A good network design will implement redundant devices to avoid downtime. In this video, you’ll look at a network design that minimizes a single point of failure.
<< Previous: Business RiskNext: Vulnerability Scanning >>
The Network team is of course, interested in uptime and availability. There’s also a security component to keeping the business running. So in this video, we’ll talk about avoiding a single point of failure.
On a network, the weakest link is always going to be your biggest problem. It’s the thing that is going to make everything stop cold in its tracks. It could be a hardware failure with a device. You might have loaded a software patch, which then broke something else. Or there just might be bad code as part of an application that occasionally will fail when a particular circumstance occurs.
That’s why it’s useful to go through your network infrastructure and get an understanding of where all these critical devices happen to be. You need to identify these critical nodes so that you can then create redundancy and resiliency around these particular parts of the network. You need a process, so that if something occurs that causes that device to fail, you have a secondary form of operation that you could put into place.
This failover process may require that you purchase additional hardware or install additional software. There maybe change to your network infrastructure. Or you may need to have a third party location or third party resources to help maintain the availability of your network.
This is a very common network design for a redundant network and redundant components. You can see in this case we even have multiple internet providers. That way if one internet provider has a problem, we can still send and receive information to the internet using the other link. Most networks will have multiple firewalls in place, and they’ll either be running both at the same time, or they’ll be a failover process where you can move from one firewall to the other automatically.
Inside of the network are usually multiple routers as well, performing the same type of failover process. If one happens to fail, everything will route through the other device. Inside of your network, you can have multiple switches, which are also sharing the load in transferring that load between the switches. And you might have load balancers that would then redirect traffic to multiple web servers. That way if you lose a power supply or the operating system fails on one of these web servers, the other one remains up and running.
In this particular diagram, you can really visually see where the single point of failure might be. In this case, we only have a single load balancer. And if the power supply was to go out on that load balancer, all of this other redundant equipment and connectivity that we’ve created would be useless– because no one would be able to communicate to the web servers. Our next step might be to purchase a secondary load balancer to have in place, so that we can have the same type of redundancy with our load balancers as we have with the rest of the infrastructure.