Friday 6 November 2009

RAID part 3 RAID Level 1.

RAID Level 1

RAID level 1 is known as disk mirroring. Disk mirroring uses two or more hard drives and duplicates the data from one drive to the others. The fact that RAID 1 does store a second copy of the data on another member of the volume means that this solution does offer fault tolerance. Fault tolerance is the concept that if one part of the solution fails, the other guy will pick up the workload and the solution will continue to function. If one of the disks in the mirror fails, you can replace the failed disk by breaking the mirror, adding a new functioning disk, and then rebuilding the mirror from the existing disk that did not fail. Once you have reestablished the mirror, you have your fault tolerance back.

The figure below displays the concept of a mirror volume. When a user saves data to a mirrored volume, the data is written to all disks that make up the volume.




RAID level 1 (Mirror) concept.

Creating a Mirrored Volume in Windows Server

In this step-by-step you will create a mirrored volume on a Windows server using two of the dynamic disks created in the preceding walkthrough. Remember that a mirrored volume stores all the data on both members (disks) in the volume. To create a mirrored volume, follow these steps:

RAID part 2 RAID Level 0.

RAID Level 0:

RAID level 0 is called striping or striped volumes. With RAID 0 multiple disks are used to create a volume; when data is saved to the volume, the data is split up and spread across all disks in the volume. The benefit of striped volumes is that all disks are written to at the same time, giving you a performance benefit. For example, if you are saving a 12MB file to drive D and drive D is a striped volume made up of four disks, we can generalize the save operation by saying that each disk will save 3MB of data each and all disks will work at the same time to do the save operation that totals 12MB. If you only had one disk working for that 12MB save operation, it would take four times longer.

RAID 0 "Striped set without parity" or "Striping". Provides improved performance and additional storage but no redundancy or fault tolerance. Because there is no redundancy, this level is not actually a Redundant Array of Inexpensive Disks, i.e. not true RAID. However, because of the similarities to RAID (especially the need for a controller to distribute data across multiple disks), simple stripe sets are normally referred to as RAID 0. Any disk failure destroys the array, which has greater consequences with more disks in the array (at a minimum, catastrophic data loss is twice as severe compared to single drives without RAID). A single disk failure destroys the entire array because when data is written to a RAID 0 drive, the data is broken into fragments. The number of fragments is dictated by the number of disks in the array. The fragments are written to their respective disks simultaneously on the same sector. This allows smaller sections of the entire chunk of data to be read off the drive in parallel, increasing bandwidth. RAID 0 does not implement error checking so any error is unrecoverable. More disks in the array means higher bandwidth, but greater risk of data loss.RAID 0 is strictly for the performance benefit in the read and write operations.



RAID level 0 concept.

Thursday 5 November 2009

RAID part 1 Introduction.

Introduction:

A Redundant Array of Independent Disks (RAID) controller is a piece of hardware or system software that control and manage the RAID level of the RAID storage, it is largely used in servers because they have a large space of storage that importantly be recoverable and secure.

The RAID controller is also largely used in clustered environments like Network-attached storage (NAS), which are standalone devices, usually SCSI, that have a network interface but no PC. NAS is possibly include a built-in RAID controller to allow all the hard disks to be fault tolerant and function as a single volume.


Monday 2 November 2009

Network Security Part 9 TACACS+ & AAA.

TACACS+:

In computer networking, TACACS+ (Terminal Access Controller Access-Control System Plus) is a protocol which provides access control for routers, network access servers and other networked computing devices via one or more centralized servers. TACACS+ provides separate authentication, authorization and accounting services.

TACACS+ is based on TACACS, but, in spite of its name, it is an entirely new protocol which is incompatible with any previous version of TACACS. TACACS+ and RADIUS have generally replaced the earlier protocols in more recently built or updated networks, although TACACS and XTACACS are still running on many older systems.



TACACS+ Server.

Network Security Part 8 VPN

Virtual Private Network:

A virtual private network (VPN) is a computer network in which some of the links between nodes are carried by open connections or virtual circuits in some larger network (e.g., the Internet) instead of by physical wires. The link-layer protocols of the virtual network are said to be tunneled through the larger network when this is the case. One common application is secure communications through the public Internet, but a VPN need not have explicit security features, such as authentication or content encryption. VPNs, for example, can be used to separate the traffic of different user communities over an underlying network with strong security features.

VPN Types:

  • Remote Access VPN.
  • SSL /web based RA-VPN.
  • Client based RA-VPN.
  • Site to Site VPN.


VPN connection types.

Network Security Part 7 Web Application Scanner.

Web Application Scanner:

web application security scanner is program which communicates with a web application through the web front-end in order to identify potential security weaknesses in the web application.

It performs a black-box test. Unlike source code scanners, web application scanners don't have access to the source code and therefore detect vulnerabilities by actually performing attacks.

A web application security scanner can facilitate the automated review of a web application with the expressed purpose of discovering security vulnerabilities, and are required to comply with various regulatory requirements. Web application scanners can look for a wide variety of vulnerabilities, including:
  • Input/Output validation: (Cross-site scripting, SQL Injection)
  • Specific application problems
  • Server configuration mistakes/errors/version

Web Applications Issues :
  • Scripting issues
  • Sources of input: forms, text boxes, dialog windows, etc.
  • Multiple Charset Encodings (UTF-8, ISO-8859-15, UTF-7, etc.)
  • Regular expression checks
  • Header integrity (e.g. Multiple HTTP Content Length, HTTP Response Splitting)
  • Session handling/fixation
  • Cookies
  • Framework vulnerabities(Java Server Pages, .NET, Ruby On Rails, Django, etc.)
  • Success control: front door, back door vulnerability assessment
  • Penetration attempts versus failures

Network Security Part 6 Mail Relay.

Mail Relay:

An SMTP open relay is a mail server that permits an unknown, outside sender to pass mail through the server to unknown, outside recipients, usually without the consent of its manager.


InterScan Messaging Security Appliance 7.0



The Trend Micro InterScan Messaging Security Appliance gives us a very comprehensive solution with built-in spam detection, anti-phishing, and IntelliTrap technology for detecting worms and viruses. We also get more aggressive spyware control by catching it in SMTP and POP3 streams. Since deploying the appliance, we’ve had no unwanted content on the network

Network Security Part 5 IDS

IDS:

The IDS “Intrusion Detection System” is software and/or hardware designed to detect unwanted attempts at accessing, manipulating, and/or disabling of computer systems, mainly through a network, such as the Internet. These attempts may take the form of attacks, as examples, by crackers, malware and/or disgruntled employees. An IDS cannot directly detect attacks within properly encrypted traffic.

Network Security Part 4 Firewall.

Firewall:

A firewall is a device or set of devices configured to permit, deny, encrypt, decrypt, or proxy all computer traffic between different security domains based upon a set of rules and other criteria.

A firewall is a dedicated appliance, or software running on another computer, which inspects network traffic passing through it, and denies or permits passage based on a set of rules.

A firewall's basic task is to regulate some of the flow of traffic between computer networks of different trust levels.


Network Security Part 3 Web Proxy.

Web Proxy:

In computer networks, a proxy server is a computer system “Hardware” or an application program “Software” server which services the requests of its clients by forwarding requests to other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource, available from a different server. The proxy server provides the resource by connecting to the specified server and requesting the service on behalf of the client. A proxy server may optionally alter the client's request or the server's response, and sometimes it may serve the request without contacting the specified server. In this case, it would 'cache' the first request to the remote server, so it could save the information for later, and make everything as fast as possible.



Network Security Part 2 Antivirus System:

Antivirus System:

Is a software system that uses a database or as so called dictionary containing a full description a bout all the malicious files or programs like Viruses, Worms, Trojan and Spyware that attempt to identify, neutralize or eliminate.

Virus:

A computer virus is a computer program that can copy itself and infect a computer without permission or knowledge of the user, The original virus may modify the copies, or the copies may modify themselves, A virus can only spread from one computer to another when its host is taken to the uninfected computer, for instance by a user sending it over a network or the Internet, or by carrying it on a removable medium such as a floppy disk, CD, or USB drive.

Network Security Part 1 Introduction

Introduction to Network Security:

The network security as a job is a part of the operation unit of the IT department of any company, as companies may have a wide area network (WAN) connecting their entire branches, and may also connect to the Internet, so they have the need to secure their own data from unwanted behaviors.

WAN “Wide Area Network”:

First of all let us take a little and brief explanation about what a WAN is, in simple definition it is a group of LANs “Local Area Networks” connected with each others in such a connection method so that they all can react as a complete unit with the ability of connection to the internet, so in such that complicated way of organization the security term takes its place to accomplish the reliability of transferring data between all network components taking also the out side connection to the outer world as the most important link to be secure.

How WAN can be constructed.