technical reference model ( information technology standards ) july 2004

Technical Reference Model ( Information Technology Standards )

July 2004

GSA

.

Technical Reference Model

The technology layer of the GSA enterprise architecture describes the infrastructure needed to support the applications that are necessary for GSA to fulfill its mission. This layer of the architecture is comprised of the physical hardware and software components in place throughout the enterprise. The technology layer utilizes a classification system called the Technical Reference Model adapted to break the technology components down into manageable segments.

The Technical Reference Model is a taxonomy and structure that provides 1) a consistent set of service areas and interface categories and relationships used to address interoperability and open system issues, 2) conceptual entities that establish a common vocabulary to better describe, compare, and contrast systems and components, and 3) an aid for identifying, comparing, and selecting existing and emerging standards and their relationships. The present five existing service areas are the User Environment, Application Services, Data Services, Integration Services, and Infrastructure Services. Each service area contains sets of technologies/services and each set of technologies contains multiple technology sub-sets that contain specific components /standards.

GSA’s technical standards are expressed as a series of technology components or “bricks”. The bricks provide a convenient standard way to depict the components that fall within the technology sub-sets. The Standards Profile is a listing that contains all of the current GSA IT standards.

GSA

.

GSA Technical Reference Model

User Environment

End-User Hardware

End-User Software

End-User Utilities

s

Data ServicesApplication Services

Application Development Environment

Application Server Software Application

Systems

Database Technologies

Datawarehouse and Business Intelligence

Data Management

Integration Services

Middleware CollaborationInterchange

Technologies

Infrastructure Services

IT Security

Infrastructure Management

StorageOperating Systems

Electronic Messaging Voice

Data Center Environment

Network Infrastructure

Directory Services

Wireless

Application Integration

Application Server Hardware

GSA

.

GSA Service Areas and Sets of Technologies

User Environment

End-User Hardware

End-User Software

End-User Utilities

s


Application Development Environment

Application Server Software Application

Systems



Data Management


Middleware Application Integration

Communications Interchange Technologies


IT Security



Electronic MessagingVoice



Directory Services

Service Area

Technology Set

Wireless


GSA

.

GSA Sub-Sets of Technologies and Components

Enterprise Server OS

Operating Systems

Application Server OS

Desktop OS Enterprise Server OS

IBM AIX v4.3.3

MS Server OS Sun Solaris v8


IT Security



Electronic Messaging Voice



Directory Services

Technology Sub-Set

(Service)

Technology Components

(Contains Specific Standards)

Technology Set

Wireless


GSA

.

Application View of Technologies Used

User Environment

Hardware Software Utilities


Application Server Software

Application Systems




Middleware Interchange


Security





Directory Services

•An application combines some or all of our technical components.

•For example - an application wherein a user creates a report from data contained in a datawarehouse would use many but not all of the components in these technical sets.

GSA

.

GSA Architectural “BRICK” Format

Definition:

GSA Approved Standard – Any product or technical standard in use that has been approved by the ITAPC.

GSA Tactical Direction – Planned direction for a product or technical standard approved by the ITAPC for use in the next two (2) years.

GSA Strategic Direction – Anticipated direction for a product or technical standard approved by the ITAPC for use in the next two (2) to five (5) years.

In Containment – Any product or technical standard in use that is not a ITAPC / GSA Approved Standard or does not have a ITAPC / GSA Approved Waiver, must be placed in containment. A product or technical standard in containment my continue to be used, however, no new purchases should be made and every effort should be made to replace it with the GSA Approved Standard. Include the product/technical standard name, date placed into containment, and a projected retirement date.

Retired – Do Not Use. Replace immediately with a GSA Approved Standard. Include the product/technical standard name and date that it is to be removed from inventory.

GSA Approved Waivers and Additional Supporting Information – Any notes that are necessary including GSA Approved Waivers and the date the waiver was approved.

GSA

.

Brick Layout for Information Technology Standards

GSA Tactical Direction (Next 2 Years) GSA Strategic Direction (2 to 5 Years)

Retired (Product / Date)

GSA Approved Standard (Current)

GSA Approved Waivers and Additional Supporting Information

Responsible Group: Desktop SubcommitteeCIO POC: C. Bowers

ITAPC Approved; MMM YYYY

In Containment (Product / Date /Projected Retirement)

Author: C. Bowers, 202-501-3831

GSA

.

Technical Reference Model Index(Information Technology Standards)

SERVICE AREA SERVICES ITAPC APPROVED

User Environment: Intel Server, Laptop, and Desktop Hardware April 2004

Thin Client April 2004

Personal Productivity June 2004

Desktop Utilities April 2004

Web Browser April 2004

Application Services:Application Technologies Sep 2003

WEB Hosting Infrastructure Apr 2003

Digital Document Technology April 2004

GSA

.

Technology Architecture Index (cont’d)(Information Technology Standards)


Data Services: Database Management Systems April 2004

Data Warehousing April 2004

Business Intelligence Tools July 2003

Integration Services: EAI (Intra-Enterprise) Jul 2003

EAI (Web Services) Jul 2003

Workgroup Computing April 2004

Remote Access April 2004

Personal Digital Assistant April 2004

Infrastructure Services: Desktop Operating System April 2004

Application/Data Server Operating Systems April 2004

Network Operating System April 2004

GSA

.

Technology Architecture Index (cont’d)(Information Technology Standards)


Infrastructure Services (cont’d): Wide Area Network Topology April 2004

Wide Area Network Hardware April 2004

Structured Cabling/LAN Topology April 2004

Directory Services April 2004

Information Technology Security July 2004

Electronic Messaging April 2004

Storage Management April 2004

Enterprise-wide Resource Management Pending

Wireless LANs Pending

Voice over Internet Protocol (VoIP) April 2004

Knowledge Management April 2004

Customer Relationship Management April 2004

GSA

.

Intel Server, Laptop, and Desktop Hardware

Definition: Machinery and equipment associated with application servers, laptop and desktop

personal computing devices. A server or personal computer is composed of both hardware and software. The software provides the instructions, and the hardware performs the processing.

GSA has an agency-wide Blanket Purchase Agreement (BPA) for purchase of computer hardware. The goal of the BPA is to remain current with the needs of the agency. In GSA all server, laptop, and desktop personal computers are to be procured from the BPA unless an exception is specifically granted.

Any exception to procuring servers, laptops, and desktop personal computers outside of the BPA requires a waiver from the OCIO before procurement.

GSA

.

Intel Server, Laptop, and Desktop Hardware





Responsible Group: End-User Computing Division, OCIO

CIO POC: L. Neifert

Author: E. Reynolds, 202 501 4423


Direction as dictated by BPA

(http://hwbpa.gsa.gov)

Direction as dictated by BPA

(http://hwbpa.gsa.gov)Direction as dictated by BPA

(http://hwbpa.gsa.gov)

Servers: Anything over 4 years old / retire at 5 yearsLaptops: Anything over 3 years old / retire at 4 yearsDesktops: Anything over 3 years old / retire at 4 years Servers: Anything over 5 years old

Laptops: Anything over 4 years old

Desktops: Anything over 4 years old

•The BPA is the agency wide vehicle for purchase of computer hardware. The goal of the BPA is to remain current with the needs of the agency. As such, the BPA offerings should indicate the baseline and strategic/tactical direction of the desktop hardware.•The above “In Containment” and “Retired” timeframes refer to primary hardware• Follow-up – Tablet PCs – add requirements to the new BPA

ITAPC Approved – April 2004

GSA

.

Thin Client

Definition: Server-centric, not device-centric Thin Client: What It Is

– A thin-client application is a logical construct, not a physical one. Thin-client desktop computing is server-centric. The applications are executed on the server and do not require client-resident installation; the graphical user interface and some application logic may be rendered to the client.

Thin-client desktop computing also includes browser and Java-based applications where the applications are centralized on servers, but some of the presentation logic and some application logic may be distributed to the client.

