Вы находитесь на странице: 1из 47

Emakhazeni Local Municipality

Disaster Recovery Plan

EMAKHAZENI LOCAL
MUNICIPALITY

ICT DISASTER
RECOVERY PLAN

Emakhazeni Local Municipality

Disaster Recovery Plan

Approval

DOCUMENT:

ICT INCIDENT RESPONSE PLAN

Copy Number:

MASTER COPY

Compiled by:

Niall Carroll
Deputy Manager ICT

Reviewed by:

Compilation Date:

August 2013

Review Date:

Version:

Draft V 1.00

Revision:

Distribution:

All

Classification:

Document Release Approval

Document Acceptance

ICT Department

Council

Releasing Authority:
Manager: Corporate Services

Acceptance Authority:

Date Released:

Date Accepted:

Signature:

Signature:

2|P a g e

Emakhazeni Local Municipality

Disaster Recovery Plan

Document Control
Revision Record
Revision

Date

Change Record

Changed By

Issue Control
This policy is issued by the DEPARTMENT OF CORPORATE SERVICES on behalf of the
Emakhazeni Local Municipality, to whom any change requests or queries should be directed. The
review life for this document is 12 months.

Distribution
Copy No.
Master
01
02

Name

TICTle

Organisation

The MASTER for this document is held electronically and only signed copies are valid. An
unsigned, printed document is not copy controlled and is to be used for information purposes
ONLY, as ICT will not be automatically updated. ICT is therefore the responsibilICTy of the
reader to ensure that ICT is a currently valid copy.

3|P a g e

Emakhazeni Local Municipality

Disaster Recovery Plan

TABLE OF CONTENTS
Document Control .................................................................................................................................... 3
Revision Record ..................................................................................................................... 3
Issue Control........................................................................................................................... 3
Distribution ............................................................................................................................. 3
1. Organisation ..................................................................................................................................... 9
1.1 About & Overview ............................................................................................................................ 9
1.2 Departments..................................................................................................................................... 9
2.

Contact Lists for Personnel & Suppliers ......................................................................................... 10

2.1 ICT Contact Lists ............................................................................................................................. 10


2.1.1

Senior ICT Management & ICT Disaster Recovery Leader ....................................................... 10

2.1.2

Key Contact List (KCL) .............................................................................................................. 10

2.1.3

ICT Personnel ........................................................................................................................... 10

2.1.4

ICT Disaster Recovery Team .................................................................................................... 11

2.1.5

ICT Recovery Testing Team ...................................................................................................... 11

2.1.6

Relevant ICT Suppliers (Contract / SLA) ................................................................................... 11

3.

Invocation Plan & Response ........................................................................................................... 12

4.

Communications Plan ..................................................................................................................... 13

4.1 Invocation Communications Plan ................................................................................................... 13


4.2 Emergency Communications Plan .................................................................................................. 13
4.3 Post Emergency Communications Plan .......................................................................................... 14
5.

Recovery Points .............................................................................................................................. 15

5.1 Primary Assembly Point ................................................................................................................. 15


5.2 Secondary Assembly Point ............................................................................................................. 15
5.3 Primary Recovery Facility ............................................................................................................... 16
4|P a g e

Emakhazeni Local Municipality


Disaster Recovery Plan
5.4 Secondary Recovery Facility ........................................................................................................... 17
6.

Business Impact Analysis ................................................................................................................ 17

6.1 Risk Paradigm (Classification Index) ............................................................................................... 17


6.2 Risk Impact Table............................................................................................................................ 18
6.3 Risk Likelihood Table ...................................................................................................................... 18
6.4 Inherent Risk Exposure Table ......................................................................................................... 18
7.

ICT Environment Overview ............................................................................................................. 19

7.1 Key Equipment List ......................................................................................................................... 19


7.2 Recovery Start-up Sequence .......................................................................................................... 19
7.3 Diagram: Overall ICT Environment ................................................................................................. 20
8.

Applications in the Environment .................................................................................................... 21

8.1 ICT Department Controlled Applications ....................................................................................... 21


9.

Essential ICT Services...................................................................................................................... 22

9.2 Network - Overview ....................................................................................................................... 23


9.2.1

Network Architecture & Design ............................................................................................ 23

9.2.2

Network Functional Components ......................................................................................... 23

9.2.3

Network Backups .................................................................................................................. 24

9.2.4

Network Full Recovery Procedure ........................................................................................ 24

9.2.5

Network Component Recovery Procedure ........................................................................... 24

9.2.6

Network - Risk & Impact Analysis ............................................................................................ 25

9.3 Threat Management Gateway - Overview ..................................................................................... 26


9.3.1

Threat Management Gateway - Architecture & Design .......................................................... 26

9.3.2

Threat Management Gateway Functional Components ...................................................... 26

9.3.3

Threat Management Gateway - Backups ................................................................................ 27

9.3.4

Threat Management Gateway Full Recovery Procedure ..................................................... 27


5|P a g e

Emakhazeni Local Municipality


Disaster Recovery Plan
9.3.5
Threat Management Gateway Component Recovery Procedure ........................................ 28
9.4 Domain Controller (Active Directory / AD) - Overview .................................................................. 28
9.4.1

Domain Controller (Active Directory / AD) Functional Components ................................... 28

9.4.2

Domain Controller (Active Directory / AD) - Backups ............................................................. 28

9.4.3

Domain Controller (Active Directory / AD) Full Recovery Procedure................................... 29

9.4.4

Domain Controller (Active Directory / AD) Component Recovery Procedure ..................... 29

9.4.5

Domain Controller (Active Directory / AD) - Risk & Impact Analysis ...................................... 29

9.5 Backup Service - Overview ............................................................................................................. 30


9.6 Backup Service - Architecture & Design ......................................................................................... 30
9.7 Backup Service - Functional Components ...................................................................................... 30
9.7.1

Backup Service - Backups......................................................................................................... 30

9.7.2

Backup Service Full Recovery Procedure .............................................................................. 31

9.7.3

Backup Service Component Recovery Procedure ................................................................ 31

9.7.4

Backup Service - Risk & Impact Analysis .................................................................................. 32

9.8 Antivirus Overview ......................................................................................................................... 32


9.8.1

Antivirus - Architecture & Design ............................................................................................ 32

9.8.2

Antivirus - Functional Components ......................................................................................... 32

9.8.3

Antivirus - Backups .................................................................................................................. 33

9.8.4

Antivirus - Risk and Impact Analysis ........................................................................................ 33

10. System Specific ICT Services ........................................................................................................... 33


10.1 Mail Service - Overview .................................................................................................................. 33
10.1.1

Mail Service - Architecture & Design ....................................................................................... 34

10.1.2

Mail Service - Functional Components .................................................................................... 34

10.1.2.1
10.1.2.2
10.1.2.3
10.1.2.4

Authoritative Domains.................................................................................... 34
Domain Hosting .............................................................................................. 34
Mail Records ................................................................................................... 34
Mail Server ...................................................................................................... 34
6|P a g e

Emakhazeni Local Municipality


Disaster Recovery Plan
10.1.2.5 Client Access ................................................................................................... 35
10.1.2.6 Inbound Observations .................................................................................... 35
10.1.2.7 Outbound Observations ................................................................................. 35
10.1.3 Mail Service - Backups ............................................................................................................. 35
10.1.4
10.1.4.1
10.1.5

Mail Service Recovery Procedures........................................................................................ 35


Mail Service Component Recovery Procedure ................................................................. 35
Mail Service - Risk & Impact Analysis ...................................................................................... 36

10.2 Munsoft Service - Overview ........................................................................................................... 36


10.2.1

Munsoft Service - Architecture & Design ................................................................................ 36

10.2.2

Munsoft Service - Functional Components ............................................................................. 37

10.2.3

Munsoft Service - Backups....................................................................................................... 37

10.2.4

Munsoft Service Full Recovery Procedure ............................................................................ 37

10.2.5

Munsoft Service Component Recovery Procedure .............................................................. 38

10.2.6

Munsoft Service - Risk and Impact Analysis ............................................................................ 38

10.3 VIP Payroll Overview ...................................................................................................................... 38


10.3.1

VIP Payroll Service - Architecture & Design ............................................................................. 39

10.3.2

VIP Payroll Service - Functional Components .......................................................................... 39

10.3.3

VIP Payroll Service - Backups ................................................................................................... 39

10.3.4

VIP Payroll Service Full Recovery Procedure ........................................................................ 40

10.3.5

VIP Payroll Service Component Recovery Procedure ........................................................... 41

10.3.6

VIP Payroll Service - Risk and Impact Analysis ......................................................................... 41

10.4 VIP ESS Service Overview ............................................................................................................... 41


10.4.1

VIP ESS Service - Architecture & Design .................................................................................. 42

10.4.2

VIP ESS Service - Functional Components ............................................................................... 42

10.4.3

VIP ESS Service - Backups......................................................................................................... 42

10.4.4

VIP ESS Service Full Recovery Procedure .............................................................................. 43

10.4.5

VIP ESS Service Component Recovery Procedure ................................................................ 43


