An Ounce of Prevention...
Law Firm Implements Multiple Security Layers To Protect Enterprise-Wide Distributed Network
By Ralph A. Weidler
Backing up data on a distributed, enterprise-wide network presents a number of challenges which must
be surmounted in order to provide end-users with a secure work environment.
Since data on such networks may be stored on both workstations and servers, and since the network can encompass hundreds of these nodes, an automated, fail-safe backup and archiving system is a virtual requirement.
Foley & Lardner, a nationwide law firm with approximately 440 lawyers in 11 cities, was unable to identify a satisfactory off-the-shelf backup solution for the new enterprise-wide network from Ungermann-Bass which we installed in 1990. Accordingly, we developed our own system with the assistance of Price Waterhouses Law Firm Services Division.
Our network includes 25 Ungermann-Bass Access/One smart hub enclosures, 25 NEC 486-25 PC servers, and 600 NEC 386SX-16 PC workstations distributed throughout all of our offices. Access/Ones in any given office are linked via thick coaxial cable on an Ethernet backbone; servers are attached to the Access/Ones with twisted pair telephone wire. The various sites around the country are linked with 56 KB and 112 KB leased lines.
We selected the smart hub-based network architecture for a number of reasons, including the ability to offload much of the operating system to network cards, and thereby maximize available RAM on the PC workstations. This would solve the RAM cram problem common in other networks where available memory is not sufficient to run critical applications at the end-user level.
Being a law firm, we felt our mission critical applications (primarily word processing) could be run faster and with more security on individual PCs, rather than having these applications server-based. User-level applications, however, are what created our need for a fully automated, network-based, user-transparent backup system.
Simply put, end-users do not backup their hard disks as frequently as they shouldif at all. What we created, therefore, is a system that takes this burden off the end-user and automates the entire process. Because the volume of data and documents we create is so large, we also integrated the backup system with an archive system based on a fault tolerant six-processor NonStop VLX host computer from Tandem.
The backup system operates continuously so that every time a user exits WordPerfect, new or updated files are immediately copied from the PCs 40 megabyte hard drives to the servers mirrored 640 megabyte drives. Document names of backed up files are changed automatically to ensure retention of all versions of a document in process. For additional security, a streaming tape backs up the server on a daily basis and copies of these tapes are removed to offsite storage every week.
To minimize the number of files stored on the server, we run a program that purges more than a specified number of versions of any single document, beyond specified intervals. This allows us, for example, to retain 12 copies of a document for the first week after the initial creation, three copies after the second week, and then one copy after one month. Copies are purged on the basis of agefirst in, first out.
Finally, after a specified number of months, we archive all files that have not been utilized for that period of time to streaming tape, eliminating them from the server. However, to provide accessibility to these files, the individual directories of the file creators are marked with a notation indicating the new backup location.
In order to streamline the archiving process, we also allow end-users to immediately offload files which they know will not be used frequently to our host Tandem computer. These files are then retained locally on the host and also backed up to tapes which are stored off site.
Access to archived and server-stored files is restricted by user ID to ensure client confidentiality. To provide added protection for highly sensitive documents, full encryption capabilities are also available. When files need to be shared, lawyers can utilize a network-wide E-mail system.
E-mail files are also considered informal communications and therefore are not backed up. This situation could change, however, pending review of the legalities associated with subpoenaing archived backups of E-mail.
We have also implemented a system to protect our network from viruses which involves loading an anti-virus software package in every PC on the network. Although we have a strict policy forbidding the use of software not explicitly authorized, this software provides an added layer of protection.
To implement the anti-virus system we centrally downloaded the software to the PCs via the network and also modified the autoexec files to a read-only status to ensure that the program would run automatically without end-user interference. This central downloading capability is also available for other applications.
To limit the number of people with access to overall network managementand therefore the probability for human error--we installed Ungermann-Bass NetDirector. NetDirector is a multitasking, OS/2-based system which facilitates centralized physical management of the network, thereby eliminating the need to have experts in every location performing routine management tasks. This centralized control also enables us to backup data from any site to servers in our headquarters.
Our concerns over data security led us to the decision to implement a highly reliable, distributed network which could be easily implemented and expanded as needed.
To ensure reliability, we then sought a financially stable vendor that provided sole source responsibility for all network components. That way, should any single point in the network fail, we knew it could be quickly replaced with no compatibility concerns.
But the most reliable system in the world is limited by its internal ability to protect data. Since backup is the key to data protection, we felt the costs of a network wide automated back up system were insignificant in comparison to the potential expenses we could face in the event of data losses. Having completely implemented a system which meets all initial functional specifications, we remain convinced that we have made a wise decision.
Ralph A. Weidler is Director of MIS at the law firm Foley & Lardner in Milwaukee, Wisconsin.
This article adapted from Vol. 6 #1.
DR World Main Index | Return to DRJ's Homepage
Disaster Recovery Worldİ 1999, and Disaster Recovery Journalİ
1999, are copyrighted by Systems Support, Inc. All rights reserved. Reproduction
in whole or part is prohibited without the express written permission form
Systems Support, Inc.