Software Architecture: ASP-Application Service Provider Model Analysis

March 23, 2010

To Study ASP-Application Service provider model for Application hosting

By: Shahzad Sarwar
To:Development Team+ Management
Date: 23 March 2010

1. Objective:
To Study the deployment of PCMS, Pegasus Cargo Management System in a Application Service Provider Model.

2. ASP Model Archiecture
The application software resides on the vendor’s system and is accessed by users through a web browser using HTML or by special purpose client software provided by the vendor. Custom client software can also interface to these systems through XML APIs. These APIs can also be used where integration with in-house systems is required. ASPs may or may not use multi-tenancy in the deployment of software to clients; some ASPs offer an instance or license to each customer (for example using Virtualization), some deploy in a single instance multi-tenant access mode, now more frequently referred to as “SaaS”.
Common features associated with ASPs include:
• ASP fully owns and operates the software application(s)
• ASP owns, operates and maintains the servers that support the software
• ASP makes information available to customers via the Internet or a “thin client”
• ASP bills on a “per-use” basis or on a monthly/annual fee

3. Benefits of adopting ASP Model: Cost & Resource Savings. When companies take an e-learning initiative in-house, the focus often becomes the technology, not the learning. It’s the technology that costs money and needs constant care. The ASP model allows an organization to concentrate on its core competencies—what it’s in business to do—and not divert key resources from revenue- generating tasks.
 Focus. The ASP solution allows management in an organization to focus on core business activities—not technology issues. When that portion is outsourced, the focus stays on the business.
 Technical Support. All user and administrative support issues, troubleshooting and technical upgrades are handled by the ASP.
 24/7 Accessibility. The ASP solution enables everyone in your organization to choose the time and place that’s right for them to access business solution, so solution is available anytime, anywhere—all that’s needed is an Internet connection.
 Just-In-Time (Immediate) Access. The ASP model makes business solution available within minutes of a user determining a need for the information.

 Reduced Capital Expenditure—an application service provider can free you from capital investments, upgrade and ongoing management costs. Enjoy state-of-the-art applications without the expense of extensive application development costs or whole-scale upgrades to hardware and networks. Escape costly hardware/software upgrade cycles and take total control over the cost of technology ownership.
 Broad Reach—Provide consistent applications to your organization’s branch offices, mobile workers and telecommuters and bring together widely dispersed geographic locations across diverse platforms.
 Predictability—ASPs offer higher and more reliable performance levels than most organizations can achieve themselves: guaranteed network uptime, higher levels of security, and greater scalable network storage.
• Pay-as-you-go: An ASP will be likely to charge you a monthly rental which can help spread the costs.

4. Disadvantages of Adopting ASP Model: The client must generally accept the application as provided since ASPs can only afford a customized solution for the largest clients
 The client may rely on the provider to provide a critical business function, thus limiting their control of that function and instead relying on the provider
 Changes in the ASP market may result in changes in the type or level of service available to clients
 Integration with the client’s non-ASP systems may be problematic
 Evaluating an Application Service Provider security when moving to an ASP infrastructure can come at a high cost, as such a firm must assess the level of risk associated with the ASP itself. Failure to properly account for such risk can lead to:
o Loss of control of corporate data
o Loss of control of corporate image
o Insufficient ASP security to counter risks
o Exposure of corporate data to other ASP customers
o Compromise of corporate data

 Performance: If you have a dial-up modem then the speed is unlikely to be satisfactory for all but the most basic applications. You need to be looking at ISDN, ADSL or leased lines for good performance, all of which cost more. Communication costs. The on-going phone/leased line charges. And the likelihood you will need ISDN lines or faster , and the costs for that.

 Continual payments: If you stop paying your monthly fee then you won’t be able to use the application any more, whereas with software you buy, once you have bought it then it is yours to keep. (It might also be the case that after some time you will have paid more by renting the software than you would have done if you had bought a package, but this depends on each situation, and you do need to consider the TCO).

 Not having data in-house: This is probably a conceptual issue rather than a true disadvantage but it might be important to some organizations. In many instances, to all intents and purposes, you can use your data in the same way as if it was in-house. It does mean you are reliant on the ASP ensuring their hardware is always available and you should discuss how they manage possible hardware failures (and fault tolerance). See also issues on Security below.

 Communication breakdowns: It is possible, although more unlikely these days, that you could find you are unable to connect to your ASP if there is a problem with your communication links.

 Security: Both in terms of having your data held away from your offices and as far as stopping security violations of your communications links. At the extreme, you have to decide if you would be happy running a ‘mission critical’ application through an outside organization.

