Sie sind auf Seite 1von 32

Running head: DATA ASSET MANAGEMENT SYSTEM (DAMS)

Data Assest Management System (DAMS)


Datacenter Application
Final Term Project
Greg Wiedeman
MSCT620
Regis University

DATA ASSET MANAGEMENT (DAM)

2
Abstract

The following paper contains information for supporting a Data Asset Management
System (DAMS) located in a data center with a focus an infrastructure of models that are used to
capture, catalog, store and manage digital assets which will be print media and advertising art
work. The process of design for the DAMS will consist of the network architecture and
supporting infrastructure used to create an efficient system, which is scalable, flexible, and
resilient. The system is going to reside in one or more of the server farm topologies, which
include internet, intranet and extranet and the topology boundaries of the system will help to
determine security, including data integrity, assurance, and secure access without causing a
hindrance to end-users or affecting the applications performance. The network design will
consist of a layer 2 network design including STP, a layer 3 design with routing protocols
defined, SSL/TLS, load balancing, server monitoring, and caching with a final DNS mapping.
This information should be enough for an installation team to develop a full cost estimate,
configuration guides, and construction plans.

Table of Contents

DATA ASSET MANAGEMENT (DAM)


I.

Introduction

II.

Risk Analysis

III.

Layer 2 Design of the Datacenter

IV.

Layer 3 IP Address Design

V.
VI.
VII.
VIII.

I.

SSL and TLS


Load Balancing
DNS
References

Introduction
The world today is becoming more about ones and zeros as books are converted to digital

DATA ASSET MANAGEMENT (DAM)

media, medical records are forced to go digital, documents are scanned into computer systems,
pictures, music, movies, and the list continues on what is getting digitized. Brand (1998)
speculates, starting in the 1950s to the present recorded information increasingly disappears into
a digital gap. Historians will consider this a dark age. The management of all the digital assets
becomes a necessity but difficulties arise as formats change and become obsolete, tapes and disks
lose integrity, systems become more complicated, new methods of access become available, such
as smart phones and tablets, and as more data is transferred to digital media storage increases and
a storage life cycle plan becomes ever more important to develop in an organization to move data
around easier for fast and efficient access.
The purpose then, for Digital Asset Management (DAM), is to develop the concept into
the data center as a Digital Asset Management System, (DAMS), which according to McCord
(2002) contains an infrastructure of modules that are used to capture, catalog, store, and manage
digital assets. He also points out that those assets should expand to use in tools that can produce
videos, audio, web content, and print media. The digital content must also contain ways to
identify the asset, group individual assets forming a collection, the ability to protect the original
asset as it is used to in these collections, define rights, determine permissions, develop process
rules, and finally administer and control the flow of assets.
A company called Media River LLC will attempt to from a business requirement to easily
share documents with satellite offices, and to external clients. The companys digital objects
consist of geological surveys, Microsoft Word documents, and Excel spreadsheets along with
low to medium resolution images of land surveys, satellite photos, and digital ground photos.
The front-end access is a web interface, similar to SharePoint, with a login page to control
security access, auditing, and user sessions while providing a search function to enter metadata

DATA ASSET MANAGEMENT (DAM)

information to pull up certain images. Metadata could include but not limited to a project ID, the
name of a company, and the name of a product or a campaign theme. Users of the system can
use a checkout method, similar to a library; to gather images to use as references for now or later
but after a 24-hour period the assets will automatically go back on the shelf. Administrators can
manually over ride the system to move assets back on the shelf but cannot extend the period of
24 hours because of the persistent cookie expiration time that is delivered to the user browser.
Even though items may be checked out this does not mean that the digital assets can not
still be viewed and checked out by other members for further processes such as ordering high
resolution prints or obtaining a hard copy of the media. There will be certain access controls so
that only certain individuals and groups will be able to view certain digital media. For example
one client could not see another clients data and clients will have specialized employees who will
work one on one with the client to ensure that employees only have access to their supporting
clients. This will prevent employees having access to all the data assets of every client.
II. Risk Analysis
The following contains a brief summary of the top three content elements used by users
and managed by the DAMS. A score of high, medium or low for each content element shall be
given based on the value of the content element to the organization, value to the user based on
the subject of the content, the attractiveness to an outside attacker, and insider intent on fraud or
extortion. The evaluation of the content elements continues by looking if there are any laws,
such as HIPPA, PCI or FERPA as an example, that are governing the elements. The final portion
evaluates what tools and technologies are required to ensure that the company is providing
appropriate protections for the content elements identified.
The first content element that is critical for the DAMS is the web interface granting

