Physical Security Primer (Part 2)

If you missed the first article in this series please go read Windows 2000 and 2003 Server Physical/Logical Security Primer (Part 1).

Power is essential to running computer systems. Without electrical power, there would be no 1s and 0s. Therefore, as administrators, we need to assess our physical security when it comes to unfavorable environmental conditions which inevitably lead to ‘power failures’. Power failures can not only put your company out of business if you don’t have a back up source of power, but even worse, if you don’t have conditioners on your line, you will ‘ruin’ your equipment. Power supplies, when taking a massive surge, usually don’t fare too well afterwards.


“For a complete guide to security, check out ‘Security+ Study Guide and DVD Training System’ from Amazon.com

Physical Security Primer (Part 2)

In Part 1, we entered the mind of the villain. We covered ‘very generally’ what you should be looking at a very high level. In part 2, we look at other things you can do to implement physical security to better defend against attack. For one, you can consider backup power.

Backup Power Systems

There are several types of power backup capabilities and choosing the right one should be done after the total cost of anticipated downtime and its effects are calculated.

  • You have to assume you will have a power outage at some point. If so, assess how you would recover from it. A UPS (Uninterruptible Power Source/Supply is a battery powered backup system for an AC line supply like that commonly used with personal computers) may not be enough to sustain long term operations. Then you would need a generator. 
  • Amazingly enough, deriving the total cost per hour for backup power is nothing more than dividing the annual expenditures by the annual standard hours of use.

  • There are large and small issues that can cause power failure or fluctuations so don’t think it’s all major power blackouts that create a problem. A small power surge from ESD (Electrostatic Discharge) would be enough to damage a computer motherboard rendering it useless.
  • A low cost non-expensive mechanism to generate power in time of need is to have generators in place. An example can be seen here:

  • I mentioned generators earlier, they are a great source of backup power that can be kept running longer than UPS power. UPS power is very short term, its only really meant to give your Servers time to log users out and shut down properly so the operating system doesn’t crash and data get corrupted or lost. UPS systems are glorified line conditioners to keep the hardware from getting damaged from power surges and in time of power failure, UPS power is used to get the server shut down quickly and properly. A generator is used for the ongoing period – full power should be restored to all your systems.
  • Some generators have sensors to detect power failure and will start automatically which is a huge plus for off hour’s power failures.
  • Thresholds can be calibrated to best serve an environment, depending on the type and size of the generator; it might provide power for minutes or days.
  • Now that we have discussed the differences between UPS systems and Generators, let’s wrap this up with some considerations for both.
  • Generators are used for long term, you should consider having one onsite so that if you sustain a long term power hit, you can run gas tanks back and forth to the generator, but at least your systems will have power.
  • Issues to consider with UPS systems

    • Size of load UPS can support. The battery can only support so much ‘pull’ from the devices plugged into it. Most UPS systems come with indicator lights (and buzzers) that let you know when you are exceeding the UPS’s power capacity.
    • How long it can support the load, which is all the plugged in devices requesting its power (the battery duration needs to be considered for purchase)
    • Even UPS’s fail so for complete redundancy, they sell UPS Transfer switches that also make the UPS redundant, I highly recommend those too.
    • You want your UPS to have a certain battery life before its tapped out. I suggest getting ones with long battery life. Sometimes you need to log users out of a server and shut down a million applications and processes, who knows – every second counts when there is a failure so give yourself as much of a chance as possible.
    • UPS’s naturally offer surge protection and line conditioning.
    • UPS’s also offer filtering of EMI and RFI filtering. This is Electromagnetic and Radio Interference filtering.
    • Consider using devices with high MTBF values. MTBF (Mean Time between Failures) is nothing more than the actual service life of the drive before it starts to fail from wear and tear.
    • Consider getting a device that will allow for automatic shutdown of systems when power is running out. This is ideal for when you don’t have anyone on staff off hours and your power goes out. The UPS can tell the server that it’s in trouble and then through a process of commands, shut itself down to avoid being damaged.

  • When the computer must keep running, or when it is convenient to allow a soft shutdown, some self-contained power supply units can save a lot of trouble – they will detect the eventual loss of power due to their battery exhaustion and shut down the computer in an orderly manner.
  • There are two main methods of protecting against power issues:

    • Uninterrupted power supply (UPS):

      • A UPS uses batteries that range in size and capacity
      • The UPS can either be standby or online
      • Online systems use AC line voltage to charge a bank of batteries.
      • When in use, the UPS has an inverter that changes the DC output from the batteries into the required AC form and regulates the voltage as it powers computer devices
      • Other than a UPS, a generator is also a form of a backup power source.

    • Power line conditioners: Power line conditioners are nothing more than a device that offers a steady flow of regulated power at an exact level. In other words, the UPS draws power from the source and stores it in an internal battery. Any devices plugged into the UPS will draw power until a failure, and then rely on the UPS battery give them power. IF they never fail (and even when they do), the UPS will give a ‘steady and conditioned’ flow of power to the requestors. This is line conditioning.

Problems with Power Current

Never thought there would be so many problems huh? Well, for a long time I personally worked in a manufacturing plant that was prone to them. Our location was in a place where the power just plain stunk. (It still does). Anyway, these things do happen and it’s important to consider when considering physical security. If you have no power, you have no business. If that’s not a disaster I don’t know what is!

Excessive Power

  • Spike: Momentary high voltage
  • Surge: Prolonged high voltage

Loss of Power

  • Fault: Momentary power out
  • Blackout: Prolonged loss of power

Degradation of Power

  • Sag: Momentary low voltage
  • Brownout: Prolonged power supply that is below normal voltage

Interference Issues:

  • Electromagnetic Interference (EMI): EMI can be created by the difference between three wires: (hot- neutral- ground). Lightning and electrical motors create EMI.

  • Radio Frequency Interference (RFI): Caused by fluorescent lighting, electric cables, components within electrical systems, radio signals. RFI is created by components of an electrical system. Fluorescent lighting usually cause RFI

Power Preventative Measures

  • Use a surge protector
  • Try to make sure a steady electrical current is maintained to any device
  • Use a Voltage regulator
  • Proper Earth grounding needs to take place
  • EMI should be avoided with shielding
  • RFI should be avoided with proper design (don’t run power lines over fluorescent lighting, etc)
  • Use three-prong connections with a ground plug, instead of the ungrounded two-prong plugs
  • Do not plug outlet strips and extension cords into each other

Summary

In this article we covered the basics of Physical Security and backup power. I hope you enjoyed this article, looking at physical security and getting a different perspective on disaster. More to come so stay tuned!

If you missed the first article in this series please go read Windows 2000 and 2003 Server Physical/Logical Security Primer (Part 1).






Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top