web software best practices update 111112

8/2/2019 Web Software Best Practices Update 111112

http://slidepdf.com/reader/full/web-software-best-practices-update-111112 1/15

Web Services Best Practices

AIR SUPERIORITY

Experience the Advantage

System Integrity & Security Update

August 1, 2011

1



2 | © 2011 CalAmp | Company Confidential

OBJECTIVE Monthly update on web application &

platform services hardware & software

infrastructure – What’s been done in the month

– What new issues have been identified

–What’s left to be done

– Timeframe

2



HARDWARE INFRASTRUCTURE


What’s Been Done This Month

• COLT Load Balanced Web and COMM servers in test.

• COLT updated to utilize Clustered Read Only Servers(6/15).

• Beta version of COLT migration tools are ready for test.

Working with sales team to pick 1st customers to migrate.

• PULS proxy server devices that can be migrated have been

migrated. Working with customers on their units that talk to

the proxy server but Calamp can’t reach. Still have 30-50Kunits checking in daily through the PULS proxy server.

Newly Identified Issues

• None

What’s Left to Be Done

• Test and re-configure to optimize COLT Load Balanced Web

and COMM servers.

• Migrate ABE 1 customers to COLT

• Implement redundant PULS server & clustered database in the

upcoming PULS 2 system

Best Practices PULS ABE 1 COLT

Co-lo Facility

Redundant Power

Redundant Network Connection

Redundant, Load Balanced Servers

Clustered Database Storage

Green - In Place Yellow - Scheduled, < 90 Days Away

Red - Scheduled,> 90 Days Away Black – Not Planned



PERFORMANCE & SCALABILITY


Built on Web Server Stack that isSupported by Cloud Computing

Virtualized Servers

Multi-Server Architecture with LoadBalancing

Database Replication to DistributeQueries

Automatic DB Table Thinning when DBTable Size Monitor goes above its limit

Scalable Architecture to SupportPlanned User Growth


• Manually thinning ABE 1 database on a regular basis to

maintain performance

• Active Monitor for ABE 1 device command performance

• PULS 2.0 is in active development.

• PULS is using Virtualized Servers for the PULS 2.0 project.


• None.


• Implement auto thinning for COLT DB tables that grow too

large (oldest data archived off the server)

• Migrate ABE 1 customers to COLT

• Move PULS to virtualized servers (PULS 2.0)

• Replicate the PULS databases (after PULS 2.0 release)






SYSTEM RELIABILITYBest Practices PULS ABE 1 COLT

Documented 99% Service LevelAgreements (SLAs)

Monitor Server CPU Usage

Monitor Server Memory Usage

Monitor Disk Usage

Monitor Network Throughput

Monitor Each Application Function

Monitor Log Files

Monitor Web Traffic for ExcessiveRequests from IP Ranges

Monitor Database Growth

Web Analytics to Monitor UsageBehaviors

LMU Communication

What’s Been Done This Month • SLA completed.

• PULs functional and log file monitoring in place.


• None


• Upgrade automated reporting to include the metrics agreed to

in the COLT SLAs.

• Design LMU Communication Monitoring and Reporting

• Automate the analysis of LMU network status on COLT

• Add Google Analytics to COLT; not required for PULS







UNPLANNED SYSTEM OUTAGES

JUNE & JULY 2011 COLT

– 6/24/11 : 45 minute outage during a Denial of Service (DOS) attack

PULS

– None Reported ABE 1.0

– None Reported

6



SECURITY


Firewalls

SSL used for all logins

User Account & Login Management

Detect Machine/Computer Attempts atLogin

Captcha (computer detect)

Security Scanning

Regular Operating System SecurityPatches

Regular Application Security Upgrades

Physical Data Center Security

What’s Been Done This Month • Security Audit by Neohapsis completed for the COLT environment.

• DEI validated their handset upgrades with COLTs repeated-failed=login-

locking, Sesstion Timeout and mandatory SSL. Features will be released

by 8/1.


• 12 COLT security vulnerabilities identified by Neohapsis. These

vulnerabilities will be closed in COLT v4.0 (due early Sept).

• Secure the communication traffic between LMU and servers.

