S 6.53 Redundant arrangement of network components

Initiation responsibility: IT Security Officer, Head of IT

Implementation responsibility: Administrator, Purchasing Department

High requirements must be placed on the availability of central network components, since a large number of users usually depend on the smooth operation of a local network. To allow operations to be resumed as quickly as possible following the occurrence of an error, a redundancy must be created for each area in accordance with the applicable availability requirements so that a partial or complete failure of the related network components can be prevented whilst keeping the resources required within acceptable limits.

There are two different ways of achieving redundancy:

• The redundant network components can be stored in a warehouse in order to allow quick replacement in an emergency situation. If this is not observed, lengthy procurement routines will often be required before malfunctions can be eliminated. As an alternative, maintenance and/or supply agreements must be concluded with the respective manufacturers in order to guarantee quick replacement of defective components. After that, the configuration backup data can be restored in order to minimise the downtime of the affected network segments (see S 6.52 Regular backup of configuration data of active network components).
• In addition, it is advisable to already plan for a redundancy of network components when planning the network. For example, all central switches and, depending on the protocols used, all routers should be integrated into the network at least twice in order to achieve redundant server connections and redundant connections between the individual network components (see Figure 1). Correct operation must be guaranteed by means of a suitable, logical network configuration.

Figure 1: Redundant links between network components

If a redundancy is also required in the area of end devices depending on the availability requirements, each end device must also be equipped with two network adapters (see Figure 2).

Figure 2: Redundancy up to the area of end devices

In each specific case, it must be checked whether this technology is supported by the active network components and operating system used.

In many cases, malfunctions of active network components can be attributed to the related power supply units, as they require a stable power supply. For this reason, many components are delivered with redundant power supply units or can be refitted with them. Thus, the reliability of individual network components can be increased without requiring the use of two network components. However, this measure does not increase the operational reliability of the network components as such.

In each case, a careful analysis is required to determine the actual availability requirements. As part of a detailed planning of the system and network architecture, a suitable redundancy concept must be developed to fulfil these requirements. In this context, safeguard S 6.18 Provision of redundant lines must also be observed.

Review questions:

• Were the availability requirements of the central network components determined?
• Are redundancies of all important network components stored in the warehouse for emergency situations and/or have supply agreements been concluded in this context?