What a week, well the week started off with a bang, everyone wondering what was going to happen with the conficker virus. With so many computers out there that are infected and just waiting to call home, many people were nervous. Thankfully nothing of note occurred and the day passed without any known incident. Then starting on Wed it appears that register.com started to suffer a DDOS attack that left many including our website offline for long periods of time through the day. As a matter of fact many of you that read this might not even be aware of it as it is not being communicated openly. In addition on Tuesday there are reports that Amazon.com, salesforce.com and other sites were down due to a DDOS on DNS provider Neustar. Well what does this have to do with SAP NetWeaver, with the backdrop of all this it got me to thinking about our SAP NetWeaver environments, business system availability in general and cloud computing.

Read more here

Over the years we have grown more and more dependent on our systems and we are used to making assumptions that our systems will always be there. When I first got into consulting one of the requirements for every project was to plan for the continuation of operations in case the system went down, this was a given that there would be a process because what we know about high availability now was not in place back then. In thinking about this weeks activities I realized that this is very rare now, we just expect the system to be there, no question. Cloud computing is a case in point, with the rush to use the cloud what thoughts and plans have we given to high availability?

Now don’t get me wrong, we work on disaster recovery initiatives with our customers and systems have become sophisticated enough with virtualization, clustering, HBA systems that we can pretty much ensure the availability of the computer or the business system itself but what about those areas that are not under our control? Many companies have been driving to a single centralized instance strategy over the years, this is the right strategy but this also means that with this central strategy we are possibly more susceptible to failures in the weakest parts of the infrastructure chain, namely external providers. In the case of register.com for example, they host DNS servers for thousands of companies, companies that are dependent on their DNS service regardless of how sophisticated their internal system redundancies were they were affected, in our case our consultants could not access email nor our SAP system (which was chugging along happily I might add). I read a message from one company with a commercial web presence that was losing $1000’s because their commercial website was not readily available. 

Unfortunately I am not saying I have an answer, but at least where we can control our environment have we done enough to ensure that a simple outage will not affect out business? Are we racing to the cloud and not taking these issues into consideration? I joked with a customer a while back that maybe considering all the work we were doing to make the system highly available that we should publicize it, thinking back to that discussion maybe we should ask our partners how available their systems are before we use their services. Is it to much to ask a potential supplier what their strategy is to ensure high availability of their business system?

I’m just saying…

Later