Magazine article Online

Intranet Librarian: Planning for the Unexpected

Magazine article Online

Intranet Librarian: Planning for the Unexpected

Article excerpt

Planning for intranet outages should involve the whole intranet team and should include consultation with key stakeholders.

No one wants to be in the Web manager's shoes the day the Web site goes down. Careful planning up front can help prevent and head off down times, but, invariably, disaster will strike. As an intranet manager, it is your responsibility to have a disaster plan in place. In the event that there is a problem, you need to ensure that it is addressed and handled effectively.

Planning for intranet outages should involve the whole intranet team and should include consultation with key stakeholders. You need to conduct a risk analysis to identify likely threats-hardware failure, software failure, network outage, hacker attacks, virus threats, malicious attacks by disgruntled employees, and any other natural or unnatural disasters. It is important to develop broad, comprehensive plans for handling various types of emergencies as well as procedures for recovering from disasters. Equally important is ensuring that everyone on the team is familiar with and up to speed on these plans.

PREVENTING DISASTERS BEFORE THEY HAPPEN

Before a disaster occurs, take time to assess threats and minimize risks. Identify essential, uninterruptible functions. Often you will find that the new procedures, software, and hardware put in place to minimize risks have secondary benefits that help day-to-day operations.

If an Internet outage will have a major impact on your operations, purchasing a redundant Internet feed from another provider on a different backbone is a prudent step.

On the hardware side, standard practice for minimizing the outages from hardware failure is to use RAID arrays for data disks, allowing the servers to recover and keep operating even if a disk should fail. Backing up system and data disks is still a "must," but the retrieval time for restoring file systems from tape makes RAID arrays attractive for any critical applications. If you can afford it, purchase servers with redundant fans, power supplies, CPUs, and memory. If not, then spare parts should be on hand, or service contracts in place, that guarantee you delivery of new parts within hours.

Arrange to have an emergency power supply on hand in case regular power goes out and keep all critical servers plugged into an uninterruptible power supply (UPS). Test and change your UPS batteries as needed. Make sure you monitor your RAID arrays or you may not notice a disk failure until months later when a second disk fails and you lose all your data. Walk through your server room periodically and look for amber warning lights or other indications of hardware problems.

BACKUPS AND SECURITY MEASURES

In addition to safeguards such as tape backup and RAID arrays, many teams also use a program such as rsync to create a copy of the system disk on a spare hard drive in the same server. This provides another disk from which to boot when the system disk fails. Additionally, this supplies a quick and easy way to test system software upgrades by applying them on the spare disk first, testing and switching back to the production if there are problems. In the event of system compromise when the server has been hacked, you can rapidly compare the rsync copy of the disk to the live disk in order to assess the damage and identify likely means of entry. An rsync copy of a system disk also provides an easy means for quickly retrieving changed or deleted files when doing system maintenance work. Depending on the degree of risk and the critical nature of the service, you may have an entire hot spare server that you can swap out live.

For intranet servers located inside a firewall, many of the nastiest attacks by hackers and viruses can be headed off. You still need to assess the risk-viruses can certainly hamper network and intranet performance. Even with a firewall, you still need to follow good security practices, keeping your machines up-to-date with the latest security patches. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.