What’s Left to Be Done • Implement long term security maintenance processes (security is a

moving target due to continuous software development by CalAmp,

our software providers & the hacker community)

• Implement license agreements for COLT & PULS that restrict

decompiling communications

• Developer coding-for-security training.

• Analyze LMU SMS and Server communication encryption.

• Implement processes for on-going security upgrades: COLT/PULS

security patches, O/S upgrades






DISASTER RECOVERY



Load Balanced Server Failover

Geographically Distributed Co-LoFacilities (Facility Backup)

Daily Server Backups

Offsite Storage for Server Backups

Own the IPs used in MRM DeviceCommunication (for re-pointing to newfacility)


• IS worked with offshore Co-Lo facilities to architect mandatory Carrier

VPN tunnels

• In test on Load Balanced Failover servers

• All MRM units under Calamp control have been migrated to new PULs

DNS. Working with customers to migrate their individual units.


• None


• Load balance COLT servers to support failover

• Continuous monitoring of MRM units that phone-home to the old PULs

server. Contact each customer as these units are detected.






SOFTWARE ENGINEERING BEST PRACTICES

Design & Documentation – CTS is moving onto a single Agile SCRUM toolset that will encapsulate our current ECR, Bugzilla,

Microsoft Project and QA Spreadsheets.

– All Design and Requirements documents stored on Sharepoint.

Software Quality Assurance (SQA) – CTS SQA lead is on board and setting up our SQA processes.

– See note above regarding migration to new Agile SCRUM toolset.

Source Control – Both CTS, Chaska and MRM are now using SVN for source control.

Software Release Process – Development, Staging & Production systems in place for COLT

– All COLT releases documented & stored on SharePoint

– PULS Development system is setup. PULs Staging system set up in process.

Secure Coding – Attending security tradeshows to gain knowledge of latest security threats & coding techniques

– Establish design practices, on-going developer training , code reviews, test processes




VERSIONONEVersionOne is a cutting edge web-based Project Management tool that supports all phases of software

development lifecycle and latest development methodologies such as Scrum, XP, Kanban, AgileUP, and DSDM

10




KEY FEATURES IN VERSIONONE Product Planning - Plan and manage requirements, epics, stories, and goals across multiple projects,

products and teams

Release Planning - Plan, forecast, and report progress on releases and teams in a simple, drag-and-drop

environment.

Sprint Planning - Iteratively plan stories, defects, tasks, tests, and impediments in a single, easy-to-use

environment Tracking - Track progress painlessly using our interactive Storyboard, Taskboard, Testboard and Burndown

charts.

Review - Quickly close-out iterations and capture issues and action items from retrospectives in one place.

Reporting & Analytics - 50+ pre-packaged agile metrics and reports plus a new custom analytics platform

for unparalleled visibility.

Test Management - Plan and track acceptance and regression testing activities in the same tool as stories

and defects.

Open-Source Integration - Open, web services API, Java and .NET SDK’s, and free, open-source integration

connectors.

Product Roadmapping - Create, collaborate and visually communicate product strategy using VersionOne’s

flexible roadmapping capability.

11




SUMMARY COLT: Focus on continuous performance & security monitoring

– Neohapsis audit of COLT is complete. 12 vulnerabilities were indentified and the developmentteam is working to close them in the next COLT release (v4.0).

– Migrate COLT project management and SQA management onto new Agile toolset (RallyDev orVersionOne).

– Complete configuration and testing of Web and COMM servers load balancing to support themigrated ABE 1.0 customers

– Continuously monitor performance & security. Implement upgrades to close issues.

ABE 1: Focus on migration of customers to COLT – Identify ABE 1.0 customers as Beta testers for ABE 1 to COLT migration.

– ABE 1 health check in place. Health check shows that the average command failure rate is >30%. Migration to COLT will dramatically improve customer perception with COLT’s averagecommand failure rate of 6%.

PULS: Focus is on PULS 2 – All PULS performance and reliability efforts are focused on PULS 2 . Completion timeline is

Fiscal Q3. PULS1 is in pure maintenance mode.

– Recommendations from COLT & DEI Security audit will be provided to PULS 2 developmentteam to incorporate into the PULS 2 system.

15

web software best practices update 111112

Documents