Enterprise class apex
Upcoming SlideShare
Loading in...5
×
 

Enterprise class apex

on

  • 469 views

 

Statistics

Views

Total Views
469
Slideshare-icon Views on SlideShare
440
Embed Views
29

Actions

Likes
1
Downloads
14
Comments
0

2 Embeds 29

https://www.enkitec.com 28
http://www.enkitec.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Enterprise class apex Enterprise class apex Presentation Transcript

    • Enterprise Class APEX Scott Spendolini Executive Director 1
    • The following is intended to outline our general product & services direction. It is intended for information purposes only, and may not be incorporated into any contract or agreement. It is not a commitment to deliver any service, material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Enkitec’s products remains at the sole discretion of Enkitec. 2
    • WELCOME 3
    • About Enkitec — Oracle Platinum Partner — Established in 2004 — Headquartered in Dallas, TX — Locations throughout the US & EMEA — Specialties include: — Exadata Implementations — Development Services — PL/SQL / Java / APEX — DBA/Data Warehouse/RAC — Business Intelligence 4
    • “Solutions for APEX Developers, by APEX Developers” 5
    • Complete APEX Solutions 6 Services ProductsEducation
    • Services 7 — One of the largest pool of experienced & totally focused APEX resources in the world — Many of whom are presenting @ KScope this week!
    • Education 8 X X X X X X X X X X X X X X X Enkitec APEX Training — Intro I — Intro II — Advanced APEX — Secure Best Practices — Troubleshooting & Debugging — APEX Installation & Administration — Custom
    • Education 9
    • Enkitec @ KScope — Monday — Making Sense of APEX Security — Compelling, Dynamic, Graphical - And if We’re Lucky - Useful E-Mail Generation — APEX Behind the Scenes — Open Mic Night — Tuesday — Enterprise Class APEX — That’s Not Where I Want That! — Building Commercial Applications with APEX 10
    • Enkitec @ KScope — Wednesday — LOBS, BLOBS, CLOBS - Dealing with Attachments in APEX — Load Testing APEX Applications — Mastering the Oracle Data Pump — Thursday — Dynamic Action Deep Dive 1 — Dynamic Action Deep Dive 2 — Dynamic Action Deep Dive 3 11
    • Products 12 — eFramework - Free Edition — Basic user & role management — eSERT — APEX application that evaluates the security of other APEX applications — eSERT Cloud — Online version of eSERT
    • PLUG-INS 13
    • Plug-Ins — Plug-Ins allow developers to extend the capabilities of APEX itself — Several different types: — Item — Region — Process — Dynamic Action — Authorization Schemes — Authentication Schemes 14
    • Plug-Ins — Plug-Ins are great additions to APEX — However, they are inherently complex and can fail for a number of different reasons: — APEX Upgrade — Browser Upgrade — Code Changes — jQuery Issues — Most failures cannot easily or efficiently be addressed by the average APEX developer 15
    • Enkitec Plug-In Support 16
    • Enkitec Plug-In Support — Curated list of supported Plug-Ins and corresponding APEX releases — Two levels: — Basic — Enterprise — Enkitec Plug-Ins will continue to be provided at no cost for anyone via www.enkitec.com 17
    • Plug-In Support: Basic 18 — $999 annually per “production stream” — E-Mail support with 2 business day response time — Receive releases and updates ahead of public — Access to Forums
    • Plug-In Support: Enterprise 19 — $1999 annually per “production stream” — E-Mail/Phone/Web support with 1 business day response time — Receive releases and updates ahead of public — Access to Forums — Monthly Call with Enkitec APEX Developers — Prioritized Feature Requests
    • Supported Plug-Ins: Today — CLOB Load — NavBar — Sparklines — Modal LOV — Calendar 20
    • Supported Plug-Ins: 2013 — Modal Page — Session Timeout — Save Before Exit — Password — File Upload — And More! 21
    • Available Today 22
    • ESERT 23
    • eSERT 24 — eSERT is an APEX application that evaluates the security of other APEX applications — Provides step-by-step instructions on how to address vulnerabilities — Designed to be used as a part of your development process, not at the end — Total integration with the APEX development environment — Collaborate with all APEX developers
