Java IoT Authors: Elizabeth White, Liz McMillan, Yeshim Deniz, Zakia Bouachraoui, Pat Romanski

Related Topics: Java IoT

Java IoT: Article

Create A Foundation

Create A Foundation

As most of you reading this article know, the application server market is growing and every company, large or small, can visualize the benefits an application server infrastructure could bring to their organization. But why then, even with the vast amount of benefits available, have companies not adopted an application server as the foundation for their organization?

The reason is they're making it more complex than it really is. Though it's by no means a small chore, it is a large puzzle, but one that can be pieced together by maintaining focus. The focus should be on the three major inherent benefits an application server infrastructure will bring to a company.

  • Scalability: The ability to meet system demands
  • Robustness: Confidence in being efficient, stable, and proven
  • Security: The competence to reduce loss of information and quash customer fear
To remain focused on these benefits that will create the foundation for your application server infrastructure, you must continue to answer three simple, yet complex, questions:
  • Who is the target audience?
  • What is the agreed or implied level of service expected?
  • What level of security must you maintain in your environment?

These questions can usually be answered definitively, but only for a certain point in time. Therefore, to ensure that you maintain a strong foundation, your company must revisit these questions to keep up with a moving target. Every time you pose these questions to your organization there will most likely be negotiation and compromise, but remember that a solid foundation is a balanced one. Keeping this in mind, let's discuss three application server infrastructure models that your company could use: development, small-business, and enterprise.

Development Model
The development model is an all-in-one solution, literally. The Web server, the JSP engine, and the application server all run on the same box. Though this model works, it tends to construct more roadblocks than remove them. The only positive argument is a financial one. It's cheap and your company only has to invest in one piece of hardware and in a limited amount of CPU- or MHz-priced software licenses to house and run the different pieces of the infrastructure mentioned above.

Because everything runs on one box, points of failure begin to compound as the development model is built. First, there's no contingency for software or hardware redundancy. Without Web server redundancy, should the Web server go down, there's no point of entry into the application(s), given the premise that these are browser-based application(s).

This same theory applies if the application server software process should fail, but with even more severe consequences. Instead of just affecting browser clients, all the application(s) become unusable, therefore disabling all supported client models for the affected application(s). Not only is this model risky on the surface, the risk is compounded by the high memory and I/O intensive processes these servers place on one piece of hardware. These discrepancies directly impact an infrastructure's ability to be scalable and reliable.

In addition, this model lacks any implementation of a firewall. As a result, there's no allowance for a demilitarized zone, which makes this infrastructure highly vulnerable to hackers. Security must come from either a custom authentication application or utilization of the application server vendor's security protocols. Though vulnerable and maybe not the most scalable or robust application server infrastructure, this configuration is a solid and cost-effective development environment. It could even be run as a successful departmental infrastructure designed to serve a small target audience that expects a reasonable level of service, and requires minimal security.

Small-Business Model
A small-business model divides tasks among multiple pieces of hardware to gain high throughput and redundancy capabilities. In this configuration, the Web server and the application server have been separated, and the JSP engine can reside with either one based upon the chosen vendor's software ability to integrate a JSP engine into their respective product. Though to get the highest reliability, scalability, and security, the JSPs should be run within your application server in order to take full advantage of the inherent pooling and security mechanisms provided. This is the most common model used when companies choose to build an application server infrastructure. The popularity of this model is a direct result of a balance of maintaining scalability, robustness, and security with the financial impact of purchasing and supporting additional hardware.ebugMode(). Therefore, all code enclosed within if (DEBUG){...} is compiled.

The first and most obvious benefit of separating the Web and application server processes across at least two pieces of hardware is that you now have the ability to implement a firewall between the two. This provides your organization and customers with the necessary security to protect both entities in the e-business space. A second benefit of this model is that you alleviate the stress placed on the "all-in-one" or development model of those high I/O and memory-intensive processes by splitting them across separate pieces of hardware. As a result, your infrastructure eliminates the Web and application server processes from "stepping" on each other, thereby greatly reducing the possibility of the aforementioned catastrophic failure. Finally, this configuration allows your organization to easily scale your infrastructure to meet system demands. Ease of scalability directly stems from the inherent increase in manageability and the ability to monitor with finite precision the appropriate Web or application server process.

With this enhanced sense of infrastructure awareness your organization can remove the finger of blame being thrown around between the two processes, which usually correlates directly to organizational structure, and focus on solving the problem rather than discussing whose problem it is. By concentrating on the issues, your organization will be able to react to a projected or actual loss of level of service by bringing online only those additional server resources that are required.

The drawbacks to the small-business model are financial and security. There's an increased financial burden in terms of the additional capital expenditures of hardware and the manpower to maintain these systems. In terms of security, even though this model incorporates a firewall, it does not build a demilitarized zone required by some organizations. But by maintaining the focus on our target audience of a small business, most do not require such a strict security construct. Despite these facts, the small-business model is a proven one and has been shown to balance fiscal responsibility with an ability to be highly scalable, robust, and secure.

