data centre securitynpti.gov.in/sites/default/files/policies-document/data... · ·...
TRANSCRIPT
Page 1
Data Centre Security
Why we build Data CentreWhy we build Data Centre
The data center is the heart of any Organization
Data center is a term used to describe the physical hosting of computer equipment in a shared data center environment that is mutually beneficial to various tenants without each incurring the full cost of designing, building, and maintaining the environment. Campus data center is designed to function as a hardware facility for the purpose of housing computing systems providing various mission-critical services to the campus.
What is it that makes a Data Center?What is it that makes a Data Center?
POWER
SECURITY
COOLING FIRE
100% UPTIME PUZZLE
Data Center SecurityData Center Security
There are four levels of security for physical access to securely hosted servers and equipment in data center .
The first level is code access to the building. Everyone will need a private code or someone with a code to assist you to get into the building.to get into the building.
The second level is biometric access to the floor. employees or data center visitors will need to pass a biometric Palm scanner to gain access to Data Center.
Page 2
Data Center SecurityData Center Security
The third level is the card reader access to the server area. All access information such who and when gained access to the server area are logged. Security manager can review such access information at anytime.
The fourth level is locked cabinets for securely hosted servers. Keys are required to open such locked cabinets.
Data Center SecurityData Center Security
In addition to four level physical access control, the data center is also monitored by security cameras.
Fire Detection & SuppressionFire Detection & Suppression
Supply, Testing and Commissioning of Kidde Fire Protection System or Approved Equal include optical / ionization smoke detectors and rate of rise heat detectors located within floors / ceilings and room space & Area below raised floor .
FM200 extinguishing systems in both large data centers and small computer rooms
Hi Fog fire suppression systems in some of the larger data centers.
Fire Detection & SuppressionFire Detection & Suppression
zoned fire alarm panel break glass units, sounders and alarm bells.
optical / ionisation smoke detectors Gas going out valve
Page 3
Data Center:Data Center: Computer Room Power Computer Room Power
• Ensuring the availability of critical data centre, power is at the top of a designers list.
• IT equipment must be supplied with a clean, consistent source of electrical power, which allows the equipment to avoid system errors and / or a system crash.
• The following systems are available in a Data centre:
Power conditioning and UPS (interruptible Power Supply) systems.St db di l t tStandby diesel generator systems.Mains switchgear.General distribution and lighting.
Data Center: Data Center: Room Air ConditioningRoom Air Conditioning
power and environmental control / cooling are inseparable design criteria to achieve cost effective and reliable solutions, by using the following systems :
Air conditioning - close control and comfort. ventilation and extract systems. Water detection systems - local and perimeter sensing.
Data Center: Data Center: Room BuildRoom Build
Raised floor (for cabling)
Control Room Secure environment
< 1500 m< 1500 m
IDFIDF
IDFIDF
MDF: MDF: Main Distribution FacilityMain Distribution FacilityIDF: IDF: Intermediate Distribution FacilityIntermediate Distribution Facility
< 1500 m< 1500 m
Data Data CentreCentre
IDFIDF
IDFIDFMDFMDF
OFOF
Page 4
1000BASE-TX1000BASE-SX
Data centre bandwidth:Gigabit and 10 Giga Ethernet
1000BASE SX1000BASE-LX
Gigabit Ethernet IEEE 802.3z
Data Centre Architecture Data Centre Architecture
UsersWorkstation
Main NetworkDatbase VLAN
2x 2Gbit Fiber2Gb/s Fiber Channel 16
Ports Switches
MS SQL Cluster MS Exchange Cluster
Internal Web Server
SQL Front-End Server
Public Web Server
Exchange Front -End Server
Domain Controller Servers
ISA Firewall and
Data Center Network Servers Design
4x CPUs, 12GB Memory
With Windows 2003 OS
Storage SAN Fiber ConnectGE (1000Mb/s) connectionFE (100Mb/s) connectionSCSI connection
2x 2Gbit Fiber Connections for Storage
SAN to different Fiber Channel Switches for Load Balancing and
Failover
Ports Switches
Tap Library Store Edge L500 LTO 2
SAN Storage
ISA Firewall and Caching Server
Anti-virus Server
Test Server
SMS Server
Backup Server
2x CPUs, 8GB Memory
With Windows 2003 OS
Data Center Servers Data Center Servers Configuration DesignConfiguration Design • Network Services
Application ServicesVisualization ServicesStorage services
Page 5
Data Center Secure ConnectionsData Center Secure Connections
Data Center network security are customized to each customer's needs. It can be a combination of :
• firewall on network routers and switches,
• dedicated network firewalls and checkpoints such as
Netscreen, Cisco Pix, Watchguard firewalls,
• Firewall and antivirus Software on each server.
• Data transfers can be secured by VPN, SSL, and SSH
Windows 2000-basedServer/Router
Windows 2000-basedServer/Router
Security Between Networks
RouterRouter RouterRouter