Network+ Guide to Networks,

Fourth Edition

Chapter 13
Ensuring Integrity and Availability

Objectives
Identify the characteristics of a network that keeps
data safe from loss or damage
Protect an enterprise-wide network from viruses
Explain network- and system-level fault-tolerance
techniques
Discuss issues related to network backup and
recovery strategies
Describe the components of a useful disaster
recovery plan and the options for disaster
contingencies
Network+ Guide to Networks, 4e

What Are Integrity and Availability?

Integrity: soundness of networks programs, data,
services, devices, and connections
Availability: how consistently and reliably file or
system can be accessed by authorized personnel
Need well-planned and well-configured network
Data backups, redundant devices, protection from
malicious intruders

Phenomena compromising integrity and availability:

Security breaches, natural disasters, malicious
intruders, power flaws, human error
Network+ Guide to Networks, 4e

What Are Integrity and Availability?

(continued)
General guidelines for protecting network:
Allow only network administrators to create or modify
NOS and application system files
Monitor network for unauthorized access or changes
Record authorized system changes in a change
management system
Install redundant components
Perform regular health checks

Network+ Guide to Networks, 4e

What Are Integrity and Availability?

(continued)
General guidelines for protecting network
(continued):
Check system performance, error logs, and system
log book regularly
Keep backups, boot disks, and emergency repair
disks current and available
Implement and enforce security and disaster
recovery policies

Network+ Guide to Networks, 4e

Viruses
Program that replicates itself with intent to infect
more computers
Through network connections or exchange of
external storage devices
Typically copied to storage device without users
knowledge

Trojan horse: program that disguises itself as

something useful but actually harms system
Not considered a virus

Network+ Guide to Networks, 4e

Types of Viruses
Boot sector viruses: located in boot sector of
computers hard disk
When computer boots up, virus runs in place of
computers normal system files
Removal first requires rebooting from uninfected,
write-protected disk with system files on it

Macro viruses: take form of macro that may be

executed as user works with a program
Quick to emerge and spread
Symptoms vary widely
Network+ Guide to Networks, 4e

Types of Viruses (continued)

File-infected viruses: attach to executable files
When infected executable file runs, virus copies
itself to memory
Can have devastating consequences
Symptoms may include damaged program files,
inexplicable file size increases, changed icons for
programs, strange messages, inability to run a
program

Worms: programs that run independently and travel

between computers and across networks
Not technically viruses
Can transport and hide viruses
Network+ Guide to Networks, 4e

Types of Viruses (continued)

Trojan horse: program that claims to do something
useful but instead harms system
Network viruses: propagated via network protocols,
commands, messaging programs, and data links
Bots: program that runs automatically, without
requiring a person to start or stop it
Many bots spread through Internet Relay Chat (IRC)
Used to damage/destroy data or system files, issue
objectionable content, further propagate virus

Network+ Guide to Networks, 4e

Virus Characteristics
Encryption: encrypted virus may thwart antivirus
programs attempts to detect it
Stealth: stealth viruses disguise themselves as
legitimate programs or replace part of legitimate
programs code with destructive code
Polymorphism: polymorphic viruses change
characteristics every time transferred
Time-dependence: time-dependent viruses
programmed to activate on particular date

Network+ Guide to Networks, 4e

10

Virus Protection: Antivirus Software

Antivirus software should at least:
Detect viruses through signature scanning
Detect viruses through integrity checking
Detect viruses by monitoring unexpected file
changes or virus-like behaviors
Receive regular updates and modifications from a
centralized network console
Consistently report only valid viruses
Heuristic scanning techniques attempt to identify
viruses by discovering virus-like behavior (may give
false positives)
Network+ Guide to Networks, 4e

11

Antivirus Policies
Provide rules for using antivirus software and
policies for installing programs, sharing files, and
using floppy disks
Suggestions for antivirus policy guidelines:
Every computer in organization equipped with virus
detection and cleaning software
Users should not be allowed to alter or disable
antivirus software
Users should know what to do in case virus detected

Network+ Guide to Networks, 4e

12

Antivirus Policies (continued)

