Security Basics mailing list archives
RE: RAID 5 drive replacement schedule
From: "Murda Mcloud" <murdamcloud () bigpond com>
Date: Mon, 23 Jun 2008 08:22:42 +1000
Now the calculations done by Robin Harris@CNET may be up for conjecture here; http://blogs.zdnet.com/storage/?p=162 However, I found it to be thought provoking. I know that this thread has become two threads in one but I'm glad I asked the question and I'm glad I asked in the way I did because the ensuing debate has been welcome on my part. Stimulates the little grey cells... Thanks everyone.
-----Original Message----- From: Rivest, Philippe [mailto:PRivest () transforce ca] Sent: Saturday, June 21, 2008 4:11 AM To: Adriel Desautels Cc: Murda Mcloud; security-basics () securityfocus com Subject: RE: RAID 5 drive replacement schedule I do think we are saying just about the same thing. But I may of not be clear so let me restate. Raid 5 is an IT field & technologie, and adds to the security by making 1 failed drive NOT impact availability. That's all I meant. No decision or security implication should be done before or after that (unless theres an incident). No security team should be implicated in the drive replacement as this is normal IT operation. Raid 5 helps security in keeping the data accessible in the event of a failed drive. Side note: For my CAI is always security related and justified. Make it high or low availability it is security and has to be justified. Merci / Thanks Philippe Rivest, CEH Vérificateur interne en sécurité de l'information Courriel: Privest () transforce ca Téléphone: (514) 331-4417 www.transforce.ca -----Message d'origine----- De : Adriel Desautels [mailto:adriel () netragard com] Envoyé : 20 juin 2008 14:00 À : Rivest, Philippe Cc : Murda Mcloud; security-basics () securityfocus com Objet : Re: RAID 5 drive replacement schedule Philippe, I disagree with you and I think that the definition of security that you provided is partial, but thats just my opinion. Availability is a vague term that can, but does not always have a role in security. Determining what the proper schedule is for a drive replacement policy is something that can be done by IT without the security team. Deciding how to dispose of the drives on the other hand is security. Regards, Adriel T. Desautels Chief Technology Officer Netragard, LLC. Office : 617-934-0269 Mobile : 617-633-3821 http://www.linkedin.com/pub/1/118/a45 Join the Netragard, LLC. Linked In Group: http://www.linkedin.com/e/gis/48683/0B98E1705142 --------------------------------------------------------------- Netragard, LLC - http://www.netragard.com - "We make IT Safe" Penetration Testing, Vulnerability Assessments, Website Security Netragard Whitepaper Downloads: ------------------------------- Choosing the right provider : http://tinyurl.com/2ahk3j Three Things you must know : http://tinyurl.com/26pjsn Rivest, Philippe wrote:Adriel & Murda It is a security issue the way you store your data. In regards to theraidtechnologies, raid 5 improves the availability of the data by makingsurethat a single drive failed will not impact the availability of thedata.Remember that security is 1- Confidentiality 2- Availability 3- Integrity The main goal of a Raid 5 is to help #2. You are referring to thedisposal ofthe HD which is the issue of confidentiality and that is not what Murdawasaiming at. If it is, go for encryption, degaussing, destruction andjustplain format (if the data is not confidential). As I explained to him offline, the MTTF and MTBF is about the same for2 HDbought/constructed at about the same time. How ever, those are notabsolutenumbers that state that, if one drive fails the other one is about togo too.It's more an estimated value against which you should have some confidence/hope, your drive should not fail before X hours (it could go before but the average is X). In a raid 5, Drive A, B and C are online and working (they are the samedrivebought