Objective

A briefing for the understanding of the

value added by the IT Department of a
business so that:

non-IT managers and staff
can effectively collaborate with the IT
Department; and

CEO of the enterprise can direct the
use of Information Technology for
the business applications.
 Agenda

(1) Mission of the IT Department.

(2) Value added Services.

(3) IT infrastructure for business

enterprise.
 Agenda

(4) Systems security.

(5) Exploiting Internet and intranet to

enhance business operations and
the challenge of integration with
partners, vendors and buyers.
 Agenda

(6) e-business and Application

Development.

(7) Knowledge management and the use of

web parts to create self-service portal.
 Agenda

(8) Storage Area Network (SAN) and

Network Access Systems (NAS).

(5) Business Recovery Process.

(7) Best Practices.

 Agenda
(1) Mission of the IT Department.

(2) Value added Services.

(3) IT infrastructure for business

enterprise.
Mission of an IT Department

 To provide technology vision and directions

for effective use of Information Technology
for the group of companies in the business.

 To use Information Technology to leverage on

Business.
Mission of an IT Department

Mission of Hennepin County Medical Center

 Agenda

(1) Mission of the IT Department.

(2) Value added Services.

(3) IT infrastructure for business

enterprise.
 Value Added services of a
Group IT Department

 Technology directions and strategies.

 Group initiatives on group systems and group

procurements.

 Knowledge sharing and technology transfer.

 Enforcement of policy and group practice.

Value Added services of an IT
Department

 To provide technical support, establishing and

implementing IT process and application
development.

 To enhance business workflow with IT

infrastructure, tools, applications, skilled
manpower and information management.
Value Added services of an IT
Department
Value Added services of an IT
Department
Value Added services of an IT
Department
Value Added services of an IT
Department
 Agenda

(1) Mission of the IT Department

(2) Value added Services.

(3) IT infrastructure for business

enterprise.
IT infrastructure
 CAN, PAN, LAN and WAN.

 Wireless LAN :

 Security issues
 Coverage
 Stability
 IT infrastructure
Network Type Wired Wireless

LAN IEEE 802.3(Ethernet) IEEE 802.11X

PAN IEEE 1394 USB IEEE 802.15.1
IEEE 802.15.3
IEEE 802.15.4
MAN Broadband(DSL, cable) IEEE 802.16

MAN LAN
 Wide Area Network Infrastructure
Wuhan
Shanghai

Beijing
China

New Delhi
Nan Tong
Medan

Binta
s
mbp

Pune India Frame Relay

ps
Cloud

mb
Indonesia
1
ine

e2
L

Lin
sed

ed
Padang
Lea

as
Mumbai

Le
Jakarta
512
e
d Lin
s
ase kbp
Le
N
Singapore

E
 IT infrastructure of a Business Enterprise
Roaming Internet
Users Router LAN LAN
Intruder LAN
Detection Web server
Firewall
RAS LANs in overseas
LAN
iPass Router
LAN
Server LAN at Internet
Mail Svr Service Provider LAN
LAN
LAN Local LANs

E-Cop
Router
Router
Switch Firewall Server Firewall
Firewall
LAN at HQ
Computer Computer
Switch Computer Anti-virus svr
Roaming
LAN Radius server
ComputerComputerComputerServerMainframe
Laptop
Computer Users

LAN at Business Computer

Laptop Computer Minicomputer
Server Server Server
Recovery Site
Minicomputer Laptop Computer
 Wireless LAN
of NUS
Network
Serve
Controller
r

Lapto
p Network Multi-layer
Switch
Network Multi-layer
Switch

Network
Switch Network Multi-layer
Computer Switch
Access Point
Network Multi-layer
Switch
Network Multi-layer
Switch
Hand held
computer
Cell phone
 Agenda

(4) Systems security.

(5) Exploiting Internet and intranet to

enhance business operations and
the challenge of integration with
vendors and buyers.
Source of Security Threat

 Security issues :

 People
 Process
 Technology
Source of Security Threat
 Security can be compromised through:

 Attack through internet

 Employee misuse
 Computer virus
 Vandalism
 Denial of services
Aggravation of Security Threat

 Multiple connections into corporate

network

 e-Business operates 7x24

 Shortage of security skills

Aggravation of Security Threat

 Pressure of time to market has caused

the followings:

 Buggy code
 Design flaws
 New vulnerability
 Security Management

 Security Policy :

 BS7799 Compliant Policy Design

and Review
 Site Security Policy
 Acceptable Use Policy
 Escalation and incident response
procedure
 Security Audit
 IT Audit

 Measure regularly against best

practices over time
 Periodic audit on Policy compliance
 Periodic checking and testing of security
systems
 Assess vulnerability
 Tools for Network Security
 PGP (Pretty Good Privacy) / Digital
Certificate

 Firewall and Virtual Private Network

 Host and Network Intrusion Detection

 Security Surveillance – Electronic Cop

 Anti-virus Software
 Tools for Network Security
 PGP (Pretty Good Privacy) / Digital
Certificate

 Firewall and Virtual Private Network

 Host and Network Intrusion Detection

 Security Surveillance – Electronic Cop

 Anti-virus Software
 Pretty Good Privacy (PGP)
 PGP (Pretty Good Privacy) protects privacy
of email, message and files with public key
cryptography with key pair to maintain
secure communications

Anti-nuclear activist Philip

Zimmerman created PGP in
1991
 Pretty Good Privacy (PGP)
Asymmetric
cryptography

Source: Wikipedia
 Pretty Good Privacy (PGP)
Asymmetric
cryptography

Source: Wikipedia
 Pretty Good Privacy (PGP)

Symmetric
Cipher

Source: Wikipedia
Private and Public Key pair

 When A sends a private email message to B,

A uses B’s public key (stored on digital
keyrings i .e. a file normally called
pubring.pkr in c: or a: drive) to encrypt
information which can only be deciphered by
using B’s private key (normally in a file called
secring.skr)
 Administration of PGP

 PGP requires an Administrator of keyserver

so that the user can send PGP public key to
the PGP keyserver to authenticate the user
and verify the digital signature.

 Sender of PGP email must retrieve the public

key of email receiver to allow him to encrypt
email.
 Digital Signature

 Can use private key of A to sign digitally so

that when B receives the email, B can
authenticate whether A has sent the email and
whether the email has been altered while in
transit.
Digital Signature
Digital Signature
 Digital
Signature
 Limitation of PGP

 Unable to decrypt any information if private

keyring is lost.

 Passphrase protects private key and should

not be forgotten.
 Digital Certificate
 Tele-working through VPN authentication
 Secure confidential files and folders
 Client / server, intranet applications
 Capable of Web monitoring, web page
authentication, web server authentication
through SSL certificate

A digital certificate contains the digital signature of the

certificate-issuing authority so that anyone can verify that
the certificate is real.
Digital Certificate
PGP vs Digital Certificate

VPN
Certificate
Laptop
Server of
City Certification Authority
WAN

Secure
VPN
VPN Tunnel
Firewall gateway
Firewall
Router
Router
Switch
Switch
Workstation
Computer
Workstation
Computer
Mainframe
Mainframe

PGP Server
Printer Minicomputer
Server
Printer Minicomputer

Computer USB Token

Computer
 PGP vs Digital Certificate

PGP Digital Certificate

No common source of trust Trusted Certification Authority (CA)

Trust inherited from user Trust inherited from CA

Storage Media: Hard disk, Storage Media: Token, diskette

diskette

Keys are not changed Keys are updated periodically

CA manages keys. Recovers, backup,

User manages own keys LDAP directory
 Tools for Network Security
 PGP (Pretty Good Privacy) vs Digital
Certificate

 Firewall and Virtual Private Network

 Host and Network Intrusion Detection

 Security Surveillance – Electronic Cop

 Anti-virus Software
 Firewall
 A firewall examines all traffic routed
between computers and the internet to see if
it meets the policy or certain criteria. If it
does not meet the criteria, the traffic is
stopped.

