InformationWeek
Defining The Business Value Of Technology
August 9, 1999
 Print this story |
continued...page 3 of 3
Automated Access
Johnson also plans to set up discussion forums on the extranet. "You want to make sure that discussion forums are not attended by people that don't belong in them because you might be discussing information about a client. It's something that other people within an agency don't have the right to see. Groups of people with common interests will be able to form a discussion group on the fly."
In addition to managing access rights, policy-based networking can make sure that trading partners' traffic always has bandwidth available to it on network connections that are otherwise congested. "Policies let you selectively define relationships between business partners," says Todd Chipman, an analyst at Giga Information Group.
For example, a company can specify that a particular supplier whose products are vital to operations or that does a particularly high volume of trading receives more bandwidth across the network. Or an IT department can specify that a critical procurement application receives priority treatment across the network.
New Jersey's Johnson plans to use policies to control the amount of bandwidth available to a particular application on the extranet. In addition to standard Web browsing and E-mail, database-intensive case management and benefits screening applications will run across the extranet. "We want to make sure that important database information that is being traded over that same infrastructure gets a higher level of service than FTPs or E-mails," he says.
If all this sounds complicated, that's because it is, Johnson. says. "If you don't put the right object in the right space, all of a sudden one agency can control policies at 20 other agencies," he says. "We don't want that to happen."
This level of complexity causes many IT managers to scoff at the idea of implementing network policies. Maintaining directories of objects that specify which user gets priority over which application at what time of day has the ring of an administrative headache that network managers would just as soon avoid.
Rather than setting up and managing policies that control bandwidth levels for different applications and users, many IT managers are content to simply increase the amount of bandwidth available on the network. This is particularly easy and inexpensive in LANs, where bandwidth is essentially a commodity. And in smaller intranets and extranets, administering security for individual users and user groups may prove to be no more difficult than it is to implement a policy server, synchronize it with the directory, make sure networking devices are implementing the policies, monitor bandwidth so that priority application traffic is not disrupting other applications, and so forth.
Despite the challenges, maintaining policy servers and making sure they exchange the correct information with directory servers and internetworking equipment is less complicated than having to manage the access rights of 20,000 or more users, Johnson says. "It's more complex than vendors want you to believe," he adds. "But it's a good complex, because when you're done with it, you have a functioning, scalable extranet that you can rely on for people exchanging information."
In addition to lists of state and contractor contacts, the state's extranet will let users access information about individuals who are receiving state services. A case worker at an agency would be able to track what state support a particular client is receiving, as well as from which other agencies he or she is receiving services. The case worker could also locate and contact employees in the state welfare office that might be able to assist a particular client or identify other contracted agencies that provide job-training services.
Related links:
And from our sister publications:
Policies automate the process of providing users with rights to access confidential information stored on state servers. "Information about individuals has to be extremely well-protected," Johnson says. "Instead of enumerating every case worker in a database server, I would set up a policy that says everyone identified as a case worker is allowed to see this information." However, human-resources reps and other extranet users not identified as case workers would be blocked from viewing any confidential information on people going through the system.
return to page 1, 2
Back to This Week's Issue
Today's Top News
- Practical Analysis: 802.11 -- The Blu-Ray Of Wireless
- How To Improve Your End-User Device Strategy
- 10 Questions To Ask About Netbooks
- Down To Business: The 'Jobs Summit' And The Role Of Government
- How To Improve Your End-User Device Strategy
- CIO Profiles: Marc Probst, VP And CIO Of Intermountain Healthcare
Featured Microsite
