Managing the intranet mess
- By Brian Robinson
- Apr 26, 1998
Robinson is a free-lance journalist based in Portland, Ore. He can be reached at [email protected] are moving into their next stage of evolution— from being publishing conduits for pages of static information to more dynamic and interactive resources. People finally will be able to use intranets to run dynamic applications, not just to read material online.
Rather than just posting pre-defined information on an intranet World Wide Web site, agencies are building applications that allow users to retrieve data from multiple sources. For example, a Navy organization built an intranet application to give users access to mainframe data that otherwise would be out of reach.
Intranets' explosive growth will continue. Market watcher Gartner Group Inc. sees intranets and their global sibling the Internet as the "core backbone" for the emerging electronic workplace. They will become the new master platform for enterprise and inter-enterprise connectivity, and more than 70 percent of enterprise standards through 2003 will be driven by Internet-derived technologies.
But this comes with a price. As intranets handle more dynamic information, complexity increases. Security, always a concern, becomes an even bigger headache. Legacy systems and applications have to be accommodated. As the amount of data that users access through intranets increases, bandwidth becomes a crucial issue.
In other words, the mess has to be managed.
"Either people don't have the bandwidth or it's all been Mickey-Moused together over time, and you operate according to the least common denominator," said R.C. Rolfe, manager of IBM Corp.'s software sales to the U.S. government. "Many of the problems come from people on the applications side being on a different page from those on the network side."
The result is that in the client/server environment in which intranets operate, system management becomes "a huge problem."
"It's too easy to throw up an intranet and then assume it will scale to what you eventually will need," said Craig Miller, a clinical information specialist at the Department of Veterans Affairs facility in Roxbury, Mass., who is in the process of building an intranet there. "You need to build for growth and different user skills. Just like with a house, you need a blueprint."
The good thing is that there may still be time to prepare. Agencies are moving to transactional applications, Rolfe said, but for now "we are still very much in the static mode."
One overriding concern for intranets handling dynamic Web pages is keeping the content of pages current. Unlike static pages, where the content is fixed, the information in dynamic pages changes depending on when information in the departments' databases changes. If a date or time in a static calendar page changed, for example, an entirely new page would have to be published. In a dynamic page, just the one element would change.
There has been no easy way to automate that process until recently, according to Larry Warnock, vice president of marketing for Documentum Inc. The "classic" response has been to throw Webmasters at the problem.
"But the Webmasters don't own or control the information," he pointed out. "They are there only to get the information onto the site and make it look appealing. They can't be expected to keep the content current. As long as they are employed doing this, then the people in charge of intranets in agencies will continue to see problems and errors embedded in their Web data."
Documentum's RightSite creates a repository that sits on top of a relational database and automatically feeds items from the database to a Web page, assembling it "on the fly" according to what a particular user is authorized to see. It also maintains all of the hyperlinks associated with a Web application so that they always point to the appropriate version of a page.
Oblix Inc. takes a similar tack with its IntraPower Suite, which supports relational databases but also gets a lot of its power from support of the Lightweight Directory Access Protocol which a growing number of organizations are using to centralize their critical data.
LDAP, an X.500 spinoff that is controlled by the Internet Engineering Task Force, is supported by major intranet players such as Microsoft Corp., Netscape Communications Corp. and Novell Inc.
"With the intranet, people want to access everything, plus they want to push it down to all the employees," said Sandeep Johri, president and chief executive of Oblix. "To do that, you need a personal profile for each of the users kept in a variety of systems. The databases in intranets now that have this information don't talk to each other, and the way they present the information is not very good."
The answer is to construct a shared data repository for this kind of information, he said, and most people are thinking of using LDAP for this.
Accessing Legacy Data
Another concern as intranets move to interactive and transactional applications is being able to incorporate legacy system data, particularly from mainframes. Despite rumors to the contrary, mainframes still supply the majority of data for such things as government accounting and financial systems.
"In a client/server environment, you would have to take the data off the mainframe and put in into the server so that you can then deliver documents to the desktop PC client," said Terence Di Benigno, vice president of marketing and business development for Network Software Associates. "But the problem with having a server in between is [that] there are scalability issues."
The mainframe is designed to handle terabytes of data, he explained, whereas the server has a smaller capacity. Also, he said, some of the applications still have software designed for the mainframe, and they would have to be completely redesigned to work in a client/server environment, which is a costly process.
The Crane Army Ammunition Activity at the Crane Naval Weapons Support Center in Indiana has been using Network Software Associates' Report.Web product to move its mainframe-based legacy accounting system to an intranet.
"In the past, we've always had either to buy expensive dedicated terminals or PCs with emulation capability," said Crane systems administrator David White. "So we decided we would rather move the whole thing to an intranet."
At first they tried to hook a Unix box to the mainframe and bring the data down into that, he said. But they found it took a long time to convert the mainframe data for the Unix database. Report.Web, on the other hand, is host-independent and can access data directly from either a mainframe or a server and combine it at the desktop through the browser, so such lengthy conversions are unnecessary.
Security, of course, is always uppermost in the minds of most intranet managers, and that concern won't be reduced in the future. John Menkart, Netscape's regional sales manager for the Defense Department, expects the future expansion of intranets will take agencies into new waters as far as security is concerned.
"Agencies have had a strategic focus on intranets for some time but are just now looking to see how to access operational data," he said. "Security is now based on the firewall and how to keep people out, but the question is how to supply security at the service level. That requires authentication at each user level, and firewalls just don't provide this."
DOD recently chose Netscape server products as the basis for what will be the largest public-key infrastructure (PKI) in the world, which will be used to verify an individual's identity in a military electronic environment, which includes intranets. In this case, the PKI centrally manages access to the database through the Web browser.
Civilian agencies will likely adopt something similar, Menkart added, and incorporate the security up front as part of the network infrastructure to deal with such things as financial applications.
This will mesh with other user-level security such as version control— monitoring who can see each version of a page and tracking those different versions— and check in/check out of documents— allowing a document to be checked out of a repository but not allowing it to be altered until it is checked back in again.
But there is at least one other issue that is getting almost as much consideration as security: bandwidth. As more users get access to intranets and as increasingly complex applications boost the traffic levels on intranets, a network's ability to handle the workload will be stretched.
"We have a lot of people trying to do a lot of things at the same time," said Peter Jacobs, vice president of marketing for NetGuard Inc. "A lot of solutions are being offered, though these basically address the ability of data to get from Point A to Point B. But they don't address how much data can be handled at any one time."
As with the Internet, data delivery on an intranet works on a first-come, first-served basis, he said. So besides being an issue of enough bandwidth, it is a case of how bandwidth is used, "which relates directly to the business process of an organization."
NetGuard's solution, for example, allows for the decision-maker in any organization to monitor the use of an
intranet in real time to see who is using the intranet and when. That decision-maker can then set limits by name and Internet Protocol address for just how much bandwidth a particular person is allowed to use.