Checkpoint
firewall
Firewall
 Virtual Private Network

se
d
WAN Le a
sed Nokia VPN
a Line
Le ine
L Secure
VPN
VPN Tunnel
Firewall gateway
Firewall
Router
Router VPN Box
VPN Box Switch
City Switch
Workstation
Computer
Workstation
Computer
City Mainframe
Mainframe

Server

Printer Minicomputer
Printer Minicomputer
Server

Computer USB Token

Computer
Nokia VPN
 Precaution Against Hacking

 Install and update reliable anti-virus

software (e.g. McAfee or Symantec) and
check system viruses regularly

 Install Firewall (e.g. Check Point or

Norton Personal Firewall) to prevent
Internet users from getting access to
sensitive data
 Precaution Against Hacking

Microsoft
French web
site hacked
 Precaution Against Hacking

Nokia web
site hacked
 W32.Blaster.worm
Smaller users hardest hit by Blaster
virus Worm programmed to attack
Microsoft site on Saturday
Friday, August 15, 2003
                      
Starting Saturday (16 Aug
2003), Blaster is
programmed to use these
infected machines to
attack the Web site
Microsoft uses to
distribute software
updates. But no one knows
how many PCs are
infected.
Virus, worm and Trojan horse

A computer virus attaches itself to a program

or file so it can spread from one computer to
another, leaving infections as it travels.

 Almost all viruses are attached to an

executable file, which means the virus may
exist on your computer but it cannot infect
your computer unless you run or open the
malicious program.
Virus
Virus, worm and Trojan horse

A worm is similar to a virus by its design, and

is considered to be a sub-class of a virus.
Worms spread from computer to computer,
but unlike a virus, it has the capability to
travel without any help from a person.

One example would be for a worm to send a

copy of itself to everyone listed in your e-mail
address book.
Worm
Virus, worm and Trojan horse

 The Trojan Horse, at first glance will appear

to be useful software but will actually do
damage once installed or run on your
computer.
Virus, worm and Trojan horse

 Some Trojans are designed to be more annoying

than malicious (like changing your desktop, adding
silly active desktop icons) or they can cause serious
damage by deleting files and destroying information
on your system.

 Trojansare also known to create a backdoor on

your computer that gives malicious users access to
your system, possibly allowing confidential or
personal information to be compromised.
Trojan horse
Precaution Against Hacking
 Download any security updates that are
released by software publishers. This include
software for the operating systems, firewall,
intruder detection and anti-virus systems.
Precaution Against Hacking

 Freeware is often the source of computer

viruses. Only download from reputable website
and check that the servers hosting the site are
protected against viruses
 Precaution Against Hacking
 Do not transact e-business or access internet
bank account through a public computer.
Make it a habit to delete web browser cache
and history after each internet session.
Sensitive information in the cache and history
can be accessed by others.
Precaution Against Hacking
Precaution Against Hacking
 Do not open an e-mail with a suspicious
attachment. Delete both the e-mail and
attachment.

 Do not accept the offer of the web browser to

remember your password or credit-card number
as the data will be stored in your computer where
it may be accessible to hackers.
 Precaution Against Hacking
 Do not accept the offer of the web browser
to remember your password or credit-card
number as the data will be stored in your
computer where it may be accessible to
hackers.
Precaution Against Hacking
 Change your password regularly and use a
combination of random letters, numbers and
special symbols for your password. Avoid
birthday, dictionary words, vehicle number and
names
 Tools for Network Security
 PGP (Pretty Good Privacy) vs PKI (…) vs
VPN (Virtual Private Network)

 Firewall

 Host and Network Intrusion Detection

 Security Surveillance – Electronic Cop

 Anti-virus Software
 Intruder Detection System

 Prevention – Detection – Response

 Intruder detection System performs burglar
alarm function
 Compliments firewall
 Must be integrated with an appropriate
response framework
 Network and Server Sensor

 Network sensor

 Detect attacks targeted at the Network

by analyzing network traffic in real-
time
 Attempts to shun attacks by sending
TCP reset packets
 Network and Server Sensor
 Network sensor
 Network and Server Sensor

 Server sensor

- Detect attack and misuse at the Server e.g.

Web server by analyzing system status and
logs in real-time

- Performs file integrity monitoring and pre-

scripted responses
 Network and Server Sensor
 Server sensor
 Tools for Network Security
 PGP (Pretty Good Privacy)

 Firewall

 Host and Network Intrusion Detection

 Security Surveillance – e-Cop

 Anti-virus Software
e-Cop Internet Security
Surveillance Service

 24x7 Internet Security Surveillance

Services through Global Command
Centers.

 Through Investigation Services Team, it helps

customers to facilitate law enforcement with
forensic evidence collected.
e-Cop Internet Security
Surveillance Service
 e-Cop Internet Security
Surveillance Service
 Conducts Rapid Penetration Service system
scans and report.

 Provides monthly summary and ad-hoc

incident reports.

 Consultancy on security policy , audit and

risk assessment.
 Anti-Virus
 Viruses can damage files, erase hard disk
and steal confidential information.

 Anti-virus applications detects and stops

malicious files that may have been embedded
along with the files downloaded of e-mail
received.
Anti-Virus
 Agenda

(4) Systems security.

(5) Exploiting Internet and intranet to

enhance business operations and
the challenge of integration with
vendors and buyers.
 Internet Search Engine
 AltaVistawas started by
Digital Equipment Corporation
employee volunteers who were trying to
provide services to make finding files
on the public network easier. In 1996,
AltaVista became the exclusive provider
of search results for Yahoo!.
 Internet Search Engine
 Yahoo!Was co-founded by Jerry yang
and David Filo

Jerry Yang David Filo

 Internet Search Engine
 In
1998, Digital was sold to Compaq,
and in 1999 Compaq re-launched
AltaVista as a web portal, hoping to
compete with Yahoo!.
 Internet Search Engine
 After
a few changing ownership, In
February 2003, AltaVista was bought by
Overture Services, Inc. In October 2003,
Overture itself was taken over by
Yahoo!.
 Internet Search Engine
 In
Aug. 2004, shortly after Yahoo!'s
acquisition, the AltaVista site started
using the Yahoo! Search technology.
 Internet Search Engine
 In1 Feb 2008, Microsoft bids US44.6
billion to buy over Yahoo!
 Internet Search Engine
 The name "Google" originated from a
misspelling of “googol” which refers to
10100
 Internet Search Engine
A patent describing part of Google's
ranking mechanism PageRank was
granted on 4 Sept 2001. The patent was
officially assigned to Stanford
University and lists Lawrence Page as
the inventor

Lawrence Sergey
Page Brin
 Internet Search Engine
PageRank is a link analysis algorithm
that assigns a numerical weighting to
each element of a hyperlinked set of
documents, such as World Wide Web,
with the purpose of “measuring” its
relative importance within the set.
 Software Application
Internet Architecture
 Software application moves from client-

server to internet computing.

 Software Application
Internet Architecture
 Internet computing is a platform that
supports the open flow of information
between systems.
 Software Application
Internet Architecture
 Server based technology is leveraging on
ubiquitous internet technology such as
extensible Markup Language (XML) and
HyperText Transfer Protocol (HTTP)

 Internet Architecture can integrate custom

internal systems, eMerchants and trading
partner systems
 Internet Integration
 Internet integration is done through:

 Application messaging
 Component Interfaces
 Business Interlinks
 Application Engine
Internet Integration
Internet Application Architecture
Third
Party
DBMS
Appln Messaging Server
Processor
Business Server
Third
Bus. Interlink Interlink Plug-ins
Party
Processor systems
Web Browser Business
Component Processor Interlink
HTTP/HTML Presentation (Appln Logic)
Relay

SQL Access Mgr

Servlet User Interface
Generator

TUXEDO
Integration Query Processor SQL DBMS
HTTP/HTML Relay Server
Servlet
Process Scheduler
JOLT Execute Reports and
Wireless Java Batch processes,
Portal
Enabled Servlet
Appln Engine Register repts in Portal
Content Registry
HTTP/HTML Web
Server Portal Processor Search, Content
management, Home
page Persoalization
Security Mgr

LDAP
External System
WebLogic Server Novel NDS eDirectory
IBM WebSphere
Directory iPlanet Directory Server
COM, CORBA, MS IIS
MS Active Directory
EJB iPlanet Web Server Server
Apache
Component Interface
Internet Application Server

 Java Enabled Web Server

Commercially available web servers that
support Java servlet execution. Provide
execution environment for Presentation
Relay Servlet, Integration Relay Servlet
and Portal Servlet
Internet Application Server
 Presentation Relay servlet

The ERP’s Java Servlet that handles all

inbound and outbound HTTP requests for
ERP transactions and queries.

