TECHNICAL INFORMATION ABOUT THEUMS-X1

EDUCATIONAL SOLUTION

Automation for the Enterprise

OUTLINE

I. ITI TECHNICAL OVERVIEWII. HOW IS THE UMS-X1 STRUCTURED

1. SOLUTION ARCHITECTURE2. INFRASTRUCTURE3. SECURITY4. USAGE

III. WHAT UMS-X1 ENSURESIV. Q&A

Presented By Internet Traders International S.A.R.L

ITI TECHNICAL OVERVIEW

ITI employs highly skilled NOC engineers with theaim of deploying Systems on high performancemachines hosting client applications. Theseapplications run our client operations online;therefore uptime, security, scalability and reliabilityare critical in ensuring proper delivery of services.

Our 24/7 technical support and quality awarenessenables us to maintain our online businessreputation that is reflected by our clients, providingthem with highly sophisticated platforms to expandtheir business and operations.

Solution Architecture Infrastructure

Security Usage

HOW IS THE UMS-X1 STRUCTURED?

The UMS-X1 Solution is hosted on Linux Operating System( Red Hat Enterprise). The UMS-X1 is a Web Application utilizing PHP(Server-side scripting) and JavaScript (Client-side scripting) for code development and HTML for design. As a browser-based System, the UMS-X1 uses HTTP Requests to transmit data, making it accessible to users on a variety of client platforms, such as Linux, Macintosh, and Windows.

1. SOLUTION ARCHITECTURE

.

Internet

Database Server

Scripting Engine Scripts

Web Server

Database Management

System

Client Tier

Middle Tier

Database Tier

Web Surfer

HTTP Request

The UMS-X1 is a database driven application built around a three-tier architecture model:Client Tier, usually web browser software that interacts with the application.Middle Tier, built on top of the database tier is the complex middle tier which contains most of the application logic and communicates data between the other tiers.Database Tier, consisting of the database management system that manages the database containing the data users create, delete, modify, and query.

2. INFRASTRUCTUREThe UMS-X1 Infrastructure is based on six essential Layers:

Load Balancer

Firewall

Application Servers

Clustering of Databases

Reporting Server

MySQL Server

LOAD BALANCERThe Load Balancer allows you to balance the load of requests across multiple servers.The servers will appear as one to the end user. This enables you to manage the clustered network very easily and allow the clients the most efficient and quickest way to access the data. To ensure the data on the servers is synchronized, the File Synchronization feature will replicate the data on all servers automatically. Should any of the servers or processes fail, the Failover feature will direct all the traffic to the available servers. The Load Balancer will ensure your site and services are always available to handle incoming connections.

50%

50%

Primary

Secondary

FIREWALL

The Application Layer is protected by firewall designed to secure applications from network and application-layer attacks through an easy-to-manage and integrated approach. The application firewall is a critical element in delivering a complete application access and security solution.

Application Server

Web Server

HTTP

Client Browser

APPLICATION SERVERS An application server is a software engine that delivers applications to client

computers or devices. Moreover, an application server handles most, if not all, of the business logic and data access of the application (a.k.a. centralization). The main benefit of an application server is the ease of application development, since applications need not be programmed; instead, they are assembled from building blocks provided by the application server.

Application servers typically bundle middle tiers to enable applications to intercommunicate with dependent applications, like Web servers, database management systems, and chart/Reporting programs.

Desktop MachineLaptop

User Interface Presentation Layer

Application Logic

Data Manager and MySQL engine

Database Server

MYSQL SERVERThe MySQL database has become the world's most popular open source database because of its consistent fast performance, high reliability and ease of use.The figure below illustrates what MySQL Server can provide us with:

CLUSTERING OF DATABASESMySQL Clusters unique parallel fault tolerant architecture provides the following benefits: 99.999%Availability provided by a fault tolerant architecture Cost Effective requiring less hardware, lower maintenance costs, and affordable licensing

compared to proprietary databases. High Performance which only an in-memory database can provide. Linear Scalability to incrementally scale your system without a high initial hardware

investment. Easy to administer reducing

your need to hire additionaldatabase administrators.

No Single Point of Failure using a distributed node-based architecture with fast failover\ Hot Backups to back up to system without interruption.

Automatic Fast Failover enablingsystems to automatically fail over in less than a second.

Cluster

REPORTING SERVER

The reporting server hosts the Reporting Engine. Since reporting bears heavy load on the system, it is deployed on a separate server where the queries will run and not affect the other servers.

Report Processing

Reporting Server

Data Processing

Security

MySQL Server

Database

Browser

INFRASTRUCTURE DIAGRAM

Application Server 1 Application Server 2 Application Server 3

Load Balancer

Firewall

Clustering Management

Node

Database Part 1

Database Part 2

Database Part 1

Database Part 2

Replicated Reporting

Server

www.ums-x1.com

No Public Access

Local Network

1

2

3

5

MySQL Server

4

6

Clustering Management

Node

Clustering of Databases

3. SECURITYSecurity of your mission critical Internet operations is of paramount importance. ITI employs multiple levels of security to ensure that client data is very secure and can be easily recovered from backups.

Security includes:1. Data Security2. Materiel Security3. Network Security

ITI Lebanon staff handle security and audit reports and submit any observations to relative personnel. Security and audit monitoring is a great tool to spot errors and trace attackers. On one hand, it will guide the employees to correct their mistakes. On the other hand, it will spot any changes done due to any security breaches that might occur and take corrective actions accordingly.

Authentication Vulnerability Assessment LogsNetwork Encryption

Security of your mission-critical Internet operations is of paramount importance. Multiple levels of security are employed to ensure that only Data Center Operations Engineers are physically allowed near your routers, switches, and servers. Security procedures are as follows:

No Public Access: Public access to the data center is strictly forbidden. Video Surveillance: Live video surveillance of the entire data center building is

monitored 24/7. Onsite Security Personnel: Onsite security personnel monitor the data center building

24/7. Security personnel provide the first layer of security for entering the data center.Military-Grade Pass Cards: Access to the data center is restricted to those who hold a

pass card. These pass cards control elevator access to restricted floors within the building. Power: The data center gets power from commercial utility underground conduits with a

30-minute battery backup in the event of failure. UPS Systems : The power systems are designed to run uninterrupted even in the

unlikely event of a total power outage.Diesel Generator Systems - Our onsite diesel generator will automatically start in

the event of a power surge or power system failure.

MATERIEL SECURITY

The security policy is applied on all users who access the System/Network including administrators, accountants, instructors and students.

The security policy provides maximum security by all types of vulnerabilities on any level (interruption, interception or fabrication) on any broad category (hardware, software or data)and assures the terms of confidentiality, integrity and availability.

A user policy documentation is handed to administrators and users to know their privileges. Users are classified into groups related to their departments, their responsibilities and status.

DATA SECURITY

No access is allowed to the servers

Connecting directly to the database, is not through the

application, but by reconfiguring the firewall to allow database access from

designated IP

Access is only granted on the local network (private IP) to

the application servers

Network security threats from Internet-born worms andviruses to DDoS attacks, internal data losses, natural disastersand terror-related risks pose a multi-billion pound threat tocorporations. From secure server builds and security-tested OSinstallations to a physically secure data centre and monitorednetwork, we take a multi-layered approach to keeping yourhosting operations reliable and secure.

1. 100% Availability

2. Connectivity: fully resilient and redundant network infrastructure

3. Routing: Each packet is evaluated and sent over the best route possible

4. Guaranteed Packet Delivery: To ensure network integrity

NETWORK SECURITY

MORE SECURITY Path Security

The path to internal files in the web system is confidential. The address bar will be hidden when the user is authenticated into the web system to avoid others memorizing the path.

Password Protected DirectoryA user has to supply a username and password to pass through protected directories where certain web system files exist. The usernames and passwords will be configured into groups. Groups can be: administration, registrar, accounting, student affairs, etcEach staff member will have the username and password of his own group.

Web System AuthenticationA staff member will need to supply his own unique username and password to the web system to authenticate him according to his privileges.

Secure Transfer of dataWhen a user is sending his credentials through the internet, the transfer of information will be secured using Secure Hypertext Transfer Protocol (HTTPS). This will disable any hacker from stealing the credentials on the internet.

4. USAGEPermission and security: UMS-X1 has a reliable permission system. The mainedge of this permission system is flexibility. The administration can easilyspecify the restricted areas on the system. The administrators have accessaccording to the assigned role.

Administrator Management: The administration can manage the usage of thesystem. Such as registration parameterization (setting criteria for registration: permajor, school, number of credits, etc)

Accounts ManagementFaculty Accounts Management

Adding / Editing / Enabling / DisablingResetting Grading SystemResetting Account Password

Students Accounts ManagementBlocking / Unblocking

Staff Accounts ManagementAdding / Editing / Enabling / Disabling

System Administrator:Semester ManagementCurrent Semester Administration

Pre-registration PeriodRegistration Start/EndAdd/Drop Start/EndWithdrawal Start/EndClasses Start/EndSemester Start/EndRefund PercentageSetting holidays

New Semester CreationSemester CreationSetting of Payment Dates

Course OfferingsAdding course offeringsDeleting course offeringsSetting type of offering

System ConfigurationsSchoolsMajorsContract SheetsCoursesCourse PrerequisitesGradesListsOfficial DocumentsEntrance ExamsRooms

Registrar:Applications ManagementData VerificationEntrance ExamsOfficial DocumentsMajor SelectionCurriculum EditingID issuanceSetting of Financial AidForced Course Registration

Students AffairsView AbsenceView GradesIncomplete Grades ManagementHonor ListsOfficial/Unofficial TranscriptsContract Sheets (Curriculum)Academic Withdrawal

Accounting DepartmentAll tasks related to Payment VouchersAll tasks related to TransactionsSpecial Permissions to debit or credit students accountsFaculty Payroll

File Management: The files accessed are grouped into categories where the administrator can set privileges. For example, a user might view data but cannot delete/modify. The categories are divided into subcategories where handling of permissions will be limited to page level.

WHAT UMS-X1 ENSURES UMS-X1 Maintenance

UMS-X1 Maintenance is the process of enhancing and optimizing, as well as remedying defects that may be encountered in the UMS-X1. UMS-X1 maintenance involves changes to the software in order to correct defects and deficiencies found during field usage as well as maintaining the integrity of the database, file transfer client, and backups.

UMS-X1 ScalabilityScalability ensures that the system can adapt to growing demands such as being able to handle more users or a larger number of enquiries and transactions, and to have the capability to meet peak demand periods without introducing unacceptable delays for processing queries.

UMS-X1 AvailabilityHigh availability is a primary and critical requirement. It means that the system must be up and running 24/7 with no downtime. The system must be able to recover immediately from any failure situation, from software bugs to hardware crashes. This means that there must also be fast failover, so that other operating nodes will continue to process requests seamlessly.

Presented By Internet Traders International S.A.R.L

Presented By Internet Traders International S.A.R.L