CHAPTER 3 PRELIMINARY ANALYSIS AND SOLUTION DETERMINATION
ACQUISITION SYSTEM
Prepared for: NEW RIDER IMPORTERS 250 Yonge Street Toronto, Ontario
Prepared by:
T.B.F.I. Ltd. 2560 Kingston Rd. Scarborough, Ontario M1M 1L8 New Rider Importers – Acquisition System Solution Proposal
November 14, 2001
四月 30, 2018 2 Chapter 3 Proposal.doc New Rider Importers – Acquisition System Solution Proposal
CHANGE HISTORY
Revision Date Changes Comments #
November 14, 2001 T.B.F.I. Ltd. 3 New Rider Importers – Acquisition System Solution Proposal
T A B L E O F C O N T E N T S
1.0 OVERVIEW...... 4
1.1 OBJECTIVES...... 4
1.2 IMPLEMENTATION MANAGEMENT...... 4
2.0 PHASE ONE...... 5
2.1 AREAS TO BE ADDRESSED...... 5
2.2 HARDWARE...... 5
2.3 SOFTWARE...... 5
2.4 ORGANIZATION...... 6
2.5 PHASE ONE SOLUTION...... 6
3.0 PHASE TWO...... 9
3.1 AREAS TO BE ADDRESSED...... 9
3.2 HARDWARE...... 9
3.3 SOFTWARE...... 9
3.4 ORGANIZATION...... 9
3.5 TOTAL SOLUTION...... 9
4.0 SUMMARY...... 13
November 14, 2001 T.B.F.I. Ltd. 4 New Rider Importers – Acquisition System Solution Proposal
1 OVERVIEW This Proposal is a solution for the sole replacement and improvement of the existing systems. At this time the existing system is a conglomerate of pieces, originally written as adhoc programs. New Rider Importers is a multinational firm that specializes in the acquisition and retail sales on a global scale. At this time there are more than 1,000 retail outlets in more than 60 countries. The single major problem that will be addressed is Response. Whether it be the poor response times, or lack of responding in time to a security breach and lack of a more real- time means in which their customers needs and wishes are conveyed to the Purchasing Agents. The question of scalability, future maintenance and the new solutions extensibility will also be addressed.
1.2 Objectives
The objective of this proposal is to have a complete and integrated solution that can be implemented given the constraints of the company. The main objectives are as follows:
. An Increase in the current performance levels. . A higher level of system availability. . A higher level of over-all Security. . A solution that is scaled to the needs of the company. . A properly maintained system. . A solution that will can grow in functionality with the growing needs of the company.
1.3 Implementation Management
Please note that Gary Gauthier is the Implementation Manager for this project. He will ensure that the project is successfully implemented. He will be responsible, during the implementation, for any decisions for the backout of the changes if required. These decisions will be based upon the recommendations of the project team. This will be a 2 phase implementation. The first phase will be the implementation of a communication network to allow the Purchasing Agents to receive information about sales so they know what they need to buy to satisfy the market trends. The second phase will be the fully robust solution that will address all existing and future concerns. It will be built using the phase one implementation as its backbone.
November 14, 2001 T.B.F.I. Ltd. 5 New Rider Importers – Acquisition System Solution Proposal
2 PHASE ONE
4.01 AREAS TO BE ADDRESSED
In this phase we will be concentrating on creating an infrastructure to solve the short term problem of not having the proper inventory available to the consumers. The following areas must be addressed whether it is with upgrades to existing items or new items.
1 HARDWARE
1. Purchase DSL modems for each Purchase Agent. 2. Upgrade existing modems to DSL modems. 3. Upgrade existing Operating Systems on PC’s to Windows 2000 or Windows NT 4.0. 4. Reconfigure the IBM mainframe to a multiprocessing unit with 4 processors. 5. Designate one PC as a system administrator’s PC and install Windows 2000 Advanced Server or Windows NT workstation on it. 6. Designate one PC as a Security Database Server and install Microsoft SQL Server. 7. Purchase a Server with One Intel® Pentium® III processor at 1GHz, 133MHz Front Side Bus, 256KB Level 2 cache (full processor speed), 2GB 133MHz ECC SDRAM (ECC memory is a type of memory that includes special circuitry for testing the accuracy of data as it passes in and out of memory), 2 60GB 7200 RPM ATA100 EIDE Hard Drives and internal 100T DDS4 tape drive (40GB) for backups. 8. The acquisition of a Virtual Private Network (VPN). A VPN uses the same technology as the Internet but runs separate from it. You will be the only company with access to your VPN. All transactions over this network will be encrypted when sent and decrypted when received.