7|P a g e

Emakhazeni Local Municipality


Disaster Recovery Plan
10.4.6 VIP ESS Service - Risk and Impact Analysis .............................................................................. 44
10.5 CaseWare Service - Overview......................................................................................................... 44
10.5.1

CaseWare Service - Architecture & Design.............................................................................. 44

10.5.2

CaseWare Service - Functional Components........................................................................... 44

10.5.3

CaseWare Service Full Recovery Procedure ......................................................................... 45

10.5.4

CaseWare Service Component Recovery Procedure ............................................................ 45

10.5.5

CaseWare Service - Risk and Impact Analysis.......................................................................... 46

11. Non-Core Services .......................................................................................................................... 46


11.1 GIS Service (TGIS) ........................................................................................................................... 46
11.2 IP Cameras Service ......................................................................................................................... 46
11.3 Access Control Service .................................................................................................................... 46
11.4 Corporate Printing Service ............................................................................................................. 46
11.5 Telephony Services ......................................................................................................................... 46
12. Annexure ........................................................................................................................................ 47
12.1 Software List ................................................................................................................................... 47

8|P a g e

Emakhazeni Local Municipality

Disaster Recovery Plan

1. Organisation
1.1 About & Overview
The Emakhazeni Local Municipality has set a vision for the organisation to Improved
qualICTy of life through balanced, sustainable development and service excellence.
The Mission of Council is to achieve this through the Emakhazeni Local Municipality
being commICTted to the improvement of the physical, socio-economic and
instICTutional environment in order to address poverty and promote development.
The Emakhazeni Local Municipality ICT Department will contribute to this mission by
putting the necessary and required procedures in place to ensure the institution can
deliver on ICTs Vision and Mission from an ICT perspective. This ICT DRP/BCP
document serves as part of the broader ICT strategy and operations.

1.2 Departments
DEPARTMENTS
Office Of The Municipal Manager
Department of Corporate Services
Department of Technical Services
Department of Finance
Department of Community Services
DEPARTMENTS AND DIVISIONS
Financial Services
Corporate Services
Technical Services
Municipal Manager
Technical Services
Executive Mayor
Community Services
Speakers Office
Information and Communication Technology
Development and Planning
Local Economic Development
Internal Audit

9|P a g e

Emakhazeni Local Municipality

Disaster Recovery Plan

2. Contact Lists for Personnel & Suppliers


This is a complete list with contact details for personnel and suppliers.

2.1 ICT Contact Lists


This section pertains to the various types of contacts used as part of the process.

2.1.1 Senior ICT Management & ICT Disaster Recovery Leader


NAME

DESIGNATION

Niall Carroll

Deputy Manager ICT


ICT Disaster Recovery
Team Leader

TELEPHONE

CELL

013 253 1631 (H)


013 253 7666 (W)

083 653 8746

EMAIL
niall@emakhazenilm.co.za

2.1.2 Key Contact List (KCL)


The Key Contact List is the identified Key ICT contacts within the ICT Department. Their contact
information should be shared and disseminated within the organisation. The ICT Disaster Recovery
Team Leader remains the first point of contact.
NAME

DESIGNATION

Niall Carroll
Eunice Mnguni
Vusi Ntshwane

Deputy Manager ICT


ICT Technician
ICT Technician

TELEPHONE

CELL

013 253 1631 (H)

083 653 8746


083 232 7913
072 407 7695

EMAIL
niall@emakhazenilm.co.za
eunicem@emakhazenilm.co.za
vusi@emakhazenilm.co.za

2.1.3 ICT Personnel


NAME

DESIGNATION

Niall Carroll
Eunice Mnguni
Vusi Ntshwane

Deputy Manager ICT


ICT Technician
ICT Technician

TELEPHONE

CELL

013 253 1631 (H)

083 653 8746


083 232 7913
072 407 7695

EMAIL
niall@emakhazenilm.co.za
eunicem@emakhazenilm.co.za
vusi@emakhazenilm.co.za

10 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

2.1.4 ICT Disaster Recovery Team


The ICT Disaster Recovery Team is sorted in the order of succession for the ICT Disaster Recovery
Team Leader role.
NAME

DESIGNATION

Niall Carroll
Eunice Mnguni
Vusi Ntshwane

Deputy Manager ICT


ICT Technician
ICT Technician

TELEPHONE

CELL

013 253 1631 (H)

083 653 8746


083 232 7913
072 407 7695

EMAIL
niall@emakhazenilm.co.za
eunicem@emakhazenilm.co.za
vusi@emakhazenilm.co.za

2.1.5 ICT Recovery Testing Team


The ICT Recovery Testing Team is the team responsible for the periodic restore or DR testing in the
environment.
NAME

DESIGNATION

Niall Carroll
Eunice Mnguni
Vusi Ntshwane

Deputy Manager ICT


ICT Technician
ICT Technician

TELEPHONE

CELL

013 253 1631 (H)


N/A
N/A

083 653 8746


083 232 7913
072 407 7695

EMAIL
niall@emakhazenilm.co.za
eunicem@emakhazenilm.co.za
vusi@emakhazenilm.co.za

2.1.6 Relevant ICT Suppliers (Contract / SLA)


The following Suppliers/Vendors have direct impact on the DRP.
1. Telkom (internet, VPN & VOIP access)
Duma Shange
081 309 6152
Glenn Van Dalen
081 317 5368

Regional Accounts Manager


Regional Service Manager

2. Obsidian (Software infrastructure)


Support
011 795 0200

Support Centre

3. ITNA (Munsoft)
ITNA Disaster Recovery 012 682 9242
Ian Graham-Parker
083 556 2815
Marius Richter
082 561 4963

Service desk
Service Delivery Manager
Account Manager

11 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

3. Invocation Plan & Response

Incident
Occures

Assemble

Assess

Respond

Emakhazeni Local Municipality is notified of possible DR incident.


Initial assessment and classification of disaster is done by Nkangala District Municipality DR Team.
IT Disaster Recovery Team Leader invokes and communicates the incident to the IT Disaster Recovery.

Emakhazeni Local Municipality DR Team informs different departments of incident.


IT Disaster Recovery Team assembles at predefined assembly points.
In event of Nkangala District Municipality building being damaged and not accessible at predefined
secondary assembly point.

IT Disaster Recovery Team does IT damage assessment to ascertain the impact of the event on the IT
Department and the services reliant on it.
Determine recovery location based on damage assessment.

IT Disaster Recovery Team starts recovery process full or partial on various affected systems.
Test systems post recovery.
Provide access to systems.

IT Disaster Recovery Team reports back to Emakhazeni Local Municipality on status and completion of
DRP via IT Disaster Recovery Team Leader.

Communicate

12 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

4. Communications Plan
This section covers the communication between Emakhazeni Local Municipality and the ICT
department along witch the internal departmental communication in the event of an incident.
All communications during the event should be treated as confidential and only the ICT Disaster
Recovery Leader should communicate with the organisation with regards to the status and progress of
the ICT Department and ICTs People, Technology, Premises, Information (Systems) and Suppliers
(Equipment, Services, Systems). The only exception to this should be if the ICT Disaster Recovery Leader
is not able to handle these communications for whatever reason the responsibility will fall on the ICT
Recovery Team member next inline.

4.1 Invocation Communications Plan


In the event of a disaster or incident that has been invoked by Emakhazeni Local Municipality the initial
communication between the ICT Disaster Recovery team members will be either face to face or via
phone calls (one to one or conference call).

Once damage assessment has


been completed, and the impact
warrants a Disaster, the
Organisation DR Leader declares a
disaster

The Organisation DR Leader


informs all relevant DR team
leaders including the IT DR Team
Leader

The IT DR Team Leader informs all


IT DR Team members who then
activate the steps in the IT DRP

4.2 Emergency Communications Plan


During and post the invocation of the incident ICT is critical that the ICT Disaster Recovery Team
communicate with each other in a frequently, clear, reliable and concise manner. All ICT related
communication should be relayed through the ICT Disaster Recovery Team Leader.
The ICT Disaster Recovery Team Leader will be the interface for all communication between the ICT
Disaster Recovery Team and the Organisation.
Communications between the ICT Disaster Recovery Team and the organisation should be frequent
initially ICT is recommend to between 30 60 minutes as the initial recovery period continues
communications could be 2 4 hours apart. This will however be dependent and dictated by the
request for information from the Organisation DR Leader.

13 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

Team
Member 3
Team
Member 2

Team
Member 1

Team
Member 4

IT Disaster
Recovery
Team
Leader

Team
Member 5

4.3 Post Emergency Communications Plan


ICT Disaster Recovery Team Leader will communicate to the Organisation DR Leader and later on the
organisation the post incident information. This should include any changes (permanent or
temporarily) to the People, Technology, Premises, Information (Systems) and Suppliers (Equipment,
Services, Systems) relating to ICT environment.

14 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

5. Recovery Points
This section covers the ICT Departments emergency assembly points and the recovery points.

5.1 Primary Assembly Point


In the event of an incident the ICT Disaster Recovery Team should assemble at the location market on
the map below. In the event of the primary location not being accessible proceed to the secondary
location. The team should gather at this location within the first hour.