This thin servlet acts as a relay between the

external or third-party system and the core
back-end integration services.
Internet Application Server

 Presentation Relay servlet (contd)

It receives and serves HTML, XML and

WML request over HTTP and maps the
data in these requests to the Component
Processor and query Processor application
services that execute under e.g. Tuxedo.
Internet Application Server

 Presentation Relay servlet (contd)

It communicates with these back-end

services via e.g. BEA System JOLT
Internet Application Server

 Integration Relay Servlet

An ERP’s Java Servlet that handles all

inbound and outbound HTTP/XML requests
for the third-party system integration. This is
also a thin servlet that acts as a relay between
the external or third-party system and the
core back-end integration services.
Internet Application Server
 Integration Relay Servlet (contd)

It receives and serves XML requests over

HTTP and maps the data in these requests to
the integration services---- Application
Messaging Processor, Business Interlinks
Processor, component Processor --- That
execute under e.g. Tuxedo

This component communicates with these

back-end services via e.g. BEA Systems JOLT
Internet Application Server

 Portal Servlet

An ERP’s Java Servlet that handles all

inbound markup language and outbound
requests for the Portal.

It receives and serves HTML, XML and

WML requests over HTTP.
Internet Application Server
 Portal Servlet

It also manages all aspects of the ERP

Portal such as search, content management
and home page personalization.

It communicates with this back-end service

via e.g. BEA Systems’ JOLT
TUXEDO manages Internet
Application Server Services
 Component Processor

A key piece of the Internet application

Server. This component executes the ERP
Component--- the core ERP application
business logic
 TUXEDO
 Business Interlink Processor

Manages the execution of Business

Interlink Plug-Ins and their interactions
with third-party systems
 TUXEDO

 Application Messaging Processor

Manages the publishing, subscribing

and delivery of Application Messages
for the ERP system
 TUXEDO
 User Interface Generator

This component dynamically generates the

user interface based on the components or
Query definition and generates the
appropriate markup language (HTML, WML
or XML) and scripting language (JavaScript,
WMLScript) based on the client accessing the
application
 TUXEDO
 Security Manager

Interfaces with the Directory Server using

Lightweight Directory Access Protocol
(LDAP) to authenticate end users and
manage their system access privileges
 TUXEDO
 Query Processor

Executes queries defines using the ERP

tools (e.g. PL/SQL, PeopleSoft Query
tool)
 TUXEDO
 Application Engine

Executes ERP Application Engine process

 TUXEDO
 Process Scheduler

Executes reports and batch processes and

registers the reports in the Portal’s Content
Registry
 TUXEDO
 SQL Access Manager

Manages all interaction with the DBMS

via SQL
 Agenda

(6) e-business and Application

Development

(7) Knowledge management and the use of

web parts to create self-service portal.
e-Business and Application
Development

 e-Business is the net-enabled business

activity that transforms internal and
external relationships to create value
and exploit market opportunities
driven by new rules of the connected
economy.
---- Gartner
 e-Business Integration Style
A2A

Computer Computer Minicomputer

Mainframe
Laptop
Enterprise
B2B
Business Laptop
A2A
Customers Server

and e-Market Computer

Server

Minicomputer
Laptop
B2B B2B
Minicomputer Minicomputer Minicomputer Computer

Server
Computer Computer
Laptop
B2B B2B
B2C A2A

Manufacturers

Computer Server

Suppliers
Laptop

Consumers B2C Laptop Minicomputer

A2A
 Application Development
Strategies
 Application development disciplines are
merging to support e-business strategies.
 Instead of building new systems
exclusively, focus is shifting to integration.
 Web services are emerging as the new model
for e-business Application Development.
 Microsoft and Java architectures will dominate
emerging e-business development.
 Agenda

