TASK – 1
The following list the three layers or tires in the hierarchal network model:
More Essay Examples on Computer Rubric
Core – the backbone layer providing (optimal) transport between sites.
Distribution – the layer providing policy – based connectivity
Access – The layer providing site/user access to the network.
These three layers – core, distribution and access – need not exist in a clear and distinct physical fashion - Computer networking introduction. These layers are defined to aid in network design, representing the network functionality that must exist. Each layer can exist in distinct and separate router or switch deployments, physical media, or they can be combined into a single device. For example, a Cisco catalyst 6000 series Switch can provide services for all three layers. The core layers is represented by the multilayer switch feature card (MSFC), providing WAN functionality. The distribution layer is represented by the Switch backplane, and the access layer is represented by each switch port.
The core layer is high-speed switching backbone designed and engineered to move packets through the network as quickly as possible. The core layer should not perform any manipulation of packets because the flow of packets would be slowed. An example of packet manipulation is access-tier filtering.
The access layer is present where the end users are connected to the network. Devices in this layer sometimes called building access switches should have the following capabilities:
Low cost per switch port
High port density
Scalable uplinks to higher layers
User access functions such as VLAN membership, traffic and protocol filtering and QoS.
Resiliency through multiple uplinks.
The distribution layer provides interconnection between the campus network’s access and core layer. Devices in this layer, sometimes called building distribution switches, should have the following capabilities:
High layer 3 throughput for packet handling.
Security and policy based connectivity functions through access lists or packet filters.
Scalable and resilient high-speed links to the core and access layers.
Example – Campus
Task – 2
Delivering unicast video/audio stream to multiple users who share the same network generates a load equal to the sum of each individual traffic stream; this can cause network congestion. Depending on the type of application, you can use three main techniques to minimize the use of bandwidth when delivering streams:
On-demand caching (Proxying)
The layer 4 protocol that typically is used to deliver multimedia streams is the User Datagram Protocol (UDP). UDP is suited than TCP for delay sensitive applications, such as multimedia streams, and it can be used with multicast.
Delivery of multimedia streams can be achieved on both TCP and UDP. Generally, UDP is considered to be more suited for delivering real-time traffic than TCP.
This is because real-time traffic is sensitive to delay, yet not so sensitive to packet loss. A missing frame in a video sequence is not necessarily noticeable – or if it is, it still is preferred to a long pause.
As a example, support that you are watching a live event such as the CEO speaking at your company meeting, and the network experiences some congestion. There are two possible outcomes for the network congestion.
Seeing some glitches in the video, which still continues with no stopping.
Seeing a stop while the client waits for the server to retransmit lost packets.
The first behaviour is achieved by using UDP as the transport protocol, while the second behaviour is typical of using TCP.
Normally, you would prefer the video to continue even with poorer quality rather than watching a black screen, especially considering the fact that some of the distortions in the images probably would go unnoticed by the viewer. Clearly the delay is more important than losing some packets for this type of applications.
TCP is reliable connection oriented protocol that delivers ordered byte streams. If a segment is lost, TCP ensures its delivery by using the retransmission algorithms. On the receiver side, out of order segments are not delivered to the application until the missing segment is retransmitted.
Also, TCP interprets packet loss as a sign of congestion in the network. Which requires the sender to slow down transmitting new segments? Two algorithms regulate retransmission and congestion control: standard retransmission, when no ACK is received for a segment and fast retransmission when the sender receives three duplicate ACKs.
It should be clear by now that losing s single packet (using TCP), whether it is a data packet or an ACK from the receiver, introduces delay and jitter, which translates into stopping and re-buffering on the client application. With UDP, you would notice degradation only in the quality of the images.
UDP provides unreliable, connectionless, unordered datagram delivery. The main advantage of UDP is that lost packets do not delay the delivery of subsequent data grams.
UDP is also more suitable for multi cast traffic than TCP is. TCP creates bidirectional connections, which involves interaction between the sender and the receiver. Of course this would overload the multicast server. Instead, UDP is connectionless and unidirectional in nature, which means that a single multicast server virtually can provide streaming for an arbitrary number of clients with no impact on the server performance.
