24 October, 2006

Layering Controls –100% compliance can’t happen - 2

Part 2 - Part 1 Here

It is much more expensive to try to get a control to be 100% effective. Things have to be designed around, more manpower has to be dedicated to policing the solution, and the solution is as or more likely to cause a loss of availability than what is being protected from.

As an example a colleague of mine designed a hyper redundant Ethernet network to “ensure” connectivity to a particularly demanding user group. He used Spanning tree as the mechanism. Any networking guys reading already know what happened. Long story short they had far more frequent and complete outages thanks to the redundancies than due to equipment failure. (btw if spanning tree is used properly it isn’t a problem) Constant route reconvergence caused low level problems and any time there was a minor change to the network the entire thing would crash. This caused far more frequent and complete outages than the MTBF for the switches would have indicated if there was only one path to each location.


Part 3

No comments: