Project management

As in most big projects, the first step should be one back. Rushing in without conducting thorough appraisal and analysis, or...

As in most big projects, the first step should be one back. Rushing in without conducting thorough appraisal and analysis, or setting objectives and milestones, not to mention budgets and timescales, is the most common cause of problems and failure

In the case of web to host, the first point should be realising that the term is the wrong way around. As Jon Newlyn, business development manager with mainframe and mid-systems server connectivity specialists Attachmate says: 'No self-respecting IT manager would allow anyone to gain access to his host from the web. These back end systems are established, secure, accurate, fast and reliable, and use data that is in the most uncorrupted form available.' No, says Newlyn, the issue is not web to host which hints that the doors of the host should be made open and available, but host to web, in which the mechanics are quite different.

Newlyn explains: 'When you say 'web to host' you are asking the question: 'How can I access the host from the web?' But the question should be: 'What applications can I safely and securely present in a web based environment?' The approach should be to see how the business can interact with the customer, says Newlyn, and he believes that the primary issue for IT managers is retaining control.

Paul Williams, finance industry consultant with Candle Corporation, points out that host usually means legacy, and the two terms are usually interchangeable and synonymous. 'As a general principle, the host or legacy should not be touched, if at all possible. The host should be unaware of the web connection, and polls on the data held on the host should be transparent,' he says.

The importance of getting the project and implementation right cannot be underestimated. 'This is probably the most important project since original computerisation,' says Paul McKeown, IBM's market development manager in its Pervasive Computing division. IT managers embarking on connecting their host/legacy applications to the new web based business side of their enterprise potentially risk 'corporate migraine', according to Peter Williamson, head of e-business at e-collaboration solutions company Intentia. 'The most common mistake is to underestimate the scale of the project and the potential for problems. Many seem to think that it is just a matter of sticking the new front end to the old back office.' Nothing could be further from the truth, Williamson says.

'The IT manager has to control and manage the flow of information from the company without restricting or inhibiting demand, and the key is to try to reduce the issues down the individual components or applications,' says Attachmate's Newlyn. 'To do this the IT manager has to build 'gatekeepers' where requests are made from the web, and it is only the gatekeeper which has the authority and knowledge to find the relevant information in the back office, and present it for 'cleared' consumption by the customer.' To do this the consumer has to re-visit the host or backoffice on an application-by-application basis, and the requirements of each application have to be categorised and put into pigeon-holes.

Ex-IBMer Colin Osborne, now chairman of e-business integration firm CommerceQuest, agrees, saying that taking a compartmentalised approach enables IT managers to increase their ability to react to new business requirements more quickly. His colleague, Lewis Cook, director of professional services, says that Enterprise Application Integration (EAI) technology is key as a gatekeeper, enabling originally separated applications to work together in a seamless application. 'EAI also allows companies to rationalise multiple implementations of business processes,' Cook says. 'CommerceQuest has found during EAI-base engagements that customers commonly have a single business processes implemented in multiple applications. One bank had 35 different applications, all having different code to open a single account. By taking a compartmentalised componentised view of the business processes and using a structured approach, the duplication of code can be reduced, thus increasing the reliability of the system and reducing support costs.'

The use of architectures and technologies like IBM's middleware MQSeries greatly increases the flexibility and manageability of the web-connected solution, says Cook. 'Changes to the front or back end can be built quickly, and then tested and implemented fast. The use of abstraction and integration technologies like MQSeries, CommerceQuest's non-invasive EAI eAdapter, ActiveWorks, iWave and Mercator, a high level of code re-use can be achieved, thus increasing the reliability of the final solution, and also reducing development time.' He adds that investing in the right architecture is of prime importance, together with logical project management, to ensure that issues like scaleability, performance, management, and security are not overlooked or poorly executed.

