lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri May 20 16:24:58 2005
From: Bart.Lansing at kohls.com (Bart.Lansing@...ls.com)
Subject: Security benefits of spliting services
	betweentwo ISP providers


Two providers, absolutely...but that's only part of the story.  If you 
want to approach the level of business continuity (because this is not at 
all about security...this about redundancy and availability) you also need 
to ensure dual entry points into your building from seperate trunks 
(coming from different streets, etc) for your fiber or copper.  Also you 
probably want to consider SONET so that you have diverse routing as well. 
Otherwise one backhoe still gets you, no matter how many carriers you 
have.  Using multiples is fine, using them together makes more sense than 
just having duplicate capacity lying around doing nothing, however. 

The way to look at it is pretty simple:  What's the liklihood of a carrier 
outage?  What's the anticipated duration?  Can I run with somewhat 
degraded performance while the outage is being rectified?  What is my 
normal acceptable % utilization?

Once you have those answers you know how much "spare" bandwidth you need, 
and you can split the total between your two (three, four, ad infinitum) 
carriers of choice.  There is no real need to keep a completely seperate 
pipe sitting there dark.  If you anticiptate so many outages in your data 
communications that having a dark pipe in your pocket is a reasonable 
plan, you have bigger issues. 

Large, profitable companies don't throw money away either...and a thing to 
remember...that SMB may only need a redundant T1 to follow your 
scenario...while an F500/200/100 likely needs a T3/OC3/OC48 to handle the 
same business...the needs scale upward as well, folks...so it's not 
throwaway money no matter who you are.

Cheers,


full-disclosure-bounces@...ts.grok.org.uk wrote on 05/20/2005 07:06:47 AM:

> 
> Valdis.Kletnieks@...edu wrote:
> 
> >On Wed, 18 May 2005 09:14:56 EDT, Frank Laszlo said:
> > 
> >
> >>You never really want to utilize 100% of your bandwidth, you should 
> >>always have some "extra" bandwidth "just in case." Sure, there are 
costs 
> >>involved, but as a business, surely one could make the decision on 
> >>whether or not to push it as an expense, or take the risk of only 
having 
> >>1 connection. I personally wouldnt split the services between the two 
> >>ISPs, I would simple have another connection for those "just in case" 
> >>situations. If a business relies heavily on internet, you shouldnt be 
> >>worried about a few extra bucks for a redundent connection. Just my 2 
cents.
> >> 
> >>
> >
> >When a "few extra bucks" is $2,000/month, you start looking at it 
> differently.
> >
> >(NetworkVirginia commercial pricing is $1175/mo for a T-1 (1.
> 5mbits), and if the
> >original poster has 3mbits/sec, it's 2 T-1s. So $2,000/mo isn't 
> just a wild-ass
> >guess).
> > 
> >
> 
> You really have to put it into perspective. $2,000/mo to a small company 

> is a lot of money, sure. But overall, any medium to large size company 
> will find it a very small investment for an even greater return. The 
> return being redudency. Which is why i said it woulc be a corporate 
> decision to make such an investment. If they company can afford it, By 
> all means they should.
> 
> Regards,
>     Frank
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/



CONFIDENTIALITY NOTICE: 
This is a transmission from Kohl's Department Stores, Inc.
and may contain information which is confidential and proprietary.
If you are not the addressee, any disclosure, copying or distribution or use of the contents of this message is expressly prohibited.
If you have received this transmission in error, please destroy it and notify us immediately at 262-703-7000.

CAUTION:
Internet and e-mail communications are Kohl's property and Kohl's reserves the right to retrieve and read any message created, sent and received.  Kohl's reserves the right to monitor messages by authorized Kohl's Associates at any time
without any further consent.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