Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecture 11 Reliability and Security in IT infrastructure.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Lecture 11 Reliability and Security in IT infrastructure."— Presentation transcript:

1 Lecture 11 Reliability and Security in IT infrastructure

2 2 Business analysis paper feedback Interesting topics Be specific in what questions you want to cover –You cannot do it all –Some resources will be harder to find Be clear where information is coming from Look for good references now

3 3 Reliability Basics Redundancy –Multiple paths through a network make the network robust to failing links Individual components are not so reliable –Buying backup equipment is possible, but sometimes expensive Redundancy can make more complex management challenges

4 4 Math of Availability Difference between 2% down in one business vs another –When might it go down? –Who is affected

5 5 Fig 6.1 Five Components in Series Total availability of components in series requires all components to be available

6 6 Fig 6.2 Combining components in series decreases overall availability exponentially Increased number of components increases the likelihood that one of them is out

7 7 Redundancy through parallel components All components have to fail in order for the link to fail

8 8 Fig 6.4 Redundancy increases overall availability

9 9 More general networks How do we calculate probability of failure in network? How do we recognize the critical vulnerabilities?

10 10 High Availability Facilities Redundant power supply Physical security Climate Control Fire suppression Network connectivity

11 11 N+1 vs. N+N redundancy N+1 means one backup per type N+N means one backup per component

12 12 Fig 6.5 Typical E-commerce Infrastructure Most components have redundancy Why not all?

13 13 Reliability vs. Security What is the difference? What different scenarios need to be considered?

14 14 Security against malicious threats Multiple different types of threats

15 15 Fig 6.7 distributed Denial of service attack

16 16 Fig 6.8 Spoofing Packets look like they came from another source

17 17 Intrusion Attacker gains access to internal IT structure –Usernames/passwords –Hacking using sniffer software Once inside, intruder can –Steal information –Alter data –Delete data –Deface programs/websites Detecting what someone has actually done is difficult

18 18 Viruses and worms Malicious software programs that replicate and spread to other computers Large range of potential damage Usually, viruses require user execution, whereas worms move automatically Recent examples target vulnerabilities, trigger cascade of events

19 19 Defensive Measures Access and security policies –Who can read what? –Who can have an account? –Who is allowed to change what? –How is policy enforced? Firewalls –Collection of hardware, software to prevent unauthorized access o internal computer resources –Act like a security gate to check legitimate employees trying to use network –Filtering vs. relaying

20 20 Defensive Measures Authentication –Various levels (host, network etc.) –Any granularity possible (files, directories etc.) –Strong authentication requires complex passwords, often changing –Digital certificates –Biometric data Encryption –Uses a key to decode and decode message –Public/private combination –Only person with private key can decrypt

21 21 Defensive Measures Patching –Exploiting weaknesses in system is a primary strategy for attack –Knowing what has been patched is critical Intrusion detection and network monitoring –Automatically filtering out attacks is best –Logging and diagnostic systems help improve and detect what has actually happened

22 22 Security Management Framework Make Deliberate Security Decisions Consider Security a Moving Target Practice Disciplined Change Management Educate Users Deploy Multilevel Technical Measures, as many as can afford

23 23 Risk Management of Availability and Security Cannot afford to stop every possibility Expected loss is one measure (prob. x cost)

24 24 Incident Management (Recall last week’s case) Before –Sound infrastructure –Disciplined execution of operating procedures –Careful Documentation –Established Crisis Management procedures –Scenario testing During –Follow the plan! –Avoid emotional, over-optimistic or political influences After –Detect what has happened –Rebuild carefully –Document –Public Announcement Decisions

25 25 Case this week: Ford and Dell Read both the Ford Case and the Dell reading

Download ppt "Lecture 11 Reliability and Security in IT infrastructure."

Similar presentations

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
COMP6005 An Introduction to Computing Session One: An Introduction to Computing Security Issues.

COMP6005 An Introduction to Computing Session One: An Introduction to Computing Security Issues.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
1 MODULE 10 : Assuring Reliable and Secure IT Services Matakuliah: J0422 / Manajemen E-Corporation Tahun: 2005 Versi: 1 / 2.

1 MODULE 10 : Assuring Reliable and Secure IT Services Matakuliah: J0422 / Manajemen E-Corporation Tahun: 2005 Versi: 1 / 2.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
1 Telstra in Confidence Managing Security for our Mobile Technology.

1 Telstra in Confidence Managing Security for our Mobile Technology.
Information Security Policies and Standards

Information Security Policies and Standards
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Chapter 12 Network Security.

Chapter 12 Network Security.
Lecture 10 Security and Control.

Lecture 10 Security and Control.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Similar presentations

Ads by Google