Suggestions for antivirus policy guidelines
(continued):
Antivirus team should be appointed to focus on
maintaining antivirus measures
Users should be prohibited from installing any
unauthorized software on their systems
Systemwide alerts should be issued to network
users notifying them of serious virus threats and
advising them how to prevent infection

Network+ Guide to Networks, 4e

13

Virus Hoaxes
False alerts about dangerous, new virus that could
cause serious damage to systems
Generally an attempt to create panic
Should not be passed on
Can confirm hoaxes online

Network+ Guide to Networks, 4e

14

Fault Tolerance
Capacity for system to continue performing despite
unexpected hardware or software malfunction
Failure: deviation from specified level of system
performance for given period of time
Fault: involves malfunction of system component
Can result in a failure

Varying degrees
At highest level, system remains unaffected by even
most drastic problems

Network+ Guide to Networks, 4e

15

Environment
Must analyze physical environment in which
devices operate
e.g., excessive heat or moisture, break-ins, natural
disasters

Can purchase temperature and humidity monitors

Trip alarms if specified limits exceeded

Network+ Guide to Networks, 4e

16

Power: Power Flaws

Power flaws that can damage equipment:
Surge: momentary increase in voltage due to
lightning strikes, solar flares, or electrical problems
Noise: fluctuation in voltage levels caused by other
devices on network or electromagnetic interference
Brownout: momentary decrease in voltage; also
known as a sag
Blackout: complete power loss

Network+ Guide to Networks, 4e

17

UPSs (Uninterruptible Power Supplies)

Battery-operated power source directly attached to
one or more devices and to power supply
Prevents undesired features of outlets A/C power
from harming device or interrupting services
Standby UPS: provides continuous voltage to device
Switch to battery when power loss detected

Online UPS: uses power from wall outlet to

continuously charge battery, while providing power
to network device through battery

Network+ Guide to Networks, 4e

18

UPSs (continued)
Factors to consider when deciding on a UPS:
Amount of power needed
Power measured in volt-amps

Period of time to keep a device running

Line conditioning
Cost

Network+ Guide to Networks, 4e

19

Generators

Figure 13-2: UPSs and a generator in a network design

Network+ Guide to Networks, 4e

20

Topology and Connectivity

Key to fault tolerance in network design is
supplying multiple possible data paths
If one connection fails, data can be rerouted
On LANs, star topology and parallel backbone
provide greatest fault tolerance
On WANs, full mesh topology offers best fault
tolerance
SONET networks highly fault-tolerant

Redundancy in network offers advantage of

reducing risk of lost functionality and profits from
network faults
Network+ Guide to Networks, 4e

21

Topology and Connectivity (continued)

Figure 13-3: VPNs linking multiple customers

Network+ Guide to Networks, 4e

22

Topology and Connectivity (continued)

Automatic fail-over: use redundant components
able to immediately assume duties of an identical
component in event of failure or fault
Can provide some level of fault tolerance by using
hot swappable parts
Leasing redundant T1s allows for load balancing
Automatic distribution of traffic over multiple links or
processors to optimize response

Network+ Guide to Networks, 4e

23

Topology and Connectivity (continued)

Figure 13-5: Fully redundant T1 connectivity

Network+ Guide to Networks, 4e

24

Servers
Make servers more fault-tolerant by supplying them
with redundant components
NICs, processors, and hard disks
If one item fails, entire system wont fail
Enable load balancing

Network+ Guide to Networks, 4e

25

Server Mirroring
Mirroring: one device or component duplicates
activities of another
Server Mirroring: one server duplicates
transactions and data storage of another
Must be identical machines using identical
components
Requires high-speed link between servers
Requires synchronization software
Form of replication

Servers can stand side by side or be positioned in

different locations
Network+ Guide to Networks, 4e

26

Clustering
Link multiple servers together to act as single
server
Share processing duties
Appear as single server to users
If one server fails, others automatically take over
data transaction and storage responsibilities
More cost-effective than mirroring
To detect failures, clustered servers regularly poll
each other
Servers must be close together
Network+ Guide to Networks, 4e

