Understanding and Deploying LDAP Directory Services > 16. Backups and Disaster Recovery > Disaster Planning and Recovery |
Disaster Planning and RecoveryBusinesses are becoming more and more dependent on directories to the point where they will simply be unable to function if the directory becomes unavailable. What happens if the data processing center of your organization falls victim to a fire, a flood, or sabotage ? How will you restore critical directory services? Developing a comprehensive recovery plan is the best way to anticipate and prepare for business continuity in the face of a disaster. There are a number of books covering this subject, along with a number of disaster recovery vendors (also known as business continuity services), including SunGard Recovery Services, IBM Corporation, and Comdisco Incorporated. These vendors and others like them can help you plan and implement disaster recovery procedures. In this section we provide a brief overview of disasters and disaster recovery planning, and we discuss how planning for directory disasters differs from other types of disaster planning. Then we discuss specific issues that can help you design and implement your directory disaster recovery plan. Types of DisastersA disaster is any occurrence that destroys your computing infrastructure or makes it inaccessible for an extended period of time. Examples include the following:
Developing a Directory Disaster Recovery PlanWhen you develop a plan for directory disaster recovery, you should follow a methodical process similar to these steps:
Each of these steps is explained in detail in the following sections. Step 1: Perform a Risk Assessment and Rank the Risks from Most Likely to Least LikelyWhen planning for disaster recovery, the first questions to ask yourself are "What risks does the computing infrastructure face?" and "How likely is each risk?" For example, if your data center is located on a hill, flooding is probably unlikely . On the other hand, if the data center is in the San Francisco Bay area, earthquakes are a risk that must be taken into account. Ranking your risks allows you to make rational decisions about whether you should attempt to protect against that risk. Although it would be nice to provide protection against every conceivable risk, it's probably not economically possible. Understanding which risks are more important to address allows you to allocate your disaster preparedness resources wisely. For some risks, you may decide that pre-emptive measures are appropriate. For example, if your location is subject to frequent electrical storms and power failures, you may decide to invest in a generator that can provide an alternate power source during extended power failures. Step 2: Understand the Business Implications of Each Type of RiskFor each type of disaster, think through its implications and how it will affect your organization's business processes. For example, assume that your directory service is completely destroyed by a fire and that it takes three business days to obtain replacement hardware and restore the directory data from backup tapes. What are the business implications of this three-day delay? What business processes are halted by the unavailability of the directory? Such impeded processes might include
Next , you need to understand the implications of directory failure ”and what that means for your bottom line. In other words, if the directory is unavailable, how much money will the business lose as a direct consequence of the failure? Will customers switch to an alternate vendor because you cannot provide the goods or services they require? Are there contractual obligations that you must meet even in the face of a disaster? With this information, you can determine the recovery times you need to target. For example, you might determine that the maximum acceptable directory downtime is 24 hours before the business begins to suffer significant losses. When you know the potential costs of not having a disaster recovery solution, you can begin to weigh them against the costs of a recovery solution. Step 3: Design and Implement the Recovery SolutionThe next step is to design the actual recovery solution and understand its costs. You can choose to design and implement the recovery plan yourself, or you can use the services of a disaster recovery vendor to design and/or implement the plan. Disaster recovery vendors typically offer both "hot" and "cold" recovery solutions. A hot site is kept up-to-date with your latest data and application software, and it can be put into service very quickly. A cold site contains sufficient equipment to meet your computing needs, but it is not kept up-to-date; your computing environment must instead be re-created at the cold site after the disaster recovery plan goes into effect. Additionally, disaster recovery vendors offer mobile recovery solutions, in which a portable data center can be driven to your site in the event of a disaster. Hot sites and cold sites each have advantages and disadvantages. A hot site can be put into service much more quickly than a cold site because all the data is up-to-date and ready to go, whereas a cold site requires that data be transported to the remote site, the needed software installed, and the data restored. As you might expect, it is much more expensive to maintain a hot site, especially if you contract with a disaster recovery provider. Assuming that not too many customers experience simultaneous disasters, a disaster recovery provider can use a single cold site to support a number of businesses ”lowering the cost for the customers. A hot site, on the other hand, must be dedicated to a single customer, which makes it much more expensive. Step 4: Periodically Review and Update the PlanFinally, after the recovery plan is implemented, it must be periodically reviewed and updated as your business requirements change and as new applications are developed and old ones retired . The plan should be reviewed at least annually, and more often if your organization deploys new applications frequently. The disaster recovery procedures should also be tested and repaired if they are found to no longer work. Some organizations even go so far as to simulate an actual disaster to exercise the recovery procedures. Your disaster recovery tests should be in line with your disaster recovery needs; very stringent needs dictate more rigorous testing.
|
Index terms contained in this sectioncold sitesdisaster recovery Comdisco Incorporated disaster recovery design disaster recovery 2nd directories disaster recovery 2nd 3rd business implications of risks 2nd 3rd designing/implementing solutions 2nd plan updates 2nd risk assessments 2nd types of disasters disaster recovery 2nd 3rd plan updates 2nd risk assessments 2nd 3rd 4th business implications of 2nd 3rd types of disasters zsee also troubleshooting hot sites disaster recovery planning disaster recovery business implications of risk 2nd 3rd designing/implementing solutions 2nd plan updates 2nd risk assessments 2nd ranking risks disaster recovery planning 2nd recovery plans 2nd 3rd business implications of risks 2nd 3rd designing/implementing solutions 2nd plan updates 2nd risk assessments 2nd types of disasters reviewing disaster recovery plans 2nd risk assessments disaster recovery 2nd business implications 2nd 3rd SunGard Recovery Services disaster recovery troubleshooting zsee also disaster recovery updates disaster recovery plans 2nd |
2002, O'Reilly & Associates, Inc. |