410 likes | 596 Views
business on demand Accessing Secure eBusiness Systems from NMCI. An enterprise whose business processes – integrated end-to-end across the company and with key partners, suppliers and customers – can respond with flexibility and speed to any customer demand, market opportunity or threat.
E N D
business on demand Accessing Secure eBusiness Systems from NMCI
An enterprise whose business processes – integrated end-to-end across the company and with key partners, suppliers and customers – can respond with flexibility and speed to any customer demand, market opportunity or threat
Productivity Governance Economy Capital and Asset Utilization Security Threats Pricing Pressures Customer Preferences business technology Open Movement Commoditization Autonomic Computing Web Services Grids Standards Blades Virtualization Clusters Constantly Changing Environment Requires constant improvement in business design and business process on demandbusiness
The evolution of computing Network Era Client/Server Era Centralized Era
Evolution of Business and Computing Organizational Productivity Personal and Departmental Productivity Administrative Productivity Mainframe Network On Demand Client / Server
Financial & Delivery Models BusinessDesign ComputingEnvironment On Demand Business
On demand business Responsive Variable Focused Resilient Financial & Delivery Models BusinessDesign On Demand Business ComputingEnvironment
On Demand Business Requires an On Demand Operating Environment Financial & Delivery Models BusinessDesign ComputingEnvironment On Demand Operating Environment Open Integrated Virtualized Autonomic
On Demand Business Redefines Financial and Delivery Models New ways to pay for and manage IT Flexible Variable Managed Optimized Financial & Delivery Models BusinessDesign ComputingEnvironment
Stages of e-business adoption Access Enterprise Integration On Demand Access Publish Transact Integrate Internally Integrate Externally Adapt Dynamically
Navy One Touch Support A secure ebusiness systemAccessed from NMCI
One Internet Presence One Data Retrieval One View of Data One User Registration Process Single Destination for Logistics Rules and Tools One Touch Support V3.2
Commercially Hosted – DITSCAP Certifiedwww.onetouch.navy.mil • A Technical Architecture that: • Is Scalable, Highly Reliable and Open • Is Flexible and Extensible to support integration and additional interfaces • Complies with Navy and DoD Security Requirements • Is a modular based architecture • incorporating relevant Task Force Web (TFW) web enabled Navy architecture guidance as appropriate • Complies with NMCI issued guidelines
Navy One Touch Support • A Web enabled eBusiness system • Supply side applications and information • Supply chain information • Product availability • Buy products • Relevant logistics rules • Region specific support information • Unifying registration of users of multiple legacy systems at a single point of entry
Users transition to NMCI from legacy domains such as fisc.navy.mil. They just point their enterprise approved browser to onetouch.navy.mil, enter their user ID and password, and continue to conduct ebusiness as usual.
OTS User Population ProfileMay, 2003 Includes 2836 users registered from 275 afloat units* ( the 2836 figure does not include embarked staff & squadrons or other deployed units). • The Other DoD category includes users that have selected the following categories: • Army: 22 • Coast Guard: 74 • DoD Civilian: 465 • DoD Foreign National: 121 • Reservist: 79 • Air Force: 85 • The users in the USMC Category are primarily military (844 of the 930 total) • The Other count includes the 273 users that selected the Other category as well as 44 users that selected the OtherFedGovt category when they registered. • * There an additional 13 USNS Afloat units with 35 Navy Civilian users. Total Afloat units with OTS users is 288. Data Source: OTS Database
First year of operations for OTS v3.2 63 million hits 108 billion byes transferred 920 thousand logins 12 million page views 2 million query transactions 1 million MILSTRIP transactions 13,000 registered users Doing a little eBusiness
What they need, when they need it – On Demand – page views served up by hour • Availability (last 90 days) • 99.97% Available as % of Scheduled Time • 99.55% Total System Availability • 0.42% Scheduled Maintenance • 0.025 Unplanned Downtime (30 minutes) Data Source: IBM SurfAid Analytics (OTS Web Logs)
Demand for requisition status increased during Operation Iraqi Freedom Page Views -Thousands Data Source: IBM SurfAid Analytics (OTS Web Logs)
Access Management • User Registration • DoD Employee Status Verification • If not: • Approval Authority Contact Information Request • Business Functional Approval Work Flow • Sponsor Letter Requirements • User and User Profile Management • Approving/Disapproving Requests • Request Additional Business Functions • Update Contact Information • Reset Password
Core Supply Chain Functions • Applications • Technical Screening, Stock Check, Requisition Input, Requisition Status, File Text Upload, Batch Query • Integrated functions where possible • Example: From Req Status Return • Detail History • Ship Status Details • Follow-up, Modify, Cancel, or Order Again • Technical Screen Item • Access over 30 data sources
Integrated business functions… an illustration that starts with the basic requisition status results
enterprise integration: a stop along the way to business on demand
