To Study ASP-Application Service provider model for Application hosting
By: Shahzad Sarwar
To:Development Team+ Management
Date: 23 March 2010-03-22
To Study the deployment of PCMS, Pegasus Cargo Management System in a Application Service Provider
2. ASP Model Archiecture
The application software resides on the vendor's system and is accessed by users through a web browser
using HTML or by special purpose client software provided by the vendor. Custom client software can also
interface to these systems through XML APIs. These APIs can also be used where integration with in-
house systems is required. ASPs may or may not use multi-tenancy in the deployment of software to
clients; some ASPs offer an instance or license to each customer (for example using Virtualization), some
deploy in a single instance multi-tenant access mode, now more frequently referred to as "SaaS".
Common features associated with ASPs include:
• ASP fully owns and operates the software application(s)
• ASP owns, operates and maintains the servers that support the software
• ASP makes information available to customers via the Internet or a "thin client"
• ASP bills on a "per-use" basis or on a monthly/annual fee
3. Benefits of adopting ASP Model:
Cost & Resource Savings. When companies take an e-learning initiative in-house, the focus often
becomes the technology, not the learning. It’s the technology that costs money and needs constant care.
The ASP model allows an organization to concentrate on its core competencies—what it’s in business
to do—and not divert key resources from revenue- generating tasks.
Focus. The ASP solution allows management in an organization to focus on core business activities—
not technology issues. When that portion is outsourced, the focus stays on the business.
Technical Support. All user and administrative support issues, troubleshooting and technical upgrades
are handled by the ASP.
24/7 Accessibility. The ASP solution enables everyone in your organization to choose the time and
place that’s right for them to access business solution, so solution is available anytime, anywhere—all
that’s needed is an Internet connection.
Just-In-Time (Immediate) Access. The ASP model makes business solution available within minutes
of a user determining a need for the information.
Reduced Capital Expenditure—an application service provider can free you from capital investments,
upgrade and ongoing management costs. Enjoy state-of-the-art applications without the expense of
extensive application development costs or whole-scale upgrades to hardware and networks. Escape
costly hardware/software upgrade cycles and take total control over the cost of technology ownership.
Broad Reach—Provide consistent applications to your organization’s branch offices, mobile workers
and telecommuters and bring together widely dispersed geographic locations across diverse platforms.
Predictability—ASPs offer higher and more reliable performance levels than most organizations can
achieve themselves: guaranteed network uptime, higher levels of security, and greater scalable network
• Pay-as-you-go: An ASP will be likely to charge you a monthly rental which can help spread the costs.
4. Disadvantages of Adopting ASP Model:
The client must generally accept the application as provided since ASPs can only afford a customized
solution for the largest clients
The client may rely on the provider to provide a critical business function, thus limiting their control of
that function and instead relying on the provider
Changes in the ASP market may result in changes in the type or level of service available to clients
Integration with the client's non-ASP systems may be problematic
Evaluating an Application Service Provider security when moving to an ASP infrastructure can come
at a high cost, as such a firm must assess the level of risk associated with the ASP itself. Failure to
properly account for such risk can lead to:
o Loss of control of corporate data
o Loss of control of corporate image
o Insufficient ASP security to counter risks
o Exposure of corporate data to other ASP customers
o Compromise of corporate data
Performance: If you have a dial-up modem then the speed is unlikely to be satisfactory for all but the
most basic applications. You need to be looking at ISDN, ADSL or leased lines for good performance,
all of which cost more. Communication costs. The on-going phone/leased line charges. And the
likelihood you will need ISDN lines or faster , and the costs for that.
Continual payments: If you stop paying your monthly fee then you won't be able to use the application
any more, whereas with software you buy, once you have bought it then it is yours to keep. (It might
also be the case that after some time you will have paid more by renting the software than you would
have done if you had bought a package, but this depends on each situation, and you do need to
consider the TCO).
