Contingency

By definition, contingency solutions prepare an organization for a future, unplanned event. The range of events can run the gamut – from a failed power supply on a server to a full data center being force out of operations unexpectedly.

The key to any contingency solution is to assure you can resume business operations within a specified SLA. Businesses are prone to many risks associated with today’s geo-political environment (power outage, earthquake, health, terrorism, etc.) In extreme situations, organizations need to plan for lack of access to the metropolis that may be home to corporate headquarters or other major operations. The contingency solution deployed must protect corporate assets (processes, data, technology, required human interaction) and make them available in a coherent manner in order for the corporation to conduct business as it would in a normal state.

EXENET's contingency solutions taken into consideration three key areas:

• Leading edge vs. bleeding edge - adopting new technologies when they have been proven with other organizations of similar size and usage
• Secure computing – distributed networks have become targets for security attacks - making sure that the latest steps have been taken to protect your network
• Optimization of IT hardware & software spending - keep technology vendors in check to assure that what you need to purchase is truly needed and determining when existing systems need to be replaced.

EXENET’s unique value:

• We always take a vendor independent approach – you get the technology you need, not what the vendor wants to sell you
• Key understanding for business processes in the vertical markets of legal, mid-tier financial services, advertising, media and education.
• EXENET brings best practices that have been designed and implemented in these verticals – we’ve done it and we know
• Our clients report that we have become their “trusted advisor”
• We understand in depth the technologies involved in creating contingency solutions

EXENET creates IT contingency plans based upon a Business Impact analysis (BIA) that covers key infrastructure components (data center, network, storage, and applications). The key is to create an executable IT architecture vs. a business continuity plan (more than documented procedures that reside in a binder). For example, major business continuity providers create a business continuity plan that covers all aspects of contingency from a very broad level. No details specifically cover the architecture required to create an infrastructure to support a contingency situation. Guidelines are given in these continuity plans without details on how to architect and how to implement. EXENET takes the requirements from the high level plans and focuses on a specific target – the infrastructure that covers data center network, storage and applications.

• First Phase – requirements analysis (audit) the current network (LAN/WAN), storage requirements, applications – high level business process flow. Guidelines for this process taken from the BIA.
• Second Phase – design/architecture – architect/contingency side (hot/warm/cold) with all aspects of connectivity (bandwidth) mixed with storage and application dependencies.
• Third Phase – vendor selection and pricing – taking a vendor independent approach – EXENET outlines hardware, software and services required for the architecture in Phase 2.
• Fourth Phase – help with implementation. Could be solo or joint effort with the client
• Fifth Phase – support phase – comes in two ways – through our monitoring can make sure all DR components are up and also shed light on performance monitoring of the bandwidth interconnecting the main site to contingency site.
  EXENET also helps in conducting dry runs of the contingency site. Dry run testing is a process where the business completely shuts down the main infrastructure and switches over to the contingency infrastructure to run all its business processes.

Technologies:

• Data centers (corporation owned, carrier-based, DR provider-based), power and other physical requirements
• Bandwidth – both private technologies (T1, T3, Frame Relay, ATM) and public technologies (Internet VPN - MPLS),
• Network – switches, routers, firewalls, VPN access concentrators,
• Storage – Host based replication, SAN-based replication, geo-clustering, back-up and restore technologies, server technologies (blade servers), NAS based replication, vaulting, retention programs
• Generic applications – file and print, mail, directory services, databases, converged technologies like VoIP
• Remote access technologies - Remote access VPN’s - IPSEC VPN’s/SSL VPN’s, Firewalls, wireless RF technologies (LAN) – 802.11 a, b, g, Wireless RF technologies MAN – 802.16, RIMM, cellular technologies (3G), WAP, instant messaging, peer to peer networks, Internet technologies (BGP)
• Security technologies (Firewalls, IDS, anomaly based systems, token cards, PKI (digital certifications), wireless security (802.1x/EAP types), encryption (3DES/AES)