Even if UDP typically is preferred to TCP because of these reasons. TCP has some advantages. Because TCP ensures the delivery of all packets, codecs that do not tolerate loss can be used. Another reason for using TCP is the presence of firewalls that typically block UDP traffic. A dejitter buffer on the client can alleviate the effect of delays introduced by TCP retransmissions. The dejitter buffer requires holding the first received records before playing them, which is also a delay. This delay needs to be compatible with the real-time requirements of the streaming event.
Compatibility with multicast
Delivery of ordered packets
TASK 3 –
With the aid of a diagram, detail the exchange which must take place between an arriving network client and a DHCP server, in order that the client may obtain a valid IP address.
List the FOUR major components of a router, detailing the operation of each.
Using appropriate diagrams compare the structure of an IPv6 datagram with that of IPV4. Detail TWO advantages of IPv6 over IPv4.
The current internet protocol, IP version 4 or shortly IPV4 was born to interconnect educational and government institutions in United States. Thus, the original IP protocol is naturally light and simple. Since the IPv4 based internet is widely used throughout the world, current status of IPv4 is beyond imagination of the initial motivation to create it.
An internet Protocol that provides TCP/IP datagram type delivery of messages. IPv4 the version of IP currently in use, designed in 1970, allowing ‘only’ for 4 billion network addresses isn’t enough for today’s demands. IPv6 promises significant benefits for users and allows greater flexibility for the introduction of new internet services e.g. mobile.
IPv6 uses 128 bit address vs. the 32-bit address rage of IPv4 allowing for 264 addresses. Microsoft made technical preview of IPv6 for windows 2000. Nortel, Nokia, Ericsson, Cisco and other IP and internet market leaders have already incorporated IPv6 into their forthcoming networking, mobile and wireless products to be delivered in 2000 and later.
DHCP allows administrator to control configuration parameters on their network.
Client using DHCP can be dynamically configured. This allows additions and changes to networks without the need to visit each individual host or workstation.
For fault tolerance, multiple DHCP servers can service one or more subnets.
The Wi-FI alliance is a non-profit international association formed in 1999. Its main goal is to certify the interoperability of wireless local area network (LAN) products based on the IEEE 802.11 specification. Wi-Fi stands for wireless fedility. The Wi-Fi Alliance has certified more than 1000 products with its Wi-Fi certification. This association came about due to the lack of well defined technical areas in the 802.11 standard; most of the wireless standards lack certain details. For example the 802.11 standard states that roaming will be supported, although it does not detail how a manufacturer should allow for roaming. This means that the Wi-Fi Alliance will only certify products to what is defined in the standard. The security mechanism called WEP only started as a 40-bit key in the original 802.11b standard. One sees that the key size of WEP was increased to 104 bits; this was done outside the IEEE standard. This means that for the Wi-Fi Alliance to certify a product, it only has to support a 40-bit key rather than the more often recommended 104 bit key. The Wi-Fi Alliance’s goal was to make sure that if a product is Wi-Fi certified that it would interoperate with other Wi-Fi certified products. The original name of the Wi-Fi Alliance was the Wireless Ethernet Compatibility Alliance (WECA).
Wi-fi Protected Access (WPA) has an interesting history in relation to how it became a standard. When the security of WEP was broken the industry turned to the IEEE to fix it. The IEEE said it would create the 802.11i wireless security standard. This standard dragged on and was very slow moving. As it took longer and longer to ratify, wireless device sales declined. This decline was due to the lack of a standard secure wireless networking method. With this all-so-needed standard lacking, the wireless manufacturers started to push the IEEE and other standard boards to ratify something so they could produce secure standard products. With the pushback of the 802.11i release date, the Wi-Fi Alliance decided that it would create a subset 802.11i standard called WPA. The Wi-Fi created WPA by leveraging what the 802.11i task group had already done and formalized it into WPA. This meant that any major changes to the 802.11i standard would influence future versions of WPA. This was seen with WPA and WPA2. Today, with 802.11i complete, the use of WPA has greatly decreased.
