based Solutions
(online disaster recovery solutions)
• Secure Hosting Services
(hosting, mirroring, hardened facility)
Recovery
components - Data/App Backups
• Applications & Licenses
• Data Tape Backup
• Across the Wire Backups
• Live Offsite Storage
• Maintain Onsite/Offsite
Recovery
Novell
Ramesh Pattni – Senior Strategist
• Secure Access
• Portal Services
• NetWare Backup / Mirror
• Clustering
• Central Storage (iFolder)
• Distributed Offices
Recovery
components - Offsite Storage
• Vendor Services
• Items to Store Offsite
– Data
– Copy of Applications
– Documentation
– Contact Lists
– Inventory Lists
– Disaster Recovery Plan
Recovery
components – Backup Power
• Probably Number One Risk
(cause 45% of all data loss)
• Protect / Provide Power
• Servers and Infrastructure
• UPS to Generator
• Sizing Backup Requirements
• Consult an Engineer
Recovery
components – Fire Prevention
• Fire Detection
• Fire Suppression
• Computer Room Policies
• Sprinkler Systems
• Halon Phase Out
• Alternatives to Halon
• Consult an Engineer
Recovery
components - Alternate Facilities
• Hot Site
• Cold Site
• Service Bureau
• End Users
• Temp Space
• Remote Access
• Mutual Aid Pact
Recovery
Prioritization of Work
• Planned Focus
• Mission Critical Systems
• Business Priorities
• Service Levels
• Manage Manpower
Recovery
Communications
• Integrate into Formal Plan
• Decision Making
• Information Dissemination
• Vendors / Partners
• Customers
• Employees
• Public Relations
Recovery
Human Factors
• Food
• Water
• Rest
• Housing
• Stress
Recovery
Insurance
• Property Loss & Liability
• Disaster Coverage
• Business Interruption
• Replacement Cost
Recovery
Lessons Learned
• Formal Review Process
• What Went Right / Wrong
• Document Actions
• Integrate into Plan
• Prevent Future Impact
Recovery
APPENDIX
DRP Related Websites
NPA Community Site
www.npa.org then Community link
Global Portal for Business Continuity
www.globalcontinuity.com
Disaster Recovery Institute
www.drii.org
Association of Contingency Planners
www.acp-international.com
Contingency Planning Research
www.contingencyplanningresearch.com
Mid Atlantic Disaster Recovery Association
www.madra.org
Disaster Recovery Journal
www.drj.com
DRP Resources
Federal Emergency Management Agency
Emergency Management Guide for Business &
Industry
www.fema.gov/pdf/library/bizindst.pdf
Small Business Administration Disaster Assistance
www.sba.gov/disaster
Disaster Recovery YellowPages
www.disaster-help.com
Disaster Recovery Plan Template
www.e-janco.com/drp.htm
Disaster Survival Guide for Communications Networks
www.cmpbooks.com ISBN: 1-57820-117-9
DRP Article Links
Other Good Sources of Articles
CIO Magazine
www.cio.com
Network Computing
www.nwc.com
Information Week
www.informationweek.com
Search Networking
www.searchnetworking.com
Vendor Presentations
Presentations and contact info
from the vendors are online
www.npa.org/chapters/dcmetro/drp.htm
PEER INTERACTION