|
|
|
|
|
|
eShip’s Internet server architecture is designed for scalability, availability, and security. Our service is a mission critical business process for our clients, and our infrastructure reflects the necessity of 24 hours a day, 7 days a week availability. Additionally, our architecture is built not only to service existing clients, but to scale for future clients. By incrementally growing the number of servers and partitioning the workload among them, we can continue to provide a scalable, high availability infrastructure. Scalability Our web applications are divided into two parts: front end (client-accessible) systems and back-end systems where long-term persistent data are stored and where business-processing systems are located. Load-balancing systems are used to distribute the work across systems at each tier. This architecture scales the number of unique users supported by cloning or replicating front-end systems coupled with a stateless load-balancing system to spread the load across the available clones. Specific servers are dedicated to task-specific services, such as Electronic Data Interchange (EDI), rate calculation, and proactive monitoring. Cloning and partitioning, along with functionally specialized services, enable these systems to have an exceptional degree of scalability by growing each service independently. Availability Front-end systems are made highly available as well as scalable through using multiple, cloned servers. Load balancing is used to distribute load across the clones. A clone that is no longer offering a service can be automatically removed from the load-balance set while the remaining clones continue to offer the service. Back-end systems are made highly available by using failover clustering for each partition. Failover clustering assumes that an application can resume on another computer that has been given access to the failed systems disk subsystem. Partition failover occurs when the primary node supporting requests to the partition fails and requests to the partition automatically switch to a secondary node. The secondary node has access to the same data storage, which is also replicated, as the failed node. An additional replica at a remote geographic site also increases the availability of eShip in the event of a disaster. Security Managing risks by providing adequate protections for the confidentiality, privacy, integrity, and availability of information—is essential to eShip.com’s success. eShip.com uses multiple security domains, where systems with different security needs are placed and each domain is protected by a firewall. The three principal domains, each separated by a firewall, are: a public network; a DMZ (demilitarized zone), where front ends and content servers are placed; and a secure network, where secure data is managed and stored.
|
|
Copyright © eShip, Inc. All rights
reserved.
|