Not having data in-house: This is probably a conceptual issue rather than a true disadvantage but it
might be important to some organizations. In many instances, to all intents and purposes, you can use
your data in the same way as if it was in-house. It does mean you are reliant on the ASP ensuring their
hardware is always available and you should discuss how they manage possible hardware failures (and
fault tolerance). See also issues on Security below.
Communication breakdowns: It is possible, although more unlikely these days, that you could find you
are unable to connect to your ASP if there is a problem with your communication links.
Security: Both in terms of having your data held away from your offices and as far as stopping security
violations of your communications links. At the extreme, you have to decide if you would be happy
running a 'mission critical' application through an outside organization.
The ASP may be unable to provide the level of service committed because of technical, labor,
financial, or other problems
5. ASP Model Implementation:
There are many implementation technologies for ASP Model via application hosting or application
Following are some major players of this domain.
XenApp by Citrix
Terminal services by Microsoft
Sun Secure Global Desktop by Sun
5.1. Citrix XenApp (formerly Citrix MetaFrame Server and Citrix Presentation Server) is an
application virtualization/application delivery product that allows users to connect to their corporate
applications. XenApp can either host applications on central servers and allow users to interact with
them remotely or stream and deliver them to user devices for local execution.
5.1.1.Citrix XenApp Architecture
Citrix XenApp™ is an on-demand application delivery solution that centralizes application management in
the datacenter and delivers applications as an on-demand service to users anywhere using any device.
Utilizing integrated application virtualization and session virtualization technologies, XenApp overcomes
the challenges associated with historic application deployment methods to reduce the cost of application
management by up to 50 percent, deliver applications instantly to users and secure application access.
188.8.131.52.Single instance management
To simplify application management, Citrix XenApp stores application packages on centralized network
storage. Compared to traditional application deployment which requires multiple application packages to
support many diverse user configurations, application management with XenApp requires only a single
package for each application. Application packages created with XenApp contain all of the necessary
information for delivery to any supported operating system. Once packaged, XenApp utilizes application
streaming to deliver applications to target devices, whether they be user PC’s or XenApp hosting servers.
To this end, XenApp also simplifies the deployment, configuration, and maintenance of hosting servers via
integrated server image management. With single image server management, XenApp can provision
additional application hosting capacity in the time it takes to boot a server. Furthermore, XenApp updates
and upgrades can be rolled out to all servers with a simple reboot. Single instance management greatly
simplifies application management and makes XenApp the most efficient and dynamic application delivery
system in its class.
184.108.40.206.Self-service application delivery
With Citrix Dazzle, ussers subscribe to the applications they need from a simple enterprise app storefront.
When users request an application, XenApp determines the best delivery method for the application in real-
time. If the user has the correct Receiver software, security profile, and meets pre-determined network,
hardware, and application requirements, then XenApp utilizes local application delivery. With local
application delivery, XenApp uses application streaming to deliver the application into an isolated
environment on the user’s PC. This form of delivery uses the PC’s local computing resources to run the
application and enables users to take applications with them even while they are disconnected from the
network. Alternatively, if XenApp determines that the users device cannot run the application locally, then
XenApp falls back to session virtualization. With session virtualization, XenApp uses application
streaming to deliver the application to hosting servers and connects the user to a remote session running
their application. This form of delivery uses datacenter resources to run the application and enables users to
access applications from anywhere. On-demand application delivery makes it possible for XenApp to
deliver applications with the highest level of application compatibility to any device while ensuring the
most optimal performance and user experience.
220.127.116.11.Any device, anywhere
XenApp surpasses traditional application deployment solutions by utilizing application virtualization
technology to deliver any application to any device. Citrix Receiver and Receiver plug-ins enable
application delivery to Windows, Mac, Linux and even UNIX devices. Over 20 manufacturers such as HP,
Wyse, and iGel include XenApp plug-in software in their thin-client and access device products. Even
users on iPhone, iPod Touch, Windows Mobile, Symbian and EPOCH devices can access Windows and
UNIX applications delivered via XenApp. The ability to deliver any application to any device, anywhere
makes XenApp the most complete application management solution on the market today.
