FLORIDA DEPARTMENT OF MANAGEMENT SERVICES

By the early 1990s, the Florida Department of Management Service (DMS) had built up a large information systems network that served state government agencies in 10 regional sites and connected these to the data center in Tallahassee. The net- work was based on the use of the proprietary Systems Network Architecture (SNA) from IBM and a mainframe at the data center that housed most of the applications.

Although relatively happy with the SNA operation, DMS saw a need to ex- pand applications and services by providing TCP/IP capability and Internet access. The goal was met in a remarkably short time. Over the course of 30 months, DMS built a statewide TCP/IP network, began offering Internet services to local and state agencies, and created a suite of Internet applications that will ultimately move per- sonnel, accounting, and billing systems online [JOHN96]. To complete the success story, DMS managed to accomplish all that while saving the state of Florida more than $4 million. The breakdown is shown in Table II.1.

The aim of this upgrade was to exploit the Internet. Internet connectivity, to- gether with key Internet applications such as the Web, could make it easier for agen- cies across the state to communicate with each other, with suppliers, and with users, thereby improving employee productivity.

THE IP INFRASTRUCTURE

The first step was to build an IP infrastructure. The then-current configuration, based on SNA, made heavy use of telephone company (telco)supplied equipment and services. DMS considered the possibility of outsourcing the IP capability but re- jected this for the following reasons:

None of the telcos had a router-based service at that time, which meant DMS would have to wait for the carrier to build its own network.

DMS wanted to select the routers. The telcos wouldnt purchase the products picked by DMS because they did not fit in with their plans. Finally, a regulatory prohibition against colocation meant that user-owned equipment couldnt be in- stalled at telco central offices.

The existing SNA network could easily be adapted to TCP/IP.

147

148 CASE STUDY 2 Table II.1 DMS Cost Breakdown

What Was Spent

Application development $300,000

What Was Not Spent

Personnel $450,000

Terminal upgrades

Mainframe application development

Mainframe hardware upgrades Mainframe software upgrades

$150,000 $1,000,000

$6,000,000 $600,000

Software (including Web $850,000 software, databases, and development tools)

Hardware (servers, routers, $1,525,000 telco services)

Maintenance $450,000

TOTAL $3,575,000

TOTAL

$7,750,000

The existing configuration had been put in place to allow some 6000 users throughout the state to access mainframe application in Tallahassee. SNA network control processors (NCPs) in 10 cities were linked via T-1 (1.544 Mbps) and T-3 (45 Mbps) lines to a communications controller on a token ring LAN in the DMS data center. The communications controller handled SNA traffic into and out of the mainframe. The token ring also supported SNA terminals, personal computers, and other equipment.

To transform the SNA backbone into a router network, all DMS had to do, in essence, was deploy routers at each site, connect the boxes, and link them to a cen- tral-site router at the data center (Figure II.1). Put that way, it sounds easy, and in fact the installation and startup went remarkably smoothly.

DMS chose the Cisco 7000 as its backbone router, with one deployed at each of the 10 regional sites. The Cisco gear came with strong network management and could be booted and configured centrally. At each site the Cisco router and the NCP are hooked to a digital access cross-connect switch (DACS). This switch seg- regates SNA from TCP/IP traffic and directs it accordingly. The DACS now pro- vides the T-1/T-3 link to the SNA communications controller at the data center. In addition, each DACS is connected to the DACS at each of the nine other regional centers to create a mesh for IP traffic. Finally, there is a link from each DACS to a router at the data center.

At the regional center, SNA traffic is handled as before from IBM 3270 termi- nals. This traffic only goes from the regional center to the mainframe at the data center. For connection to the IP backbone and the Internet applications, each re- gional center is equipped with Cisco 2000 routers to connect workstations, personal computers, and servers via LANs.

At the data center, there is a high-capacity Cisco 2000 router that has a di- rect leased link to each of the 10 regional centers. This router is also connected to the Internet and provides the entry point for the entire far-flung DMS network into the Internet. Finally, there are several Network Systems Corp. routers that connect the data center to the Tallahassee MAN, which is an FDDI ring owned and operated by Sprint Corporation. The MAN gives agencies located through- out Tallahassee access to the data center and to each other.

To other Tallahassee agencies

FLORIDA DEPARTMENT OF MANAGEMENT SERVICES 149To other

FDDI MAN

Tallahassee agencies NSC router

NSC router Token ring

3745 communications controller

SNA

Mainframe

T1

SNA gateway

Cisco 2000 router

T1/T3

T1/T3

T1/T3

T1/T3

T1/T3

To Internet

T1/T3

T1/T3 T1/T3

Regional node

T1/T3

Regional node

TCP/IP NCP ?? Network control program DACS ?? Digital access cross-connectswitch

3270s

Cisco 2000 router

NCP

DACS

Cisco Regional

node

Figure II.1 Network Configurations for Florida Department of Management Services

THE APPLICATIONS

Once the IP infrastructure was in place, DMS began to add applications. The first, and still the most popular, application was a client/server employment system. The original system stored information about some 125,000 state employees on the mainframe. About 1200 users throughout the state accessed it over the SNA net- work. Although the system was secure and reliable, services were slow and the inter- face clumsy. The applications around the database had been developed and installed in the early 1980s and were batch-mode with fixed-transaction access. Users couldnt configure their own requests and searches on the fly. If they wanted anything out of the ordinary, they had to contact mainframe programmers, who might take days or weeks to develop what was needed. The new application makes use of a UNIX server at the data center that is hooked to the mainframe and downloads the em- ployee database at least weekly to store in its own server database. Users at work- stations at the various agencies and centers access the server over the IP network running an application called Copesview.

Another client/server application that generates a lot of traffic over the IP net- work is Spursview, a purchasing application. Like Copesview, it was adapted from a mainframe application, SPURS (Statewide Purchasing System). SPURS, which was used by roughly 4000 employees, stored information on the mainframe about prod- ucts purchased by the site, including vendor, model number, and price. Here again,

150 CASE STUDY 2

users were limited as to the type of searches they could perform. With Spursview, users gained a variety of new capabilities, such as wild-card searches on any parame- ters (data of purchase, vendor, type of product, etc.). They also can create graphs and bar charts and import data directly into PC-based spreadsheets.

INTRANET AND INTERNET APPLICATIONS

The data center maintains a link to the Internet through which all traffic between the data centers IP network and the Internet pass. This link is equipped with a fire- wall that prevents unauthorized access.

With the Internet link and the IP network up, DMS was in a position to offer Internet access to state employees as well as to set up Web services for both intranet and Internet access. Like the servers in the client/server configuration, the Web server has a link to the mainframe and is able to construct databases accessible from Web browsers.

One of the most popular Web-based applications is a job-posting service that lets users search for vacancies within the state system by location, salary ranges, and type of work. The state has about 8000 job vacancies on any given day. Applicants can fill out an online job application and store it for multiple submissions. This appli- cation averages about 100,000 hits per week.

Another well-used site eliminates the need for state employees to process in- formation regarding government contracts and suppliers. Previously, when a vendor won a bid, it submitted pricing and product data on floppy discs. The DMS em- ployed several people full time just to review that information, format it, and enter it onto the mainframe. That information is now available on the Web. Users can ac- cess this information on the DMS Web server and on Web servers at vendor sites. For example, users can search for contracted suppliers that offer computers priced below $2000. The search generates a list of names, each of which is a Web link. Be- cause the data reside on the vendors Web servers, it is up to the suppliers, not the DMS, to make sure all data are accurate and up to date.

DMS is also working on an online purchasing system running over the Web. Users not only would be able to view vendor information but also could order prod- ucts online. This application will take a lot of coordination, because it involves the purchasing department, comptrollers office, and accounting. It also involves au- thenticating users to ensure they are authorized to make purchases.

DMS has not neglected those who pay state employees salaries: the citizens of Florida. The Web service available to the public is called the Florida Community Network (FCN), and it has been a success story and a model for other states [REGE96]. The FCN is currently averaging a million hits per month. Online access to information can in many cases eliminate two or three layers of bureaucracy and provide a self-service connection to the government. For example, one of the pro- jects under development is automatic fishing and gaming licensing. Mrs. X in Palm Beach wants to go fishing but knows she needs a license. She logs on to the FCN site, chooses the search option, and types fishing. Within seconds, a form appears that lets Mrs. X apply and pay for a license from the comfort of her home. She fills out

FLORIDA DEPARTMENT OF MANAGEMENT SERVICES 151

the form, submits it, and moments later a license is e-mailed to her. No clerks, no lines, no trips to the Office of the Tax Collector or a sporting goods store.

Yet another popular Web service is the Statewide Telephone Directory, which includes listings for state and local government, universities, community colleges, and school boards. DMS has also worked with the state Board of Regents to set up a distance learning service, which makes use of the DMS networking facilities [MADA98].

In 2007, the DMS network went through another major overhaul and was re- named MyFloridaNet. This new network retains the fundamental TCP/IP and net- working architecture with many upgrades. We examine MyFloridaNet in Case Study VI.

The DMS Web site is undergoing constant evolution and refinement. It is located at http://dms.myflorida.com.

Discussion Points

What security mechanisms are needed to protect the DMS systems from both state employees and users accessing over the Internet?

VisittheDMSWebsiteandlistthemajorservicesfoundthere.Discusstherela- tive merits of each.

Suggest improvements to existing services and suggest new services that should be added.