CS 591 - Nicholis Bufmack Secure Storage Servers Secure Storage Servers An Intrusion Recovery System.

Slides:

Advertisements

Similar presentations

Complete Event Log Viewing, Monitoring and Management.

Advertisements

Complete Event Log Viewing, Monitoring and Management.

Mecanismos de alta disponibilidad con Microsoft SQL Server 2008 Por: ISC Lenin López Fernández de Lara.

Cloud OS Microsoft’s Vision of the Unified Platform for Modern Business.

June 23rd, 2009Inflectra Proprietary InformationPage: 1 SpiraTest/Plan/Team Deployment Considerations How to deploy for high-availability and strategies.

Understand Database Backups and Restore Database Administration Fundamentals LESSON 5.2.

Toolbox Mirror -Overview Effective Distributed Learning.

Keith Burns Microsoft UK Mission Critical Database.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 12: Managing and Implementing Backups and Disaster Recovery.

Introduction to Dfs. Limits of Dfs 260 characters per file path 32 alternatives per volume 1 Dfs root per server Unlimited Dfs roots per domain Volumes.

Manage backup vaults and servers Download and install backup agent Download a vault agent Create backup vault.

5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

VTS INNOVATOR SERIES Real Problems, Real solutions.

It refers to the software used to manage the database.

Maintaining Windows Server 2008 File Services

© 2009 Kroll Ontrack Inc.| Ontrack PowerControls 6.0 for SharePoint™ A Better Way to Search and Restore.

Module 8 Implementing Backup and Recovery. Module Overview Planning Backup and Recovery Backing Up Exchange Server 2010 Restoring Exchange Server 2010.

Upgrading the Platform - How to Get There!

After completing this topic, you will be able to explain the Agent for Hyper-V: backup flows Agent for Hyper-V: Backup flows.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 14: Problem Recovery.

1 Objectives Discuss the Windows Printer Model and how it is implemented in Windows Server 2008 Install the Print Services components of Windows Server.

Module 8: Designing Active Directory Disaster Recovery in Windows Server 2008.

November 2009 Network Disaster Recovery October 2014.

Bologna Aprile Atempo Product Suite Atempo Time Navigator™ Secure, highly scalable protection of heterogeneous data in complex, mission-critical.

Why consider the cloud? Cloud innovation presents challenges for IT.

Course 6425A Module 9: Implementing an Active Directory Domain Services Maintenance Plan Presentation: 55 minutes Lab: 75 minutes This module helps students.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 7: Advanced File System Management.

STEALTH Content Store for SharePoint using Caringo CAStor  Boosting your SharePoint to the MAX! "Optimizing your Business behind the scenes"

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 12: Managing and Implementing Backups and Disaster Recovery.

Sofia, Bulgaria | 9-10 October SQL Server 2005 High Availability for developers Vladimir Tchalkov Crossroad Ltd. Vladimir Tchalkov Crossroad Ltd.

Chapter 8 Implementing Disaster Recovery and High Availability Hands-On Virtual Computing.

1 © 2010 Overland Storage, Inc. © 2012 Overland Storage, Inc. Overland Storage The Storage Conundrum Neil Cogger Pre-Sales Manager.

Hadoop Hardware Infrastructure considerations ©2013 OpalSoft Big Data.

4/23/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

Barracuda Message Archiver. Integrated hardware and software Archiving and policy management Search and retrieval Internal storage and support for external.

Electronic Records Management: A Checklist for Success Jesse Wilkins April 15, 2009.

Additional Security Tools Lesson 15. Skills Matrix.

Mark A. Magumba Storage Management. What is storage An electronic place where computer may store data and instructions for retrieval The objective of.

Web Applications and Functional Business / Data Recovery Scott Nicewarner, IT Manager City of Hagerstown, Maryland

11 DISASTER RECOVERY Chapter 13. Chapter 13: DISASTER RECOVERY2 OVERVIEW  Back up server data using the Backup utility and the Ntbackup command  Restore.

7. Replication & HA Objectives –Understand Replication and HA Contents –Standby server –Failover clustering –Virtual server –Cluster –Replication Practicals.