DATA ASSET MANAGEMENT (DAM)

access to specific information for an employee, administrator, or client to create, read, update, or
delete. This particular content, also known as authentication, has a rating of high for the
organization because according to Vemuri (2007), it is important in establishing trust in critical
business processes. It is also important to the organization because the identification of the
person accessing the system is critical for safeguarding that the information accessed is correct
for presentation and manipulation. It also helps to maintain confidentiality and integrity of the
infrastructure by tracking changes made to the system.
Authentication, to the user, also ranks high for value because without this information
there is no access to the information through the website. It will also prevent users from
interacting with the system to view and update information with the company. It will also affect
communication and slow down an end users effectiveness and productivity. Authentication also
protects the client or company from an employee who is accessing and manipulating data in such
a way that violates the companys policies.
The attractiveness of the content element of authentication is extremely attractive to an
outside attacker and therefore ranked high. It should be common sense the ranking of
authentication simply because it will allow that attacker to impersonate a user and has the same
principal as framing someone for a theft of a physical item. It will also compromise the
trustworthiness of the system and possibly turn away future business and it becomes a public
relations nightmare for a compromised system.
The next category evaluated is the value authentication has to insiders intent on fraud or
extortion and again this receives a medium due to the fact that employees of the survey company
will indeed have certain rights not only to view content but also to look into other clients login
profiles for troubleshooting problems or for training clients and a real threat of fraud or extortion

DATA ASSET MANAGEMENT (DAM)

is not high because the content has more value to the client then it does to the employee. An
employee could however steal information that a land survey may present and leak this
information to outside entities for gain but the employee would already have authentication into
the system to get the information. As of now there are no known laws forcing authentication
processes for the company but just guidance for standards based on best practice and some
outlined by NIST Special Publication 800-63-1 Electronic Authentication Guideline
In ensuring proper password management there are content elements used that manages
password attributes including complexity, length and change frequency. Passwords in the
database are encrypted using a one-way SHA-1 hash algorithm Melonfile (2006). Besides a
username and password, a challenge response is setup during the original account creation,
which consisted of three questions and three answers. The password complexity should contain
upper, lower case letters, a number, a special character, and be at least ten characters long. A log
file contains user information, navigation, changes to data in the website and time stamped. On
the website login page an SSL certificate encrypts the information passed from the end users
browser to the website. The webservers are clustered providing high availability and also run the
latest virus programs and have built in a personal firewall, which came with the enterprise
antivirus program.
The second content element identified is geological surveys that clients pay for and
access on the website. The geological surveys are an important piece of information that may
identify an area that may contain valuable resources, such as oil or minerals. The information is
to remain secured and only accessed by those who have proper authentication, therefore there is
a risk that this information may be purposefully accessed by a rival company or accidentally
accessed by another client or unauthorized employee. The value of the geological surveys to the

DATA ASSET MANAGEMENT (DAM)

company is low. Usually the geologist and others conducting the surveys already know this
information and therefore the actual surveys are merely for the clients and for official records.
However, the value of the geological surveys to the client is high because this could determine
whether they move forward on purchasing property or bring in equipment for mining or drilling
and is usually an expensive decision for clients.
The value and attractiveness of this information to an outside attacker may be minimal
simply because the geological survey may be difficult to read and understand without the
surveyors or the geologist. They also may not have a high value simply because there are easier
legal methods of finding out whether a company is trying to find new resources such as oil or
minerals. This does not mean however that the information is not worthwhile but it may not be
worth the time and risk. This would also include a low value of this information to insiders
intent on fraud or extortion. Again, as stated before an insider would already know thief
information of the geological survey and therefore would not need the maps or report. In the
next section of laws, none found in governing geological survey information.
To secure the geological surveys for the client a firewall and access control lists secure
proper access. From the end users perspective, an SSL certificate provides secure transaction
between the client and the website. The servers that contain the files are clustered and backup up
on a regular basis. The servers again have a personal firewall along with the antivirus software.
All files created, read, updated or deleted get tracked by who changed them, at what time and the
information that changed by using a version control program. The files will also contain
permissions so only certain users can access the files.
The third and final content element identified is the ability for a client to pay for
invoices online through their online account. The information passed in the process has a low

