In network planning, as in medicine, preventing a disaster is better than recovering from it.
Jeffery A.Lupinacci
Many people are familiar with disaster recovery--the planning and implementation of processes to get an organization back in service after something goes wrong. In contrast to disaster recovery, disaster avoidance takes a more proactive look at infrastructure and systems. This approach doesn`t make disaster recovery obsolete, but it helps an organization avoid activating its disaster-recovery plan.
Disaster avoidance is the planning and implementation of a communications system that prevents long-term outages. That usually means increasing the amount of cables to be installed, selecting the proper equipment to install, and speculating in "what-if" scenarios. The network planner must pay attention to all the details of the installation.
It is easier to plan disaster avoidance into a new installation, but it can be added to existing environments as well. Building a network system that avoids disaster will definitely increase the cost of a project. But the costs should be weighed against the expected benefits. How much prevention is necessary depends on the environment that you work in, the value of the assets you are trying to protect, and how long your operation could survive without communications services.
There are many different levels of disaster avoidance and many different methods that can be used. Telephone service is often the lifeblood of a company. If a company loses dial tone, customers cannot call in, resulting in big losses for the company.
Build in redundancy
One way to avoid losing telephone service is to install redundant service entrances and diverse entrance-cable paths. The benefit of a second service entrance is that it provides a second cable to split trunk lines between. A second entrance cable offers protection against cable cuts caused by, for example, a car knocking down a telephone pole or a tractor digging up a buried cable. The building owner usually has to pay for the second entrance, since the telephone company is only required to provide one entrance. However, telephone company engineers can be very helpful in establishing service as required, especially if they are brought into the project in its early stages.
Redundant service entrances are only beneficial when they are in separate cable sheaths, not if there are twice as many pairs from the same cable. A diverse path for the second cable is often more difficult to establish. The nearest telephone company central office (CO) serves the building that you are connecting. The cabling plant from the CO is most often cabled in a tree topology. Therefore, the paths converge at some point, and it is expensive to build a new cable plant parallel to the existing one. If at all possible, create a redundant path by bringing in a second service entrance from another CO. If the building lies close to a telephone company`s CO service boundary, this redundancy is not impossible.
You may be able to use fiber-optic cable to provide both voice and data services to the building, depending on the quantity of services the customer wants and what the cost breakpoint would be compared to that of copper cable. Fiber-optic cable can also be provided as a redundant entrance. But if you choose this option, you should also provide disaster avoidance in the form of copper cables because the network electronics can and will fail at some point. If all of your trunks are fiber, your client will be totally out of service. With diversity provided by both fiber-optic and copper cables, the business can still keep running while the fiber equipment is repaired.
Organizations that use a private branch exchange or key telephone system unit could face special problems, since power problems can knock out these systems. As part of the disaster-avoidance plan, the network designer should specify an adequately sized uninterruptible power supply that can provide power from batteries for a short period of time. If the system includes a generator, the telephone equipment can keep running after the batteries die. But the generator can also fail, in which case power-failure transfer stations can be used to connect a trunk to a telephone directly rather than to the telephone system. Therefore, the network design should include a power-failure transfer station, with all phone systems installed at the owner`s site.
As with telephone entrance facilities, redundancy and diversity can be planned into the design of intrabulding and interbuilding backbone distribution cable systems. Our firm recently designed a new structured cabling distribution system for a 10-story office building in Harrisburg, PA. The intent of the design was to make the building`s communications infrastructure resilient with respect to localized disruptions such as vandalism or fire, which is what destroyed the original building. Our design called for a primary backbone cable to be run up shaft A (one of two vertical shafts in the building) and a redundant backbone cable to be run up shaft B. In the event of localized damage, just one-fourth of any floor would be inaccessible, while three-fourths would continue to be operational. Thus, the cable plant had disaster avoidance built in.
In wide area networks, a ring technology--such as Synchronous Optical Network--or a meshed switched network--such as Asynchronous Transfer Mode--provides a self-healing network. If a break occurs in a link, the traffic is looped around the ring in the opposite direction to get to its destination.
