annexure a - web viewhttp is the foundation of data communication for the world wide web. ... .net...
TRANSCRIPT
ANNEXURE A
Technology Landscape within SASSA
09 December 2016
Table of Contents
1. Introduction...................................................................................................................52. As-is Technology Platform..........................................................................................52.1 SOCPEN........................................................................................................................5
2.2 MIS.................................................................................................................................5
2.3 Livelink............................................................................................................................5
2.4 Oracle ERP.....................................................................................................................6
2.5 Dow Box.........................................................................................................................6
2.6 tRelational Tool...............................................................................................................6
3. As-is Technology Distribution....................................................................................63.1 Head Office and Regional Offices..................................................................................7
3.2 District Offices and Local Offices...................................................................................7
3.3 Records Management Centre........................................................................................7
3.4 Mainframe.......................................................................................................................8
3.5 Core Networking.............................................................................................................8
4 Technology Infrastructure...........................................................................................84.1 WAN...............................................................................................................................8
4.2 Data Network Technology..............................................................................................9
5 List of software deployed............................................................................................12
List of Tables
2
Table 1: Bandwidth provided within SASSA’s network..........................................................................8
Table 2: Network protocols...................................................................................................................10
Table 3: Deployed software..................................................................................................................11
List of Figures
Figure 1: SASSA MPLS diagram............................................................................................................8
Figure 2: SASSA Head Office and Regional Office Network Connection..............................................9
Figure 3: Typical SASSA Local and District Office Networking............................................................10
3
1. IntroductionThis document has been prepared to assist the bidders for the Microsoft Migration Project with the information on the Technology Landscape within SASSA to assist them to price. This information will be further augmented during the Briefing Session in terms of the closing the identified gaps.
2. As-is Technology PlatformThe core business systems in use at SASSA include:
SOCPEN
MIS
Livelink
Oracle ERP
Dow Box
Kofax
Persal
BAS
Due to the great importance of these applications to business, their continued operation is of critical importance. The choice of underlying technology has a crucial bearing on whether these systems support business effectively.
2.1 SOCPEN
SOCPEN is of core importance to SASSA and is critical to continuity of the business.
This system used for administration (application, approval and maintenance) of social grants.. End-user access to SOCPEN by means of the WINET terminal emulator.
2.2 MIS
MIS runs on a Windows environment. The national implementation runs on a virtualized platform (VMWare). This arrangement provides great benefits to SASSA such as the greater efficiency of server resource usage, improved disaster recovery and improved manageability.
2.3 Livelink
Livelink is based on the Livelink document management solution. Livelink shares an instance of the SQL Server database with the SORES (SOCPEN Reporting System).
4
2.4 Oracle ERP
The Oracle ERP runs on an HP Itanium platform utilizing the HP UX operating system and an Oracle database. End-users access the system by means of a Web browser. Payment information is transferred to Bankserv by means of XCOM application.
2.5 Dow Box
The Dow Box is a File Transfer Protocol (FTP) server that transfers files between SOCPEN and the other systems at SASSA. This service is hosted at SITA
2.6 tRelational Tool
Is a relational database hosted at SASSA that is based on the SOCPEN adabas database. It is updated by logs FTP’ed from the ADABAS database hosted at SITA. It has identical information contained in the SOCPEN database, and it’s currently used by MIS, LiveLink, Kofax, and Business Intelligence.
The transfer of data starts with the extract of data from SOCPEN on the mainframe and then the transmission of the data over the network using FTP. Finally the data is loaded into Oracle on the server within the SASSA VPN.
tRelational and DPS (Data Propagation System) work together to provide the solution for migrating legacy adabas data into RDBMS-based Internet/Intranet/ERP/Data Warehouse applications. tRelational maps it, and DPS pumps it.
The tRelational tool has recently been introduced to replace some of the functions of Dowbox.
3. As-is Technology Distribution
The Agency is constituted of 9 Regional Offices that are located in each South African
province, and the Head Office which is based in Pretoria.
Each region has one Records Management Centre. This is a centre where all the Beneficiary Files are kept and maintained.
