GWA WINES – Order Placing SystemSolution Proposal

CHAPTER 6
PRELIMINARY ANALYSIS

AND

SOLUTION DETERMINATION

ORDER PLACING SYSTEM

Prepared for:

GWA WINES

250 Yonge Street

Toronto, Ontario

Prepared by:

T.B.F.I. Ltd.

2560 Kingston Rd.

Scarborough, Ontario

M1M 1L8

November 19, 2001

October 11, 20181Chapter 3 Proposal.doc

GWA WINES – Order Placing SystemSolution Proposal

CHANGE HISTORY

Revision
# / Date / Changes / Comments

November 20, 2001 T.B.F.I. Ltd.

1

GWA WINES – Order Placing SystemSolution Proposal

T A B L E O F C O N T E N T S

1.0OVERVIEW...... 3

1.1OBJECTIVES...... 3

1.2IMPLEMENTATION MANAGEMENT...... 3

2.0PHASE ONE...... 4

2.1AREAS TO BE ADDRESSED...... 4

2.2HARDWARE...... 4

2.3SOFTWARE...... 4

2.4ORGANIZATION...... 4

2.5PHASE ONE SOLUTION...... 5

3.0PHASE TWO...... 7

3.1AREAS TO BE ADDRESSED...... 7

3.2SOFTWARE...... 7

3.3ORGANIZATION...... 7

3.4TOTAL SOLUTION...... 7

4.0SUMMARY...... 12

5.0APPENDIX A...... 13

1.0OVERVIEW

This Proposal is a solution for the additional functionality and improvement of the existing systems. At this time the only existing system is an extensive order processing and tracking system. This system was written for the placing of orders locally by hand and then entered into the system, for those purposes it works very well. However at this time GWA Wines, like many other companies, have created a problem due to their recent national success. GWA Wines has been bottling the finest wines in the Portland area for more than 50 years. Until now it has been largely a local phenomenon, but since it was recently honoured as a top American vineyard by a national magazine. The company’s owner spoke to the winner of last year’s winner and that vineyard rose from number 315 in the country to number 11. because of this they expect much more national attention.

The main problem that will be addressed is scalability. Whether the solution can give the company the flexibility in which it can grow and at the same time be easily scaled to that growth. The questions of response, future maintenance and the new solutions extensibility will also be addressed. At this time the GWA stands for “goes with anything”, but this solution will transform it to “Get Wine Anywhere”.

1.1Objectives

The objective of this proposal is to have a complete and integrated solution that can be implemented given the constraints of the company. The main objectives are as follows:

  • A solution that will allow the company to grow to its full potential.
  • A solution that is scaled to the needs of the company.
  • A higher level of system availability.
  • Provide a high level of over-all Security.
  • An Increase in the current performance levels
  • A properly maintained system.
  • A solution that will can grow in functionality with the growing needs of the company.

1.2Implementation Management

Please note that Gary Gauthier is the Implementation Manager for this project. He will ensure that the project is successfully implemented. He will be responsible, during the implementation, for any decisions for the backout of the changes if required. These decisions will be based upon the recommendations of the project team.

This will be a 2 phase implementation. The first phase will be the creation of a basic web site with the companies history and awards and a site availability page for users to get an update on what to expect and when. The second phase will be the full solution that will address all existing and future concerns. It will be built using the phase one implementation as its location.

2.0 PHASE ONE

2.1AREAS TO BE ADDRESSED

In this phase we will be concentrating on creating a basic web site that will allow us the one month necessary to allow the search engines spiders find and register our location with them. The following areas must be addressed whether it is with upgrades to existing items or new items.

2.2HARDWARE

  1. Upgrade existing Operating Systems on PC’s to Windows 2000 or Windows NT 4.0.
  2. Designate one PC as a system administrator’s PC and install Windows 2000 Advanced Server or Windows NT workstation on it.
  3. Purchase 1 Server with One Intel® Pentium® III processor at 1GHz, 133MHz Front Side Bus, 256KB Level 2 cache (full processor speed), 2GB 133MHz ECC SDRAM (ECC memory is a type of memory that includes special circuitry for testing the accuracy of data as it passes in and out of memory), 3 60GB 7200 RPM ATA100 EIDE Hard Drives and internal 100T DDS4 tape drive (40GB) for backups.
  4. The acquisition of a domain name where the site will be located.

2.3SOFTWARE

  1. Setup the new server as a Windows NT or Windows 2000 server.
  2. Purchase COM Transaction Integrator (COMTI) and install it on the new server.
  3. Install Microsoft Transaction Server (MTS) on the new server.
  4. Purchase an encryption software such as the RSA Encryption.
  5. Purchase Microsoft SQL Server and install it on the new server.
  6. Upgrade existing IT development software to Microsoft Visual Studio Enterprise.