DATA ASSET MANAGEMENT (DAM)

value to the company. This is because the company uses a third party site merchant to actually
take the clients information including the credit card number so none of this information ever
passes through the company or is stored on any company database. The credit card information
to the client and attractiveness to an outside attacker scored high. There is a low rating for the
value of credit card payment information to insiders because the applications or servers of the
company never see the information. The company uses a third party merchant account, however
the fact that the company does allow credit card payments online does not negate their
responsibility to be PCI compliant but may just require the company to meet less requirements.
Since PCI is a complicated and confusing, a third party security company is responsible for
providing the necessary requirements and audits twice a year to make sure the company is in
compliance.
III. Layer 2 Design of the Datacenter
The following section contains a description of the layer 2 network design of the
data asset management system in the data center. The first part of the exercise is determining the
underlying applications supporting the system and determining the best configuration for the
workload expected making the necessary calculations to allow for scalability due to growth.
This will involve reading the manuals on the applications and discovering any recommendations
by the vendors. When the workload characteristics are determined for the applications, then
putting together the specifications for physical equipment becomes easier including server
hardware builds and network equipment, which includes port density, link speeds, switch
placement, logical vlans, and design boundaries. The second part of the exercise is creating
network diagrams with a flowchart application such as Microsoft Visio or Omnigraffle to supply

DATA ASSET MANAGEMENT (DAM)

10

a logical and physical representation of the layer 2 design. Once the system infrastructure is
built then load testing can take place to verify the architecture is correct.

The core application architecture consists of threetier model the client, the
web/applications server and the database server. Apache 2.4 is running the web server front end
on CentOS 6.4, the application layer consists of Python Web Service and heavy client side java
scripting running on the same server. The middleware software, mod-python, links Apache web
server to Python Web Services and also acts as a caching mechanism for database query
information creating a consistent database connection. The login page and user access will
authenticate against Microsoft Active Directory (AD) 2012 with an LDAP call request and reauthenticates throughout the session for security using a cookie. For redundancy, two AD
servers are located on the same vlan and separated from the other servers by a firewall allowing
only certain subnets through that are necessary and will act as Domain Name Servers (DNS).
The database system layer consists of a MySQL cluster with the following components
for support, a MySQL Server, the network database (NDB) storage engine, and the network
database (NDB) cluster. To provide redundancy and load balancing Apache mod_proxy module
creates reverse proxy servers that talk to the back end web servers and provide stickiness or
session persistence with a cookie using an add-on called PHPSESSID. The reverse proxy servers
have an active / passive configuration and use multicast to pass heartbeat messaging and will be
on the same subnet and vlan. The database system layer consists of a MySQL cluster with the
following components for support, a MySQL Server, the network database (NDB) storage
engine, and the network database (NDB) cluster. The storage tier will use HP 3Par fiber channel
to provide storage lifecycle and redundancy for the database system layer configured for RAID 6

DATA ASSET MANAGEMENT (DAM)

11

while front end load balance servers, web servers, and active directory uses local storage
configured as RAID 1 mirroring.
The recipe from Cisco Validated Design 2011 called a Cisco Triangled Loop Access
Topology (Cisco Validated Design 2011) inspired the physical connections between the different
layers. This architecture allows for separate vlans and redundancy along with stretching layer 2
to other racks in the data center for growth providing scalability. The appeal to this architecture
design is the simplicity to configure and manage and the application supported only currently
requires two vlans at the access layer, one for the web services, active directory, and one for the
database cluster, but the design will allow for vlan growth. The firewall used in the previous
description between the web services and AD is controlled by the built in Windows 2012 to save
on hardware costs and for simplicity.
Starting there will be nine servers at the access layer, two for AD / DNS, four for
web/application services, and two for the database cluster. The normal port density
oversubscription ratio at the access layer is 20:1 and calculated by adding all the physical port
speeds for the access-downlinks to the access-uplinks. In the current design, there would be nine
Gbps downlinks and 10Gbps uplinks, which is not even close to hitting a 20:1 ratio. In order to
hit the 20:1 radio one would have to use at least 200 Gbps downlinks for one 10Gbps uplink.
Since the aggregation and core are collapsed there is no calculation but it is normally a 4:1 ratio
between aggregation and core switches (Hogg, S., 2009).