 The ASP may be unable to provide the level of service committed because of technical, labor, financial, or other problems

5. ASP Model Implementation:
There are many implementation technologies for ASP Model via application hosting or application virtualization.
Following are some major players of this domain.
 XenApp by Citrix
 Terminal services by Microsoft
 Sun Secure Global Desktop by Sun

5.1. Citrix XenApp (formerly Citrix MetaFrame Server and Citrix Presentation Server) is an application virtualization/application delivery product that allows users to connect to their corporate applications. XenApp can either host applications on central servers and allow users to interact with them remotely or stream and deliver them to user devices for local execution.

5.1.1. Citrix XenApp Architecture
Citrix XenApp™ is an on-demand application delivery solution that centralizes application management in the datacenter and delivers applications as an on-demand service to users anywhere using any device. Utilizing integrated application virtualization and session virtualization technologies, XenApp overcomes the challenges associated with historic application deployment methods to reduce the cost of application management by up to 50 percent, deliver applications instantly to users and secure application access. Single instance management
To simplify application management, Citrix XenApp stores application packages on centralized network storage. Compared to traditional application deployment which requires multiple application packages to support many diverse user configurations, application management with XenApp requires only a single package for each application. Application packages created with XenApp contain all of the necessary information for delivery to any supported operating system. Once packaged, XenApp utilizes application streaming to deliver applications to target devices, whether they be user PC’s or XenApp hosting servers. To this end, XenApp also simplifies the deployment, configuration, and maintenance of hosting servers via integrated server image management. With single image server management, XenApp can provision additional application hosting capacity in the time it takes to boot a server. Furthermore, XenApp updates and upgrades can be rolled out to all servers with a simple reboot. Single instance management greatly simplifies application management and makes XenApp the most efficient and dynamic application delivery system in its class. Self-service application delivery

With Citrix Dazzle, ussers subscribe to the applications they need from a simple enterprise app storefront. When users request an application, XenApp determines the best delivery method for the application in real-time. If the user has the correct Receiver software, security profile, and meets pre-determined network, hardware, and application requirements, then XenApp utilizes local application delivery. With local application delivery, XenApp uses application streaming to deliver the application into an isolated environment on the user’s PC. This form of delivery uses the PC’s local computing resources to run the application and enables users to take applications with them even while they are disconnected from the network. Alternatively, if XenApp determines that the users device cannot run the application locally, then XenApp falls back to session virtualization. With session virtualization, XenApp uses application streaming to deliver the application to hosting servers and connects the user to a remote session running their application. This form of delivery uses datacenter resources to run the application and enables users to access applications from anywhere. On-demand application delivery makes it possible for XenApp to deliver applications with the highest level of application compatibility to any device while ensuring the most optimal performance and user experience. Any device, anywhere
XenApp surpasses traditional application deployment solutions by utilizing application virtualization technology to deliver any application to any device. Citrix Receiver and Receiver plug-ins enable application delivery to Windows, Mac, Linux and even UNIX devices. Over 20 manufacturers such as HP, Wyse, and iGel include XenApp plug-in software in their thin-client and access device products. Even users on iPhone, iPod Touch, Windows Mobile, Symbian and EPOCH devices can access Windows and UNIX applications delivered via XenApp. The ability to deliver any application to any device, anywhere makes XenApp the most complete application management solution on the market today. High definition experience
XenApp has been built to ensure the best experience and performance for users regardless of their device, operating system or connection. For applications delivered to the user’s local device, HDX IntelliCache accelerates initial application deployment and optimizes application communications. For applications hosted on servers, HDX MediaStream, 3D, RealTime, IntelliCache and Broadcast technologies work together to orchestrate the most optimized computing experience – even over high latency connections. In fact, regardless of the delivery method used, application management with XenApp enables a better-than-installed user experience when compared to traditional application deployment and installation. This is accomplished by preserving the “like-installed” computing experience that users are accustomed to while enhancing application portability, security and function. For example, the EasyCall voice services technology included with XenApp enables Voice over IP dialing and call conferencing capabilities to be integrated into any application without custom development. Furthermore, integrated profile management software ensures that user, application and environment settings remain consistent as users roam between devices and operating systems. This extensive portfolio of application virtualization, performance and delivery optimization technologies make XenApp the only application management solution capable of delivering a high definition user experience to any user on any device. Secure by design
Centralized application management is the most secure architecture for delivering applications. With session virtualization, XenApp keeps data in the datacenter while only screen updates, mouse clicks and keystrokes transit the network. As an extra added security measure for leveraging applications through either session virtualization or application virtualization technologies, centralized password control, multi-factor authentication, encrypted delivery and a hardened SSL VPN appliance eliminate the chance for loss or theft of data. Built-in configuration logging and SmartAuditor technology enable IT to track system changes and even record user activity into a video file to keep a visual record of system and application use for security and litigation purposes. Application management with XenApp increases application portability and user productivity while ensuring data security and IT access control. Enterprise class scalability