at the same time). Drive A fails, you should NOT change drive B& Cunless they are failing also. If you do, the cost of your raid 5 willbegreater then what it should be (the replacing of the parts are going tocosta lot). Change drive A and hope drives B & C will last longer. The only issue is that 2 drives fail at the same time, which is very improbable. And if it does, you should be going for your back ups. I do hope this clarified the questions and that I wasn't to unclearwith mydetails! Merci / Thanks Philippe Rivest, CEH Vérificateur interne en sécurité de l'information Courriel: Privest () transforce ca Téléphone: (514) 331-4417 www.transforce.ca -----Message d'origine----- De : listbounce () securityfocus com [mailto:listbounce () securityfocus com]De lapart de Adriel Desautels Envoyé : 20 juin 2008 11:27 À : Murda Mcloud Cc : security-basics () securityfocus com Objet : Re: RAID 5 drive replacement schedule Murda, The real answer to your question is that it is very, veryimprobablethat all of the drives in the array will fail at the same time. Most drives are good for a certain period of years, after which point youaregetting "extra time". That is not a security issue though. That is an IT related issue.Thesecurity issue comes into play when you dispose of your drives. Do you shred them, just throw them in the dumpster, how do you dispose ofthem?Regards, Adriel T. Desautels Chief Technology Officer Netragard, LLC. Office : 617-934-0269 Mobile : 617-633-3821 http://www.linkedin.com/pub/1/118/a45 Join the Netragard, LLC. Linked In Group: http://www.linkedin.com/e/gis/48683/0B98E1705142 --------------------------------------------------------------- Netragard, LLC - http://www.netragard.com - "We make IT Safe" Penetration Testing, Vulnerability Assessments, Website Security Netragard Whitepaper Downloads: ------------------------------- Choosing the right provider : http://tinyurl.com/2ahk3j Three Things you must know : http://tinyurl.com/26pjsn Murda Mcloud wrote:In my mind, this a security related question as it has to do withensuringavailability. Does anyone have links towards any whitepapers etc that suggestreplacementof disks in a RAID 5 array as part of a maintenance cycle? If all the drives in an array are the same age and one fails; doesthismeanthe others are more likely to fail. I'd imagine so as they have hadthesameamount of usage.
Current thread:
- Re: Was Re: RAID 5 drive replacement schedule - Now "Availability", (continued)
- Re: Was Re: RAID 5 drive replacement schedule - Now "Availability" Mike Hale (Jun 23)
- Re: Was Re: RAID 5 drive replacement schedule - Now "Availability" Adriel Desautels (Jun 23)
- Message not available
- Re: Was Re: RAID 5 drive replacement schedule - Now "Availability" Adriel Desautels (Jun 23)
- RE: Was Re: RAID 5 drive replacement schedule - Now "Availability" Nick Vaernhoej (Jun 23)
- RE: Was Re: RAID 5 drive replacement schedule - Now "Availability" Steve Fox (Jun 26)
- RE: RAID 5 drive replacement schedule Petter Bruland (Jun 20)
- RE: RAID 5 drive replacement schedule Murda Mcloud (Jun 23)
- RE: RAID 5 drive replacement schedule Burton Strauss (Jun 24)
- RE: RAID 5 drive replacement schedule Rivest, Philippe (Jun 20)
- Re: RAID 5 drive replacement schedule Adriel Desautels (Jun 20)
- RE: RAID 5 drive replacement schedule Murda Mcloud (Jun 23)
- Re: RAID 5 drive replacement schedule Adriel Desautels (Jun 24)
- Re: RAID 5 drive replacement schedule Mellow Marquis (Jun 25)
- RE: RAID 5 drive replacement schedule Rivest, Philippe (Jun 25)
- RE: RAID 5 drive replacement schedule Nick Vaernhoej (Jun 20)
- Re: RAID 5 drive replacement schedule Adriel Desautels (Jun 20)
- RE: RAID 5 drive replacement schedule Rivest, Philippe (Jun 25)
- RE: RAID 5 drive replacement schedule Nick Vaernhoej (Jun 25)
- RE: RAID 5 drive replacement schedule Rivest, Philippe (Jun 25)
- Re: RAID 5 drive replacement schedule Adriel Desautels (Jun 25)