Thin Client: What It Is Not– A common misperception is that a thin-client application is device-centric and requires a

thin-client device, like a Windows terminal. Thin-client applications do not require a thin-client device. Choice of desktop device is secondary. The typical thin-client device is a PC configured with “fat client” applications and with access to thin-client applications. If enterprises are deploying a true thin-client device, all the applications must be deployed as thin-client applications.

GSA

.

Thin Client






Author: K. Rice, 202-501-0496


Windows 2000 Terminal Services

Metaframe Presentation Server

Windows 2003 Terminal Services

Metaframe Presentation Server

Metaframe Presentation Server Longhorn Terminal Services

Metaframe 1.8 – June 2005 (retirement)

Windows NT 4 TSE (as of January 2004) / June 2005

Some GSA organizations are not interested in upgrading beyond Metaframe 1.8 but concur in placing it in containment. NT4 TSE is no longer sold, and support stopped in January 2004 from Microsoft. Metaframe 1.8 is no longer sold but LIMITED support still exists.

ITAPC Approved: April 2004

GSA

.

Personal Productivity

Definition:

Technology for enabling personal productivity, such as the desktop Office Suite including word processing, spreadsheets, and presentation preparation. This also includes all other personal productivity software that the ITAPC has approved as GSA Standards and is included on the official GSA Desktop Image.

GSA

.

Personal Productivity






Author: K. Rice 202 501 0496


Microsoft Office 2003

MS Project 2003;

Visio 2003;

Microsoft Office 2003

MS Project 2003;

Visio 2003;

Microsoft Office X

MS Project X;

Visio X;

All earlier versions of MS Office, except MS Access 97 are retired as of 10/01/01.

Access 97 retired as of 1/1/03

MS Project 97 and any earlier MS Project applications as of 10/1/01.

Office 2000 to be placed in containment on 9/13/04

• The personal productivity suite has long been connected with the current desktop operating system. As such, the personal productivity suite closely mirrors the desktop operating brick.

• An approved exception is the use of WordPerfect and Lotus 1-2-3 for communication with certain external agencies.

ITAPC Approved: June 2004

GSA

.

Desktop Utilities

Definition:

Technology for enabling personal productivity besides the desktop Office Suite. This includes all other personal productivity software that the ITAPC has approved as GSA Standards. It also contains the standards for handheld devices.

GSA

.

Desktop Utilities






Author: K. Rice 202 501 0496


Misc: Real Player G2; Win Zip 9.0; Windows Media Player

Handheld Synchronization: Palm Pilot (Palm Desktop, EasySync, Intellisync) ; Windows CE (ActiveSync); Blackberry (Blackberry Desktop Software, WIC); Lotus EasySync

Document Viewer: AutoCad VoloViewer, Visio Viewer 2003, Adobe Acrobat Reader 6.x

Misc: Real Player X; Win Zip X ; Windows Media Player

Handheld Synchronization: : Palm Pilot (Palm Desktop, EasySync, Intellisync) ; Windows CE (ActiveSync); Blackberry (Blackberry Desktop Software, WIC) ; Lotus EasySync


Misc: Real Player X; Win Zip X ; Windows Media Player

Handheld Synchronization: : Palm Pilot (Palm Desktop, EasySync, Intellisync) ; Windows CE (ActiveSync); Blackberry (Blackberry Desktop Software, WIC) ; Lotus EasySync

Document Viewer: AutoCad VoloViewer, Visio Viewer X, Adobe Acrobat Reader X

All previous versions of Real Player, Win Zip, and Visio as of 1/01/03. Inovie Team Center as of 10/1/01;

Desktop utilities were previously shown as part of the Personal Productivity “brick”, they are ITAPC approved GSA Standards.

Inclusion of Visio and Project Management on this brick will be revisited in the next FY.

Follow-up – research FTP capabilities and utilities – Possible solution: WS FTP


GSA

.

Web Browser

Definition:

A software program on a client system used to locate and display Hypertext Markup Language (HTML) documents on an intranet or the Internet. Browsers are most often used to access World Wide Web pages. Most browsers can display graphics and photographs as well as text, and can present multi-media information, including sound and video, which may require additional applets called plug-ins. Netscape Navigator and Microsoft Internet Explorer are examples of browsers.

GSA

.

Web Browser






Author: K. Rice 202 501 0496


MS Internet Explorer 6.0MS Internet Explorer 6.X MS Internet Explorer X.X

MS IE 5.x placed in containment

(effective 15 Jun 2003)All versions of Netscape (effective Nov 2000).

All versions of IE before 5.0 (effective 15 Jun 2002).

•Currently, the web browser is heavily dependant on the OS in which it operates. Currently IE does the best job with the standard GSA OS and is widely accepted in the www environment. Netscape can only be used with an approved waiver from the Desktop Standards Subcommittee.

•An approved exception is for developers to use other browsers to support external clients.


GSA

.

Application Technologies

Definition:

This element focuses on the specification for the tools and languages associated with the development of new applications, both large (enterprise) and smaller (workgroup). Such applications may or may not involve WEB access.

GSA

.

Application Technologies





Responsible Group: Enterprise Architecture Subcommittee, OCIO

CIO POC: C. Bowers

ITAPC Approved; Apr 2003



ToolsMS Visual Studio.NET;J-BuilderOracle Development SuiteBusiness Objects DesignerBusiness Objects SDKSAP EnterpriseLotus Domino Designer

Languages PERL HTML; CGI; Java; Java Script; C++; C; XML;

Tools-MS Visual StudioNET; -J-Builder; Eclipse;-WSAD*-Oracle Development Suite -Lotus Domino Designer- Business Objects Designer / SDK

LanguagesC++; C# PERL;Java:Java ScriptHTML; XML;

ToolsMS Visual Studio.Net; J-Builder; Oracle Development Suite ;Business Objects Designer / SDK

PowerBuilder; 9/11/03 / May 2008

COBOL; May 2004 / May 2010

Visual Basic 6 & earlier; May 2004 / 2007

APC: Clipper, 9/11/03Power-J, 9/11/03

This brick was de-conflicted (compared) to the Web Hosting brick to eliminate redundancy on 9/8/2003.*WSAD = Websphere Solution Application DevelopmentFollow-up – determine which Oracle and SAP development tools are being used within GSAFollow-up – determine the decision to explicitly use or not use Visual Basic .NETFollow-up – determine the usage of PERLFollow-up – look for consolidation opportunities with J-Builder, WSAD and Oracle J-DeveloperFollow-up – determine future strategic direction regarding development in Java vs. .NET – Where and how each is used.Follow-up – Lotus -- evaluation and reassessment in conjunction with collaboration platforms by May 2006. A separate and earlier decsion could be made about LotusScript and @function use before deciding on environment, since IBM’s direction is to deprecate these development languages.Follow-up – determine positioning of C/C++ and its usage

Languages

Java;

Java Script, PERL; C#,

C++;

HTML;

XML;

GSA

.

Web Hosting Infrastructure

Definition:

Technologies and infrastructure elements associated with development and support of web-based applications and electronic commerce as it pertains to web server and application server capabilities. Examples include Web Hosting Services, Enterprise Information Portals, Application servers.

Web content management (WCM) infrastructure is the core platform for enabling related technologies such as personalization, multi-channel output, and e-commerce. Adoption of WCM is a prerequisite for a competitive global Web site and enterprise portals for all but trailing-edge enterprises.

GSA

.