Primary Assembly Point for


Emakhazeni LM ICT Disaster
Recovery Team

Secondary Assembly Point for


Emakhazeni LM ICT Disaster
Recovery Team

5.2 Secondary Assembly Point


In the event of not being able to use the primary assembly point proceed to the secondary assembly
point, located a across the road in Steepers Street. The team should gather at this location within the
first hour.

15 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

5.3 Primary Recovery Facility


Recovery Procedures are to start at the primary location.

Primary Recovery Facility for


Emakhazeni ICT Disaster
Recovery Team in Existing
Municipal Building

16 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

5.4 Secondary Recovery Facility


Secondary site for recovery at Entokozweni Municipal Office.

6. Business Impact Analysis


The Business Impact Analysis (BIA) section of this document serves the purpose of depicting the
architecture & design as well as to highlight the risks & impacts for the various technologies deployed.
Vendors and Service Provider details can be found in the Supplier list section of this document.

6.1 Risk Paradigm (Classification Index)


The tables below are used to calculate the risk impact and likelihoods of your organisation and then to
quantify the possible exposure of these risks.
In order to get final risk exposure rating you need to quantify impact and likelihood. This is done by
multiplying the ratings of impact and likelihood.

17 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

6.2 Risk Impact Table


RATING

ASSESSMENT

INSIGNIFICANT

DEFINICTION

MINOR

MODERATE

Negative outcomes or missed opportunities that are likely to have a relatively moderate impact on the
ability to meet objectives.

MAJOR

Negative outcomes or missed opportunities that are likely to have a relatively substantial impact on the
ability to meet objectives.

CRICTICAL

Negative outcomes or missed opportunities that are likely to have a negligible impact on the ability to
meet objectives.
Negative outcomes or missed opportunities that are likely to have a relatively low impact on the ability to
meet objectives.

Negative outcomes or missed opportunities that are of critical importance to the achievement of the
objectives.

6.3 Risk Likelihood Table


RATING

ASSESSMENT

RARE

UNLIKELY

MODERATE

LIKELY

COMMON

DEFINICTION
The risk is conceivable but is only likely to occur in extreme circumstances.
The risk occurs infrequently and is unlikely to occur within the next three (3) years.
There is an above average chance that the risk will occur at least once in the next three (3) years.
The risk could easily occur, and is likely to occur at least once within the next 12 months.
The risk is already occurring, or is likely to occur more than once within the next 12 months.

6.4 Inherent Risk Exposure Table


RISK
RATING

INHERENT RISK
MAGNICTUDE

15-25

HIGH

8-14

MEDIUM

1-7

LOW

RESPONSE
Unacceptable level of risk High level of control intervention required to
achieve an acceptable level of residual risk

Unacceptable level of risk, except under unique circumstances or


conditions Moderate level of control intervention required to achieve an
acceptable level of residual risk
Mostly acceptable Low level of control intervention required, if any.

18 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

7. ICT Environment Overview


The municipality consists of various departments each with their own requirements from ICT. However
the ICT environment of Emakhazeni Local Municipality is a well structured environment.
The environment consists of a number of systems required to support the services needed by
Emakhazeni Local Municipality. These services used by Emakhazeni Local Municipality include Financial,
Payroll, Communication, Document Management and the base infrastructure.
The Municipality relies on a 2 MB internet breakout for ICTs connectivity as well as dedicated system
specific connectivity for ICTs financial system.

7.1 Key Equipment List


DEVICE / SERVER NAME
Main ICT Servers
Untangle
CentOS Virtual Drive Zimbra
CentOS Virtual Drive ClearOS
Finance
Munsoft
VIP
Budget Plan
TELKOM OPTICON PRI

IP ADDRESSS

TYPE

193.168.30.248
192.168.30.243
192.168.30.244

Server
Server
Server

192.168.30.1
192.168.30.189
192.168.30.19
192.168.30.100

Server
Server
Server
Telephony

7.2 Recovery Start-up Sequence


The recovery sequence is the proposed sequence to be used for a full recover. Certain services are
dependent on others and thus the recovery sequence becomes important to ensure when recovering a
service ICT already has ICTs dependencies in place.
#

SERVICE NAME

DESCRIPTION

1
2
3
4
5
6
7
8
9
10
11
15

Network & Connectivity


Domain Controller
Firewall (TMG)
Antivirus
Backup
Printing
Mail
Munsoft
VIP Premier
VIP ESS
File Server
Non-core

Setup WAN & LAN networks.


Recover Domain Controller and ensure (DNS, AD, DHCP, WINS) is functioning.
Recover firewall and load original configuration from backup.
Recover Antivirus service for environment.
Recover Storage Platform and relevant data.
Recover printing service. Multifunction & Scanning Device and Tally Line printers required.
Recover all Mail related services and establish access for users.
Recover Munsofts Municipal Financial & Billing software and data and establish access for users.
Recover VIP Payroll service and establish access for users.
Recover VIP Premier (Application and Database) service and establish access for end users.
Recover File Server and data and establish access for users to Home folder
Recover where possible non-core services

19 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

7.3 Diagram: Overall ICT Environment


This diagram presents an overview of the organisation ICT structure.

90 Users
Belfast HQ

Backup Site
Machadodorp

1984 kbs

Internet

1984kbs

10 Users
Fritzegerald

1984kbs
1024kbs
512kbs

Emakhazeni Local Municipality

MPLS VPN

Waterval Boven
10 Users

512kbs
512kbs

Siyathuthu
6 Users

512kbs

Emthonjeni
4 Users

Dullstroom
4 Users

20 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

8. Applications in the Environment


Various applications have been identified in the organisation. These are listed below and will be broken down in to
two sections. The two sections are those that fall under the control and support of the ICT department and those
that live elsewhere in the organisation.

8.1 ICT Department Controlled Applications


APPLICATIONS

MANUFACTURER

USAGE

USERS

Munsoft Software Pty Ltd

Daily

Finance
Department

Is used to managed the finances of the


Emakhazeni Local Municipality

Softline Pty Ltd

Daily

Finance & HR
Departments

This application is used to administrate


the salaries and HR functions such as
leave at Emakhazeni Local Municipality

CaseWare

CaseWare International

Weekly

Finance (1 User)

Application used to financial reporting

ESS (VIP)

Softline Pty Ltd

Daily

All Departments

Module for users to be able to manage


their own HR including leave
applications etc.

File Data

Intel Server / CentOS


sharing

Daily

All Departments

Electronic Mail Service


(Zimbra)

Open Source, Telkom,


Lantic, Cisco etc.

Daily

All Departments

Untangle. Management
Gateway (TMG)

Open Source

Daily

All Departments

All users have home folders on the


server with redirection taking place
back to the individual workstations
The mail service forms part of an
important communication tool in the
Emakhazeni Local Municipality. ICT is
also used to store contacts and
schedule meetings by ICTs users.
Protects the users from and allows
access to the Internet from the
Emakhazeni Local Municipality LAN.

Munsoft Financial
Management System
VIP Payroll System

SYSTEM FUNCTION

Other Applications in Organisation


APPLICATIONS
GIS

TELKOM OptiCon PRI


IP Cameras (ICT)
Call Centre

MANUFACTURER

USAGE

USERS

SYSTEM FUNCTION

TGIS

N/A

Technical
Services

GIS system is in PoC / Review phase

Telkom

N/A

N/A

Daily

All
Departments
ICT

Telkom

Daily

Disaster
Management

Telephone management system


Used to monitor Server Room
To answer any emergency

21 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

9. Essential ICT Services


Functional components of the environment include:

Network (LAN & WAN) The LAN and WAN provides the access layer between end users and the
services they require.
Firewall Provides the security gateway that manages the internal and external networks.
Domain Controller - Active Directory (AD) provides the underlying centralised authorisation and
authentication which is used by servers and end users to access various systems and services on
the ICT network.
Backup Service Service that is used to backup and recovery of data across the environment.

IMPORTANT NOTE: ALL SERVERS SHOULD RETAIN THEIR ORGINAL NAMES


WHEN DOING THE RECOVERY

9.1 Recovering Essential ICT Services


In order to start recovering services, the basic ICT infrastructure needs to be configured and ready for
use in order to deploy the recovered systems. These systems will be classified as essential ICT services
and are made up of the Network (LAN & WAN), Firewall and Active Directory (AD).
As opposed to the essential services mentioned above, there are a few other essential services which
are required at the Recovery location as listed below:
Secure Environment (New)
Power (New)
Network (physical)
Domain Controller (Networking infrastructure, e.g. DNS, AD, DHCP, WINS)
Firewall
Network Printing
Line Matrix Printer (New)
Multi-Function Printers (Must Include Scanner and be Network capable) (New)

22 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

9.2 Network - Overview


The physical network configuration of the network is a flat Layer 2 network. No VLANs are in use.

9.2.1 Network Architecture & Design


The network architecture of Emakhazeni Local Municipality is a Virtual Private Network. All systems
are located on eight IP address structure.

