Escape from Data Alcatraz 248
nihilist_1137 writes "Zdnet is reporting on a new information facility that is built to surive the worst.Triangular in shape, two of the sides house offices while the third, a large rectangular block if taken in isolation, contains two data centres, as well as the infrastructure to ensure that Web sites continue to function come fire, flood, natural catastrophy or foreign invasion."
Re:What for? (Score:3, Informative)
2 Connections to Telstra and 2 to Optus at different exchanges
"Hostworks Control Centre features over half a gigabit per second of connectivity. This is delivered via four high capacity divergent path links connected to Optus and Telstra.
As a matter of policy, Hostworks ensures that it always has four times the capacity of its peak traffic loads."
Re:Foreign Invasion? (Score:5, Informative)
Want to know how we caught one of the fuckers? Get some "Super Phosphorescent Pigments" [blacklite.com] make sure its NONTOXIC and coat thinly an item that has been stolen in the past and put it in a place where it is easily stolen with no video cameras. Install blacklight in a cubicle, wait till object is taken and invite people to come over and look at it with a blacklight poster. The thief is the one with the glowing hands.
Here's the weak link (Score:2, Informative)
US national labs rejected proximity cards years ago because they could be surreptitiously read out and cloned.
Re:Where are the pictures? (Score:2, Informative)
Pictures of Hostworks [hostworks.com.au]
Re:kind of makes you think... of ways to defeat it (Score:2, Informative)
Who says EMP bombs are fictional?
Winn Schwartau (sp?) covers this technology in medium depth in his book 'Information Warfare' (which is btw a VERY good book on Information terrorism and counter e.terrorism, as well as providing a good design for a closed cell architecture for terrorist oragnization. A MUST read in this day and age).
With a mediocre knowledge of Electrical Enigineering, one could pretty easily be constructed, or at the very least one could construct a powerful high energy radio frequency gun, with the proper power supply. It sounds like the facility is located in a fairly insdustrialized area, meaning that the power infrastructure to power it is probably already there to be hijacked.
There is always a way, and it doesn't always involve crashing a 767 into it *grin*.
Re:History (Score:1, Informative)
It was very difficult to get around. Germany had to attack and subdue an entire country (Belgium) before they could attack France. The Maginot Line was a stunning success. It kept Germany from directly attacking France.
Re:Foreign Invasion? (Score:3, Informative)
Using Missile Silos (Score:5, Informative)
Assuming you mean reusing old missle silos, it's a bad idea, for several reasons.
1.) The old silos were not designed to handle the electrical load that a datacenter requires.
2.) Missile silos are designed to protect against nuclear strike, but not much else. Foot soldiers would make short work of such facilities. Think heavier-than-air tear gas or burning jet fuel if you don't know why.
3.) Missile silos are generally full of asbestos and other nasty stuff that would be very costly to remove.
4.) Most missile silos have water leakage problems. This wasn't much of an issue when the only thing that got wet was the tail of the rocket booster, but computers are understandably less durable in such circumstances.
5.) Data connectivity was a non-concern then (they only needed a telephone, and then only until nuclear war began), so getting them wired would be prohibitive. Just about the only answer is satellite link, but that's not secure from destruction from the air.
6.) Missile silos were not siege-ready; that is, they didn't have weeks of supplies in case they were locked in. The assumption was that by the time they had a problem with supplies, the missile would have already launched.
Virg
Nothing compared to the Amadeus Data Processing Fa (Score:2, Informative)
My issue with the Hostworks facility is that it's designed to handle physical currency, not data. You can fit a hell of a lot more electronic currency in 1 square foot than you could ever fit physical currency.
The Amadeus Data Processing Facility (aka the ADP [no relation to the ADP you see on your paychecks]) in Erding Germany is the Fort Knox of data facilities. It's designed to not only protect the servers physically, but to also protect the transactions within the facility
Amadeus is the European equivalent of Sabre in the US. They have roughly a 90% market share of the European market, 10% of the US, and a lot of the rest of the world to boot.
Their facilities are oriented towards traditional transaction processing systems (Tandem/Himalaya machines) rather than "normal" servers. While there is overlap in methodology there are a *lot* of differences. For the most part, they manage all the machines.
This facility supports all of the Amadeus traffic (both queries and bookings for hotels, cruises, airlines, car rentals, even travel insurance.), as well as the data processing for a number of international airlines (British Airways is one), and supposedly several international banks as well.
The facility is oriented around (roughly triangular) firecells, of which there are 3 for machines. These are massively over built. They were originally designing for hundreds of mainframe style machines, and (literally) tons of copper cabling in each firecell.
Each primary walkway is secured at multiple points. You're escorted at all times by a guard who doesn't have the ability to open any doors. Doors can only be opened by a guard remotely. At every point a guard can verify what he's seeing on the camera by direct visual observation.
Cooling is completely isolated from electrical which is completely isolated from network cabling which is completely isolated from the machines. Machines are the at the center of the firecells with corridors for cooling, electrical, and other support systems surrounding it. Each of the corridors is physically secure from all of the others.
ADP has enough generator power to run the entire town of Erding in the event that Erding loses it's main power source(s). Rumor has it that this has happened on numerous occasions.
Geographically isolated in a "easily defensible location". (One of those comments that kinda sticks in your mind when you hear it)
If they don't know you're coming you are stopped by armed guards before you're in sight of the building.
There is a No-Fly zone around their facility. (How this is enforced I don't know...)
Every Tandem is actively mirrored by another in a seperate firecell on a seperate floor. If your Tandem in cell-1 floor-2 goes away, the mirror in cell-3 floor-1 keeps the transaction from being lost.
The list goes on and on. Someone out there in the /. universe has to have heard of this facility and can probably fill in or correct details, but the Hostworks facility is by no means truly unique.
Re:Foreign Invasion? Yeah, by USA (Score:2, Informative)
The 2100 Lb B43 is no longer in the US arsenal, having been replaced by the 2400 lb B83. Perhaps you have the weight confused with the 10,000 lb B41, which had a much higher yield.
Firstly, I can find no evidence of a M110 bomb existing, other than one-line entries in copy/pasted lists on free hosting sites.
Secondly, the only aircraft capable of lifting and dropping a 7.5 ton Daisy Cutter is a C-130 (a B-52H's bomb racks aren't built to hold anything that big). This is enough to make me doubt the existance of a 11 ton bomb, which would require aircraft specially modified to handle it.
On this point, you're quite right. Getting a 20 ton yield out of conventional explosives is going to require a big bomb.
Theres always something else (Score:1, Informative)
All data centres (whether private or commercial) have their weaknesses, and all are all-too prone to human error. Whenever I've lost service with a large colo, its been someone on their side cocking up routing tables, kicking out cables or mangling DNS.
I worked for a (UK) government department who used two (private) data centres - each could provide service for the other. They also had a third, which was never used, but was kept up to date and operational in case one of the others ceased operation. Each centre also had redundancies (duplicate of everything on hot standby - mainframes, servers, control desks, comms equipment). They had two power supplies, taken direct from different power stations, massive UPSs (two of course), a generator, all comms lines were duplicated. In fact about the only thing that didn't have redundancy was the kettle in the kitchen!
Two thing occurred whilst I was involved on one on these sites:
A power line failed, UPSs kicked in but with a spike/brown out which reset all equipment - including some which didn't come back up. The generator tried to start up - but due to rabbits living in it didn't get too far (neither did the rabbits after that).
During a particulary hot summer, the rooms got slightly too hot (not hot enough to destroy the equipment tho.) The halogen systems kicked in, destroying equipment near the halogen outlet and freezing half the wall off. Of course, this also triggered the emergency power cut-off in case it was an electical fire.
In both cases, the failover to the on-site redundancy didn't go too smoothly and a small army of engineers had to go on site to recover (including myself).
On top of all this, one of the site was built on a sloping bank which had subsidence, meaning that the whole building was slowly moving downhill, and tilting. Eventually, it will stretch all those carefully installed dually redunant comms and power cables.
In summary: theres no such thing as absolute guarantees. You can throw money and time at these things until the risk is reduced to an acceptable level or your arse is covered. *BUT* there is nothing better that an enforceable contract for loss of business and consequential damages with all your providers and a healthy does of insurance for any loss of provision.
If you do find an ISP/Colo that is willing to cover consequential damages, please tell the world, I for one would be very grateful!