Each region has several District Offices. A District Office, and the Agency perspective, will manage and administer the operations of the Local Offices within its jurisdiction. District jurisdictions are demarcated the same as with municipal district demarcations.
5
Each District has several Local Offices. A Local Office is the core of the Agency’s business. This is where applicants receive service, and where applications are received, screened, verified, captured and approved.
There are also Service Points, which are fixed points of service similar to Local Offices, only that services are available on certain days and times of the week.
3.1 Head Office and Regional Offices
The Head Office and each Regional Office has a High Availability Data Centre that houses servers and networking equipment. The following technologies/platforms are available in these offices:
Domain Controller /Active Directory
Distributed File Services (DFS)
Systems Centre Configuration Manager (SCCM)
3.2 District Offices and Local Offices
Each Region has District Offices. A District Office, in an Agency perspective, will manage and administer the operations of the Local Offices within its jurisdiction. District jurisdictions are demarcated the same as with municipal district demarcations. District Offices will mainly be in the main city of that particular district.
Each District has Local Offices and Service Points. A Local Office is the core of theAgency's business. This is where applicants receive service, and where applications are received, screened, verified, captured and approved.
Based on the number of users some of these offices have a server room that houses the same technologies as in the Head Office and Regional Offices, namely Domain Controller, DFS, and SCCM.
3.3 Records Management Centre
Each region has one Records Management Centre. This is a centre where all the Beneficiary Files are kept and maintained. Mostly, these centres will be in the same city as the Regional Offices, and in some cases, the Document Warehouse will is attached to the Regional Office. The following technologies/platforms are available in these offices:
Domain Controller /Active Directory
Distributed File Services (DFS)
Systems Centre Configuration Manager (SCCM)
Kofax
6
3.4 Mainframe
SOCPEN, Persal and BAS systems are hosted on a mainframe within SITA Centurion. The Agency connect to these systems through Client Access Point (CAP) connection provided between SITA and the MTN MPLS.
3.5 Core Networking
3.5.1 Server RoomSASSA servers are located within two separate server rooms at the data centre. There are two SANs as well as a shared tape drive and tape library. Examples of functionality deployed within these computer rooms are:
Dow Box
GWIA (GroupWise Internet Agent, used for E-Mail to and from the Internet)
MIS
NetBackup
Oracle ERP
Squid Proxy
Symantec Endpoint Protection
WSUS
4 Technology Infrastructure4.1 WAN
The Agency operates its functions through electronic systems that are hosted at a central High Availability Hosting Centre and regional High Availability Data Centres, requiring that all of its offices be connected, and such connectivity is required to be highly available as well as highly secured. This connectivity is obtained through MTN MPLS VPN Services, and the last mile connectivity (connection from the MPLS to the Agency’s offices) is provided by Telkom.
Access speeds vary considerably across the various sites according to demand for network bandwidth. Most offices are connected by means of Diginet links. Approximately 52 offices make use of Very Small Aperture Terminal (VSAT) communications links.
Below is the Agency’s MPLS diagram:
7
Figure 1: SASSA MPLS diagram
SASSA has a far-flung network of users connected to the network. As the data requirements at these various points differ, the bandwidth differs significantly. This is illustrated as follows:
Table 1: Bandwidth provided within SASSA’s network
Office BandwidthHead Office (HO) 8 Mbps
Regional Office (RO) 1-4 Mbps
District Office (DO) and Local Offices (LO) 256 -1024kbps
Records Management Centres (RMC) 1 - 4Mbps
Indeed, some local offices have no network connection at all.
4.2 Data Network Technology
At Head Office and Regional Offices there is a separate LAN (Local Area Network) for user access. The High Availability Data Centre / Server Room is connected by fully redundant switches. Access from outside the building is provided by an HP Router per office.
8
Head Office and Regional Offices Network layout is as follows:
Figure 1: SASSA Head Office and Regional Office Network Connection
9
The typical network layout at local and district offices is as follows:
Figure 2: Typical SASSA Local and District Office Networking
Local and District Offices have little local infrastructure beyond local area networks. Where VoIP phones are in use, they are connected to the Public Service Telephone Network. Any servers present are for supporting telephony.
