1 / 35

Network Plus Malware and Ensuring Availability

Network Plus Malware and Ensuring Availability. 1/28/2010. 1/28/2010. Malware. Program or code Designed to intrude upon or harm system and resources Examples: viruses, Trojan horses, worms, bots Virus Replicating program intent to infect more computers

christine-burt
Download Presentation

Network Plus Malware and Ensuring Availability

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network PlusMalware and Ensuring Availability 1/28/2010 1/28/2010

  2. Malware Program or code Designed to intrude upon or harm system and resources Examples: viruses, Trojan horses, worms, bots Virus Replicating program intent to infect more computers Through network connections, exchange of external storage devices 4

  3. Types of Malware Categories based on location and propagation Boot sector viruses Macro Virus File-infector virus Worm Trojan horse Network Virus Bot Network+ Guide to Networks, 5th Edition 5

  4. Malware Characteristics Encryption Used by viruses, worms, Trojan horses Thwart antivirus program’s attempts to detect it Stealth Malware hides itself to prevent detection Disguise themselves as legitimate programs, code Polymorphism Change characteristics every time they transfer to new system Time dependence Programmed to activate on particular date Can remain dormant, harmless until date arrives 6

  5. Malware Protection Install virus-scanning program or anti-malware software Spyware vs Virus Security Essentials from Microsoft Requires: Choosing appropriate anti-malware program Monitoring network Continually updating anti-malware program Educating users ZeroDay attack First attacks made by virus or malware Best defense is security policy and user training 8

  6. Malware Symptoms Malware leaves evidence Some detectable only by anti-malware software User viewable symptoms Unexplained file size increases Significant, unexplained system performance decline Unusual error messages Significant, unexpected system memory loss Periodic, unexpected rebooting Display quality fluctuations Malware often discovered after damage done Network+ Guide to Networks, 5th Edition 9

  7. Malware Detection Minimal anti-malware functions Detect malware through signature scanning Comparing file’s content with known malware signatures Detect malware through integrity checking Comparing current file characteristics against archived version Server Based Client Based Network+ Guide to Networks, 5th Edition 10

  8. Fault Tolerance Environment Temperature Protect from break-ins and natural disasters Power UPS Redundancy Virtual Machine Clusters Network+ Guide to Networks, 5th Edition 14

  9. Power Blackout Complete power loss Brownout Temporary dimming of lights Causes Forces of nature Utility company maintenance, construction Solution Alternate power sources Network+ Guide to Networks, 5th Edition 16

  10. Power Flaws Not tolerated by networks Types: Surge Momentary increase in voltage Noise Fluctuation in voltage levels Brownout Momentary voltage decrease Blackout Complete power loss Network+ Guide to Networks, 5th Edition 17

  11. UPSs (Uninterruptible Power Supplies) Battery-operated power source Directly attached to one or more devices Attached to a power supply Prevents Harm to device, service interruption Network+ Guide to Networks, 5th Edition 18

  12. UPSs (cont’d.) Standby UPS (offline UPS) Continuous voltage Switch instantaneously to battery upon power loss Restores power Problems Time to detect power loss Does not provide continuous power Network+ Guide to Networks, 5th Edition 19

  13. UPSs (cont’d.) Online UPS A/C power continuously charges battery No momentary service loss risk Handles noise, surges, sags Before power reaches attached device More expensive than standby UPSs Number of factors to consider when choosing Network+ Guide to Networks, 5th Edition 20

  14. Topology and Connectivity Before designing data links Assess network’s needs Fault tolerance in network design Supply multiple paths data Travel from any one point to another LAN: star topology and parallel backbone Multiple network adapters Mesh topology in switches -- STP SONET technology Relies on dual, fiber-optic ring Network+ Guide to Networks, 5th Edition 22

  15. Topology and Connectivity (cont’d.) Failover capable or hot swappable components Desired for switches or routers supporting critical links Load balancing Automatic traffic distribution to optimize response Over multiple links or processors Virtualization Provides for failover and load balancing by allowing virtual machines to be moved between hosts based on loads. In event of host failure, virtual machine may be migrated to another host Network+ Guide to Networks, 5th Edition 25

  16. Topology and Connectivity (cont’d.) Figure 14-5 Fully redundant T1 connectivity Network+ Guide to Networks, 5th Edition 26