Web Hosting Infrastructure





Responsible Group: IOA Division, OCIOCIO POC: Sally Perry

Author: Mark Kaprow (202) 501-2886


Netscape Enterprise Server 3.x, iPlanet 4.x;Sun One Web Server 6.xOracle 8i Enterprise EditionIBM Lotus Domino 5.x, 6.xMicrosoft IIS 4.x, 5.xApache 1.3.x, 2.0.xAnalog 5.x, Zeus 4.xBroadvision 7.x Verity Ultraseek 4.x, 5.xWebtrends 6.x, J2EEColdFusion 5.x

Sun One Web Server 6.xOracle 9iAS / 10g Enterprise EditionIBM Lotus Domino 6.xMS IIS 5.x, Apache 2.x, Zeus 4.xVerity Ultraseek 6.xVerity Response, Verity K2Webtrends 7.xBroadvision 7.xWeblogicJ2EEColdFusion MX

Sun One Web ServerOracle Enterprise EditionIBM Lotus Domino 7.xMicrosoft IIS, Apache, ZeusVerity UltraseekVerity Response, Verity K2Webtrends, BroadvisionWeblogic Web Services; J2EEColdFusion X

Netscape Enterprise Server 3.x (2002 / September 2004)Analog 4.x (January 2003 / September 2005)Verity Ultraseek 4.x (March 2004 / September 2004)IBM Lotus Domino 5.x (March 2004 / December 2004)Microsoft IIS 4.x (April 2003 / September 2004)iPlanet 4.x (April 2003 / December 2006)Apache 1.3.x (April 2003 / September 2008)Broadvision 6.x (October 2003 / October 2004)

O’Reilly Website (1999)Live-Wire Connect (2000)Aria (Fall 2002)Domino 4.x (April 2003)Webtrends 5.x (March 2004)

ITAPC Approved –

For clarification - Netscape Enterprise Server became iPlanet in version 4.x and then Sun One Web Server 6.x when it changed vendors.Follow-up - need to develop a strategic direction and consolidation approach. Potential categories within the standards above include web servers, application servers, web site measurement, search, content management

GSA

.

Digital Document Technology

Definition:

This element has evolved into Integrated Document Management (IDM) software. It is a type of middleware for organizing electronic documents; managing content; enabling secure access to documents and unstructured data; routing documents and automating related tasks; and facilitating document distribution. IDM products provide functionality for storing, locating, and retrieving information throughout the document's life cycle; i.e., from the time it is created to the time it is archived to offline storage media. Many current IDM vendors and products take this life-cycle approach by addressing the following processes: authoring/creation, review and approval, distribution, and archiving.

GSA

.

Digital Document Technology






ITAPC Approved; April 2004


Author: K. Rice, 202-501-0496

Documentum;Adobe Acrobat Lotus Notes (.nsf); Internet Quorum (Correspondence Tracking) Lasherfishe

Documentum;Adobe Acrobat Lotus Notes (.nsf); Internet Quorum (Correspondence Tracking) Lasherfishe

Documentum; Adobe Acrobat Lotus Notes (.nsf); Internet Quorum (Correspondence Tracking)Lasherfishe

Adobe Acrobat 4.x as of 10/01/01

•Requirement of the Paperwork Elimination Act. File formats are governed by Draft OAD 1820.2 “Managing Electronic Records.”•As the need arises – determine specific GSA requirements for specifying standards for content management and records management•Follow-up – Notes/.nsf evaluation and reassessment in conjunction with collaboration platforms by May 2006

Adobe Acrobat 5.x / May 2004 / May 2005

GSA

.

Knowledge Management

Definition:

A discipline that promotes a collaborative and integrated approach to the creation, capture, organization, access and use of an enterprise’s information assets. This includes databases, documents and, most important, the un-captured, tacit expertise and experience of individual workers. The Gartner KM Process Framework defines five KM activities:

– Create: The activities that result in new knowledge.

– Capture: The activities that enable capture and representation of tacit knowledge in explicit form, thereby moving knowledge from the individual and making it available across the enterprise.

– Organize: The activities that classify and categorize knowledge for storage and retrieval purposes. This includes maintenance of knowledge data as well as the indices, maps and processes that manage it.

– Access: The activities through which knowledge is disseminated to or requested by users

– Use: The application of knowledge to work activities, decisions and opportunities. Use is recursive, i.e., it generates feedback that affects the other activities, and this feedback may be injected into the KM process through any of the other four activities.

GSA

.

Knowledge Management





Responsible Group: Enterprise Architecture Office, OCIO

CIO POC: C. Bowers




•There is no current GSA ITAPC approved standard for Knowledge Management

• Any GSA Service of Staff Office considering development of a Knowledge Management System must present their proposed system to the ITAPC for approval and possible acceptance as a GSA Information Technology Standard

GSA

.

Customer Relationship Management

Definition: Customer Relationship Management - CRM refers to the concept of moving ownership of the

customer up to the enterprise level and away from individual departments and/or lines of business (LOBs). These departments/LOBs are still responsible for customer interactions, but the enterprise is responsible for the customer.

To accomplish CRM, the enterprise brings automation to each customer touch point (i.e., initiatives in sales force automation, the Internet, point of sale, and call/contact centers are all pieces of CRM, but they are not substitutes for it).CRM is:

– composed of tactics, processes and behaviors;

– not a technology; technology is the enabler of strategy, tactics, processes, and skill sets.» the technology is implemented tactically.

– an initiative that causes fundamental changes in the organizational structure — from departmental/LOB (internal) to functional (customer) view.

– very public: it is centered around your customer and anything that “goes wrong” becomes visible very quickly.

GSA

.

Customer Relationship Management






CIO POC: C. Bowers




Siebel Enterprise Server V7.0.4;

Actuate e.reporting

•Firstlogic

•Fulcrum

•Visual Mining

•Customer Profile System (CPS)

Siebel Analytics V7.5/3GS; SAP

Customer Profile System (CPS)

SAPCustomer Profile System (CPS)Siebel X

Follow-up – Is SAP going to be used (strategic direction) – what types of CRM functions will be used in SAP?

Follow-up – clarify CPS’ role in relation to Siebel

Follow-up – clarify status, direction, and location (where in brick) for the use of Actuate e.reporting, Firstlogic, Fulcrum, and Visual Mining

GSA

.

Database Management Systems

Definition:

A Database Management System (DBMS) is a program (software package) that enables end-users or application programmers to create and access data in a database. The DBMS manages user requests (and requests from other programs) so that users and other programs are free from having to understand where the data is physically located on storage media and, in a multi-user system, who else may also be accessing the data. In handling user requests, the DBMS ensures the integrity of the data (that is, making sure it continues to be accessible and is consistently organized as intended) and security (making sure only those with access privileges can access the data). A DBMS manages data in databases rather than files in file systems.

GSA

.

Database Management Systems





Responsible Group: Enterprise Architecture Division, OCIO

CIO POC: C. Bowers




MySQL; Oracle; MS SQL Server;Netweaver; Notes*; Sybase; DMSII

Desktop: MS Access

Oracle 8.x, 2004; FoxPro, 2004 Progress, May 2004 / May 2006

MySQL; Oracle; MS SQL Server;Netweaver; Notes*; Sybase; DMSII

Desktop: MS Access

MySQL; Oracle DB; MS SQL Server;Netweaver; Notes*; Sybase; DMSII

Desktop: MS Access

*Not suitable for high volume transactions – not relational.Follow-up – Notes as a database – evaluation and reassessment in conjunction with collaboration platforms and electronic messaging by May 2006

GSA

.

Data Warehousing

Definition:

A storage architecture designed to hold data extracted from transaction systems, operational data stores and external sources. The warehouse then combines that data in an aggregate, summary form suitable for enterprise-wide data analysis and reporting for predefined business needs. The five components of a data warehouse are production data sources, data extraction and conversion, the data warehouse database management system, and data warehouse administration.

Note: for our purposes, Business Intelligence is treated as a separate architecture element.

GSA

.