DATA ASSET MANAGEMENT (DAM)

12

DATA ASSET MANAGEMENT (DAM)

13

DATA ASSET MANAGEMENT (DAM)

14

IV. Layer 3 IP Address Design


The following section contains a description of the layer 3 network design of the
data asset management system in the data center. The following elements will overlay the layer
2 maps, the IP address subnets, routing information, primary and failover routes, devices, and the
routing plan, which takes into account the overall organizational routing plan. There is a limit of
IPv4 public addresses so Network Address Translation (NAT) is a planned implementation along
with deciding where in the network it will function. Also shown with aggregation switches,
routers and firewalls is the redundant protocol used with the devices chosen in the network
design. The Virtual IP (VIP), Switch Virtual Interface (SVI) for inter-VLAN routing, default
routes and areas along with VLAN trunks, numbers, and DNS names for devices and

DATA ASSET MANAGEMENT (DAM)

15

applications is included in the paper and shown on the network diagram.


The IP addresses that are used for the data asset management system will include a /24
private IP subnet for the web cluster servers, DNS and Active Directory in VLAN 100. A /24
private IP subnet VLAN 200 for the database cluster servers. VLAN 300 is used for load
balancing devices and has a /24 IP address subnet. A /24 for VLAN 400 (network devices)
defines the OSPF area on the edge in Area 0. The routers will redistribute OSPF routes into
BGP. The routers are Customer Edge routers that participate in a carriers MPLS Layer 3
network infrastructure. The routers are using EBGP for interfaces that forward to the carrier and
use IBPG between the two with GLBP. The OSPF routes will redistribute back to the campus
site. The entire IP infrastructure has a CIDR address range starting from 10.200.192.1 to
10.200.223.254 usable addresses, inverse mask 0.0.31.255, subnet size of 8090, broadcast
address 10.200.223.255, and network address 10.200.192.0. This CIDR block is broken up
between each campus network site and the main data center.
IP ADDRESS SCHEME
VLAN 100 Web Servers, DNS, Active Directory Subnet 10.200.192.0 / 24
Gateway address 10.200.192.1
Subnet Mask 255.255.255.0
SVI VLAN 100 Aggregate/Core Switch 1 10.200.192.2
SVI VLAN 100 Aggregate/Core Switch 2 10.200.192.3
HSRP VIP 100 Aggregate/Core Switch 10.200.192.1
Web Services VIP Cluster IP address 10.200.192.10
Primary Active Directory / DNS IP Address 10.200.192.20
Secondary Active Directory / DNS IP Address 10.200.192.30

DATA ASSET MANAGEMENT (DAM)

16

VLAN 200 Backend Database Cluster Subnet 10.200.193.0 / 24


Gateway Address 10.200.193.1
Subnet Mask 255.255.255.0
SVI VLAN 200 Aggregate/Core Switch 1 10.200.193.2
SVI VLAN 200 Aggregate/Core Switch 2 10.200.193.3
HSRP VIP 200 Aggregate/Core Switch 10.200.193.1
Backend Database Cluster Services VIP Cluster IP address 10.200.193.10
VLAN 300 Load Balance Servers
Gateway Address 10.200.194.1
Subnet 255.255.255.0
SVI VLAN 300 Aggregate/Core Switch 1 10.200.194.2
SVI VLAN 300 Aggregate/Core Switch 2 10.200.194.3
HSRP VIP 300 Aggregate/Core Switch 10.200.194.1
Primary Load Balance Server 10.200.194.10
Secondary Load Balance Server 10.200.194.20
VLAN 400 OSPF Edge Devices
Gateway Address 10.200.195.1
Subnet 255.255.255.0
SVI VLAN 400 Aggregate/Core Switch 1 10.200.194.2
SVI VLAN 400 Aggregate/Core Switch 2 10.200.194.3
HSRP VIP 400 Aggregate/Core Switch 10.200.194.1
Primary Firewall Inside 0 10.200.194.11
Standby Firewall Inside 0 10.200.194.21
HSRP VIP 400 Firewall 10.200.194.10
Firewall Active / Standby Configuration
CE Routers Redistribute OSPF
Out of band management interface on switches 10.100.100.1 / 24

DATA ASSET MANAGEMENT (DAM)

17

I still have some questions on the routing. I will have to investigate whether I can use
BGP all the way to the core layer 3 switches or if I will need to redistribute OSPF into BGP. The
MPLS carriers only accept BGP or static routes from the Customer Edge (CE) routes. Since I
am using diversified carriers there are no managed routers and I will have to manage the routers.
There are some advantages and disadvantages to using diversified carriers.
Advantages
More Fault domains
Leverage pricing from carriers
Automatic carrier failover for redundancy
Disadvantage
Load Balance is complicated between carriers
Design Complexity
Increased cost for routers
Reduces common offerings between carriers
I will also need to discover internet connectivity and how to provide fault tolerance. The
original idea is to use two circuits with different entry points from within the data center. I will
see if I want to load balance between the same carriers and have them manage the routers or
manage the routers and have carrier diversification on the internet connection. The internet
connection will provide VPN access into the data center, NAT for websites and other services. I
will still need to provide public to private addressing and debating whether I should create a
DMZ zone or extranet farm zone for access to the website interfaces. If I can firewall and NAT

DATA ASSET MANAGEMENT (DAM)

18

to the webservers and secure them properly the need for these zones may not be necessary. The
firewall will need other interfaces in order to properly secure the access/application services and
the backend databases.

