A network disaster recovery plan outlines procedures and policies network teams can follow when a crisis disrupts network services.
The complexity of a network DR plan varies based largely on the network configuration. The keys to a successful plan include understanding network risks and vulnerabilities, defining step-by-step response and recovery procedures, validating these activities through tests and keeping the plan updated.
Factors to include in a network DR plan
When building or updating a network DR plan, network pros must address several issues. Below are some essential factors and questions to consider.
If network architects have diagrammed the network, is the diagram current? Does it reflect any changes in technology, vendor or configuration?
When did teams perform the last network risk assessment? Did they assess physical and logical network elements? Did they also evaluate network perimeter security?
What DR plans are in place? When were they last reviewed and tested?
Local access networks
What is the status of local access resources? Does this access represent a critical single point of failure?
Does the LAN have redundancy built into its structure? Is the cabling safe? Are routers, hubs and switches survivable and housed in secure areas? What inventory of spare LAN components is available?
How redundant are the network links? What happens if a channel fails? What recourse is available if carriers don't provide facility recovery?
How secure and survivable are the ISPs in use? How will they recover internet access if it goes down?
Premises-based PBX systems
Assuming the local phone system uses VoIP technology, what DR support does the vendor provide? What inventory of spare parts is available in case of a failure?
Emergency power systems
In addition to commercial power, what backup power resources are available? Is there enough backup power to run a VoIP system, LAN or WAN? How much backup power do carriers have available in an emergency?
How secure is the network perimeter from unauthorized access via malware, ransomware, phishing, DDoS attacks and other malicious events? What emergency resources are available to recover network integrity? How is encryption used to protect the network and critical data? How often are firewall rules updated?
What backup copies of network security software are available? Where are backup copies of VoIP system software located? Are they up to date?
What backup and recovery assets are in place to recover wireless network resources? What DR services are available from wireless carriers?
These are among the initial questions to ask when embarking on a network DR planning initiative. This graphic identifies the different risk points in current networks. Network teams must address each factor in a network DR plan, assuming all are used.
Depending on the size and complexity of a corporate network, teams can identify many different risk points -- or single points of failure. Identifying each of the risk areas in a network infrastructure is one of the most critical initial activities when preparing a network DR plan.
Strategies and challenges for DR planning
DR plans are essential to protect critical network infrastructure and associated assets. Teams should address the following strategies and challenges when building network DR plans:
- Run risk assessments of all network assets.
- Consider relevant DR standards for guidance.
- Document policies and procedures for DR activities.
- Assess primary and alternate suppliers, such as ISPs, wireless carriers, local exchange carriers and managed network service providers -- e.g., cloud vendors.
- Evaluate diversely routed network configurations, both local access and wide area.
- Conduct inventory of spare parts, including backup copies of network software.
- Review network perimeter protective mechanisms.
- Check backup power systems to see if they're properly sized for the applications or for environmentally safe power alternatives.
- Assess commercial power systems, with an emphasis on diverse routing for power feeds.
- Check power protection, including surge protection, lightning protection and grounding.
- Secure physical space for housing network devices and cabling.
- Assess whether HVAC systems provide a suitable environment for network equipment.
- Test DR plans periodically to ensure backup resources work properly.
- Review and maintain DR resources regularly.
- Confirm access to emergency communications if primary service is unavailable.
- Train network teams in DR procedures.
Create a network DR plan process in 16 steps
The network DR planning process contains several steps, usually in the following sequence:
- Initiate the project, and secure management approval and budget.
- Establish a network DR team.
- Compile network-related documents, including DR plans, procedures, drawings, equipment inventory lists, prior test reports and previous audit reports.
- Run a risk assessment of all relevant network risk points.
- Conduct a business impact analysis to evaluate what happens if network resources are unavailable.
- Develop a network DR policy.
- Develop a strategy, as noted in the previous section.
- Document project management activities.
- Develop the plan with incident-specific procedures.
- Test the plan, and update based on test results.
- Train network teams and employees, and ensure they're aware of necessary steps.
- Document emergency communications, such as wireless and emergency notification.
- Conduct plan reviews, assessments and audits.
- Coordinate with equipment and software vendors.
- Coordinate with local, WAN, wireless and managed service providers, such as cloud providers and ISPs.
- Coordinate with power utility companies.
Tips on network DR planning
The following are some important points to consider when developing a new network DR plan or updating an existing one.
1. Take the process seriously
A plan is essential for protecting network infrastructure and related assets from disruptive events. It doesn't have to be hundreds of pages long. However, it must have the right information, which should be current and accurate. Single- or two-page plans with the right information are more valuable than a huge document nobody will use in an emergency.
2. Look at existing templates
Many sources offer plan templates and guidance for disaster recovery and business continuity (BC).
3. Pay attention to standards
Standards can be helpful in structuring a plan and ensuring the right components are included. Consider the following U.S. standards from NIST:
- NIST Special Publication (SP) 800-14 -- Generally accepted principles and practices for securing IT systems
- NIST SP 800-24 -- PBX vulnerability analysis
- NIST SP 800-34 -- Contingency planning guide for federal information systems
- NIST SP 800-58 -- Security considerations for VoIP systems
- NIST SP 800-94 -- Guide to intrusion detection and intrusion prevention systems
International standards from ISO include the following:
- ISO 22301:2019 -- Security and resilience -- BC management systems -- Requirements
- ISO/IEC 27031:2011 -- IT -- Security techniques -- Guidelines for information and communication technology readiness for BC
4. Keep the planning process and plan simple
If possible, err on the side of simplicity unless the network infrastructure is highly complex.
5. Use provider resources
Enterprises often use third-party service providers, owing to network complexity. Take advantage of the DR resources available from carriers and MSPs, including cloud vendors.
6. Limit plan content to identified DR procedures
Develop a plan that addresses specific incidents and scenarios identified from results of risk assessments and business impact analyses.
7. Broaden plan content
Another option is to take an "all-hazards" approach to network outages, specifically responding to all kinds of network outages.
8. Launch and manage the program
Upon plan completion, perform an exercise to validate the procedures, technology and carrier responses. Establish a schedule of plan reviews, exercises and training.
9. Be adaptable
A single plan may not apply to all networks in use. This step may be especially important when a network serves multiple corporate locations and data centers. Different plans may be needed for LANs, WANs, VoIP systems, wireless and other specialized networks.
10. Consider other resources
Multiple BCDR planning tools are available, as are many managed network service providers and consultants experienced in network DR.
Network DR plan checklist
The following checklist represents a network DR plan for responding to a disruption in network services.
Initial emergency contact data
Provide a list of emergency contacts at the front of the plan to save time
Provide a page that lists plan revisions
Purpose and scope
Provide details on plan assumptions and scope, team descriptions, types of network disruptions covered in the plan and other relevant background information
Network DR teams, vendor and carrier contacts
Lists of teams, internal company contacts, external contacts with vendors, carriers, utility companies and others
Policy and standards
Provide a policy statement on network DR activities; reference applicable standards
Initial response procedures
Gather information on the incident, assess the severity as quickly as possible, begin notifying key people on the incident; convene meetings as soon as possible with IT network emergency team members to evaluate the facts before proceeding
Stand down if no emergency
If the incident is not serious and can be quickly fixed, teams can stand down; a review and report of the incident should be produced
Disaster declaration and plan launch
Assuming the disruption is significant, authorized personnel can declare a disaster and launch the DR plan
Incident response procedures
Follow step-by-step procedures to triage the disruption if possible, contact vendors and carriers, alert senior management
Follow step-by-step procedures, in coordination with vendors and carriers, to affect a recovery and restart of disrupted network services
Assuming the disruption has been mitigated, follow step-by-step procedures to restore network operations, restore network devices and related activities
Post-event review and assessment
Convene a meeting with all emergency team members to assess how well the response and recovery occurred; include vendors and carriers; identify what may be needed to improve responses in the future
Describe how often the plan is to be exercised, and by whom
Awareness and training
Periodically update employees on network DR planning and ensure that DR team members receive training updates
These can include contact details on all IT and non-IT emergency teams, primary and alternate network vendors, alternate network configuration data and other relevant information. It is important to keep this information up to date.
Download the network DR checklist here.