As an enterprise class infrastructure for application management, XenApp can support implementations with as few as 2 servers or scale on-demand to support multiple data centers, thousands of users and multiple sites throughout the world. In fact, as the most mature on-demand application delivery solution on the market, XenApp is proven to support more than 70,000 users, scale beyond 1,000 servers in a single implementation and ensure 99.999 percent application availability. This scalability is made easy with integrated XenServer virtualization technology and provisioning services. When used together, they enable IT to scale their XenApp server farm to support thousands of new users on-demand. Built in load testing, performance monitoring and activity logging tools help IT to size their infrastructure correctly, monitor usage and performance, scale when needed, resolve issues quickly, and even pinpoint malicious behavior. This enterprise-class foundation enables IT to meet service level agreements and quickly respond to business and user needs. With XenApp, corporate IT teams finally have the global, scalable, end-to-end application management solution that IT has been looking for.

5.1.2. Citrix XenApp Features & Benefits Deliver applications on-demand to any user anywhere

Citrix XenApp™ is an on-demand application delivery solution that reduces the cost of Windows® application management by up to 50%.
XenApp enables IT to centralize and manage a single instance of each application in the datacenter and deliver them to users for online or offline use, while providing a high definition experience. It revolutionizes Windows application management by virtualizing applications and delivering them as a centralized on-demand service to any user anywhere on any device.
Calculate your own savings using our free ROI calculator and explore the features below to learn more about how virtualizing applications with XenApp can help your business reduce costs, ensure security and increase user, IT, and business performance and productivity. Self-service delivery of your virtual applications
System intelligence automatically determines the best method for delivering virtual applications as an on-demand service to users through a personalized adn easy-to-use self-service storefront. Access virtual applications from any device, anywhere
Users can simply and securely access virtual applications instantly with a consistent experience regardless of location or device. In fact, XenApp can deliver any Windows application to any of over 30 client operating systems including Mac and even the Apple iPhone. Ensure a high definition user experience
Virtualizing applications with Citrix XenApp delivers a high performance, high definition user experience from any device, on any network – even for graphic-rich and multimedia content. Users are assured of a seamless experience with zero downtime and higher overall productivity. Secure architecture, secure delivery, secure by design
Centralized application management is the most secure architecture for delivering applications. With session virtualization technology, data remains in the datacenter while only screen updates, mouse clicks and keystrokes transit the network. Centralized password control, multi-factor authentication, encrypted delivery and a hardened SSL VPN appliance eliminate the chance for loss or theft of data. Single instance server and application management
Virtual application packages and server images are stored, maintained and updated once in the datacenter and delivered on-demand. This simplifies system and application management, improves application compatibility and makes it easy to provide real-time updates to users. Enterprise class application management
XenApp is proven to support more than 100,000 users, scale beyond 1,000 servers in a single implementation and ensure 99.999 percent application availability. The enterprise-class foundation coupled with centralized application management, monitoring and automation tools enable rapid response to business and user needs.

5.2. Terminal Services:Remote Desktop Services in Windows Server® 2008 R2 provides technologies that enable users to access Windows-based programs that are installed on a Remote Desktop Session Host (RD Session Host) server, or to access the full Windows desktop. With Remote Desktop Services, users can access an RD Session Host server from within a corporate network or from the Internet.

