business continuity and disaster recovery seminar presented by the network professional association...
TRANSCRIPT
Business Continuity
and
Disaster Recovery
Seminar presented by the Network Professional Association
of the DC Metro Area
NETWORK PROFESSIONAL
ASSOCIATION
November 20th 2002
Agenda
• Introductions– NPA Overview– Seminar Objectives– Vendors / Sponsors
• Seminar– Expert Panel– Interactive Presentations– Closing
vendor & peer interaction
NETWORK PROFESSIONAL
ASSOCIATION
The mission of the Network Professional Association is to advance the Networking Industry towards a profession.
Our objective is to unite network computing professionals in a worldwide association; determine member needs and interests; deliver programs and services to meet those needs and interests.
Workshop/Seminar Objectives
• Business Continuity
• Disaster Recovery and Planning
• Vendor Information
• Audience Participation
Vendor Presentations• Fortrex
Network Security and Disaster Recovery Planning
• Sun Highly Available and Highly Utilized IT infrastructure
• Novell Solutions for Business Continuity
• ServerVault Secure Active-Active Disaster Recovery Configurations
• Ipswitch Network Management / Monitoring
• Recovery Point Integrated Disaster Recovery Site
• IBM Business Continuity and Recovery Services
Speakers• Fortrex Doug Ochs, President
• Sun Dave Brillhart, Datacenter Architect
• Novell Ramesh Pattni Novell, Senior Strategist
• ServerVault Rich Bates, VP of Operations
• Ipswitch Kelly Anderson, Marketing Analyst
• Recovery Point Marc Langer, President
• IBM Ray Kearns, BCRS Sales Agent
Panel Members
Dave Brillhart Sun, Datacenter Architect
Doug Ochs Fortrex, President
Jeff Berman FatPipe, Regional Sales Manager
Mike Lee Network Computing Magazine, Editor
Paul Striedl Association of Contingency Planners, President Capital Area chapter
Ramesh Pattni Novell, Senior Strategist
Prevention
• Areas for Concern• High Availability• Monitoring• Security• Servers• Data• Power Backup• Telecommunications
Areas for Concern
• Power Outage• Service Interruption• Fire Damage• System Failure• Data Corruption• Security Incident• Natural Disaster• Physical Attack
Prevention
High Availability
• Redundancy / Failover• Hardware Products• Software Products• Manual Intervention• Distributed Systems• Self Healing• Vendor Relationships
Prevention
Monitoring
• Network Monitoring / Alerting
• Know What You Have
• Mine Log Files
• Security Alerts
• Intrusion Detection
Prevention
monitoring - Ipswitch
Network Management• Mapping• Monitoring• Notification• Reporting• Access
Kelly Anderson – Product Marketing
Analyst
Prevention
Security
• Firewall• Border Systems• Intrusion Detection• Vulnerabilities• Awareness• Audit• Policies Drive Systems• Outsourcing
Prevention
security - Computer Crime
• Tresspass• Theft / Denial of Services• Alteration of Data• Damage to Software• Theft of Information• Theft of Money
Prevention
security - Services
Fortrex Technologies
• Managed Security(intrusion detection, firewall, vulnerability scanning)
• Enterprise Security Management(assessment, audit, training, deployment, policy)
• Information Security Process(ongoing analysis, monitoring, continual process)
Doug Ochs – President
Prevention
security - Physical
• Physical Access– Employees– Contractors
• Intellectual Property– Protection– Inventory
• Computer Forensics– Discovery / Investigation– Experience
• Staff Issues– Internal Threat– Background Checks
Prevention
security - Viruses / Worms
• Gateway Scanning– SMTP, POP and HTTP also
• Layered Approach– Border– Servers– Desktops
• Appliances• Acceptable Use
Prevention
Servers
• Downtime Costs $1,000 Minute
• Fault Tolerance
• Storage Area Network
• Offsite Processing
• Hot Spares
• Clustering
• Load Balancing
Prevention
Power Backup
• Power Outages
• Cost US Companies $80 Billion
• Interrupts 72% of US Businesses
• Most Common Disaster
• Cover in Recovery Section
Prevention
Data
• Architecture Developments
• Storage Area Networks
• Managed / Secure Hosting
• Geographic Distribution
• Data Center Facilities
Prevention
data - ServerVault
• Managed Hosting• Storage Solutions• Security Integration• Site Mirroring• VPN Services• Application Services
Richard Bates – Vice President of
Operations
Prevention
data - Sun Microsystems
• Highly Available and Highly UtilizedIT Infrastructure
• Service Delivery Platform
• N1 Datacenter Architecture
• Geographically Dispersed Clusters
• SunCluster 3 Replication Techniques
• End-to-End Solution Architectures
Dave Brillhart – Datacenter Architect
Prevention
telecommunications - Voice
• Additional Phone Lines
• Call Forwarding Options
• Loop Diversity
• Alternate Serving Wire Center
• Switch Redirect
Prevention
telecommunications - Services
Choice Network Solutions
• Verizon Products & Services
• Planning and Consulting
• Coordination (long distance carriers, ISPs & installs)
• Frame, BRIs/PRIs, T1-DS3
Peter Borstelmann – Vice President of
Sales
Prevention
telecommunications - Data
• Hardware Fault Tolerance• Hot Spares• High End Protocols• Loop Diversity / Divergent Paths• VPN as Backup• ISDN Backup• Redundant ISPs
Prevention
telecommunications - FatPipe
Traffic Dynamically Load Balanced
No ISP Cooperation
required
Router Independent -Works with T1, T3, E1, E3, DSL, OCN,
ISDN, and Wireless Routers
Jeff Berman – Regional Sales Manager
Prevention
FatPipe Benefits
• Dynamically senses router status, and automatically reroutes traffic to available lines when services fail
• Dynamic load balancing of IP traffic without use of BGP
• Bonds any combination of T3, T1, E1, E3, DSL, ISDN, or wireless connections
• Sits transparently in the network
• Plug and play solution to prevent WAN downtime
• Does not require any hardware or software at the ISP site
Prevention
FatPipe Products
• Xtreme - For medium to large companies requiring redundancy for outbound Internet access e.g. Thin Clients.
• WARP - For companies hosting internal servers, requiring reliability & redundancy for inbound and outbound traffic.
• Multi-Path VPN (MPVPN) - Bonds multiple VPN paths for up to three time the redundancy, and nine time the security.
• Multi-Path Frame Relay (MPFR) - Bonds frame relay networks from multiple providers into one seamlessly connected network at the customer site, giving customers total control of the reliability and efficiency of their networks.
• IPVPN - Bonds multiple managed and CPE based VPNs in to one single seamless WAN. No BGP or NNI programming is needed.
Prevention
Risk Analysis
• Mission Critical Systems• Audits• Business Priorities• Stakeholder Interviews• Downtime Timeframes• Redundant Systems• Disaster Levels• Diagrams
Planning
Spending
• How Much Is Enough
• Costs of Downtime
• $1M/hr Major Industry Average
• Senior Management
• Awareness / Tactics
Planning
Assets
• Mission Critical Applications• Data• Servers• Storage• LAN/WAN• Telecommunications• Desktop/Laptop PCs• Remote Access• Business Processes
Planning
Assets - Telecommunications
Planning Services fromChoice Network Solutions
• Define Critical Business Functions
• Conduct Financial Analysis
• Design Disaster Recovery Plan
• Conduct Tests of Effectiveness
• Analyze Results
• Define Areas of Concern
Planning
Formal Plan - Outline
• Introduction
• Business Impact Analysis
• Recovery Strategy
• Disaster Recovery Organization
• Emergency Procedures
• Plan Administration
• Appendix
Planning
Testing
• Formal Tests Corporate Wide
• Test Redundancy / Failover
• Test the Plan with Rehearsals
• Quarterly Team Meetings
• Vendor /Partner Plans
Planning
Team
• Disaster Recovery Team
• Responsibilities
• Communications
• Formal Procedures
• Training
Planning
Training
• Various Seminars / Conferences
• Disaster Recovery Institute
• Certifications– Associate Business Continuity Planner– Certified Business Continuity Professional– Master Business Continuity Professional
• Association of Contingency Planners
Planning
IBM Global Services
Business Continuity and Recovery Services
• Backup and Recovery Options• Assess and Improve Recoverability • Protect Critical Business Processes • Assess Disruption Impact• Continuity Services Managed• Managed Security Services • E-Business Management Services
Raymond Kearns – BCRS Sales Agent
Planning
Recovery
• Components
• Prioritization of Work
• Communications
• Human Factors
• Insurance
• Lessons Learned
Components
• Data / Apps Backup• Offsite Storage• Backup Power• Fire Prevention• Alternate Facilities• Other
– Spare Equipment– Offsite Processing/Systems– Manual Services
Recovery
components - Recovery Services
Recovery Point Systems
• Offsite Storage
• Disaster Recovery Hotsite(end-user hotsite with high speed access)
• Web Based Solutions(online disaster recovery solutions)
• Secure Hosting Services(hosting, mirroring, hardened facility)
Marc Langer – President
Recovery
components - Data/App Backups
• Applications & Licenses
• Data Tape Backup
• Across the Wire Backups
• Live Offsite Storage
• Maintain Onsite/Offsite
Recovery
Novell
• Secure Access
• Portal Services
• NetWare Backup / Mirror
• Clustering
• Central Storage (iFolder)
• Distributed Offices
Ramesh Pattni – Senior Strategist
Recovery
components - Offsite Storage
• Vendor Services
• Items to Store Offsite– Data– Copy of Applications– Documentation– Contact Lists– Inventory Lists– Disaster Recovery Plan
Recovery
components – Backup Power
• Probably Number One Risk(cause 45% of all data loss)
• Protect / Provide Power
• Servers and Infrastructure
• UPS to Generator
• Sizing Backup Requirements
• Consult an Engineer
Recovery
components – Fire Prevention
• Fire Detection
• Fire Suppression
• Computer Room Policies
• Sprinkler Systems
• Halon Phase Out
• Alternatives to Halon
• Consult an Engineer
Recovery
components - Alternate Facilities
• Hot Site
• Cold Site
• Service Bureau
• End Users
• Temp Space
• Remote Access
• Mutual Aid Pact
Recovery
Prioritization of Work
• Planned Focus
• Mission Critical Systems
• Business Priorities
• Service Levels
• Manage Manpower
Recovery
Communications
• Integrate into Formal Plan
• Decision Making
• Information Dissemination
• Vendors / Partners
• Customers
• Employees
• Public Relations
Recovery
Insurance
• Property Loss & Liability
• Disaster Coverage
• Business Interruption
• Replacement Cost
Recovery
Lessons Learned
• Formal Review Process
• What Went Right / Wrong
• Document Actions
• Integrate into Plan
• Prevent Future Impact
Recovery
DRP Related Websites
NPA Community Sitewww.npa.org then Community link
Global Portal for Business Continuitywww.globalcontinuity.com
Disaster Recovery Institutewww.drii.org
Association of Contingency Plannerswww.acp-international.com
Contingency Planning Researchwww.contingencyplanningresearch.com
Mid Atlantic Disaster Recovery Associationwww.madra.org
Disaster Recovery Journalwww.drj.com
DRP Resources
Federal Emergency Management AgencyEmergency Management Guide for Business & Industry
www.fema.gov/pdf/library/bizindst.pdf Small Business Administration Disaster Assistance
www.sba.gov/disaster Disaster Recovery YellowPages
www.disaster-help.com Disaster Recovery Plan Template
www.e-janco.com/drp.htmDisaster Survival Guide for Communications Networks
www.cmpbooks.com ISBN: 1-57820-117-9
DRP Article Links
Other Good Sources of Articles
CIO Magazine www.cio.com
Network Computingwww.nwc.com
Information Weekwww.informationweek.com
Search Networkingwww.searchnetworking.com
Vendor Presentations
Presentations and contact info from the vendors are online
www.npa.org/chapters/dcmetro/drp.htm