Home page logo

nanog logo nanog mailing list archives

Re: cost of misconfigurations
From: Simon Knight <simon.knight () gmail com>
Date: Thu, 2 Aug 2012 13:52:02 +0930

Quantifying the business costs would be very complex.

Here are some reports and research papers that may be a starting point:
[1]     Juniper Networks, Inc., “What's Behind Network Downtime?,” pp.
1–12, May 2008.
[2]     R. Mahajan, D. Wetherall, and T. Anderson, “Understanding BGP
misconfiguration,” Proceedings of the 2002 conference on Applications,
[3]     A. Medem, R. Teixeira, N. Feamster, and M. Meulle, “Joint analysis
of network incidents and intradomain routing changes,” Network and
Service Management (CNSM), 2010 International Conference on, pp.
198–205, 2010.
[4]     D. Turner, K. Levchenko, A. C. Snoeren, and S. Savage, “California
fault lines: understanding the causes and impact of network failures,”
presented at the SIGCOMM '10: Proceedings of the ACM SIGCOMM 2010
conference on SIGCOMM, 2010.
[5]     Z. Yin, X. Ma, J. Zheng, Y. Zhou, L. N. Bairavasundaram, and S.
Pasupathy, “An empirical study on configuration errors in commercial
and open source systems,” presented at the SOSP '11: Proceedings of
the Twenty-Third ACM Symposium on Operating Systems Principles, 2011.
[6]     Z. Kerravala, “As the Value of Enterprise Networks Escalates,
Does the Need for Configuration Management
,” cs.princeton.edu, 01-Jan.-2004. [Online]. Available:
[Accessed: 09-May-2012].
[7]     W. Enck, P. McDaniel, S. Sen, and P. Sebos, “Configuration
management at massive scale: System design and experience,” USENIX
'07, Jun. 2007.
[8]     R. D. Doverspike, K. K. Ramakrishnan, and C. Chase, “Structural
overview of ISP networks,” Guide to Reliable Internet Services and
Applications, pp. 19–93, 2010.

On 2 August 2012 10:46, George Herbert <george.herbert () gmail com> wrote:
On Wed, Aug 1, 2012 at 5:32 PM, Diogo Montagner
<diogo.montagner () gmail com> wrote:
Hi Darius,

You are right. The lost of a customer due to those things. However, I
would classify this as an unknown situation (in terms of risk
analisys) because the others I mentioned are possible to calculate and
estimate (they are known). But it is very hard to estimate if a
customer will cancel the contract because 1 or n network outages. In
theory, if the customer SLA is not being met consecutively, there is a
potential probability he will cancel the contract.


On the end customer side, I've done a bunch of reliability / risk cost
assessments for various customers over the years.  It's never easy.

For an ISP... customers are fairly locked in, but for big networks and
customers, especially multihoming customers, business goes where they
want it.

SLA costs are easy.  Predicting the final financial impact is hard.

-george william herbert
george.herbert () gmail com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]