Similarly, a local area network (lan) employs active electronics to make redundant equipment and alternate paths. Most central lan electronics allow for redundant power supplies and switching fabric. Also available are standby communications paths that will become active if the main path fails. These paths can be active at the same time to provide a higher-bandwidth channel for normal traffic or a standard channel for a broken link or degraded mode. For example, two links of 100Base-TX can be bound together to make a 200Base-TX pipe during normal operation. Network electronics can also be programmed to reroute the traffic through an intermediate repeater or alternate path. This rerouting creates disaster avoidance and keeps the network up and running.
In both voice and data networks, all components are monitored through software and hardware. Measurements and counts are tracked until they exceed a threshold the operator sets. When this threshold is exceeded, an alarm condition notifies the operator, who can take actions necessary to repair the failed link or replace the burned electronics. Such network-management tools are expensive, but again, you need to weigh the cost of a possible service outage against the cost of the tools needed to keep the network up. In the long-distance communications business, network operations centers control and monitor equipment 24 hours a day, seven days a week. The liability the carrier faces if service fails makes the cost an absolute necessity.
More to consider
Other aspects of network planning and installation are also critical to disaster avoidance--for example, grounding, firestopping, and physical security. Grounding should be provided in accordance with all applicable codes, such as the National Electrical Code and industry standards such as ansi/tia/eia-607 Commercial Building Grounding and Bonding Requirements for Telecommunications. Proper grounding protects both service personnel and equipment. To avoid disaster, including accidental death, grounding devices should be tagged and tied to electrical ground, building steel, distribution racks, cable trays, or other approved equipment. If an undesired electrical potential exists and a person or piece of equipment completes the circuit to ground, the "conductor" may fail, with disastrous results.
An often overlooked and improperly installed disaster-avoidance tool is firestopping. Fires do occur, but the ability to prevent, contain, and suppress them is critical to limiting the amount of damage. If a fire starts on one floor, a correctly installed, UL-listed firestopping system can keep it from spreading to other areas.
Installed cables should be made of materials that are designed for the environment in which they are to be used. Air-plenum returns are spaces that the ventilation system uses to bring air back to the furnace or air conditioner. This same air is then sent back out to the living spaces of the building. Plenum-rated cables give off less-poisonous fumes when burned than do riser-rated or non-rated cables. Therefore, the fumes that plenum-rated cables emit during a fire give the occupants a better chance to escape.
A simple method of avoiding disaster is to keep the doors to critical areas or equipment locked. Limit the number of people who can gain access to your communications spaces and systems. Often a person will cause damage to your networks with something as trivial as spilled coffee or a wet mop leaning against cable termination blocks. In the case of intentional damage, it is not only terrorists who want to cause havoc; all too often, a disgruntled employee sabotages equipment to have an afternoon off.
Also consider the expression, "Don`t put all your eggs in one basket." If you can "mirror" any part of your networks to other floors, buildings, cities, or states, it will let one part of the network cover for another. A mirror site is a common disaster-avoidance tool in telemarketing environments. For example, an insurance company in Hartford, CT, may have people answering calls 24 hours a day. Based on time-of-day and the area code of the caller, calls can be routed--through caller-ID features--to the San Diego, CA, call center after 6 PM eastern standard time. Mirroring can also be done with lans. The data is written to two disk drives at the same time, in the event that one fails or has corrupted data. A mirroring site differs from a disaster-recovery site because it is actively sharing the normal load, not going from 0% to 100% only after a failure.
Disaster avoidance is not a "design-once-and-then-forget-about-it" item. A disaster plan should be developed for your organization, and it should be reviewed and updated periodically. Disaster avoidance should be the first line of defense in the disaster plan. If your disaster-avoidance plan is successful, you avoid having to implement the disaster-recovery part of the plan.
One way to build in disaster prevention is to provide more than one service entrance to the building.
Redundant backbone cabling can localize damage in the event of a fire or vandalism.
Network electronics should be programmed to automatically reroute traffic to its destination through an alternate path in the event that one link fails.
Jeffrey A. Lupinacci is a registered communications distribution designer (rcdd) and lan specialist at Brinjac, Kambic & Associates Inc. (Harrisburg, PA), an engineering consulting firm.