As public safety agencies continue to embrace cloud-based technology to enhance efficiency and reduce costs, the critical importance of internet access becomes evident. While cloud-based software often boasts impressive uptime, any disruption to internet connectivity can severely impede critical public safety services. In this pursuit of fully redundant internet connections, agencies must consider several specific points of failure to ensure seamless operations.
Internet Service Outages
Redundant Internet Service Providers (ISPs) & Delivery Methods
One of the primary considerations for redundancy is ensuring access to multiple ISPs. If one ISP experiences a network failure or falls victim to a cyber-security incident ↗, having an alternate ISP becomes crucial. Larger cities typically have multiple ISPs available, making it relatively straightforward to secure redundancy. However, rural communities might face challenges in this regard.
In recent times, these rural agencies have explored alternative options such as satellite or LTE broadband providers. The adoption of wireless technologies is gradually gaining momentum as a viable backup solution, especially with the availability of public safety-grade broadband options like FirstNet ↗. These technologies offer a more reliable backup in case of wired connectivity failures.
For agencies operating in remote or underserved areas where laying traditional fiber-optic cables might be impractical or cost-prohibitive, microwave connections offer an economical alternative. By leveraging existing infrastructure or installing microwave radio equipment on towers or rooftops, agencies can rapidly deploy high-speed connectivity without the need for extensive construction efforts. This cost-effectiveness makes microwave connections an attractive option for agencies seeking reliable internet access on a budget.
Physical Connection Redundancy
For true redundancy, it’s essential to ensure physical cables and wiring from separate ISPs follow distinct paths and enter the building through separate locations. Crossing or touching of internet connections at any point poses a risk, as a single incident in that specific location could damage both cables. Agencies must avoid situations where a fallen tree or accident at a particular spot disrupts both connections due to parallel cable routing.
Seeking the most diverse means of obtaining internet connections from different providers can also be beneficial. For example, connecting through both a telephone company and a cable company provides more redundancy than using two cable companies. However, it’s crucial to note that even different providers might share underlying infrastructure, so careful consideration is required.
Moreover, agencies can enhance diversity by establishing multiple entry points into the building. This approach enables seamless traffic rerouting in the event of damage or disruption to one entry point.
Software-Defined Wide Area Network (SD-WAN) Solutions
Deputy Director Christopher Ryan of the MA State 911 Department recommends exploring SD-WAN solutions to augment internet redundancy. SD-WAN stands out as it operates with only one set of IP addresses, simplifying firewall routing statements and connections reliant on specific IP addresses (e.g., CJIS). Whenever an ISP failure or latency/jitter issue arises, the SD-WAN solution seamlessly switches between the two ISPs.
SD-WAN solutions offer constant circuit monitoring, performing multiple health checks for packet loss, latency, and jitter every second. If the SD-WAN appliance detects an ISP gateway failure or underlying circuit degradation, it automatically reroutes traffic to a more reliable path, whenever available.
Loss of Power
In addition to ensuring robust internet redundancy, public safety agencies must address the critical aspect of power supply redundancy. Power outages can have severe consequences, affecting the functionality of cloud-based systems ↗ and disrupting essential public safety services. Therefore, integrating redundant power circuits and Uninterruptible Power Supply (UPS) units is crucial to maintain continuous operations.
Redundant Power Circuits
To protect against power supply failures, public safety agencies should establish redundant power circuits to their critical infrastructure. A redundant power circuit involves connecting essential equipment and systems to two separate power sources originating from different utility feeds or power grids. In the event of a power outage or failure in one circuit, the redundant circuit immediately takes over, ensuring uninterrupted power supply.
When designing redundant power circuits, it is essential to consider diverse power sources to minimize the risk of both circuits being affected by the same external event. For example, connecting one circuit to the local power grid and the other to a dedicated backup generator or an alternative utility provider enhances redundancy significantly.
Uninterruptible Power Supply (UPS)
Despite the establishment of redundant power circuits, brief power fluctuations or temporary outages can still occur. In such situations, Uninterruptible Power Supply (UPS) units play a vital role in safeguarding critical equipment and systems.
A UPS is a backup power source that provides immediate power to connected devices during power interruptions. It acts as a bridge between the main power supply and the equipment, ensuring continuous power supply even in the event of a power outage. UPS units are commonly used to protect servers, network equipment, and other mission-critical hardware.
There are different types of UPS units available, each offering varying levels of protection. Public safety agencies should consider investing in online or double-conversion UPS units, as they provide the highest level of power protection. In an online UPS, the connected equipment continuously receives power from the battery, while the UPS itself remains in constant communication with the main power supply. This setup ensures that there is no transfer time between the main power and the UPS battery, eliminating any potential downtime.
Battery Redundancy & Maintenance
To maintain optimal performance, UPS units require proper maintenance and monitoring. Regularly scheduled inspections and battery replacements are essential to ensure that the UPS units can function effectively during emergencies. Agencies should develop maintenance protocols that include testing UPS functionality, verifying battery health, and promptly replacing any degraded batteries.
Moreover, for an added layer of UPS redundancy, larger public safety agencies might consider implementing N+1 or N+2 configurations. N+1 means having one additional UPS unit as a backup for every N units, while N+2 entails having two additional UPS units. This approach ensures that even if one UPS unit experiences a failure or requires maintenance, the redundant units are readily available to take over without compromising power supply to critical equipment.
