|
 Web-Enabled
Network:
Hershey's main data center is
located at the company headquarters in Pennsylvania. To manage
its data center, Hershey maintains a technical staff of just
over 200 people--with 50 percent of them involved with SAP
applications and the rest focused on application development and
delivery, as well as other operational processes. The IT crew at
Hershey's is made up of a talented lot (turnover runs around 1%)
and Computerworld has voted it one of the best IT departments to
work for.
The web enabled network consists
of an Intranet that provides web access to corporate
applications and an extranet that allows customers, such as
retail store chains, to check order status online. The majority
of its manufacturing plants in North America and South America
connected to the data center. Hershey relies on Sun hardware
including a Sun Enterprise server for its Java technology-based
B2B Web site; Sun Fire and Sun Enterprise servers running the
Solaris 8 Operating Environment to power its SAP modules; and
additional Sun Fire and Sun Enterprise servers running Oracle8
databases at the back end, to manage the data for each of the
SAP modules. A DMZ and firewall manage traffic in and out of the
data center.
Single-Sign On
Hershey's business applications
had their own means of identifying users and assigning
permissions and IT quickly realized that a web service would
require a Single Sign On solution. The SSO needed to be secure,
simple for users, and allow for centralized administration.
Hershey's runs 95% of its business through one set of systems
and has invested a great deal in 'standardization' so support
staff doesn't spend hours troubleshooting user problems across
platforms and systems. The web services project was a furthering
of that investment and so it only made sense seek a single sign
on solution across the web application landscape. To accomplish
this, application user repositories were moved towards LDAP
repository for user account reference and two products were
selected and implemented:
-
Sun Directory Server:
Serves as the enterprise user repository
(LDAP). This allowed IT to use a central instance of an account
which simplified the architecture. It also provided a central
environment from where all accounts could be managed.
-
RSA ClearTrust:
Serves as the web application and resource
authorization/authentication package. It provides a number of
additional functions not provided by a centralized user
repository alone. These include central administration of users,
groups and web access control policies, single Sign On to web
applications, centralized threat detection capability, and a
robust Java based API set for application integration as well as
custom development capabilities.
Benefits Realized
The main benefit of web services project is that Hershey's
employees, customers and partners are truly connected. However
the project reaped a multitude of additional benefits:
- All web based applications are now built to the same standard
for security.
- No matter what web platform the application is built on it is
protected utilizing the same toolkit.
- Reduced help desk calls since users only have to identify
themselves to the web environment one time.
- Hershey's is ready to communicate in more cost-effective ways
with business partners.
Web services is increasingly becoming an key component of IT
strategy and companies like Hershey Foods who have figured this
out are poised to continually benefit from the initial
investment.
|
