Site Network: Beskerming.com | Skiifwrald.com | Jongsma & Jongsma

Innovation in Information Security

Coverage of important Information Security and Information Technology news and events from the research team at S?nnet Beskerming.

Username: | Password: Contact us to request an account

Not Every Cloud Has A Silver Lining

In recent years the average computer user has gotten used to the idea of an 'always-on' Internet, and that if they can't reach a site, then it's probably a problem with their service provider. All the various components and services on the Internet tend to blend into one another and the average user doesn't really differentiate between a hosting provider, a content provider, online storage provider, online services provider, or some other form of online presence. It's all just a website or something that a local application talks to in the background.

This blending of the local and the remote and a seamless, continuous availability of the network has helped with the development and uptake of "Web 2.0" services and is a key component of the current line of thought in providing cloud services.

Google's outage last week should serve as a warning to advocates of these services and ideas not to make assumptions about the availability and reliability of something that is outside of their direct influence.

Google is one of the sites that many people test against to confirm network availability. Surely a company that is responsible for so much of the overall traffic of the Internet should be available all the time? An error in network configuration during some maintenance resulted in some Google traffic being sent on a round trip across the Pacific when a local network segment was also available for transmission. This resulted in an overload on the Asia end of the connections and a self-Denial of Service for Google. In the hour it took for the problem to be rectified, around 14% of Google's users were left with severely degraded services, or none at all.

When Google or another major site seems to disappear from the Internet, the first thing that many network administrators do is to check an alternate route to see if there is a problem somewhere in their primary network route. This is generally done by running the connection through another Tier-1 service provider, and when it is done fluidly, it is a transparent situation that leaves the end user oblivious to the fact that somewhere in the network something has broken. When Google can't be reached from a multi-homed network request (one that passes through different service providers) it raises the concern that there may be a broader Internet problem (which can be determined by checking other high availability sites, and which was quickly dismissed in this case) or a problem with Google.

Google going offline for an hour or so is something that is probably going to happen from time to time, but it is the massive number of different services and products that Google provides which were suddenly unavailable which left users in a quandry. With services such as online mail, web search, RSS feed hosting, online advertising, online storage, online office applications, and others, it left some users without access to essentially all of their normal online activities and personas. This can be solved by spreading different components across competing services from other providers, but what is gained in terms of continuous availability is taken away somewhat by a loss of integration between those components.

A move to full online service, be it from a cloud or other more traditional provider, should be made with the awareness of the risk of loss of access during a network or service outage, something that happens more often than people will probably be willing to admit.

A loss of the flight simulator community Avsim, and the disappearance of a journalist's work also demonstrate the need for proper disaster recovery and ensuring backups of essential data are available and useful.

Failure planning and disaster response planning is critical to make sure that data can be recovered and operations continued if the worst takes place. It's not hard to get it right, but it is extremely easy to get it very wrong.

18 May 2009

Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis

Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.

Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.

Comments will soon be available for registered users.