In Windows Server 2008, Terminal Services introduced RemoteApp programs, which are programs that are accessed remotely through Remote Desktop Services and appear as if they are running on the end user’s local computer. In Windows Server 2008 R2, Remote Desktop Services provides administrators the ability to group and personalize RemoteApp programs as well as virtual desktops and make them available to end users on the Start menu of a computer that is running Windows® 7. This new feature is called RemoteApp and Desktop Connection.
RemoteApp and Desktop Connection provides a personalized view of RemoteApp programs, session-based desktops, and virtual desktops to users. When a user starts a RemoteApp program or a session-based desktop, a Remote Desktop Services session is started on the Remote Desktop Session Host (RD Session Host) server that hosts the remote desktop or RemoteApp program. If a user connects to a virtual desktop, a remote desktop connection is made to a virtual machine that is running on a Remote Desktop Virtualization Host (RD Virtualization Host) server. To configure which RemoteApp programs, session-based desktops, and virtual desktops are available through RemoteApp and Desktop Connection, you must add the Remote Desktop Connection Broker (RD Connection Broker) role service on a computer that is running Windows Server 2008 R2, and then use Remote Desktop Connection Manager.
In Windows 7 and Windows Server 2008 R2, you configure RemoteApp and Desktop Connection by using Control Panel. After RemoteApp and Desktop Connection is configured, RemoteApp programs, session-based desktops, and virtual desktops that are part of this connection are available to users on the Start menu of their computer. Any changes that are made to RemoteApp and Desktop Connection, such as adding or removing RemoteApp programs or virtual desktops, are automatically updated on the client and on the Start menu.
Users can use the new RemoteApp and Desktop Connection notification area icon to:
• Identify when they are connected to RemoteApp and Desktop Connection.
• Disconnect from RemoteApp and Desktop Connection if the connection is no longer needed.
Administrators can create a client configuration file (.wcx) and distribute it to users within their organization so that the user can automatically configure RemoteApp and Desktop Connection. Administrators can also write and distribute a script to run the client configuration file silently so that RemoteApp and Desktop Connection is set up automatically when the user logs on to their account on a Windows 7 computer.
5.3. Sun Secure Global Desktop (SGD):
software provides secure access to both published applications and published desktops running on Microsoft Windows, Unix, mainframe and System i systems via a variety of clients ranging from fat PCs to thin clients such as Sun Rays.
A large range of client devices can be used to connect to a Secure Global Desktop Server, including Microsoft Windows PCs, Solaris desktops, Apple Macintoshes, Linux PCs, thin clients such as those from Sun and Wyse, and mobile devices. The only requirement on the client side is a Web browser with a Java Runtime Environment installed.
A client device connects to the Secure Global Desktop Server either via a supported Java-enabled browser or via Native Client software (this “native client” can be downloaded from a SGD installation’s login page, i.e. instead of logging in and letting the Java applet handle the connection automatically for you, you could instead do it manually by downloading this “native client” from the SGD main login page, install it locally, and then launch it and connect via this). When you connect via a browser the first time as a client, the SGD client (the client-side of the aforementioned Java component) is downloaded so you can then SSL encrypt your connection. Browsers officially supported are Mozilla Firefox, Internet Explorer, and Safari, but other browsers might work too for as long as they have access to a working Java-plugin. The latest Java Runtime Environment is recommended but at least version 1.5 is required.
The Desktop Client connects to the Secure Global Desktop Server via the Adaptive Internet Protocol (AIP). AIP is bandwidth and latency aware and can adjust compression and performance dynamically on links as diverse as a 56K modem or a 100Mb LAN.
Session Resumability and Mobility is a feature allowing remote access to desktop applications from essentially any Java-enabled browser in the world. This makes it possible to run applications in one’s office, then go to another location such as a customer site or one’s home and transfer your existing desktop session to a computer there.
Centralisation is an important feature for organizations concerned with secure data being stored on remote devices such as notebook computers, and the associated risk for theft of the device and its data. Applications accessed via SGD run in the centralised server room, meaning that all data is backed up and secured via the normal datacenter practices of the organization. There is a potential for increased performance and effiiciency, since the actual computation is performed on larger systems with more resources; centralisation also makes resources considerably easier to manage.
Applications can be assigned to users or groups of users using the Object Manager which can automatically present new applications to users dynamically without them needing to log out. Profiles can be created to group similar types of users; these profiles control the applications that a logged-in user is allowed to use. When a new application or an upgrade to an existing application is required, an administrator can just push these changes out to the users. This simplifies Desktop SOE migrations.
SGD’s password caching feature, authentication tokens, and ability to integrate with Active Directory and LDAP gives it the ability to easily set up single sign-on to applications: a user logs into SGD once, and then can run applications without having to perform an additional login—even if there are usernames and passwords used for the different back-end applications.
With the same SGD infrastructure one can host an organisation’s internal desktop applications, but also be able to access desktop applications remotely without the need for expensive VPN solutions. The Firewall Traversal Feature makes it possible to put an application server in an organisation’s DMZ with only port 443 (HTTPS) accessible from the outside world. An SGD server can be accessed via HTTP or HTTPS.
SGD also integrates with the Sun Java System Portal Server making it possible to deliver desktop applications via a Secure Portal using a Portlet, including the ability to mail, calendar and other Portal features.
Sun Java System Identity Manager can also be used to manage all user accounts and passwords via one webform, including integration of LDAP, Active Directory, Oracle or other commercial or home-grown access control repositories.

6. Conclusion: ASP Model can reallly be use full when planning for PCMS for small size clients. As application on rental basses can be very cost effective.
 After comparing SGD,terminal services and XenApp , it is concluded that Terminal services in Windows server 2008 has a very nice feature of Remte Apps, which can provide an option to host application on termical services sever and application can be run at client end with out installing.
 A POC is required to deploy PCMS as Remote App and find out limits if there are any.
 Operatioal cost secpially maintanance of server of ASP Modal can be very high and problematic,so reliable hosting company can serve to host application at their Data center.
 A comparative analysis of hosting services by top hosting service providers is required.


ASP Modal Hosting providers:

Terminal Services:

Citrix XenApp

Sun Secure Global Desktop: