ETC: Back Office Tolling Systems Deployment on Oracle Cloud

Electronic Transaction Consultants (ETC), an innovative toll and smart mobility industries solutions provider, was looking to refresh their hardware and to explore migration to the cloud for both its technical advantages and for its significant reduction in operating and capital expenses.

ETC, based in Richardson, Texas, collects tolls for different agencies across the country. It services three of the top 15 toll authorities in the United States and process over 2 billion toll transactions per year.

ETC has a full service solution, providing streamlined functionality with a call center, online web portal, interfaces for collections, lock box, bank, and credit card payment vendors. The solution has the following main products:

  • An internet of things (IoT) solution deployed on roadways that collects data from roadside systems and builds transactions, which are transmitted to the back office
  • Vertical employee resource planning (ERP) with an interface to the toll industry that collects all customer toll transactions, bills the customer, and handles all customer support requests

ETC was looking to refresh their hardware and started exploring migration to the cloud. They decided to migrate their work load to Oracle Cloud Infrastructure (OCI) for its technical advantages, its significant cost reduction, and for the following additional benefits:

  • The ability to migrate the entire solution as-is, without any modifications
  • The ability to set up a standby system to test and verify the solution before performing the switchover
  • No code or configuration changes were required from ETC development team
  • Drastic improvement in high availability using multiple regions, availability domains, and fault domains
  • Quick implementation without requiring any patching

ETC currently runs multiple workloads on Oracle Cloud Infrastructure, including their recently-migrated legacy toll road revenue collection system.

In the future, ETC is planning to migrate some large workloads (a 100+ TB system), a legacy system that processes a much higher number of transactions, and to set up a disaster recovery site. With the features and functionality offered by Oracle Cloud Infrastructure, ETC refactored a newer release of their system, making it cloud native, and hosted it as a service on Oracle Cloud Infrastructure. They plan to offer it to their customers as a service. ETC is also evaluating Oracle Cloud Infrastructure native services, such web access firewall (WAF), load balancer, and other services to incorporate into their new offering.

Customer Story

Learn more about Electronic Transaction Consultants' journey to Oracle Cloud:

Architecture

This architecture shows the Electronic Transaction Consultants (ETC) production and disaster recovery architecture on Oracle Cloud Infrastructure.

The solution migrated to Oracle Cloud Infrastructure is primarily an older Oracle solution that uses Oracle WebLogic Server, Oracle Reports, and Oracle Database. The legacy solution was built using components such as Imperva web access firewall (WAF), Palo Alto firewall, and F5 load balancer. ETC worked with Oracle to include these components in Oracle Cloud Marketplace and deploy them using virtual machines (VMs). The Oracle Cloud team also worked with the ETC team to complete a full payment card industry (PCI) security audit of the system. This solution collects about half billion dollars worth of tolls for the state of Washington and others.

It uses a multitier architecture with a public and private subnet that contain the following components:

  • Load balancer
  • Firewalls
  • Application servers
  • Internal work load servers
  • 20-TB database system
  • Network attached storage for images and PDF (around 50 TB)

Online users (about a million, mainly using the self-service portal) access the system through Imperva WAF, traversing Palo Alto firewall, and finally reaching the F5 load balancer, which routes the request. This request then reaches the external application server, which communicates with the database or network attached storage, depending on the information being accessed.

Customers have the following options:

  • Create an account
  • Run a report
  • Add or remove a new toll tag
  • Close their account

ETC employees (about 120 operations team members) can also access the system through site to site VPN or Cisco's VPN solution. The operations staff have multiple roles, including customer service, tag fulfillment, reconciliation of accounting, and data warehousing, which accesses the standby database through the terminal server. This traffic flow goes directly to the F5 load balancer and then to the internal application server. From the internal application server, the request is routed to the database or network attached storage.

The following diagram illustrates this reference architecture.



etc-deploy-back-office-tolling-oracle.zip

The architecture has the following components:

  • Region

    An Oracle Cloud Infrastructure region is a localized geographic area that contains one or more data centers, called availability domains. Regions are independent of other regions, and vast distances can separate them (across countries or even continents).

