Page 93 -
P. 93
Chapter 3 • Enterprise Systems Architecture 69
thereby extending the value and benefit of the deployment and these systems. Even though it is
pretty easy to understand the benefit of integration, the additional value is derived from
the business intelligence compiled through the sharing of data across partner, customer, and
internal systems.
Finally, online analytical processing (OLAP) is the foundation of the business intelligence
module in ERP. It provides the ability to access, present, and analyze data across several dimen-
sions (e.g., time, place, and product line). Through a comprehensive platform of knowledge
management and data warehousing, executives are able to base decisions on the most relevant
information in real time or through analyzing trends that incorporate a variety of intelligence
gathered from an extended value chain. This is one of the true realized benefits of an ERP
system: the seamless transfer of data and information across an extended enterprise allowing for
a strategic advantage in decision making.
ERP architectures have evolved over the years with the IT infrastructure. As noted in
Chapters 1 and 2, the IT infrastructure in organizations has moved from centralized to distributed
systems. Current IT infrastructure’s focus is on integrating the corporate architecture with the
Web and extending it well beyond the organization to suppliers, clients, and customers via the
service-oriented architectures (SOA). The ERP architecture has similarly evolved from two-tier
to three-tier, N-tier, Web, and SOA. This section will review, in detail, the three-tier architecture.
THREE-TIER ARCHITECTURES Most of the current ERP implementations follow a three-tiered
architecture, which consists of a Web tier, an application tier, and a data tier. The segmentation
of these tiers allows for the system as a whole to be more scalable and reduces resource utiliza-
tion. It also provides higher security due to the separation of resources.
The Web tier includes the Web servers that a client interacts with for application access.
This is where the graphical user interface (GUI) applications reside and data get inputted,
requests for information are submitted, and the data satisfying these requests are presented.
These systems can be located and accessed within the organization’s internal network or exter-
nally on the Internet. For servers within the Web tier, it is important to accurately forecast how
many users are expected to use the system concurrently and what the peak loads will be. The data
the application sends back to the user also need to be considered, especially if video or other
multimedia components will be used. The network portion of the Web tier will need to be
designed around these expectations. If the system is for internal use only, it might be connected
to a network with ample bandwidth available to it. However, if the application is Internet facing,
the bandwidth available externally might be much lower. The same will be true if the application
needs to be accessed across the organization’s WAN, since bandwidth varies among these types
of connections.
Network security within the Web tier is extremely important as this is the front door to an
organization’s ERP system. Whether the system lives internally or externally, there is a risk of
someone breaching the system. The first line of defense should be a firewall that is located
between the Web tier and the connection to the rest of the network. Management will need to
dictate policies for the type of traffic that is allowed to enter the Web tier. Traditionally, this
would be http and https traffic. For further granularity, the Web tier could restrict access to
specific networks within the organization, for example, the network HR or accounting utilize.
The next piece of security that should be implemented within the Web tier is an intrusion detec-
tion device. This device will examine traffic entering the Web tier and determine if it is malicious
in nature based on predefined patterns. If the device determines there is malicious activity, it can
either take action by blocking a user’s connection or notify IT.
