The team is responsible for recovering and reestablishing operating systems (OSs)

User Techniques

Although most optimizations of system recovery are only available to database system implementers, there are a few things that a user can do to speed up restart and thereby improve availability, such as the following:

If the checkpointing frequency can be adjusted by the system administrator, then increasing it will reduce the amount of work needed at restart. Running a benchmark with different checkpointing frequencies will help determine the expense of using frequent checkpoints to improve recovery time. Depending on the overhead of the checkpointing algorithm used, this might require buying extra hardware, to ensure satisfactory transaction performance while checkpointing is being done.

Partition the database across more disks. The restart algorithm is often I/O-bound. Although it reads the log sequentially (which is fast), it accesses the database randomly. Spreading the database over more disks increases the effective disk bandwidth and can reduce restart time.

Increase the system resources available to the restart program. After the operating system recovers from a failure, it runs recovery scripts that include calling the database restart algorithm. It may not allocate main memory resources optimally, if left to its own defaults. The restart algorithm benefits from a huge cache, to reduce its I/O. If memory allocation can be controlled, tuning it can help reduce restart time.

In general, one should benchmark the performance of restart to determine its sensitivity to a variety of conditions and thereby be able to tune it to balance restart running time against checkpointing overhead.

How ASR Works

ASR involves two main processes:

ASR backup The process of creating an ASR set, which consists of a 1.44 MB floppy diskette and a linked backup media containing ASR-created backup data. These two components are necessary for performing an ASR restore and must be kept together.

ASR restore The process of re-creating the operating system and system-related disk partitions/volumes from an ASR set. In addition to the ASR set, you will need to have the original media used to install Windows Server 2003 on your server.

An ASR backup creates a set of all of the information necessary to re-create the operating system at the time the ASR backup is performed. When an ASR restore is performed, the operating system is reinstalled using the original Windows Server 2003 media. However, instead of generating new disk signatures, security identifiers, and Registry content, these items are restored from the ASR set.

NOTE

When operating on a nonclustered server, members of the Backup Operators group can perform ASR backups. This is not the case on clustered servers. Either a member of the Administrators group must perform the ASR backup or the Backup Operators group must be added to the security descriptor for the cluster service.

6.1.5 System Recovery Architecture

System recovery architecture is responsible for the standards and frameworks for system recovery involving each type of technology across each type of operating system environment, typically including:

z/OS,

Windows,

Novell, and

UNIX.

As well as each type of platform, such as:

tablet,

smart phone,

desktop/portable,

Intel box, or

mainframe.

This architectural discipline serves to assess, plan for, and monitor the design of standard recovery capabilities, failover and disaster recovery for the various types of environments deployed globally across an organization. Its specialization and scope is such that it is comprised of failover architecture and disaster recovery architecture.

Systems Recovery

Systems recovery and contingency planning is the series of processes and procedures that healthcare organizations implement to ensure availability (remember the availability leg of the CIA triangle) of electronic protected health information (EPHI). All healthcare organizations should develop a comprehensive business resiliency program to ensure the availability of healthcare information against natural or man-made disruptions. In addition to contingency planning being a security best practice, the HIPAA Contingency Plan Standard also addresses the importance of contingency planning through five implementation specifications. Per the HIPAA Standard [§164.308(a)(7)(ii)(A)–(E)] the five contingency plan implementation standards are a data backup plan (required), disaster recovery plan (required), emergency mode operation plan (required), testing and revision procedures (addressable), and application and data criticality analysis (addressable) and are defined as follows:

Data backup plan: “Establish and implement procedures to create and maintain retrievable exact copies of electronic protected health information.”

Disaster recovery plan: “Establish (and implement as needed) procedures to restore any loss of data.”

Emergency mode operation plan: “Establish (and implement as needed) procedures to enable continuation of critical business processes for protection of the security of electronic protected health information while operating in emergency mode.”

Testing and revision procedures: “Implement procedures for periodic testing and revision of contingency plans.”

Application and data criticality analysis: “Assess the relative criticality of specific applications and data in support of other contingency plan components.”

File System Recovery

File system recovery uses the acquired low-level data to rebuild the high level hierarchy of directories, subdirectories, and files. For data originating from flash file systems (as explained earlier in this chapter) this means finding out how the flash translation layer maps physical data to logical data and how the difference between active and delete data can be determined.13 The result of this “flash translation layer analysis” is a method that splits the physical data into two parts: a part with all logical sectors in the right order belonging to the actual file system and another part with all other data not belonging to the (current) file system. The first part can be further analyzed by existing forensic tools for file system recovery (Carrier, 2005). Analysis of the second part is more complex and depends a lot on the setup and user behavior of the originating system.

Alternate Storage Site

Incidents or outages affecting information systems often preclude the use of the primary operating location for system recovery. In such circumstances contingency operations teams perform system recovery activities at an alternate site, until the primary facility is again operational or a permanent replacement is chosen. To facilitate alternate site recovery and reconstitution, control CP-6 requires agencies to establish an alternate storage site for its moderate- and high-impact systems, and to put in place the agreements necessary to permit storage of and access to backup information to support recovery phase processes. Alternate storage sites also must be located far enough away from the primary storage site that the alternate site is not likely to be affected by the same hazards that might disrupt the primary site. Interpretations of what constitutes a sufficient geographic distance vary among organizations, but when selecting alternate sites, agencies must also identify potential issues (and describe actions to mitigate those issues) for accessing the alternate storage site in the event of a widespread outage or disaster [13]. Because all moderate- and high-impact systems share this requirement, agencies often designate one or more standard alternate storage sites to be used to support multiple systems; in such cases system owners or common control providers are responsible for implementing control mechanisms to transport system backups and other recovery information to the alternate storage site.

