Chapter 6 Assuring reliable and secure IT services

1
Chapter 6 Assuring reliable and secure IT services

• Chuayang University of Technology
• Ying Chieh Liu

2
Background

• Internet valueRobust enough to withstand a
  military attack.?Redundancy The exceptionally
  large number of potential paths a message can
  take between any two points in a network.
• But, most components of a firms infrastructure
  are not reliable.
• Redundancy?more equipment?more budget
• How much reliability to buy is a management
  decision highly contingent on numerous, mostly
  business, factors.
• Redundant systems?more complex?more management
• Failures are inevitable

3
Availability

• A system that is 98 percent available is on
  average running and read to be used 98 percent of
  the time. 2 down.
• Different availability for different systems and
  organizations

4
Five components in series (each 98 percent
available)
5
Combining components in series decreases overall
availability
6
Five components in parallel (each 98 percent
available)
7
Redundancy increases overall availability
8
High-availability facilities

• Uninterruptible electric poser delivery
• Physical security
• Climate control and fire suppression
• Network connectivity

9
NN Redundancy
10
DOS attack
11
A distributed DOS attack
12
Spoofing
13
Others

• Intrusion
• Viruses and worms

14
Defensive measures

• Security policies
• Firewalls
• Authentication
• Encryption
• Patching and change management
• Intrusion detection and network monitoring

15
Security management framework

• Make deliberate security decisions
• Consider security a moving target
• Practice disciplined change management
• Educate users
• Deploy multilevel technical measures, as many as
  you can afford

16
Managing infrastructure risks consequences and
probabilities
17
Managing incidents before occur

• Sound infrastructure design
• Disciplined execution of operating procedures
• Careful documentation
• Established crisis management procedures
• Rehearsing incident response