Site Network: | | Jongsma & Jongsma

Innovation in Information Security

Coverage of important Information Security and Information Technology news and events from the research team at S?nnet Beskerming.

Username: | Password: Contact us to request an account

Being Prepared is for More Than Just the Scouts

The need for a strong disaster recovery plan is one of the topics that has received previous coverage from S?nnet Beskerming and it should be an essential component of any business plan. A recent power outage in San Francisco provides an excellent example of this need, when some of the largest sites on the Internet went dark after the co-lo facility where they were hosted was affected by the outage.

When the San Francisco co-location (co-lo) facility for 365 Main was affected by a San Francisco power outage, sites such as Craigslist, Typepad, Yelp, LiveJournal, Linden Lab, Sun, and Technorati were amongst those that temporarily disappeared from the Internet. Initial reports suggested that someone had physically damaged numerous racks, though this was later corrected to indicate the power outage as the root cause for the shutdown.

Embarrassingly for one company, Redenvelope, they were celebrating two years of 100% uptime with their hosting at 365 Main - sending out their press release on the same day that the power went out. Users of the online Second Life environment also found some increased instability with their online world.

Despite having backup generators and power failover management systems in place, 365 Main found that they apparently did not function as advertised. Rather than using traditional battery bank-style Uninterruptible Power Supplies (UPSs), 365 Main used a mechanical flywheel-based stored energy system to provide coverage between when the mains cuts out and when the generators pick up the slack. Flywheels can only provide power for a short period and are a viable solution for avoiding the need to cycle power for the few seconds it takes power management systems to realise there is a problem and start the generators.

This particular short power gap is more important to dynamic sites than static sites, where an unexpected short power outage / server reboot can lead to a lengthy site downtime as databases, hard drives, and supporting systems fail to recover gracefully.

While geographically remote redundancy is not always something that can be achieved, it is something that is possible and becoming more cost effective with the large number of hosting providers spread across the globe. A load balanced website with multiple failover locations that are based on separate power grids, in separate countries, and even on separate host Operating Systems is well within the reach of most businesses that are paying for external hosting for their websites and other web services.

If malware authors and spammers are busy using 'Fast Flux Networks' to remain an elusive target, then the average site owner can apply the same techniques and capabilities to obtain seamless continuity of operations when the unthinkable happens.

This might be a fairly simple solution for sites that are relatively static in content terms (i.e. serving static HTML or simply generated PHP / ASP / Perl), but achieving the same with dynamic "Web 2.0" sites isn't that much more difficult. Databases that are primarily read only can be replicated relatively simply, while databases that are heavily written to require a little bit more effort with replication and co-ordination. It certainly isn't out of the realm of possibility to have proper replication no matter what type of website is being operated.

To make the best of the available opportunities means that you have to be aware that they exist in the first place, and that you are paying the right people to develop and implement the right systems for your site / business.

If you or your business aren't sure how you would cope with the sudden loss of availability for a critical business component, perhaps it is time to look at the various options available. Even if you are, perhaps it is time that you tested those processes.

29 July 2007

Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis

Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.

Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.

Comments will soon be available for registered users.