Availability is a key cybersecurity concept that is often neglected in official business programs. However, a compromise on availability will be quickly noticed and will soon start piling up problems for you as a business owner. While high availability methods may be an extra cost that can be tough to justify, they should still be considered, especially if your business relies on networks and systems for all of its major workflows.

Failover is the first main subcategory of high availability. In a failover approach, a critical piece of technology has an identical twin link that will take over from the main link if a disruption occurs. There are a few different approaches to failover; one approach involves keeping the backup resource offline, only turning it on when the main resource is confirmed to be offline. This requires a bit of downtime, since the failover resource needs to be manually turned on before it can accept traffic. Another approach to failover involves keeping the two resources synchronized, with the backup resource ready to kick in the moment the primary resource goes down. An even more stable failover approach involves having both resources synchronized and sharing traffic, with one link prepared to take the full brunt of the traffic if the other goes down.

There are several failover methods you could implement in your small business network architecture. If you use hard disk drives in your employee workstations, you could look into configuring a RAID 1 array using two disks. In RAID 1, two identical hard disk drives are installed in a workstation and configured to mirror data across the two of them. This produces two identical copies of the system so that if one disk crashes, the other can take over without data loss. RAID is not a perfect system however, but this approach could be worth implementing if your workplace involves heavy daily usage of individual workstations that hold large amounts of data. If you utilize file servers/NAS devices in your environment, you could also implement RAID on them to ensure high availability to files network wide. For organizations that don’t utilize cloud storage for their internal data, this approach is highly recommended.

On the networking side, network technology providers like Cisco implement special protocols to configure failovers between routers. Cisco’s Hot Standby Routing Protocol (HSRP) involves configuring two or more routers in a group that has a virtual IP assigned to it. This allows the two routers to appear as one default gateway when in reality, one router is in an Active Mode while the other is in Standby Mode. Thus, if the main router fails, the standby router will take over. However, many small businesses do not employ a full stack Cisco network, instead using a basic SOHO setup. In that case, failover benefits could still be achieved by configuring an additional router with appropriate settings so that if the main SOHO router malfunctions, someone on premises can disconnect it and plug in the pre-configured backup router. Since basic SOHO routers are on the cheaper side, I highly recommend this approach. Going even further, you might want to keep hot spares of other central network devices like switches, access points, and Ethernet cables.

In all likelihood, the chances of a piece of hardware spontaneously failing are low. The most common scenario that mandates failover is power outage. They are common in all areas of the world and can cause heavy inconvenience, not to mention potentially damaging hardware. This is why most enterprise networks implement Uninterruptable Power Supplies or UPSs. A UPS is a device that serves as a backup power supply for computer hardware using battery backups. During normal activity, devices use the main building power while the batteries sit on standby. As soon as a power outage occurs, the UPS kicks in and the devices use battery power to continue activity. Keep in mind that UPSs are limited in their uptime; they can only provide power for the batteries’ lifespan, which will vary depending on the quality of the UPS. 15 minutes to an hour can usually be expected. It is also important to keep in mind that UPSs can be quite pricey, so small businesses should prioritize implementing them for their core devices and systems rather than every last computer. Routers, switches, and key servers should be the main priorities. 

Probably the most advanced failover mechanism is using dual ISPs. When you set up your business, you likely purchased Internet access from a local ISP and connected your modem and router to the demarcation point, not thinking about much else. However, if your business environment performs close to 100% of its work digitally, it may be worth toying with the idea of purchasing a second ISP for failover. This method requires lots of planning and will likely be difficult to justify, which is why I recommend performing an exploratory analysis to get an idea of whether the cost of a second ISP justifies the benefits. In this approach, you pay for your primary ISP and subscribe to a secondary ISP that usually provides a slower or more basic connection. For example, you could have a high-speed fiber connection as your primary, and a basic DSL connection as the backup. Once the two ISPs are initialized, you can configure your router with failover between the two links.

The second main subcategory of high availability is Load Balancing. While failovers are concerned with providing backups to keep network operations intact, load balancing is concerned with performance and avoiding severe degradation of system resources. Let’s say that your business is a retail store with an e-commerce website for online shopping. During the holidays, your website is bombarded with traffic, and your local web server can’t handle the strain and crashes. Load balancing remedies this by combing multiple devices into a cluster and sharing traffic between them. The client sees them as one single server, when in reality they are multiple copies of the same server working together to provide the end service. Load Balancing is most common in regard to servers. Cloud service platforms have baked in load balancing functionality for their customers to use for their services. If you use a platform like Azure or AWS to host your company servers, you should look deeper into load balancing functionality that you could implement.  If you host your own on premises servers, you can still implement load balancing functionality as well. For example, Windows Server provides a built in Network Load Balancing (NLB) feature that allows you to cluster multiple instances of Windows Server for better performance.

Another great high availability feature provided by Windows Server is NIC Teaming. We are all used to the standard Ethernet network connection used by every system on a LAN. However, using NIC Teaming, you can install multiple Network Interface Cards (NICs) and configure them together as one logical network interface. In reality, the NICs will be load balancing traffic for better bandwidth. The NICs also server failover functionality, allowing one NIC to take on the traffic if the other one goes offline. Therefore, NIC Teaming serves the double purpose of load balancing and failover.

It is understandable if High Availability features are not cost justifiable for your small business budget. However, they should always be considered, and you should opt to implement redundancy wherever it is cheap. At the very least, I recommend that you keep hot spares of your router on hand, as well as several extra hard drives, network cables, and peripherals in order to provide some form of redundancy to your systems.

Example network design with High Availability mechanisms
External Links