2.5 Cybersecurity Resilience
Tower of Hanoi
Based on the mathematics of the Tower of Hanoi puzzle, this is a recursive method in which every tape is associated with a disk in the puzzle. The disk movement to a different peg corresponds with a backup to a tape
managed power distribution unit (PDU)
For a home office user, is much like a power strip. For data centers, however, distribute power to the critical equipment. Many come with advance functions to improve the power quality and provide load balancing as well as remote monitoring.
load balancing algorithms
For servers that have identical equipment and capacity: ▶ Round-robin: Traffic is sent in a sequential, circular pattern to each node of a load balancer. ▶ Random: Traffic is sent to randomly selected nodes. ▶ Least connections: Traffic is sent to the node with the fewest open connections. When servers have disproportionate components: ▶ Weighted round-robin: Traffic is sent in a circular pattern to each node of a load balancer, based on the assigned weight number. ▶ Weighted least connections: Traffic is sent to the node with the fewest open connections, based on the assigned weight number.
RAID Level 10 (also called 1+0)
High reliability combined with high performance: combines RAID 1 and RAID 0 and requires a minimum of four disks. A variant is called 0+1. This solution is a striped array that has RAID 1 arrays. Disks are mirrored in pairs for redundancy and improved performance, and data is striped across multiple disks. Both versions provide fault tolerance and increased performance.
generator
Provide power beyond the needs of what a UPS can provide. range from the gasoline-powered versions homeowners are familiar with to fuel-powered, room-size generators capable of delivering massive amounts of electricity to power entire data centers.
high availability
System is continuously operational at all times
grandfather-father-son backup
This is the most common rotation scheme for rotating backup media. The basic method is to define three sets of backups. The first set, the son, represents daily backups. A second set, the father, is used to perform full backups. The final set of three tapes, the grandfather, is used to perform full backups on the last day of each month.
ten-tape rotation
This simple and cost-effective method for small businesses provides a data history of up to two weeks. Friday backups are full backups. Monday through Thursday backups are incremental.
Server redundancy
To ensure high availability and reliability. This means multiple servers are used to perform the same task. For example, if you have a web-based business with more than one server hosting your site, when one of the servers crashes, the requests can be redirected to another server
VM replication
VM replication provides the same function for virtual machines as SANs. When replication occurs, the VM replicas are updated.
Virtual IP (VIP)
Virtual IP (VIP) addresses are often implemented in the active/active configuration. In this case, at least one physical server has more than one virtual IP address assigned, usually through a TCP or UDP port number. Using VIP addresses spreads traffic among the load-balancing servers. VIP addresses provide a connection-based workload balancing solution, so if the interface cannot handle the load, traffic bottlenecks and becomes slow.
redundant ISP
a backup ISP could be standing by in case an outage occurs at the main ISP. Traffic could then be switched over to the redundant ISP, and the organization could continue to do business without any interruptions. using multiple ISPs can improve network traffic performance, aid in disaster recovery, and ensure quality of service.
redundant connections
all devices are connected to each other more than once to create fault tolerance. Then, a single device or cable failure does not affect performance because the devices are connected by more than one means.
active/passive configuration
all traffic is sent to the active server. The passive server is promoted to active if the active server fails or is taken down for maintenance.
network interface card (NIC) teaming
allows a NIC to be grouped with multiple physical NICs to form a logical network device known as a bond. This provides for fault tolerance and load balancing. NIC teaming is used in virtualized environments where a virtualized software NIC interacts with the physical NICs. In a fault-tolerance scenario, one of the physical NICs can be configured to take over for a failed NIC, eliminating the network interface as a single point of failure.
fault tolerance
allows a system to continue functioning even when one of the components has failed
RAID Level 6: Independent data disks with two independent parity schemes
allows for additional fault tolerance by using two-dimensional parity. uses Reed-Solomon codes to protect against up to two disk failures using the bare minimum of two redundant disk arrays.
network load balancers
are reverse proxy servers configured in a cluster to provide scalability and high availability. distributes IP traffic to multiple copies of a TCP/IP service, such as a web server, each running on a host within the cluster. Distributes the workload among multiple servers while providing a mechanism for server availability by health checking each server. From the client's point of view, the cluster appears to be a single server.
storage area networks (SAN)
are used to provide servers accessibility to storage devices and disks that contain critical data.
defense in depth
based on the premise that implementing security at different levels or layers to form a complete security strategy provides better protection and greater resiliency than implementing an individual security defense. comprehensive security approach for protecting the integrity of organizational information assets. Vendor and control diversity contributes to a strong defense-in-depth strategy.
RAID Level 2: Hamming code error-correcting code (ECC
each bit of a data word is written to a disk. requires the use of extra disks to store an error-correcting code. A typical setup requires 10 data disks and 4 ECC disks. All modern disk drives incorporate ECC, so offers little additional protection. No commercial implementations of RAID 2 exist today. The controller required is complex, specialized, and expensive, and the performance is not very good.
RAID Level 5: Independent data disks with distributed parity blocks
each entire block of the data and the parity are striped. requires a minimum of three disks. Because it writes both the data and the parity over all the disks, it has the best small read/large write performance of any redundancy disk array.
RAID Level 4: Independent data disks with shared parity disk
entire blocks are written onto a data disk. requires a minimum of three drives. is similar to RAID 3, except that data is interleaved across disks of arbitrary size instead of in bits.
non-persistence
if a failure occurs, the information is lost. is related to the concept of elasticity.