Samba – Good Just Keeps Getting Better The new and not so new features available in Samba, and how they benefit your organization. Copyright 2002 © Dustin.

 Replication is the process of copying database information  Replication is used for:  Backing up your database  Migrating to a new server  Mirroring.

Database Systems. Role and Advantages of the DBMS Improved data sharing Improved data security Better data integration Minimized data inconsistency Improved.

Make VMs Resilient to Failures with Availability Sets.

May l Washington, DC l Omni Shoreham Parallels Virtuozzo Containers Roadmap Andrey Moruga Virtualization Product Manager, Parallels.

Backing Up and Restoring Databases by Using the SQL Server 2000.

Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.

1 Configuring Sites Configuring Site Settings Configuring Inter-Site Replication Troubleshooting Replication Maintaining Server Settings.

Data Disaster Recovery Planning Greg Fibiger 1/7/2016.

1 Chapter Overview Monitoring Access to Shared Folders Creating and Sharing Local and Remote Folders Monitoring Network Users Using Offline Folders and.

Storage Netværk Mød Microsoft Feb 2005, Agenda Data Protection Server (opdatering) Microsoft og iSCSI Demo.

SQL Server 2012 Session: 1 Session: 4 SQL Azure Data Management Using Microsoft SQL Server.

Oracle Database High Availability

Maintaining Windows Server 2008 File Services

Database Systems: Design, Implementation, and Management Tenth Edition

Oracle Database High Availability

File System Management and Fault Tolerance

Storage & Digital Asset Management CIO Council Update

Microsoft Azure P wer Lunch

SpiraTest/Plan/Team Deployment Considerations

AlwaysOn Availability Groups

Prepared by Jaroslav makovski

High Availability/Disaster Recovery Solution

Andy Puckett – Sales Engineer

PerformanceBridge Application Suite and Practice 2.0 IT Specifications

IBM Tivoli Storage Manager

Presentation transcript:

CS Nicholis Bufmack Secure Storage Servers Secure Storage Servers An Intrusion Recovery System

CS Nicholis Bufmack The Situation After a security breach, compromised files must be restored and the system must be returned to a stable, secure state. After a security breach, compromised files must be restored and the system must be returned to a stable, secure state. This requires an efficient, secure intrusion recovery system. This requires an efficient, secure intrusion recovery system.

CS Nicholis Bufmack The Standard Solution Standard solutions use a file system integrity check that involves periodically generating a checksum or hash (MD5, for instance) and comparing the files after a break-in. Standard solutions use a file system integrity check that involves periodically generating a checksum or hash (MD5, for instance) and comparing the files after a break-in. Files with an inconsistent signature can be restored. Files with an inconsistent signature can be restored.

CS Nicholis Bufmack Problems with this Solution It takes a long time to create the checksum and verify the integrity of the files. It takes a long time to create the checksum and verify the integrity of the files. Changed files must be restored making the system unavailable during restoration. Changed files must be restored making the system unavailable during restoration. Files can only be restored from a restore point that may not be current. Files can only be restored from a restore point that may not be current.

CS Nicholis Bufmack A Better Solution Utilize distributed files system technology, file replication, and a restore point service. Utilize distributed files system technology, file replication, and a restore point service. Secure the backup archives and restoration process on a separate server. Secure the backup archives and restoration process on a separate server.

CS Nicholis Bufmack Constraints My methodology was developed under the following platform: My methodology was developed under the following platform: Microsoft Windows 2003 Server R3Microsoft Windows 2003 Server R3 NTFS File SystemNTFS File System DFS (Distributed File System) ServiceDFS (Distributed File System) Service VSS (Volume Shadow Copy) ServiceVSS (Volume Shadow Copy) Service SQL Server 2005SQL Server 2005 WMI ScriptingWMI Scripting

CS Nicholis Bufmack Hardware Must run the core platform and include at least 2 servers: 1 for the Domain Server and 1 for the Secure Storage Server Must run the core platform and include at least 2 servers: 1 for the Domain Server and 1 for the Secure Storage Server The faster the network connection the better: Ethernet LAN. The faster the network connection the better: Ethernet LAN.