Networking Hardware Failures
In the pursuit of ensuring maximum reliability and uptime for critical public safety operations, redundant networking hardware plays a pivotal role. Redundancy at the networking hardware level not only minimizes the risk of network outages but also enhances overall network performance and resilience. Public safety agencies should carefully consider implementing redundant networking hardware to create a robust and fail-safe network infrastructure.
Redundant Network Switches & Routers
One of the primary components of network redundancy is deploying redundant network switches and routers. These devices act as the backbone of the network, directing data traffic and ensuring seamless communication between various connected devices. By using redundant switches and routers, agencies can eliminate single points of failure, thereby reducing the risk of network downtime.
Agencies can adopt various redundancy protocols, such as the Virtual Router Redundancy Protocol (VRRP) or the Hot Standby Router Protocol (HSRP), to enable automatic failover between primary and backup routers. With VRRP or HSRP in place, if the primary router experiences a malfunction or becomes unavailable, the backup router seamlessly takes over, ensuring uninterrupted network connectivity.
Network Path Redundancy
Incorporating network path redundancy is another crucial aspect of enhancing network reliability. Public safety agencies should consider multiple network paths to connect their critical systems and devices. This entails using diverse physical connections, such as Ethernet cables from different vendors or connecting through separate fiber routes.
Redundant network paths prevent a single point of failure from disrupting the entire network. If one path experiences an issue or outage, traffic is automatically rerouted through an alternate path, ensuring continuous data transmission and access to cloud-based services.
Load Balancers
Load balancers are essential components for distributing network traffic evenly across multiple servers or network links. In the context of redundant networking hardware, load balancers can optimize network performance by intelligently distributing data traffic among redundant paths, switches, or routers.
By leveraging load balancers, public safety agencies can ensure that each network component is utilized efficiently and that no single device becomes overwhelmed with excessive traffic. Load balancers also contribute to fault tolerance, as they can detect and reroute traffic away from any malfunctioning or congested network element, maintaining network stability.
Network Monitoring & Management
To maintain an optimal network environment, continuous monitoring and proactive management are essential. Public safety agencies should invest in robust network monitoring tools that provide real-time insights into the network’s health and performance. These tools can detect potential issues or anomalies before they escalate into critical problems.
Furthermore, implementing proactive network management practices, such as regular firmware updates, configuration audits, and performance optimization, ensures that the redundant networking hardware operates at peak efficiency and remains ready to handle any unforeseen circumstances.
Cybersecurity Attacks
Cybersecurity measures are paramount for public safety agencies to protect their systems and ensure they do not go down due to cyber-attacks ↗ or unauthorized access. Implementing robust cybersecurity practices helps safeguard critical infrastructure, sensitive data, and communication networks.
Here are some key cybersecurity measures that public safety agencies should have in place to ensure the integrity and availability of their systems:
Firewalls & Intrusion Detection/Prevention Systems (IDS/IPS)
Firewalls serve as the first line of defense by monitoring and controlling incoming and outgoing network traffic. Combining firewalls with IDS/IPS adds an extra layer of protection by identifying and blocking suspicious activities or potential cyber threats in real-time.
Secure Network Architecture
Public safety agencies should design their network architecture with security in mind. Segmentation of the network into isolated zones, each with its security policies, helps contain and minimize the impact of potential security breaches.
Strong Authentication & Access Control
Implementing strong authentication mechanisms, such as multi-factor authentication (MFA), ensures that only authorized personnel can access critical systems and data. Strict access controls limit user privileges to only what is necessary for their roles, reducing the risk of unauthorized access.
Regular Software Updates & Patch Management
Promptly applying software updates and security patches is essential to protect against known vulnerabilities. Public safety agencies should have a well-defined patch management process to ensure that all systems and applications remain up-to-date.
Employee Training & Awareness
Human error is a significant factor in many cybersecurity incidents. Providing regular cybersecurity training and awareness programs ↗ to employees helps them recognize and avoid phishing attempts, social engineering tactics, and other cyber threats.
Data Encryption
Sensitive data, both in transit and at rest, should be encrypted to protect it from unauthorized access. Encryption ensures that even if data is intercepted or stolen, it remains unreadable without the appropriate decryption keys.
Incident Response & Recovery Plans
Developing comprehensive incident response and recovery plans ↗ enable agencies to respond swiftly and effectively to cyber incidents. These plans outline the steps to identify, contain, mitigate, and recover from cybersecurity breaches.
Regular Security Audits and Penetration Testing
Periodic security audits and penetration testing help assess the overall security posture of the agency’s systems. Identifying vulnerabilities proactively allows for their timely remediation, reducing the risk of potential system downtime.
Continuous Monitoring & Threat Intelligence
Deploying solutions for continuous monitoring ↗ enables real-time detection of unusual activities and potential threats. Staying informed about the latest cybersecurity threats through threat intelligence feeds enhances preparedness against emerging threats.
By integrating these cybersecurity measures into their operations, public safety agencies can significantly reduce the risk of cyber incidents and maintain the availability and integrity of their systems, ensuring seamless operations and the ability to respond effectively to emergencies.
Conclusion
In the pursuit of robust redundancy and uninterrupted operations, public safety agencies must adopt a multi-faceted approach that encompasses various critical aspects of their infrastructure and operations. By integrating these comprehensive measures, public safety agencies can create a resilient and robust infrastructure that minimizes the risk of downtime and disruptions. These efforts enhance the agency’s ability to respond effectively to emergencies, protect public safety, and ensure seamless operations to serve the community efficiently.