Data Warehousing






CIO POC: C. Bowers




DBMS: See DBMS standard

Extract, Transformation, Load (ETL) tool: Informatica Power Center 6.0, SAP, ADT

Data Modeling: System Architect, AllFusion Data Modeling Suite (previously known as Erwin)

Metadata Management: Informatica, Advantage Data Transformer Enterprise Metadata Edition (ADT EME)

DecisionBase(CA); (May, 2004/May, 2005)Sybase inbuilt; (May, 2004/May, 2005)DTS for SQL Server; (May, 2004/May, 2005)Sybase PowerDesigner for DW (May, 2004/May, 2005)


Extract, Transformation, Load (ETL) tool: Informatica Power Center 6.0, SAP, ADT


Metadata Management: Informatica, Advantage Data Transformer Enterprise Metadata Edition (ADT EME)


ETL: Informatica Power Center, SAP, Advantage Data Transformer (ADT)

Data Modeling: System Architect, AllFusion Data Modeling Suite

Metadata Management: Informatica; Oracle, ADT EME

Oracle8 all versions -- Dec., 2003 (for data warehousing)

GSA

.

Business Intelligence Tools

Definition:

An interactive process for exploring and analyzing structured, domain-specific information (often stored in data warehouses) to discern trends or patterns, thereby deriving insights and drawing conclusions. The BI process includes communicating findings and effecting change. Domains include customers, suppliers, products, services and competitors. Has the following attributes: web-enabled multidimensional analysis; data transformation capability; data integration capability; support Oracle & Access & SQL Server; provide ODBC & SQL & DB2 interfaces; suited to both Windows and UNIX environments; provide download capability to Excel.

GSA

.

Business Intelligence Tools






CIO POC: C. Bowers

ITAPC Approved:



Oracle Discover Tools (QR);

URSA (QR); (for Unisys ClearPath)

Business Objects (QR); (Crystal Reports (QR))

Pilot Business Analyzer (M);

PilotWorks (GPM); (status TBD)

Primavera (pending evaluation)


Oracle BI Beans (M);

URSA (QR);

Business Objects (QR);

(Crystal Reports (QR))

Pilot Bus. Analyzer (M);

PilotWorks (GPM);


Oracle BI Beans (M);

Business Objects (QR);

Crystal Reports (QR);

PilotWorks (GPM);

CA Decision Base, 12 Jun 2003;

Hyperion, 12 Jun 2003;

Pilot Decision Support Suite, 30 Nov 03

Conference Notes:

Primavera, wInsight &Dekker are leading EVM tools. See “Task2GSA EVM Tool Survey.” – need to establish EVM vendor

PilotWorks -- Pilot is specializing in organizational performance management. It is the only web-enabled PM system with drill to supporting stats. It won the Intelligent Enterprise Readers' Choice Award as the "Best Business Performance Monitoring & Management Environment.“

(QR) Query Resource, (EVM) Earned Value Management

Note: Crystal Reports purchased by Business Objects, which will result in a combined tool set in the future

GSA

.

Enterprise Application Integration (EAI)(Intra-Enterprise Middleware)

Definition:

Traditional EAI oriented middleware includes Application Servers and MOM tools. Application Servers encapsulate presentation controllers, business logic, and resource tier data access. MOM tools are typically used for operational data store synchronization, and synchronous request/reply or asynchronous pub/sub application to application integration.

Together, these tools provide a framework that includes components to handle the data movement and data transformation within business processes, and the specific adapters that provide access to the information residing in particular applications or other data sources.

The goal of EAI is to allow a company to manage integration as one system rather than trying to administer ‘point to point’ middleware scattered about the enterprise's IT infrastructure.

EAI is in flux as Application Server and MOM vendors repurpose their tools to incorporate technologies that facilitate long running, transaction oriented workflows that span enterprise boundaries, which leads to the next ‘Middleware – Web Services’ Brick.

Author, G.Thomas

GSA

.

Enterprise Application Integration (EAI) (Intra-Enterprise Middleware)






CIO POC: C. Bowers

ITAPC Approved; Jul 2003


Author: G.Thomas, 202-219-1979

Enterprise Service Bus (ESB) is a standards-based integration backbone that combines messaging, Web services, transformation and intelligent routing to reliably connect and coordinate the interaction of hundreds of application endpoints spanning a global organization.

Oracle Application Server; Platinum - June 2002 Retrievalware - June 2003

Native SQL API; JDBC; Sybase Enterprise Portal/ EAS;Open A ODBC; Open A JDBC; DQ Broker; Tuxedo; Oracle 9iAS/Portal

Commercial: BEA WebLogic; IBM WebSphere; MS.NET; Sybase Enterprise Portal/ EAS; Tuxedo; Oracle 9iAS/10g/Portal

Open Source:•JBOSS, Tomcat

•Emphasis should be placed on event driven asynchronous (non-blocking) messaging using the JMS standard in J2EE with XSD payloads so that they may be later deployed via Web service protocols that will secure and reliably route, transform and choreograph message sequences on the externalized ESB. Internally, interoperability with existing EIS systems should be based on JCA.•Follow-up (URGENT) – consider rationalization between this brick, the WEB Hosting brick and the Web Services brick (Possible bricks include Application Server Platforms, EAI Protocols, Content Oriented Website, etc.)•Follow-up (URGENT) – consider the strategy around application server platforms and how much platform functionality GSA needs. – vendors considered should include Oracle, IBM, Microsoft, Sybase, BEA and JBOSS (Open Source).

GSA

.

Enterprise Application Integration (EAI) (Web Services)

Definition: Web Services support the extension of traditional EAI Application Servers and MOM queues as Enterprise Service Bus technologies, which implements a Service Oriented Architecture (SOA) that is the foundation for an IT infrastructure framework based on a logical Publish/Find/Bind/Execute processing model.

SOA emphasizes trans-enterprise interoperability of loosely coupled distributed components whose orchestrated XML message choreographies use open Internet standard transports and protocols. Web Services open standards are the foundation for SOA, moving the focus of IT interoperability from applications to message streams.

The WS-I standards (also part of the TRM) include the basic Web Service standards that make the ‘publish-find-bind’ paradigm possible. Publishers are providers who expose application component interfaces to be discovered or found by component consumers via a component registry, whereupon they can bind to and execute the services listed based on establishing a contractual agreement of their roles in the message sequencing.

OASIS and IBM/MS are driving the set of specifications that are emerging as the SOA/ESB Platform, based on Web Services technologies. Web Service deployment gives rise to a complementary set of Orchestration and QoS Management tools for ESB technologies, which is an emerging and rapidly evolving market space.

Author, G.Thomas

GSA

.

Enterprise Application Integration (EAI) (Web Services)






CIO POC: C. Bowers

ITAPC Approved; Jul 2003


Author: G.Thomas, 202-219-1979

WS-I Extended ProfilesSonic ESBFOSS – JBOSS/Apache SOIP

•WS-I Basic Profiles•UDDI, (ebXML RIM, WSIL)•WSDL•SOAP

•XML/XSD

FOSS

•Emphasis should be placed on WS-* stack that externalizes a JMS backbone, implemented with Free and Open Source Software (FOSS).•Follow-up (URGENT) – consider rationalization between this brick, the WEB Hosting brick and the EAI (Intra-Enterprise) brick (see comment on EAI -- Intra-Enterprise Middleware brick)•Follow-up – consider a brick at a standards level as well as an architecture/product level

GSA

.

Workgroup Computing

Definition:

This element is a broad one that encompasses applications that deliver capability for group collaboration and light workflow. Much of this functionality (e.g., message transfer agents, directory, gateways, e-mail clients, collaborative tasks, scheduling) is now combined in comprehensive “GroupWare” packages like Microsoft Exchange or Lotus Notes Domino.

Another way to think of this is to roll up to a higher level category: collaborative computing. This generally includes the four elements of:

GroupWare/Collaboration toolsMessaging/directory servicesElectronic document management/workflowE-mail/calendaring/scheduling

Because document management, e-mail/calendar/schedule have been covered elsewhere, this brick will cover only workflow and groupware/collaboration.

GSA

.

