Monitoring Physical Threats in the Data Center

AKCPBlog, Environmental

Monitoring Physical Threats in the Data Center

Photo Credit: www.dpstele.com

Traditional techniques for monitoring physical threats in the data center are obsolete.  Devices like blade servers ratchet up cooling requirements. Also, policies like Sarbanes-Oxley become stricter on data security protocols.  The physical conditions in a data center need to be monitored more carefully. Standard protocols are in place for monitoring hardware. These devices are UPS systems, computer room air conditioners, and fire suppression systems.  Yet there is a school of thought in monitoring that is taken for granted. This document outlines the threats. It also proposes installing monitoring devices.  It suggests the most efficient techniques to lessen downtime.

Introduction

There are currently accepted strategies for monitoring data center environments. But they hark back from the days of centralized mainframes. They employ such methods as patrolling the area with thermometers. They also depend on the I.T. crew to gauge the atmosphere of a room. Advances in Server technology means a need for more power and cooling. That’s why monitoring physical threats in the data center must be done taken seriously.

Elevated power density and dynamic power fluctuations are the two basic contributors. These two can cause changes in monitoring techniques within data centers. Blade servers have markedly raised power densities which can also drastically alter the power and cooling characteristics of the existing atmosphere. Power management advances have strained the capacity of servers. Communication gear also alters power that draws heat disbursement relative to the computational load.

It is customary to have advanced monitoring and alerting in data center gear. Some examples are UPS, computer room air conditioners, and fire suppression systems. But a few factors of the physical atmosphere are sometimes taken for granted. Simply monitoring the gear no longer cuts it. Instead, the overall conditions must be surveyed comprehensively.  It must be monitored for threats and disruptions. Some of these threats are high server intake temperatures. Some are water leaks and unapproved human interactions with the data center. Carelessness by human employees can also be a contributing factor.

Independent network sites greatly emphasize the necessity for monitoring physical threats. This is because it is illogical and unsound to have humans physically present. They are not needed to gauge factors like temperature and humidity. With the advent of automated network outposts, IT should have optimal systems installed.  This allows them to be aware of the status of the environment.

With current technologies, monitoring systems can be programmed.  They should fit the data center’s environmental and security requirements. Each rack can be its own miniature “data center” with automated monitoring of its specifications. It must have its own monitoring approach that incorporates several data collection points.

What is Distributed Physical Threats?

These are called Distributed Physical Threats. They are of importance because they demand careful and specialized approaches to prevent physical threats from damaging the data center.

Datacenter threats can be grouped into two classifications. First are the threats presented by IT software and networking. These factors are called digital threats. Second, are those of physical support infrastructure called physical threats.

Digital Threats

Digital threats comprise hackers, viruses, and network bottlenecks. They cause both intended and unintended attacks on the security of information. Digital threats claim the spotlight in the press and other media. Most data centers have powerful and properly managed systems to protect them. These systems come in the form of firewalls and virus checkers.

Physical Threats

Physical threats to IT gear comprise of the following: 

  • power
  • cooling issues
  • human error or mischief
  • fire
  • leaks
  • air quality

These threats can usually be controlled by devices. These devices have internal capacities for power, cooling, and fire suppression. For instance, UPS systems check power quality, load, and battery health. PDUs track circuit loads. Cooling units oversee input and output temperature and filter status. Fire suppression systems keep an eye on smoke and heat. These systems follow the guidelines laid down by the building codes. This sort of monitoring usually adheres to well-articulated guidelines. They operate via software systems that accumulate, document, interpret and show the data. Threats handled in this manner do not require any specific expertise to be effective. But this method comes with conditions. They must have monitoring and interpretation systems that are properly machinated.

But there are other threats in data centers. Threats that do not provide the operator with incorporated monitoring solutions. These threats can be quite serious. For instance, the threat of lousy humidity can exist all over the site. So the quantity and positioning of humidity sensors is a key factor in handling this threat. These threats can present themselves in any given location in your data center. They can be in several places at once.  These locations are important to room layout and equipment arrangement. The disseminated physical threats discussed in this article are classified into these categories:

  • Air Quality threats to IT equipment
  • Liquid leaks
  • The human presence or unusual activity
  • Air quality threats to personnel or foreign airborne substances
  • Smoke and fire from data center hazards

Sensor Placement

Different kinds of sensors can be utilized to give off alarms. These alarms trigger when the threats above present themselves. The precise kind and quantity of sensors may differ based on budget. Threat risk and the financial toll of a malfunction are also factors.  There is a set number of sensors that will do perfectly for the site’s purposes.

countering physical threats

Photo credit: www.techerati.com

Aggregating Sensor Data

The sensor has now been chosen and positioned. What follows is the collation and interpretation of the information. This data is gathered by the sensors. Instead of transmitting all sensor information straight to a central hub, it is more preferred to have collection points. These points are scattered all over the data center. These should come with alert and notification features at every collection point. This method removes the single-point-of-failure danger. It also helps point-of-use monitoring physical threats of remote server rooms and telecom closets. The aggregators interact via the IP network using a central monitoring system.

