Upload
george-hollo
View
145
Download
0
Embed Size (px)
Citation preview
© 2002 IBM Corporation
IBM Global Services
IBM Confidential
1
Welcome toBoulder, Colorado
© 2002 IBM Corporation
IBM Global Services
IBM Confidential
2
IBM Boulder Site Overview
Rich EvansBCRS Account Services Manager
IBM Global Services
© 2005 IBM CorporationIBM Confidential
IBM BCRS Boulder….an ideal location
IBM Global Services
© 2005 IBM CorporationIBM Confidential
BCRS Site Selection Criteria Abundance Of Skilled
Workforce
Large Academic Community
Stable Climate
Redundant Energy
Transportation Hub
IBM Global Services
© 2005 IBM CorporationIBM Confidential
Site Risk Profile
IBM Global Services
© 2005 IBM CorporationIBM Confidential
Corporate Reliability Criteria
Dual Power Support utility power sources to the site power paths to all data center buildings power paths for dual powered devices
Backup Power Support UPS battery power system with N+1 redundancy EPS generator power system with N+1 redundancy On site diesel fuel storage
Redundancy Dual power feeds to all computer room air conditioners Redundant air conditioning units on the raised floor Redundant (N+1) components in all critical systems
Maintenance Concurrent maintenance capability down to the PDU level Preventative maintenance schedule for all critical systems Monthly testing of backup power generator systems Yearly “drop dead” test of all backup systems
Staffing 24 x 7 x 365 on site security, facilities maintenance, and operations staff
IBM Global Services
© 2005 IBM CorporationIBM Confidential
Boulder Capacities
Customer Service and Operations also
hardened
Redundant Excel Energy Electrical Service
Stable Climate
Stable Utility Power Grid
Total commercial raised floor space
310,000 sq. ft. / 96,875 sq. m.
UPS Capacity - 31 Modules, 30,500 kva
EPS Capacity - 30 Generators, 44,400
kva
Chiller Capacity – 10,200 tons (35,873 Kw)
IBM Global Services
© 2005 IBM CorporationIBM Confidential
IBM BCRS Boulder BUILDING 023 DATA CENTER
90k Sq. Ft. Raised Floor
4 - 1000Kva UPS Modules
4 - 3200 KVA Generators
3 - 600 Ton Chillers
58 Thirty Ton CRAC Units
Primary and Backup Humidification Systems
Static Transfer Switches For all PDU’s
VESDA Smoke Detection
Critical System Monitoring by American Auto Matrix/Modicon
IBM Global Services
© 2005 IBM CorporationIBM Confidential
EPS and UPS Characteristics
UPS / Batteries provide 15 minutes of continuous power
EPS Generators online in under 30 seconds UPS filters incoming utility power 48 hour fuel storage capacity onsite All systems fully redundant
IBM Global Services
© 2005 IBM CorporationIBM Confidential
Raised Floor Environment
Open architected, multi-customer Water detection under the floor Smoke and fire detection Multi zoned sprinkler system IT equipment modeling and profiling
capabilities Hot aisle cold aisle equipment layout Under floor cable management PDUs loaded to 45% capacity for fail
over requirement
IBM Global Services
© 2005 IBM CorporationIBM Confidential
Energy Management Maximize raised floor power utilization Seal all floor hole penetrations Use modeling tools to manage I/T loading Maximize A/C unit efficiencies Turn off A/C units where possible Fewer A/C units on line may be cooler
Koldlok tile inserts for airflow management Tileflow modeling software
IBM Global Services
© 2005 IBM CorporationIBM Confidential
Environmental Systems
Room temperature requirement is 72° F (22.2°C) +/- 2 Multiple redundant AC units on the floor Water temperature supply is 48° - 50°F (9°C – 11°C) Under floor air temperature of 55° - 60°F (13°C – 15°C)
Relative Humidity requirement is 45% +/- 5% Low ambient humidity / continuous steam
generation Central plants with individual building backup
systems
IBM Global Services
© 2005 IBM CorporationIBM Confidential
Data Center EfficiencyExisting and new data centers
© 2004 IBM Corporation
© 2002 IBM Corporation
IBM Global Services
14
Physical Security Overview
IBM Global Services
© 2005 IBM CorporationIBM Confidential
Site Demographics
Security Services provided to– 5,500 Employees
– 2.4m Square Feet
– Approximately 400 Acres
Business Unit or Product Name
Presentation Title | Presentation Subtitle | Confidential © 2004 IBM Corporation
IBM Global Services
© 2008 IBM Corporation16
Site Physical Security
Site Security Responsibilities Physical Security Emergency Planning Information Protection Incident Management Consistent - North American Processes
Staffing IBM Employees
IBM Security Manager IBM Employee Staff
Contracted Uniformed Officer Staff National Contract (Wackenhut Corp.) Activity Directed by IBM Employees
IBM Global Services
© 2005 IBM CorporationIBM Confidential
Boulder Security Five Levels
Site access (perimeter security)
Building Access
BCRS Access
Raised Floor Access
Tape Library Storage Access
Computer Controlled
CAS Badge System
Biometric Access
24 Hour Guard Service
Site Security Patrols
Closed Circuit TV Monitors
Business Unit or Product Name
Presentation Title | Presentation Subtitle | Confidential © 2004 IBM Corporation
IBM Global Services
© 2008 IBM Corporation18
Site Physical Security Site Physical Security Controls
24 x 7 x 365 Operations Center Crisis Management Center Site Emergency Plan
Devices on Emergency Power Exterior / Interior Patrols Digital Closed Circuit Television/Recording (CCTV) Alarm System – Doors/Panic/Motion/Fire Alarmed Perimeter Fence Turnstile Entries Lobby and Loading Dock Processes Vehicle Access Control Facility Landscaping Guidelines Critical Utilities Secured
Business Unit or Product Name
Presentation Title | Presentation Subtitle | Confidential © 2004 IBM Corporation
IBM Global Services
© 2008 IBM Corporation19
Site Physical Security
Badge Access Control System All Access Management Reviewed/Approved
Campus and Internal Area Access - Separated Employees, Contractors, Visitors - Visible IDs
Controlled Access System (CAS) Security Issued Magnetic Stripe Badge Security Issued Smartcard Badge (Biometrics) CAS National System (Casi-Rusco / G.E) Forced Access Reviews
Scheduled and Incident Driven Reporting"Fail Hard" SystemLost Badge Tracking
Business Unit or Product Name
Presentation Title | Presentation Subtitle | Confidential © 2004 IBM Corporation
IBM Global Services
© 2008 IBM Corporation20
Site Security Command Center
Business Unit or Product Name
Presentation Title | Presentation Subtitle | Confidential © 2004 IBM Corporation
IBM Global Services
© 2008 IBM Corporation21
Site Perimeter Security
Perimeter Fencing
Exterior CameraTurnstile Entrances
Business Unit or Product Name
Presentation Title | Presentation Subtitle | Confidential © 2004 IBM Corporation
IBM Global Services
© 2008 IBM Corporation22
Data Center Physical Controls “Mantrap” and Biometric Reader Access
Individual AreasFingerprint VerificationDual AuthenticationBadge-out Required (Anti-Passback)
All Doors AlarmedMonitored by Site Security with Periodic Testing
Closed Circuit Television (CCTV) Digital Cameras and Recorders with Alarm Pop-ups Doors and Emergency Power Off (EPOs) 24 Hour Recording / Minimum 30 Day Retention
Construction Requirements Wall Structure (Slab-to-Slab) with No Ground Floor Windows Adherence to Local Building and Fire Codes Scheduled Inspections
Business Unit or Product Name
Presentation Title | Presentation Subtitle | Confidential © 2004 IBM Corporation
IBM Global Services
© 2008 IBM Corporation23
Raised Floor Single Person Entry
Business Unit or Product Name
Presentation Title | Presentation Subtitle | Confidential © 2004 IBM Corporation
IBM Global Services
© 2008 IBM Corporation24
Access Authorization
Business Unit or Product Name
Presentation Title | Presentation Subtitle | Confidential © 2004 IBM Corporation
IBM Global Services
© 2008 IBM Corporation25
Raised Floor Control
Business Unit or Product Name
Presentation Title | Presentation Subtitle | Confidential © 2004 IBM Corporation
IBM Global Services
© 2008 IBM Corporation26
Security Process Controls
Access Control Electronic Request Form
Two Levels of Approval Process Based on Business Justification
Access Review Formal Reviews - Quarterly Minimum Formal Revalidations - Annually Minimum
Visitor Access Escorted at all Times Under Visual Surveillance No Raised Floor Tours No Customer Access
Business Unit or Product Name
Presentation Title | Presentation Subtitle | Confidential © 2004 IBM Corporation
IBM Global Services
© 2008 IBM Corporation27
Security Process Controls
Requirements IBM Security Standards Customer Contracts Customer Agreements (GSD331/GSD332/ISEC)
Terminology Restricted Access: Controlled Access 2 (CA2)
Data Center Command Center Tape / Media Libraries
Protected Access: Controlled Access 1 (CA1) Labs Print Areas
Business Unit or Product Name
Presentation Title | Presentation Subtitle | Confidential © 2004 IBM Corporation
IBM Global Services
© 2008 IBM Corporation28
Security Audit Readiness
SAS70 Certifications (Type 1 and Type 2) Sarbanes-Oxley PCI (Payment Card Industry) US Federal Government Audits IBM Corporate Audit Independent Third Party Audit Customer Specific Audit Self Assessment Compliance Internal Business Controls Reviews/Audits
IBM Global Services
© 2005 IBM CorporationIBM Confidential
Emergency Preparedness
Emergency Planning – Planning for Natural and Manmade Events– Crisis Management Team– Testing and Training
Emergency Response – Security, Fire, Chemical and Medical Incidents– Timely PD/FD/EMS Response– On-site Emergency Medical Technicians
IBM Global Services
© 2005 IBM CorporationIBM Confidential
Incident Management
Investigation and Case Management– Asset Loss– Threats and Acts of Violence– Pre-Employment and Background
Provide Support to:– HR Related Issues/Incidents– I/T Security Related Incidents
© 2002 IBM Corporation
IBM Global Services
IBM Confidential
31
Facility Tour