Workgroup Computing






Author: Paul Butler (202) 219-0382


IBM Lotus Notes 5.x & 6.x (client)IBM Lotus Domino 5.x & 6.x (server)IBM Lotus SameTime 2.x & 3.x (6.x)*IBM Lotus QuickPlace 2.x & 3.x (6.x)*Accessible FormNet 2.x

IBM Lotus Notes 6.x (client)IBM Lotus Domino 6.x (server)IBM Lotus Instant Messaging 6.x*IBM Lotus Web Conferencing 6.x*IBM Lotus Team Workplace 6.x*Accessible FormNet 2.x

IBM Lotus Notes 7.x (client)IBM Lotus Domino 7.x (server)IBM Lotus Instant Messaging* IBM Lotus Web Conferencing*IBM Lotus Team Workplace* Accessible FormNet

IBM Lotus Notes 5.x (March 2004 / December 2004)IBM Lotus Domino 5.x (March 2004 / December 2004)IBM Lotus SameTime 2.x (December 2003 / December 2004)IBM Lotus QuickPlace 2.x (December 2003 / December 2004)

Surfer (October 2001)IBM Lotus Notes 4.6.x (client) (June 2003)IBM Lotus Domino 4.6.x (server) (June 2003)


• IBM Lotus Software has rebranded several of its products. IBM Lotus Quickplace is now referred to as IBM Lotus Team Workplace and IBM Lotus Sametime has been divided into two pieces known as IBM Lotus Instant Messaging (IM/Awareness) and IBM Lotus Web Conferencing. Also, future releases of Notes/Domino extended products, which includes Quickplace and Sametime, are being synchronized with the Domino release numbering scheme to maintain version coordination among products. The above name and numbering changes apply to all future releases of 3.x and above.

• Follow-up – evaluation and reassessment of collaboration platforms by May 2006

GSA

.

Remote Access

Definition: Remote access is the ability to log on to a network from a distant location.

Generally, this requires a computer, a modem and remote access software to allow the computer to dial into the network over a telephone line. Remote access can promote productivity and cut costs., employees can retrieve corporate information and use E-mail when they are traveling.

Any employee that works outside the office and uses wide-area networks (WANs) to connect back to a business office to coexist with office counterparts, is also engaged in remote access. The definition applies regardless of the type of network and end connection used, i.e., public switched telephone network, ISDN, value-added network, generic digital subscriber line (xDSL), frame relay, asynchronous transfer mode (ATM), cable modem, private circuit, public Internet, or partner extranet. The definition applies to anyone who formally works in the enterprise supply chain, including employees, partners, customers, suppliers and contractors.

GSA

.

Remote Access





Responsible Group: Internetworking Division OCIO

CIO POC: G. McNerney

Author: Dianne Phillips, 202,219-2114


Cisco AS5350;

Virtual Private Network (VPN) Next Generation (NG ) FP3.

Cisco AS5350;

VPN/ NG FP3;

VPN NG , Application Intelligence (AI) R55;

Cisco AS5350;

VPN/NG/AI R55;

VPN NG / September 2004 /Retirement is dependant on Testing ,LAN Admin and end-user migration.


•Follow-up – VPN Smart Gate used by the local area backbone network (discussion/additional detail to be reviewed)

•This brick is focused on remote access security

•Follow-up – consider expanding standards to include policy or other standards to address other hardware and connectivity. For example, it could set preferred connectivity service providers.

GSA

.

Personal Digital Assistant (PDA) Devices

Definition:

Wireless PDA -- devices that synchronize wirelessly via the cellular network or other wireless networks.

Wired PDA – devices that synchronize via desktop or laptop computer

GSA

.

Personal Digital Assistant (PDA) Devices








Author: K. Rice, 202-501-0496

Wireless PDA: PBS supported Blackberry devices

Wired PDA: Any PalmOS, Windows CE devices

Wireless PDA: PBS supported Blackberry devices

Wired PDA: Any PalmOS, Windows CE devicesWireless PDA: PBS supported

Blackberry devices

Wired PDA: Any PalmOS, Windows CE devices

Wireless PDA -- devices that synchronize wirelessly via the cellular network or other wireless networks.

Wired PDA – devices that synchronize via desktop or laptop computer

The office of the Chief Information Officer (OCIO) and the Federal Technology Service (FTS), are the only two organizations authorized to operate servers to support non-standard and experimental wireless PDA services. Requests for a waiver of this policy must be addressed to the OCIO.

GSA

.

Desktop Operating Systems

Definition:

The main control program that runs a “normal office desktop computer” and sets the standard for running desktop application programs. It is the first program loaded when the computer is turned on, and it resides in memory at all times. An operating system is responsible for functions such as memory allocation, managing programs and errors, and directing input and output. It may be developed by the computer vendor or by a third-party independent software vendor.

GSA

.

Desktop Operating System






Author: K. Rice 202 501 0496


Windows 2000 and Windows XPWindows XP

Future versions of Microsoft (Longhorn)

Windows 2000 / 13 Sept 2004 / End of product supportWindows ME, Windows 98, MS NT 4.0 are retired effective 1 Oct 2001

• Other platforms such as MAC OS should only be deployed with a waiver from the Desktop Standards Subcommittee.• This brick applies to GFE including GFE home use.• Follow-up -- set projected retirement for Windows 2000.


GSA

.

Application/Data Server Operating System

Definition:

The main control program running on an Application Server or Data Server that sets the standard for running application programs or DBMSs. It is the first program loaded when the server is turned on, and it resides in memory at all times. The operating system is responsible for functions such as memory allocation, managing programs and errors, and directing input and output. It may be developed by the server vendor or by a third-party independent software vendor.

GSA

.

Application/Data Server Operating System






CIO POC: C. Bowers




Unisys MCP; Windows 2000 Server;Windows 2003 Server minus ADAM and Application Partitions;IBM AIX; LinuxSun Solaris

Windows Server 2003; IBM AIX;Sun Solaris;Unisys MCPLinux

Sun Solaris; Linux;Unisys MCP; IBM AIXWindows

300/MPE, / August 2003 / January 2006

NT 4.0 / August 2003 /December 2004

Follow-up – consider enterprise licensing for Linux (which must consider standardizing Linux distribution)

GSA

.

Network Operating System

Definition: The main control program for managing and administering local area network

resources. The program runs on domain controller servers. It is the first program loaded when the server is turned on, and it resides in memory at all times. The main functions of the network operating system are user authentication and authorization, application access, and printer and data sharing.

GSA

.

Network Operating System






CIO POC: L. Neifert

Author: L. Neifert, 202-501-0480


MS Windows 2000 Server w/Active Directory MS Windows Server 2003 w/ Active Directory

Novell / June 12, 2003 /April 1, 2005

Windows NT / June 12, 2004 / December, 2004

MS Environment /AD


GSA

.

Storage Management

Definitions: DAS (direct attached storage)

– Traditional, disks directly attached to the hardware platform that utilizes them, can include RAID technology.

NAS (network attached storage)– A NAS product combines a file server with storage and networking technologies.

Hardware issues touch upon processors, disk drives, RAID controllers, and network ports, while software includes the embedded operating system, file system and storage management. Networking technology involves network protocols such as the Ethernet and Fibre Channel.

SAN (storage or server area network)– SAN consists of two tiers: The first tier - the storage plumbing tier - provides connectivity

between nodes in a network and transports device-oriented commands and status. At least one storage node must be connected to this network. The second tier - the software tier - uses software to provide value-added services that operate over the first tier. Thus a simple Fibre Channel installation does not constitute a SAN by itself.

GSA

.

Storage Management






CIO POC: L. Neifert


Storage Technologies - Server Area Networks (SAN);Network Attached Storage (NAS);Direct Attached Storage (DAS)

NAS - (entry level,workgroup,departmental)SAN - (Turnkey Solutions to include disk, tape, management tools and services.)

NAS - (entry level,workgroup,departmental)SAN - (Turnkey Solutions to include disk, tape, management tools and services.)