2.3 SOFTWARE
1. Purchase IBM MQSeries and install it on the IBM mainframe. 2. Setup the new server as a Windows NT or Windows 2000 server. 3. Purchase FalconMQ from Series 8 Systems and install it on the new server. 4. Install Microsoft Transaction Server (MTS) on the new server. 5. Install Microsoft Message Queue (MSMQ) on the new server. 6. Create new reports in Visual Basic that track sales for the use of the Purchasing Agents. 7. Install a version of Microsoft Office and configure the laptops so they can use the Outlook email feature as their primary email. 8. Purchase an encryption software such as the Lavarand Process. For more information on encryption see the cryptology web site at: http://tbfi.hypermart.net. 9. Purchase Microsoft SQL Server.
November 14, 2001 T.B.F.I. Ltd. 6 New Rider Importers – Acquisition System Solution Proposal
2.4 ORGANIZATION
1. Hire a full-time Senior Systems/Security Administrator with a background in Microsoft networking, systems and security. 2. Creation of the basic business and Security rules that will be applied toward all transactions that will flow thru the new infrastructure. 3. Boot passwords are to be placed on all laptops and they must follow the new business rules also. 4. A comprehensive training program will be created and put in place for the in-house training of all staff as to the new security systems, new applications and new hardware. 5. For speed in the development and implementation of the first and most critical phase, there will be a need to contract out most of the work. However the need for full-time staff to be involved thru out both phases is of up-most importance. When the total solution is in place the knowledge base must reside in-house for proper ongoing maintenance to occur.
2.5 PHASE ONE SOLUTION
1. The following illustration shows the communication model that will be used for New Rider Importers.
Illustration 1.0
This illustration shows communication between the new Server, configured as either a Windows 2000 or a NT server, using Microsoft Message Queue Server (MSMQ) as the messaging software. The IBM mainframe that uses IBM MQSeries, another messaging product. A third-party product named FalconMQ provides the translation bridging between the two products. 2. The best communication solution for the short and long term is a Request/Response Asynchronous Communication model. This will allow the short term transferring of data both from and to the Purchasing Agents and also lend itself to a long term solution without need for modification. 3. With the hardware and software installed as in illustration 1.0 we will create a secure three-tiered infrastructure that will be used in all aspects of the total solution. In phase one it will only be used to create a vital link between the Purchasing Agents and the retail stores via the sales reports and email.
November 14, 2001 T.B.F.I. Ltd. 7 New Rider Importers – Acquisition System Solution Proposal
To deal with security concerns the new infrastructure will use a combination of new business rules, Windows NT authentication mechanisms, MTS security and the use of a distributed security database. Because there will be an external way of accessing the companies databases the risk is higher and proper security must be put in place. The new business rules will be instituted for all passwords. Some will be as follows: Each password must be 8 characters long. Each password must contain a minimum of 2 numeric characters. No password cannot start with a number. No password can have numbers together. Each password will be valid for only a period of 30 days. You cannot use the same password within a 12 month period. All the security information will be stored on a separate database and computer than the rest of the system. This database is to be backed up on a daily basis and the backups stored off-site. The new System/Security Administrator will be auditing the network on a regular basis. As mentioned under hardware a PC will be redefined as a Microsoft SQL Server and a security database will be built on it. This will be the home storage site of the security database. There will be automated transporters of security information to the locations in which they will be used. All transactions that are done over the VPN are to be encrypted before sending and decrypted at the receiving end via the new encryption software. Overall security will be a mixed format using NT authentication mechanisms being passed to the middle tier where MTS security packages will be setup. All business logic will be separated and placed into the middle tier (MTS). Users will no longer have direct access to the database from their application. Instead, they access the components running in MTS. The MTS components then access the database and perform updates or retrievals on behalf of the users. By doing this we split security into two types. The first type is application security. Application security involves authorizing users for access to the application code, or MTS packages. You implement application security in the middle tier by using MTS. The second type is data security. This involves authorizing the various MTS packages for access to the database. You implement data security in the data services tier by its security software. The illustration 1.1 shows how security works in a three-tier application. Application security involves authorizing users access to specific components and interfaces in MTS packages, limiting their capabilities. Thus, you map users to the application functionality that applies to them. Audit reports will be written and sent to the System/Security Administrator via email daily and a real time watch dog system will also be put in place to detect security breaches as soon as they occur. All hard coding of passwords is to be removed.