CS Nicholis Bufmack Topology Secure Storage Server VSS Service SQL Server VSS Archives Domain Controller DFS Service File Server File Server

CS Nicholis Bufmack Distributed File System DFS allows for files and volumes to be distributed across multiple servers. DFS allows for files and volumes to be distributed across multiple servers. Using file replication, files can be replicated to ensure uniformity OR in a single direction for backup purposes. Using file replication, files can be replicated to ensure uniformity OR in a single direction for backup purposes. Replicates only changes to a file – very efficient use of bandwidth. Replicates only changes to a file – very efficient use of bandwidth.

CS Nicholis Bufmack Volume Shadow Copy Creates a backup and a hash for restoration point services. Creates a backup and a hash for restoration point services. Can be used on volumes or files. Can be used on volumes or files. Can be used to create system wide snapshots. Can be used to create system wide snapshots.

CS Nicholis Bufmack Functionality 2-Way replication occurs between Domain Controller and File Services. 2-Way replication occurs between Domain Controller and File Services. Initially, 1-way replication occurs between Domain Controller and Secure Storage Server. Initially, 1-way replication occurs between Domain Controller and Secure Storage Server. VSS snapshots and archives are made on the Storage Server of changed files. VSS snapshots and archives are made on the Storage Server of changed files.

CS Nicholis Bufmack Functionality (cont.) Using WMI and stored procedures, file signatures can be placed inside the SQL Server based on VSS file archived trigger messages. Using WMI and stored procedures, file signatures can be placed inside the SQL Server based on VSS file archived trigger messages. The resulting restore points are created with fine granularity. The resulting restore points are created with fine granularity. Processing of restore point creation occurs only on Secure Storage Server. Processing of restore point creation occurs only on Secure Storage Server.

CS Nicholis Bufmack Restoration Search the SQL database for files changes since the incidence Search the SQL database for files changes since the incidence Suspend the DFS replication to the Secure Storage Server Suspend the DFS replication to the Secure Storage Server Restore the VSS archives and/or snapshots for that time period. Restore the VSS archives and/or snapshots for that time period. Restored files and/or snapshots are placed on the Secure Storage Server. Restored files and/or snapshots are placed on the Secure Storage Server.

CS Nicholis Bufmack Restoration (cont.) Suspend DFS Replication from the File Servers to the Domain Controller. Suspend DFS Replication from the File Servers to the Domain Controller. Reverse the replication direction to the Secure Storage Server and resume replication. Reverse the replication direction to the Secure Storage Server and resume replication. Replicate to the File Servers and restore the initial state. Replicate to the File Servers and restore the initial state.

CS Nicholis Bufmack Benefits Real-time file and system snap shots. Real-time file and system snap shots. Minimal bandwidth utilization for copying of replicated files. Minimal bandwidth utilization for copying of replicated files. Secure Storage Server can be put behind a file wall isolated from the main subnet. Secure Storage Server can be put behind a file wall isolated from the main subnet. Processing occurs only on Secure Storage Server. Processing occurs only on Secure Storage Server.

CS Nicholis Bufmack Benefits (cont.) During restoration, the subnet need not be taken down and unaltered files need not be made unavailable. Only affected volumes and files need to be restored and can be restored while the rest of the system is in use. During restoration, the subnet need not be taken down and unaltered files need not be made unavailable. Only affected volumes and files need to be restored and can be restored while the rest of the system is in use. Entire process can be automated. Entire process can be automated.

CS Nicholis Bufmack Limitations Works only on a Windows Network within a Windows ADS Domain. Works only on a Windows Network within a Windows ADS Domain. Will not operate with non-Windows file systems, such Linux ext3. Will not operate with non-Windows file systems, such Linux ext3. May not operate with some Windows file systems, such as FAT and FAT32. May not operate with some Windows file systems, such as FAT and FAT32. Some metadata information, such as alternative data streams, may be lost. Some metadata information, such as alternative data streams, may be lost.

CS Nicholis Bufmack References and More Info. See my report, to be uploaded soon. See my report, to be uploaded soon.