27

Storage: RAID (Redundant Array of

Independent (or Inexpensive) Disks)
Collection of disks that provide fault tolerance for
shared data and applications
Disk array
Collection of disks that work together in RAID
configuration, often referred to as RAID drive
Appear as single logical drive to system

Hardware RAID: set of disks and separate disk

controller
Managed exclusively by RAID disk controller

Software RAID: relies on software to implement

and control RAID techniques
Network+ Guide to Networks, 4e

28

RAID Level 0Disk Striping

Simple implementation of RAID
Not fault-tolerant
Improves performance

Figure 13-6: RAID Level 0disk striping

Network+ Guide to Networks, 4e

29

RAID Level 1Disk Mirroring

Data from one disk copied to another disk
automatically as information written
Dynamic backup
If one drive fails, disk array controller automatically
switches to disk that was mirroring it
Requires two identical disks
Usually relies on system software to perform
mirroring

Disk duplexing: similar to disk mirroring, but

separate disk controller used for each disk
Network+ Guide to Networks, 4e

30

RAID Level 1Disk Mirroring

(continued)

Figure 13-7: RAID Level 1disk mirroring

Network+ Guide to Networks, 4e

31

RAID Level 3Disk Striping with

Parity ECC
Disk striping with special error correction code
(ECC)
Parity: mechanism used to verify integrity of data by
making number of bits in a byte sum to either an odd
or even number
Even parity or odd parity
Tracks integrity of data on disk
Parity bit assigned to each data byte when written to
disk
When data read, datas bits plus parity bit summed
(parity should match)
Network+ Guide to Networks, 4e

32

RAID Level 3Disk Striping with

Parity ECC (continued)

Figure 13-8: RAID Level 3disk striping with parity ECC

Network+ Guide to Networks, 4e

33

RAID Level 5Disk Striping with

Distributed Parity
Data written in small blocks across several disks
Parity error checking information distributed among
disks
Highly fault-tolerant
Very popular
Failed disk can be replaced with little interruption

Hot spare: disk or partition that is part of array, but

used only in case a RAID disks fails
Cold spare: duplicate component that can be
installed in case of failure
Network+ Guide to Networks, 4e

34

RAID Level 5Disk Striping with

Distributed Parity (continued)

Figure 13-9: RAID Level 5disk striping with distributed parity

Network+ Guide to Networks, 4e

35

NAS (Network Attached Storage)

Specialized storage device that provides
centralized fault-tolerant data storage
Maintains own interface to LAN
Contains own file system optimized for saving and
serving files
Easily expanded without interrupting service
Cannot communicate directly with network clients

Network+ Guide to Networks, 4e

36

NAS (continued)

Figure 13-10: Network attached storage on a LAN

Network+ Guide to Networks, 4e

37

SANs (Storage Area Networks)

Figure 13-11: A storage area network

Network+ Guide to Networks, 4e

38

Data Backup
Copy of data or program files created for archiving
or safekeeping
No matter how reliable and fault-tolerant you believe
your servers hard disk (or disks) to be, still risk
losing everything unless you make backups on
separate media and store them off-site

Many options exist for making backups

Network+ Guide to Networks, 4e

39

Backup Media and Methods

To select appropriate solution, consider following
questions:

Sufficient storage capacity?

Reliability?
Data error checking techniques?
System efficient enough to complete backup process
before daily operations resume?
Cost and capacity?
Compatibility?
Frequent manual intervention?
Scalability?

Network+ Guide to Networks, 4e

40

Optical Media
Capable of storing digitized data
Uses laser to write and read data
CD-ROMs and DVDs

Requires proper disk drive to write data

Writing data usually takes longer than saving data
to another type of media

Network+ Guide to Networks, 4e

41

Tape Backups
Relatively simple, capable of storing large amounts
of data, at least partially automated
On relatively small networks, standalone tape
drives may be attached to each server
On large networks, one large, centralized tape
backup device may manage all subsystems
backups
Usually connected to computer other than file server

Network+ Guide to Networks, 4e

42

External Disk Drives

Storage devices that can be attached temporarily
to a computer via USB, PCMCIA, FireWire, or
Compact-Flash port
Removable disk drives

For backing up large amounts of data, likely to use

external disk drive with backup control features,
high capacity, and fast read-write access
Faster data transfer rates than optical media or
tape backups

Network+ Guide to Networks, 4e

43

Network Backups
Save data to another place on network
Must back up data to different disk than where it was
originally stored

Most NOSs provide utilities for automating and

managing network backups
Online backup: saves data across Internet to
another companys storage array
Strict security measures to protect data in transit
Backup and restoration processes automated

Network+ Guide to Networks, 4e

44

Backup Strategy
Strategy should address following questions:

What data must be backed up?