9.2.2 Network Functional Components


Functional components of the network include:

Physical Line (2MB Telkom) This is the primary connection to internet.


Router Cisco 1900 This is the router used by the primary connection.

Core Switching This handles the uplinks to LAN (Floor Switches) and the server room.
Floor Switching The floor Switches allow end users and devices to connect to each other and
the core network.
Cabling Cabling is in place to link the different Switches and users.
Cabinet All equipment is placed in the cabinets.

23 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

9.2.3 Network Backups

Telkom manages the Cisco 1800 and 1900 series router and maintains the backup of the
configuration.
As there are no VLAN's or other Layer2 or Layer3 actions, the backups of the production
Switches are not required.

9.2.4 Network Full Recovery Procedure

Procure 4 x 48 port Switches


Setup 1 x core Switch
Connect 4 x floor Switches to the core Switch in star configuration
Start connecting core infrastructure to the network
Test access to infrastructure
Start connecting users to network to access systems
Test user access to systems

9.2.5 Network Component Recovery Procedure


PHYSICAL LINE (PRIMARY 2MB CONNECTION)
Component

Physical Line (circuit number 53-99941-00)

Responsible Company /
Department
Contact Details: Service Desk

Telkom

Actions

0800 510 000

Emakhazeni LM ICT will log the incident of the line down with the WAN (Telkom) provider to
restore the service.
When logging the incident an ETA and incident number should be requested.

Potential time of service


interruption

With WAN connectivity and outages due to incidents such as natural disasters, breakages and cable
theft, an outage can be anything from a couple of hours to several weeks. Emakhazeni LM does have
an SLA on the line, but if the SLA is breached, the conditions only force the WAN provider not to
charge for the service during the outage.

Estimated recovery time:

3 Days (Best Estimate)

ROUTER CISCO 1900


Component

CISCO Router 1900 circuit number 53-99941-00

Responsible Company /
Department
Contact Details: Service Desk

Telkom

Actions

0800 510 000

Emakhazeni LM ICT will log the incident of the Cisco Router with the WAN (Telkom) provider to
investigate & repair.
When logging the incident an ETA and incident number should be requested.

Potential time of service


interruption

Dependent on how quick Telkom can swap out the Router and restore the configuration or setup the
router.

Estimated recovery time:

3 Days (Best Estimate)

24 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

CORE SWITCH
Component

3COM

Responsible Company /
Department
Contact Details: Service Desk

Emakhazeni Local Municipality ICT Department

Actions

N/A
Emakhazeni Local Municipality ICT Department to procure new Core Switch. Configure IP
address for remote management
Send existing failed Switch in for warranty repair, repair or scrap equipment

Potential time of service


interruption

This is a service that is managed by Emakhazeni Local Municipality ICT and as such there exists no
uptime guarantee. The time to restore is governed by the time to procure Hardware as well as the
reinstallation of software

Estimated recovery time

3 Days (Best Estimate)

FLOOR SWITCH
Component

Generic Manufacturer

Responsible Company /
Department
Contact Details: Service Desk

Emakhazeni Local Municipality ICT Department

Actions

Potential time of service


interruption

This is a service that is managed by Emakhazeni Local Municipality ICT and as such there exists no
uptime guarantee. The time to restore is governed by the time to procure Hardware as well as the
reinstallation of software

Estimated recovery time

3 Days (Best Estimate)

N/A
Emakhazeni Local Municipality ICT Department to procure new Floor Switch.
Install Floor Switch reconnect Switching stack
Configure IP address for remote management
Send existing failed Switch in for warranty repair, repair or scrap equipment

9.2.6 Network - Risk & Impact Analysis


The network is setup with a rudimentary design with low levels of fault tolerance.
ESTIMATED SERVICE RESTORATION TIME 3 DAYS
OVERAL RISK RATING
10 (MEDIUM)
SERVICES COMPONENT
IMPACT DESCRIPTION IMPACT

LIKELIHOOD

RISK RATING

ESTIMATED
RECOVERY
TIME

Connectivity

Telkom Line

No external
connectivity (Internet
& Email)

10 (MEDIUM)

3 DAYS

Connectivity

Telkom Router

No external
connectivity (Internet
& Email)

10 (MEDIUM)

3 DAYS

Connectivity

DHCP

If DHCP is not
functional, no
computer can get on
the network.
This is a SPOF since
there is only one
Switch providing this
service

10 (MEDIUM)

4 HOURS

Users directly

1 (LOW)

3 DAYS

Connectivity

Switch
Main Building

25 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

connected to Switch
will lose connectivity
to the LAN
Connectivity

Switch
Corporate and
Community Services

Users directly
connected to Switch
will lose connectivity
to the LAN

5 (LOW)

3 DAYS

9.3 Threat Management Gateway - Overview


Threat Management Gateway is not actively used by all users as an application but ICT is an underlying
service that protects the network from external and internal threats. ICT further allows for the user
management of internet access.

9.3.1 Threat Management Gateway - Architecture & Design


The Threat Management Gateway (TMG) is used as the firewall in the organisation. This firewall is
what governs and manages the access policies in and out of the environment. The firewall is in line
between the external Telkom link and the internal LAN.

Internal LAN

TMG

Internet

9.3.2 Threat Management Gateway Functional Components


PHYSICAL DEVICE
Untangle Firewall (TMG)
CISCO 1900 - Telkom Router 53-99941-00

PHYSICAL LOCATION

IP ADDRESS

Server Room
Server Room

192.168.30.248
N/A

NOTES

26 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

9.3.3 Threat Management Gateway - Backups


A copy of the latest configuration is backed up on the ELM01 server. This will need to be restored
from the C:\TMG Backup files folder in the event of a recovery.
NDMSVMBGFAPP01
DEVICE IP
SERVER ROLE

Application Server

BACKUP GROUP

EMAKHAZENI LM-SRV\SERVERS

BACKUP AGENT VERSION

7.0.1

BACKUP SCHEDULE

Daily backups for this backup set occurs at 19h00

LAST SUCCESSFUL
BACKUP
DATA RETENTION PERIOD

11 June 2013, 19:00

OFFSICTE DATA
RETENTION PERIOD
DATA RECOVERY POINT

Offsite backups to B-site yet

ESTIMATED RESTORE
TIME
DATA PROTECTED

1 Hour Depending on size of data transfer

DATA COMPRESSED

7.63 GB

SELECTION EXPORT DATE

7 June 2013

2 months

RPO (Recovery Point Objective) 24 hours, we run backups daily

8.67 GB

9.3.4 Threat Management Gateway Full Recovery Procedure


FIREWALL UNTANGLE
Component

Intel Server

Responsible Company /
Department
Contact Details: Service Desk

Emakhazeni Local Municipality ICT Department

Actions

N/A

Backing up the Firewall configuration


Resource - http://technet.microsoft.com/en-us/library/cc984454.aspx
System requirements for Untangle
Resource - http://technet.microsoft.com/en-us/library/dd896981.aspx
Secure / procure a server that meets the minimum requirements. (64-bICT, 6GB RAM, Dedicated
6 X 1TB HDD formatted with NTFS file system, 2 x NIC)
Ensure the base / core network is operational in order to connect the Untangle server.
Install OS and Untangle and ensure ICTs on the same patch / service pack level as the Untangle
server being recovered.
Restore the Untangle configuration file. This is the XML export that contains the firewalls
properties.
Import the XML file this restore will reconstruct most configuration details. When importing
always select the option to Overwrite the existing configuration.
Use the password created when the export of the configuration was done to decrypt the
configuration file for Untangle.
Ensure the certificates settings are correct, failure to do so will result in the TMG service not
starting.

Potential time of service


interruption

This is a service that is managed by Emakhazeni Local Municipality ICT Department and as such there
exists no external uptime guarantee or SLA. The time to recover is governed by the time to procure
the required hardware and the reinstallation of software and the configuration thereof.

Estimated recovery time

3 Days (If the configuration is backed up and the equipment is available)

27 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

9.3.5 Threat Management Gateway Component Recovery Procedure


In the event of component failure replacement parts should be ordered and if need be the above
full recovery procedure followed.

Threat Management Gateway - Risk & Impact Analysis


ESTIMATED SERVICE RESTORATION TIME 3 DAYS
OVERAL RISK RATING
5 (LOW)
SERVICES
COMPONENT
IMPACT
DESCRIPTION
Firewall

Service

IMPACT

LIKELIHOOD

RISK
RATING

ESTIMATED
RECOVERY TIME

5 (LOW)

3 DAYS

No external
connectivity
(Internet & Email)
Access policies and
restrictions not
applied

9.4 Domain Controller (Active Directory / AD) - Overview


Active Directory is used by all users and is a crucial underlying component of all systems since ICT
provides an authentication and authorisation functionality. Without Active Directory no users will be
able to login, and therefore access their applications.