The technology enabling expansion of the business into web-space has got to be transparent, reliable, secure, and capable of allowing a fast, free flow of information across the whole supply chain, including casual customers. It is unlikely that any web to host or host to web development and implementation is delivered with a 'big-bang' approach. More likely the use of an EAI philosophy, and the introduction of the middleware tools, should be piecemeal, with each part tested and proven before the whole is achieved. Mark Cresswell, managing director of Neon Systems, a long-established EAI vendor, says: 'Existing legacy applications will need to be implemented and accessed alongside, or as part of, a new web or e-commerce based application. This raises several issues, such as, the co-existence of a new, unpredictable workload running alongside an existing managed system. A commitment to systems management and support of the new workload might compromise the old established, proven applications.'

It makes good business and economic sense to exploit as much as possible out of an enterprise's existing IT systems, provided the simplicity of business processes is not compromised. Most firms want to reduce their overall costs and extend their business to embrace the web without committing to new high expenditure. Also, if an existing legacy system is to be re-used and partially re-deployed in the new environment, it is likely that there is an enthusiasm, or need, to drive or keep down costs. In this case the web-host-web integration should be non-invasive, in that no legacy code should be modified, and there should be no requirement to maintain two versions of the business logic. The reason for this, explains Cresswell, is to avoid the need for business logic for the new system and one for the traditional users.

However, many firms do not have a host or legacy capable of supporting the demands of web-generated transactions. In that case, says Intentia's Williamson, they should invest in a new host system rather than try to make the EAI or middleware make the ends meet. 'It's a big mistake to try to start from a position of not having an e-enabled enterprise process system already in place, onto which a new front end can be seamlessly bolted. If a company does not have a decent backend to start with, they will always be on the back foot, the system will always be generating problems, and it will later be seen as a short-term, costly and mistaken approach. That will come later when eventually the decision is taken to invest in a whole new backend, then the decision to make do with the legacy will be seen as short-termism.'

Neon Systems' Cresswell adds: 'Security is of course the biggest issue to consider, particularly if the application already requires user IDs and passwords.' It might be impossible to issue unique ID for every user accessing over the web, yet to provide one generic ID for all users is a potentially serious security exposure. 'A more secure alternative is to establish a secure environment for each individual transaction - a feature uniquely provided by Neon Systems' host connectivity solution,' claims Cresswell. 'This ensures that there is no inherent exposure, and also enables a full audit trail for all web-originated transactions.'

Most new internet applications run within Web Application Servers, such as BEA WebLogic, Silverstream, iPlanet and IBM's WebSphere. 'Connectivity vendors, like Neon Systems and IBM, provide adapters that conform to the development environments, within Web Application Servers, in a standard way,' explains Cresswell. 'Essential is consultancy by the integrators which assesses each enterprises' particular needs, explains all the options and possible issues to the IT manager, and then takes care of, or oversees, the implementation. IT managers can undertake the whole host to web enabling project, but unless they are middleware specialists it is often best left to the vendors.' Using the vendors as integrators and consultants also means that there is a culprit to blame and claim redress from if there are any hiccups later.

Rich Lechner, vp of e-business enterprise servers at IBM, says: 'No one supplier can provide all the elements of every solution, and partnering between suppliers is more crucial than ever. No supplier can act or consult in isolation, and the IT managers need to ensure that their providers of choice are comfortable about talking and working together, as well as providing products which are interoperable.' Intentia's Williamson adds: 'The use of middleware can introduce a whole new level of risk, and if there are several suppliers, there can be a failure to be able to hold anyone accountable for problems. So ensuring that providers work well together is a key issue.'

Introducing e-commerce into a legacy applications can mean introducing a whole gamut of new issues which were not considered relevant when the host was commissioned and implemented. For example, applications have to be operable 24 hours a day, seven days a week, all year, and be able to cope with orders and transactions from different time zones and different countries. IBM's Lechner says: 'Add to that the need to have complete security of host and transmitted data, and you begin to get an idea of the scale of a web to host adaptation and implementation project.'

Ian Kilpatrick, managing director of connectivity specialists Wick Hill adds that the potential number of access requirements and the challenge of delivering an appropriate and secure solution is pretty major. 'The security and management issues are much, much more complex than relatively simply remote PC to host, particularly as it is often the core business applications which are being accessed,' he comments.

'One size will definitely not fit all, and each and every enterprise and its business, its legacy IT systems, the business and IT processes, and the firm's business objectives, have to be considered and balanced separately,' says Kilpatrick. 'Security is by far and away the biggest issue, with interoperability second.'

Simon Holloway, so-called 'marketing evangelist' with iPlanet Northern Europe, says that despite claims that EAI can be achieved in some automated, declarative way, simply by plugging-in off-the-shelf connections between standard applications, it still needs considerable individual personalised consultancy and hands-on work. 'Some of the drudgery can be automated because there are clearly some common application to application connections repeated across many organisations, but EAI is not a form of or alternative to application development.'

Integration recommendations

Holloway recommends that the approach to web-to-host-to-web integration should be:

Practical, being straightforward and easy-to-use, and delivering a solution to real business problems

Flexible, both in the ability to integrate disparate technologies, and to develop new differentiating applications and processes.

Consistent, with standards based methods of viewing, translating, and exchanging information

Reliable, with the ability to keep working 24x7x365, and to survive failures or crashes without threat to data integrity

Good performance, adequate for the demands and calls on the data and the system

Manageable, with proven capabilities to test, deploy, monitor, and upgrade as needs change.

Only a component based approach to extending the legacy environment to embrace the web will suffice, according to Holloway, with a willingness by the IT manager to take a pragmatic view if the legacy looks unable to cope in the future. 'Many approaches being touted in the marketplace have fallen into the trap that Structured Methodologies fell into, of believing that every project was a green field. But the process has to be one of building on past experience, of identifying existing applications, and componentising them,' he says.

Long term objectives

The issues involved in web-enabling host and legacy applications comes down to what the users and the enterprise want, and therefore setting the long term objectives should be the first stage of the project. Colin Tankard of e-commerce solution vendor Aventail Europe says: 'The first thing to establish is who will be accessing the host and what they want from it. Employees, partners, long-term customers and casual customers, all have different requirements for a front end, and therefore the EAI strategy needs take a different approach for each.'

Finally, one piece of good advice from Tankard is to take a cool look at the benefits to be achieved by 'webifying' the host and legacy applications. 'It may be that some of the so-called benefits are marginal, and can be achieved by other, less risky or costly methods. Not every audience necessarily needs to have full access to your host, and by limiting the audience you can reduce your cost, risk, and timescale of the project. The others can be satisfied for a while longer by more traditional methods,' he says. 'There is a risk that the bandwagon that is the internet is encouraging IT managers to webify every application and process when that may definitely not be necessary. It is possible to achieve competitive advantage and improved profitability by being circumspect about webifycation, limiting it to the most obvious applications, and continue with the old processes in conjunction, at least for the time being.'

'Rushing into complete host to web review can be an enormous, expensive sledgehammer cracking a rather small nut,' Tankard adds.

More about Enterprise Application Integration (EAI)

If you understand the role of middleware, then you're already halfway towards understanding EAI.

EAI is a concept developed and established before e-commerce came along, and uses middleware as the tool to achieve an EAI solution. It was originally used to describe application integration with an enterprise, but now includes application and data sharing with the wider world.

More specifically, EAI solutions employ a very wide range of technologies to ensure the reliable and secure sharing of data among applications, or to provide a single user interface to multiple applications. Sharing data can be achieved with various middleware technologies much as message brokers, message queuing, XML, software connectors for different legacy systems, such as Cics, IMS, DB2, and so on. User interfaces can be created with HTML, ActiveX, or Java.

So, all EAI technologies can be regarded as middleware, although, as is not uncommon in IT, there is not an absolute definition agreed by everyone. However, think of EAI as a philosophy, rather than a specific application or technology. And since the concept is one of integration applications, there is no standalone EAI application, just a development and integration framework within which applications and data can reliably, securely, and economically be managed between host and customers, and back. On the other hand, it is also true to say that it is a whole new set of infrastructure and interoperability software tools that enable disparate applications to communicate with each other and transfer data using asynchronous messaging technology. EAI solutions can be configured to recognise application events and implement a pre-defined set of actions as required.

EAI is an important way that a business can be moved from an isolated enterprise to an integrated e-business. It resolves many of the cost and management issues of sharing customer and supplier information among disparate applications with the enterprise in a way that preserves the integrity of each constituent applications.

Read more on Business applications