•Large implementations of Direct Attached Storage is not as cost effective as NAS or SAN and should only be used for new requirements under extenuating circumstances and with a ITAPC approved waiver of these standards.

•Some vendors market products that manage data across both NAS and SAN referred to as Storage Virtualization Systems (SVS).

• NOTE: Any deployments need to consider network implications

• Follow-up – initiate discussion around standardization and sharing – priority driven by flexibility, requirements, and expense (current deployments include – NetAppliance NAS, iSCSI, NFS, EMC, Xiotech, Clarion

ITAPC Approved: April 2004 Author: L. Neifert, 202-501-0480

GSA

.

Wireless LAN

Definition:

GSA

.

Wireless LAN






ITAPC Approved; MMM YYYY



Follow-up – what should the protocol standard be? What should the security standard be? What is currently in use? There are three major levels of potential Wireless LAN standards: connectivity standards (e.g., 802.11a/b/g), security standards (e.g., 802.11i), and product/vendor standards for Wireless LAN equipment (some vendors provide equipment with stronger security features, for example).

Brick owner (temporary) – Office of the CTO, for the purpose of identifying a long-term owner.

GSA

.

Information Technology Security

Definition:

Enterprise-wide IT security consists of policies, standards, architecture, processes, education, products and monitoring that all work together making up a comprehensive but sound solution to achieve Confidentiality, Integrity, and Availability. Enterprises lacking a comprehensive approach will incur large, unwarranted costs and ineffective results. The foundation for an enterprise-wide security initiative rests with a clearly defined set of technology-independent standards. These typically consist of a definition of roles and responsibilities, baseline controls, risk management requirements, and escalation and incident-response standards. All security technology falls into one of the four following categories of processes: AUTHENTICATION AUTHORIZATION ADMINISTRATION AUDIT

GSA

.

Information Technology Security - Authentication

Definition:

Authentication is the process by which the network or system validates the identity of a user’s logon information or verifies the integrity of a transmitted message from it’s source. A user’s name and password are compared against an authorized list, and if the system detects a match, access is granted to the extent specified in the permission list for that user. With a transmitted message, encryption procedures check to ensure it is from a trusted source using both hardware and software tools. IT Security Authentication components include: Password Management Single Sign-on Smart Cards/Tokens/Certificates Biometrics Firewalls and Firewall Appliances Remote Access Encryption DDoS Protection

GSA

.

Information Technology Security - Authentication

GSA Tactical Direction (Next 2 Years)LAN/WAN FW: CheckPoint FW NG, Cisco PIX(LAN and site-to-site WAN bridging only)VPN:, CheckPoint VPN NG, Smartgate VPN, Secure Client, and Cisco PIX for site-to-site WAN bridging Encryption: PGP, SSH, SFTP, SSLE-authentication Infrastructure

GSA Strategic Direction (2 to 5 Years)

Reduced Sign-on and VPN solutionsLAN/WAN FW enhancements


GSA Approved Standard (Current)LAN/WAN FW: CheckPoint FW NG, Cisco PIX (LAN and site-to-site WAN bridging only)VPN: CheckPoint VPN NG, Smartgate VPN, Secure Client, and Cisco PIX for site-to-site WAN bridgingEncryption: PGP, SSH, SFTP, SSL


Responsible Group: IT Security SubcommitteeCIO POC: K. Garbars

Author: Kurt Garbars, 202:208-7485

In Containment (Product/Date/Projected Retirement)

CheckPoint FW 4.1(July 04 /September 04)OPIE (Onetime Password System) (July 04/December 04)

ITAPC Approved – July 2004

GSA

.

Information Technology Security - Authorization

Definition:

Authorization is the right granted to an individual or system to access a networked system and the data stored on it. Authorization is typically set up by a system administrator and verified by the computer based on some form of user identification, such as a code number or password for local and remote access. Based upon authorization rights, the user can perform only certain procedures that are granted by the system administrator. IT Security Authorization components include: Application Protection Operating System Protection (Hardening) Resource (Data) Access Control Antivirus/Behavior Blocking Secure E-mail Web/Content/Spam Filtering Wireless Access Control Provisioning Identity Management Configuration Management Compliance Management

GSA

.

Information Technology Security - Authorization

GSA Tactical Direction (Next 2 Years)Virus Protection: McAfee Virus Scan, Netshield, Groupshield

Web/Content Filtering: Websense


Additional virus protection software using behavior blocking


GSA Approved Standard (Current)Virus Protection: McAfee Virus Scan, Netshield, Groupshield

GSA Approved Waivers and Additional Supporting InformationListserv.gsa.gov uses a turnkey anti-virus solution from the vendor that uses F-secure anti-virus.





GSA

.

Information Technology Security - Administration

Definition:

Administration is the process in which those who are in charge of operations of a network or system, assisted by automated tools, make decisions on and maintain enforcement of rules and regulations of system use, install new workstations and other devices, add and remove individuals from the list of authorized users, archive files, oversee password protection and other security measures, monitor and analyze the usage of shared resources, ensure continuity of operations, handle malfunctioning equipment, and diagnose network problems. IT Security Administration components include: Bandwidth Management Backup Security Intelligence Consoles and Web Sites Event Management Consoles and Tools Intrusion Management Consoles and Aggregation Host-Based Intrusion Detection

GSA

.

Information Technology Security - Administration

GSA Tactical Direction (Next 2 Years)

NetIQ


Intrusion and Event correlation consoles and tools



NetIQ






GSA

.

Information Technology Security - Audit

Definition:

The audit process is an examination of equipment, programs, activities, and procedures to determine how efficiently the overall system or network is performing, especially in terms of ensuring the integrity and security of data. In the auditing process, an operating system uses a variety of procedures, such as database sampling and generating confirmation, to detect and record security-related events, such as an attempt to create, to access, or to delete objects such as files and directories. The record of each event is stored in a file known as the security log, whose contents are available only to those with the proper clearance. IT Security Audit components include: Network-Based Intrusion Detection Wireless Detection Tools Vulnerability Testing Tools Remote Perimeter Management (FW/IDS/Access Control) Managed Security Monitoring Vulnerability/Penetration Testing General Consulting

GSA

.

Information Technology Security - Audit

GSA Tactical Direction (Next 2 Years)LAN/WAN IDS: ISS Real Secure, Network Flight Recorder, Snort; Cisco IDS (LAN only)Scanners: ISS Internet Scanner, Nessus, L0phtCrack, NetStumblerAssessment Tools: ASSERT


Audit capability via enterprise management tool Enterprise level scanning and reporting toolsOther assessment tools


GSA Approved Standard (Current)LAN/WAN IDS: ISS Real Secure, Network Flight Recorder, Snort; Cisco IDS (LAN only)Scanners: ISS Internet Scanner, Nessus, L0phtCrack, NetStumblerAssessment Tools: ASSERT






GSA

.

Electronic Messaging

Definition:

Electronic messaging includes the combination of hardware (i.e. server), protocols utilized, and software (i.e. electronic messaging) capabilities that permit the electronic transmission and storage of messages (generally text or graphics) and attached or enclosed files. It also includes an E-mail application system that interfaces with the end-users. Some E-mail systems are limited to communication between end-users on the same network; others have gateways that allow end users to send messages to other designated computer systems or worldwide over the Internet. Once sent, the messages (also called E-mail) are stored in electronic mailboxes until the recipient retrieves them.

GSA

.

