Web pages require permanent maintenance and update. Otherwise they soon become obsolete and nonattractive. A good Web page has to be well organized, clear, simple, and intuitive to follow, readable and comprehensive. An overcrowded page could be counter−productive because users are eager to browse quickly through presented material. It is better to put the existing material in several linked pages instead of a single page. Finally, an appropriate balance between textual and graphic presentation is a key for a successful Web page. It is very difficult to predict an exact number of hits to a newly designed Web server. But an increase in the load over the time is expected. The scalability and the availability of the Web services are very important. A possible solution can include multiple Web servers behind a special front−end device known as the load director. All servers provide the same service, and the load director controls a load balance among all available servers. If an individual server fails, the load is distributed between other active servers. A need for Web services is primarily business driven. But it would be naïve to expect that all business problems will be solved if you provide a technically good WWW site. Following are some tips on what not to expect from a Web presence: Do not expect a WWW site to produce miracles. Placing a Web page up on the Internet is no longer enough. If you want people to visit, you must drive them there. The Internet must be a part of a total marketing mix in order to be effective. It must be a reason for customers to place an order, or anything else for that matter. The reason could be anything from greater and easier access to information, up to saving money by placing an order over the Internet. • Do not think of the Web as a place for outsiders only. The Web can also be inside the companys intranet for information like employee manuals, questionnaires, employees 401 K plans, as well as core business functions like placing orders, workflow applications, etc. • Do not expect to have to throw away the existing hardware and software. The company has made substantial investments in the core business systems over time. As a general principal, needed information should be accessible on the Internet intranet site. • Do not expect to be dependent on one hardwaresoftware company ever again. A properly done Internetintranet site including any custom programming that has to be done should be able to run on any platform. If IT personnel have chosen a Solaris operating system, a properly done site should be able to run on a Hewlett−Packard, IBM, or DEC box, too. • Do not ignore this technology. The only thing that is certain is that competitors are not ignoring the Web. This technology if properly implemented will allow closer communications with customers, with suppliers and even between employees in the company. In this millennium, information will be the most valuable commodity of most companies, and the Web allows for information to move quickly in a format that is accessible to vast numbers of people. In turn, this information will allow businesses to move more quickly and to save money. •

25.2.5 Other External Services

This title refers to the services that are offered to the out−of−intranet users. We will address them as external or Internet users, and the offered services as the external services. External users are also regular intranet users at the off−business time. Once the employees step out of the company offices 644 The main candidate for other external services is the FTP service. If our business supposes downloading, or even uploading of data by external users, then an Internet−oriented FTP server sounds reasonable. If the FTP access should be granted to an unspecified number of external users, then an anonymous FTP site should be built. We addressed this topic in Chapter 21. In any case we have to administer and maintain the FTP site internally, i.e., from the intranet. The FTP site could be realized in different ways. One approach is to build the FTP server with its own external network interface and spend one more external IP address for this purpose. In this case it is important to prevent any attempt to penetrate from the Internet through the FTP site into the intranet. Even if the FTP site is compromised, it should remain within its own boundaries. Another approach is to leave the FTP site behind the firewall and access the FTP server through the firewall. The firewall will redirect external ftp traffic based on the intranet IP address and the FTP port number. At the same time, the firewall combined with the viruswall can scan the ftp traffic and protect the FTP server itself. This approach sounds more secure, and probably easier to realize. An external access to the intranet e−mail service also sounds very convenient. Intranet users have to have access to their e−mail from home, during the trips, or whatever. Why restrict the use of e−mail strictly to the business time?. Especially when the e−mail service itself is not restricted to the intranet at all. Again several approaches are possible. We can allow access to the intranet e−mail server from the external POP and IMAP clients as it is done internally. But the external POP or IMAP clients require the installed client software and corresponding setting and configuration. When the user moves to another PC, everything must be redone. Another issue is security. Again we must open tunnels through the firewall for new services and effectively decrease overall intranet security. There is another approach to allow Web e−mail access. It does not request anything special on the client side — the standard browser is sufficient to access and log in to the server, and browse the e−mail. At the server side there is more work to do to provide Web service and support e−mail handling. But it is worth doing it — this is a safer and more flexible and robust solution. One more example of an external access to the intranet data we already discussed in Section 25.2.3 by talking about proxy servers. The example addressed the problem of how to allow the students and faculty to access the campus library from the Internet. The list of possible external services is not finished with those examples. Under certain circumstances, other services can also require external access. How everything will be realized depends on our wishes, business needs, and technical possibilities. In most cases nontechnical issues prevail in making certain decisions. However, there is only one most important issue and that is the security of the intranet. Never forget that by opening our intranet to the external world, we always accept a certain risk to be compromised. 645 This section presents intranet as an insider anticipates it. It is focused on the major technical topics related to the intranet. The idea is to discuss the main intranet components and issues, without going too deeply in to details. The title Inside the intranet should emphasize the fact that the intranet itself, as a self−sufficient network, is a point of interest. This section addresses both intranet aspects: hardware and software, as some other intranet−specific issues.

25.3.1 Network Infrastructure and Desktops