The WPA standard supports two methods of authentication and key management. The first one is EAP authentication with the 802.1x protocol and a back end authentication server. It leverages EAP for in-air authentication and RADIUS for back end authentication. This method is the more secure of the two and provides the lowest amount of end-client administration. The next available option is to use preshared keys. This option requires that a key be applied to the devices and the wireless access points. This also means that everything has the same password entered. To combat someone using this key to eavesdrop on others’ conversations. WPA uses a method that creates a unique session key for each device. This is done by having a preshared key called the group master key (GMK) that drives a pair transient key (PTK). How this works is explained in the section on 802.11i. this second solution was added to WPA for home and small office support. In a house or small office, one is unlikely to have an authentication server such as RADIUS. A PSK is a 256-bit number or a pass phrase that is 8 to 63 bytes long.
WPA does support TKIP and MIC for older devices. It will also perform AES, although the method is uses are a little different from the one defined in 802.11i. it has most of the features addressed in the 802.11i section. Some of these include the ability to negotiate a cipher suite or authentication method with robust security network (RSN) information elements.
One of the reasons why 802.11i was not ratified was because of certain requirements that were not well defined at the time. With the WPA standard using whatever the IEEE 802.11i task force had already completed, some changes were needed to be able create this interim standard. These changes les to a number of differences between the two standards.
The first big difference is that WPA supports TKIP by default. This is unlike 802.11i which supports AES CCMP; it does, however, support AES just not in the variation that 802.11i calls out. The final major item that differentiates WPA from 802.11i is the RSN IE. This is used to pass the supported cipher settings between the wireless access points and clients. In 802.11i this portion was not well defined so the WPA standard has to create some newer rules without having them affect anything that might be done to the RSN IE from the 802.11i task group. This was accomplished by creating a WPA IE and using difference values to distinguish by creating a WPA IE and using different values to distinguish them from one another. This helped so that once the RSN IE was well defined, it was not difficult to put it into WPA.
In the present day world, “Business Continuity Planning” is becoming more and more important. Today, we are faced with multiple internal as well as external threats, some of which are man- made and others are natural. e.g. earthquakes, fire wars, terrorists attacks, etc. Therefore, there is a need for making comprehensive arrangements for Business Continuity in the form of instituting physical security measures and backup arrangements so that operational sustainability of the institutions is ensured.
Organizations recognize the significance of this important subject particularly in the backdrop of its rapidly growing branch network and business volumes.
As such, management of the organizations undertakes all actions high priority to having adequate measure in place for dealing effectively with emergency situations. Accordingly, a Business Continuity Strategy & Plan has been developed which focuses on having clearly defined recovery procedures as well as preventive measures in place against various categories of potential threats that may create emergency situations.
Few of the possible contingencies can be:
Flood, storm and earthquakes. (Natural Threat).
Fire, explosions, bomb threats. (Human Threat).
Electricity failures, telephone network failures, hardware or software technical breakdown.
Such disasters can bring operations to a complete stand still; affect premises, hardware, data, information and people.
This area describes the scenarios mentioned above and lays down at length specific actions required to be taken in such situations. It answers potential questions that may arise in emergency situations; for example what to do, when to react, where to report and who is responsible for managing the crisis.
An alternate operating location to be used by business functions when the primary facilities are inaccessible. Another location, or work area designated for recovery. Location, other than the main facility, that can be used to conduct business functions. A location, other than the normal facility, used to process data and/or conduct critical business functions in the event of a disaster.
2.2 Business Continuity Plan (BCP)
Business continuity describes the processes and procedures an organization puts in place to ensure that essential functions can continue during and after a disaster. Business continuance planning seeks to prevent interruptions of mission critical services, and to re-establish full functioning as swiftly and smoothly as possible.
2.3 Crisis Management Team (CMT)
A crisis management team will consist of key executives as well as key role players (i.e. media representatives, legal counsel, facilities manager, BCP Coordinator, etc.) and the appropriate business managers of critical organizational functions (i.e. CMT divided into two Central Crisis Management Team (CCMT) and Regional Crisis Management Team (RCMT)
2.5 Contact List
A list of team members and/or key players based at each location to be contacted including their backups. The list includes the necessary contact information (i.e. home phone, mobile no. etc.).
2.6 Contingency Planning
The process of developing advance arrangements and procedures that enable an organization to respond to an event that could occur by chance or as a result of unforeseen circumstances.
A sudden unplanned disastrous event, causing great damage or loss. Any event that creates an inability on an Organization’s part to provide critical business functions for some period of time.
2.8 Disaster Recovery
Activities and programs designed to return the entity to an acceptable condition. The ability to respond to an interruption in services by implementing a disaster recovery plan to restore an organization’s critical business functions.
2.9 Disaster Recovery Teams
A structured group of individuals ready to take control of the recovery operations if disaster should occur.
A sudden, unexpected event requiring immediate action due to potential threat to health and safety, the environment, property, data, cash and valuable etc.
2.11 BCP Coordinator
BCP Coordinator is the person who will give/approve the order to invoke the plan in case of a disaster/emergency and will be the person to approve/order return to normal operations.
2.12 Fire Warden/Men
Fire Wardens/Men supervise the situation in case a Fire breaks out in the premises. Their primary responsibility is to ensure safety of employees, containment of fire and facilitating evacuation from the premises.
2.13 Human Threat
Possible disruption in operations resulting from human actions (i.e. disgruntled employee, terrorism, blackmail, job actions, riots, strikes etc.)
2.14 Incident Controllers
Incident Controllers are the first point of contact for reporting any unusual/disastrous situation.
The computer and communication hardware, software, databases, people, facilities and policies supporting the organization’s information management functions.
2.16 Natural threat
Events caused by nature that have the potential of adverse impacts on the organization.
2.17 Backup/Alternate Site Location
A Backup/alternate operating location to be used by business functions when the primary facilities are inaccessible.
Process of planning for and/or implementing operations to address less time-sensitive business operations immediately following an interruption or disaster.
2.19 Recovery period
The time period between a disaster and a return to normal functions, during which the disaster recovery plan is employed.
OBJECTIVES & SCOPE
Business Continuity Planning (BCP) is a process of forecasting events that can lead to interruptions in Business operations and developing action plan to prevent and combat such events. BCP also means the level of readiness in the face of any actual or potential danger, damage and disaster. BCP, being a risk based framework, is a proactive process and deals with operational risk by developing polices, strategies, and specific responsibilities for the recovery of critical business functions. The main purpose behind BCP is to keep the business up and running in the event of any unforeseen incident.
The driving forces that compel us to plan for continuity of the business under any circumstances are competition, customer expectations and potential business impact.
If an organization is hit by a disaster, whatever kind and degree it may be the competitors can look at it as an opportunity to gain an edge. If a disaster situation is not managed properly, the confidence of the customers can be shaken which can have adverse impact on our business unless properly defined Disaster Recovery Plans & Business Continuity Strategy is in place.
In today’s business environment, there has been tremendous increase in reliance on technology and information. If an unforeseen disaster occurs, increased reliance on technology and information can cause huge problems to an organization. Therefore the main purpose of this document is to take into account the level of the impact of disastrous incidents and put in place effective mechanisms towards minimizing business loss arising from such incident.
This Business Continuity Plan has been prepared to assist the organization to manage a disruptive crisis in a controlled and structured manner. It contains emergency contact details, strategies to mitigate impact, procedures to be implemented and communication processes to be followed in response to various disruptive events.
Objectives of Business Continuity Planning
To ensure Business continuity in the events of disaster/emergencies.
To ensure that bank’s image and reputation is not damaged.
To avoid/minimize revenue loss.
To maintain customer relationship/confidence even in the wake of emergency situation.
To disseminate information and bring about awareness of the importance of BCP and impart required training to staff.
To ensure that the BCP is a dynamic document and is updated with the changing business environment.
INFORMATION TECHNOLOGY SYSTEMS, HARDWARE & ALLIED EQUIPMENTS
In the present world Disaster Recovery Procedures (DRP) is gaining greater attention. In today’s fast and rapidly changing environment with more reliance on Information Technology, the financial institutions are exposed to various risks in pursuit of their business objectives, the nature and complexity of which has changed rapidly over time. HSBC to safeguard its customers’ image and ensure continuity of its business needs to evolve and have in place a workable DRP for its IT infrastructure to minimize, if not control, the effects of risks.