  17. Clustering Referred to as High Availability solution Links multiple servers together Act as single server Clustered servers share processing duties Appear as single server to users Failure of one server Others take over Used with virtualization Network+ Guide to Networks, 5th Edition 29

  18. RAID (Redundant Array of Independent [or Inexpensive] Disks) Collection of disks Provide shared data, application fault tolerance Disk array (drive) Group of hard disks RAID drive (RAID array) Collection of disks working in a RAID configuration Single logical drive Network+ Guide to Networks, 5th Edition 31

  19. RAID (cont’d.) Hardware RAID Set of disks, separate disk controller RAID array managed exclusively by RAID disk controller Attached to server through server’s controller interface Software RAID Software implements, controls RAID techniques Any hard disk type Less expensive (no controller, disk array) Performance rivals hardware RAID Network+ Guide to Networks, 5th Edition 32

  20. RAID (cont’d.) RAID Level 0 - Disk Striping Simple RAID implementation Data written in 64-KB blocks equally across all disks Not fault-tolerant Does not provide true redundancy Best RAID performance (in this chapter) Uses multiple disk controllers Network+ Guide to Networks, 5th Edition 33

  21. RAID (cont’d.) Figure 14-6 RAID level 0 - disk striping Network+ Guide to Networks, 5th Edition 34

  22. RAID (cont’d.) RAID Level 1- Disk Mirroring Disk mirroring provides redundancy Data from one disk copied automatically to another disk Dynamic data backup Data continually saved to multiple locations Advantages Simplicity, automatic and complete data redundancy Disadvantages Cost of two controllers, software for mirroring Network+ Guide to Networks, 5th Edition 35

  23. RAID (cont’d.) Figure 14-7 RAID level 1 - disk mirroring Network+ Guide to Networks, 5th Edition 36

  24. RAID (cont’d.) RAID Level 5 - Disk Striping with Distributed Parity Most popular data storage technique Data written in small blocks across several disks Parity error checking information distributed among disks Network+ Guide to Networks, 5th Edition 37

  25. RAID (cont’d.) Figure 14-9 RAID level 5 - disk striping with distributed parity Network+ Guide to Networks, 5th Edition 38

  26. RAID 10 Combines Raid 0 and Raid 1 39

  27. NAS (Network Attached Storage) Specialized storage device, storage device group Provides centralized fault-tolerant data storage Difference from RAID Maintains own interface to LAN Allows for clustering Shared by virtual machines Network+ Guide to Networks, 5th Edition 40

  28. NAS (cont’d.) Figure 14-10 Network attached storage on a LAN Network+ Guide to Networks, 5th Edition 42

  29. SANs (Storage Area Networks) Distinct networks of storage devices Often use Fiber Communicate directly With each other, other networks Multiple storage devices Connected to multiple, identical servers Network+ Guide to Networks, 5th Edition 43

  30. Figure 14-11 A storage area network Network+ Guide to Networks, 5th Edition 44

  31. Data Backup Backup Copies of data or program files Created for archiving, safekeeping Store off site Many backup options available Performed by different software and hardware Use different storage media types Tape, Optical, External Disk, Network Can be controlled by NOS utilities, third-party software Network+ Guide to Networks, 5th Edition 45

  32. Backup Strategy Backup methods use archive bit Full backup All data copied Uncheck archive bits Incremental backup Copy data changed since last full, incremental backup Uncheck archive bits Differential backup Copy only data changed since last backup All data marked for subsequent backup Does not uncheck archive bits Network+ Guide to Networks, 5th Edition 52

  33. Backup Strategy (cont’d.) Grandfather-Father-Son Uses backup sets Daily (son) Weekly (father) Monthly (grandfather) Network+ Guide to Networks, 5th Edition 53

  34. Disaster Recovery Contingencies Cold site Components necessary to rebuild network exist Not appropriately configured, updated, or connected Warm site Components necessary to rebuild network exist Some appropriately configured, updated, and connected Hot site Components necessary to rebuild network exist All are appropriately configured, updated, and connected Match network’s current state Network+ Guide to Networks, 5th Edition 56

  35. The End Network+ Guide to Networks, 5th Edition Network+ Guide to Networks, 5th Edition

More Related