The following protocols are in use:
Table 2: Network protocols
Name UseCommon Internet File System (CIFS) Provides shared access to files and printers.
Dynamic Host Configuration Protocol (DHCP)
Automates IP address assignment and IP configuration for client and server computers
File Transfer Protocol (FTP) Transfers files between computers
Hypertext Transfer Protocol (HTTP) HTTP is the foundation of data communication for the World Wide Web.
Hypertext Transfer Protocol Secure (HTTPS)
Encrypted communication using HTTP.
Internet Protocol IP This is a low-level protocol used for Internet
10
Name Useand LAN communications. Version 4 is in use at SASSA.
Lightweight Directory Access Protocol (LDAP)
A protocol for accessing and maintaining distributed directory information services over an IP network.
Netware Core Protocol (NCP) Provides access to file, print, directory, clock synchronization, messaging, remote command execution and other network service functions.
Network File System (NFS) Allows a user on a client computer to access files over a network in a manner similar to how local storage is accessed
Remote Desktop Protocol Enables a user to access another computer across the network
Real-time Transport Protocol (RTP) Used in voice communications such as telephony and conferencing
Real Time Streaming Protocol (RTSP) Used in voice communications such as telephony and conferencing
Simple Network Management Protocol (SNMP)
A protocol for managing devices such as routers, switches, servers, workstations and printers on IP networks.
Secure Shell (SSH) Used for remote command execution by means of a secure channel over an insecure network.
Telnet Allows a user on one computer to log on to another computer that is part of the same network.
5 List of software deployedThis section is intended to provide an alphabetic view of the software products and components within SASSA..
Table 3: Deployed software
Software Product or Component
Manufacturer
1 .Net Framework Microsoft
2 Acrobat Adobe
3 Adabas Software AG
4 Adobe Creative Suite Adobe
11
Software Product or Component
Manufacturer
5 ArcGIS ESRI
6 ARIS Software AG
7 BitLocker Microsoft
8 BizTalk Server Microsoft
11 Chrome Google
14 DNS Microsoft
16 Symantec Endpoint Protection
Symantec
18 Eye of the Storm Entuity
19 Firefox Mozilla
20 Forms Oracle
22 Galactrix Unison
23 GroupWise Novell
24 GroupWise Internet Agent (GWIA)
Novell
25 BAS
26 HP UX HP
27
28 IIS Microsoft
29 IMS Maconomy
30 Internet Explorer Microsoft
31 Java Oracle
32 Jdeveloper Oracle
33 Joomla The Joomla Project Team
34 Livelink OpenText
35 Microsoft Office Microsoft
36 Microsoft Project Microsoft
12
Software Product or Component
Manufacturer
37 Microsoft Visio Microsoft
38 MySQL Oracle
39 Natural Software AG
40 NetBackup Symantec
41 Netware Novell
42 Novell Multiplier Novell
43 OpenWBEM OpenWBEM Project
44 Oracle Application Server
Oracle
45 Oracle Data Integrator Oracle
46 Oracle DBMS Oracle
47 Oracle Portal Oracle
48 Paradox Borland
49 PKZip PKWARE
50 Policy Automation Oracle
51 PuTTY Simon Tatham
52 RACF IBM
53 Secure Backup Oracle
54 SharePoint Microsoft
55 SQL Server Microsoft
56 Squid N/a
57 SUSE Linux OES Novell
58 TeamViewer Proprietary
59 TIBCO TIBCO
60 Tight VNC TightVNC Group
61 Trend Micro Trend Micro
13
Software Product or Component
Manufacturer
62 Visual Basic Microsoft
63 Visual Studio Team Suite
Microsoft
64 Vmware Vmware
65 VSA Rampage Visual Software Architects
66 Windows Microsoft
67 Windows Server Microsoft
68 Winet GP Van Niekerk
69 WinPcap Riverbed Technology
70 WSUS Microsoft
71 XCOM CA
72 ZENworks Novell
73 Active Directory Domain Service
Microsoft
74 Microsoft Office Outlook Microsoft
14