Extranet Maintenance

Many agencies are eyeing extranet technology as a way to make internalresources available to business partners and citizens who need the informationfor e-commerce transactions or to receive government services. The allure for agencies, of course, is the potential to increase operationalefficiency while cutting costs. Despite the benefits of extranets, manyagency officials say that overcoming the cultural barriers to sharing internaldata and systems with outsiders is just as challenging as the technicalaspects of building the system. But that's starting to change.

"There's a huge psychological and sociological investment dimensionas well as an economic dimension," said George Strawn, executive officerof the National Science Foundation's Directorate for Computer and InformationScience and Engineering. "I didn't know I needed a garage door opener untilI got one. The same holds true for early adopters of electronic solutions."

NSF was one of the first federal agencies to launch an extranet, withits FastLane project, an interactive, real-time grant proposal system thatwas rolled out in 1994 as a pilot using the Mosaic browser. The system nowallows university personnel to electronically submit grant proposals toNSF, check the status of proposals and draw down cash for approved projects.

Although definitions of extranets vary, they typically involve a networkenvironment that allows users outside an agency to access data and applicationsinside the agency's network. Extranet technology is most often tapped fore-commerce initiatives in which agencies are automating various tasks,such as procurement or public services.

Because the extranet market was not as developed when NSF launchedFastLane, the agency did all of its development work in-house, redesigninginternal systems to accept data entered from FastLane. More than 400 universitiesare now registered to use the system, and the agency has seen electronicsubmissions jump from 17 percent of all proposals in 1998 to 78 percentin the first third of this year, said Linda Massaro, NSF's chief informationofficer.

Massaro said it is difficult to measure the return on investment fromthe project but said it has had a dramatic effect on agency operations.

"We probably would have been out of business if we didn't have theseelectronic tools because we do more with less people, and we do it faster,"she said.

NSF has focused on making the system as user-friendly as possible,with an emphasis on making its use more intuitive.

"Before we bring up any new application, we put it out on a test serverand let people try it out," Massaro said. "Any time you're working withthe external community...I can't emphasize enough how important it is tocommunicate with your users. You can be providing good service, but if peopledon't know it or don't understand it, you're actually not providing goodcustomer service."

In addition to selling the users on the benefits of extranets, agenciesmust overcome cultural barriers that exist for their employees, said RichKellett, director of the General Services Administration's Emerging IT PoliciesDivision. Many agency staff members are not eager to share internal datawith outside users. In addition, the processes involved with e-commerceinitiatives often require a perception shift, he said.

"People think linearly," Kellett said. "The real value of an extranetis that all the processes happen in parallel. A customer is going throughthe Web site adding items to their shopping cart at the same time the systemis checking inventory."

Building the Infrastructure

Extranet development and maintenance spans various technology areas.Security and networking solutions obviously play a big role. You must alsouse World Wide Web and application servers to develop an infrastructureto run internal applications via an extranet.

IBM Corp. is targeting the extranet market with its WebSphere familyof application server products, which includes solutions designed to spanfrom simple Web publishing to enterprise-scale transaction processes. Theproduct family also includes Web site development tools and extranet managementsoftware.

Paraic Sweeney, vice president of business transformation for the IBMSoftware Group, said the biggest issue with extranets involves providingthe applications to users very quickly.

"An expectation is being raised among the general population by theirexperience on Yahoo and Amazon.com," Sweeney said. "There's obviously theneed to rapidly develop applications. You've got to take advantage of existingapplications because you don't have the time to recreate applications."

Once applications have been deployed to the extranet, agencies needto monitor and maintain them to ensure that they will be available no matterwhat time of day a user attempts to access it, he said. IBM has taken whatit has learned from operating busy Web sites for the Olympics and otherlarge sporting events and developed tools to monitor scalable servers, predictworkload and distribute the workload across multiple servers if the volumeoverloads one server.

"The workload on Web-based applications tends to be unpredictable,"Sweeney said. "The Web environment is available seven days a week, 24 hoursa day. You've got to provide for more available systems and...have sufficientcapacity within your infrastructure to cope with fluctuating demand."

For agencies not interested in building and managing their own extranets,extranet service providers are an option. For its extranet customers, AventailCorp. deploys a rack of redundant security and network devices to the customer'sbuilding and manages them remotely. The company's service includes pre-integrateddirectory services, authentication, encryption and load-balancing, saidJude O'Reilley, director of the firm's services market.

