Re: RAID 5 drive replacement schedule

---

• From: Adriel Desautels <adriel@xxxxxxxxxxxxx>
• Date: Tue, 24 Jun 2008 09:59:16 -0400

---

Murda,
It means that the king didn't have the proper controls in place.

Regards,
Adriel T. Desautels
Chief Technology Officer
Netragard, LLC.
Office : 617-934-0269
Mobile : 617-633-3821
http://www.linkedin.com/pub/1/118/a45

Join the Netragard, LLC. Linked In Group:
http://www.linkedin.com/e/gis/48683/0B98E1705142

---------------------------------------------------------------
Netragard, LLC - http://www.netragard.com - "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security

Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know : http://tinyurl.com/26pjsn


Murda Mcloud wrote:

Now the calculations done by Robin Harris@CNET may be up for conjecture
here;

http://blogs.zdnet.com/storage/?p=162

However, I found it to be thought provoking.

I know that this thread has become two threads in one but I'm glad I asked
the question and I'm glad I asked in the way I did because the ensuing
debate has been welcome on my part. Stimulates the little grey cells...
Thanks everyone.

-----Original Message-----
From: Rivest, Philippe [mailto:PRivest@xxxxxxxxxxxxx]
Sent: Saturday, June 21, 2008 4:11 AM
To: Adriel Desautels
Cc: Murda Mcloud; security-basics@xxxxxxxxxxxxxxxxx
Subject: RE: RAID 5 drive replacement schedule

I do think we are saying just about the same thing. But I may of not be
clear
so let me restate.

Raid 5 is an IT field & technologie, and adds to the security by making 1
failed drive NOT impact availability. That's all I meant. No decision or
security implication should be done before or after that (unless theres
an
incident). No security team should be implicated in the drive replacement
as
this is normal IT operation.

Raid 5 helps security in keeping the data accessible in the event of a
failed
drive.

Side note:
For my CAI is always security related and justified. Make it high or low
availability it is security and has to be justified.


Merci / Thanks
Philippe Rivest, CEH
Vérificateur interne en sécurité de l'information
Courriel: Privest@xxxxxxxxxxxxx
Téléphone: (514) 331-4417
www.transforce.ca


-----Message d'origine-----
De : Adriel Desautels [mailto:adriel@xxxxxxxxxxxxx]
Envoyé : 20 juin 2008 14:00
À : Rivest, Philippe
Cc : Murda Mcloud; security-basics@xxxxxxxxxxxxxxxxx
Objet : Re: RAID 5 drive replacement schedule

Philippe,
I disagree with you and I think that the definition of security
that
you provided is partial, but thats just my opinion. Availability is a
vague term that can, but does not always have a role in security.
Determining what the proper schedule is for a drive replacement policy
is something that can be done by IT without the security team. Deciding
how to dispose of the drives on the other hand is security.


Regards,
Adriel T. Desautels
Chief Technology Officer
Netragard, LLC.
Office : 617-934-0269
Mobile : 617-633-3821
http://www.linkedin.com/pub/1/118/a45

Join the Netragard, LLC. Linked In Group:
http://www.linkedin.com/e/gis/48683/0B98E1705142

---------------------------------------------------------------
Netragard, LLC - http://www.netragard.com - "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security

Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know : http://tinyurl.com/26pjsn


Rivest, Philippe wrote:

Adriel & Murda

It is a security issue the way you store your data. In regards to the

raid

technologies, raid 5 improves the availability of the data by making

sure

that a single drive failed will not impact the availability of the

data.

Remember that security is
1- Confidentiality
2- Availability
3- Integrity

The main goal of a Raid 5 is to help #2. You are referring to the

disposal
of

the HD which is the issue of confidentiality and that is not what Murda

was

aiming at. If it is, go for encryption, degaussing, destruction and

just

plain format (if the data is not confidential).

As I explained to him offline, the MTTF and MTBF is about the same for

2 HD

bought/constructed at about the same time. How ever, those are not

absolute

numbers that state that, if one drive fails the other one is about to

go
too.

It's more an estimated value against which you should have some
confidence/hope, your drive should not fail before X hours (it could go
before but the average is X).

