Professional Documents
Culture Documents
Web Software Best Practices Update 111112
Web Software Best Practices Update 111112
OBJECTIVE
Monthly update on web application & platform services hardware & software infrastructure
Whats been done in the month What new issues have been identified Whats left to be done Timeframe
HARDWARE INFRASTRUCTURE
Best Practices Co-lo Facility Redundant Power Redundant Network Connection Redundant, Load Balanced Servers Clustered Database Storage PULS ABE 1 COLT
Green - In Place Yellow - Scheduled, < 90 Days Away Red - Scheduled,> 90 Days Away Black Not Planned
Test and re-configure to optimize COLT Load Balanced Web and COMM servers. Migrate ABE 1 customers to COLT Implement redundant PULS server & clustered database in the upcoming PULS 2 system
Manually thinning ABE 1 database on a regular basis to maintain performance Active Monitor for ABE 1 device command performance
PULS 2.0 is in active development. PULS is using Virtualized Servers for the PULS 2.0 project.
Green - In Place Yellow - Scheduled, < 90 Days Away Red - Scheduled,> 90 Days Away Black Not Planned
SYSTEM RELIABILITY
Best Practices Documented 99% Service Level Agreements (SLAs) Monitor Server CPU Usage Monitor Server Memory Usage Monitor Disk Usage Monitor Network Throughput Monitor Each Application Function Monitor Log Files Monitor Web Traffic for Excessive Requests from IP Ranges Monitor Database Growth Web Analytics to Monitor Usage Behaviors LMU Communication PULS ABE 1 COLT
Green - In Place Yellow - Scheduled, < 90 Days Away Red - Scheduled,> 90 Days Away Black Not Planned
SECURITY
Whats Been Done This Month
Best Practices Firewalls SSL used for all logins User Account & Login Management Detect Machine/Computer Attempts at Login Captcha (computer detect) Security Scanning Regular Operating System Security Patches Regular Application Security Upgrades PULS ABE 1 COLT Security Audit by Neohapsis completed for the COLT environment. DEI validated their handset upgrades with COLTs repeated-failed=loginlocking, Sesstion Timeout and mandatory SSL. Features will be released by 8/1.
Green - In Place Yellow - Scheduled, < 90 Days Away Red - Scheduled,> 90 Days Away Black Not Planned
DISASTER RECOVERY
Whats Been Done This Month
Best Practices Load Balanced Server Failover Geographically Distributed Co-Lo Facilities (Facility Backup) Daily Server Backups Offsite Storage for Server Backups Own the IPs used in MRM Device Communication (for re-pointing to new facility) PULS ABE 1 COLT IS worked with offshore Co-Lo facilities to architect mandatory Carrier VPN tunnels In test on Load Balanced Failover servers All MRM units under Calamp control have been migrated to new PULs DNS. Working with customers to migrate their individual units.
Green - In Place Yellow - Scheduled, < 90 Days Away Red - Scheduled,> 90 Days Away Black Not Planned
Source Control
Software Release Process Secure Coding
VERSIONONE
VersionOne is a cutting edge web-based Project Management tool that supports all phases of software development lifecycle and latest development methodologies such as Scrum, XP, Kanban, AgileUP, and DSDM
10
11
12
13
14
SUMMARY
COLT: Focus on continuous performance & security monitoring
Neohapsis audit of COLT is complete. 12 vulnerabilities were indentified and the development team is working to close them in the next COLT release (v4.0). Migrate COLT project management and SQA management onto new Agile toolset (RallyDev or VersionOne). Complete configuration and testing of Web and COMM servers load balancing to support the migrated ABE 1.0 customers Continuously monitor performance & security. Implement upgrades to close issues.
15