Web Site and Email Hosting Business Resumption Contingency Plan

Similar documents
Blackboard Managed Hosting SM Disaster Recovery Planning Document

Everything You Need to Know About Network Failover

Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0

IT Disaster Recovery Plan Template

<Client Name> IT Disaster Recovery Plan Template. By Paul Kirvan, CISA, CISSP, FBCI, CBCP

Cisco Disaster Recovery: Best Practices White Paper

Offsite Disaster Recovery Plan

Customized Cloud Solution

The Difference Between Disaster Recovery and Business Continuance

Template Courtesy of: Cloudnition LLC 55 W. 22 nd St Suite 115 Lombard, IL (630)

Aljex Software, Inc. Business Continuity & Disaster Recovery Plan. Last Updated: June 16, 2009

The University of Iowa. Enterprise Information Technology Disaster Plan. Version 3.1

SAP hybris Commerce, cloud edition, Managed Services Description

Backup and Redundancy

MEDIAROOM. Products Hosting Infrastructure Documentation. Introduction. Hosting Facility Overview

[Insert Company Logo]

DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

APPENDIX 8 TO SCHEDULE 3.3

APPENDIX 7. ICT Disaster Recovery Plan

CounselorMax and ORS Managed Hosting RFP 15-NW-0016

DISASTER RECOVERY. Omniture Disaster Plan. June 2, 2008 Version 2.0

Pervasive PSQL Meets Critical Business Requirements

A SWOT ANALYSIS ON CISCO HIGH AVAILABILITY VIRTUALIZATION CLUSTERS DISASTER RECOVERY PLAN

How To Back Up A Virtual Machine

Business Continuity Plan

APPENDIX 7. ICT Disaster Recovery Plan

SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

Hosting Services VITA Contract VA AISN (Statewide contract available to any public entity in the Commonwealth)

Cloud Computing Disaster Recovery (DR)

Clovis Municipal School District Information Technology (IT) Disaster Recovery Plan

Interactive-Network Disaster Recovery

Disaster Recovery & Business Continuity Dell IT Executive Learning Series

Our Cloud Offers You a Brighter Future

OKHAHLAMBA LOCAL MUNICIPALITY

Recommended IP Telephony Architecture

DISASTER RECOVERY WITH AWS

Complete Managed Services. Proposal for managed services for the City of Tontitown

Created By: 2009 Windows Server Security Best Practices Committee. Revised By: 2014 Windows Server Security Best Practices Committee

Hosting Solutions Made Simple. Managed Services - Overview and Pricing

Security Features: Lettings & Property Management Software

Best Practices for Architecting Your Hosted Systems for 100% Application Availability

Cloud Computing. Chapter 10 Disaster Recovery and Business Continuity and the Cloud

Retention & Destruction

StratusLIVE for Fundraisers Cloud Operations

BUSINESS CONTINUITY PLAN OVERVIEW

Business Continuity & Recovery Plan Summary

Business Continuity Planning and Disaster Recovery Planning

OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

Ohio Supercomputer Center

SHARED WEB AND MAIL HOSTING SERVICE LEVEL AGREEMENT (SLA) 2010

MSP Service Matrix. Servers

Migration and Disaster Recovery Underground in the NEC / Iron Mountain National Data Center with the RackWare Management Module

DATA CENTRE DATA CENTRE MAY 2015

ITMF Disaster Recovery and Business Continuity Committee Report for the UGA IT Master Plan

A Link Load Balancing Solution for Multi-Homed Networks

Why Fails MessageOne Survey of Outages

Birkenhead Sixth Form College IT Disaster Recovery Plan

Why Should Companies Take a Closer Look at Business Continuity Planning?

VitalPBX. Hosted Voice That Works. For You

Technical Considerations in a Windows Server Environment

EMERGENCY PREPAREDNESS PLAN Business Continuity Plan

5054A: Designing a High Availability Messaging Solution Using Microsoft Exchange Server 2007

Total Business Continuity with Cyberoam High Availability

Secure, Scalable and Reliable Cloud Analytics from FusionOps

Disaster Recovery Disaster Recovery Planning for Business Continuity Session Name :

5 Easy Steps to Implementing Application Load Balancing for Non-Stop Availability and Higher Performance

A Network Design Primer

APPENDIX 8 TO SCHEDULE 3.3

UCS Level 2 Report Issued to

Itron Cloud Services Offering

Leveraging Virtualization for Disaster Recovery in Your Growing Business

Enterprise level security, the Huddle way.