Types of Threats/Disasters
The type of threats/disasters which can be encountered by the bank’s IT Infrastructure, disrupting the normal IT computing facilities, can be classified as under:
Short Term Threats/Disasters
These are generally due to power, hardware and software failures, computer viruses, malicious hackers or simple operator errors. The results of these, which can cause temporary disruption to the computing operations, can be overcome in a short period of time.
Extended Term Threats/Disasters
These may be due to disasters like strikes, fire and malfunctioning of IT hardware and allied facilities. To over come from such disasters, some time may or may not be required, depending on the severity of damage done to the IT operational infrastructure. If these are for extended period of time, the backups should be place to over the disruption of computing facilities.
This may be due to a fire, storm, earthquake or any other natural calamity, making IT infrastructure totally inoperable. If this situation is faced, functional backup site, together with the required IT Infrastructure should be in place to ensure availability of continuous IT computing facilities.
Each of the above threats/disasters can have an adverse effect on the IT operations of the bank.
Depending on the severity of the threat/disaster, which can be for a short/extended period or total disaster, the IT computing facilities can become inoperative and can have serious impact on the business. To safe guard the continuity of IT computing facilities and overcome the threats of such situations, it is of vital importance that a DRP is in place at HSBC.
To overcome the effects of the above threats/disasters, our focus of attention is to:
Have in place an effective DRP to overcome the same.
Ensure and minimize the duration of a serious disruption to business operations.
Facilitate quick coordination of recovery tasks
Reduce the complexity of the recovery effort
The primary objective of having backup procedures in place is to enable the bank to survive/recover and continue its normal business with full or partial IT operations, whenever the IT infrastructure is faced with threats/disasters. In order to overcome the effects of these threats/disasters, effective backup procedures have been put in place which will help in restoring the IT computing facilities to:
Survive and resume normal banking operations which may be disrupted due to internal / external threats/disasters within a reasonable time frame.
Avoid lost productivity and idle employees.
Increase reputation for customer service.
Gain customer confidence and goodwill.
Disaster Recovery Procedures (DRP)
DRP for Software
Short Term Threats/Disasters
For any short term disruption of IT computing facilities which may take place due to failure of any software, the concerned IT Operations staff would take out the backup copy of the related software and load the same on the server for quick resumption of IT computing.
Extended Term Threat/Disasters
For extended term malfunctioning of the hardware, the software once the backup hardware has been provided or repaired by the vendor, the IT Operations staff would load the software of the effected hardware to resume early IT computing.
In case of a total disaster situation of any IT computing facilities at any location/premises of Karachi, all backup software’s would be retrieved from the off site location where it has been stored by the IT Operations staff. The IT staff would make arrangements to load the same on the hardware of the pre-determined backup site for early resumption of IT computing.
For a total disaster situation of any location/premises which may take place away from Karachi, the concerned IT Operation staff at Karachi would make arrangements to send all such software’s required for IT computing of the effected location/premises to the pre-designated backup site. The concerned IT Officer of the effected location/premises would load all software’s on the hardware available at the backup site for timely resumption of IT computing facilities.
DRP for Hardware
Short Term Threats/Disasters
In case any of the software in use is malfunctioning, the backup software would be loaded to overcome the problem. For short-term threats/disasters, the disruption of IT computing facilities due to malfunctioning of IT hardware and allied facilities would be for a short period of time (Short term is a relative term and is left to be decided by the concerned Business Head(s) for consequent restoration by the IT). The situation arising would not lead to serious consequences as the temporary disruption would be normalized in a short span of time and thus no DRP is required.
Extended Term Threats / Disasters
Malfunctioning of IT hardware and allied equipment, which would disrupt the computing facilities for an extended period of time, could have serious consequences on the banks business and IT operations. Locations where IT computing facilities could be affected by extended threats/disasters are as follows:
1. Head Office IT Department
2. Other Functions/Locations of Head Office
3. Consumer Finance Department
4. Regional/Hub Offices
5. Other Regional Retail Branches
If malfunctioning of critical hardware or allied facilities at any of the above locations is experienced and evaluated to continue for an extended period of time, the local IT Staff/IT Operator in conjunction with IT Operations Manager/Communication Manager at the Head Office would be responsible for ensuring that the same are operational at the earliest. List of responsible/designated persons is in place.
