University of WashingtonComputing & Communications Ten Minutes on Five Nines Terry Gray Associate VP, IT Infrastructure University of Washington Common.

Slides:



Advertisements
Similar presentations
Self-Managing Anycast Routing for DNS
Advertisements

NENA Development Conference | October 2014 | Orlando, Florida Local PSAP IP Network Infrastructure and NG9-1-1 Michael Smith, DSS Nate Wilcox, Emergicom.
Series 2: Project Management Understanding and Using 6 Basic Tools 9/2013 From the CIHS Video Series “Ten Minutes at a Time”
The Cable Guys Inc. Drew Leach Tom McLoughlin Philip Mauldin Bill Smith.
Asset Optimization Solutions. Asset Optimization Solutions Will Help to identify and Improve the true Potential of existing Plant and Machinery.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Accelerate Your Business RP IaaS (Infrastructure as a Service) IaaS.
Firewalls & VPNs Terry Gray UW Computing & Communications 13 September 2000.
1 University of WashingtonComputing & Communications security in the post-Internet era Terry Gray C&C all-hands meeting 09 March 2004.
University of WashingtonComputing & Communications Network Security Principles & Practice for UW Medicine Terry Gray April 2004.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Policies.
Network Research An Operator’s Perspective Terry Gray University of Washington Associate Vice President, Technology Engineering, C&C Affiliate Professor,
Network Insecurity: challenging conventional wisdom Terry Gray UW Computing & Communications 10 October 2000.
Prepared: October, Ann Garrett, State Chief Information Security Officer Statewide Security Update October 25, 2005 Information Technology Advisory.
University of WashingtonComputing & Communications Networking Update Terry Gray Director, Networks & Distributed Computing University of Washington UW.
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
Documenting the Existing Network - Starting Points IACT 418 IACT 918 Corporate Network Planning.
University of WashingtonComputing & Communications Recent Computer Security Incidents Terry Gray Director, Networks & Distributed Computing 03 October.
Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.
Uw network security 2003 Terry Gray University of Washington Computing & Communications 17 October 2003.
Security in the post-Internet era: the needs of the many the needs of the few Terry Gray University of Washington Fall Internet2 Meeting 16 October 2003.
J. Gray, Dependability in the Internet Era (acknowledgement: slides from J.Gray, E.Brewer)
Disconnect: security in the post-Internet era Terry Gray University of Washington 12 August 2003.
The new state of the network: how security issues are reshaping our world Terry Gray UW Computing & Communications Quarterly Computing Support Meeting.
Lecture 11 Reliability and Security in IT infrastructure.
1 University of WashingtonComputing & Communications UTAC SECURITY UPDATE Terry Gray 1 Oct 2004.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Exploring the Network Introduction to Networks.
1 University of WashingtonComputing & Communications UW Network Status 2006 Terry Gray Computing Support Meeting 13 February 2006.
Stephen S. Yau CSE , Fall Security Strategies.
1. 2 New Computing Models, and What They Mean to the Small and Mid Sized Business Consumer How your business can make practical decisions between “The.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Exploring the Network Introduction to Networks.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Principles of Information Security, 2nd Edition1 Introduction.
BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.
1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.
1 IS 8950 Managing Network Infrastructure and Operations.
Lessons Learned in Smart Grid Cyber Security
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Exploring the Network Introduction to Networks.
Exploring the Network.
N. GSU Slide 1 Chapter 02 Cloud Computing Systems N. Xiong Georgia State University.
SECURITY ZONES. Security Zones  A security zone is a logical grouping of resources, such as systems, networks, or processes, that are similar in the.
Chapter 6 of the Executive Guide manual Technology.
Cloud Computing Characteristics A service provided by large internet-based specialised data centres that offers storage, processing and computer resources.
Salsa Bits: A few things that the analysts aren't talking about... December 2006.
Hosted by Why You Need a Storage Management Organization Ray Paquet Vice President & Research Director Gartner.
Failure Analysis of the PSTN: 2000 Patricia Enriquez Mills College Oakland, California Mentors: Aaron Brown David Patterson.
K E M A, I N C. Ten Steps To Secure Control Systems APPA 2005 Conference Session: Securing SCADA Networks from Cyber Attacks Memphis, TN April 18, 2005.
Appendix C: Designing an Operations Framework to Manage Security.
Office of Campus Information Security Driving a Security Architecture by Assessing Risk Stefan Wahe Sr. Information Security Analyst.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Introducing Network Design Concepts Designing and Supporting Computer Networks.
Protecting Internet Infrastructure Michael M. Roberts [ ] MS&E 237 July 11, 2002 Stanford University.
How to Integrate Security Tools to Defend Data Assets Robert Lara Senior Enterprise Solutions Consultant, GTSI.
Firewall Security.
University of WashingtonComputing & Communications UW Medicine Networking Update Terry Gray Associate Vice President, IT Infrastructure University of Washington.
Frankfurt (Germany), 6-9 June 2011 Iiro Rinta-Jouppi – Sweden – RT 3c – Paper 0210 COMMUNICATION & DATA SECURITY.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Introducing Network Design Concepts Designing and Supporting Computer Networks.
Software Development Risk Assessment for Clouds National Technical University of Ukraine “Kiev Polytechnic Institute” Heat and energy design faculty Department.
IT Priorities Minimize CAPEX Maximize employee productivity Grow the business Add new compute resources real- time to support growth Meet compliance requirements.
Connected Security Your best defense against advanced threats Anne Aarness – Intel Security.
Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 6 - Essentials of Design an the Design Activities.
Education – Partnership – Solutions Information Security Office of Budget and Finance Christopher Giles Governance Risk Compliance Specialist The Internet.
Understanding IT Infrastructure Lecture 9. 2 Announcements Business Case due Thursday Business Analysis teams have been formed Business Analysis Proposals.
Critical Infrastructure Protection and the Role of the Next Generation Firewall Blaž Ivanc.
Organizing and leading the IT function Two set of tensions guide policies for developing, deploying and managing IT systems. 1.Innovation and control a.How.
CompTIA Security+ Study Guide (SY0-401)
AT&T Premises-Based Firewall Enhanced SBS Solution
op5 Monitor - Scalable Monitoring
CompTIA Security+ Study Guide (SY0-401)
Network Security in Academia: an Oxymoron?
Presentation transcript:

University of WashingtonComputing & Communications Ten Minutes on Five Nines Terry Gray Associate VP, IT Infrastructure University of Washington Common PROBLEMS Group 6 January 2005

University of WashingtonComputing & Communications Vision Systems/Services (and Staff!) characterized as Reliable and Responsive Reliability = job one But: I.T. = Inevitable Tensions  We all want:  High MTTF, Performance and Function  Low MTTR and support cost  The art is to balance those conflicting goals  we are jugglers and technology actuaries

University of WashingtonComputing & Communications Success Metrics  Tom’s  Nobody gets hurt  Nobody goes to jail  Terry’s  “Works fine, lasts a long time”  Low ROI (Risk Of Interruption)

University of WashingtonComputing & Communications Design Tradeoffs  Fault Zone size vs. Economy/Simplicity  Reliability vs. Complexity  Prevention vs. (Fast) Remediation  Security vs. Supportability vs. Functionality  Networks = Connectivity; Security = Isolation  Balancing priorities (security vs. ops vs. function)

University of WashingtonComputing & Communications Context: A Perfect Storm  Increased dependency on I.T.  Decreased tolerance for outages  Deferred maintenance  Inadequate infrastructure investment  Some extraordinarily fragile applications  Fragmented host management  Increasingly hostile network environment  esp. spam, spyware, social engr attacks  Increasing legal/regulatory liability  Highly de-centralized culture  Growth of portable devices

University of WashingtonComputing & Communications System Elements  Environmentals (Power, A/C, Physical Security)  Network  Client Workstations (incl. portable devices)  Servers  Applications  Personnel, Procedures, Policy, and Architecture Failures at one level can trigger problems at another level; need Total System perspective

University of WashingtonComputing & Communications Dimensions  How often is there a user-visible failure?  How many people are affected?  For how long?  How severely?

University of WashingtonComputing & Communications Basics  How many nines?  Problem one: what to measure?  How do you reduce behavior of a complex net to a single number?  Difficult for either uptime or utilization metrics  Problem two: data networks are not like phone or power services…  Imagine if phones could assume anyone’s number  Or place a million calls per second!

University of WashingtonComputing & Communications Security vs. Reliability  Obviously lack of security is bad… but:  Defense in depth is not free  Each add’l defensive perimeter increases MTTR  Defense-in-depth conjecture (for N layers) –Security: MTTE (exploit)  N**2 –Functionality: MTTI (innovation)  N**2 –Supportability: MTTR (repair)  N**2  Next-gen threats: firewalls won’t help

University of WashingtonComputing & Communications Complexity vs. Reliability  How do you measure avail in complex systems?  Death of the Network Utility Model  Organizational vs. geographic networking  SAN virtualization  Web load-leveler appliances  Organizational boundary conditions  Networks: from stochastic to non-deterministic  Subnets with clients and critical servers  Documentation deficiencies

University of WashingtonComputing & Communications Complex System Failures: Inevitable?  Jan 2004 (?) IEEE Spectrum on Power Grid failures  Point: it will happen, so plan for mitigation

University of WashingtonComputing & Communications Work in Progress New trouble-ticket system New network management system Next-generation network architecture Next-generation security architecture Improving change control process Improving DRBR process Lots of work on improving mon/diag tools

University of WashingtonComputing & Communications In Short… Expectations are growing (unrealistically?) Complexity is growing Few are prepared to pay for true HA Cultural barriers to change control Hospitals are a whole other world Biggest SPoF: power/HVAC Organizational complexity undermines HA Both security and lack of it undermine HA Redundancy can mask failures too well! With redundancy, must have better tools Need Ops-centric design, better DRBR Need application procurement standards

University of WashingtonComputing & Communications Questions? Comments?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.