RAID Level 0: Striped disk array without fault tolerance
implements a striped disk array. The data is broken into blocks, and each block is written to a separate disk drive. requires a minimum of two disks.
full backup
is a complete backup of all data. This is the most time- and resource-intensive form of backup, requiring the largest amount of data storage. Theft poses the most risk because all data resides on one tape; only encryption can protect the data at that point. A full backup copies all selected files and resets the archive bit, a file attribute used to track incremental changes to files for the purpose of the backup
session affinity
is a method in which all requests in a session are sent to a specific application server by overriding the load-balancing algorithm. Session affinity, also called a sticky session, ensures that all requests from the user during the session are sent to the same instance. Session affinity enhances application performance by using in-memory caching and cookies to track session information
Single Point of Failure (SPOF)
is any piece of equipment that can bring down your operation if it stops working.
live boot media
is considered non-persistent because actions that occur between reboots do not persist. With live boot media, system RAM acts as a disk. When the media is removed and the system reboots, the RAM is cleared. Live boot media keeps the original media configuration. often used in instances when an organization needs a very secure environment in an unsecure location
incremental backup
is incomplete for full recovery without a valid full backup and all incremental backups since the last full backup. For example, if the server dies on Thursday, four tapes are needed: the full backup from Friday and the incremental tapes from Monday, Tuesday, and Wednesday. Incremental backups require the smallest amount of data storage and require the least amount of backup time, but they typically require the most time for restoration. If an incremental tape is stolen, it might not be valuable to the offender, but it still represents risk to the company. Resets the archive bit.
differential backup
is incomplete for full recovery without a valid full backup. For example, if the server dies on Thursday, two tapes are needed: the full backup from Friday and the differential from Wednesday. Differential backups require a variable amount of storage, depending on the regularity of normal backups and the number of changes that occur during the period between full backups. includes all data that has changed since the last full backup, regardless of whether or when the last differential backup was made, because this backup does not reset the archive bit.
snapshot
is like a full backup in that it copies all selected files. However, it doesn't reset the archive bit. From a security perspective, losing a tape with a snapshot is the same as losing a tape with a full backup. a snapshot often resides on the same system from which it was taken. reserves the entire state and data of the virtual machine at the time it is taken. A snapshot includes the virtual machine settings and the state of the machine's virtual drives. snapshots should not be used as a backup solution. Best practice for performance is to keep only two or three snapshots—and only for a short period of time.
redundancy
is replication of a component in identical copies to compensate for random hardware failures. Usually dispersed geographically, as well as through backup equipment and databases or hot sparing of system components
uninterruptible power supply (UPS)
is used to protect electronic equipment and provide immediate emergency power in case of failure. Typically stores energy via battery and serves as a short-term solution to power down equipment properly (for example, in small and home offices) or until emergency generators kick in for larger organizations
Redundant Array of Independent Disks (RAID)
maintain duplicated data across multiple disks so that the loss of one disk does not cause the loss of data. organizes multiple disks into a large, high-performance logical disk. Disk arrays are created to stripe data across multiple disks and access them in parallel
dual power supply unit (PSU)
or redundant power supplies are common for servers and enterprise networking equipment. Each provides half the power that's needed, and if one fails, the other takes over at 100%.
load balancing
provides high availability by distributing workloads across multiple computing resources. aims to optimize the use of resources, maximize throughput, minimize response time, and avoid overload of any single resource. especially useful when traffic volume is high and it prevents one server from being overloaded while another sits idle. can be implemented with hardware, software, or a combination of both. Typically, occurs in organizations with high website traffic, as well as in cloud-based environments.
diversity
refers to having multiple versions of software packages in which redundant software versions are different.
Redundancy and Diversity Controls (Static Environment Risk Mitigation)
replication to different data centers, replication to different geographic areas, redundant components, replication software systems, distinct security zones, different administrative control, and different organizational control.
RAID Level 1: Mirroring and duplexing
requires a minimum of two disks and offers 100% redundancy because all data is written to both disks. The difference between mirroring and duplexing is the number of controllers. Mirroring uses one controller, whereas duplexing uses one controller for each disk. In RAID 1, disk usage is 50%; the other 50% is for redundancy.
server clustering
the combination of two or more servers that appear as one. helps provide high availability. increases availability by ensuring that if a server is out of commission because of failure or planned downtime, another server in the cluster takes over the workload. - used to ensure that automatic failover occurs in case hardware failure renders the primary node incapable of providing normal service. - provide load balancing to avoid functionality loss because of directed attacks
RAID Level 3: Parallel transfer with parity
the data block is striped and written on the data disks. requires a minimum of three drives. In a parallel transfer with parity, data is interleaved bit-wise over the data disks, and a single parity disk is added to tolerate any single disk failure.
active/active configuration
two or more servers work together to distribute the load to network servers. Because all load balancers are active, they run almost at full capacity. If one of the load balancers fails, network traffic runs slowly, and user sessions time out.
Benefits of RAID
▶ Higher data transfer rates on large data accesses ▶ Higher I/O rates on small data accesses ▶ Uniform load balancing across all the disks The two major goals when implementing disk arrays are data striping for better performance and redundancy for better reliability
dependence on small number of vendors risks
▶ Technological inefficiency ▶ High equipment and service costs ▶ Supply-chain rigidity ▶ Lack of innovation ▶ Increased risk Having a larger, more diversified list of vendors helps mitigate risk and provides greater resiliency, reducing single points of failure and the likelihood of unnecessary or unplanned expenditures.
