Ensuring Integrity and Availability

What Are Integrity and

Availability?
 Integrity: soundness of network’s programs, data,
services, devices, and connections
 Availability: how consistently and reliably file or
system can be accessed by authorized personnel
 Need well-planned and well-configured network
 Data backups, redundant devices, protection from
malicious intruders
 Phenomena compromising integrity and
availability:
 Security breaches, natural disasters, malicious intruders,
power flaws, human error
Network+ Guide to Networks, 4e 2
What Are Integrity and
Availability? (continued)
 General guidelines for protecting network:
 Allow only network administrators to create or
modify NOS and application system files
 Monitor network for unauthorized access or
changes
 Record authorized system changes in a change
management system
 Install redundant components
 Perform regular health checks

Network+ Guide to Networks, 4e 3

What Are Integrity and
Availability? (continued)
 General guidelines for protecting network
(continued):
 Check system performance, error logs, and
system log book regularly
 Keep backups, boot disks, and emergency
repair disks current and available
 Implement and enforce security and disaster
recovery policies

Network+ Guide to Networks, 4e 4

Viruses
 Program that replicates itself with intent to
infect more computers
 Through network connections or exchange of
external storage devices
 Typically copied to storage device without user’s
knowledge
 Trojan horse: program that disguises itself
as something useful but actually harms
system
 Not considered a virus
Network+ Guide to Networks, 4e 5
Types of Viruses
 Boot sector viruses: located in boot sector of
computer’s hard disk
 When computer boots up, virus runs in place of
computer’s normal system files
 Removal first requires rebooting from uninfected, write-
protected disk with system files on it
 Macro viruses: take form of macro that may be
executed as user works with a program
 Quick to emerge and spread
 Symptoms vary widely

Network+ Guide to Networks, 4e 6

Types of Viruses (continued)
 File-infected viruses: attach to executable files
 When infected executable file runs, virus copies itself to
memory
 Can have devastating consequences
 Symptoms may include damaged program files,
inexplicable file size increases, changed icons for
programs, strange messages, inability to run a program
 Worms: programs that run independently and
travel between computers and across networks
 Not technically viruses
 Can transport and hide viruses

Network+ Guide to Networks, 4e 7

Types of Viruses (continued)
 Trojan horse: program that claims to do
something useful but instead harms system
 Network viruses: propagated via network
protocols, commands, messaging programs, and
data links
 Bots: program that runs automatically, without
requiring a person to start or stop it
 Many bots spread through Internet Relay Chat (IRC)
 Used to damage/destroy data or system files, issue
objectionable content, further propagate virus

Network+ Guide to Networks, 4e 8

Virus Characteristics
 Encryption: encrypted virus may thwart antivirus
program’s attempts to detect it
 Stealth: stealth viruses disguise themselves as
legitimate programs or replace part of legitimate
program’s code with destructive code
 Polymorphism: polymorphic viruses change
characteristics every time transferred
 Time-dependence: time-dependent viruses
programmed to activate on particular date

Network+ Guide to Networks, 4e 9

Virus Protection: Antivirus
Software
 Antivirus software should at least:
 Detect viruses through signature scanning
 Detect viruses through integrity checking
 Detect viruses by monitoring unexpected file changes or
virus-like behaviors
 Receive regular updates and modifications from a
centralized network console
 Consistently report only valid viruses
 Heuristic scanning techniques attempt to identify viruses by
discovering “virus-like” behavior (may give “false positives”)

Network+ Guide to Networks, 4e 10

Antivirus Policies
 Provide rules for using antivirus software
and policies for installing programs, sharing
files, and using floppy disks
 Suggestions for antivirus policy guidelines:
 Every computer in organization equipped with
virus detection and cleaning software
 Users should not be allowed to alter or disable
antivirus software
 Users should know what to do in case virus
detected
Network+ Guide to Networks, 4e 11
Antivirus Policies (continued)
 Suggestions for antivirus policy guidelines
(continued):
 Antivirus team should be appointed to focus on
maintaining antivirus measures
 Users should be prohibited from installing any
unauthorized software on their systems
 Systemwide alerts should be issued to network
users notifying them of serious virus threats and
advising them how to prevent infection

Network+ Guide to Networks, 4e 12

Virus Hoaxes
 False alerts about dangerous, new virus that
could cause serious damage to systems
 Generally an attempt to create panic
 Should not be passed on
 Can confirm hoaxes online

Network+ Guide to Networks, 4e 13

Fault Tolerance
 Capacity for system to continue performing
despite unexpected hardware or software
malfunction
 Failure: deviation from specified level of system
performance for given period of time
 Fault: involves malfunction of system component
 Can result in a failure
 Varying degrees
 At highest level, system remains unaffected by even
most drastic problems

Network+ Guide to Networks, 4e 14

Environment
 Must analyze physical environment in which
devices operate
 e.g., excessive heat or moisture, break-ins,
natural disasters
 Can purchase temperature and humidity
monitors
 Trip alarms if specified limits exceeded