18.104.22.168. High definition experience
XenApp has been built to ensure the best experience and performance for users regardless of their device,
operating system or connection. For applications delivered to the user’s local device, HDX IntelliCache
accelerates initial application deployment and optimizes application communications. For applications
hosted on servers, HDX MediaStream, 3D, RealTime, IntelliCache and Broadcast technologies work
together to orchestrate the most optimized computing experience – even over high latency connections. In
fact, regardless of the delivery method used, application management with XenApp enables a better-than-
installed user experience when compared to traditional application deployment and installation. This is
accomplished by preserving the “like-installed” computing experience that users are accustomed to while
enhancing application portability, security and function. For example, the EasyCall voice services
technology included with XenApp enables Voice over IP dialing and call conferencing capabilities to be
integrated into any application without custom development. Furthermore, integrated profile management
software ensures that user, application and environment settings remain consistent as users roam between
devices and operating systems. This extensive portfolio of application virtualization, performance and
delivery optimization technologies make XenApp the only application management solution capable of
delivering a high definition user experience to any user on any device.
22.214.171.124. Secure by design
Centralized application management is the most secure architecture for delivering applications. With
session virtualization, XenApp keeps data in the datacenter while only screen updates, mouse clicks and
keystrokes transit the network. As an extra added security measure for leveraging applications through
either session virtualization or application virtualization technologies, centralized password control, multi-
factor authentication, encrypted delivery and a hardened SSL VPN appliance eliminate the chance for loss
or theft of data. Built-in configuration logging and SmartAuditor technology enable IT to track system
changes and even record user activity into a video file to keep a visual record of system and application use
for security and litigation purposes. Application management with XenApp increases application
portability and user productivity while ensuring data security and IT access control.
126.96.36.199.Enterprise class scalability
As an enterprise class infrastructure for application management, XenApp can support implementations
with as few as 2 servers or scale on-demand to support multiple data centers, thousands of users and
multiple sites throughout the world. In fact, as the most mature on-demand application delivery solution on
the market, XenApp is proven to support more than 70,000 users, scale beyond 1,000 servers in a single
implementation and ensure 99.999 percent application availability. This scalability is made easy with
integrated XenServer virtualization technology and provisioning services. When used together, they enable
IT to scale their XenApp server farm to support thousands of new users on-demand. Built in load testing,
performance monitoring and activity logging tools help IT to size their infrastructure correctly, monitor
usage and performance, scale when needed, resolve issues quickly, and even pinpoint malicious behavior.
This enterprise-class foundation enables IT to meet service level agreements and quickly respond to
business and user needs. With XenApp, corporate IT teams finally have the global, scalable, end-to-end
application management solution that IT has been looking for.
5.1.2. Citrix XenApp Features & Benefits
188.8.131.52.Deliver applications on-demand to any user anywhere
Citrix XenApp™ is an on-demand application delivery solution that reduces the cost of Windows®
application management by up to 50%.
XenApp enables IT to centralize and manage a single instance of each application in the datacenter and
deliver them to users for online or offline use, while providing a high definition experience. It
revolutionizes Windows application management by virtualizing applications and delivering them as a
centralized on-demand service to any user anywhere on any device.
Calculate your own savings using our free ROI calculator and explore the features below to learn more
about how virtualizing applications with XenApp can help your business reduce costs, ensure security and
increase user, IT, and business performance and productivity.
184.108.40.206.Self-service delivery of your virtual applications
System intelligence automatically determines the best method for delivering virtual applications as an on-
demand service to users through a personalized adn easy-to-use self-service storefront.
220.127.116.11.Access virtual applications from any device, anywhere
Users can simply and securely access virtual applications instantly with a consistent experience regardless
of location or device. In fact, XenApp can deliver any Windows application to any of over 30 client
operating systems including Mac and even the Apple iPhone.
