Chapter 4
Analyzing Your Portal Requirements

This chapter describes how to analyze your organization’s needs and requirements that lead to designing your Sun™ ONE Portal Server software deployment.

This chapter contains the following sections:

Identifying and Evaluating Your Business and Technical Requirements
Mapping Portal Server Features to Your Business Needs

---

Identifying and Evaluating Your Business and Technical Requirements

The first step in planning your deployment is identifying your Portal Server business and technical requirements.

Your business requirements address your organization’s problems and opportunities, and include such factors as:

Services
Service availability
Future growth
New technologies
Capital investment

To be useful in formulating design requirements, the business requirements must address detailed goals and objectives.

Your technical requirements (often called functional requirements) discuss the details of your organization’s system needs and desired results, and include such factors as:

Performance
Security
Reliability
Expected performance criteria of the portal

The technical requirements define all functions required of an architecture and provide guidelines for how each component works and integrates to form an entire system. Your organization needs technical requirements to formulate the best design approaches and apply the appropriate technologies to accomplish the desired architectural solution for your portal. You need to gather both business and technical requirements before you can address architecture and design issues.

After obtaining both business and technical requirements, carefully evaluate them. Identify how realistic each requirement is. What would be the best design approach to satisfy each requirement and related requirements? Consider all the associated constraints (costs, time to deploy) and decide if any requirements need to be modified before determining the deployable solution. Evaluating your business and technical requirements will help you formulate a design that:

Meets your business objectives today
Offers the best available performance
Provides high availability
Is highly scalable
Deploys easily
Does not contain any single points of failure
Provides just the right capacity to meet growth for the next several months
Provides enough capacity to meet above normal peek usage
Enables upgrade and migration paths
Is cost-effective
Can be deployed in a reasonable timeframe (A tight deadline might result in your changing of the architecture.)

Determining Your Business and Technical Requirements

This section provides a series of questions that you use to determine your business and technical requirements. Answering these questions alone does not provide the ultimate answer of what your portal architecture and deployment will look like. Instead, this is the first step in gathering your requirements in such a way as to describe the problems and opportunities facing your organization but without yet proposing a specific solution.

The questions in this section are grouped in the following areas:

Business Objectives
Technical Goals
User Behaviors and Patterns
Back-End Systems
Front-End Systems
Data Centers
Growth Projections
Security
Search Engine
Performance
Availability
Maintainability

Some questions in these areas will not apply to your portal design, and in some cases, you will identify and have to address issues that are not presented here.

Note	Many organizations often contain their business and technical requirements within a single requirements document.

The Architectural Decision to Use Secure Remote Access Software

There are no other questions in this chapter pertaining directly to Sun™ ONE Portal Server, Secure Remote Access (SRA) software. Deploying SRA is an architectural decision, not an identification of requirements.

Business Objectives

The business goals of your portal affect deployment decisions. It is important to understand your objectives. If you do not understand your business requirements, you can easily make erroneous assumptions that could affect the accuracy of your deployment estimates.

Use these questions to help you identify your business objectives:

What are the business goals of this portal? (For example, do you want to enhance customer service? Increase employee productivity? Reduce the cost of doing business?)
What kind of portal do you need? (For example, business-to-business (B2B), business-to-consumer (B2C), business-to-enterprise (B2E), or a hybrid?)
Who is your target audience?
What services or functions will the portal deliver to users?
How will the target audience benefit from the portal?
What are the key priorities for the portal? (If you plan to deploy your portal in phases, identify key priorities for each phase.)

(Optional) Use these questions to help identify your business objectives if you are deploying a secure portal:

Do you need to increase employee productivity (by making your intranet applications and servers accessible over the Internet)?
Do you need to provide secure access to your portal?
Do you need to reduce cost of ownership of an existing Virtual Private Network (VPN) solution?
Do you want employees to access intranet applications such as Citrix and pcAnywhere from the Internet?
Do you want your employees to explore intranet servers or machines from the Internet?
Who is your target audience (all portal users, employees, or customers)?

Technical Goals

The reasons you are offering your portal have a direct affect on how you implement your portal. You must define target population, performance standards, and other factors related to your goals.

Use these questions to help you identify the goals of your portal:

What is your portal’s biggest priority?
What applications will the portal deliver?
What is your target population?
What performance standard is necessary?
What transaction volume do you expect? What transaction volume do you expect during peak use?
What response time is acceptable during peak use?
What level of concurrency—the number of users who can be connected at any given time—is necessary?
Should access to the portal be through intranet or Internet?
Will your portal be deployed in one phase, or many phases? (Describe each phase and what will change from phase to phase.)

