The challenge of deploying secure and high availability IT systems

The challenge of deploying secure and high availability IT systems

Philip Merry, Software Engineer, SIOS Technology, says it’s possible to ensure both security and high availability.

You’ve undoubtedly taken the steps required to secure your organization’s business-critical applications – hardened the firewalls, encrypted your databases, updated your anti-malware solutions, and so on.

But if the underlying infrastructure supporting your business critical applications fails, your business is going to be disrupted – with potentially serious ramifications.

To enable continued access to your business-critical applications, you need to configure your underlying infrastructure for high availability (HA) – here meaning an infrastructure designed to ensure that your critical applications are accessible no less than 99.99% of the time.

A key challenge, though, is that the very things you’ve done to secure your critical applications against hackers and intruders can undermine your efforts to ensure uninterrupted access to these applications in the event of an infrastructure failure.

A quick look under the HA hood

Before we talk about how to overcome the challenges inherent in the interplay of your security and HA tools, let’s take a high-level view of how HA solutions work.

Typically, an HA solution brings together the infrastructure upon which your critical applications and databases run as well as an identical copy of that infrastructure that is standing by – preferably in a physically separate location – to take over in case something causes your primary infrastructure to become unavailable.

Data replication services in the HA solution work constantly to replicate data written to primary infrastructure storage to storage attached to the secondary infrastructure. This ensures that an identical copy of your critical data and applications is already present on the secondary infrastructure if that infrastructure is suddenly called into service.

Also, the HA solution constantly monitors the primary infrastructure so that, should the primary infrastructure suddenly appear to go dark, the HA solution can instantly trigger an orchestrated failover to the secondary infrastructure.

Because there are already complete copies of your critical applications and databases on that secondary infrastructure, you can continue to run your applications with minimal interruption and your personnel or customers can continue to interact with these business-critical resources.

As you might imagine, your security systems are going to take notice of any HA solution that tries monitor, stop or start activities on your critical infrastructure.

Unless your IT teams understand what your HA solution is doing and what your security systems are doing, one or the other is not going to work as effectively as you expect it to. That can leave you vulnerable to the very problems that both your HA and security solutions are designed to prevent.

The interplay of HA and security solutions

Consider the interplay of antivirus and HA solutions. Some HA solutions monitor a wide range of activities taking place on the active infrastructure, and they are powerful enough to detect and resolve a variety of low-level problems that could, if left unattended, grow into bigger problems that eventually trigger a failover to the secondary infrastructure. If the HA solution detects a stalled queue or a memory fault, for example, and has the ability to resolve that proactively, the HA solution can help deliver uninterrupted access to your critical applications and databases without even having to perform a full failover.

Your antivirus solution, however, may interpret the HA solution’s effort to restart a queue or clear memory as an attack. It may then quarantine critical components of the HA solution, thereby rendering it unable to trigger an orchestrated failover if one becomes necessary.

Moreover, if your antivirus system does this silently, you may not know that your HA solution is compromised until your production system does go dark and that production system does not fail over to your secondary infrastructure (at which point access to your critical applications is put on hold for an indeterminate period of time).

Similar challenges arise in configuring the firewalls and access control lists protecting your critical applications.

Your IT organization is going to want to close as many ports as can be closed and ensure that the bare minimum number of people and systems can gain root or even low-level access to your critical applications. At the same time, different components of an HA solution are going to need low-level access to your critical applications and databases in order to ensure ongoing access to those applications and databases.

Unless the correct ports are open to the HA solutions, they will not be able to detect and respond to events that might otherwise cause your crucial applications to go dark.

These examples constitute only a few of the areas where security and HA considerations can conflict. None of these challenges are insoluble. It is possible to ensure both security and high availability, but your IT teams need to develop a thorough understanding of how security and HA solutions work – and how they can be configured to work together.

Communication amongst personnel working on security and HA is critical, as is the cultivation of strong relationships with IT partners who understand the interplay of these solutions and who can share their expertise to ensure that the solutions you deploy will effectively support your organization’s technical needs and goals.



Browse our latest issue

Intelligent CISO

View Magazine Archive