9.4.1 Domain Controller (Active Directory / AD) Functional Components


PHYSICAL DEVICE

PHYSICAL LOCATION

IP ADDRESS

NOTES

Server Room

192.168.30.244

Server 2011

Domain Controller Intel Server

9.4.2 Domain Controller (Active Directory / AD) - Backups


An Attix5 agent is loaded on the Active Directory server and backs up the System State of the
machine on a daily basis.
ELM SERVER
DEVICE IP

192.168.30.244

SERVER ROLE

Active Directory

BACKUP GROUP

EMAKHAZENI LM\SERVERS

BACKUP AGENT VERSION

ClearOS

BACKUP SCHEDULE

Daily backups for this backup set occurs at 19h00

DATA RETENTION PERIOD

2 months

OFFSITE DATA RETENTION PERIOD

2 Months

DATA RECOVERY POINT

RPO (Recovery Point Objective) 24 hours, we run backups daily

ESTIMATED RESTORE TIME

1 Hour (depending on size of data)

28 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

9.4.3 Domain Controller (Active Directory / AD) Full Recovery Procedure


ACTIVE DIRECTORY (AD / DOMAIN CONTROLLER)
Component

Domain Controller Server INTEL SERVER

Responsible Company /
Department
Contact Details: Service Desk

Emakhazeni Local Municipality ICT Department

Actions

N/A

Secure / procure a server that meets the minimum requirements. (64-bICT, 6GB RAM, Dedicated
6 X 1TB HDD, 2 x NIC)
Install OS, Service Packs and fixes from media
Install Attix5 agent and connect account to Storage Platform
Restore last backup to original location
Then perform System State Restore
Ensure server is rebooted as required by Microsoft

Potential time of service


interruption

This is a service that is managed by Emakhazeni Local Municipality ICT Department and as such there
exists no external uptime guarantee or SLA. The time to recover is governed by the time to procure
the required hardware and the reinstallation of software and the configuration thereof.

Estimated recovery time

3 Days (If the configuration is backed up and the equipment is available)

9.4.4 Domain Controller (Active Directory / AD) Component Recovery


Procedure
ACTIVE DIRECTORY (AD / DOMAIN CONTROLLER)
Component

Domain Controller Server INTEL SERVER

Responsible Company /
Department
Contact Details: Service Desk

Emakhazeni Local Municipality ICT Department

Actions

N/A

Hardware - Log a call with HP to replace the damaged components. Get the incident number
from the service operator.
Hardware After hardware has been repaired rebuild domain controller from backup if
necessary. Follow the Full Recovery Procedure.
Software If problem cannot be rectified, rebuild from last available backup using the Full
Recovery Procedure.

Potential time of service


interruption

This is a service that is managed by Emakhazeni Local Municipality ICT Department and as such there
exists no external uptime guarantee or SLA. The time to recover is governed by the time to procure
the required hardware and the reinstallation of software and the configuration thereof.

Estimated recovery time

3 Days (If the configuration is backed up and the equipment is available)

9.4.5 Domain Controller (Active Directory / AD) - Risk & Impact Analysis
ESTIMATED SERVICE RESTORATION TIME 3 DAYS
OVERAL RISK RATING
15 (HIGH)
SERVICES
COMPONENT
IMPACT
IMPACT
DESCRIPTION

LIKELIHOOD

RISK
RATING

Active Directory

Service

No
authentication

15 (HIGH)

ESTIMATED
RECOVERY TIME
1 DAY

DNS

Service

Slow or no
authentication

15 (HIGH)

1 DAY

Domain
Controller

Server

No
authentication

15 (HIGH)

3 DAYS

29 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

9.5 Backup Service - Overview


The Backup Service provides backups for all the servers at Emakhazeni Local Municipality for backup
and disaster recovery purposes. The service provides LAN-based backups with the additional
redundancy of a mirror copy of the Data Server data stored offsite at a DR site. This provides access to
easy DR procedure testing without disrupting the operational environment and negates the need for
tape.

9.6 Backup Service - Architecture & Design


The Backup Service is a service that stores backups for all the servers in the organisation. The backup
service is a disaster recovery tool that allows the organisation to have daily backups of the servers to
assist in the event of data loss. The service also provides offsite backups in the event of disaster on the
server that the application resides on.

9.7 Backup Service - Functional Components


PHYSICAL DEVICE

PHYSICAL LOCATION

IP ADDRESS

Server Room

192.168.31.248

Database & File Server (Intel Server)

NOTES

9.7.1 Backup Service - Backups


The Attix5 agent is loaded on the Emakhazeni LM backup server to back up the Storage Platform.
This backup includes the Account and Report Server.
UNTANGLE (INTERNET SERVER)
DEVICE IP

192.168.31.248

SERVER ROLE

File / Data Management System

BACKUP GROUP

EMAKHAZENI LM-SRV\SERVERS

BACKUP AGENT VERSION

7.0.1

BACKUP SCHEDULE

Daily backups for this backup set occurs at 19h00

DATA RETENTION PERIOD

2 months

OFFSITE DATA RETENTION PERIOD

2 Months

DATA RECOVERY POINT

RPO (Recovery Point Objective) 24 hours, we run backups daily

ESTIMATED RESTORE TIME

1 Hour (Depending on data size)

30 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

9.7.2 Backup Service Full Recovery Procedure


BACKUP SERVICE
Component

INTEL SERVER

Responsible Company /
Department
Contact Details: Service Desk

Emakhazeni Local Municipality ICT Department

Actions

Components to be restored:

Storage Platform database

Storage Platform Reports database

N/A

Stage 1: Task file Backup Server from Mirror Server at Entokozweni Office
Requirements:

Mirror Server

The account GUID

The account encryption key

Full access to the Storage Server where the backup data resides

Write access to the target location where the data must be written
Potential time of service
interruption

This is a service that is managed by Emakhazeni Local Municipality ICT Department and as such there
exists no external uptime guarantee or SLA. The time to recover is governed by the time to procure
the required hardware and the reinstallation of software and the configuration thereof.

Estimated recovery time

3 Days (If the configuration is backed and the equipment is available. Further the complete data
restoration time could influence the recovery time due to the amount of data being retrieved and
restored)

9.7.3 Backup Service Component Recovery Procedure


BACKUP SERVICE
Component

INTEL SERVER

Responsible Company /
Department
Contact Details: Service Desk

Emakhazeni Local Municipality ICT Department

Actions

Potential time of service


interruption

Estimated recovery time

N/A
Hardware - Log a call to suppliers to replace the damaged components.
Hardware After hardware has been repaired and should the Backup Service still not work a
rebuild of Server from backup may be necessary. Follow the Full Recovery Procedure in order to
restore the Backup Service.

Software If problem cannot be rectified, rebuild from last available backup using the Full
Recovery Procedure to restore the Backup Service.

Emakhazeni Local Municipality ICT Department to make staff available for testing of the Backup
Service once ICT has been restored.
This is a service that is managed by Emakhazeni Local Municipality ICT Department and as such there
exists no external uptime guarantee or SLA. The time to recover is governed by the time to procure
the required hardware and the reinstallation of software and the configuration thereof.
3 Days (If the configuration is backed and the equipment is available. Further the complete data
restoration time could influence the recovery time due to the amount of data being retrieved and
restored)

31 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

9.7.4 Backup Service - Risk & Impact Analysis


ESTIMATED SERVICE RESTORATION TIME 3 DAYS
OVERAL RISK RATING
15 (HIGH)
SERVICES
COMPONENT
IMPACT DESCRIPTION

Backup

Service

Backup

Server

IMPACT

LIKELIHOOD

RISK
RATING

ESTIMATED
RECOVERY
TIME

No new backups for


organisation at
Emakhazeni Local
Municipality
No access to existing
backups
No access to backup
reports
No account access to
backup platform
No data restoration

10
(MEDIUM)

1 DAY

No new backups for


organisation at
Emakhazeni Local
Municipality
No access to existing
backups
No access to backup
reports
No account access to
backup platform
No data restoration
Potential backup data
loss

15 (HIGH)

3 DAYS

9.8 Antivirus Overview


McAfee Enterprise Anti-virus is deployed to ensure a virus free environment.

9.8.1 Antivirus - Architecture & Design


The antivirus is setup in a centralised design with a master console.

