Professional Documents
Culture Documents
Services
Chapter 6
Availability Math
Availability of components in series
Component 1
Component 2
Component 3
Component 4
Component 5
98%
availability
98%
availability
98%
availability
98%
availability
98%
availability
Source: Applegate, Lynda M., Robert D. Austin, and F. Warren McFarlan, Corporate Information Strategy and Management. Burr Ridge, IL: McGraw-Hill/Irwin, 2002.
Availability
70%
60%
50%
40%
30%
20%
10%
0%
Source: Applegate, Lynda M., Robert D. Austin, and F. Warren McFarlan, Corporate Information Strategy and Management. Burr Ridge, IL:
McGraw-Hill/Irwin, 2002.
Availability
99.5%
99.0%
98.5%
98.0%
1
10
High-availability Facilities
Policy
Server 2
Application
Server 1
Application
Server 2
Internet
Firewall 1
Router
Switch
Firewall 2
Web Server
1
Web Server
2
Database
Server
Disk Array
Source: Applegate, Lynda M., Robert D. Austin, and F. Warren McFarlan, Corporate Information Strategy and Management. Burr Ridge, IL: McGraw-Hill/Irwin, 2002.
Chapter 6 Figure 6-5
Classification of Threats
External attacks
Intrusion
Viruses and worms
Website
Server
DoS Handshake
SYN: Users PC says hello repeatedly
Web
Users PC
Website
Server
Attack Leader
Attacker 2
Attacker 3
Attacker 4
Attacker 5
Attacker 6
Attacker 7
Website
Server
Attacker 8
Attack Leader facilitates SYN floods from multiple sources.
Source: Austin, Robert D. "The iPremier Company, The (A), (B), and (C): Denial of Service Attack." Harvard Business School Teaching Note 602-033.
Spoofing
Information Packets
Sender
Address
Destination
Address
Attacker
Target
Address: 12345
Address: 54321
Normal
12345
54321
Spoofing
Target server incorrectly interprets sender address
90817
54321
Source: Austin, Robert D. "The iPremier Company, The (A), (B), and (C): Denial of Service Attack." Harvard Business School Teaching Note 602-033.
Defensive Measures
Security policies
Firewalls
Authentication
Encryption
Patching and change management
Intrusion detection and network monitoring
A Security Management
Framework
HIGH
High Consequence
Low Probability
High Consequence
High Probability
CRITICAL
Consequences
THREATS
PRIORITIZE
THREATS
Low Consequence
Low Probability
LOW
Low Consequence
High Probability
MINOR
THREATS
0
Source:
Probability
,
1
. Burr Ridge, IL:
Chapter 6 Figure 6