V. SSL and TLS


The following section contains a description of the security elements in the design
of the data asset management system in the data center. The basic elements described include
authentication and access control methods, secure client server connections using SSL and TLS

DATA ASSET MANAGEMENT (DAM)

19

aspects, and standard access control lists (ACL,) which extends to include the protocols allowed
and disallowed to enter the network and separated from the public to the campus locations. The
authentication, authorization, and audit (AAA) model integrated into the infrastructure
incorporates the applications user login process showing detailed information for that process. A
justification for using certain security methods is included in order to understand the rational and
provide an opportunity for debate on whether a different method might be better suited for that
element.
The first element in the security design process involves the definition of logical security
zones based on network functions and those zones include the management network, Internet
edge, campus core, Internet server farm, and Intranet server farm. The Internet edge provides
access to the Internet for the enterprise and will include any external websites and infrastructure
services such as a Domain Name Service (DNS) server. The campus core provides access for
remote offices that support employees and administrators for the data center application. The
Intranet server farm provides the connectivity for the web servers, application servers and
infrastructure services such as Active Directory and DNS server. The intranet includes
aggregation switches that will provide the connectivity for load balancing, SSL off loaders,
firewalls, and any IDS devices. The zones as stated before are logical in order to organize
firewall rules and placement of devices but it does not necessarily reflect physical separation but
secured through proper firewall rules and router access control lists.
The next element involves on authentication, authorization, and accounting for the
DAMS. The username and passwords for the authorized users are contained in Microsoft Active
Directory and users belong to certain groups that control access to the pages in the web interface
of the application, along with database access, content changes or infrastructure changes, for

DATA ASSET MANAGEMENT (DAM)

20

example adding or changing a DNS record. The authentication, based on Kerberos, enables a
user single sign on (SSO) to multiple offered services. There are several advantages to using
Kerberos including ease of integrating new services without affecting the current login process,
single sign on, no replay, able to create different KDC realms for different systems that can fully
trust one another making Kerberos flexible and expandable.
On the management network in the data center, the method of security used is
TACACS+ for specialized IT staff to manage the networking devices such as routers and
switches because TACACS+ provides full encryption of data from end to end, unlike Radius, and
it can determine what command sets a user may use on the devices themselves. Two jump
servers will provide another layer of security to access the networking equipment and provide
redundancy for device access. A jump server is a server you have to log into first, usually a Unix
box using port 22 Secure Shell (SSH), to get access to the networking devices in the data center.
This will help to keep the Access Control Lists (ACLs) at minimum because you only have to
create ACLs on the networking devices granting the jump servers access. Otherwise an
administrator would have to maintain ACLs to all the remote offices subnets in the event the IT
team is not centralized and on the firewall you only need to have a rule from the remote networks
to the jump servers on port 22.
Access outside into the data center from clients using the DAMS web interface will enter
through the F5 Big-IP Load Balancer and SSL Accelerator appliance which is very appealing
because the device has multiple functionality including ISP load balancing, NAT translation from
public to private IP addresses, VLAN aware, Secure NAT from the inside to outside internet and
can support the Intranet sites, the device has redundancy capabilities and supports load balancing
VPN and IPsec tunnels. This device has a lot of potential in the data center and looking at the

DATA ASSET MANAGEMENT (DAM)

