northern trust case study from gartner catalyst 2012 featuring layer 7 mobile access gateway: beyond...
DESCRIPTION
Northern Trust Enterprise Architect Christopher Price presentation on his company’s approach to an “occasionally-connected” mobile world.TRANSCRIPT
![Page 1: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/1.jpg)
northerntrust.com© 2012 Northern Trust Corporation
Christopher Price Vice President The Northern Trust Company
A Gartner Catalyst Case Study 2012.08.20
N O R T H E R N T R U S T
Beyond the Wireless Tether An “Occasionally Connected” Architecture
![Page 2: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/2.jpg)
2 “Beyond the Wireless Tether” - Gartner Catalyst 2012
About me…
Architecture and Innovation Team member
IT Standards and Guidance
Evaluation of New Technologies
R&D for High Value Projects
At Northern Trust for 7 years, experience with:
Enterprise Architecture
Software Design and Development
Christopher Price Vice President, The Northern Trust Company [email protected]
![Page 3: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/3.jpg)
3 “Beyond the Wireless Tether” - Gartner Catalyst 2012
Agenda
Background on Northern Trust
Determining the Requirements
Application Architecture
Infrastructure
Security
![Page 4: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/4.jpg)
4 “Beyond the Wireless Tether” - Gartner Catalyst 2012
Assets under custody US$4.6 trillion
Assets under management
US$704 billion
Banking Assets US$94 billion
*As of 30 June 2012
Northern Trust Overview
Founded in 1889, Northern Trust Corporation is a global leader in asset servicing, asset management, wealth management, and banking for personal and institutional clients.
![Page 5: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/5.jpg)
5 “Beyond the Wireless Tether” - Gartner Catalyst 2012
A network of offices in 18 States and Washington D.C.
Bangalore Beijing Hong Kong Melbourne Singapore Tokyo
London Luxembourg Stockholm
Guernsey Jersey Limerick
Abu Dhabi Amsterdam Dublin
Chicago (Corporate HQ) Toronto New York
Northern Trust’s Global Presence
![Page 6: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/6.jpg)
6 “Beyond the Wireless Tether” - Gartner Catalyst 2012
Agenda
Background on Northern Trust
Determining the Requirements
Application Architecture
Infrastructure
Security
![Page 7: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/7.jpg)
7 “Beyond the Wireless Tether” - Gartner Catalyst 2012
Having “zero bars” shouldn’t hinder the conversation!
Determining the Requirements
Relationship managers want latest mobile technology but need:
All data necessary to conduct meeting
Minimal distractions
Ability to work anywhere the client is located
Focus on what matters to clients, not on technology.
![Page 8: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/8.jpg)
8 “Beyond the Wireless Tether” - Gartner Catalyst 2012
Business Requirements
WELCOME - Today’s Agenda 9am – 9:05am Attempt to connect to available Wi-Fi with incorrect settings 9:05am – 9:15am Give up and struggle with slow 3G connection 9:15am – 9:20am Locate presentation materials with assistance from help desk 9:20am – 9:30am Diagnose problems with projector and screen 9:30am – 10am Finally… Discuss client’s financial goals
Need to avoid this situation….
![Page 9: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/9.jpg)
9 “Beyond the Wireless Tether” - Gartner Catalyst 2012
Disconnected mode Maximize time with client No connections to establish. No interruptions caused by poor reception, network outage, etc.
Quick Highly responsive user interface by minimizing server requests. Not relying on slow connections to transfer large documents during meetings.
Reach Client meeting location not bounded by reach of antennas. Want to accompany the client on their yacht? – No problem.
Security Highly sensitive client data being stored. Mobile device more susceptible to loss and theft. Primarily using untrusted networks.
Technology Requirements
The two primary technology requirements...
![Page 10: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/10.jpg)
10 “Beyond the Wireless Tether” - Gartner Catalyst 2012
Agenda
Background on Northern Trust
Determining the Requirements
Application Architecture
Infrastructure
Security
![Page 11: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/11.jpg)
11 “Beyond the Wireless Tether” - Gartner Catalyst 2012
Need to establish formal guidance for building mobile solutions at Northern Trust with help from vendors, consultants and peers.
The result: Northern Trust Mobile Strategy and Reference Architecture
Architectural Choices
Architecture contains developer guidance: • Style of app: web, native, or hybrid • Security • Device support • Service development • Etc.
Strategy contains guidance for management: • Definition of mobile apps, devices and content • Governance recommendations • Usage Policies • Risks • Etc.
“Got the requirements, let’s build a mobile app!” ...not so fast.
![Page 12: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/12.jpg)
12 “Beyond the Wireless Tether” - Gartner Catalyst 2012
Architectural Choices
First major decision…web, native or hybrid*?
Web/Hybrid Native
* Defined as a thin native wrapper around a primarily HTML/JS view. Hybrid apps fall within a spectrum between web and native depending upon how many native features are utilized.
![Page 13: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/13.jpg)
13 “Beyond the Wireless Tether” - Gartner Catalyst 2012
1) Secure offline operation Secure local storage “Why not HTML5 local storage?”
Architectural Choices
Decision: Native Application Architecture
Size restrictions (app is a storage hog!) Reliability – browser cache easily erased Security concerns
2) Superior presentation Better appearance Greater app awareness
3) Performance Fewer round-trips to server Quicker rendering
![Page 14: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/14.jpg)
14 “Beyond the Wireless Tether” - Gartner Catalyst 2012
Web or hybrid apps are preferred because: Cheaper to build with in-house web expertise
Majority of effort is reusable
Can be indistinguishable from native with HTML5/JavaScript
Quicker to deliver new features
Architectural Choices
BUT: Typically don’t recommend native at Northern Trust
![Page 15: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/15.jpg)
15 “Beyond the Wireless Tether” - Gartner Catalyst 2012
Architectural Choices
Gartner, 2012
![Page 16: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/16.jpg)
16 “Beyond the Wireless Tether” - Gartner Catalyst 2012
Agenda
Background on Northern Trust
Determining the Requirements
Application Architecture
Infrastructure
Security
![Page 17: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/17.jpg)
17 “Beyond the Wireless Tether” - Gartner Catalyst 2012
1. User places documents in folder on internal portal 2. Synchronization initiated by user from iOS app while online 3. Middleware sends updates back and forth between mobile
app and source systems.
Infrastructure
![Page 18: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/18.jpg)
18 “Beyond the Wireless Tether” - Gartner Catalyst 2012
Decision: iOS Platform Only Internal application. Control of device choice Users more familiar with Apple products. Less training. Fewer platform specific updates.
Infrastructure
2012 Market share
http://www.gartner.com/it/page.jsp?id=1980115
Apple Android Microsoft Other
![Page 19: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/19.jpg)
19 “Beyond the Wireless Tether” - Gartner Catalyst 2012
Decision: Vended service gateway Layer 7 is edge security for external services Integration with authentication providers Speaks multiple security protocols Custom solution added no value
Infrastructure
http://www.gartner.com/technology/reprints.do?id=1-17Q04QM&ct=111019&st=sg
![Page 20: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/20.jpg)
20 “Beyond the Wireless Tether” - Gartner Catalyst 2012
Decision: ReST over SOAP Lightweight - important for mobile
Heavier SOAP difficult to handle on mobile client.
Mobile clients have APIs for handling basic URL calls
Poor web service support in iOS/Android unlike in Java or .NET
Infrastructure
![Page 21: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/21.jpg)
21 “Beyond the Wireless Tether” - Gartner Catalyst 2012
Decision: Custom Middleware Purpose – Extract data from source systems, feed to mobile client apps
Why Custom?
Anticipated consolidation within market for mobile middleware (MEAP)
Cloud based solution not acceptable for use case
Custom source system integration
Infrastructure
![Page 22: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/22.jpg)
22 “Beyond the Wireless Tether” - Gartner Catalyst 2012
Agenda
Background on Northern Trust
Determining the Requirements
Application Architecture
Infrastructure
Security
![Page 23: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/23.jpg)
23 “Beyond the Wireless Tether” - Gartner Catalyst 2012
Over the wire OAuth 2.0 Popular standard for cloud APIs Open to federation in future with 3rd parties Easy to use with ReST services
Two-factor Access token required due to sensitivity of data RSA SecurID Software Token + iOS SDK chosen for limited
user involvement Better user experience, but still as secure as physical token
Security
Decision: Plan for the worst with numerous security layers
![Page 24: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/24.jpg)
24 “Beyond the Wireless Tether” - Gartner Catalyst 2012
On device Mobile Device Management (MDM) Passcode requirement Remote data wipe
Local Authentication Support offline identification of users Future SSO with all Northern Trust applications
Local Encryption Secure whether online or off Strongest available algorithms Double security – iOS platform and custom
Security
![Page 25: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/25.jpg)
25 “Beyond the Wireless Tether” - Gartner Catalyst 2012
Summary
Listen to your clients
Define your Strategy
Design for Resilience
Go Web by default
Buy a Gateway
Caution: Middleware
Security: Plan for a worst case
![Page 26: Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture](https://reader033.vdocument.in/reader033/viewer/2022060117/5585ba0dd8b42a695a8b4c41/html5/thumbnails/26.jpg)
26 “Beyond the Wireless Tether” - Gartner Catalyst 2012
Questions?
Thank you for attending!