Network & Information Services Network Service Level Commitment

Approved 12/14/11. FIREWALL POLICY INTERNAL USE ONLY Page 2

GlobalSCAPE DMZ Gateway, v1. User Guide

GiftWrap 4.0 Security FAQ

SENIOR SYSTEMS ANALYST

HA / DR Jargon Buster High Availability / Disaster Recovery

IT Assessment Report. Prepared by: Date: BRI Works East Main Street, Suite 200 Charlottesville VA

INSIDE. Preventing Data Loss. > Disaster Recovery Types and Categories. > Disaster Recovery Site Types. > Disaster Recovery Procedure Lists

BME CLEARING s Business Continuity Policy

Network Security Policy: Best Practices White Paper

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 13 Business Continuity

Community Anchor Institution Service Level Agreement

Designtech Cloud-SaaS Hosting and Delivery Policy, Version 1.0, Designtech Cloud-SaaS Hosting and Delivery Policy

Backup Strategies for Small Business

Redundancy for Corporate Broadband

Neverfail Solutions for VMware: Continuous Availability for Mission-Critical Applications throughout the Virtual Lifecycle

Assessment of natural hazards, man made hazards, technical and societal related risks and associated impact.

FORMULATING YOUR BUSINESS CONTINUITY PLAN

SaaS Service Level Agreement (SLA)

Transcription:

Web Site and Email Hosting Business Resumption Contingency Plan

Table of Contents SECTION I OVERVIEW... 1 Definition... 1 Goals of the Plan... 1 Scope of the Plan... 2 Overall Policies/Procedures... 2 SECTION II - ORGANIZATIONAL PLANNING... 3 Project Workgroup... 3 Timeline for Development and Implementation... 4 Risk Management Process and Reporting... 4 Integration of Existing Business Contingency Plans... 5 The Recovery Process... 5 Levels of Disasters... 6 Alternative Site Backup Processing... 6 Distribution of the Plan... 6 Maintenance of the Plan... 7 Testing of the Plan... 7 SECTION III BUSINESS RESUMPTION SCENARIOS... 8 Company Wide Scenarios: Web Site Hosting Service Fails... 8 Company Wide Scenarios: Building is destroyed or damaged... 10 Company Wide Scenarios: Utility Company Fails to Deliver Electricity... 11 SECTION IV KEY NAMES AND NUMBERS... 12 Section V NETWORK MAPS... 13 CBAI Mail Flow.... 13 Network Diagram.... 14 CBAI Virtual Servers... 15 CBAI Virtual Server Roles... 16 CBAI Chicago Traffic Flow and Lightower Fiber Networks'.... 17 Addendum A Redundancy Plan Process and Procedures... 18

(This page left blank intentionally)

Community Bankers Association of Illinois SECTION I OVERVIEW Management of Community Bankers Association of Illinois (CBAI), with the support of its Board of Directors, fully intends for all mission critical systems to remain at 99.9% functionality. We recognize that events could occur that are beyond management s control, which could affect system functionality. The contingency plan is designed to minimize the overall effects of any systems which become nonoperational. The project work group (defined later in this document) intends to continually update this document as new information is brought to management s attention. Definition This plan is designed to allow for continuous processing of the CBAI Web Site Programs with minimal disruptions to our bank s web sites. The plan will provide a mechanism to educate our employees on the potential effects of system failure and also provide them with appropriate guidance and tools to implement re-establishment in the event a system failure occurs. Per the Federal Financial Institutions Examination Council (FFIEC), the definition of a Business Resumption Contingency Plan (BRCP) is as follows: Contingency planning is the process of identifying critical information systems and business functions and developing plans to enable those systems and functions to be resumed in the event of a disruption. The process includes testing of the recovery plans to ensure they are effective. Goals of the Plan The goal of an effective Contingency Plan and recovery process is to facilitate and expedite the resumption of business after a disruption of vital information systems and operations. The principal objectives are to: Ensure timely resumption of operations. Minimize disruptions of service to member institutions web sites and their customers. Limit losses to financial institutions web site content. (DOES NOT INCLUDE INTERNET BANKING CONTENT THIS WOULD BE THE RESPONSIBILITY OF THE BANK S INTERNET BANKING PROVIDER.) CBAI will accomplish these objectives by implementing the following: Overall responsibility of the contingency plan is assigned to Operations Management. Operations Management will be assigned specific areas to monitor. The plan will be reviewed at least annually and be revised as significant or major changes are implemented. Page 1