Enterprise Model
Now we come to the granddaddy of the infrastructure models, the enterprise model. The enterprise model is the one that every company strives to achieve, but can't always afford. This model is often large and complex, and therefore places a high fiscal demand on a company, which must be taken into consideration. Though theoretically there is only a single hardware addition of a firewall between the application server and the database, the complexity of being able to manage this behemoth grows exponentially because it usually involves multiple clusters and redundancy.

This growth affects your bottom line by dramatically increasing your need for manpower to manage and monitor this infrastructure. In addition, there's the additional hardware cost of adding a firewall. With this said, and though these costs can be significant, most organizations that are in the enterprise space already know that in order to play, you must pay.

The benefits this model brings to an organization are simple. It incorporates and provides the same level of high reliability and scalability that the small business model would, but wraps a stringent security framework around the application server infrastructure. By adding this security "wrapper," the enterprise model creates the highly sought-after demilitarized zone. This is a transition zone from one world to another, or from the Internet to inside your organization, which allows only certain protocols on specific listeners to enter into your environment. An enterprise model provides a company with the most scalable, robust, and secure infrastructure available that can serve any space, provided your organization can justify the financial costs.

As presented, these models hinge not only on the technical aspects of scalability, robustness, and security, but have a high dependency on financial requirements. This is emphasized in no short order due to the "dot-bombs" that have fallen by the wayside lately. Yes, some of the companies were doomed from the start, but most did not plan and build a scalable infrastructure that was fiscally feasible. Because even for "techies" this is a reality, and I thought it important that you know not only how to build your company's application server infrastructure, but that you also have some understanding of the financial investments required to implement this foundation.

In closing, keep your eye on the ball while you build and maintain an application server infrastructure by continually revisiting and focusing on:

  • Who is the target audience?
  • What is the agreed or implied level of service expected?
  • What level of security must you maintain in your environment?

More Stories By Matt Creason

Matt Creason is a system consultant with the Internet Applications Division of Sybase, Inc. He is a
current member of the IEEE and the IEEE Computer Society.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

IoT & Smart Cities Stories
IoT is rapidly becoming mainstream as more and more investments are made into the platforms and technology. As this movement continues to expand and gain momentum it creates a massive wall of noise that can be difficult to sift through. Unfortunately, this inevitably makes IoT less approachable for people to get started with and can hamper efforts to integrate this key technology into your own portfolio. There are so many connected products already in place today with many hundreds more on the h...
SYS-CON Events announced today that IoT Global Network has been named “Media Sponsor” of SYS-CON's @ThingsExpo, which will take place on June 6–8, 2017, at the Javits Center in New York City, NY. The IoT Global Network is a platform where you can connect with industry experts and network across the IoT community to build the successful IoT business of the future.
CloudEXPO New York 2018, colocated with DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settlement products to hedge funds and investment banks. After, he co-founded a revenue cycle management company where he learned about Bitcoin and eventually Ethereal. Andrew's role at ConsenSys Enterprise is a mul...
DXWorldEXPO | CloudEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
Disruption, Innovation, Artificial Intelligence and Machine Learning, Leadership and Management hear these words all day every day... lofty goals but how do we make it real? Add to that, that simply put, people don't like change. But what if we could implement and utilize these enterprise tools in a fast and "Non-Disruptive" way, enabling us to glean insights about our business, identify and reduce exposure, risk and liability, and secure business continuity?
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering Cloud Expo and @ThingsExpo will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at Cloud Expo. Product announcements during our show provide your company with the most reach through our targeted audiences.
DXWorldEXPO LLC announced today that Telecom Reseller has been named "Media Sponsor" of CloudEXPO | DXWorldEXPO 2018 New York, which will take place on November 11-13, 2018 in New York City, NY. Telecom Reseller reports on Unified Communications, UCaaS, BPaaS for enterprise and SMBs. They report extensively on both customer premises based solutions such as IP-PBX as well as cloud based and hosted platforms.
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitoring and Cost Management … But How? Overwhelmingly, even as enterprises have adopted cloud computing and are expanding to multi-cloud computing, IT leaders remain concerned about how to monitor, manage and control costs across hybrid and multi-cloud deployments. It’s clear that traditional IT monitoring and management approaches, designed after all for on-premises data centers, are falling short in ...
The deluge of IoT sensor data collected from connected devices and the powerful AI required to make that data actionable are giving rise to a hybrid ecosystem in which cloud, on-prem and edge processes become interweaved. Attendees will learn how emerging composable infrastructure solutions deliver the adaptive architecture needed to manage this new data reality. Machine learning algorithms can better anticipate data storms and automate resources to support surges, including fully scalable GPU-c...