Network+ Guide to Networks, 4e 15

Power: Power Flaws
 Power flaws that can damage equipment:
 Surge: momentary increase in voltage due to
lightning strikes, solar flares, or electrical
problems
 Noise: fluctuation in voltage levels caused by
other devices on network or electromagnetic
interference
 Brownout: momentary decrease in voltage; also
known as a sag
 Blackout: complete power loss

Network+ Guide to Networks, 4e 16

UPSs (Uninterruptible Power
Supplies)
 Battery-operated power source directly attached to
one or more devices and to power supply
 Prevents undesired features of outlet’s A/C power from
harming device or interrupting services
 Standby UPS: provides continuous voltage to device
 Switch to battery when power loss detected
 Online UPS: uses power from wall outlet to continuously
charge battery, while providing power to network device
through battery

Network+ Guide to Networks, 4e 17

UPSs (continued)
 Factors to consider when deciding on a
UPS:
 Amount of power needed
 Power measured in volt-amps
 Period of time to keep a device running
 Line conditioning
 Cost

Network+ Guide to Networks, 4e 18

Generators

Figure 13-2: UPSs and a generator in a network design

Network+ Guide to Networks, 4e 19
Topology and Connectivity
 Key to fault tolerance in network design is
supplying multiple possible data paths
 If one connection fails, data can be rerouted
 On LANs, star topology and parallel backbone
provide greatest fault tolerance
 On WANs, full mesh topology offers best fault
tolerance
 SONET networks highly fault-tolerant
 Redundancy in network offers advantage of
reducing risk of lost functionality and profits
from network faults
Network+ Guide to Networks, 4e 20
Topology and Connectivity
(continued)

Figure 13-3: VPNs linking multiple customers

Network+ Guide to Networks, 4e 21
Topology and Connectivity
(continued)
 Automatic fail-over: use redundant
components able to immediately assume
duties of an identical component in event of
failure or fault
 Can provide some level of fault tolerance by
using hot swappable parts
 Leasing redundant LINKs allows for load
balancing
 Automatic distribution of traffic over multiple
links or processors to optimize response
Network+ Guide to Networks, 4e 22
Topology and Connectivity
(continued)

Figure 13-5: Fully redundant T1 connectivity

Network+ Guide to Networks, 4e 23
Servers
 Make servers more fault-tolerant by
supplying them with redundant components
 NICs, processors, and hard disks
 If one item fails, entire system won’t fail
 Enable load balancing

Network+ Guide to Networks, 4e 24

Server Mirroring
 Mirroring: one device or component
duplicates activities of another
 Server Mirroring: one server duplicates
transactions and data storage of another
 Must be identical machines using identical
components
 Requires high-speed link between servers
 Requires synchronization software
 Form of replication
 Servers can stand side by side or be
positioned in different locations
Network+ Guide to Networks, 4e 25
Clustering
 Link multiple servers together to act as single
server
 Share processing duties
 Appear as single server to users
 If one server fails, others automatically take over data
transaction and storage responsibilities
 More cost-effective than mirroring
 To detect failures, clustered servers regularly poll each
other
 Servers must be close together

Network+ Guide to Networks, 4e 26

Storage: RAID (Redundant Array of
Independent (or Inexpensive) Disks)
 Collection of disks that provide fault tolerance for
shared data and applications
 Disk array
 Collection of disks that work together in RAID
configuration, often referred to as RAID drive
 Appear as single logical drive to system
 Hardware RAID: set of disks and separate disk
controller
 Managed exclusively by RAID disk controller
 Software RAID: relies on software to implement
and control RAID techniques

Network+ Guide to Networks, 4e 27

RAID Level 0―Disk Striping

 Simple implementation of RAID

 Not fault-tolerant
 Improves performance

Figure 13-6: RAID Level 0—disk striping

Network+ Guide to Networks, 4e 28
RAID Level 1—Disk Mirroring
 Data from one disk copied to another disk
automatically as information written
 Dynamic backup
 If one drive fails, disk array controller automatically
switches to disk that was mirroring it
 Requires two identical disks
 Usually relies on system software to perform mirroring
 Disk duplexing: similar to disk mirroring, but
separate disk controller used for each disk

Network+ Guide to Networks, 4e 29

RAID Level 1—Disk Mirroring
(continued)

Figure 13-7: RAID Level 1—disk mirroring

Network+ Guide to Networks, 4e 30
RAID Level 3—Disk Striping with
Parity ECC
 Disk striping with special error correction
code (ECC)
 Parity: mechanism used to verify integrity of
data by making number of bits in a byte sum to
either an odd or even number
 Even parity or odd parity
 Tracks integrity of data on disk
 Parity bit assigned to each data byte when written to
disk
 When data read, data’s bits plus parity bit summed
(parity should match)
Network+ Guide to Networks, 4e 31
RAID Level 3—Disk Striping with
Parity ECC (continued)

Figure 13-8: RAID Level 3—disk striping with parity ECC

Network+ Guide to Networks, 4e 32

RAID Level 5—Disk Striping with
Distributed Parity
 Data written in small blocks across several disks
 Parity error checking information distributed among
disks
 Highly fault-tolerant
 Very popular
 Failed disk can be replaced with little interruption
 Hot spare: disk or partition that is part of array,
but used only in case a RAID disks fails
 Cold spare: duplicate component that can be
installed in case of failure

Network+ Guide to Networks, 4e 33

RAID Level 5—Disk Striping with
Distributed Parity (continued)

Figure 13-9: RAID Level 5—disk striping with distributed parity

Network+ Guide to Networks, 4e 34
NAS (Network Attached Storage)
 Specialized storage device that provides
centralized fault-tolerant data storage
 Maintains own interface to LAN
 Contains own file system optimized for saving
and serving files
 Easily expanded without interrupting service
 Cannot communicate directly with network
clients

Network+ Guide to Networks, 4e 35

NAS (continued)

Figure 13-10: Network attached storage on a LAN

Network+ Guide to Networks, 4e 36
SANs (Storage Area Networks)

Figure 13-11: A storage area network

Network+ Guide to Networks, 4e 37
Data Backup
 Copy of data or program files created for
archiving or safekeeping
 No matter how reliable and fault-tolerant you
believe your server’s hard disk (or disks) to be,
still risk losing everything unless you make
backups on separate media and store them off-
site
 Many options exist for making backups

Network+ Guide to Networks, 4e 38

Backup Media and Methods
 To select appropriate solution, consider
following questions:
 Sufficient storage capacity?
 Reliability?
 Data error checking techniques?
 System efficient enough to complete backup
process before daily operations resume?
 Cost and capacity?
 Compatibility?
 Frequent manual intervention?
 Scalability?
Network+ Guide to Networks, 4e 39
Optical Media
 Capable of storing digitized data
 Uses laser to write and read data
 CD-ROMs and DVDs

 Requires proper disk drive to write data

 Writing data usually takes longer than
saving data to another type of media

Network+ Guide to Networks, 4e 40

Tape Backups
 Relatively simple, capable of storing large
amounts of data, at least partially
automated
 On relatively small networks, standalone
tape drives may be attached to each server
 On large networks, one large, centralized
tape backup device may manage all
subsystems’ backups
 Usually connected to computer other than file
server Network+ Guide to Networks, 4e 41
External Disk Drives
 Storage devices that can be attached
temporarily to a computer via USB, PCMCIA,
FireWire, or Compact-Flash port
 Removable disk drives
 For backing up large amounts of data, likely
to use external disk drive with backup
control features, high capacity, and fast
read-write access
 Faster data transfer rates than optical media
or tape backupsNetwork+ Guide to Networks, 4e 42
Network Backups
 Save data to another place on network
 Must back up data to different disk than where
it was originally stored
 Most NOSs provide utilities for automating
and managing network backups
 Online backup: saves data across Internet
to another company’s storage array
 Strict security measures to protect data in
transit
 Backup and restoration processes automated
Network+ Guide to Networks, 4e 43
Backup Strategy
 Strategy should address following questions:
 What data must be backed up?
 Rotation schedule?
 Time backups occur?
 Method of accuracy verification?
 Where and how long will backup media be stored?
 Who will take responsibility?
 How long will backups be saved?
 Where will documentation be stored?

Network+ Guide to Networks, 4e 44

Backup Strategy (continued)
 Archive bit: file attribute that can be checked or
unchecked
 Indicates whether file must be archived
 Backup methods use archive bit in different ways
 Full backup: all data copied to storage media,
regardless of whether data is new or changed
 Archive bits set to “off” for all files
 Incremental backup: copies only data that has changed
since last full or incremental backup
 Unchecks archive bit for every file saved
 Differential backup: does not uncheck archive bits for
files backed up

Network+ Guide to Networks, 4e 45

Backup Strategy (continued)
 Determine best possible backup rotation scheme
 Provide excellent data reliability without overtaxing
network or requiring a lot of intervention
 Several standard backup rotation schemes
 Grandfather-father-son: Uses DAILY (son), weekly (father), and
monthly (grandfather) backup sets
 Make sure backup activity recorded in backup log
 Establish regular schedule of verification

Network+ Guide to Networks, 4e 46

Backup Strategy (continued)

Figure 13-13: The “grandfather-father-son” backup rotation

scheme
Network+ Guide to Networks, 4e 47
Disaster Recovery:
Disaster Recovery Planning
 Disaster recovery: process of restoring critical
functionality and data after enterprise-wide outage
 Disaster recovery plan accounts for worst-case
scenarios
 Contact names and info for emergency coordinators
 Details on data and servers being backed up, backup
frequency, backup location, how to recover
 Details on network topology, redundancy, and
agreements with national service carriers
 Strategies for testing disaster recovery plan
 Plan for managing the crisis

Network+ Guide to Networks, 4e 48

Disaster Recovery Contingencies
 Several options for recovering from disaster
 Cold site: place where computers, devices, and
connectivity necessary to rebuild network exist
 Not configured, updated, or connected
 Warm site: same as cold site, but some
computers and devices appropriately
configured, updated, or connected
 Hot site: computers, devices, and connectivity
necessary to rebuild network are appropriately
configured, updated, and connected to match
network’s current state
Network+ Guide to Networks, 4e 49