18.104.22.168.Ensure a high definition user experience
Virtualizing applications with Citrix XenApp delivers a high performance, high definition user experience
from any device, on any network – even for graphic-rich and multimedia content. Users are assured of a
seamless experience with zero downtime and higher overall productivity.
22.214.171.124.Secure architecture, secure delivery, secure by design
Centralized application management is the most secure architecture for delivering applications. With
session virtualization technology, data remains in the datacenter while only screen updates, mouse clicks
and keystrokes transit the network. Centralized password control, multi-factor authentication, encrypted
delivery and a hardened SSL VPN appliance eliminate the chance for loss or theft of data.
126.96.36.199.Single instance server and application management
Virtual application packages and server images are stored, maintained and updated once in the datacenter
and delivered on-demand. This simplifies system and application management, improves application
compatibility and makes it easy to provide real-time updates to users.
188.8.131.52.Enterprise class application management
XenApp is proven to support more than 100,000 users, scale beyond 1,000 servers in a single
implementation and ensure 99.999 percent application availability. The enterprise-class foundation coupled
with centralized application management, monitoring and automation tools enable rapid response to
business and user needs.
5.2. Terminal Services:
Remote Desktop Services in Windows Server® 2008 R2 provides technologies that enable users to access
Windows-based programs that are installed on a Remote Desktop Session Host (RD Session Host) server,
or to access the full Windows desktop. With Remote Desktop Services, users can access an RD Session
Host server from within a corporate network or from the Internet.
In Windows Server 2008, Terminal Services introduced RemoteApp programs, which are programs that are
accessed remotely through Remote Desktop Services and appear as if they are running on the end user's
local computer. In Windows Server 2008 R2, Remote Desktop Services provides administrators the ability
to group and personalize RemoteApp programs as well as virtual desktops and make them available to end
users on the Start menu of a computer that is running Windows® 7. This new feature is called RemoteApp
and Desktop Connection.
RemoteApp and Desktop Connection provides a personalized view of RemoteApp programs, session-based
desktops, and virtual desktops to users. When a user starts a RemoteApp program or a session-based
desktop, a Remote Desktop Services session is started on the Remote Desktop Session Host (RD Session
Host) server that hosts the remote desktop or RemoteApp program. If a user connects to a virtual desktop, a
remote desktop connection is made to a virtual machine that is running on a Remote Desktop Virtualization
Host (RD Virtualization Host) server. To configure which RemoteApp programs, session-based desktops,
and virtual desktops are available through RemoteApp and Desktop Connection, you must add the Remote
Desktop Connection Broker (RD Connection Broker) role service on a computer that is running Windows
Server 2008 R2, and then use Remote Desktop Connection Manager.
In Windows 7 and Windows Server 2008 R2, you configure RemoteApp and Desktop Connection by using
Control Panel. After RemoteApp and Desktop Connection is configured, RemoteApp programs, session-
based desktops, and virtual desktops that are part of this connection are available to users on the Start menu
of their computer. Any changes that are made to RemoteApp and Desktop Connection, such as adding or
removing RemoteApp programs or virtual desktops, are automatically updated on the client and on the
Users can use the new RemoteApp and Desktop Connection notification area icon to:
• Identify when they are connected to RemoteApp and Desktop Connection.
• Disconnect from RemoteApp and Desktop Connection if the connection is no longer needed.
Administrators can create a client configuration file (.wcx) and distribute it to users within their
organization so that the user can automatically configure RemoteApp and Desktop Connection.
Administrators can also write and distribute a script to run the client configuration file silently so that
RemoteApp and Desktop Connection is set up automatically when the user logs on to their account on a
Windows 7 computer.
5.3. Sun Secure Global Desktop (SGD):
software provides secure access to both published applications and published desktops running on
Microsoft Windows, Unix, mainframe and System i systems via a variety of clients ranging from fat PCs to
thin clients such as Sun Rays.