    All the resources in this architecture are deployed in a single region.

  • Availability domains

    Availability domains are standalone, independent data centers within a region. The physical resources in each availability domain are isolated from the resources in the other availability domains, which provides fault tolerance. Availability domains don’t share infrastructure such as power or cooling, or the internal availability domain network. So, a failure at one availability domain is unlikely to affect the other availability domains in the region.

    All the resources in this architecture are deployed in a single availability domain.

  • Fault domain

    A fault domain is a grouping of hardware and infrastructure within an availability domain. Each availability domain has three fault domains with independent power and hardware. When you distribute resources across multiple fault domains, your applications can tolerate physical server failure, system maintenance, and power failures inside a fault domain.

  • Virtual cloud network (VCN) and subnets

    A VCN is a customizable, software-defined network that you set up in an Oracle Cloud Infrastructure region. Like traditional data center networks, VCNs give you complete control over your network environment. A VCN can have multiple non-overlapping CIDR blocks that you can change after you create the VCN. You can segment a VCN into subnets, which can be scoped to a region or to an availability domain. Each subnet consists of a contiguous range of addresses that don't overlap with the other subnets in the VCN. You can change the size of a subnet after creation. A subnet can be public or private.

  • Dynamic routing gateway (DRG)

    The DRG is a virtual router that provides a path for private network traffic between a VCN and a network outside the region, such as a VCN in another Oracle Cloud Infrastructure region, an on-premises network, or a network in another cloud provider.

    The VCN that's used for the data tier in this architecture has a DRG to enable private connectivity to your on-premises data center using FastConnect or VPN Connect.

  • Service gateway

    The service gateway provides access from a VCN to other services, such as Oracle Cloud Infrastructure Object Storage. The traffic from the VCN to the Oracle service travels over the Oracle network fabric and never traverses the internet.

    The VCN that's used for the data tier in this architecture has a service gateway.

  • Remote peering

    Remote peering allows the VCNs' resources to communicate using private IP addresses without routing the traffic over the internet or through your on-premises network. Remote peering eliminates the need for an internet gateway and public IP addresses for the instances that need to communicate with another VCN in a different region.

  • Load balancer

    The Oracle Cloud Infrastructure Load Balancing service provides automated traffic distribution from a single entry point to multiple servers in the back end.

    This architecture includes a public load balancer.

  • Object storage

    Object storage provides quick access to large amounts of structured and unstructured data of any content type, including database backups, analytic data, and rich content such as images and videos. You can safely and securely store and then retrieve data directly from the internet or from within the cloud platform. You can seamlessly scale storage without experiencing any degradation in performance or service reliability. Use standard storage for "hot" storage that you need to access quickly, immediately, and frequently. Use archive storage for "cold" storage that you retain for long periods of time and seldom or rarely access.

  • Block volume

    With block storage volumes, you can create, attach, connect, and move storage volumes, and change volume performance to meet your storage, performance, and application requirements. After you attach and connect a volume to an instance, you can use the volume like a regular hard drive. You can also disconnect a volume and attach it to another instance without losing data.

  • VM DB System

    Oracle VM Database System is an Oracle Cloud Infrastructure (OCI) database service that enables you to build, scale, and manage full-featured Oracle databases on virtual machines. A VM database system uses OCI Block Volumes storage instead of local storage and can run Oracle Real Application Clusters (Oracle RAC) to improve availability.

Get Featured in Built and Deployed

Want to show off what you built on Oracle Cloud Infrastructure? Care to share your lessons learned, best practices, and reference architectures with our global community of cloud architects? Let us help you get started.

  1. Download the template (PPTX)

    Illustrate your own reference architecture by dragging and dropping the icons into the sample wireframe.

  2. Watch the architecture tutorial

    Get step by step instructions on how to create a reference architecture.

  3. Submit your diagram

    Send us an email with your diagram. Our cloud architects will review your diagram and contact you to discuss your architecture.