Individual sensors do not commonly interact individually with the IP network. Rather, the aggregators read the sensor information and transmit alerts. These are sent to the central system and straight to the notification list. The dissimilated monitoring construction drastically lessens the number of network drops required. It also lowers the total system cost and management difficulty. Aggregators are usually placed in physical positions within the data center. They are also restricted to limited spaces to avoid wiring problems.

“Intelligent Action”

Sensors provide the raw information.  But just as essential is the understanding of this data. This data helps to execute alerting, notification and correction.  Datacenter monitoring grows more advanced. Sensors fill the data center with ïntelligent” assimilations of these volumes of information. The most productive and practical method of gathering and interpreting sensor data, and prompt suitable action is by utilizing aggregators. It is necessary to sift, associate, and assess data. This lets us pinpoint the most effective steps to be taken when out-of-bounds anomalies take place. Useful action involves alerting the correct personnel. It also involves using the proper approach, with accurate information. Action is triggered in one of three ways:

  • Warning of out-of-bounds scenarios that may endanger individual devices, racks, or the entire data center
  • Instantaneous action related to designated alerts and thresholds
  • Examination and documentation to expedite developments, maximization and, fault/failure measurements

Alerting

There are three things to secure when establishing alerts: 

Alerting Methods – how the alert should be broadcasted and to whom;

And Escalation – do specific models of alarms need a varying degree of acceleration to fix?

Alarm Thresholds – For every sensor, suitable operating parameters must be established. Thresholds should be designed to trigger when measurements go beyond operational limits. The monitoring system must be versatile. They should adjust to multiple thresholds per sensor. This is so it can give warning on informational, warning, critical, and failure levels.  There should be activating settings like over-threshold for a specific period. These are different from single-value thresholds. This should also include the rate of increase and decrease. Sending alerts on the rate of change gives a faster forewarning of malfunction. This is especially true of temperature.  This warns faster than a snapshot temperature value.

Thresholds must be established meticulously to guarantee unsurpassed efficacy. There could be varying thresholds that can trigger various warnings. These warnings are relative to the seriousness of the occurrence.  A humidity threshold scenario might prompt an e-mail to the IT controller. The same holds for when a smoke sensor transmits an automatic call to the fire department. Similarly, varying threshold levels will require different escalation methods. An unsanctioned rack access occurrence could trigger an alarm to the IT administrator. Likewise, a forced entry scenario might send a warning to the IT director.

AKCP Environmental Monitoring for Data Centers

Monitoring physical threats in your computer room and data center is essential. Ensuring you are running at optimal ASHRAE recommended temperatures will mean less downtime and longer life of your servers and rack-mounted equipment. AKCP has a range of sensors to help you do this, from basic temperature and humidity sensors to cabinet thermal maps for detailed monitoring.

Temperature Monitoring

Medical Thermometers Temperature Computer Icons Cold - Thermometer Clipart  Transparent PNG - 367x750 - Free Download on NicePNG

High temperatures in your rack are a serious problem and can cause major downtime. Monitor your room temperature, CRAC units, and cabinet temperatures. Thermal map sensors give you a detailed view of the front and rear temperatures as well as the ΔT front to rear temperature differential.

Water Leak Detection

Monitor for water leaks around your chillers, and under raised access flooring. Spot water sensors and rope water sensors are available. Locate type rope water sensors can tell you the precise location of the leak.

Air Pressure Differential Monitoring

Monitoring your cooling fans to ensure adequate airflow in your cabinet is a vital element of your monitoring system. Inefficient cooling can lead to temperature spikes and a total fan failure could be a disaster. AKCP has airflow sensors and differential pressure sensors for this purpose.

 

Reference Links

https://www.enterprisestorageforum.com/management/data-center-physical-security/

https://phoenixnap.com/blog/data-center-security

https://www.dnsstuff.com/data-center-monitoring-systems

AKCPMonitoring Physical Threats in the Data Center