A large range of client devices can be used to connect to a Secure Global Desktop Server, including
Microsoft Windows PCs, Solaris desktops, Apple Macintoshes, Linux PCs, thin clients such as those from
Sun and Wyse, and mobile devices. The only requirement on the client side is a Web browser with a Java
Runtime Environment installed.
A client device connects to the Secure Global Desktop Server either via a supported Java-enabled browser
or via Native Client software (this "native client" can be downloaded from a SGD installation's login page,
i.e. instead of logging in and letting the Java applet handle the connection automatically for you, you could
instead do it manually by downloading this "native client" from the SGD main login page, install it locally,
and then launch it and connect via this). When you connect via a browser the first time as a client, the SGD
client (the client-side of the aforementioned Java component) is downloaded so you can then SSL encrypt
your connection. Browsers officially supported are Mozilla Firefox, Internet Explorer, and Safari, but other
browsers might work too for as long as they have access to a working Java-plugin. The latest Java Runtime
Environment is recommended but at least version 1.5 is required.
The Desktop Client connects to the Secure Global Desktop Server via the Adaptive Internet Protocol (AIP).
AIP is bandwidth and latency aware and can adjust compression and performance dynamically on links as
diverse as a 56K modem or a 100Mb LAN.
Session Resumability and Mobility is a feature allowing remote access to desktop applications from
essentially any Java-enabled browser in the world. This makes it possible to run applications in one's office,
then go to another location such as a customer site or one's home and transfer your existing desktop session
to a computer there.
Centralisation is an important feature for organizations concerned with secure data being stored on remote
devices such as notebook computers, and the associated risk for theft of the device and its data.
Applications accessed via SGD run in the centralised server room, meaning that all data is backed up and
secured via the normal datacenter practices of the organization. There is a potential for increased
performance and effiiciency, since the actual computation is performed on larger systems with more
resources; centralisation also makes resources considerably easier to manage.
Applications can be assigned to users or groups of users using the Object Manager which can automatically
present new applications to users dynamically without them needing to log out. Profiles can be created to
group similar types of users; these profiles control the applications that a logged-in user is allowed to use.
When a new application or an upgrade to an existing application is required, an administrator can just push
these changes out to the users. This simplifies Desktop SOE migrations.
SGD's password caching feature, authentication tokens, and ability to integrate with Active Directory and
LDAP gives it the ability to easily set up single sign-on to applications: a user logs into SGD once, and then
can run applications without having to perform an additional login—even if there are usernames and
passwords used for the different back-end applications.
With the same SGD infrastructure one can host an organisation's internal desktop applications, but also be
able to access desktop applications remotely without the need for expensive VPN solutions. The Firewall
Traversal Feature makes it possible to put an application server in an organisation's DMZ with only port
443 (HTTPS) accessible from the outside world. An SGD server can be accessed via HTTP or HTTPS.
SGD also integrates with the Sun Java System Portal Server making it possible to deliver desktop
applications via a Secure Portal using a Portlet, including the ability to mail, calendar and other Portal
Sun Java System Identity Manager can also be used to manage all user accounts and passwords via one
webform, including integration of LDAP, Active Directory, Oracle or other commercial or home-grown
access control repositories.
ASP Model can reallly be use full when planning for PCMS for small size
clients. As application on rental basses can be very cost effective.
After comparing SGD,terminal services and XenApp , it is concluded that
Terminal services in Windows server 2008 has a very nice feature of Remte
Apps, which can provide an option to host application on termical services
sever and application can be run at client end with out installing.
A POC is required to deploy PCMS as Remote App and find out limits if
there are ome.
Operatioal cost secpially maintanance of server of ASP Modal can be very
high and problematic,so reliable hosting company can serve to host
application at their Data center.
A comparative analysis of hosting services by top hosting service providers is
ASP Modal Hosting providers:
Sun Secure Global Desktop: