INTRANET

What are Intranets?

internal network designed to be used by company employees consists of a WWW server but can also be made up of other servers such as usenet servers, FTP servers, database servers or other applications Intranets are IP networks, like the Internet, designed to be used inside of a company

What are Intranets?

Using Internet-based technologies within an organization to facilitate communication and access to information.

An integrating mechanism for people, processes and information within the enterprise.
The corporate information network.

Technical Comparison
Internet

vs

Intranet
Packets are private IP protocol suite Enterprise bears costs Enterprise mgmt Strong policies Central enforcement Enterprise controls

Packets are public IP protocol suite Cost spread out Problematic mgmt Weak policies No enforcement No controlling org

Intranet Challenges

Integrate data from diverse sources Provide Access to data by all stakeholder in companys value chain Present information in the format appropriate for each stakeholders Guarantee Performance, Availability, Serviceability, and Security

Top Intranet Business Issues

What will be the value of the Intranet to YOUR BUSINESS?

How much will it cost?

Will our Intranet change our current processes? How will we organize for our Intranet (new roles)? Will our corporate culture be favorable to Intranet?

Top Intranet Business Issues

How will the employees be using it to achieve benefits?

What training will be needed for the employees?

How will we measure success with the Intranet? What are our competitors doing with the Intranet?

Top Intranet Technology Issues

How will the Intranet impact our current network? What centralized functions will be required? How will we support an Intranet? What will be our operational requirements (additional MIS staff and organizational structure)?

Top Intranet Technology Issues

How will we design the Intranet to meet business goals? Will we be able to reuse the existing technologies? What will be the requirements for content management? How will we integrate existing applications & legacy data? How will we protect my Intranet from outsider entry?

How are Companies Using Intranets?

Wide spectrum Evolution

->documents ->publishing ->collaboration ->transactions ->extranets

Growing acceptance Different levels of funding, use and support

More Intranet Examples

Information Access:

Online help Information and expertise sharing Corporate libraries, identifying resources/skills, Remote problem solving Just-in-Time and Distributed training Reducing paper Software distribution Designing products (cars...) Preserving history Inter-Company/Division Collaboration, etc.

Transactions:

Other:

Future Aplications

Intranet

Information brokers/finders (within/without the company) Online support centers (help desks, etc.) Knowledge management (with need/right-2-know) Web-based simulations Further enhanced Just-in-Time training

Extranet = Intranet + Extension Outside the Company

Electronic commerce:

Virtual Store-Fronts... Supply and demand chain automation

Virtual webs for dealers, vendors (e.g., product info) Collaboration (all outside constituencies) Online surveys (marketing) Subscription-based information services

HTTP
HTTP, which stands for HyperText Transfer Protocol, is what allows the World Wide Web to communicate HTTP is a connectionless protocol, which allows many quick connections without having to hold ports open HTTP allows two way communication, which allows the browser to send information to the server as well as vice versa Allows for basic authentication Server to require a username and password for each security domain defined

HTTP
Content negotiation is also specified in the HTTP specification. This allows clients and servers to negotiate on file formats, languages or other specifics the performance can be greatly improved by using caches to store recently retrieved documents

Secure Protocols
HTTP, unfortunately, is not a secure protocol, it is prone to different attacks such as: IP Spoofing Man in the Middle attacksThese are attacks where the cracker is between the client and server Eavesdropping. This allows a cracker to watch for certain types of information on a network.

Secure Protocols
SSL or Secure Sockets Layer is a protocol that sits between HTTP, or another protocol, and the TCP/IP stack. It allows secure connections using digital certificates. It allows for authentication, encryption, and data integrity. SSL servers only work with browsers that understand SSL. If a browser doesn't understand SSL, it can't communicate with an SSL- secured server.

 SSL requires a digital certificate. This is an encrypted piece of data that contains specific certificate information such as the name of the server, the server's public key, the expiration date and the name of the Certificate Authority (CA).