21

specifications can handle ten million layer 4 connections per second, twenty million layer 7
requests per second, 640 Gbps layer four throughputs, DDOS and SYN protection. The device
with the right modules can also give real time analysis for uptime, response time, and usage
trending that is helpful to anticipate changes and account for spikes. The device also support
IPv6 which is part of the business IT requirements that all devices and software must be able to
support IPv6. For security purposes on the Internet connection to the Virtual Web Servers hosted
on the F5 device ACLs allowing any to the device on port 80 and 443 would be open and further
firewall rules and Network Access Translations (NAT) are configured through the web interface
on the F5 appliance and the appliance would integrate into the aggregation switches and will use
wildcard SSL certificate from VeriSign. To prevent SYN attacks, on the external interfaces for
the routes ACLs need configuring to block packets that have a source addresses from the internal
network and configure internal router interfaces to block packets to the outside that have source
addresses from outside the internal network (Schuba, C.L.; Krsul, I.V.; Kuhn, M.G.; Spafford,
E.H.; Sundaram, A.; Zamboni, D 1997).
VI. Load Balancing
The following section contains a description of load balancing, server monitoring,
and caching design of the DAMS in the data center. The basic elements include the algorithm
methods used for load balancing, server monitoring techniques and caching methodologies, if it
is used. Consideration on how the load balancers will communicate and route traffic to the back
end servers is important for performance and uptime. All these elements have the goal in mind
to provide high availability and performance for the DAMS.
The main idea of load balancers is to distribute different forms of ip traffic between
available resources, whether the resources are servers in a server farm, DNS entries, SIP proxy

DATA ASSET MANAGEMENT (DAM)

22

gateways, or even routers. The load balancers are able to accomplish the distribution in different
ways based on different methods and algorithms. Depending on the goals and infrastructure of
the balanced entity certain methods, of course, will work better than others. When choosing the
type of algorithm to use the designer must take into consideration the method to create
persistence, stickiness with the back-end infrastructure. In the case of the DAMS, the back
end servers are in a web farm that will provide a web interface for clients. The clients will have
the ability to view, download and upload their data from the web content so maintaining
persistence across servers will be important factor. The server farm on the back end will contain
servers of similar model and type with the same hardware in each web server for consistency and
ease of management. Server monitoring is very critical in determining how to distribute the
traffic load along with deciding what server certain requests should go to and how to reallocate a
server load in the event of a server crash or failure. For the DAMS, a dynamic automated form
of system monitoring is preferred along with an effective alerting tool to inform administrators of
any warnings, critical failures or simple anomalies, such as an unusual increase in traffic volume.
The first load balancing design for the DAMS is a software solution using Apache web
head servers running mod_proxy, mod_proxy_balancer, and mod_status. Mod_proxy is the core
of the software modules and provides the layer 7 sticky sessions, while mod_proxy_balancer
provides three load balance methods including Request Counting, Weighted Traffic Counting and
Pending Request Counting and finally the mod_status will provide the server monitoring. The
mod_proxy_balancer algorithm that seems to fit best with the DAMS is request counting and
idea is that there is a distribution of the requests among the various workers, back end servers, to
ensure that each gets a share of the number of requests; this is a type of round robin. Some
reasons to use request counting are that all the back end servers will be the same, it is easier to

DATA ASSET MANAGEMENT (DAM)

23

configure, the users sessions are not usually long because of uploads or downloads and it can
balance evenly across all servers getting full utilization. Request Counting is enabled by via
lbmethod=byrequest in the httpd file. The mod_proxy_balancer also has stickiness with two
ways to implement and that is a cookie and the other is URL encoding, which the DAMS will
use the cookie method to provide stickiness for a couple of reasons including providing better
flexibility and since it is using layer 7 the client IP does not matter and does not matter, which
makes it easier for more mobility. To enable balancing manager, which is a way to dynamically
monitor and update the load balancing policies, the mod_status is required. The balancer
manager support enables dynamic update of balancer members. Balance manager can then
change balance factor or put a member offline. The balance manager is the way to provide
server monitoring and health.
The load balancer outside connection is a public IP address in the DMZ and the inside IP
connection is part of the same private address subnet as the web servers in the same vlan. This
provides a two way arm proxy to pass traffic through the load balancer to the web servers. The
proxy server can also cache pages in memory to decrease load time of images or common
content. Redundancy is also built into the load balance servers by using a module called
heartbeat. Heartbeat is a free utility that is setup on both load balancers and supplies the public
VIP used and the outside and on the inside to track both interfaces in case one fails.