(6) E-business and Application

Development

(7) Knowledge management and the use of

web parts to create self-service portal.
 Enterprise Portal for
business application

 Portal represents the way customers,

suppliers and employees access the web-based
eBusiness of the business
 Enterprise Portal for
business application
 Portal provides

 Personalized access
 Role-based filtering
 Multi-system integration
 Scalability
 Content management
 Enterprise Portal for
business application

 Portal provides

 Single sign-on
 Security
 Community support
 A general development framework
Enterprise Portal for
business application
Enterprise Portal for
business application
 Types of Portal
 Application focused solutions for business
solution delivery (functional). E.g. SAP, Oracle,
PeopleSoft

 Technology focused solutions that support the

underlying technology and software integration.
E.g. IBM Websphere, BEA Weblogic.
 Employee Self-Service Portal
Site Replication
Clients Service

Document and Active Director

Knowledge Mgt Connector
Computer
Active Global Address
Security Exch Svr Database
Directory List
Access
Laptop
Control List
User Mgt
Win2K Cert
Service
MS
Public Folder
Access
NTFS File Doc Mgt: Mgt
Server
System * Profiled MySQL
Exch2000 Key Files * Categorized Storage Mgt
Mgt Service Web pages * Published FoxPro
e-mail * Approved Admin &
Cell phone message * Search & Routing Mt Oracle
Hand held computer
Self-service Portal index
engine Connector Mgt SQL Svr

Webstore Performance
(ExIFS) Tuning

Text: Corporate Internet and Corporate Intranet

1/18/
2003 ERP + CRM + MFG

Text:
Text:
Netscape My Netscape Portal
Netscape My AOL Portal
Netscape My AOL Portal
Netscape My AOL Portal
4 Major Categories of Portal
Functionality

 Portal Infrastructure.
 Portal Operations.
 Portal Features.
 Portal Presentation.
 Portal Infrastructure

 Integration
 Internationalization
 Platform
 Scalability
 Security
 Standards
 Portal Infrastructure

 Integration

 URL-based integration
 Web-based screen scraping
 XML/XSL
 Legacy screen scraping
 API
 EAI
 Portal Infrastructure
 Internationalization

 Language support
 Content translation service
 Currency support
 Currency translation service
 Support for local laws and regulations
 Portal Infrastructure

 Platform

 Operating systems
 Database servers
 Application servers
 Web servers
 Web browsers
 Portal Infrastructure

 Scalability

 Replication
 Failover
 Load balancing
 Clustering
 Cabling
 Portal Infrastructure

 Security

 Authentication
 Authorization
 Login
 Single sign-on
 Portal Infrastructure

 Security (contd)

 User Management
 Digital certificate
 Public key
 Digital signature
 Portal Infrastructure

 Security (contd)

 Public key infrastructure

 Secure Sockets Layer Protocol
 Secure Hypertext Transfer Protocol
 Portal Infrastructure
 Standards
 HTML
 Java

 Subcategories
 J2EE
 XML
 XSL
 Portal Operations
 Administration

 Community Management

 Development Environment
 Integrated Development Environment
(IDE)
 Application program interface (API)
 Software Development Kit (SDK)
 Portal Operations

 Ease of Upgrade

 Federated Portals
 Portal Features

 Business Intelligence
 Collaboration
 Content Management
 Personalisation
 Search
 Workflow
 Portal Features
 Business Intelligence

 Report generation
 Online analytical processing (OLAP)
 Decision support system (DSS)
 Data warehousing
 Data Mining
 Ad-hoc reporting
 Portal Features
 Collaboration

 Discussion board
 Document sharing
 Chat
 Instant messaging
 Virtual whiteboard
 Virtual conferencing
 Video conferencing
 Portal Features

 Content Management

A process of creating, submitting, accessing,

approving and maintaining unstructured
content from diverse sources
 Portal Features

 Personalization

 Explicit
 User’s profile (in LDAP)
 System to maintain and manage

 Implicit or heuristic
 User’s online behavior (clicked certain
links or visit certain pages)
 Event based personalization ( HP
eService, Amazon.com
User’s preference personalisation)
 Portal Features
 Search

 Boolean-based Searches
 Indexing
 Spider / Crawler / Bot
 Keyword (Metadata) Search
 Full-text Search
 Internet / Web Search
 Natural-language Search
 Results Ranking
 Portal Features

 Workflow

The tasks, procedural steps,

checkpoints, forms of review or
approval, people, information and tools
needed to complete business
 Portal Features

 Workflow Automation

 Integrate existing applications and

components within a workflow through

programs such as JDBC, ODBC, EJB,

CORBA or COM interface with each
other
 Portal Features

 Workflow Automation

 Alert users involved in a workflow via

email, wireless SMS or directly through
portal

 Allow applications to initiate a workflow

via an open API
Portal Presentation

 End-user customization

 Help

 User Interface

 Wireless Access
Portal Presentation

 End-user customization

 User interface
 Organization
 Content
 Portal Presentation

 Help

 General Help
 Context sensitive Help
 Interactive Help
 Bubble Help
 Online Wizard
 Portal Presentation

 User Interface

 Graphic design
 Information Architecture
 Editorial Style / Content Strategy
 Instructions and Error Handling
 Portal Presentation
 Wireless Access

 Subscription-based Content Push

 Subscription-based
Alerts/notifications
 Workflow Process-based Alerts
 Interactive Querying
 SMS messaging
 Wireless Markup Language
 Agenda

(8) Storage Area Network (SAN) and

Network Access Systems (NAS)

(5) Business Recovery Process

(7) Best Practices

 Storage Area Network
 Storage Area Network (SAN) is a large
external shared storage system supporting
various different servers and is capable of
high-speed database access

 SAN + NAS = Network Storage

 Storage Area Network

 Network Attached Storage (NAS) is a

storage element that connects to
network and provides “file access services”
to computer systems and network clients.
SAN and NAS
SAN is for….
SAN  Dedicate storage
Server
 Databases
Data
 Client Server Applications
Server
Data ---Transactional systems
Data --- ERP applications
Server Shared Storage

NAS NAS is for….

IP Network  File Sharing
Server
 Distributed applications
---Internet
Server
Data --- Web Mail
Server --- Asset Management
Server --- CAD / CAM
Shared information
 Storage Area Network (SAN)
Local Area Network

Host Host Host Host

adaptor adaptor adaptor adaptor

Server Server Server Server

Switch / Hub Switch / Hub

Bridge

Library
Disk Disk Disk
Array Array Array
Storage Area Networks (SAN)
Advantages Disadvantages

Storage consolidation Require separate network

Independent of the LAN Require mgt like LAN

Centralized storage network Require switch, channel

interface and fiber

Configure for high availability Broadband connection

environment required

Easier business recovery SAN is expensive with broad

band
 Network Attached Storage (NAS)

Window Window Unix Unix

Workstation Workstation Workstation Workstation

F S S
C I NF

Network Attached Unix

Windows NT Storage Device Server
Server

A storage element that connects to a network and provides Files access

service
Network Attached Storage (NAS)

Advantages Disadvantages
Data/files sharing and universal May require dedicated network
access for speed

Consolidate file servers Not suitable for high scale

application environment
Simplify data management

Leveraging on high speed LAN /

WAN

Lower total cost of ownership

 Agenda

(8) Storage Area Network (SAN) and

Network Access Systems (NAS)

(5) Business Recovery Process

(7) Best Practices

 Business Recovery

 Disaster Recovery Scenarios

 Disaster Recovery Plans

 Development of Procedure and Delegation

of Tasks
 Business Recovery

 Time-sensitive Backup Operations

 Security Considerations

 Policy Considerations
 Business Recovery

 Technical Considerations

 Other Considerations

 Documentation for Business Recovery

Business Recovery Scenarios

 Components, sub-systems and system failure

 Power failure
 Systems software and database failure
 Accidental or malicious deletion and
modification
Business Recovery Scenarios

