1
00:00:00,005 --> 00:00:02,006
- [Narrator] We've already
discussed some of the ways

2
00:00:02,006 --> 00:00:04,006
that security professionals can ensure

3
00:00:04,006 --> 00:00:07,004
the continued operation of systems.

4
00:00:07,004 --> 00:00:10,008
Let's dig into this in
a little more detail.

5
00:00:10,008 --> 00:00:13,003
There are two key technical concepts

6
00:00:13,003 --> 00:00:16,000
that improve the availability of systems.

7
00:00:16,000 --> 00:00:19,004
High availability, otherwise known as HA,

8
00:00:19,004 --> 00:00:23,000
uses multiple systems to
protect against failures.

9
00:00:23,000 --> 00:00:24,009
These are techniques like
the ones we discussed

10
00:00:24,009 --> 00:00:26,004
in the previous video.

11
00:00:26,004 --> 00:00:28,005
Having a cluster of web servers in place

12
00:00:28,005 --> 00:00:30,003
that can continue to operate,

13
00:00:30,003 --> 00:00:32,002
even if a single server fails,

14
00:00:32,002 --> 00:00:33,006
is one example.

15
00:00:33,006 --> 00:00:36,000
Another is using a pair of firewalls

16
00:00:36,000 --> 00:00:38,003
with one designated as the backup.

17
00:00:38,003 --> 00:00:40,008
The core concept of high availability

18
00:00:40,008 --> 00:00:44,000
is having operationally redundant systems,

19
00:00:44,000 --> 00:00:47,002
sometimes at different locations.

20
00:00:47,002 --> 00:00:49,005
Fault tolerance, or FT,

21
00:00:49,005 --> 00:00:51,001
helps protect a single system

22
00:00:51,001 --> 00:00:52,009
from failing in the first place

23
00:00:52,009 --> 00:00:57,000
by making it resilient in the
face of technical failures.

24
00:00:57,000 --> 00:00:58,000
One quick note:

25
00:00:58,000 --> 00:01:01,007
load balancing is a related
but different concept.

26
00:01:01,007 --> 00:01:04,000
Load balancing uses multiple systems

27
00:01:04,000 --> 00:01:05,008
in an attempt to spread the burden

28
00:01:05,008 --> 00:01:08,004
of providing a service
across those systems,

29
00:01:08,004 --> 00:01:11,004
providing a scalable
computing environment.

30
00:01:11,004 --> 00:01:13,004
While they use similar technologies,

31
00:01:13,004 --> 00:01:17,006
load balancing and high
availability are different goals.

32
00:01:17,006 --> 00:01:19,004
Most implementations of clustering,

33
00:01:19,004 --> 00:01:21,006
and similar technologies,

34
00:01:21,006 --> 00:01:23,002
are designed to achieve

35
00:01:23,002 --> 00:01:26,006
both high availability and load balancing,

36
00:01:26,006 --> 00:01:30,008
but it is possible to have
one without the other.

37
00:01:30,008 --> 00:01:32,007
Two of the most common points of failure

38
00:01:32,007 --> 00:01:34,001
within a computer system

39
00:01:34,001 --> 00:01:37,005
are the devices power
supply and storage media.

40
00:01:37,005 --> 00:01:41,002
Fault tolerance controls can
prevent a system from failing,

41
00:01:41,002 --> 00:01:44,006
even if one of those
components fails completely.

42
00:01:44,006 --> 00:01:47,003
Power supplies contain moving parts

43
00:01:47,003 --> 00:01:50,008
and, as such, are common
points of failure.

44
00:01:50,008 --> 00:01:52,006
If a power supply fails,

45
00:01:52,006 --> 00:01:54,008
the results can be catastrophic.

46
00:01:54,008 --> 00:01:55,009
For this reason,

47
00:01:55,009 --> 00:01:58,001
server manufacturers often build

48
00:01:58,001 --> 00:02:01,008
two independent power
supplies into their servers.

49
00:02:01,008 --> 00:02:03,008
When a customer installs the server,

50
00:02:03,008 --> 00:02:07,001
they connect both of the power
supplies to a power source.

51
00:02:07,001 --> 00:02:10,001
This way, if one power supply fails,

52
00:02:10,001 --> 00:02:13,002
the other power supply
can continue powering

53
00:02:13,002 --> 00:02:16,001
the server's uninterrupted operation.

54
00:02:16,001 --> 00:02:17,007
For added redundancy,

55
00:02:17,007 --> 00:02:20,007
data centers with two
separate sources of power

56
00:02:20,007 --> 00:02:22,008
can connect each power supply

57
00:02:22,008 --> 00:02:26,002
to a different power source.