Scope of the Plan Community Bankers Association of Illinois The focus of this plan is also to provide continuous processing in the event of a system failure or other disaster. Definition: For purposes of this plan, a failure is defined as a system or service being incapacitated to such an extent that it is effectively rendered non-operational for an extended period of time. Overall Policies/Procedures All CBAI employees must recognize that they serve the community banking profession that is important to our society. If computer problems exist or services are impaired, member inquiries and requests will be significant during the period of recovery. Therefore, no employees will be permitted to take vacation during a recovery time period. The President of CBAI must approve any exceptions to this policy. CBAI has security procedures in place which protect CBAI headquarters and hardware/software items necessary to conduct web site business. Even in the event of a power failure, for example, these security procedures are always in effect. These procedures provide a safe environment for CBAI staff to ensure prompt resumption of web site business in the event of a system failure. Page 2

Community Bankers Association of Illinois SECTION II - ORGANIZATIONAL PLANNING CBAI Operations Management is directly involved in the BRCP planning process and has the responsibility of overseeing the process to the Project Workgroup identified in paragraph A that follows. The Project Workgroup identifies the persons who are responsible for the areas identified below and will periodically update the CBAI Board, Technology Committee, and hosted financial institutions on the status of the contingency plan. The plan developed by Operations Management is subject to the Board of Directors approval and will be presented to the Board after each significant proposed update. The Board will also be informed on the results of testing the contingency plan. Ultimately, the Board of Directors and Operations Management are responsible for the overall process and are committed to make sufficient resources available to ensure the success of the business resumption contingency plan. Project Workgroup The project workgroup is responsible for developing and monitoring the business resumption contingency plan. CBAI Operations Management will also request others to participate on an as needed basis. The Workgroup consists of the following components: Members CBAI 1) Jenny Dial, CBAI Senior Vice President of Operations 2) Melissa Roberts, CBAI Operations Administrative Assistant (primary backup to Jenny Dial) 3) Mike Kelley, CBSC President 4) Bob Wingert, CBAI President Project Leader Public Relations Servers Client Servers Responsibilities 1) Troy Rodriguez, DBS Services President/Sr. Tech 2) Jason Keck, DBS VP of Hosting Operations/Sr. Tech 3) Jim Rodriguez, DBS Services COO Servers Client Servers Page 3

Community Bankers Association of Illinois Timeline for Development and Implementation The BRCP will be reviewed and revised periodically. The BRCP will be presented to the Board of Directors at least annually for reaffirmation. Risk Management Process and Reporting Each core business process will have its own minimum acceptable level of service. However, SQL, and Web Hosting software must function at 99.9% to meet customer needs as well as those of CBAI. Some mission critical systems are more critical than others and demand a more rapid response in case of failure. The on-line services are most critical and will require a contingency plan that can be implemented within hours rather than days or weeks. This section of the BRCP focuses on assessing the potential impact of the mission-critical system failures on the core web site business processes. CBAI has assessed which processes are critical in day-to-day web site operations. The results of this analysis provided the basis for the BRCP. Efforts will be focused on the core web site hosting business processes that, should they be compromised, create the greatest risk to the institutions. The core web site business processes will continually be re-evaluated to determine priority and importance of each identified item. Operations Management will review the core processes periodically. Any changes in the plan will be approved at the operations management level and then submitted to the Technology Committee for action. The status and progress of the contingency plan will be included in the periodic report to the Board of Directors. The BRCP for each core business process will include one or more of the following methods of repair. Quick fix Desktop, servers, etc., that fail can quickly be replaced with new equipment from DBS Services or local vendors. Failover (Offsite hot-spare services) Servers will be required to failover in the event of a single server failure. If a p hy sical server fails to respond for 1 hour, Secondary servers will assume the role of the source servers. (Refer to Addendum A Redundancy Plan Process and Procedures.) CBAI has inventoried web site business processes and designated each process as core vs. non-core. The processes were assigned to the lists taking into consideration the following: Business Risk priorities Regulatory Impact Page 4

Community Bankers Association of Illinois Integration of Existing Business Contingency Plans CBAI utilizes DBS Services (DBS) Disaster/Collocation Facilities for multiple production services. CBAI provides clustered name server resolution for all domains hosted with CBAI at DBS Disaster/Collocation Facilities. In the event the clustered name servers on the Primary DBS Servers fail, DNS resolution will seamlessly failover to Secondary DBS Servers. DBS provides offsite hosting of 8 production web servers (Windows and Linux) for CBAI. These servers keep real-time synchronization of the critical services hosted (Web, DNS, Email, SQL) with DBS s Backup Servers located at DBS s Disaster/Collocation Facility. The Recovery Process In the event of a failure, the recovery process will be initiated as follows: DBS Operations Management team will perform an initial assessment of the disruption. DBS Operations Management will be assigned to project workgroups. Group leaders are defined in the Project Workgroup section of this document. Each project work group will be responsible for a category as defined below: Vendor liaison. The team will be responsible for communicating with the responsible vendor to determine the recovery time and the steps necessary to return to on-line status. Decisions relating to costs and time required to return to on-line status will be communicated to other members of the management team. The following personnel are also authorized to initiate the BRCP: Troy Rodriguez, DBS CIO Jason Keck, DBS VP of Hosting Operations Jenny Dial, CBAI Senior Vice President of Operations Melissa Roberts, CBAI Operations Administrative Assistant The personnel implementing the plan will work with the Project Workgroup. The personnel will also notify any additional personnel needed to assist in: Notifying CBAI employees/customers that the Contingency Plan is in effect Assisting members of the Project Workgroup to notify respective key employees Page 5

Levels of Disasters Community Bankers Association of Illinois The main effort in any disaster or incident is to keep our banks web sites and email in operation. These procedures should be considered: 1. Emergency situations are categorized as: a. Natural Disaster flood, earthquake, tornado, storm b. Utility Emergency gas leak, water main break, phone outage, power outage c. Medical Emergency heart attack, stroke, poisoning, accident d. Violent Crimes company robbery, bomb threat, extortion, employee violence, assault e. Special Emergencies fire, civil unrest, national crisis, war, terrorist attack 2. Levels of disasters are categorized as: a. Hardware failure one component or small components of the CBAI s Collocated systems are in need of necessary maintenance, repairs, and/or malfunctioning. Expected downtime: none (all components are redundant) or less than 30 minutes b. Software failure One or more of CBAI s Collocated production services are down; for example, IIS, Apache, ColdFusion, and etc. software. Expected downtime: less than 30 minutes c. Network failure X software/hardware are down and CBAI Collocated production services are not available. Contingency plans will be implemented. Expected downtime: less than 1 hour Alternative Site Backup Processing CBAI has entered into an agreement with DBS Services, of Chatham, IL, to provide production equipment/facility/hosting. The agreement provides that, depending on the severity of the failure; DBS Services will either: Troubleshoot and repair the hardware/software problem at the Disaster/Collocation Facility, or Restore an image of all systems to an Alternative Collocation Facility Expected time frame: 4 8 hours Distribution of the Plan Copies of the plan will be distributed as follows: 1. One copy to each Technology Committee member. 2. A copy maintained with each Project Workgroup member, both CBAI, and DBS Services. Each copy will be maintained in a location that is accessible to authorized employees. The location will not be locked to ensure access at all times. 3. A copy will also be kept at the homes of each member of the Project Workgroup. Page 6