 Virus and hacker attack

 Natural disaster (Fire, water, flood,
earthquake…)
 Man-made disaster
 Theft and sabotage
Business Recovery Plans

 Top-down execution and responsibility

accounting
 Bottom-up execution and responsibility
accounting
 Top-down policy and bottom-up planning and
execution
 Business Recovery Plans
 Develop procedure and delegation of tasks
 Security consideration
 Policy consideration
 Technical consideration
 Testing of back-up and restore procedure
 Documentation of procedure and
configurations
 Conducting verification operations
 Development of Procedure
and delegation of tasks
 Who makes the policy for files and systems for
backup and redundancy and how the policy
made known?
 Who does the backup when the assigned
operator is not available?
 What is the procedure for administration of
pass words?
 Should the backup occur immediately after or
before regular business hours?
Development of Procedure
and delegation of tasks

 Where is the off-site business recovery centre?

 To what extend is the redundancy being set

up?
 How often is the full and incremental
backups done?
 How long does it take to retrieve backups
from onsite and offsite storage area?
Development of Procedure
and delegation of tasks

 Can the offsite copies be obtained at any

time or only during business hours?
 How long does it take to perform a full
and partial restores with verification?
 What is the acceptable downtime?
Development of Procedure
and delegation of tasks

 Who is to be notified if disaster occurs?

 What are the hardware and software
technical support available and how long does
it take to replace failed systems?
 Time-sensitive back-up
operations

 What is the backup window?

 Should all backups occur outside of regular
business hours?
 How is the backup data transferred to offsite
location?
 Security Considerations
 Is the offsite business recovery centre secure
from unauthorized access?

 What has been done to make the offsite

business recovery centre protected fire, flood,
theft or another disaster?

 What is the procedure for the designated

personnel to access the offsite business
recovery centre?
 Policy considerations

 Is there a policy in place for business recovery

for the whole organization?

 Are all modified files to be backup or does

company policy specify only critical files or
files of certain users, groups, departments or
divisions?
 Policy considerations

 Are any disks or volumes or certain systems

not to be backed up?

 Are users responsible for their back up and

technical support?
Technical Considerations

 Are logs created and saved for future

reference? What is the policy for house
keeping of logs?

 Is the backup done to a local tape drive,

remotely over the LAN or remotely over the
wide area network (WAN)?
 Technical Considerations
 Are computers and systems equipped with
notification through SMS power outages? Are
they connected to UPS?

 What is the process in place for dealing with

unforeseen occurrences during a backup or
restore?
 Other Considerations
 What are the possible disaster scenarios? Are
there recovery procedures to those
disasters?

 What backup software to use?

 How many copies of backup to be kept?

 What are the backup medium?

 Documentation for
Business Recovery

 Is the policy and procedure documented and

kept in a safe place?

 Are all media labeled with date, back up type.

Server being backed up?
 Documentation for
Business Recovery

 Are there backup catalogs and log files?

 Are the contact for hardware and software

support for business recovery properly
documented?
 Documentation for
Business Recovery
 Is there a documentation for verification
operation to compare files on the disk and files
on the backup media?

 Is there documentation maintaining

configuration and system information?
Documents should include manual and
warranties from vendors, insurance policy, tool
kits, add-ons, training guides.
 Documentation for
Business Recovery

 Is there software configuration information

and backup procedure?

 Any documentation on the version, service

packs installed, hot fixes installed ?
 Agenda

(8) Storage Area Network (SAN) and

Network Access Systems (NAS)

(5) Business Recovery Process

(7) Best Practices

 Best Practices

 Develop backup and restore strategies and

test them
 Use reliable hardware and perform stress test
 Create labs that mirror production
environment
 Test deployments in lab before deploying in
production
 Best Practices

 Train appropriated personnel

 Remove single point of failure
 Apply the latest Service pack to resolve known

issues and improve server reliability

 Best Practices

 Backup before and after every major state

changes
 Monitor symptoms and events that lead to
failure
 Update document regularly for any changes
 Keep a copy of the installation media,
hardware and software configuration in the
offsite location
Thank you