Page 588 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 588
Server-Based Systems
An important area of server-based concern, which may include clients
as well, is the issue of data flow control. Data flow is the movement of
data between processes, between devices, across a network, or over
communication channels. Management of data flow ensures not only
efficient transmission with minimal delays or latency, but also reliable
throughput using hashing and confidentiality protection with
encryption. Data flow control also ensures that receiving systems are
not overloaded with traffic, especially to the point of dropping
connections or being subject to a malicious or even self-inflicted denial
of service. When data overflow occurs, data may be lost or corrupted
or may trigger a need for retransmission. These results are
undesirable, and data flow control is often implemented to prevent
these issues from occurring. Data flow control may be provided by
networking devices, including routers and switches, as well as network
applications and services.
A load balancer is used to spread or distribute network traffic load
across several network links or network devices. A load balancer may
be able to provide more control over data flow. The purpose of load
balancing is to obtain more optimal infrastructure utilization,
minimize response time, maximize throughput, reduce overloading,
and eliminate bottlenecks. Although load balancing can be used in a
variety of situations, a common implementation is spreading a load
across multiple members of a server farm or cluster. A load balancer
might use a variety of techniques to perform load distribution,
including random choice, round robin, load/utilization monitoring,
and preferencing.
A denial-of-service attack can be a severe detriment to data flow
control. It is important to monitor for DoS attacks and implement
mitigations. Please see Chapters 12 and 17 for a discussion of these
attacks and potential defenses.