Community Bankers Association of Illinois As the contingency plan is revised, updates or new copies will be provided to the distribution list. Maintenance of the Plan The BRCP will be updated periodically. Any significant revisions will be forwarded to the Technology Committee for its approval. Consideration will also be given to issues and suggestions raised by regulatory authorities. This plan will be approved at a minimum on an annual basis. Testing of the Plan The BRCP is tested on a quarterly basis. Test results will be documented and logged. The Operations Management will review the test results, summarize and present them to the Board of Directors. Certain components of the plan may be tested more frequently, such as the backups for the network (tested weekly). The testing plan includes the following by significant system: Power Supply The primary web servers at DBS s Disaster/Collocation Facility is equipped with two power feeds from the local power company on separate grids. If both power company feeds fail, an Uninterrupted Power Supply (UPS) will keep the system powered until generators resumes power distribution. Web Site Services/Hardware Where practical all hardware/software is duplicated (redundant). Hardware is also covered by manufacturer s warranty and maintenance contracts, where applicable. In addition, DBS Disaster/Collocation Facility practices a daily software backup routine that is kept for one day, one week and one month for all servers. Hardware/software sufficient to provide Web Services is kept on standby at DBS and will go into production in the event of a catastrophic hardware/software failure at the Disaster/Collocation Facility. Page 7

Community Bankers Association of Illinois SECTION III BUSINESS RESUMPTION SCENARIOS Contingency Plan and Implementation Company Wide Scenarios: Web Site Hosting Service Fails (Note: Scenario considers the telecommunication links, hardware, file servers, software, etc.) Trigger Date: Immediately Responsible Party: DBS Services, CBAI Senior Vice President of Operations Methodology: The CBAI Web Hosting System is accessed through redundant Firewalls located at the DBS Collocation Facility. This plan and methodology will be implemented only if the CBAI Web Hosting System and associated redundant systems fail at DBS s Collocation Facility. In the unlikely event the CBAI Web Hosting System fails at DBS s Collocation Facility, DBS will perform a series of diagnostic checks in order to establish the nature of the failure and attempt to immediately bring redundant systems online. DBS will then inform the CBAI Senior Vice President of Operations of the critical nature of the failure. If it is determined the Primary system cannot be brought back online within its relative time frame, DBS Services and CBAI will fail-over the CBAI Web Hosting System to the Redundant Systems in place. After the Redundant System is in production DBS personnel, in conjunction with any necessary vendors, will continue to troubleshoot and repair any problems with the Primary System. When the Primary Facility is repaired and tested DBS and CBAI will schedule a time after hours to failback CBAI s Web Hosting System to DBS s Primary Collocation Facility. Implementation of the contingency plan is immediate. (Refer to Addendum A Redundancy Plan Process and Procedures.) DBS Collocation Facility uses redundant Cisco routers, redundant SonicWALL firewalls and multiple bandwidth feeds from various backbone providers. Additionally, this Collocation Facility is equipped with multiple power feeds, battery backups and onsite generators to insure 99.9% uptime. Data in the Collocation Facility is also protected against individual disk failure by an EqualLogic SAN Array using a proprietary RAID and daily system snapshots. In addition regular backups are performed daily, weekly and monthly. Page 8

Community Bankers Association of Illinois Hardware Servers and/or other redundant hardware are protected by manufacturer s warranties and can be easily replaced. If a critical hardware fails, backup hardware will be used until hardware can be provided. Software DBS Services maintains all software necessary to provide CBAI s Web Hosting Services, including but not limited to, periodic security updates and security configurations. DBS also provide current and active Antivirus/Spyware protection. CBAI and DBS Services use a third party vendor to conduct quarterly (or as deemed necessary) intrusion, penetration, and vulnerability testing on CBAI s web servers. CBAI and DBS also monitor CBAI s public and private networks. In the event of a disaster, CBAI maintains a relationship with a network support company for software replacement. Other Network Components Hubs, wiring and routers are easily replaced. DBS maintains spare parts in the event replacement is needed. Validation/Training: Backups are tested weekly. Page 9

Community Bankers Association of Illinois Company Wide Scenarios: Building is destroyed or damaged (NOTE: The goal here is to document what CBAI will do to function during the recovery time.) Trigger Date: Immediate Responsible Party: CBAI Senior Vice President of Operations Methodology: This scenario addresses how CBAI will operate in the event one of the facilities incurs damage, whether due to natural disaster, terrorism, or other damage. The Project management team will meet immediately to discuss the impact of the damage and determine if the facility can remain open. DBS Collocation Facility If the Collocation Facility is destroyed or damaged DBS Services will initiate a full system restore onto similar/dissimilar hardware virtualized in a standby facility. If the Primary Facility cannot be repaired in a reasonable time frame DBS Services will locate a new Primary Facility and rebuild the system as quickly as possible. (See Section II Organizational Planning G. Alternative Site Backup Processing.) Validation/Testing: Emergency procedures will be reviewed quarterly. Page 10

Community Bankers Association of Illinois Company Wide Scenarios: Utility Company Fails to Deliver Electricity Trigger Date: Immediate Responsible Party: CBAI Senior Vice President of Operations Methodology: DBS will notify CBAI Senior Vice President of Operations of power outage if all grids are down to run the web server and significant systems during the power outage; The DBS Collocation Facility is equipped with two major power grids in the downtown Chicago loop area, with uninterrupted power supply and generators. In addition, if there is a power failure and both power grid connections are down, the battery systems are depleted and the generator has failed, the Project Workgroup personnel will initiate the BRCP. (Also see Section II Organizational Planning G. Alternative Site Backup Processing.) This resource would be used predominately to run the web servers and other significant systems during the power outage. Validation/Testing: Emergency procedures will be reviewed semi-annually. Page 11

Community Bankers Association of Illinois SECTION IV KEY NAMES AND NUMBERS Jenny Dial, CBAI Senior Vice President of Operations Community Bankers Association of Illinois 901 Community Drive Springfield, IL 62703 217.529.2265 217.553.7590 (24 hours) jennyd@cbai.com Melissa Roberts, CBAI Oper Administrative Asst (primary backup to Jenny Dial) Community Bankers Association of Illinois 901 Community Drive Springfield, IL 62703 217.529.2265 217.306.7938 (24 hours) melissa@cbai.com DBS Services Contacts Troy Rodriguez, DBS President and Senior Engineer DBS Services 314 N Main Plaza Chatham, IL 62629 217.697.8590 (24 hours) troy@dbshosting.com Jason Keck, DBS VP of Hosting Operations DBS Services 314 N Main Plaza Chatham, IL 62629 217.697.8590 (24 hours) jason@dbshosting.com Jim Rodriguez, DBS COO DBS Services 314 N Main Plaza Chatham, IL 62629 217.697.8590 (24 hours) jim@dbshosting.com CBAI - (BRCP 12012005) Revised 12/15/2005 Revised 12/21/2006 Revised 03/02/2007 Revised 06/15/2007 Revised 06/20/2008 Revised 10/31/2008 Revised 05/25/2011 Revised 04/26/2013 Revised 01/01/2014 Revised 06/01/2015 Page 12

Send Mail Community Bankers Association of Illinois CBAI Mail Flow DBS Services CBAI Chicago Traffic Flow CBAI Webmail Users Check Mail SPAM/Virus Filter Inbound VMware vsphere Cluster SPAM/Virus Filter Outbound Internet Mail Servers CBAI Mail Users Check Mail SPAM/Virus Page 13

DBS Network Diagram for CBAI Hosted Clients Fiber Router Firewall DMZ Switches 50/50MB Internet vsphere Host vsphere Host vsphere Host SAN Switch SAN Switch Equallogic SAN Array Page 14

CBAI Virtual Servers Distributed on DBS vsphere Hosts All VPS Servers are distributed across the vsphere Host cluster and on the SAN array. All VPS hosts are snapshotted on a 4 hour time frame and backed up on a daily, weekly, monthly schedule. Bandwidth and power are on redundant grids in the Chicago Loop. cpanel VPS T8.cbai.com 76.8.85.28 cpanel VPS SSL.cbai.com 76.8.85.29 cpanel VPS L1.cbai.com 76.8.85.30 cpanel VPS L2.cbai.com 76.8.85.31 Windows VPS W1.cbai.com 76.8.85.33 cpanel VPS S1.cbai.com 76.8.85.32 cpanel VPS DNS Only DNS1.cbai.com 76.8.85.15 cpanel VPS DNS Only DNS2.cbai.com 76.8.85.26 cpanel VPS DNS Only DNS3.cbai.com 76.8.85.27 Page 16

CBAI VPS Server Roles Vmware vsphere Cluster CBAI VPS Servers S1.cbai.com W1.cbai.com T8.cbai.com SSL.cbai.com L1.cbai.com L2.cbai.com DNS1.cbai.com DNS2.cbai.com DNS3.cbai.com The S1 server is a Hardened cpanel VPS server that is setup for Standard Web Hosting as provided by CBAI. This is to distribute the load of all websites using different versions of software on a single server. This has encapsulation so no single host can affect other hosts on the same server. The W1 server is a Windows VPS server that is specifically tailored for running Windows designed websites. This server has been hardened for the Windows platform and is used to host Windows websites. The T8 server is a cpanel VPS server that is specifically tailored for running T8 designed websites. This server has been setup under the specific requirements DBS has gathered directly from T8. The SSL server is a cpanel VPS server that is specifically for all hosted SSL websites that are not also T8 websites. This server has been setup and hardened to handle specifically SSL websites only. The servers L1 & L2 are cpanel VPS servers that are setup for Standard Web Hosting as provided by CBAI. This is to distribute the load of non-ssl websites across multiple VPS servers allowing maximum usage of vsphere cluster hardware. The DNS1, DNS2 & DNS3 servers will be the Primary DNS servers for all domains hosted with CBAI. When a new domain is added to CBAI s hosting platform DNS entries will be added to these servers automatically from the cpanel hosting servers. During normal DNS operation this server will answer ALL DNS requests to CBAI hosted domains for resolution. Page 17

Check Mail CBAI Chicago Traffic Flow CBAI Mail Users C h e c k M a i l S e n d m a i l Internet Mail Servers Barracuda Firewall Vx Inbound T8, SSL, L1, L2, S1, W1 Servers Barracuda Firewall Vx Outbound Internet Mail Servers CBAI Webmail Users Page 18

Lightower Fiber Networks' ("Lightower") Lightower and Sidera have merged to form a new, best-in-class fiber operator delivering high-performance networks for the most demanding applications. (Eff. 4/11/2013) Lightower specializes in delivering high-performance, low-latency networks to serve the mission-critical applications of our large enterprise, carrier, and data center customers with a focus on how customers connect to cloud services and access or distribute content. Our Xtreme Ultra-Low Latency Network connects all of the major financial exchanges and data centers together to serve the needs of the financial services market and any other verticals with applications that demand high-performance. As proof, Lightower carries trillions of dollars of trades per day, more than any other provider. The company also focuses on diversely connecting to every data center within its footprint to provide customers with access to cloud services, back up and recovery, content distribution, and carrier interconnection.

Community Bankers Association of Illinois Addendum A Redundancy Plan Process and Procedures For redundancy to work correctly DNS1.CBAI.COM, DNS2.CBAI.COM, and DNS3.CBAI.COM must be set as the DNS servers for the site(s) at the registrar level. In the case of a facility disaster all servers will be reimaged from the DBS Facility to an Alternate Facility and return to normal operation. By using CBAI DNS Servers the customer will eliminate the need for bank IT staffs to become involved during the process. Redundancy of the Web Hosting servers is facilitated by DBS Services using custom scripts and VMware failover software for virtualized hosting environments. Servers at the DBS Secondary Facility are set in a manual startup mode and are configured to come online and be placed in production only in the event a failover condition exists. This process must be initiated by DBS Technical Staff. Lightower has bandwidth utilization reports on all backbone links and ISP connections. If a DDOS attack is suspected by either a link going above a set threshold, a customer report, an alarm, etc then Lightower looks at Netflow data to determine the destination of the DDOS attack. Once the IP address(es) has been identified, then a null route is placed on the ISP routers connecting to Lightower s transit providers. This step usually mitigates most issues. After the null route is in place Lightower contacts the upstream providers requesting they block traffic to the IP address(es) in question, which occurs at the ingress to their network. This will mitigate any bandwidth overloads on the ISP transit connections. Currently the IP Planning team is going through some additional DDOS mitigation efforts to increase the speed of this process and potentially be more proactive in the identification of an attack. (Addendum A Redundancy Plan Process and Procedures 09/01/2005) Revised 08/15/2006 Revised 06/15/2007 Revised 07/07/2008 Revised 12/02/2008 Revised 02/01/2011 Revised 05/25/2011 Revised 04/26/2013 Revised 01/01/2014 Revised 04/01/2014 Revised 06/01/2015 Page 1

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information