6 Summary

Here, we outline how to fit the GEV and incorporate ECE frequency, intensity, and damage, and system recovery into ecological population models. We provide a framework that downscales GEV models to an ecologically relevant spatial scale and discuss challenges and considerations when applying GEVs to different event types and systems. The GEV is well-supported, flexible, and proves to be a useful tool, with a long history as the modeling standard for extreme events. Although the GEV is not as detailed as some climate simulations (e.g., the Coupled Model Intercomparison Project, Eyring et al., 2016), it is very straightforward to use and interpret—providing an opportunity for ecologists to explicitly model ECEs in their study system with a low barrier to entry. By explicitly including ECE frequency and intensity, we can estimate the strongest sources of ecosystem change, modeling damage and recovery during and after an ECE. Our case study underscores the importance of explicitly modeling ECE characteristics; by incorporating the effects of climate change on our system through the lenses of both hurricane frequency and intensity, we found (surprisingly) that the stronger hurricanes of the future may not significantly impact our focal species. Without explicitly modeling hurricane frequency and intensity, we would not have been able to parse out the effects of probable future climate change scenarios on A. escallonioides and may have overestimated the potential influence of future storms on our study species. Better understanding the impacts of ECEs on ecosystems can improve our plans for the future, supporting conservation prioritization and effective natural resource management. As climate change continues, it is imperative that we accurately and explicitly model extreme events so we can understand current ecosystem dynamics, project future conditions, and plan for the future.

Frequently Asked Questions

Q:

What is virtual machine technology used for?

Virtual machine technology serves a variety of purposes. It enables hardware consolidation, simplified system recovery, and the re-hosting of earlier applications because multiple operating systems can run on one computer. One key application for virtual machine technology is cross-platform integration. Other key applications include server consolidation, the automation and consolidation of development and testing environments, the re-hosting of earlier versions of applications, simplifying system recovery environments, and software demonstrations.

How does virtualization address a CIO's pain points?

IT organizations need to control costs, improve quality, reduce risks and increase business agility, all of which are critical to a business' success. With virtualization, lower costs and improved business agility are no longer trade-offs. By enabling IT resources to be pooled and shared, IT organizations are provided with the ability to reduce costs and improve overall IT performance.

What is the status of virtualization standards?

True open standards for getting all the layers talking and working together aren't ready yet, let alone giving users interoperable choices between competitive vendors. Users are forced to rely on de facto standards at this time. For instance, users can deploy two different virtualization products within one environment, especially if each provides the ability to import virtual machines from the other. But that is about as far as interoperability currently extends.

When is a product not really virtualization but something else?

Application vendors have been known to overuse the term and label their product “virtualization ready.” But by definition, the application should not be to tell whether it is on a virtualized platform or not. Some vendors also label their isolation tools as virtualization. To isolate an application means files are installed but are redirected or shielded from the operating system. That is not the same as true virtualization, which lets you change any underlying component, even network and operating system settings, without having to tweak the application.

What is the ideal way to deploy virtualization?

Although enterprises gain incremental benefits from applying virtualization in one area, they gain much more by using it across every tier of the IT infrastructure. For example, when server virtualization is deployed with network and storage virtualization, the entire infrastructure becomes more flexible, making it capable of dynamically adapting to various business needs and demands.

What are some of the issues to watch out for?

Companies beginning to deploy virtualization technologies should be cautious of the following: software costs/licensing from proliferating virtual machines, capacity planning, training, high and unrealistic consolidation expectations, and upfront hardware investment, to name a few. Also, sufficient planning upfront is important to avoid issues that can cause unplanned outages affecting a larger number of critical business applications and processes.

File Deletion

Because of the nature of HFS, HFS+, and HFSX volumes, recovery of deleted file system details is particularly difficult. Unlike many Windows and Unix systems, recovery of deleted file system information on Macintosh systems is nearly impossible because nodes in the Catalog file are so frequently overwritten. This is largely due to the B-tree balancing process in the Catalog file, which obliterates previous file system details. Standard data carving techniques can be used to recover some file contents from Macintosh volumes, but only the data fork. This fork will retain what is a “typical” structure of media, document, application files with well-defined file formats, and header signatures that tools like Foremost rely on for carving as discussed in Chapter 2, “Forensic Analysis.” The real difficulty comes in further correlation; pairing the carved data for each fork would be very difficult, especially since a lot of the data in resource forks is undocumented. Additionally, tying specific files to a user can be very difficult when file system details are no longer available in a Catalog file record. Therefore, attributing a file to a particular user is often possible only through forensic examination of data contents.

Failure and recovery metrics

A number of metrics are used to quantify how frequently systems fail, how long a system may exist in a failed state, and the maximum time to recover from failure. These metrics include the Recovery Point Objective (RPO), RTO, WRT, Mean Time Between Failures (MTBF), Mean Time to Repair (MTTR), and Minimum Operating Requirements (MOR).