Upload
tamsin-whitehead
View
216
Download
0
Tags:
Embed Size (px)
Citation preview
Enterprise Applications Technical Health
Assessment
BSMBFebruary 12, 2015
Overview
The Portfolio Tool provides an objective view of the health of an application
Systems, applications and tools are assessed based upon the criteria resulting in a ‘stoplight-like coloring scheme’
Criteria and assessed ‘color’ is derived based upon NEACC best practices/standards, Agency policies and guidelines
The information will be used to make investment decisions, influence prioritization of work and identify consolidation opportunities
Page 2
Status
Phase 1 - Complete Design and development of tool to address requirements for Application
Portfolio Management Consolidated listing of enterprise systems, tools and applications with
descriptions and key points of contact Complete assessments for customer facing enterprise applications and load of
data into tool Reviews with NEACC Line of Business (LOB) product leads and LOB managers to
review/validate the results and make any necessary adjustments Develop the NAMS workflow for Portfolio tool
Establish initial Portfolio tool access with a mass NAMS request beginning with key POC listing and other key management personnel
Build out help text within tool to explain assessment criteria Create a general help document that explains the tool and the intended use of
the data Migrate to production
Phase 2 – In process Load the data for infrastructure meta-data elements and associate with
applicable applications Perform detailed reviews with Agency stakeholders for each line of business
Phase 3 – Not started Build-out additional capabilities (e.g., additional tree reports) Assess internal NEACC applications (i.e., not customer facing)
Page 3
Reporting by Application Categories
Applications are assigned to 1 of 3 categories at the beginning of the assessment to serve as one dimension of reporting
Page 4
System of Record System where business critical data is entered and
stored (Core Financial, Contract Management Module,
FedTraveler) Data Aggregator
System that aggregates data from systems of record and facilitate data usage or analysis
(Business Warehouse, HR Portal, bReady Portal) Process Facilitator
Systems / Tools / Software / Applications that make it easier to perform business processes
(NPROP, WebTADS Mobile)
Summary of Enterprise Assessments
High-level Assessment Categories
Summary of Deductions for Enterprise Assessments
Application Development• Server language, language versions and client
language
Application Utilization• Authentication, authorization• NAMS (workflow, provisioning)• Analytics• Monitoring
• Two primary areas, which are:• Roles maintained solely within the application instead of using ICAM
standard of NASA Enterprise Directory (NED) or Active Directory (AD).• Roles being manually assigned rather than being assigned automatically
utilizing the ICAM NAMS auto-provision capability.
Compliance• 508 Accessibility• Application scans• Data retention policy
• One primary area, which is:• Outstanding medium and low vulnerabilities detected through routine
scans of the environment
Logging• Application log• Load balanced, Local Failover• Business Impact Assessment (BIA)
• One primary area, which is:• Logging at the server level only (i.e., checking if processes are running).• The NEACC standard is to monitor at both the server and application
layer.• Application monitoring monitors data files for changes and
confirms authorization for those changes. • Application monitoring of web applications checks the response of
a URL to confirm it’s up.
Maintenance• Maintenance agreement• End of life• Alignment with vendor’s roadmap
Page 5
App administrators answer a set of objective questions in the following categories
NEACC Programming Language Roadmap
Page 6
12:00-3:00 – Emerging3:00-6:00 – Early Mainstream6:00-9:00 – Mature Mainstream9:00-12:00 – Legacy or Market End
Back-up
Page 7
Portfolio Tool Design
Portfolio Solution Web-front end that serves as the reporting layer, includes heat map,
application tree, and application listing with POCs Drilldown to assessment results of an individual application is
available from the heat map (pdf) and from the application listing (MetaHouse view)
Existing MetaHouse tool houses the metadata and the detailed assessments
MetaHouse was augmented to capture the additional Portfolio metadata elements and assessment criteria
Page 8
MetaHouse
What is MetaHouse? A way to keep track of entities such as applications,
databases, and web services located throughout NEACC and NASA. Once an entity is tracked by MetaHouse you can determine this entity's dependencies on other entities, view changes made to the entity on an interactive timeline, and see which versions of the entity are deployed to which environments.
Supplies a calendar feature which tracks all NEACC activities and incidents, and allows for those authorized users to create activities and incidents on the calendar and send emails via the MetaHouse platform to defined user lists. Additional features of the calendar will allow for RSS feeds and iCal integration.
How do I access MetaHouse? MetaHouse is accessible via the Internet behind the NASA
firewall When was MetaHouse deployed?
August 2011
Page 9
Why MetaHouse?
“…To provide the right level of information about our services to the right customers at the right
time…” Stay on top of scheduled activities and unplanned incidents
Frustrated because you weren't aware an outage event was taking place? The MetaHouse calendar tracks all events that happen throughout NEACC. In addition to viewing this calendar within MetaHouse you can also add the calendar iCal feed to your favorite calendar client.
Find which entities are available across the NASA landscape Need to automate some business function? There may already be an app for that. Use
MetaHouse to search for existing applications, web services, databases, and more to see what's currently available.
View relationships among entities Ever wonder what other systems an application you use depends on? MetaHouse tracks
dependency relationships between the entities and visually displays these in a graph. Find which environments entities are deployed in
Do you have trouble keeping track with which version of an application is deployed in which environments? We do too. With MetaHouse you can quickly see which versions of an entitiy are active and where those versions are currently deployed.
Receive notifications when changes are made to entities Tired of getting spammed with email about changes made to entities you aren't
interested in? With MetaHouse you tell us which entities you want to receive notifications on when changes are made. In addition to email you can also setup a personal RSS feed that will contain all updates to your entities so you these notifications from your favorite RSS reader.
What’s new in MetaHouse? Expansion of the number of metadata elements captured on our
applications, web services, databases and more Integration of MetaHouse with Portfolio, which
Provides one central location for the maintaining the metadata elements regarding our applications, web services, databases and more that can be used for a multitude of purposes
Page 10
Pulse captures three types of analytic information: • Technology analytics
• Types of hardware and software used to access application
• For example, type of mobile device (e.g., Android, iOS) or type of browser (e.g., Chrome, Firefox, Internet Explorer) used to access either the mobile or web application
• Audience analytics• Who is accessing an
application(s)• For example, the number of
visits to the application by center
• Application analytics (mobile focus)
• Visits by application version• Number of downloads from
apps@NASA of the application
Pulse Analytics – Mobile and Web Applications
Page 12
Pulse Analytics - Web Application Example
Page 13
Pulse Analytics - Mobile Application Example