VII. DNS
The following section describes the infrastructure design for DNS zones including
defining replication partners for redundancy and how the zone will influence several other

DATA ASSET MANAGEMENT (DAM)

24

components, such as the load balancer, web portal, MySQL databases, and the Active Directory
infrastructure. The data center will consist of two DNS servers and two zones. One for Active
Directory zone and the other for a split zone that will contain the external zone records for the
web portal. At the end of describing the zone setup, there is a network diagram to show where in
the datacenter the internal DNS servers live.
The internal DNS servers are Microsoft DNS and run on the same servers in the data
center as the Microsoft Active Directory Servers. The internal DNS will have the Active
Directory DNS zone and the main Internet zone. The forest in Active Directory will provide the
private internal DNS zone called mediariver.priv, which is an active directory integrated zone.
This will contain all the service records for active directory along with all the servers, switches,
routers, load balancers, routers, and firewall entries. The registrars for the domain
mediariver.com hosts the external dns servers and will only contain the records needed to allow
clients to connect to the web portal from the outside. For an employee to connect to servers
inside the data center using DNS then the employees local internal DNS server will do a split
brain and have conditional forwarding setup to direct the request to the zone. This will keep
requests on the private MPLS network (Schauland, D. 2009). The internal DNS servers are the
only servers that will be able to send replication information

Active Directory Forward Zone mediariver.priv


Name

Type

(same as parent folder)

Start of Authority [86676]


(SOA)

Data

Timestamp
ns1.mediariver.priv.

DATA ASSET MANAGEMENT (DAM)


(same as parent folder)

Name Server

25

ns1.mediariver.priv. static

(NS)
(same as parent folder)

Name Server

ns2.mediariver.priv. Static

(NS)

Primaryfirewall

Host (A)

10.200.194.11

static

Standbyfirewall

Host (A)

10.200.194.21

static

MainFirewall

Host (A)

10.200.194.10

static

ns1

Host (A)

10.200.192.20

static

ns2

Host (A)

10.200.192.30

static

primloadbalancer

Host (A)

10.200.194.10

static

secloadbalancer

Host (A)

10.200.194.20

static

mysql1

Host (A)

10.200.193.20

static

mysql2

Host (A)

10.200.193.21

static

mysql3

Host (A)

10.200.193.22

static

web1

Host (A)

10.200.192.20

web2

Host (A)

10.200.192.21

web3

Host (A)

10.200.192.22

accessswitch01

Host (A)

10.100.100.10

accessswitch02

Host (A)

10.100.100.11

accessswitch03

Host (A)

10.100.100.20

accessswitch04

Host (A)

10.100.100.21

Coreswitch01

Host (A)

10.100.100.1

Coreswitch02

Host (A)

10.100.100.2

cerouter01

Host (A)

10.200.194.30

cerouter02

Host (A)

10.200.194.40

fiberswitch

Host (A)

10.200.193.30

DATA ASSET MANAGEMENT (DAM)

26

These addresses will not be published to the outside world but only shared with internal
employees who must manage the infrastructure. The other users who go to mediariver.com will
use external DNS servers hosted by the registrar.

DATA ASSET MANAGEMENT (DAM)

27

DATA ASSET MANAGEMENT (DAM)

28

References
Arregoces, M & Portolani, M (2004). Data Center Fundamentals. Indianapolis, IN: Cisco Press.
The Apache Software Foundation (2013). Apache Module mod_proxy [manual] retrieved from
http://httpd.apache.org/docs/2.2/mod/mod_proxy.html
Brand, S (1998, November). Written on the Wind. Civilization Magazine. retrieved March 6
2013, from http://longnow.org/essays/written-wind/
Burton, M (2004). Step-by-Step With Ciscos Hot Standby Router Protocol. Retrieved March 28,
2013

DATA ASSET MANAGEMENT (DAM)

29

http://www.enterprisenetworkingplanet.com/netsysm/article.php/1438251/StepbyStepWith-Ciscos-Hot-Standby-Router-Protocol.htm
Cisco Public (2011). WAN Architectures and Design Principles:BRKCRS-2041 retrieved March
29, 2013 http://home.komsys.org/~jocke/ciscolivemelbourne2011/BRKCRS2041_WAN_Architectures_and_Design_Principles.pdf
Cisco Reference Guide Chapter 25 Configuring Layer 3 Interfaces retrieved March 28, 2013
http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/37sg/configuration/guide
s/l3_int.pdf
Cisco Validated Design (2011). Cisco Data Center Infrastructure 2.5 Design Guide Chapter
6 . San Jose, CA: Cisco Systems, Inc,. retrieved March 25, 2013, from
http://www.cisco.com/en/US/docs/solutions/Enterprise/Data_Center/DC_Infra2_5/DCInf
ra_6.pdf