User Behaviors and Patterns

Study the people who will use your portal. Factors such as when they will use the portal and how they have used predecessor systems are keys to identifying your requirements. If your organization’s experience cannot provide these patterns, you can study the experience of other organizations and estimate them.

Use these questions to help you understand users:

How many end users will you have? What is the size of your target audience?
Will users login to the portal at the same time each day? Will they use the portal at work or somewhere else?
Are users in the same time zone or in different time zones?
How long do you expect the typical user to be connected, or have a valid portal session open? What use statistics do you have for existing applications? Do you have web traffic analysis figures for an existing portal?
How many visitor sessions, or number of single-visitor visits, are likely within a predefined period of time?
Is portal use likely to increase over time? Or stay stable?
How fast will your user base grow?
How have your users used an application that the portal will deliver to them?
What portal channels do you expect users to use regularly?
What expectations about your portal content do your users have? How have they used predecessor web-based information or other resources that your portal will offer?

Back-End Systems

Examine your back-end systems to verify that they can support your portal. Scalability, performance, and your data center organization are among the factors you need to assess.

Use these questions to help you understand your back-end systems:

Does your organization have the technical competence and support organization to deploy and maintain the portal system?
Are back-end systems scaled to levels that your portal will need?
Can back-end systems support concurrent users during normal use? During peak use?
What is the data bandwidth of your intranet?
Can your existing back-end systems support the number of concurrent users expected for your portal?
Will response time and other performance metrics of your existing back-end systems be adequate?
How many geographic locations are involved? How does traffic in these areas vary?
What response times will back-end systems deliver during normal times? During peak times?
What type of redundancy do you have?
How do you manage maintenance and production upgrades?

Front-End Systems

Analyze the front-end systems that will be used for access to your portal. This enables you to identify how your users will connect to your portal and what kinds of browsers they will use. These factors will affect your requirements.

Use these questions to help you understand your front-end systems:

How will users access your portal?
What environments do your users have? Will they be using airport kiosks, Internet cafes, homes, or corporate locations?
What browser features do your users have? Do they have Java™ applications? Is JavaScript™ technology enabled? Is cookie support enabled? Are tables supported?

Note	Minimum browser requirements will be determined by the types of applications you deploy through the portal.

Data Centers

Your data center structure and requirements often have an affect on your deployment decisions. The number of data centers and their location are factors to define. Accessing data from remote data centers significantly impacts overall portal response times.

Use these questions to help you assess data center requirements for your portal:

How many data centers are used to host the portal?
What data center requirements and restrictions exist?
Where are the data centers located?
What data bandwidth is available at each data center?
What are the typical response times between identified data centers?
How many routers, firewalls, or other devices exist between each data center and are there any bandwidth throttling devices installed?

Growth Projections

In addition to determining what capacity you need today, assess what capacity you will need in the future, within a time frame that you can plan for. Growth expectations and changes in how your portal is used are factors you need to accommodate growth.

Use these questions to help you set growth projections for your portal:

What is the projected growth for the portal? How fast will the growth occur?
How will your business objectives change in the next two or three years?
What plans do you have for future content?

Security

Determine whether security is needed for your portal. If so, you must assess what kind is appropriate.

Use these questions to help you identify security requirements for your portal:

Do users need to access intranet information through the Internet?
Is SSL required for authentication to the portal?
Is SSL required for any other part of the portal?
What are your security policies?
What are your single sign-on requirements?
Are there requirements for running SSL internally between servers, and if so, what is the projected data flow? (This is important to know for deployment.)
Do users have a universal user ID and password? If not, where is the user ID and password information stored and how will the portal access it if SSO functionality is required?

Search Engine

How you implement Search affects how you size the server you use for the Search Engine.

Use these questions to help you identify Search Engine requirements for your portal site:

Which organizations will be using Search?
In each organization how many documents are expected to be indexed in the Search database?
How many documents or resource descriptions (RDs) will be in the Search database?
How many concurrent Search users are expected? Will use occur at certain times of the day? Or at certain times in a business process? When are these times? How many concurrent users will occur at each time?
How many concurrent searches are expected?
Will you use document level security?
Will you use a taxonomy for browsing?
Will you use the discussion feature?
Will you use the subscription feature?

Performance

The performance that your portal must deliver directly affects your deployment requirements. Scalability, capacity, and high availability are some of the standards you need to consider.