In a raid 5, Drive A, B and C are online and working (they are the same

drive

bought at the same time). Drive A fails, you should NOT change drive B

& C

unless they are failing also. If you do, the cost of your raid 5 will

be

greater then what it should be (the replacing of the parts are going to

cost

a lot). Change drive A and hope drives B & C will last longer.


The only issue is that 2 drives fail at the same time, which is very
improbable. And if it does, you should be going for your back ups.


I do hope this clarified the questions and that I wasn't to unclear

with my

details!

Merci / Thanks
Philippe Rivest, CEH
Vérificateur interne en sécurité de l'information
Courriel: Privest@xxxxxxxxxxxxx
Téléphone: (514) 331-4417
www.transforce.ca


-----Message d'origine-----
De : listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]

De
la

part de Adriel Desautels
Envoyé : 20 juin 2008 11:27
À : Murda Mcloud
Cc : security-basics@xxxxxxxxxxxxxxxxx
Objet : Re: RAID 5 drive replacement schedule

Murda,
The real answer to your question is that it is very, very

improbable

that all of the drives in the array will fail at the same time. Most
drives are good for a certain period of years, after which point you

are

getting "extra time".

That is not a security issue though. That is an IT related issue.

The

security issue comes into play when you dispose of your drives. Do you
shred them, just throw them in the dumpster, how do you dispose of

them?

Regards,
Adriel T. Desautels
Chief Technology Officer
Netragard, LLC.
Office : 617-934-0269
Mobile : 617-633-3821
http://www.linkedin.com/pub/1/118/a45

Join the Netragard, LLC. Linked In Group:
http://www.linkedin.com/e/gis/48683/0B98E1705142

---------------------------------------------------------------
Netragard, LLC - http://www.netragard.com - "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security

Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know : http://tinyurl.com/26pjsn


Murda Mcloud wrote:

In my mind, this a security related question as it has to do with

ensuring

availability.

Does anyone have links towards any whitepapers etc that suggest

replacement

of disks in a RAID 5 array as part of a maintenance cycle?

If all the drives in an array are the same age and one fails; does

this

mean

the others are more likely to fail. I'd imagine so as they have had

the

same

amount of usage.

---

• Follow-Ups:
  • Re: RAID 5 drive replacement schedule
    • From: Mellow Marquis

• References:
  • Re: RAID 5 drive replacement schedule
    • From: Adriel Desautels
  • RE: RAID 5 drive replacement schedule
    • From: Rivest, Philippe
  • RE: RAID 5 drive replacement schedule
    • From: Murda Mcloud

• Prev by Date: Re: Deny access to copy files
• Next by Date: Re: Deny access to copy files
• Previous by thread: RE: RAID 5 drive replacement schedule
• Next by thread: Re: RAID 5 drive replacement schedule
• Index(es):
  • Date
  • Thread

---

Relevant Pages RE: RAID 5 drive replacement schedule ... Raid 5 is an IT field & technologie, and adds to the security by making 1 ... Raid 5 helps security in keeping the data accessible in the event of a failed ... availability it is security and has to be justified. ... The only issue is that 2 drives fail at the same time, ... (Security-Basics) Re: RAID 5 drive replacement schedule ... I checked the RAID array and found ... Raid 5 is an IT field & technologie, and adds to the security by making 1 ... failed drive NOT impact availability. ... Change drive A and hope drives B & C will last longer. ... (Security-Basics) RE: RAID 5 drive replacement schedule ... Raid 5 is an IT field & technologie, and adds to the security by making 1 ... No security team should be implicated in the drive replacement ... The only issue is that 2 drives fail at the same time, ... (Security-Basics) Re: RAID 5 drive replacement schedule ... the "security industry" need to define things clearly so that the boundaries are fully understood. ... Here is my interpretation of the availability topic, when you give the key to the users of the box you have ensured availability as it applies to security. ... Subject: RE: RAID 5 drive replacement schedule ... Change drive A and hope drives B & C will last longer. ... (Security-Basics) Re: RAID 5 drive replacement schedule ... "That is not a security issue though. ... Chief Technology Officer ... Netragard Whitepaper Downloads: ... drives on the other hand is security. ... (Security-Basics)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(12)