Dell Computer Corporation (2002). BIG-IP Solutions Guide version 4.2. retrieved April 6, 2013
http://www.andovercg.com/datasheets/f5-BIGip-solutions-guide.pdf
Elky, S (2006, May, 31). An Introduction to Information System Risk Management. retrieved
March 17, 2013, from SANS Web Site:
http://www.sans.org/reading_room/whitepapers/auditing/introduction-informationsystem-risk-management_1204
Hogg, S (2009). 10GE and Network Oversubscription Ratios. NetworkWorld, . retrieved March
22, 2013, from http://www.networkworld.com/community/node/48965

DATA ASSET MANAGEMENT (DAM)

30

Kaplan D (2009). Choosing a Digital Asset Management System That's Right for You. Journal
of Archival Organizations. 7, 33-40.
Load Balancer (2013). Loadbalancer.org supported load balancing methods. retrieved April 12
2013, from Loadbalancer.org Web Site:
http://us.loadbalancer.org/load_balancing_methods.php
McCord, A (2002, September, 6). Overview of Digital Asset Management Systems. retrieved
March 6 2013, from Educause Web Site:
http://net.educause.edu/ir/library/pdf/dec0203.pdf
Melonfire, C (2006, October, 9). Protect sensitive Web site data by encrypting information with
MySQL. retrieved March 17, 2013, from TechRepublic Web Site:
http://www.techrepublic.com/article/protect-sensitive-web-site-data-by-encryptinginformation-with-mysql/6124013
Oracle / MySQL. (2012, May). Guide to Scaling Web Databases with MySQL Cluster
Accelerating Innovation on the Web [White paper]. Retrieved from
http://www.mysql.com/why-mysql/white-papers/guide-to-scaling-web-databases-withmysql-cluster/
Patawari, A (2012, June 21). Load Balancing Using Apache's mod_proxy_balancer. retrieved
April 12 2013, from OpenLogic Web Site:
http://www.openlogic.com/wazi/bid/188013/Load-Balancing-Using-Apache-smod_proxy_balancer
Schuba, C.L.; Krsul, I.V.; Kuhn, M.G.; Spafford, E.H.; Sundaram, A.; Zamboni, D., "Analysis of
a denial of service attack on TCP," Security and Privacy, 1997. Proceedings., 1997 IEEE

DATA ASSET MANAGEMENT (DAM)

31

Symposium on , vol., no., pp.208,223, 4-7 May 1997


doi: 10.1109/SECPRI.1997.601338
serverfault. (2011, February 10). How many requests per second does your live-right-now LAMP
server handle? (literally) [Blog post]. retrieved from
http://serverfault.com/questions/234146/how-many-requests-per-second-does-your-liveright-now-lamp-server-handle
Standord Univerity IT Services (July 28, 2011). Authentication retrieved April 5, 2013
http://itservices.stanford.edu/strategy/access_control/authentication
Schauland, D (April 22 2009). Set up split-brain DNS with Active Directory integrated
zones.Retrieved April 27 2013: http://www.techrepublic.com/blog/networking/set-upsplit-brain-dns-with-active-directory-integrated-zones/1362.

Tarreau, W (2006, September). Making Applications Scalable With Load Balancing. retrieved
April 12 2013, from http://www.exceliance.fr/sites/default/files/biblio/art-2006making_applications_scalable_with_lb.pdf
Trubetskoy, G (2003, October, 2). Introducing mod_python. retrieved March 24, 2013, from
OnLamp Web Site: http://onlamp.com/pub/a/python/2003/10/02/mod_python.html
United States. Department of Commerce. National Institute of Standards and Technology
(2011, December) Electronic Authentication Guideline. (Research in brief) Retrieved
March 18, 2013 from the NIST Web site: http://csrc.nist.gov/publications/nistpubs/80063-1/SP-800-63-1.pdf

DATA ASSET MANAGEMENT (DAM)

32

Vadacca, S (2010, April, 20). Load balancing with Apache: a tutorial on mod_proxy_balancer
installation and configuration. retrieved April 12 2013, from Search Computing Blog
Web Site: http://blog.search-computing.net/2010/04/load-balancing-with-apache-atutorial-on-mod_proxy_balancer-installation-and-configuration/
Vemuri, L R (2007, May). What Is Authentication?. retrieved March 17, 2013, from The Institute
of Internal Auditors Web Site:
http://www.theiia.org/intAuditor/itaudit/archives/2007/may/what-is-authentication/
Windows Server Technet (March 28, 2003). What Is Kerberos Authentication retrieved April 5.
2013 http://technet.microsoft.com/en-us/library/cc780469(v=ws.10).aspx