If you’re planning to take the SY0-501 version of the Security+ exam, you should understand physical security controls. This includes implementing environmental controls that ensure temperature and humidity controls are operating properly, fire suppression systems are in place, and proper procedures are used when running cables.
For example, can you answer this question?
Q. Your organization is planning to expand its cloud-based services. In preparation, they expanded the datacenter. It currently includes a full row of server racks but the expansion will support two full rows. Management directed that the second row of server racks must face in the opposite direction of the first row. What is the primary reason for this configuration?
A. To create hot and cold aisles
B. To reduce power consumption from the servers
C. To provide fire suppression
D. To increase physical security
More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation are available at the end of this post.
Heating, Ventilation, and Air Conditioning
Heating, ventilation, and air conditioning (HVAC) systems are important physical security controls that enhance the availability of systems. Quite simply, computers and other electronic equipment can’t handle drastic changes in temperatures, especially hot temperatures. If systems overheat, the chips can actually burn themselves out.
The cooling capacity of HVAC systems is measured as tonnage. This has nothing to do with weight, but instead refers to cooling capacity. One ton of cooling equals 12,000 British thermal units per hour (Btu/hour), and typical home HVAC systems are three-ton units. Higher-tonnage HVAC systems can cool larger areas or areas with equipment generating more heat.
The amount of air conditioning needed to cool a massive data center is much greater than you need to cool your home, primarily because of all the heat generated by the equipment. If your home air conditioner fails in the middle of summer, you might be a little uncomfortable for a while, but if the data center HVAC system fails, it can result in loss of availability and a substantial loss of money.
I worked in several environments where we had a policy of shutting down all electronics when the room temperature reached a certain threshold. When we didn’t follow the policy, the systems often developed problems due to the heat and ended up out of commission for a lot longer than the AC.
Most servers aren’t in cases like a typical desktop computer. Instead, they are housed in rack-mountable cases. These rack-mountable servers are installed in equipment cabinets (also called racks or bays) about the size of tall refrigerators. A large data center will have multiple cabinets lined up beside each other in multiple rows.
These cabinets usually have locking doors in the front and rear for physical security. The doors are perforated with cold air coming in the front, passing over and through the servers to keep them cool, and warmer air exiting out the rear. Additionally, a server room has raised flooring with air conditioning pumping through the space under the raised floor.
Hot and Cold Aisles
Hot and cold aisles help regulate the cooling in data centers with multiple rows of cabinets. The back of all the cabinets in one row faces the back of all the cabinets in an adjacent row. Because the hot air exits out the back of the cabinet, the aisle with the backs facing each other is the hot aisle.
Similarly, the front of the cabinets in one row is facing the front of the cabinets in the adjacent row. Cool air is pumped through the floor to this cool aisle using perforated floor tiles in the raised flooring. This is the cold aisle. In some designs, cool air is also pumped through the base of the cabinets. This depends on the design of the cabinets and the needs of the equipment. Consider what happens if all the cabinets had their front facing the same way without a hot/cold aisle design. The hot air pumping out the back of one row of cabinets would be sent to the front of the cabinets behind them. The front row would have very cold air coming in the
front, but other rows would have warmer air coming in the front.
Of course, an HVAC also includes a thermostat as a temperature control and additional humidity controls. The thermostat ensures that the air temperature is controlled and maintained. Similarly, humidity controls ensure that the humidity is controlled. High humidity can cause condensation on the equipment, which causes water damage. Low humidity allows a higher incidence of electrostatic discharge (ESD).
HVAC and Fire
HVAC systems are often integrated with fire alarm systems to help prevent a fire from spreading. One of the core elements of a fire is oxygen. If the HVAC system continues to operate normally while a fire is active, it continues to pump oxygen, which feeds the fire. When the HVAC system is integrated with the fire alarm system, it controls the airflow to help prevent the rapid spread of the fire. Many current HVAC systems have dampers that can control airflow to specific areas of a building. Other HVAC systems automatically turn off when fire suppression systems detect a fire.
Q. Your organization is planning to expand its cloud-based services. In preparation, they expanded the datacenter. It currently includes a full row of server racks but the expansion will support two full rows. Management directed that the second row of server racks must face in the opposite direction of the first row. What is the primary reason for this configuration?
A. To create hot and cold aisles
B. To reduce power consumption from the servers
C. To provide fire suppression
D. To increase physical security
Answer is A. Hot and cold aisles have server rows facing in the opposite direction and provide more efficient cooling of systems within a data center.
While hot and cold aisles can reduce power consumption from the heating, ventilation, and air conditioning (HVAC) system, modifying the direction of the server rows does not reduce power consumption from the servers.
This configuration doesn’t provide fire suppression capabilities.
As an environmental control, hot and cold aisles are physical security controls, that isn’t the primary reason for them.
See Chapter 9 of the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide for more information on environmental controls.