 S-HTTP Secure HTTP is a version of HTTP that provides secure transactions. It allows for Data integrity, encryption, and authentication. Secure HTTP or S-HTTP, unlike SSL can be used in conjunction with http. S-HTTP allows browsers to perform several cryptographic functions

 HTML HTML or HyperText Markup Language allows browsers to display documents based on the logical layout of the document. One disadvantage of HTML is the fact that the formatting is not as exact as it would be using a programming language such as Visual Basic, or a word processor

 Open Standards Open standards and Internet technology can also be used to make corporate networks more efficient, in fact, many companies are doing exactly that

 IP networks are easy to integrate over LANs as well as WANs Web technology allows cross platform development The WWW is inherently client server based Web technology is also cost effective Web technology scales well

Using Web technology for internal use is a natural evolution for several reasons:

Intranet Applications
Almost all Intranet applications fall into three main categories: Publishing applications or applications that allow one person or group to talk to many. Discussion applications which allow many people to talk to many people. Interactive applications or applications that interact with a program or other document

Publishing Applications
These are the usual first steps in creating an Intranet. These applications are easy to setup and may not even require a WWW server. Document Repository Bulletin Boards Workgroup Server Group Bookmarks

Discussion Applications
Intranets can do more than simply store documents, they can also be used as a front end for group discussions. Usenet News servers Discussion lists Good communication can save money in many ways such as
Reuse of technology Reduced development costs Better prices on purchased items Reduced support costs

Interactive Applications
Interactive applications are the applications that do work. These applications are used to query or search databases or to view what is happening on the network. Interactive applications are handled by using CGI or Java or another programming language.

Interactive Applications
Standard User Interface Using HTML as a standard front end to existing software will allow users to use any type of machine to access the system. Since HTML makes things look the same on different machines, users will be more comfortable using different types of hardware Central Form Submission Many companies have different forms for different requirements. When a new person starts, his manager usually needs to fill out a new user account form, a request for a network drop, a request for a phone and other forms. Development Platform With the introduction of Sun Microsystem's Java to the Web, developers can start building applications that are cross platform and distributed. Java allows the same piece of code to run on any machine that has a Java virtual machine ported to it

Interactive Applications
System Status Tools Different operating systems have different ways to query print queues and other system-specific information. By creating an HTML front end to these applications, any user on any system can easily check out what is going on, without having to know the correct command or syntax

 Different operating systems have different ways to query print queues and other system-specific information. By creating an HTML front end to these applications, any user on any system can easily check out what is going on, without having to know the correct command or syntax

Why Intranets
With Internet servers, many companies decide they need to get on the Net because everyone else is. Whether this is reason enough to create an external Web server is not known but publicity is a reason for some companies to develop an Internet presence. Intranets however are not created for publicity reasons and, if done properly, no one outside of your company will even know you have one. Therefore there must be a better reason to create one.

Using the Intranet to Merge Technology Saving Money with Intranets Expandability User Friendliness Reduced Development Time

Web Servers
Web servers are programs that can understand and talk the HTTP. They are used to answer HTTP requests and respond with HTTP answers. A basic Web server can be used to perform any HTTP operation and return the correct headers and documents. More sophisticated servers though have many features that make it easier to server HTML documents.

Web Servers
Server Parsed Files Authentication Logging Access Controls Administrative Interface

Choosing a Server Platform

In computer jargon, the word platform can refer to many things: The type of hardware being used, the operating system, a set of network protocols, or some combination of these In particular, an Intranet server is the combination of hardware, operating system and HTTP software used to run an internal Web. The latter lack the memory protection and multithreading of 32-bit systems and are therefore not suitable for critical business use. But they can be a good place to learn Web server basics.

 UNIX (many brands) Runs on RISC processors, Intel PCs, Apple Macintosh Windows NT Runs on Intel PCs, selected RISC machines (for example, Digital Alpha, Hewlett-Packard PA-RISC)

Essential and Desirable Features of a Web Server

The purpose of a Web server is to respond to HTTP requests from Web clients (that is, browsers) by delivering a requested file, or executing a requested script. All Web servers must be able to interpret standard HyperText Transfer Protocol (HTTP) commands. A server must conform to the Common Gateway Interface (CGI) standard. You can assume HTTP and CGI are present in any software calling itself a Web server

Essential and Desirable Features of a Web Server

Another essential server feature is the ability to recognize various file content types. This is necessary in order for the server to return the appropriate contenttype header to the client, identifying the nature of the response

Essential and Desirable Features of a Web Server

In addition to HTTP, CGI, MIME and logging, a Web server may offer one or more of the following enhancements: Access control Proxy and caching services Special database or application connectivity

Server-Side Includes (SSI)

SSI is an extension to standard HTTP that enables HTML authors to embed executable commands in their Web pages. These commands execute on the server after a page is requested, but before it's sent to the client.

Authentication, Authorization, and Encryption

That a user is who she says she is, and that the user has permission to access the requested document. The process of verifying the identity of a user is called authentication. The process of verifying an authenticated user's rights is called authorization. Encryption works by encoding the text of a message with a key, which is just a very long number. Typical keys are 40, 64, 80 or 128 digits long, In the parlance of cryptographers, a key's strength refers to the amount of computation required to crack it.

Authentication, Authorization, and Encryption

HTTP servers pose unique security problems for network administrators, stemming from the fact that file permissions have to be fairly open to enable users to access Web pages and run CGI scripts.. Restrict access at the Web server based on a client's IP address or username. Most server software provides some type of access control mechanism by which "authorized" users receive access to protected information and others are denied

Proxy Services
The firewall is a device, typically a router or server, that provides secure communications between private, trusted networks (such as an Intranet), and public, untrusted networks (such as the Internet) Technically, a proxy is a program that lives on the firewall and can see both sides of the interface, Intranet and Internet. The firewall can provide secure access to most Internet services, including HTTP, FTP, DNS (domain name services) and SMTP (e-mail). Each service provided in this way is called a proxy.

The Key Question Is....

How will you take advantage of the ability to share information with

anyone in the company your customers your business partners your suppliers.

Its not going to happen without planning and doing It may become chaotic if a framework is not put into place

ELEMENTOS A CONSIDERAR

Concerns....
1. 2. 3. 4.

5.
6. 7. 8. 9.

Networks Applications Scale Information Anarchy In planning for the evolution of your intranet it is important Publishing that you identify and manage potential problems. This section Staffing looks at some of these areas. Management Funding Security

Intranet Concerns

1. Network Infrastructure

Requires network capability (TCP/IP)

IP to every desktop? IP gateways? Mix IP and non-IP desktops? do not ignore need for mainframe connectivity Dynamic Host Configuration Protocol (DHCP) servers and router upgrades to pass IP packets

IP everywhere requires admin tools

Initial traffic may not cause problems Future uses (multimedia) will

Intranet Concerns

2. Applications

Web mechanisms simplify the delivery of client/server applications Interactive applications can be harder to develop Web applications can be very difficult to debug Many IS applications create reports

Intranet Concerns

2. Scale

To scale and be useful requires investments

Central architecture/blueprint
Common or shared mechanisms Central services

Intranet Concerns

3. Information Anarchy

The goal - make the Intranet a trusted tool for business It doesnt work if only some information is available, or is not up to dateor is wrong! Chaos can create content, and/or lead to user confusion and frustration.

Intranet Concerns

4. Publishing

Tough issues:

Who owns information? What can be published? Who polices? How do we know it is the latest? What happens when they lose interest?

Ties to legacy systems may help

New roles needed

Intranet Concerns

5. Staffing

Initial challenges Grow your own vs. use consultants What are other companies doing?

New roles: information designer, Web developer, Webmaster

Intranet Concerns

6. Management

Only some of the anticipated changes can come from technology Fundamental changes requires organizational and management work.. This is an evolutionary not revolutionaryprocess.

Intranet Concerns

7. Funding

Who pays for this? Different models

Business funded - based on value Cost of doing business

Reality: most cost comes in maintaining, extending intranet

Intranet Concerns

9. Security

Include security mechanisms, policies, and education, dont threaten the livelihood of the corporation.

Policies need to be communicated, enforced and continuously monitored.

VENTAJAS

Business Value
1.
2. 3. 4.

Increased competitiveness:
Expanded sales Costs reduced now and avoided later Improved productivity (due to better access to information & applications) Shortened product time to market (e.g., due to collaborative developments) Better customer support

5.

6. 7.

Increased Collaboration

Business Value

1.Increased competitiveness

Better access to competitive and internal information Just in time access Single access interface Easier to publish Sharing of knowledge New business opportunities

Business Value 2.

Expanded Sales

Faster access to information needed to win bids Shortened time to market Linking customers with internal systems Links to purchasers

Example: HBO

Moved multimedia files to Web Reduced printing costs Sales people have instant access to them

Business Value

3. Reduced Costs

Automated functions labor savings

Reduced cost of software and paper

distribution

Faster access to information

Example :Keycorp

Created internet site Realized need for same service internally -> Keynet Created initial production system in 90 days; cost $300K 1,000 employees access 40 content areas; 50-60K hits/month Saving on printing and distribution alone covered costs

Example: Compumotor

Division of Parker Hannifin (Industrial automation) Moved basic HR documents to their Web Took 6 months, cost $18K Saving 130K/year in document management costs Then moved to data warehouse access Next will put data about quality online

Business Value

4. Higher Productivity - Better Information Access

Single interface, platform independence Easier to learn, simpler to extend External information Easier to publish Connect to existing data Just in time information and training Over time information access

Example: Pacific Northwest National Labs

Needed access to project financial data Data existed; difficult to get at Moved basic reports to the Web w/subscriptions! And can do ad-hoc queries Also using for collaboration

Business Value

Higher Productivity - Better Application Access

Delivery to desktops Gateways to existing applications Cross-platform concerns reduced Browser testing reduced New possibilities

Business Value

5. Shortened time to market

Reuse of existing information Share information instantly (across the world ) Share information with business partners Faster development time

Business Value

6. Better Customer Support

For less money Around the world 24 hours a day With reference material Sharing between users Access to internal experts

Business Value

7. Support for Collaboration

Sharing documents, work Use of conferencing, other tools Support for virtual, distributed teams Not bound by restrictions of platforms and networks! The Web means that collaboration does not need to be bound by time nor space!

Example: NASA

Darwin - collaborative aeronautical design system Goal: design more quickly, for less money Lets manufacturers collaborate remotely on wind tunnel analysis Reduces upfront design costs Based on security (network, protected

Marco de desarrollo

Developing an Enterprisewide Framework

How Do We Get Started?

Starting an intranet can be simple

if the network is right

install a server create a few pages let folks know

and then.....

The challenge is to create an extensible information system that can be easily used by many people of diverse skill levels

Challenges of a Large-scale Intranet

To be used across the enterprise we need to create a trusted environment

Creating an Enterprise-wide Intranet Requires: Integrating mechanisms Services Information Policies

Why a Framework?

Evolutionary process Need roadmap

Infrastructure

Mechanisms Information Services Policies Management

Computing Environment

Underlying these tools is the computing environment

network web servers clients firewalls etc.

User Tools

Provide tested, licensed and supported tools Increase user acceptance Reduce licensing, support and testing costs More than Browsers

Plug-ins new viewers for new data and file formats remembering pages (bookmarking, notification)

User Tools

Reduce start-up, support and maintenance costs by providing tested and maintained collection of tools

Discovery Tools

Information is useless unless people can find it. Tools to help people find information: Search engines Spider-based search agents Announcement directories (internal Yahoo)

People help people find information

New types of agents: push intelligent search

Discovery

Finding it touches each part Intranet

How users use information and data How (and what) providers format and transmit How developers write and integrate applications How content is authored and how its published

Easy to start doing, difficult to start doing right

Support Systems

Provide support for end users Consider online FAQs, access to problem reporting systems for all users Use the Web as a training and help tool let users help and learn from each other Training, consulting, helping people use tools in best way

Web Tools

To help deal with constant change, help new technical people make good decisions Collection of tools, stories, hints, warnings... Overall tools immature, but evolving

data base access state management user interface forms processing cgi, Java, ActiveX, etc. May need to develop own tools, scripts

Web Toolbox
Share internal and external tools and experience
A collection place for descriptions, reviews and links to anything that makes creating or using the Web easier

WebMaster's NoteBook http://www.cio.com/WebMaster/wm_notebook.html

Adobe Acrobat Announcements Authoring Tools Browsers Converters Data Base Access Diagnostic Tools Editors Filters Players Firewall Forms Gateways Graphics Tips Icon libraries Image maps

Indexing tools Retrieval Tools Messengers Real Audio Robots Searching tools Security Scripts Sound Spiders Tracking tools verifiers Viewers VRML Other toolboxes

Applications
Document Access
Product Information Policies and Procedures Phone Directory Newsletters Project Information Official Travel Guide Employee Infobases Catalogs Newswire Clippings Software Libraries Art Libraries

This is a small sample of the types of applications that can be in an intranet.

Application Gateways
Access to Legacy Systems Access to Data Warehouse Access to Design Management Product Support Databases Sales Support Centers Training and Registration Subscription Services Indexing Engines

Groupware
Mail Conferencing Calendar management Electronic meeting Workflow Management Voice/video conferencing Whiteboard Document sharing Chat

Knowledge Applications
Knowledge Management Information Mapping Decision Support Knowledge Filtering Knowledge Preservation

Possible Types of Applications

Sales and Marketing

Product Development

product info customer info war stories leads competitive information online training

Product specs Schedules Team assignments customer issues competitive info

Possible Types of Applications

Customer Service

HR

Problem status Customer concerns News flashes Online Training

Benefits updates Pollicies Job postings Phone directories Maps Medical referrals Lookup of personal info

Beyond Applications

Take advantage of the Web and create functions, and not just specific applications For example, a Sales Workbench, a Customer Support Center, Product information with information pulled from multiple, distributed, sources
Trends: better tools coming, moving from point applications to functional apps; developing multiple apps, not one-ofs

Environment Managers

Intranets are getting complicated New tools help manage them. Most existing tools are linked to other tools
link validation document control version control site viewers user administration statistics tracking HTML validation security tools

Web Publishing System

Tools, processes, templates to create new Web information sites, share tools, experiences, implement standards
Goal: enable owners of info to create Web sites

A collection of tools, pages, guides to help groups create and maintain their own sites. Helps new groups get online quickly, more easily. A mechanism to enable creation, support, implement standards, and share new tools.

Potential cost savings: reduced startup costs shared tools shared information, reduced support costs

HTML editors HTML templates converters taxonomy Java applets process descriptions Links to Web archives examples search mechanisms guidelines Feedback forms templates Navigation Aids (graphics, HTML code)

Other benefits: common look and feel sharing of new tools,information implement desired stds.

Publishing Guidelines

Standardize on Content, not creation tools! Dont force users to learn and use new tools

WYSIWYG tools Document converters Document add-ons (IA)

Consider tools to convert commonly used documents for large-scale use Be wary of proprietary formats.

Information Repository
Provide a trusted information base, leveraging existing information whenever possible.

Eventually need access to "corporate data". Archives are a collection of shared information used by the enterprise. Sourcing depends on where information resides. Archive tools may need to support extensions, different security levels, multiple feeds, filtering and daily updates. This could be a significant project.

Web Information Repository

Cost savings:
Reduced cost of information sourcing. Improved information quality Improved ability to manage information Trust of users (critical!)

Costs:
development/testing/production costs.

Intranet Web Sites

Business groups create their own* Central group creates shared pages

access to common services Index service A place to communicate with company

* or do they? Whats your policy?

Benefits of A Central Web Site

Consistent navigation for all users Can be maintained Customizes view of Web for business Vehicle to communicate to users Simplifies startup and ongoing use of Web One of many, but it can serve as the coordination or entry point leading to other sites. Cost savings: page updates, time to access info, startup, reuse

Web Site Design Support

Help new groups learn how to create effective web sites

planning information design whats new sections use of navigation tools consistency (within site, across corporation) testing feedback tools

Design Help

Internal pages need to be easy to use and understand, and users should be able to navigate across the intranet. Web Team can help consistency through guidelines and consulting.

chunking titles icons logos

navigation bars date/author stamps cross-page references terminology

Base Mechanisms

This is the core set

see synergy between components User tools Discovery Tools Next phase of Web use will build Web Applications on this Web Toolbox Information Repository workflow Monitoring Tools large-scale retrieval systems Publishing Systems Web sites document management

Will need policies/guidelines Services will leverage

Development Tools Framework

Platforms User Tools Discovery Tools Publishing/Production/Document Management Databases/Repositories Applications Development Legacy Systems Integration Management Tools Conferencing/Collaboration

Computing Platforms

Leverage what you have Put computing power where it is needed

shared servers security (firewalls) common services

New Deployment Styles

PC approach: Do nothing. The user is on his own. NC approach: Do everything. The user has little or no say over his configuration. Compromise

Customized installation

repackaging existing installations into enterprise specific suites.

remote management of desktop devices Pushing software to desktops.

Smart clients: Registry, remote monitoring

PC vs NC Approach
Users responsibility: purchasing, using PC/NC
Universal Browser Platform

Provided by Network
Applications/ Applets Data

NC APPROACH

PC APPROACH
PC

Users responsibility: Purchasing, installing, upgrading, using, integrating

Applications
Operating System Software

Provided by Network

Data

What to Look for in Platforms

Ease of installation Functionality Integration into existing system services What you already know and have Scalability Third party tools

Infrastructure

Networks Web Servers (http) Servers Directories

Internet

E-Com GW Remote Access Mail Relay

Firewall

...

Mail HA Gateway NFS Serv er

Web Serv er FTP Load Balancer

DMZ
External DNS

Web Serv er

Firewall

Directory

Internal DNS

Mail

Admin

Logging

Corporate Network
NC Serv er Search Proxy / Cache Backup/ Recov ery Ops

...

Mail HA Gateway NFS Serv er

Web Serv er Load Balancer

Firewall

Remote Site(s) Sensitive Data

Web Serv er

Web Serv er

Proxy / Cache

Auth DB

CA

Database

Legacy Sy stems

TP