In case of malfunctioning of hardware like servers and PCs at any of above locations, the local IT Staff/IT Operator would immediately contact the local or nearest office and report the same. If the repair of the effected hardware would take long,
If the encryptor installed at the Head Office IT Department were malfunctioning, the Communication Manager/Communication Staff at the Head Office IT Department, Karachi, would shift to the backup encryptor installed. If the encryptor at any other location is malfunctioning, the Communication Manager / Communication Staff of Head Office IT Department will bypass the branch encryptor and reconfigure the encryptor software at Head Office to pass the data in clear mode.
In case of malfunctioning of E-mail server hardware at any of the above locations, the local IT Staff/IT Operator would immediately contact the local or nearest office and report the same. If the repair of the effected hardware is to take long, the concerned vendor will be asked to provide backup hardware as per our maintenance agreement with them.
In case of malfunctioning of Report Browser/Signature Verification System server at any of the above locations, the action to be taken by the affected location’s IT Staff/IT Operator would be:
If the repair of the server would take long, the software of Report Browser System as an interim measure would be configured and loaded on the exchange server before running the next end of day cycle. After the server has been repaired, the software will be reconfigured and loaded on the repaired server.
If the repair of the Signature Verification System server were going to take long, the concerned counter staff at the affected branch would be asked to refer to the specimen signature cards for verifying the customer’s signature till such time the server is repaired/reconfigured and restored with the software.
Firewall model PIX 515E is installed at the Head Office and model PIX 506E at the branches. If the firewall at the Head Office or at any of the branch goes down, the firewall will be bypassed and the server will be directly connected to Internet. This situation will prevail till such time the backup firewall is available from the vendor after repairs. In the meantime efforts would be made to get a backup firewall from the vendor, if this is arranged then the firewall will not be bypassed.
If other servers located in the Head Office IT Department for critical IT Operations like ATM/POS/IBR, GL Consolidation, Oracle Software, Privacy Manager and ATM Pin Authorization, the backup servers would be configured/data restored by IT Operations Manager/IT Staff and will be used.
For malfunctioning of critical SWIFT server located in the ATM/SWIFT room of the Head Office, the data will be restored on the backup server by SWIFT Manager/ SWIFT Operations Staff and will be used.
For successful implementation of extended term DRP for the above locations, details of hardware and allied facilities which could be affected have been earmarked with the names of persons responsible for making available the effected computing facilities without disrupting the banks business and operations for long.
In case of a total disaster situation of any of the above IT computing locations, concentrated and quick efforts would be made to switch over to the backup site. The concerned Branch Manager/Operations Manager of the effected branch in close liaison with the IT Operations Manger and concerned staff of IT Department to ensure that IT computing facilities are restored at the earliest. For this all the required software would be loaded on the configured hardware.
TELECOMMUNICATION NETWORK SYSTEMS
Network Communications on Wide Area Network (WAN)
Majority of HSBC branches are on WAN (i.e. operating as on-line branches). The network links of all branches on WAN terminates at the main hub, which is at the Main Branch located in the Head Office. Various topologies are used for connecting the branches on WAN, which are:
Narrow Band Radio
Spread Spectrum Radio
The network links of all on-line branches terminate at the respective main branch in these cities. The links from the main branch in the aforementioned cities, through Frame Relay circuit terminate at the main hub of the Main Branch. The network links of branches in other cities of the country terminate at the main hub at the Main Branch.
Backup procedures for all branches in case the primary link goes down have been laid down and the branches have accordingly been informed.
For network equipment installed at the branches for WAN connectivity, agreements with the vendors who have supplied the equipment are in place. In case of malfunctioning of the equipment for an extended period of time depending on the threats / disasters, backup equipment to be provided by vendor for continuous networking facilities at the effected location.
Disaster Recovery Procedures (DRP)
Short Term Threats / Disasters
If there is a break in IT networking link for a short period of time, the situation arising would not lead to serious consequences as the temporary disruption would be normalized in a short span of time and thus no DRP is required.
Extended Term Threats / Disasters
Malfunctioning or break in primary IT network link for an extended period of time could have serious consequences on the banks business and IT operations. Location at which primary IT networking link is down would switch over to the dial up backup link, which is in place. Dial up backup links have been tested and are in place at all on-line branches. Once the primary link has been established and functioning, the dial up backup link will be discontinued.