9.8.2 Antivirus - Functional Components


PHYSICAL DEVICE
Internet Router (Cisco 1900)
Firewall - Untangle

PHYSICAL LOCATION

IP ADDRESS

Server Room
Server Room

N/A
192.168.30.248

NOTES

32 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

9.8.3 Antivirus - Backups


An agent is loaded on the App server which houses the AV application and backs up the AV
Databases on the machine.
INTERNET SERVER - UNTANGLE
DEVICE IP

194.168.30.248

SERVER ROLE

Application Server

BACKUP GROUP

EMAKHAZENI LM-SRV\SERVERS

BACKUP AGENT VERSION

7.0.1

BACKUP SCHEDULE

Daily backups for this backup set occurs at 19h00

LAST SUCCESSFUL BACKUP

11 June 2013, 19:00

DATA RETENTION PERIOD

2 months

OFFSICTE DATA RETENTION PERIOD

Offsite backups to B-site yet

DATA RECOVERY POINT

RPO (Recovery Point Objective) 24 hours, we run backups daily

ESTIMATED RESTORE TIME

1 Hour ( Depending size of data)

9.8.4 Antivirus - Risk and Impact Analysis


ESTIMATED SERVICE RESTORATION TIME
3 DAYS
OVERAL RISK RATING
6 (LOW)
SERVICES
COMPONENT IMPACT
DESCRIPTION

IMPACT

LIKELIHOOD

RISK
RATING

ESTIMATED
RECOVERY
TIME

AV Service

Service

Computers will not


be updated with
latest AV patterns,
potentially leading to
virus infections

3 (LOW)

2 DAYS

AV Database

Service

Computers will not


be updated with
latest AV patterns,
potentially leading to
virus infections

3 (LOW)

2 DAYS

NDMSVMBGFAPP01

Server

Computers will not


be updated with
latest AV patterns,
potentially leading to
virus infections

6 (LOW)

3 DAYS

10.System Specific ICT Services

10.1

Mail Service - Overview


The mail services is actively used throughout the day between the hours of 7:00 to 18:00.
Some users access their email on mobile devices like Smart Phones and Tablets. This usage is
generally remote and at all hours of the day or week.

33 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

10.1.1Mail Service - Architecture & Design


The mail system of Emakhazeni Local Municipality is a locally hosted Microsoft Exchange system.
ICT is a single server which does have RAID redundancy on the hard drives. The server is backed up
daily via the Attix5 platform. Mail is not spooled and cleaned via any third parties and is delivered to
and from Emakhazeni Local Municipality via the mail server directly. The firewall at Emakhazeni
Local Municipality is configured to allow for direct access to the mail server via TCP ports 443 and
25.

Internet

10.1.2 Mail Service - Functional Components


DIAGRAM
#
1
2
3
4
5

PHYSICAL DEVICE

PHYSICAL
LOCATION

IP ADDRESS

DNS Provider SAIX / Telkom


Internet Router (Cisco 1900)
Firewall - Untangle
Untangle Domain Controller
CentOS Zimbra Mail

Cloud
Server Room
Server Room
Server Room
Server Room

N/A
N/A
192.168.30.248
192.168.30.244
192.168.30.243

NOTES

10.1.2.1 Authoritative Domains


The following domain is associated with the organisation: Emakhazeni lm.co.za
10.1.2.2 Domain Hosting
On the dnsadmin.gov.za portal ICT only states the domain is registered and no further WHOIS
information is available.
10.1.2.3 Mail Records
The email system on the Internet require Zimbra Mail record that is accessible on the public DNS in
order to be able to find the Post Office (Mail Server) that is responsible for the delivery of mail
destined to a specific addressee (domain) in this instance : mail.emakhazenilm.co.za / zimbra
Record for domain: emakhazenilm.local
10.1.2.4 Mail Server
Only one mail server is implemented and is located in the server room at Emakhazeni Local
Municipality. The name of the server is Virtual Drive - Zimbra
34 |
Page

Emakhazeni Local Municipality


10.1.2.5 Client Access

Disaster Recovery Plan

Access to E-Mail is via Microsoft Outlook, Outlook Web Access (OWA) as well as Outlook Mobile
Access.

10.1.2.6 Inbound Observations


No unified E-Mail management service is currently used. (Spooling, archiving, etc.)

10.1.2.7 Outbound Observations


No unified E-Mail management service is currently used. (Spooling, archiving, SMTP relay, etc.)

10.1.3Mail Service - Backups


Loaded on the Mail server and backs up the DR Server daily.
CentOS - Zimbra
DEVICE IP

192.168.30.243

SERVER ROLE

Zimbra Server

BACKUP GROUP

EMAKHAZENI LM\SERVERS

BACKUP SCHEDULE

Daily backups for this backup set occurs at 19h00

LAST SUCCESSFUL BACKUP

11 June 2013, 19:00

DATA RETENTION PERIOD

2 months

OFFSICTE DATA RETENTION PERIOD

Offsite backups to B-site

DATA RECOVERY POINT

RPO (Recovery Point Objective) 24 hours, we run backups daily

ESTIMATED RESTORE TIME

1 Hour (depending on data size)

10.1.4Mail Service Recovery Procedures


There are two facets to the recovery of the Mail Service. As a disaster can be invoked due to total
mail system outage or component outage which affects only a subset of the mail service but can
cause the mail service not to function.

10.1.4.1

Mail Service Component Recovery Procedure

Component failures are the more general types of service failures to be experienced in an
organisation. These failures could be hardware, software, network or connectivity related.
EXCHANGE MAIL SERVER
Component

Zimbra Mail Server INTEL SERVER

Responsible Company /
Department
Contact Details: Service Desk

Emakhazeni Local Municipality ICT Department

Actions

N/A

Hardware - Log a call with supplier to replace the damaged components.


Hardware After hardware has been repaired and should the Exchange service still not work
rebuild Exchange Server from backup if necessary. Follow the Full Recovery Procedure.
Software If problem cannot be rectified, rebuild from last available backup using the Full
Recovery Procedure.

Potential time of service


interruption

This is a service that is managed by Emakhazeni Local Municipality ICT Department and as such there
exists no external uptime guarantee or SLA. The time to recover is governed by the time to procure
the required hardware and the reinstallation of software and the configuration thereof.

Estimated recovery time

3 Days (If the configuration is backed up and the equipment is available)

35 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

10.1.5 Mail Service - Risk & Impact Analysis


The Mail Service is an important part of the organisation. Mail Services though simple in function
are often complex by design and require various other services to function. These include all of the
Essential ICT Services in the organisation including the Network, Firewall, and Domain Controller as
well as external service providers for the DNS (MX Record) components.
ESTIMATED SERVICE RESTORATION TIME 3 DAYS
OVERAL RISK RATING
10 (MEDIUM)
SERVICES
COMPONENT
IMPACT
IMPACT
DESCRIPTION
DNS Provider

Service

LIKELIHOOD

RISK
RATING

MX record affects
mail delivery
No mail flow out of
the organisation

5 (LOW)

ESTIMATED
RECOVERY
TIME
2 DAYS

Exchange
Service

Service

No mail flow
internally or
externally in the
organisation

5 (LOW)

1 DAY

Exchange
Server

Hardware

No mail flow
internally or
externally in the
organisation

10
(MEDIUM)

3 DAYS

10.2

Munsoft Service - Overview


Munsoft is Municipal Financial & Billing software generally used by the Finance Department.
As part of the Munsoft service a recovery strategy is in place to assist a Municipality in the
event of a disaster. The service includes both backups and DR infrastructure. This process
involves making the Application available on the recovery platform at ICTNA or onsite.

10.2.1Munsoft Service - Architecture & Design


Munsoft is one of the financial systems of Emakhazeni Local Municipality and as such is a very
important system.

36 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

10.2.2Munsoft Service - Functional Components


PHYSICAL DEVICE

PHYSICAL LOCATION

IP ADDRESS

256k Telkom Line (Circuit 63-19439-66)


CISCO - Router

Server Room
Server Room

N/A
N/A

IBM - Munsoft

Server Room

192.168.30.1

NOTES
Provisioned by Telkom as part of the
Munsoft MPLS network.

10.2.3Munsoft Service - Backups


Loaded on the App server which houses the VIP application and backs up the Mail Databases of the
machine.
MUNSOFTDR\EMAKHAZENI LM
DEVICE IP

192.168.30.1

USER

Financial System

BACKUP GROUP

MUNSOFTDR

BACKUP AGENT VERSION

7.0.1

BACKUP SCHEDULE

Daily backups for this backup set occurs at 22h00

LAST SUCCESSFUL BACKUP

13 June 2013, 19:00

DATA RETENTION PERIOD

2 roll-ups

OFFSICTE DATA RETENTION PERIOD

2 roll-ups

DATA RECOVERY POINT

RPO (Recovery Point Objective) 24 hours, we run backups daily

ESTIMATED RESTORE TIME

12 minutes

10.2.4 Munsoft Service Full Recovery Procedure


As part of the Munsoft range service Emakhazeni Local Municipality has subscribed to the Munsoft
DR Service. This service is provided by Munsoft / ICTNA and covers any DR failure on the financial
system.
MUNSOFT SERVICE
Component

IBM Server

Responsible Company /
Department
Contact Details: Service Desk

Emakhazeni Local Municipality ICT Department

Actions

N/A

Emakhazeni Local Municipality ICT Department to call ITNA on 012682-9242


Request to invoke Munsoft Disaster with ICTNA
o
You will be asked a security question
o
The operator will issue an incident reference number
The service provider will provide you with updates as to the DR recovery progress
o
Database recovery progress
o
Restoration of Munsoft Service
Emakhazeni Local Municipality to make staff available for testing on the financial system. This
should ideally be person from both the Finance and ICT Department
Emakhazeni Local Municipality to obtain at minimum 1 x 80 Column Line Matrix Printers, 1 x 136
Column Line Matrix Printer and 1 x High Volume Multi-Function Printer
Emakhazeni Local Municipality to make staff available for testing on the financial system. This
should ideally be person from both the Finance and ICT Department
Post Recovery
A new server will be need to be procured
Munsoft / ICTNA will re-install and restore the system
Further printers to be procured for optimal work distribution by Emakhazeni LM

Potential time of service


interruption

There is a service contract in place that would limit potential downtime to a minimum. Downtime can
be up to 16 work hours.

Estimated recovery time

Next Business Day

37 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

10.2.5Munsoft Service Component Recovery Procedure


MUNSOFT SERVICE
Component

IBM Server

Responsible Company /
Department
Contact Details: Service Desk

Emakhazeni Local Municipality ICT Department

Actions

N/A
Emakhazeni Local Municipality ICT Department to call ICTNA on 012 682-9242 / 0861 234 862
(Office Hours)
Report hardware fault
o
The operator will issue an incident reference number
The service provider will provide you with updates as to the hardware repair
o
Provide estimated IBM Technician arrival
o
Provide progress as to hardware repairs from IBM
Emakhazeni Local Municipality to make staff available for testing on the financial system. This
should ideally be person from both the Finance and ICT Department
Post hardware repairs, should the Munsoft service still not work a rebuild of the system may be
required. Follow the Full Recovery Procedure. Munsoft / ICTNA will re-install and restore the
system if required.
Post component (Software or Hardware) failure repair, if a problem cannot be rectified via the
replacement component a rebuild from last available backup may be required. This is done
using the Full Recovery Procedure provided by Munsoft / ICTNA.

Potential time of service


interruption

There is a service contract in place that would limit potential downtime to a minimum. Downtime can
be up to 16 work hours.

Estimated recovery time

Next Business Day

10.2.6 Munsoft Service - Risk and Impact Analysis


ESTIMATED SERVICE RESTORATION
2 DAYS / 16 HOURS
TIME
OVERAL RISK RATING
5 (LOW)
SERVICES
COMPONENT
IMPACT
IMPACT LIKELIHOOD
DESCRIPTION

RISK
RATING

ESTIMATED
RECOVERY TIME

Munsoft

Service

No access to the
financial system

5 (LOW)

1 DAYS

Munsoft Oracle

Service

No access to the
financial system
Database damage
would need to be
repaired.

5 LOW)

UNKOWN REPAIIR TIME


(Could recover to last
successful backup)

No access to the
financial system

5 (LOW)

Next Business Day


(16 HOURS)

IBM Server

10.3

Server

VIP Payroll Overview


VIP Payroll Premier is one of the financial systems deployed at Emakhazeni Local Municipality
and as such is a very important system. VIP provides NDM with functionalICTy to manage HR
38 |

Page

Emakhazeni Local Municipality

Disaster Recovery Plan

and Payroll functions. Sage / Softline is the company behind VIP Payroll Premier. The VIP
Premier Payroll & HRM system provides one integrated solution for payroll and human
resource management.

10.3.1VIP Payroll Service - Architecture & Design

Client PCs

Client PCs

LAN

MFP

Client PCs

Client PCs

10.3.2 VIP Payroll Service - Functional Components


PHYSICAL DEVICE
Internet Router (Cisco 1900)
Firewall
Core Switch - (3COM)
VIP

PHYSICAL LOCATION

IP ADDRESS

Server Room
Server Room
Server Room
Server Room

N/A
192.168.30.248
N/A
192.168.30.248

NOTES

10.3.3VIP Payroll Service - Backups


Loaded on the App server which houses the VIP application and backs up the Mail Databases of the
machine.
VIP SERVER
DEVICE IP

192.168.30.149

39 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

SERVER ROLE

Application Server

BACKUP GROUP

EMAKHAZENI LM-SRV\SERVERS

BACKUP AGENT VERSION

7.0.1

BACKUP SCHEDULE

Daily backups for this backup set occurs at 19h00

DATA RETENTION PERIOD

2 months

OFFSITE DATA RETENTION PERIOD

192.168.30.149

DATA RECOVERY POINT

RPO (Recovery Point Objective) 24 hours, we run backups daily

ESTIMATED RESTORE TIME

11 minutes

10.3.4 VIP Payroll Service Full Recovery Procedure


VIP PAYROLL SERVICE
Component

INTEL SERVER

Responsible Company /
Department
Contact Details: Service Desk

Emakhazeni Local Municipality ICT Department

Actions

N/A

Secure / procure a server that meets the minimum requirements.


Install OS, Service Packs and fixes from media
Install Attix5 agent and connect account (EMAKHAZENI LM-SRV\SERVERS\NDMSVMBGFAPP01)
to Storage Platform
o
Restore VIP data to original location (D:\SoftlineVIP\Payroll\Premier\) on server
Make a copy of the VIP Premier shortcut on the desktop and rename ICT to e.g.
VIP_Emakhazeni LM
Right click on VIP_Emakhazeni LM shortcut and click on properties
o
change target to : D:\SoftlineVIP\Payroll\Premier\wrun32.exe -s -c cblconfi vipsal.acu
o
change start in to : D:\SoftlineVIP\Payroll\Premier\
Emakhazeni Local Municipality to make staff available for testing on the VIP Payroll financial
system. This should ideally be person from both the Finance and ICT Department

Note: use the new VIP_ Emakhazeni LM shortcut on the desktop to access VIP
Potential time of service
interruption

This is a service that is managed by Emakhazeni Local Municipality ICT Department and as such there
exists no external uptime guarantee or SLA. The time to recover is governed by the time to procure
the required hardware and the reinstallation of software and the configuration thereof.

Estimated recovery time

3 Days (If the configuration is backed up and the equipment is available)

40 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

10.3.5VIP Payroll Service Component Recovery Procedure


VIP PAYROLL SERVICE
Component

INTEL SERVER

Responsible Company /
Department
Contact Details: Service Desk

Emakhazeni Local Municipality ICT Department

Actions

N/A

Hardware - Log a call with Supplier to replace the damaged components.


Hardware After hardware has been repaired and should the VIP service still not work a rebuild
of the Server from backup may be necessary. Follow the Full Recovery Procedure in order to
restore the VIP Service.
Software If problem cannot be rectified, rebuild from last available backup using the Full
Recovery Procedure to restore the VIP service
Emakhazeni Local Municipality to make staff available for testing on the VIP Payroll financial
system. This should ideally be person from both the Finance and ICT Department

Potential time of service


interruption

This is a service that is managed by Emakhazeni Local Municipality ICT Department and as such there
exists no external uptime guarantee or SLA. The time to recover is governed by the time to procure
the required hardware and the reinstallation of software and the configuration thereof.

Estimated recovery time

3 Days (If the configuration is backed up and the equipment is available)

10.3.6 VIP Payroll Service - Risk and Impact Analysis


ESTIMATED SERVICE RESTORATION TIME
3 DAYS
OVERAL RISK RATING
6 (LOW)
SERVICES
COMPONENT IMPACT
DESCRIPTION
VIP Application &
Data

Service

NDMSVMBGFAPP01

Server

10.4

IMPACT

LIKELIHOOD

RISK
RATING

ESTIMATED
RECOVERY
TIME

No finance user will


be able to perform
work on the VIP
Payroll system
HR & Payroll
services will be
interrupted

3 (LOW)

2 DAYS

No finance user will


be able to perform
work on the VIP
Payroll system
HR & Payroll
services will be
interrupted

6 (LOW)

3 DAYS

VIP ESS Service Overview


The Premier ESS (Employee Self Service) system is designed to assist with the organisations
leave process. This online / web based module integrates with our Sage VIP Premier Payroll
and Premier HR systems, allowing your employees to apply for leave online.

41 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

10.4.1VIP ESS Service - Architecture & Design


The Premier ESS service is installed on the APP and DATABASE server and is connected to the
network for the end users to be able to access the web portal located on the APP server.

10.4.2 VIP ESS Service - Functional Components


PHYSICAL DEVICE

PHYSICAL
LOCATION

IP ADDRESS

VIP ESS Portal

Server Room

192.168.30.149

Domain Controller

Server Room

192.168.30.248

NOTES

10.4.3 VIP ESS Service - Backups


The Attix5 agent is loaded on the NDMSVMBGFDAT01 and NDMSVMBGFAPP01 servers where the
VIP ESS application is installed.
VIP SERVER
DEVICE IP

192.168.30.149

SERVER ROLE

File / Data Management System

BACKUP GROUP

EMAKHAZENI LM-SRV\SERVERS

BACKUP AGENT VERSION

7.0.1

BACKUP SCHEDULE

Daily backups for this backup set occurs at 19h00

LAST SUCCESSFUL BACKUP

11 June 2013, 19:00

DATA RETENTION PERIOD

2 months

OFFSICTE DATA RETENTION PERIOD

Offsite backups to DR-site

DATA RECOVERY POINT

RPO (Recovery Point Objective) 24 hours, we run backups daily

ESTIMATED RESTORE TIME

24 minutes

42 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

10.4.4 VIP ESS Service Full Recovery Procedure


VIP ESS SERVICE
Component

INTEL SERVER

Responsible Company /
Department
Contact Details: Service Desk

Emakhazeni Local Municipality ICT Department

Actions

N/A
Secure / procure a server/s that meets the minimum requirements.