November 14, 2001 T.B.F.I. Ltd. 8 New Rider Importers – Acquisition System Solution Proposal
Illustration 1.1
4. Due to time zone differences the system will now become available 24 hours a day. With a mainframe reconfigured to multi-processing we can now use the other processors one will be for production, the second one for a development partition, the third will be used for credit card authorizations, running tax reports, backups, etc. The forth will remain idle for the time being, it can be blended into production if more power is needed.
November 14, 2001 T.B.F.I. Ltd. 9 New Rider Importers – Acquisition System Solution Proposal
3.0 PHASE TWO
4.01 AREAS TO BE ADDRESSED
To create a viable overall solution the following areas must be addressed whether it is with upgrades to existing items or new items.
2 HARDWARE
1. Purchase bar code scanners from Symbol Technologies for all checkouts. 2. Upgrade existing checkout registers to have a key that physically locks the register and cash drawer. 3. Upgrade the connection to a T1 for all authorizations of credit cards, debt cards and cheques.
3.3 SOFTWARE
1. Upgrade existing IT software to Microsoft Visual Studio Enterprise. 2. Purchase of Microsoft’s Systems Management Server (SMS).
3.4 ORGANIZATION
1. All code for all systems will be written using Visual Basic as components using Microsoft’s Enterprise technology. 2. An integrated Purchase Order System (POS) will be written and implemented using Distributed Component Object Model (DCOM). 3. A comprehensive training program will be created and put in place for the in-house training of all staff as to the new security systems, new applications and new hardware. 4. Because the system availability will now need to be 100% the maintenance procedures will need to be scheduled around the clock. 5. There will also be a need to have a IS maintenance staff onsite whenever a retail outlet is open. There will also be a need for an internal help desk whenever the stores are closed but the system is able to be accessed. The IS maintenance staff should be comprised of people who together have a combined system knowledge base of about 90-95%. This includes both business and IS. A variety of senior IS people should also be on-call in order to cover the remaining 5-10%. These people should also have remote access with a system generated password that changes after it has been used, and must be given out by the System/Security Administrator.
3.5 TOTAL SOLUTION
1. Because of the use of Component technology all application updates can be implemented without a need for a maintenance interruption of services. 2. With the creation of a development region with it’s own dedicated processor there should be no impact on the production region.
November 14, 2001 T.B.F.I. Ltd. 10 New Rider Importers – Acquisition System Solution Proposal
3. Prior to the running of any financial reports like the ones run at tax time an image of the financial databases will be made. By running the reports from the images plus having a dedicated processor will remove any production impact they had. The running of reports, backups, etc. and giving them their own processor should relieve any remaining impact to online response times. 4. This overall approach proves to be a less expense solution as proven out by recent studies that show as much as 30–40 percent of corporate IT budgets for application development are targeted at developing that application infrastructure. The use of MTS reduces those costs because it provides centralized, multi-user functionality. The following illustration 1.3 shows how the solution will look when completed. It will be a three-tier client/server architecture with the addition of MTS as the application infrastructure.
Illustration 1.3
5. This solution Architecture also allows for future expansion to include web based applications without the need to change the existing infrastructure. 6. For the distribution and maintenance of the application systems Microsoft’s Systems Management Server (SMS) will be used. SMS writes modifications directly to the target computer. It allows you to automate the following: Update a large number of computers requiring maintenance upgrades. Update multiple pieces of software required in upgrade. Allows fairly simple, repetitive tasks like those found in upgrades to be done. It has reliable network connectivity. It uses limited human technical resources. Works best in a Homogeneous, Microsoft-based computing environment. 7. The system will be configured to update the computers as soon as they are booted up. The servers can be updated at anytime. 8. The application FastBooks Pro will be incorporated into a Visual Basic application solution that will download all account information at a set time (6:30 am) and give any users full access to all of the software’s capabilities and give any added functionality needed.