Rotation schedule?
Time backups occur?
Method of accuracy verification?
Where and how long will backup media be stored?
Who will take responsibility?
How long will backups be saved?
Where will documentation be stored?

Network+ Guide to Networks, 4e

45

Backup Strategy (continued)

Archive bit: file attribute that can be checked or
unchecked
Indicates whether file must be archived

Backup methods use archive bit in different ways

Full backup: all data copied to storage media,
regardless of whether data is new or changed
Archive bits set to off for all files

Incremental backup: copies only data that has

changed since last full or incremental backup
Unchecks archive bit for every file saved

Differential backup: does not uncheck archive bits

for files backed up
Network+ Guide to Networks, 4e

46

Backup Strategy (continued)

Determine best possible backup rotation scheme
Provide excellent data reliability without overtaxing
network or requiring a lot of intervention
Several standard backup rotation schemes
Grandfather-father-son: Uses DAILY (son), weekly
(father), and monthly (grandfather) backup sets

Make sure backup activity recorded in backup log

Establish regular schedule of verification

Network+ Guide to Networks, 4e

47

Backup Strategy (continued)

Figure 13-13: The grandfather-father-son backup rotation

scheme
Network+ Guide to Networks, 4e

48

Disaster Recovery:
Disaster Recovery Planning
Disaster recovery: process of restoring critical
functionality and data after enterprise-wide outage
Disaster recovery plan accounts for worst-case
scenarios
Contact names and info for emergency coordinators
Details on data and servers being backed up,
backup frequency, backup location, how to recover
Details on network topology, redundancy, and
agreements with national service carriers
Strategies for testing disaster recovery plan
Plan for managing the crisis
Network+ Guide to Networks, 4e

49

Disaster Recovery Contingencies

Several options for recovering from disaster
Cold site: place where computers, devices, and
connectivity necessary to rebuild network exist
Not configured, updated, or connected

Warm site: same as cold site, but some computers

and devices appropriately configured, updated, or
connected
Hot site: computers, devices, and connectivity
necessary to rebuild network are appropriately
configured, updated, and connected to match
networks current state
Network+ Guide to Networks, 4e

50

Summary
Integrity refers to the soundness of your networks
files, systems, and connections
Several basic measures can be employed to
protect data and systems on a network
A virus is a program that replicates itself so as to
infect more computers, either through network
connections or through external storage devices
passed among users
A good antivirus program should be able to detect
viruses through signature scanning, integrity
checking, and heuristic scanning
Network+ Guide to Networks, 4e

51

Summary (continued)
The goal of fault-tolerant systems is to prevent
faults from progressing to failures
Fault tolerance is a systems capacity to continue
performing despite an unexpected hardware or
software malfunction
A UPS is a battery power source that prevents
undesired features of the power source from
harming the device or interrupting its services
For utmost fault tolerance in power supply, a
generator is necessary
Network+ Guide to Networks, 4e

52

Summary (continued)
Critical servers often contain redundant NICs,
processors, and/or hard disks to provide better fault
tolerance
Server mirroring involves utilizing a second,
identical server to duplicate the transactions and
data storage of one server
Clustering links multiple servers together to act as
a single server
RAID is an important storage redundancy feature

Network+ Guide to Networks, 4e

53

Summary (continued)
Backups can be saved to optical media (such as
CDs and DVDs), tapes, external disk drives, or to
another location on a network
The aim of a good backup rotation scheme is to
provide excellent data reliability but not to overtax
your network or require much intervention
Disaster recovery is the process of restoring your
critical functionality and data after an enterprisewide outage that affects more than a single system
or a limited group of users
Network+ Guide to Networks, 4e

54