Site Resiliency – SY0-601 CompTIA Security+ : 2.1

Maintaining uptime and availability during a disaster is often the primary objective of the IT team. In this video, you’ll learn about hot sites, cold sites, and warm sites.

<< Previous Video: Managing Security Next: Honeypots and Deception >>



If you’ve gone through the process of creating a disaster recovery plan, then you know these disasters can happen at any time. That’s why it’s always important to always have backups, always have the data synchronized, or be ready to put those plans into action at any moment. If this disaster requires that your data center physically move to the disaster recovery site, then you’ll need to flip that switch and move everything over to that alternate location.

You may be in that location for an extended amount of time. This is not going to be a few hours before things revert back, and sometimes this can take days, weeks, or even months before you’re ever able to move back to your original data center. That’s why you not only need processes and procedures for getting up and running at the disaster recovery site, you also need the processes and procedures for moving back to the original location.

Some disaster recovery locations are what we call hot sites. These are sites that are an exact replica of what we are running in our production environment. This means that we have duplicate hardware, duplicate servers, all of the equipment and infrastructure is duplicated. Whenever we purchase something for our production network, we’re often also purchasing something for our disaster recovery network.

This also means that there needs to be some process in place to keep everything synchronized. Perhaps everything is updated in real time between these two locations with high-speed network connections so that your data center and your disaster recovery site are constantly in sync. Or perhaps you’re sending periodic updates to the disaster recovery site.

For example, you could send updates every hour that provide synchronization between the data that’s in real time at the data center and the disaster recovery site information. Because these two sites are designed to be a mirror image, it should be a relatively easy process to flip the switch that moves all of the data from the primary location to the disaster recovery site. And when you make that switch, everything will be ready to go at the DR location.

A cold site is effectively the complete opposite of a hot site. This is effectively a room with a bunch of racks in it, and it has none of your equipment currently in place, none of your data, and none of your applications. This means that you’ll need to bring the data with you. Maybe there are backup tapes or backup drives that are used, and you bring all of that with you to the cold site. There are also no people at the cold site, so you have to make sure that you bring the personnel that will then be attending to all of these systems that you will be installing and running at the cold site.

A warm site is somewhere in the middle between a hot site and a cold site. Instead of being immediately ready to go or having nothing available, it’s usually a location that has racks and some equipment that you can at least get up and running in a relatively short period of time. They might provide servers or equipment for the infrastructure, and you would simply bring your configurations to plug in to their equipment.

The description of exactly what’s included with the warm site is usually part of the disaster recovery contract. There’s usually a balancing act between the equipment that’s available and how much you have to pay for that disaster recovery functionality. The more equipment that’s available at a warm site, the more money that will be required on a monthly or annual basis to maintain that DR location.