Use these questions to help you evaluate performance requirements for your portal:

What performance requirements exist?
What high availability requirements exist?
What response times are acceptable? How do the response times of your stand-alone systems compare with response time requirements of your portal?
If you size your portal infrastructure for good response times during regular hours, can you tolerate a possible degradation in performance during peak load times?
How many concurrent sessions, or connected users, are likely during peak use? (Count only users who are active. Do not include users who are, for example, away on vacation, or on leave.)
What is the above-normal peak time? How does this information affect your peak concurrent user estimate?
What sort of user activity occurs during peak periods? Logins or reloads?
How long do you expect the typical user to be connected, or have a valid portal session open? What use statistics do you have for existing applications? Do you have web traffic analysis figures for an existing portal?

Availability

How you implement a highly-available system affects the ability of the system to provide agreed system access levels over time.

Use these questions to help you assess the availability requirements for your portal:

What high availability requirements exist specifically for the portal server?
What are the requirements for preventing any single point of failure to the system?
Have data centers and delivery points, network, and back-end systems been designed to be highly available?
How effective is the production support organization? Does the support staff have the necessary skills, processes, and procedures in place to adequately maintain a production portal system?
Understand your availability requirements for each component of your deployment. Different components might require different levels of availability, and hence a different design and configuration approach.
Are you concerned about denial of service attacks?
Do the size and availability requirements of your portal warrant the use of a clustered LDAP server? If so, does your organization have the expertise to operate and maintain the cluster in the event of problems?

Maintainability

Determine how you want to administer and maintain your portal.

The following type of questions will help you identify maintainability requirements for your portal:

What are the requirements for backing up and restoring your portal?
How will user provisioning be handled?
Will you use delegated administrators for your portal?
Does your support organization have the processes in place and technical abilities to troubleshoot and fix portal problems?
Will you train your support organization in maintenance and operations of the portal?

---

Mapping Portal Server Features to Your Business Needs

The previous sections posed questions to you about the various areas of the Portal Server platform from a high-level perspective of business and technical needs. This section reviews specific technology features with the goal of determining which technologies are most important for your organization. Review these features while keeping in mind your organization’s short-, mid-, and long-term plans.

Use the following sections and tables to assess the benefits of the listed features and determine their relative priority for your organization. This will assist you in developing a deployment plan in a timely and cost effective manner.

Note	In all likelihood, your Sun ONE sales representative has previously discussed these topics with you. Thus, this section serves as a review of that process.

Identity Management

Portal Server uses identity management to control many users spanning a variety of different roles across the organization and sometimes outside the organization while accessing content, applications and services. The challenges include: Who is using an application? In what capacity do they serve the organization or company? What do they need to do, and what should they be able to access? How can others help with the administrative work?

Table 4-1 shows the identity management features and their benefits.

Table 4-1  Identity Management Features and Benefits  

Feature	Description	Benefit
Directory service	Sun ONE Portal Server uses Sun™ ONE Identity Server and Sun™ ONE Directory Server.	Portal Server uses an LDAP directory for storing user profiles, roles, and identity information for the purpose of authentication, single sign-on (SSO), delegated administration, and personalization. Portal Server uses an open schema that can reside in a centralized user directory, thereby leveraging an enterprise or service provider’s investment in the Identity Server and Directory Server products.
User, policy, and provisioning management	Identity Server enables you to manage many users spanning a variety of different roles across the organization and sometimes outside the organization while accessing content, applications, and services.	Provides a centralized identity management solution for storing and managing identity information, which is integrated with a policy solution to enforce access rights, greatly simplifying these challenges. Extends a common identity to handle new applications, enables applications to share administrative work, and simplifies tasks normally associated with building these services from scratch. Consolidates management of users and applications. Personalizes content and service delivery. Simplifies and streamlines information and service access. Reduces costs associated with managing access and delivery. Provides secure policy-based access to applications. Ensures secure access as portal deployments expand beyond employee LAN access.
Web single sign-on (SSO)	Identity Server integrates user authentication and single sign-on through an SSO API. Once the user is authenticated, the SSO API takes over. Each time the authenticated user tries to access a protected page, the SSO API determines if the user has the permissions required based on their authentication credentials. If the user is valid, access to the page is given without additional authentication. If not, the user is prompted to authenticate again.	Enhances user productivity by providing a consistent, centralized mechanism to manage authentication and single sign-on, while enabling employees, partners and customers access to key content, applications, and services. By being more secure, the more cost-effective and productive your organization and business will be.
Delegated administration	The Identity Server administration console provides role-based delegated administration capabilities to different kinds of administrators to manage organizations, users, policy, roles, channels, and Portal Desktop providers based on the given permissions.	Enables IT to delegate portal administrative duties to free up valuable IT resources and administration.
Security	Provides single sign-on for aggregated applications to the portal.	Security is a key functionality in portals. Security can address many different needs within the portal, including authentication into the portal, encryption of the communications between the portal and the end user, and authorization of the content and applications to only those users that are allowed access.

Personalization

Personalization is the ability to deliver content based on selective criteria and offer services to a user.

Table 4-2 shows the personalization features and their benefits.

Table 4-2  Personalization Features and Benefits  

Feature	Description	Benefit
Deliver content based on user’s role	Portal Server includes the ability to automatically choose which applications users are able to access or to use, based on their role within the organization.	Increases employee productivity, improves customer relationships, and streamlines business relationships by providing quick and personalized access to content and services.
Enable users to customize content	Portal Server enables end users to choose what content they are interested in seeing. For example, users of a personal finance portal choose the stock quotes they would like to see when viewing their financial portfolio.	The information available in a portal is personalized for each individual. In addition, users can then customize this information further to their individual tastes. A portal puts control of the web experience in the hands of the people using the web, not those building the web sites.
Aggregate and personalize content for multiple users	Portal Server enables an enterprise or service provider to aggregate and deliver personalized content to multiple communities of users simultaneously.	This enables a company to deploy multiple portals to multiple audiences from one product and manage them from a central management console. Also, new content and services can be added and delivered on demand without the need to restart Portal Server. All of this saves time and money, and ensures consistency in an IT organization.

Aggregation and Integration

One of the most important aspects of a portal is its ability to aggregate and integrate information, such as applications, services, and content. This functionality includes the ability to embed non-persistent information, such as stock quotes, through the portal, and to run applications within, or deliver them through, a portal.

Table 4-3 shows the aggregation and integration features and their benefits.

Table 4-3  Aggregation Features and Benefits  

Feature	Description	Benefit
Aggregated information	The Portal Desktop provides the primary end-user interface for Portal Server and a mechanism for extensible content aggregation through the Provider Application Programming Interface (PAPI). The Portal Desktop includes a variety of providers that enable container hierarchy and the basic building blocks for building some types of channels.	Users no longer have to search for the information. Instead, the information finds them.
Consistent set of tools	Users get a set of tools like web-based email and calendaring software that follows them through their entire time at the company.	Users do not have to use one tool for one project, another tool for another location. Also, because these tools all work within the portal framework, they all have a consistent look and feel and work similarly, reducing training time.
Collaboration	Portal Server provides control and access to data as a company-wide resource.	In many companies, data is seen as being owned by individual departments, instead of as a company-wide resource. The portal can act as a catalyst for breaking down these silos and making the data available in a controlled way to the people who need to use it. This broader, more immediate access can improve collaboration.
Integration	Portal Server enables you to use the Portal Desktop as the sole place for users to gain access to or launch applications and access data.	Easy integration with existing email, calendar, legacy, or web applications enables the portal to serve as a unified access point, enabling users—be that employees, partners, or customers—to access the information they need quickly and easily.

Search Services

Portal Server includes a secure Search Engine, enabling users to search content and receive only those results that they are authorized to receive.

Table 4-4 shows the Search features and their benefits.

Table 4-4  Search Features and Benefits  

Feature	Description	Benefit
Search Engine	Enables the retrieval of documents based on criteria specified by the end user.	Saves users time by providing easy access to content.
Categorization	Organizes documents into a hierarchy. This categorization is often referred to as taxonomy.	Provides a different view of documents that enables easy browsing and retrieval.
Robot	The Search Engine robot is an agent that crawls and indexes information across your intranet or the Internet.	Automatically searches and extracts links to resources, describes those resources, and puts the descriptions in the Search database (also called generation or indexing).
Discussions	A forum for multiple threaded discussions.	Contents are individually searchable and importance rating are given for of all comments
Subscriptions	Enables the user to track new or changed material in different areas of interest.	Discussions, search categories, and free-form searches (saved searches) can be tracked.

SRA

Adding SRA extends your portal to remote and mobile employees or business partners without the additional cost of administration and maintenance found in a traditional Virtual Private Network (VPN) solution.

Table 4-5 shows the SRA features and their benefits.