Promises and Problems The Promise of I/T • Deploying new capabilities • Cost reduction • Efficiency • Security and operational resiliency • Workforce productivity The Problem with I/T • Time to value • Managing complexity and integration • ROI • Constrained resources • Utilization of existing infrastructure
The problem to be solved • The client server legacy • Stovepipe systems • Data access silos • Large scale enterprise integration initiatives: data warehousing, ERP, message brokering • Technical complexity • High risk • Potential for interim loss of user access • or costly parallel operations • Length of time to realization Enterprise Integration Integrate Internally Integrate Externally
External 1 User Group 1 Legacy 1 External 2 User Group 2 Legacy 2 External 3 User Group 3 Legacy 3 User Group 4 Legacy 4 External 4 External 5 The desired end state: Enterprise Integration Existing Systems Architecture User Groups 1-4 New Enterprise Desired End State Legacy 1-4 External 1-5
Seat Licenses Users Enterprise Integration Bridge Navy’s New Enterprise Navy Legacy Systems As “legacy” data moves into the Enterprise system users need access to both legacy and new enterprise data so… you need a bridge between the two
RSC/HTTP VMSIR (includes RAM & R-Supply Ashore) San Diego, Ca Asset Visibility:OTS v3.2 allows users to cross over the enterpriseintegration bridge SQL OTS Boulder, Co UADPS Filerep Mech, Pa WebSphere Server Web Server XML via MQ Chambersburg, Pa SMART-ERP Client Mech, Pa Global Message Server SQL JTAV Medical Pheonix, AZ Batch Response E-Mail SQL JTAV Fuels MQ HTTP Pheonix, AZ HSMS Data Local Retail Data SQL Tier II / SNAPSHOT Mech, Pa FTP SQL HTTPS SAMMS Richmond, Va Nightly Replication DAAS PC-Link HTTP FIMARS Dayton, Oh Mech, Pa SQL ATAV DLA Smartlink DRMS HSMS VMSIR Battle Creek, Mi Tier II / SNAPSHOT Local Retail HTTP D0-35 RRAM SAMMS FISC Message Server Pearl Harbor, Hi IRIS Mech, PA Batch Data Sources Real-Time Data Sources:
DISN/NIPRNET & Smart Link Navy Non-Navy Internet Navy Content Managers IBM Cisco Switch Checkpoint Firewall Load Balancing eNetwork Dispatchers AIX 4.3 Presentation Sun E250 WS003 Vignette CDS/CMS v5.6 iPlanet 4.1 SP 8 Sun E250 WS002 Vignette CDS v5.6 iPlanet 4.1 SP 8 Sun E250 WS001 iPlanet 4.1 SP 8 Application Sun E450 Cluster WebSphere3.5.4 MQSeries 5.3 WS009 WS010 Checkpoint Firewall Data Local Data Replicated Data Req History User Profiles All Sun servers at Solaris 2.8 DS001 DS002 Sun E450 Cluster Oracle 8i EE v1.7DB Server OTS 3.2 Production Environment
Security Architect • DITSCAP Certified • BSM installed • Audit Module that meets the C2-level security specifications as defined in the NCSC `Orange Book' required for government customers. • Network Intrusion Detection • Proactive security policy • TCP/IP Port Vulnerability Scanning • Network Service Auditor (NSA) • Port Scan testing: weekly on all servers • Looking for trends at the site level • ISP providers limit traffic if a Denial of Service attack detected • DoD supplied server certificates for SSL support • Browsers and web service integration • Application level security • USERID/Password • OTS function authority based on user registration and approval process
ESM Super Manager Vulnerability Scan Machine ESM Manager Vulnerability Scan Machine ESM Client ESM Client Firewall (IES GW) DB Server Web Server Application Sys Logs Application Sys Logs Internet Firewall Firewall Firewall Assert Client Assert Client Haxor Assert Sentry Server Help Desk SysAdmins & Build Group Security Notices 9.xxx (MPN Internal IBM Net) TEC I 1.1(IP) MDNS (FR) (Private IP Network) Customer Network Security Architecture • Enterprise Security Manager (ESM) • Weekly Audit for: • - password strength, • - operating system configuration • - file system integrity, • - operating system patches PKI Plug-In • HAXOR - Network Based Intrusion Detection • Intelligent packet decoder/assembler and analyzer • Detects attacks in FRAME, TCP, UDP, WWW, etc. • Basic Security Module (BSM) • C2-level Audit Security • ASERT - Host Based Intrusion Detection • Detects and prevents attempts to probe services • Prevents unauthorized access to TCP & UDP services
Web Service Architecture for OTS Services • Based on Industry Standards • Platform and implementation neutral to provide true interoperability in a heterogeneous environment • Reduces complexity by encapsulation • Enables Interoperability by providing the ability to act as a wrapper for the supply side process to legacy applications • Optimized for Flexibility in order to adapt to Industry and Navy Standards • Reuse of current validation / definition, application, and data access components • Well Defined Component-based Architecture separates SOAP middleware, service interface, business logic, and transaction semantics • Implementation based on SOAP kernel adapting to new SOAP features
Req Parameters Validation Codes Req Submit Web Service Standards (SOAP) OTS EAI-DMF: OTS Transactions SOAP OTS Bridge SOAP XML Message OTS XML Transaction Definitions Web Services Interface Definition Language (IDL) UDDI WSDL Client Access Tools / Widgets • Soap Services • RPCRouter • Bean Serializer Client Proxy Message – Object Serializations HTTPS / SSL Transport Security XML /XSL OTS Service Interface Object SOAP Derived Objects Knowledge Isolated Here SOAP Message WS-Security OTS Generic Interface OTS Business Objects OTS Macro Services Req Life Cycle Macro Service OTS Generic Services Tech Screening Stock Check Req Status Ship Status Inventory Detail Transaction Semantics – Data Access Data Services - Asynchronous Processing