VIP ESS Database Server

Install OS, Service Packs and fixes from media on server


o
Restore VIP ESS data to SQL on server
o
Attach ESS database to SQL
VIP ESS Application Server

Install OS, Service Packs and fixes from media on server

Install IIS service with all components from media

Install VIP ESS from media


o
Follow ESS Configuration Wizard
o
Add database details (Name, Server, Authentication Details)

Test ESS service- Emakhazeni Local Municipality to make staff available for testing on the VIP
ESS financial system. This should ideally be persons from both the Finance and ICT Department
Potential time of service
interruption

This is a service that is managed by Emakhazeni Local Municipality ICT Department and as such there
exists no external uptime guarantee or SLA. The time to recover is governed by the time to procure
the required hardware and the reinstallation of software and the configuration thereof.

Estimated recovery time

3 Days (If the configuration is backed up and the equipment is available)

10.4.5VIP ESS Service Component Recovery Procedure


VIP ESS SERVICE
Component

INTEL SERVER

Responsible Company /
Department
Contact Details: Service Desk

Emakhazeni Local Municipality ICT Department

Actions

N/A

Hardware - Log a call with HP to replace the damaged components. Get the incident number
from the service operator.
Hardware After hardware has been repaired and should the VIP ESS Service still not work a
rebuild of the NDMSVMBGFAPP01 or NDMSVMBGFDAT01 Server from backup may be
necessary. Follow the Full Recovery Procedure in order to restore the VIP ESS Service.
Software If problem cannot be rectified, rebuild eICTher or both servers from last available
backup using the Full Recovery Procedure to restore the ESS Service.
Emakhazeni Local Municipality to make staff available for testing on the VIP ESS financial
system. This should ideally be persons from both the Finance and other departments.

Potential time of service


interruption

This is a service that is managed by Emakhazeni Local Municipality ICT Department and as such there
exists no external uptime guarantee or SLA. The time to recover is governed by the time to procure
the required hardware and the reinstallation of software and the configuration thereof.

Estimated recovery time

3 Days (If the configuration is backed up and the equipment is available)

43 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

10.4.6 VIP ESS Service - Risk and Impact Analysis


ESTIMATED SERVICE RESTORATION TIME
3 DAYS
OVERAL RISK RATING
6 (LOW)
SERVICES
COMPONENT IMPACT
DESCRIPTION
VIP ESS Application

Service

VIP ESS Data

Service

NDMSVMBGFAPP01

Server

ELM01

Server

10.5

IMPACT

LIKELIHOOD

RISK
RATING

ESTIMATED
RECOVERY
TIME

No end user will be


able to perform
work on the VIP ESS
system
HR & Payroll
services will be
interrupted

3 (LOW)

2 DAYS

No end user will be


able to perform
work on the VIP ESS
system
HR & Payroll
services will be
interrupted

3 (LOW)

2 DAYS

No end user will be


able to perform
work on the VIP ESS
system
HR & Payroll
services will be
interrupted

6 (LOW)

3 DAYS

No end user will be


able to perform
work on the VIP ESS
system
HR & Payroll
services will be
interrupted

6 (LOW)

3 DAYS

CaseWare Service - Overview


CaseWare is a financial reporting and analysis application used exclusively by the Finance
Department. This is a niche system used by few personnel, in Emakhazeni Local Municipality
case one (1) the Chief Financial Officer in the Finance Department.

10.5.1 CaseWare Service - Architecture & Design


The software is installed on the whom is an end user in the organisation. On the CaseWare software
connects to the Munsoft Service to pull data into the models created by the user. These
configurations, models and template are stored on the locale machine.

10.5.2CaseWare Service - Functional Components


PHYSICAL DEVICE

PHYSICAL LOCATION

IP ADDRESS

IBM - Munsoft

Server Room

192.186

Workstation

Finance Office

192.168

NOTES
Data is imported into CaseWare from
Munsoft
Workstation used by Finance Manager.

44 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

10.5.3 CaseWare Service Full Recovery Procedure


CASEWARE SERVICE
Component

Workstation (Windows 7)

Responsible Company /
Department
Contact Details: Service Desk

Emakhazeni Local Municipality ICT Department

Actions

N/A

Secure / procure a workstation / server


Install Microsoft OS, Service Packs and fixes from media (Desktop or Server OS)
Install Attix5 agent and connect account (EMAKHAZENI LM-PC\COMPUTERS\LPMB01FSALS01)
to Storage Platform
o
Restore CaseWare data to device
Install CaseWare from media
Restore / copy CaseWare data from local device to new CaseWare folder.
Emakhazeni Local Municipality to make staff available for testing on the CaseWare financial
system. This should ideally be person from both the Finance (Chief Financial Officer) and ICT
Department

Potential time of service


interruption

This is a service that is managed by Emakhazeni Local Municipality ICT Department and as such there
exists no external uptime guarantee or SLA. The time to recover is governed by the time to procure
the required hardware and the reinstallation of software and the configuration thereof.

Estimated recovery time

3 Days (If the configuration is backed up and the equipment is available)

10.5.4CaseWare Service Component Recovery Procedure


CASEWARE SERVICE
Component

Workstation (Windows 7)

Responsible Company /
Department
Contact Details: Service Desk

Emakhazeni Local Municipality ICT Department

Actions

N/A

If the Software for CaseWare is still covered by warranty log a call to request ICT to be repaired.
Ensure an incident number is taken from the service provider with an ETA.
Post the hardware repair, should the CaseWare service still not work a rebuild of the CaseWare
workstation may be required. Ensure that the end users data is backed up along with the
CaseWare before such an event ICT under taken. Follow the Full Recovery Procedure in order to
restore the CaseWare Service.
Emakhazeni Local Municipality to make staff available for testing on the CaseWare financial
system. This should ideally be person from both the Finance (Chief Financial Officer) and ICT
Department

Potential time of service


interruption

This is a service that is managed by Emakhazeni Local Municipality ICT Department and as such there
exists no external uptime guarantee or SLA. The time to recover is governed by the time to procure
the required hardware and the reinstallation of software and the configuration thereof.

Estimated recovery time

3 Days (If the configuration is backed up and the equipment is available)

45 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

10.5.5CaseWare Service - Risk and Impact Analysis


ESTIMATED SERVICE RESTORATION TIME
3 DAYS
OVERAL RISK RATING
10 (MEDIUM)
SERVICES
COMPONENT IMPACT
IMPACT
DESCRIPTION

LIKELIHOOD

RISK
RATING

ESTIMATED
RECOVERY
TIME

CaseWare

Service

(Chief Financial
Officer) wont be able
to use the CaseWare
service for reporting

10
(MEDIUM)

3 DAYS

LPMB01FSALS01

Workstation

(Chief Financial
Officer) wont be able
to use the CaseWare
service for reporting

10
(MEDIUM)

3 DAYS

11.Non-Core Services
The following section covers services that were identified in the environment and deemed nonessential or non-core to the Emakhazeni Local Municipality during the development of this report.

11.1

GIS Service (TGIS)


TGIS is running a Proof of Concept for their GIS service / software with the Technical Services
department. Once the formal go ahead for the permanent use of the service has been given
ICT is recommended that the ICT department partake in the take on process should
management of the service be handled by Emakhazeni LM ICT. The GIS service should fall in
line with the rest of the operating procedures of ICT and during the take-on amendments to
the ICT support process should be made to factor in the GIS support.

11.2

IP Cameras Service
The IP Cameras that cover the section of the server room is managed by ICT Department. The
other cameras in the building fall under Corporate Services. These Cameras stream live and
there are no recordings generated or kept.

11.3

Access Control Service


The Access Control is managed and maintained by Corporate Services.

11.4

Corporate Printing Service


Corporate Services High Volume Printers & Binders used for Agendas / Minutes / Municipal
Tender Documents etc. will be outsourced in the event of a disaster until new equipment is
sourced.

11.5

Telephony Services
Emakhazeni LM makes use of various Telkom OptiCon PRI which is a service rendered to the
Municipality by Telkom. These PRI also make use of Telkom lines for the delivery of voice.
OptiCon is a managed telephony service provided by Telkom and as such in the event of an
incident Telkom will provide the relevant assistance.

46 |
Page

Emakhazeni Local Municipality

Disaster Recovery Plan

12.Annexure
12.1

Software List

MANUFACTURER

DESCRIPTION

TYPE

OPEN SOURCE CENTOS

Base operating system

OS

OPEN SOURCE CENTOS

Base operating system

OS

OPEN SOURCE CENTOS

Database server software

VIRTUAL DRIVE ZIMBRA

Email, contacts, calendaring software

APPLICATION

VIRTUAL DRIVE CLEAROS

User Account Management Software

APPLICATION

UNTANGLE

Firewall & Antivirus suite software

Sage VIP Payroll Premier

Payroll software

APPLICATION

Sage VIP ESS

Human Resource & Self-help portal software

APPLICATION

CaseWare

Business Intelligence software

APPLICATION

DATABASE

ANTIVIRUS

47 |
Page