For a total disaster situation of the Head Office IT Department, IT Operations Manager together with the concerned IT and Network Service Provider staff would move to the backup site where the infrastructure is in place to restore IT computing facilities at the earliest.
In case of a total disaster of any IT location/premises, the networking link would not be affected. However, if the networking link were broken, arrangements for moving the IT computing of the effected location would be carried out by the concerned staff of the location and IT department. All out efforts would be made to shift the staff and IT computing equipment to the nearest location/premises. If networking link is broken it will be restored in close liaison with the concerned networking communication provider.
If any branch operation is effected by a total disaster situation, concerned branch staff together with IT and Network Service Provider staff will make arrangements to shift the pre-determined backup site for that branch to restore early resumption of IT computing facilities.
The following steps to be taken at the on-set of each type of disaster. They are generic in nature and will vary slightly depending on the intensity of the disaster;
F-1 Steps to be taken in case of a disaster situation
a. Initial Reporting
It is prudent to be cautious and prepared than to keep waiting for an eventuality. Situations that are under-estimated can get out of hand very easily and rapidly. Report of an incident may be initiated by a member of staff, or may come from a concerned member of public etc. In all cases the recipients of information about emergency situations are advised to inform the incident controllers (name of teams members designated by the management of the bank – “Annexure – B”) immediately.
Follow up all Incidents
Establish accurate facts prior to reporting.
Initiate local response.
Gather all original relevant documents (letter, envelope, samples such as photos) as well as copies made.
Ensure no other copies have been made.
Protect the original documents within individual clear plastic covers.
Make one copy of all documents, keeping the original documents in the plastic covers.
Establish and document who has touched the material.
Ensure those who have seen the letter about the need for confidentiality.
Keep the documents, and copies under lock and key.
The “Manager first notified” will generally be responsible for a department/branch/unit. Since he/she is the likely person to receive the initial report of an emergency, he will be responsible for informing the responsible persons while ensuring:
Ensure people in his/her department, who are likely recipients of (e.g. telephone operators, secretaries, porters, guards and mail room personnel) are aware of recipient procedures for
taking calls. They must know whom to contact in emergency, incident or unusual circumstances.
Maintaining this level of knowledge and review at least once per year.
Identification of an incident or potential incident situation.
Taking immediate actions.
F-2 Immediate action by the Manager first notified
The manager first notified should start to implement this list of immediate actions, until the disaster team takes on the responsibility.
Steps To Be Taken After Immediate Action
Assess the situation rapidly. Decide what actions, if any, must take place at once. If possible and if there is time, consult the High Level Management first for the following activities.
Assess whether there is IMMEDIATE danger to health or life of employees and other than interested parties.
Determine whether there are actions, which must be taken IMMEDIATELY in order to protect life and limb.
Determine whether there are any actions, which must be taken IMMEDIATELY to stabilize the incident and prevent deterioration of the situation.
Containment of the information
Establish who has knowledge of the purported incident both inside and outside the Bank.
Brief all staff with knowledge of the incident that Faysal Bank has a special plan for this type of event and that it is necessary to restrict this information.
Verify and confirm the following:
The precise details of the incident.
Actions taken or intended by third parties, especially government officials such as police, law enforcement authorities, fire brigade in order to safe guard employees and other third parties such as customers of Faysal Bank, including actions taken or intended to protect or distribute knowledge or distribute knowledge of the incident.
Computer Networking: A Top-Down Approach Featuring the Internet (3rd Edition) by James F. Kurose and Keith W. Ross (2004)
Networking All-in-One Desk Reference For Dummies by Doug Lowe (2005)
Computer Networking Complete Package (3rd Edition)with study companion by James F. Kurose and Keith W. Ross (2006)
An Engineering Approach to Computer Networking by Srinivasan Keshav (Hardcover – Jan 15, 1997)
Computer Networking Essentials by Debra Littlejohn Shinder (2001)
Computer Networking by Stanford H. Rowe (2004)
Microsoft Windows XP Networking Inside Out by Curt Simmons and James Causey ( 2002)
The Internet Book: Everything You Need to Know About Computer Networking and How the Internet Works (4th Edition) by Douglas E Comer (2006)