By using a service provider, agencies can expect to deploy "infrastructureon command" for an extranet within about 10 weeks — building their owninfrastructure could take 18 months, O'Reilley said. In addition, outsourcingrelieves agencies of complex maintenance issues, such as training and supportingextranet end users and managing their security access rights.

"One of the problems that absolutely has to be solved...is, "Who amI providing access to and under what conditions?'" O'Reilley said. "Whatyou need is a system of roles-based authorization. You define what a particularrole has access to and under what condition."

Phil Schacter, director of the network strategy service at The BurtonGroup Corp., said that provisioning, registering and managing extranet usershave provided the biggest technical challenges to many early extranet adopters.

"The nature of some of the populations that those agencies serve canbe in the millions," Schacter said. "If you're dealing with a large partner...youwant to be able to delegate the registration of his own employees to him.The key is keeping the cost of administration low."

In addition, agencies must coordinate integration to back-end systems— such as databases — as they build extranets, said Bob Parker, servicedirector of e-commerce at Boston-based AMR Research Inc. Agencies shoulduse integration tools that can be layered over multiple applications andmanaged from a central location, he said.

"I need to integrate this with back-end systems," Parker said. "Thatcan be the single most time-consuming part of an implementation. What youwant to avoid is point-to-point integration. Before you know it, you'vegot this bowl of spaghetti that has to be maintained."

Extranet Maintenance

Once an agency has installed the infrastructure for an extranet, officialswill want to test the system before deploying it to business partners orcitizens. Ganymede Software Inc. offers software solutions designed to testthe effects of running an application over new network geography and tomonitor application response time once the extranet is fully deployed,said Jim McQuaid, director of monitoring solutions at Ganymede.

"When you start changing the geography...or changing the network bandwidth,it's very common for applications that ran well in one environment to notrun well in a new environment," McQuaid said. "Testing is really the onlyprudent way to do any kind of major change wherever there's real visibilityor real business importance. If you wait until the users arrive, it's toolate."

The National Library of Medicine recently used Ganymede's Pegasus softwareto simulate data transfers and analyze the performance of a new networkthat would be used to transfer files from a remote site to the main campus.

Once an agency has tested its extranet, gauging application responsetimes and monitoring network performance can be key to an extranet's success,said Greg Fitzgerald, e-business strategist at BMC Software Inc. The company'sPatrol product is designed to enable administrators to simulate a transaction,time it and then baseline that time as an average that the system shouldmaintain.

"You have the capability to immediately recognize through one graphicicon the complete health of your entire Web system," Fitzgerald said. "Acustomer will only wait eight seconds for a Web page to load. You trulyonly have one chance to make a good first impression. Nowhere is this moretrue than on the Web."

Because agencies are providing outside users with access to their internaldata, security is paramount to extranet development and support. Thereare various security schemes that can be used for extranets, includingsmart cards and public-key technology, but agencies may find they need helpmanaging the security of their network.

Netegrity Inc. offers the SiteMinder policy server, designed to providesingle sign-on for users accessing an extranet or portal, while taking intoaccount different user access privileges for various applications. The serveris designed to set up user profiles and bind security policy to certaingroups within an organization

"How could you build out a portal, an extranet...and not make sure youhave a secure infrastructure and make it manageable?" asked Bill Bartow,Netegrity vice president of marketing. "Let us take care of the authentication....Oncewe understand who you are, we can provide single sign-on across the entireportal."

-- Harreld is a freelance writer based in Cary, N.C.


  • People
    Federal CIO Suzette Kent

    Federal CIO Kent to exit in July

    During her tenure, Suzette Kent pushed on policies including Trusted Internet Connection, identity management and the creation of the Chief Data Officers Council

  • Defense
    Essye Miller, Director at Defense Information Management, speaks during the Breaking the Gender Barrier panel at the Air Space, Cyber Conference in National Harbor, Md., Sept. 19, 2017. (U.S. Air Force photo/Staff Sgt. Chad Trujillo)

    Essye Miller: The exit interview

    Essye Miller, DOD's outgoing principal deputy CIO, talks about COVID, the state of the tech workforce and the hard conversations DOD has to have to prepare personnel for the future.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.