Electronic Messaging






Author: Anne Marie Davis (202) 219-3910


IBM Lotus Notes 5.x & 6.x (client)IBM Lotus Domino 5.x & 6.x (server)Tumbleweed Secure Mail Server 5.xCloudmark Authority 2.xWireless (Blackberry); SMTP; MIMELISTSERV 1.8x

IBM Lotus Notes 6.x (client)IBM Lotus Domino 6.x (server)Tumbleweed Secure Mail Server 5.xCloudmark Authority 2.xWireless (Blackberry); SMTP, MIMELISTSERV X

IBM Lotus Notes 7.x (client)IBM Lotus Domino 7.x (server)Tumbleweed Secure Mail ServerCloudmark Authority SMTP, MIME, S/MIMEWirelessLISTSERV X

IBM Lotus Notes 5.x (client) (March 2004 / December 2004)IBM Lotus Domino 5.x (server) (March 2004 / December 2004)

IBM Lotus Notes 4.6.x (June 2003)IBM Lotus Domino 4.6.x (June 2003)IBM Lotus EasySync 3.x (June 2003)


Follow-up – standardize / set direction for unified messagingFollow-up – evaluation and reassessment in conjunction with collaboration platforms by May 2006

GSA

.

Enterprise-wide Resource Management

Definition:

Acquisition, maintenance and ongoing management and support of hardware and software assets.

GSA

.

Enterprise-wide Resource Management






CIO POC: L. Neifert


Help Desk: Support Magic, Remedy, Unicenter AHD

Push: SMS, OnDemand Wininstall, Unicenter SDO

Remote Control: SMS, Proxy, Unicenter RCO, PC Telecommute (server management)

Asset Management: Support Magic, SMS, Computrace, Unicenter AMO, Dell Open Manage Client

Help Desk: CA Unicenter AHD, Remedy

Push: CA Unicenter SDO, OnDemand Wininstall

Remote Control: CA Unicenter RCO, ProxyAsset Management: CA Unicenter AMO, Computrace,

OnDemand Wininstall

CA Unicenter TND (single product)

Zen Works / ????? / ?????

Netwizard

• Unicenter TND’s time dimension, neural network agent, enterprise management portal, and advanced user interface technology capabilities will further support the strategic direction.

• Follow Up -- Look for a better solution for distributed updates and patch management (push, distributed updates), which is particularly important for teleworkers and for home GFE. Possible solutions include PatchLink and Mobile Automation, as well as other vendors/categories.

• Follow-up – consider taking a broader view of how GSA defines/approaches enterprise resource management – rather than desktop centric, it can include the broader picture of IT infrastructure management and Forrester’s vision of Organic IT. This follow-up items should include CIOs.

• Follow-up – close loop on Unicenter standardization -- what should be the scope of Unicenter usage and deployment?

• Follow-up – consider adding Windows Terminal Server and VNC as standards specifically for server management, as well as allowing contained usage of PC Anywhere.

Author: J. Donow, 202-219-0886ITAPC Approved:

PC Telecommute / ????? / ????? (desktop)

PC Anywhere / ????? / ????? (desktop)

GSA

.

Wide Area Network Topology

Definition: A communications network that connects computing devices over geographically

dispersed locations. While a local-area network (LAN) typically services a single building or location, a WAN covers a much larger area such as a city, state or country. WANs can use either phone lines or dedicated communication lines. Transmission speeds are typically slower than those of LANs.

GSA

.

Wide Area Network Topology





Responsible Group: Internetworking Division, OCIOCIO POC: G. McNerney

Author: R. Bess, 202-501-2866


Fractional T1 up to OC48;

Frame Relay;

ATM;

IP;

IPX


Frame Relay;

ATM; IP;

Testing Multi Protocol Label Switching (MPLS)


ATM; IP; MPLS;

Gigabit Ethernet

IPX / Apr 2003 / Retirement depends on network user demand

• It is expected that Frame Relay & ATM will continue to dominate the MAN/WAN market in the Tactical time frame with more deployment of MPLS in the WAN.


GSA

.

Wide Area Network Hardware

Definition: A router is a device that connects two networks . Routers receive packets of

information from computers or other routers on the network; they then send these packets to their destinations based on addresses at the beginning of the packets and a road map of the other computers and peripherals on the network and related networks.

A switch is a network device that filters, forwards, frames based on the destination address of each frame. The switch operates at the data link layer of the OSI model.

GSA

.

Wide Area Network Hardware





Responsible Group: Internetworking Division, OCIOCIO POC: G. McNerney

Author: R. Bess, 202-501-2866


Lucent B-STDX Switch;

Lucent CBX500 Switch.Lucent CBX500 Switch. Lucent CBX500 or possibly

GX550 Switch.

Lucent B-STDX Frame Relay Switch / Jun 1999 / Sep 2005

• WAN traffic and new application rollouts will determine the configuration of the edge devices on the network.• The CBX500 Switch should be viable through the next 4 years.• Emerging platforms include Ethernet WAN/Switching technologies, and Switching technology with storage support.


GSA

.

Structured Cabling /LAN Topology

Definition: A geographically limited communication network that connects users within a defined area. A

LAN is generally within a building or small group of buildings and is managed and owned by a single enterprise. The shorter distances within a building or campus enable faster communications at a lower cost than wide-area networks (WANs). Although an increasing number of LANs use Internet standards and protocols, they are normally protected from the public Internet by firewalls.LANs are generally used to perform the following functions:

– Print on printers attached to the network. – Transfer data or software to or from other systems attached to the network. – Send e-mail to other users on the network. – Access wider-area networks, including the Internet, via a direct connection from the network, for external

file transfer, e-mail, facsimile, group collaboration and video-conferencing. Structured cabling is the physical wiring of the environment that allows the interconnections

between devices. Lower level (OSI - physical layer) topology of the LAN and how LANs connect to other related resources.

Includes network cabling subsystems: horizontal, backbone, work area, equipment/computer room, telecommunications closet, entrance facilities, and administration.

Cabling standards bodies include National - ANSI/TIA/EIA 568-A and International - ISO/IEC 11801

GSA

.

Structured Cabling / LAN Topology






CIO POC: L. Neifert


Wiring: Cat 5e UTP; Multimode Fiber;

DataLink: Ethernet 10/100 Base T Cat 5e; 100Mb switched to desktop Ethernet 100 Base T; Gig uplinks in Wire Closets10/100 to the Ports; 10Gb between Core, GB ServersProtocol; TCP/IP

Wiring: Cat 5e UTP; Singlemode Fiber; WirelessDatalink: Ethernet/100 Base T; 10 Gigabit Ethernet;Protocol; TCP/IP

Wiring: Single-mode Fiber; Wireless; BluetoothDatalink: Ethernet 100; 10 Gigabit EthernetProtocol; TCP/IP (must plan for v.6)

Wiring: Coax; 100VG; Anylan, Cat 3Datalink: 10Base2;10BaseT;FDDI, FAST Ethernet/110BaseTX

• Wireless LAN is transitioning to a standards-based, high-bandwidth, cost-effective solution• It may be possible to squeeze out one more generation of LAN technology on existing MMF fiber to save the costs of SMF electronics,

but the end of the road for MMF is in sight.

February 2003

ITAPC Approved: April 2004 Author: J. Donow, 202-219-0886

GSA

.

Voice Over Internet Protocol (VoIP)

Definition:

Voice, Video, and White Boarding convergence are the technologies that support the transmission of voice, video, and white boarding over data networks. It includes such technologies as Voice Over IP, Voice over ATM, Voice over Frame Relay, Sametime and Quick Place.

GSA

.

Voice Over Internet Protocol (VoIP)





Responsible Group: Internetworking Division, OCIO

CIO POC: G. McNerney



Author: G. McNerney, 202-501-2812

SIP SIP SIP

H 323(voice)/January 8, 2004/12 months following release of CISCO call manager version 5.0, which is scheduled to be released mid CY 04

CISCO Call Manager currently implements CISCO’s SCCP (light-weight version of H323)

ITAPC approved waivers on Jan 8th, 2004 for R3 and R6 to deploy SCCP to field offices.

Follow-up – review interoperability between various vendor solutions

GSA

.

Directory Services – Identity Management

Definition:

A directory service works like a phone book by providing a listing of all named network resources including users, computers, servers, applications, printers and storage devices. It provides a map of the network so that objects can be accessed without end users knowing their exact physical location.

A directory service can store any information about a network resource that a network application or network users would find useful.

GSA

.

Directory Services – Identity Management






CIO POC: L. Neifert

Author: L. Neifert, 202-501-0480


Microsoft Windows 2000 Active Directory (AD)

AD integrated or LDAP compliant application directories

Microsoft Windows 2003 Active Directory

AD integrated applications

MetaDirectory/Provisioning

LDAP compliant application directories (LDAP 3)

Core security product (SSO) – (evaluation pending)

Federated Identity (SAML 1.0)

Single GSA Enterprise Directory

Unified Security Architecture - (Authentication/Authorization Web Services)

Federated Identity (SAML x, Liberty,

WS-Federation)

Microsoft Windows 2003 Active Directory

AD integrated applications

MetaDirectory/Provisioning

LDAP compliant application directories (LDAP 3)

Proprietary directories for specific applications / Nov 2002

Novell NDS / Nov 2002 / April 2005

New applications and modifications to legacy applications will be LDAP compliant.

NOTE: Various vendor implementations of LDAP may not seamlessly integrate with each other.

Oracle Internet Directory and legacy directories should be granted waivers to cover current product implementations

Follow-up -- Reconcile authentication architecture, biometric data collection, NIST recommendations with the security elements above

Follow-up -- Determine architecture and strategy for metadirectory and provisioning technologies (potentially password management, too)


GSA

.

Standards Profile

SERVICE AREA SERVICE STANDARD

User Environment End-User Hardware Intel Server, Laptop, and Desktop Hardware – Direction as dictated by the GSA Hardware BPA (http://hwbpa.gsa.gov)

Thin Client – Windows 2000 Terminal Services, Metaframe Presentation Server

WEB Browser – MS Internet Explorer 6.0

Personal Productivity – Microsoft Office 2003, MS Project 2003; Visio 2003

Desktop Utilities – Misc: Real Player G2; Win Zip 9.0; Windows Media Player

Handheld Synchronization: Palm Pilot (Palm Desktop, EasySync, Intellisync) ; Windows CE (ActiveSync); Blackberry (Blackberry Desktop Software, WIC); Lotus EasySync


End-User Utilities

End-User Software

GSA

.

Standards Profile (cont’d)


Application Services Application Development Environment

Application Technologies -

Tools: APC: Power Builder; C; MS Visual Studio;J-Builder, Oracle Software Suite, Business Objects Designer, Business Objects SDK, SAP Enterprise, Lotus Domino DesignerLanguages: Power-J, PERL, Visual Basic; COBOL; HTML; CGI; Java; Java Script; C++

WEB Hosting Infrastructure - Netscape Enterprise Server 3.x; iPlanet 4.x; Sun One Web Server 6.x; Zeus 4.x; Microsoft IIS 4.x, 5.x; IBM Lotus Domino 5.x; Apache 1.3.x, 2.0.x; Analog 4.x; Webtrends 5.x; Oracle 8i Enterprise Edition; J2EE; Broadvision 6.x, 7.x; Verity Ultraseek 4.x; ColdFusion

Digital Document Technology - Documentum; Adobe Acrobat, Lotus Notes (.nsf); Internet Quorum (Correspondence Tracking), Lasherfishe

Knowledge Management – There is no current GSA ITAPC approved standard for Knowledge Management

Customer Relationship Management – Siebel Enterprise Server V7.0.4;

Actuate e.reporting; Firstlogic; Fulcrum; Visual Mining; Customer Profile System (CPS)

Application Server Software

Application Systems

GSA

.



Data Services Database Technologies Database Management Systems - MySQL; Oracle; MS SQL Server; Netweaver; Notes*; Sybase; DMSIIDesktop: MS Access

Data Warehousing - DBMS: See DBMS standard

Extract, Transformation, Load (ETL) tool: Informatica Power Center 6.0, SAP,

ADT Metadata Management: Informatica, ADT EME

Business Intelligence Tools – Oracle Discoverer Plus;Business Objects Enterprise 6; URSA;Crystal Reports



Data Management

GSA

.



Integration Services Middleware

Application Integration

Collaboration

Interchange Technologies

Enterprise Application Interface (Intra-Enterprise) - Native SQL API; JDBC; Sybase Enterprise Portal/ EAS; Open A ODBC; Open A JDBC; DQ Broker; Tuxedo; Oracle Application Server; Platinum Enterprise Application Interface (Web Services) - WS-I Basic Profiles; UDDI, (ebXML RIM, WSIL); WSDL; SOAP; XML/XSD

Not defined at this time

Workgroup Computing – IBM Lotus Notes 5.x & 6.x (client); IBM Lotus Domino 5.x & 6.x (server); IBM Lotus SameTime 2.x & 3.x (6.x)*; IBM Lotus QuickPlace 2.x & 3.x (6.x)*; Accessible FormNet 2.x


GSA

.



Infrastructure Services Operating Systems Desktop Operating System – Windows 2000 and Windows XP

Application/Data Server Operating Systems – Unisys MCP; Windows 2000 Server; Windows 2003 Server minus ADAM and Application Partitions;IBM AIX; Linux; Sun SolarisNetwork Operating System - MS Windows 2000 Server w/Active Directory

Wireless Not defined at this time

Storage Management – Server Area Networks (SAN); Network Attached Storage (NAS); Direct Attached Storage (DAS)

Authenication - LAN/WAN FW: CheckPoint FW NG, Cisco PIX (LAN and site-to-site WAN bridging only)VPN: CheckPoint VPN NG, Smartgate VPN, Secure Client, and Cisco PIX for site-to-site WAN bridgingEncryption: PGP, SSH, SFTP, SSL

IT Security

Authorization - Virus Protection: McAfee Virus Scan, Netshield, Groupshield

Administration - NetIQ

Audit - LAN/WAN IDS: ISS Real Secure, Network Flight Recorder, Snort; Cisco IDS (LAN only)Scanners: ISS Internet Scanner, Nessus, L0phtCrack, NetStumblerAssessment Tools: ASSERT

Storage

GSA

.



Infrastructure Services (cont’d)


Electronic Messaging Electronic Messaging - IBM Lotus Notes 5.x & 6.x (client); IBM Lotus Domino 5.x & 6.x (server); Tumbleweed Secure Mail Server 5.x; Cloudmark Authority 2.x; Wireless (Blackberry); SMTP; MIME; LISTSERV 1.8x



Enterprise-Wide Resource Management – Help Desk: Support Magic, Remedy, Unicenter AHD

Push: SMS, Veritas Wininstall, Unicenter SDO, Netwizard, Zen Works

Remote Control: SMS, PC Anywhere, Proxy, Netwizard, Unicenter RCO, PC Telecommute

Asset Management: Support Magic, SMS, Computrace, Unicenter AMO, Veritas Winland, Dell Open Manage Client


Direction as dictated by the GSA Hardware BPA (http://hwbpa.gsa.gov)

GSA

.



Infrastructure Services (cont’d)

Voice

Wide Area Network Topology – Fractional T1 up to OC48; Frame Relay;ATM; IP; IPX

Remote Access – Cisco AS5350; Virtual Private Network (VPN) Next Generation (NG ) FP3.

Wide Area Network Hardware - Lucent B-STDX Switch; Lucent CBX500 Switch Structured Cabling/LAN Topology –

Wiring: Cat 5e UTP; Multimode Fiber;

DataLink: Ethernet 10/100 Base T Cat 5e; 100Mb switched to desktop Ethernet 100 Base T; Gig uplinks in Wire Closets10/100 to the Ports; 10Gb between Core, GB ServersProtocol; TCP/IP


Directory Services Directory Services - Microsoft Windows 2000 Active Directory (AD); AD integrated or LDAP compliant application directories

Voice over Internet Protocol - SIP

technical reference model ( information technology standards ) july 2004

Documents

gsa subsets of technologies

software components

gsa service areas

technology layer

current gsa

set of technologies

specific components

gsa enterprise architecture