It Management Inc., Business Plan Example

Problem Description

What is the problem we are trying to solve with the technologies we chose?

Issue: Undefined and potentially hazardous traffic.

As a growing company, it is essential for IT Management Inc. to consider areas of potential danger.  Our clientele has more than doubled over the past year requiring us to expand our network.  In addition to the expanded clientele, we are now required to retain critical information for that many more accounts within our database. IT security and firewall policy has been set up based on a set of rules.  These rules are compromised from four basic elements of destination, service, and action.  Until this point, we have utilized a firewall, however at this point we have to consider that we have outgrown this tool. “Industry standards are available and continue to evolve, but do not provide a comprehensive solution. The onus is on the security architect to use the standards as a baseline and devise appropriate security controls applicable to the specific implementation of the service-oriented solution.” (Ghauri 2009)  We are projected to have the same type of growth over the next year as well so protecting ourselves and our clientele has to address immediately.  In order for IT Management Inc to move forward beyond the basic firewall, they need to consider interoperable heterogeneous solutions with the common thread of standard protocols.   SOA, service-oriented architectures, is referred to as the “black-box” software.  This software provides protection, prevention, and tractability.  Utilizing such an option, the company will be able to monitor and regulate public access to private networks, and unauthorized attempts of entry to the network.  Lastly the implementation of phased development methodology: incremental.   This slices the system functionality into portions or better termed increments.  Each piece is delivered through cross-discipline work.  This is consistent from requirements to the deployment. This too is in process groups of inception, elaboration, construction, and transition.

What Technologies were chosen?

What benefits do these technologies provide?

Solution: Firewall, SOA Service-Oriented Architectures, and Phased Development Methodology: Incremental.

IT Management Inc. has recognized that “security is only as good as its weakest link.”  The firewall provides options to reject, drop, permit and encrypt the traffic on IPSEC VPN capable firewalls.   SOA provides an unparalleled interoperability between varieties of enterprise applications.  It is considered the evolutions of component-oriented programming, providing a way to encapsulate, distribute, and reuse business functionality with additional benefits of interoperability across technology platforms.  SOA in conjunction with a firewall will provide a comprehensive solution to the industries’ risk.  Without implementations of firewall and SOA, it leaves the companies network open for hazards.  There will be no default-deny for traffic that has no permission to be accessing select data.  There would be not regulatory measures to monitor internal or external dangers, as well as no means to set necessary restrictions.

According to SOA Management – A Must for Operational Excellence (website 2009) the initial expectations of SOA are:

• End-to-end operational governance and visibility
• Improved SLA management and SLA/regulation compliance
• Reduced downtime through rapid troubleshooting and improved root cause analysis
• Proactive maintenance, security breach detection, and prevention through alerts
  · Improved incident management through notification
• Metrics for service optimization and enhancements

The last technology chosen is phased development methodology, incremental.  The inception can identify project requirements, scope and risks where work can be estimated.   Elaboration can deliver a working architecture that can mitigate high risks as well as fulfill certain non-functional requirements.  Construction fills-in the architecture with production-ready codes from design, testing, implementation, and analysis of functional requirements.  Finally, delivers the system into operating environment.

Implementation Approach

What is our approach for incorporating into the organization?

Approach: Organizational Impact

The Firewall, SOA Service-Oriented Architectures, and Phased Development Methodology: Incremental will affect IT Management Inc. in several ways.

The following shows how Firewall, SOA Service-Oriented Architectures, and Phased Development Methodology: Incremental will provide an explanation of the process, tools, privacy, and software/services:

Process:  The service implementation and design is decoupled from application business logic.  This makes it easy to migrate from existing applications to a service-oriented design without having to rewrite its components.

Tools:  Firewalls one or more destination TCP ports, destination UDP ports, and a combination of destination TCP and UDP ports.  SOA shows functionality to clients, in house and remote, through clear contracts using an opt-in approach.   Phased development methodology: incremental shows the initialization step, the iteration step, and the Project Control List.

Privacy:  Firewall provides a shield around the network preventing entrance to unauthorized parties.  SOA executes software autonomously with no impact to one another if the off chance of failure were to occur.

Software/services: Firewall offers a broad range of software and services dependent on the need of the users.  SOA can be deployed over different protocols to gratify a variety of potential computing scenarios.  Support has interoperability with other major vendors.  Finally phased development methodology: incremental provides isolated and easy-to-find modules.

In order to effectively implement firewall, SOA, and phased development methodology: incremental while continuing on with business as usual, we will implement firewall and service-oriented architectures in incremental phases.  By prioritizing the core components it will provide minimal to no disruption in daily business.  The core components are:

Phase 1: Web service management – are becoming the most common method of sharing data and functionality among loosely coupled system.

Phase 2:  Service registry – allows organization of information about services and provides facilities to publish and discover services.

Phase 3:  Service container – is a physical manifestation of the abstract endpoint, a remote process that can host software components, and implementation of the service interface.

Phase 4:  Service repository – working with service registry this is a system for storing, managing, and accessing information.  This also referred as service metadata used in the selection, management, invocation, and reuse of services.

Phase 5:  Identity and access management infrastructure – is associated with password synchronization, meta-directory, role-based entitlements, single sign-on, web single sign-on, and similar ideas.

Phase 6:  System management and monitoring infrastructure – provides professional services that simplify performance monitoring implementation by promoting user adoption and providing faster time to value.

Phase 7: Configuration and release management infrastructure identifies, records, reports, controls, audits, and verifies configuration items that include constituents, baselines, versions, components and their attributes.  It also protects the integrity of configuration items by ensuring that only authorized components are authorized and used changes by the IT environment only.

References

Website (2009) SOA Management – A Must for Operational Excellence.  Retreived from http://h20195.www2.hp.com/v2/GetPDF.aspx/4AA2-9325ENW.pdf

Ghauri, Atif. (2009) SOA Security 101: Patching the Firehole Wall.  Retreived from  http://www.informit.com/articles/article.aspx?p=1326604