HNS: Navigating Business Networks24th May 2016
Business connectivity considerations for business owners and managers requiring resilient and highly available IT systems
Hub Network Services
Navigating Business Networks
1 Executive Summary
Advances in internet and networking technology over recent decades have brought new opportunities to companies, allowing them to conduct business operations across vast geographical areas much more easily than was previously possible. Leveraging this opportunity successfully and maintaining effective communications often means having a greater reliance on your IT systems.
But the networks that make all this possible are often overlooked by the businesses who depend on them day in day out. That is until the data stops flowing and things start malfunctioning or stop working all together.
Even if you are not an IT expert it is useful to have a high level understanding of which network is right for your type of business based on the applications and systems you are using. Pick the wrong one for the job and at best you may be spending more than you need while at worst you could be seriously compromising business continuity. The right infrastructure allows you to free up resources and energy to focus on core business activities: growth, improving employees’ skills and getting results at the bottom line rather than worrying about staying connected and the environment in which your infrastructure is housed.
This paper explores best practice and offers guidance for businesses owners and managers requiring resilient networks for ensuring their staff, customers and suppliers are served by highly available IT systems.
2 Optimising IT availability: Geo diverse data centre infrastructure
Moving servers to a modern tier 3 or 4 data centre is a first step to securing data assets and increasing availability. However, with the cost of data centre space and communications falling rapidly, organisations are now recognising that maintaining dual infrastructure, located in different cities or continents, is an increasingly affordable best practice for achieving further redundancy and security.
In order to succeed, it is important to recognise that applications which work perfectly on a system housed within a single location may fail spectacularly when latency of a few milliseconds is introduced due to geographical diversity. Much greater emphasis is required on testing, especially under full load.
A key design decision will also be the configuration of the sites in terms of active/active (both operating simultaneously) versus active/passive (single site operating with the other mirroring).The advantage of active/active is that both sites are known to work, whereas within an active/passive environment it is all too common for backup solutions (passive site) to remain untested.
Keeping both sites in sync is critical to maintaining data integrity. There are various methods for doing this as follows:
Synchronous replication – distance is critical due to latency requirements as both primary and secondary sites must confirm data has been written before an application can proceed. Distances greater than a small number of kilometres cause considerable performance problems.
Asynchronous replication – works over any distance, but increases the risk of data loss. This can be minimised using a journaling system, (similar to that used on the Linux file system ext3). This ensures that data writes can be rolled back to a known point.
Snap shots – allows data to be copied in a state at a specific time. This is particularly applicable for large virtual machine images. Tools such as VMware or Veeam are ideal for this.
Another significant challenge for delivering geo-diverse Internet facing applications is presenting IP addresses at multiple geographically separate locations. Should the two sites both become active simultaneously significant data corruption can result. Care also needs to be taken to ensure traffic takes an optimal path. The increase in the volume of traffic caused by sub optimal routing significantly increases the latency, size of the WAN needed and thus the expense of the system. An example would be an http request traversing an inter site link many times.
Furthermore, it is imperative each site is incorporated into a functional ring system and hardware clusters have sufficient distance separating them to negate local complications. As highlighted by the recent flooding in the North of England, for those companies affected, a secondary cluster in the less sodden South of the country would have greatly reduced the risk of downtime.
3 External transit networks – diversity is the key
Moving IT infrastructure to one or more colocation data centres and putting it in the hands of industry experts can be a vital first step in ensuring your business systems are fully secure and protected. However, there is a danger of organisations overly focusing on data security either by hosting servers within a controlled data centre environment, or more commonly outsourcing to the cloud. This can result in the most appropriate network design and connectivity solutions being overlooked.
In order to avoid risking external transit networks becoming the weakest link in the chain, it can be argued all the best practice taking place inside the data centre should be considered secondary to the careful evaluation and investment in stable, robust and truly diverse fibre links between locations.
Putting this into real-life context in the outside world, networks are exposed day in day out to many risks, both environmental, such as frost, fire and flood, and man-made. Fibres can be prone to accidental damage not mention vandalism which put matters beyond your control.
Therefore, to mitigate failure outside the data centre fortress it is essential to thoroughly evaluate which fibre routes and providers to use. These are complex to ‘unravel’ and external guidance may be advisable.
For optimised reliability, always connect via two or more independent fibre links, sourced from different carriers, with different physical routing. This tried and tested system optimises uptime and performance, giving the ability to transparently route traffic to the best path in real time.
Careful consideration must also be given to which network is right for your type of business based on the applications and systems you are expecting to run over it. Pick the wrong one for the job and at best you may be spending more than you need to while at worst you could be seriously compromising your business continuity.
4 Business Connectivity Options
Leased Lines can provide your business with guaranteed symmetrical connectivity to the Internet or to a data centre on a network. They are ideal if you have several offices or buildings spread across a local area; require guaranteed Internet bandwidth; need to transfer large quantities of data quickly and reliably for data backup and disaster recovery. There are a variety of speeds and options including copper or broadband backup and fully redundant lines.
Using a fixed connection provides you with bandwidth that’s all yours so you don’t have to worry about sharing capacity or slow internet at peak times. It is dedicated, always on and available to communicate securely and reliably with partners, employees and underlying systems.
MPLS Private Networking
Don’t’ worry too much about the ‘MPLS’ bit. It stands for Multiprotocol Label Switching but to all intents and purposes just think of it as a private network for securely connecting any number of your remote locations using a highly redundant network. This is useful when you have offices that need to communicate privately without fuss or special configuration. These can be data centres or other locations served by leased lines, xDSL or Fibre to the Cabinet (FTTC).
Data Centre Internet Access
Data Centre Internet access is the perfect choice for users who require consistent high performance and reliability all day every day. Suitable for all types of mission critical applications, including data replication, voice, video and web hosting, you will ideally connect to a network via two independent links, which provide diverse paths from each data centre.
Managed Firewall and VPN
A managed firewall option is available both for data centres and leased lines. This is ideal for customers requiring a high spec firewall with low capital outlay, hardware swap out and built in expertise to configure and manage the device.
5 The HNS Network
HNS is able to offer and advise customers on all of the network connectivity options discussed above and can specify the most appropriate for meeting individual requirements.
Central to this is our diverse, self-healing network spanning all of the colocation data centres in which we offer service. Strategic partnerships with selected physical line providers enable us to provide cost effective connectivity to anywhere in the UK. For optimised reliability, we always connect via two or more independent fibre links, sourced from different carriers, with different physical routing. This tried and tested system allows us to offer exceptional uptime and performance, giving us the ability to transparently route traffic to the best path in real time.
Furthermore, our diverse peering and transit at data centre locations in London, Manchester, Cardiff, Amsterdam and New York provide exceptional Internet performance and reliability as well as nationwide and truly global reach to customers.
By adding well-connected data centres on other continents HNS can bring essential applications and services closer to where users are actually located. This can be provided as a transparent geo-redundancy service, or as “wires only” to allow the customer to build their own solution. Bandwidths from 10Mbit/s to 10Gbit/s are available.
This is what we mean by ‘Local Knowledge, Global Reach’. But as they say, the proof of the pudding is always in the eating. Suffice to say our network services are re-sold by an increasing number of voice and video over IP providers who know that delivering their services over our infrastructure ensures end users enjoy quality services 24×7.
6 Geo diverse infrastructure management
As discussed in this paper it is increasingly accepted best practice to duplicate data and all critical components by using dual data centres often hundreds of miles apart. However, complications can arise and this is most apparent when separating the data, power feeds, networking equipment and servers deployed at each location.
By providing users with clear holistic views, the HNS GeoCirrus platform addresses the significant leap in complexity and cost involved in geo diverse data centre infrastructure management. It also eliminates any potential additional points of failure which may leave data and applications vulnerable.
GeoCirrus clusters two or more rack enclosures in separate data centres and uses them as if they were one single environment. In the unlikely event a data centre should go offline, IP addresses are switched seamlessly between cluster members. On recovery traffic can be switched back automatically, or routed as required. This geographical intelligence is built in to GeoCirrus and requires no intervention from the customer.
Public IP addresses are presented to both locations simultaneously, with racks linked internally across HNS’ high speed backbone network. Sites can operate as active / passive or active / active. Internet traffic can be output at either site regardless of where it entered the cluster. GeoCirrus can also present private circuits, leased lines and even ADSL to multiple locations simultaneously.
To achieve resilient connectivity and highly available IT systems, the importance of selecting truly diverse and robust fibre links between locations should not be underestimated. Therefore, to mitigate failure outside the data centre fortress, be sure to thoroughly evaluate which fibre routes and providers to use. These are complex to unravel and external guidance may be advisable.
For further advice on your business connectivity requirements contact:
Hub Network Services
T: 0845 519 7605