Table 4-5  SRA Features and Benefits  

Feature	Description	Benefit
Integrated security	Extranet or Virtual Private Network capabilities “on demand” while providing user, policy, and authentication services. The gateway component provides the interface and security barrier between remote user sessions originating from the Internet, and your corporate intranet.	Extends an enterprise’s content, applications, files, and services located behind firewalls to authorized suppliers, business partners, and employees. To prevent denial of service attacks, you can use both internal and external DMZ-based gateways.
Remote access	Users achieve remote access through three components: Gateway NetFile Netlet	The gateway presents content securely from internal web servers and application servers through a single interface to a remote user. NetFile, a file manager application, enables remote access and operation of file systems and directories. Netlet facilitates the running of popular or company-specific applications on remote computers in a secure manner. After you implement the Netlet at your site, users can securely run common TCP/IP services, such as Telnet and SMTP, and HTTP-based applications such as pcAnywhere or Lotus Notes.
Universal access	Enables web browser based universal access with no client software installation or maintenance necessary.	Simplifies the IT administration and maintenance overhead while dramatically reducing the time and cost of deployment
Netlet Proxy	Provides an optional component that extends the secure tunnel from the client, through the gateway to the Netlet Proxy that resides in the intranet.	Restricts the number of open ports in a firewall between the demilitarized zone (DMZ) and the intranet.
Rewriter Proxy	Redirects HTTP requests to the Rewriter Proxy instead of directly to the destination host. The Rewriter Proxy in turn sends the request to the destination server.	Using the Rewriter Proxy enables secure HTTP traffic between the gateway and intranet computers and offers two advantages: If there is a firewall between the gateway and server, the firewall needs to open only two ports—one between the gateway and the Rewriter Proxy, and another between the gateway and the Portal Server. HTTP traffic is now secure between the gateway and the intranet even if the destination server only supports HTTP protocol (no HTTPS).

SHARP Features

SHARP (Scalability, High Availability, Reliability, and Performance) features within Portal Server provide horizontal scalability (for example, adding additional hardware to increase overall system capacity) and vertical scalability (by adding additional portal instances to maximize hardware utilization).

Table 4-6 shows the SHARP features and their benefits.

Table 4-6  SHARP Features and Benefits  

Feature	Description	Benefit
Scalability	You can configure Portal Server to meet the demands of different deployment scenarios. You can scale a server horizontally by: -adding additional servers to your portal. The overall goal is to provide a system that is both fault tolerant and has no single point of failure from both a software and hardware perspective. You can scale a server vertically by: - adding additional software instances of Portal Server (deployed in a web server container), thus providing fault tolerance on a single server. - adding more system resources, such as CPUs, memory, and disks.	Scalability enables a system to increase load or improve overall system performance. Horizontal scaling distributes the workload among different systems. Horizontal scaling allows for a building module approach to increasing overall portal system capacity. See "Working with Portal Server Building Modules" for more information. Vertical scaling enables an organization to increase fault tolerance and maximize the performance of an existing system. Within Portal Server, vertical scaling is achieved by running multiple instances of Portal Server, each with its own JVM™. Note: Vertical scalability is only available in web server deployment.
High Availability	Provides redundant services and the ability to redirect requests in the event of a service failure.	High availability is achieved through software replication. You can configure the portal system to run multiple instances of each web application, thereby providing a backup if one of the instances fails. The portal system uses Identity Server services for session management and non-local data access. Therefore, the portal system inherits all the benefits and constraints of Identity Server with respect to high availability. The Identity Server services are either stateless or they can share context data so that they can recover to the previous state in case of a service failure. Configuring Sun ONE Directory Server with multiple masters ensures that users can always login and authenticate. If one directory master fails, another is able to take over. Also, Directory Server offers a way to prevent denial of service attacks by setting limits on the resources allocated to a particular bind DN.
Reliability	Provides for no single point of failure (NSPOF) when you use portal building modules in your deployment. See Chapter 7, "Creating Your Portal Design" for more information.	A portal building module is a hardware and software construct with limited or no dependencies on shared services. A typical deployment uses multiple building modules to achieve optimum reliability. Increased reliability is introduced with load balancing, which is responsible for detecting Portal Server failures and redirecting users’ requests to a backup building module.
Performance	Overall Portal Server performance is a complex equation involving all aspects of the network and the applications it needs for data retrieval. However, if you design and build the portal system for fault tolerance, no single point of failure, and the capacity to exceed projected user loads, overall system performance should meet requirements.	When deployed using the building module configuration (see Chapter 7, "Creating Your Portal Design"), Portal Server shows that performance and capacity increase linearly when additional resources are added within a building module (that is, CPU and memory), and when more building modules are added.

Previous      Contents      Index      Next

---

Copyright 2003 Sun Microsystems, Inc. All rights reserved.