2.4ORGANIZATION

  1. Creation of the basic business and Security rules that will be applied toward all transactions that will flow thru the new infrastructure.
  2. A comprehensive training program will be created and put in place for the in-house training of all staff as to the new security systems, new applications and new hardware.
  3. Someone is to be designated or hired as the System/Security Administrator.
  4. For speed in the development and implementation of this project there will be a need to contract out some of the work. However the need for full-time staff to be involved thru out both phases is of up-most importance. When the total solution is in place the knowledge base must reside in-house for proper ongoing maintenance to occur.

2.5PHASE ONE SOLUTION

  1. The following illustration shows the three-tier client/server model that will be used for GWA Wines.

Illustration 1.0

This illustration shows communication between the new Server, configured as either a Windows 2000 or a NT server. Microsoft Internet Information Server (IIS) web server software, utilizing HTTP (Hypertext Transfer Protocol) to deliver World Wide Web documents. It incorporates various functions for security, allows for CGI programs, and also provides for Gopher and FTP services will be used as the communication software between the Internet and the new server. A Microsoft product named COMTI provides the translation bridging between the new server and the IBM AS400 where the database is located.

  1. The best communication solution is a Synchronous Communication model. This will make sure that any transactions made in the future by customers will be confirmed. If a problem was to arise the system it will inform the customer immediately of it.
  2. With the hardware and software installed as in illustration 1.0 we will create a secure three-tiered infrastructure that will be used in all aspects of the total solution. In phase one it will only be used to create a basic web site with no connection to the data base. To deal with security concerns the new infrastructure will use a combination of new business rules, Windows NT authentication mechanisms and MTS security and IIS security. Because there will be an external way of accessing the companies databases the risk is higher and proper security must be put in place. The new business rules will be instituted for all internal passwords. Some will be as follows:
  • Each password must be 8 characters long.
  • Each password must contain a minimum of 2 numeric characters.
  • No password cannot start with a number.
  • No password can have numbers together.
  • Each password will be valid for only a period of 30 days.
  • You cannot use the same password within a 12 month period.

The new System/Security Administrator will be auditing the network on a regular basis. All transactions that are done over the Internet and dealing with e-commerce are to be encrypted before sending and decrypted at the receiving end via the new encryption software. Overall security will be a mixed format using IIS and NT authentication mechanisms being passed to the middle tier where MTS security packages will be setup. All business logic will be separated and placed into the middle tier (MTS). Users will not have direct access to the database from their application. Instead, they access the components running in MTS. The MTS components then access the database and perform updates or retrievals on behalf of the users. By doing this we split security into two types. The first type is application security. Application security involves authorizing users for access to the application code, or MTS packages. You implement application security in the middle tier by using MTS. The second type is data security. This involves authorizing the various MTS packages for access to the database. You implement data security in the data services tier by its security software. The illustration 1.1 shows how security works in a three-tier application. Application security involves authorizing users access to specific components and interfaces in MTS packages, limiting their capabilities. Thus, you map users to theapplication functionality that applies to them. Audit reports will be written and sent to the System/Security Administrator via email daily and a real time watch dog system will also be put in place to detect security breaches as soon as they occur.

Illustration 1.1

  1. Due to time zone differences the system will now become available 24 hours a day.

3.0PHASE TWO

3.1AREAS TO BE ADDRESSED

To create a viable overall solution the following areas must be addressed whether it is with upgrades to existing items or new items.

3.2SOFTWARE

  1. Purchase of Microsoft’s Systems Management Server (SMS).

3.3ORGANIZATION

  1. All code for all systems will be written using Visual Basic as components using Microsoft’s Enterprise technology.
  2. An integrated Order Placing System will be written and implemented using Distributed Component Object Model (DCOM).
  3. A comprehensive training program will be created and put in place for the in-house training of all staff as to the new security systems, new applications and new hardware.
  4. Because the system availability will now need to be 100% the maintenance procedures will need to be scheduled around the clock.
  5. There will also be a need to have a variety of senior IS people should also be on-call in order to cover any major problem that may occur. These people should also have remote access with a system generated password that changes after it has been used, and must be given out by the System/Security Administrator.

3.4TOTAL SOLUTION

Because we are creating a combined Internet/Corporate three-tier client/server solution the following features will be included in the Enterprise Development Strategy:

  • Internet computing

Enterprise solution that exploits the communication capabilities of the Internet, while providing end users with the flexibility and control of client-computer applications and technologies. For example, ActiveX controls are COM components that you can insert into a Web page or other application to reuse packaged functionality that has been previously developed. Scriptlets are Web pages based on DHTML (Dynamic Hypertext Transfer Protocol) that you can use as a control in any application that supports controls.

  • Interoperability

Develop new applications that work with existing applications and extend those applications with new functionality.

  • True integration

Deploy scalable and manageable distributed applications with key capabilities such as security, management, transaction monitoring, component services, and directory services. Products and technologies such as SQL, MTS, Windows NT, and COM provide these services.

  • Lower cost of ownership

Develop applications that are easier to deploy and manage, and easier to change and evolve over time.

  • Faster development time

Achieve all of the above using an integrated set of development tools.

  1. Because of the use of Component technology all application updates can be implemented without a need for a maintenance interruption of services.
  2. The use of MTS reduces those costs because it provides centralized, multi-user functionality. The illustration 1.1 shows how the solution will look when completed. It will be a three-tier client/server architecture with the addition of MTS as the application infrastructure.
  3. For the distribution and maintenance of the application systems Microsoft’s Systems Management Server (SMS) will be used. SMS writes modifications directly to the target computer. It allows you to automate the following:
  • Update a large number of computers requiring maintenance upgrades.
  • Update multiple pieces of software required in upgrade.
  • Allows fairly simple, repetitive tasks like those found in upgrades to be done.
  • It has reliable network connectivity.
  • It uses limited human technical resources.
  • Works best in a Homogeneous, Microsoft-based computing environment.
  1. The system will be configured to update the computers as soon as they are booted up. The servers can be updated at anytime.
  2. As mentioned earlier the main application system will be an integrated Order Placing System. This system will be running in a real-time mode. The customer will be able to look at all data relevant to them via our database. When a customer goes to the new web site the home page will include links to site pages like:
  • Our Tradition – History of the GWA Wines.
  • How to find us – Location of GWA Wines.
  • Take a tour of the Winery – Photos and descriptions for a virtual tour including vineyard.
  • Map of the Winery – Layout of the winery.
  • The Facilities – Pictures and descriptions of the facilities.
  • The Area – History and brief tour of the area.
  • The Staff – Photos names, titles and job description.
  • How to contact us – Email address, Phone numbers and mailing address.
  • What’s New – A page for new wines, site features, anything like that.
  • Our Wine Catalog – A full pictorial catalog with description, price and sizes available.
  • Online Shopping - A link to the Logon page.
  • and possibly Gift packages – i.e. anniversary, wedding, birthday and Christmas baskets (1 bottle of wine, 2 glasses in a basket).

All of these pages will be unsecured with the exception of the Online Shopping and Gift Packages. When the link is clicked on it will take the user to a secure Logon On page. If they have been to that part of the site before they will enter their email address as an id and a password and it will take them to their own Orders page. If they have never been to the site before they will click on a setup id and password screen. Once completed it will take them to their own Orders page.

The individual Orders page will be made up of four links to the main pages View Cart, Wish List, Your Account and Help. There will also be a search engine available that lists wines by category. The search will retrieve all wines in that category. The list will include the wines statistics, short description, sizes available and prices. The Orders page will also welcome the customer back by name. It will display in the middle of the page the status of any orders already made. On the left it can display possible gift suggestions and the status of the Shopping Cart. On the right possible suggestions based on what they have selected before. The Shopping Cart page will show the item that has been chosen and the name will be a hyperlink to the catalog, the individual price, the number ordered and the total price of item ordered. It will also display a final total of items ordered and price. There will be the following buttons on the page a Remove Item(s), Empty Basket, Place Order. To remove an individual item there will be a selection box that can be clicked on next to each item, once selected click on Remove Item(s) button. When the Place Order button is clicked the application will check to see if you have ordered before the determination of the prior ordering will branch the customer in one of the following ways:

  • If the customer has not ordered from GWA in the past the customer will be lead thru a series of pages Customer Information, Billing Address, Delivery Address, Credit Card Information and a final Purchase Order page. All of the above pages will flow into each other. The name gathered from 1st page will be used for the personalization of all pages, the billing address will be forwarded to the delivery address page and displayed at the top of the page. If the two addresses are different the delivery address will be filled out if not the billing address will be both. The Credit card information is filled out and the final Purchase Order page is displayed. This page will display the totals of the purchase including taxes and shipping and handling costs. Items can be removed or added at this point also. When the “Complete Purchase” button is clicked the transaction amount is credited to the card and the customer is given a PO Confirmation number on a Purchase Confirmation page. The Confirmation page can be printed and is used as a receipt by the customer if a problem arises.
  • If the customer has ordered from GWA in the past the customer will be sent directly to the Billing Address, Delivery Address, Credit Card Information and a final Purchase Order page. They will be asked if they want to change any of the information. If they do they change it if don’t they click on next. When they get to the Purchase Order page everything is the same from this point on.

The Wish List page will be items that you can select from the catalog and add to this list. It will be viewable via the links on the pages and it can be sent to friends for gift ideas by email.