    • — eSERT inspects APEX applications and reports on threats in five classifications: App Settings Page Settings SQL Injection Cross Site Scripting URL Tampering Classifications 25
    • Ongoing Collaborative Evaluation 26 — eSERT allows developers to add exceptions for false positives and acceptable risks — All exceptions must be reviewed & approved by a manager before the “approved” score increases — As exceptions are logged, the value of the attribute in question is also captured — If this value changes at any time, the exception will be instantly flagged as “stale” and require re-approval
    • — Correcting each additional security vulnerability may cause other functional issues — Thus, a high number of vulnerabilities corrected at once will yield more functional defects Without eSERT 27 2007 2008 2009 Untitled 1Untitled 2Time Vulnerabilities
    • With eSERT 28 2007 2009 Untitled 1Time Vulnerabilities — Using eSERT to keep security vulnerabilities to a minimum reduces the number of functional defects introduced
    • Customers Across All Industries — Private Sector — Multi-Channel Retailer — Massive application with Over 300 Concurrent Users — Major Defense Contractor — Hundreds of applications — Major Healthcare Provider — Infrastructure Management — Higher Education — Multiple Major Universities — Access to student & research information — Public Sector — Intelligence Agency — Over 100 internal applications — Local Government — Internal Applications — Civilian Agency — Internet Facing e-Commerce Application — DOD Agency — Logistical Reports & Info 29
    • Slidewww.oh-tech.orgwww.oh-tech.org eSERT Testimonial Jeff Smith, Application Infrastructure Manager KSCOPE13, New Orleans 6/25/2013
    • Slidewww.oh-tech.org Research & Innovation Center will operate, when opened, as the proving grounds for next-generation technology infrastructure innovations and a catalyst for cutting-edge research and collaboration. The OH-TECH Consortium Ohio Supercomputer Center provides high performance computing, software, storage and support services for Ohio’s scientists, faculty, students, businesses and their research partners. OARnet connects Ohio’s universities, colleges, K-12, health care and state and local governments to its high-speed fiber optic network backbone. OARnet services include co-location, support desk, federated identity and virtualization. OhioLINK serves nearly 600,000 higher education students and faculty by providing a statewide system for sharing 50 million books and library materials, while aggregating costs among its 90 member institutions. eStudent Services provides students increased access to higher education through e-learning and technology-enhanced educational opportunities, including virtual tutoring.
    • Slidewww.oh-tech.org eSERT Testimonial • Standards, Checks and Balances • Developer Accountability and approval workflow • Efficiency and Productivity • Audit compliance • Outsourcing Development • Support
    • Slidewww.oh-tech.orgwww.oh-tech.org Questions Jeff Smith Application Infrastructure Manager jsmith@oh-tech.org Like Us on Facebook: https://www.facebook.com/ OhioTechnologyConsortium 1224 Kinnear Road Columbus, OH 43212 Phone: (614) 292-9248
    • D E M O N S T R A T I O N ESERT 34
    • — Per “Production Stream” — Up to 4 instances of APEX in a Production instance of APEX — Any Number of Workspaces/Applications/Users Licensing 35 DEV QA ProductionTEST
    • eSERT Statement of Direction — Support for APEX 5.0 — Shortly after release — Additional Reports & Analytics — Scheduled Evaluation Enhancements — Team Development Integration — eFramework Integration 36
    • Available Today 37
    • ESERT CLOUD 38
    • eSERT Cloud 39 — eSERT cloud is a affordable hosted service where anyone can upload their APEX applications and get an instant security evaluation via eSERT — Interactive Online Dashboard with summary results — PDF Summary Report (typically 100+ pages)
    • How it Works - 5 Simple Steps 1) Create an account at http://enkitec.com/sert 2) Request a workspace to upload your APEX applications into 3) Purchase evaluation credits (1 credit = 1 application evaluation) 4) Select an application to evaluate 5) View and/or download the results 40
    • How it Works - 5 4 Simple Steps 1) Create an account at http://enkitec.com/sert 2) Request a workspace to upload your APEX applications into 3) Purchase evaluation credits (1 credit = 1 application evaluation) 4) Select an application to evaluate 5) View and/or download the results 41
    • 100% Free Starting Today 42
    • EFRAMEWORK 43
    • APEX Application Adoption 44 APEX Users LDAP Internet Users SCOTT SCOTT@GMAIL.COM SCOTT.SPENDOLINI
    • Problem: User & Role Management 45 — Multiple user repositories — Different applications manage roles differently — Or not at all... — Lack of auditing when managing and/or assigning roles — Especially in home-grown systems — No central view of what applications & roles a single user has access to
    • Problem: Too Much Access 46 — APEX instance administration console gives a user complete access to the instance — Users with access to this can: — Create or Delete Workspaces — Create or Delete Schemas — Assign a Developer to Any Workspace — Alter the instance options and security settings — Approve Requests — Monitor Usage — Deploying in Runtime Mode makes even this option unusable
    • Problem: Not Enough Access 47 — On the other hand, there are several commonly needed management features that are not available from the APEX admin console — Manage User Repositories — Manage Users & Roles — Enable/Disable an Application — Secure Pages with Roles — Manage Application Help — View Errors — View Feedback
    • Solution: Enkitec eFramework 48 — The Enkitec eFramework is an APEX-based platform for deploying, managing & monitoring multiple APEX applications — Provides a central Management & Monitoring console that can be discretely delegated to any user — On either an application or workspace basis
    • Requirements — APEX 4.1 & 4.2 — Oracle Database 10gR2 or later — SE One, SE or EE 49
    • Key Features — User Repository Integration — Discrete user-to-app or user-to-workspace management — Role Management — Page Security — Centralized Help — Monitoring Reports & Charts — Error Management — Auditing — Application Control 50
    • How it Integrates — eFramework provides a set of APIs that can easily and non-intrusively be integrated into existing APEX applications — Configuration Typically less than 5 minutes per application — Built-in Verification Tool to assist with integration 51 • Application Item • Page Zero Region • Error Handling Call • Authentication Scheme • Authorization Scheme(s) • PL/SQL Init & Cleanup • Navigation Bar Entries • Label Templates
    • eFramework How its Configured 52 Administration Management Manage Application 100,101 & 102 Monitor all Applications in Workspace PROD Manage Help Text in Application 100 Equivalent to APEX Instance Administrator Customer Applications
    • eFramework Domain How it Works 53 Launchpad Customer ApplicationsRepository
    • How We Use It 54 Enkitec Internal Apps Launchpad STATSLDAP Enkitec Public Website Launchpad www.enkitec.comCustom Oracle Sales Portal Launchpad Sales ForecastCustom Data Shadow Shadow Single APEX Workspace
    • D E M O N S T R A T I O N EFRAMEWORK 55
    • Summary 56 — eFramework provides a robust development, management & monitoring platform for multiple APEX applications — Can be integrated with any user repository — Provides a federated view of all APEX application activity and associated access controls — Simple to integrate with existing APEX applications
    • eFramework Statement of Direction — Additional Reports & Analytics — Integration with eSERT — Alerts — Enhanced Auditing Capabilities 57
    • Available July 2013 58
    • SUMMARY 59
    • “Solutions for APEX Developers, by APEX Developers” 60
    • Complete APEX Solutions 61 Services ProductsEducation
    • eFramework Our Vision 62 eSERT eQA Manage & Monitor Customer Apps Development Production Supported Plug-Ins
    • For More Info 63 — Contact us for details & pricing — sales@enkitec.com — +1 972 607 3751 — Visit our Booth in the Exhibition Hall
    • http://www.enkitec.com 64