58
00:02:26,002 --> 00:02:29,000
The second priority of many
fault tolerance efforts

59
00:02:29,000 --> 00:02:30,007
is protecting against the failure

60
00:02:30,007 --> 00:02:32,009
of a single storage device.

61
00:02:32,009 --> 00:02:35,004
They achieve this through
the use of a technology

62
00:02:35,004 --> 00:02:40,005
known as RAID: redundant
arrays of inexpensive disks.

63
00:02:40,005 --> 00:02:42,005
RAID comes in many different forms,

64
00:02:42,005 --> 00:02:45,004
but each of them is designed
to provide redundancy

65
00:02:45,004 --> 00:02:49,004
by having more disks than
needed to meet business needs.

66
00:02:49,004 --> 00:02:52,004
Let's take a look at
two RAID technologies:

67
00:02:52,004 --> 00:02:55,005
mirroring and striping.

68
00:02:55,005 --> 00:02:59,000
The most basic form of
RAID, known as RAID level 1,

69
00:02:59,000 --> 00:03:01,002
is called disk mirroring.

70
00:03:01,002 --> 00:03:04,006
In this approach, the
server contains two disks.

71
00:03:04,006 --> 00:03:07,008
Each disk has identical data contents,

72
00:03:07,008 --> 00:03:10,008
and when the system writes
any data to one disk,

73
00:03:10,008 --> 00:03:14,005
it automatically makes the
same change to the other disk,

74
00:03:14,005 --> 00:03:17,007
keeping the second disk
as a synchronized copy,

75
00:03:17,007 --> 00:03:20,005
or mirror, of the primary disk.

76
00:03:20,005 --> 00:03:22,006
Then, if the primary disk fails,

77
00:03:22,006 --> 00:03:26,002
the system can automatically
switch over to the backup disk

78
00:03:26,002 --> 00:03:28,006
and continue operating.

79
00:03:28,006 --> 00:03:30,007
The second major RAID technology

80
00:03:30,007 --> 00:03:32,008
is disk striping with parity,

81
00:03:32,008 --> 00:03:34,009
known as RAID level 5.

82
00:03:34,009 --> 00:03:36,001
In this approach,

83
00:03:36,001 --> 00:03:39,002
the system contains three or more disks,

84
00:03:39,002 --> 00:03:42,003
and writes data across all of those disks,

85
00:03:42,003 --> 00:03:44,009
but also includes additional elements,

86
00:03:44,009 --> 00:03:46,006
known as parity blocks,

87
00:03:46,006 --> 00:03:48,005
spread across the disks.

88
00:03:48,005 --> 00:03:50,005
If one of the disks fails,

89
00:03:50,005 --> 00:03:53,003
the system can regenerate
that disk's contents

90
00:03:53,003 --> 00:03:56,007
by using the parity information.

91
00:03:56,007 --> 00:03:58,009
When you take the exam,
you won't need to know

92
00:03:58,009 --> 00:04:01,008
detailed technical information about RAID,

93
00:04:01,008 --> 00:04:03,009
but you should remember
the number of disks

94
00:04:03,009 --> 00:04:07,003
required to implement each level of RAID.

95
00:04:07,003 --> 00:04:10,000
Disk mirroring requires two disks,

96
00:04:10,000 --> 00:04:14,007
while disk striping with
parity requires three or more.

97
00:04:14,007 --> 00:04:17,001
One other very important exam tip:

98
00:04:17,001 --> 00:04:19,009
RAID is a fault tolerance strategy

99
00:04:19,009 --> 00:04:22,008
designed to protect against
a single disk failure.

100
00:04:22,008 --> 00:04:25,005
It is not a backup strategy.

101
00:04:25,005 --> 00:04:28,008
You should still perform
regular data backups

102
00:04:28,008 --> 00:04:30,009
to protect your organization's information

103
00:04:30,009 --> 00:04:33,005
in the event of a more
catastrophic failure,

104
00:04:33,005 --> 00:04:37,007
such as the physical
destruction of an entire server.

105
00:04:37,007 --> 00:04:41,002
Fault tolerance also extends
to many other domains.

106
00:04:41,002 --> 00:04:42,000
For example,

107
00:04:42,000 --> 00:04:44,007
networking professionals
use quality of service,

108
00:04:44,007 --> 00:04:46,003
or QoS controls,

109
00:04:46,003 --> 00:04:48,008
to provide a consistent level of service

110
00:04:48,008 --> 00:04:51,006
to high criticality applications.

111
00:04:51,006 --> 00:04:53,004
This reduces the likelihood

112
00:04:53,004 --> 00:04:56,008
that network capacity will
become a single point of failure

113
00:04:56,008 --> 00:04:59,002
in the event of a denial of service attack

114
00:04:59,002 --> 00:05:02,009
or other unanticipated
burden on the network.