November 14, 2001 T.B.F.I. Ltd. 11 New Rider Importers – Acquisition System Solution Proposal
9. As mentioned earlier the main application system will be an integrated Purchase Order System (POS). This system will be running in a real-time mode. When a customer brings an item to the Checkout Assistant they will scan the item. This will do two things first it will be added to the number items being bought by the customer on the register creating a proper checkout. The second thing that will happen is the code of the item will be captured on the registers CPU and it will transmit a call for a sell transaction to the modem over the LAN. The transaction call will be issued to MTS over the VPN. MTS will check the security of the sender if it’s OK it will then check the business rules for this transaction, if all is still OK it will create the transaction to update the database. The transaction would be sent thru MSMQ which in turn would send it to FalconMQ. It would be translated and sent to MQSeries and onto the database. In this case there will be a transaction to remove the product from the stores inventory, a transaction to remove the product from the companies inventory, a transaction to add the product to total sales for the store, a transaction to add the product to total sales for the company and finally a transaction to add the product to a reorder database. The transactions will basically be reversed in the case of a voided item or a return. Depending on the transaction speed there may be a need for more than one modem per store in the future. With a system that has a real time input feed a set of ongoing applications can be running in a background mode analyzing buying trends and store inventories. When an item reaches a predetermined reorder point an order email can be sent to the purchase Agent(s) in charge of that item. They can then access up to date information on the companies inventory on that item or on a store by store basis. 10. If there is a market for a particular item that is new to the company a system will be put in place where the Checkout Assistant can email their Branch Manager. The Branch Manager will send an email to the Purchase Agent(s) requesting this item be bought. He will also send a response to the store as to the status so the customer can be informed. He will also create the new item in the inventory system with the proper reorder points set. 11. When items are received by the central warehouse they are added to the companies inventory. When the stores receive the items they are added to the stores inventory. 12. if the product is defective upon receipt a transaction is placed to add the defective items to the reorder and update a vendors history table. 13. The bar codes used for pricing and inventory control can either be ordered or created and printed on site. 14. All registers will either be physically locked or logged off of when the Checkout Assistant is not present. 15. There will be daily, weekly, monthly and year-end backups done on the system. The daily backups will consist of all transactions done in that day. The weekly backups will be of all information on all databases for that week. The monthly backups will be of all information on all databases for that month. The year-end backups will be of all information on all databases for that year. Only one set of backups will be executed on any given day except at year-end when an extra monthly backup is done. Daily backups will run except when a weekly, monthly or year-end backup is scheduled. Weekly backups will run except when a monthly or year-end backup is scheduled. Monthly backups will run except when a year-end backup is scheduled.
November 14, 2001 T.B.F.I. Ltd. 12 New Rider Importers – Acquisition System Solution Proposal
All backups will be stored offsite. The daily backups will be moved offsite once the weekly, monthly or year-end backup is done. The weekly backup will be moved offsite once the next weekly, monthly or year-end backup is done. The monthly backups will be moved offsite once the next weekly, monthly or year-end backup is done. The year-end backup will be moved offsite immediately. 16. Special reports will have to be written for tracking and finding trends also a user query application so the user can create his/her own specific temporary query based on the given circumstances.
November 14, 2001 T.B.F.I. Ltd. 13 New Rider Importers – Acquisition System Solution Proposal
4.01 SUMMARY Due to the fact that this is only a preliminary analysis and solution determination all details have not at this time been analyzed or determined. Budgetary, time and manpower constraints have not been addressed. This Proposal contains the best mix of technology currently existing at New Rider Importers with new technology to produce a solution that will not only work currently but far into the future. It also gives the company the option to add more functionality and scalability without having to change their infrastructure. This solution also creates a secure environment for growth. It also removes the constraints placed on it by an out dated system running without sufficient infrastructure to support it. It also produces a possible source of secondary income thru the leasing out of computer time on the fourth processor if it is not being used. A detailed analysis of all existing systems, all types of interactions, available manpower and budgetary constraints would produce a more complete and detailed proposal with the necessary timelines , budgets and manpower needs. A final suggestion as possibly a post-implementation project, the conversion of the existing database to a Microsoft SQL Server simply due to its automated roll back, roll forward and additional security.
November 14, 2001 T.B.F.I. Ltd. 14