How to deploy an ASP,.net page to our customers 1

[Cooperdam]

I am a bit stuck now, how to deploy. We have a situation where the Reports that are in Report Manager, have been deployed to a web page using ASP.net, and the ReportViewer. I wrote these reports in Visual Studio 2008, and the ASP.net page that links to Report Manager and display the parameters and the report.

The idea being, that the customers, login to our server and can run their own reports.Any help would be much appreciated, with the idea being, how do I make this idea become a reality?

 

[jmeckley]

asp.net is a http framework. webforms is an html engine. asp.net has no concept of a page, webforms does. I'm assuming when you say asp.net you mean webforms.

does any of this already exist? if so which parts? other questions:
is this a public facing website?
If not where is the database(s)/website(s) located? at the customer? by your company?
How many users do you anticipate on the system?
does each customer have there own database, or are all customers accessing the same database?
will each customer have there own website?
are the reports the same for all customers?
can customers have reports specific to them?
what report formats are available to the customer: pdf, xls, csv, etc.?

Jason Meckley
Programmer
Specialty Bakers, Inc.

faq855-7190
faq732-7259

 

[Cooperdam]

OK thanks Jason for your response.
1. What exists, is the reports in Report Manager and the ASp.net page that displays the customer name, and accepts parameters, such as Start-End date, and other data filters. The reports are lined up on the left side, you can click on a report and it then displays on the screen. One of the reports has a printer version so to speak. All of them though can print.
2. Currently, this is all housed on a local server for us.
Using SQL Server 2005.
The reason for this project, is that customers would routinely call the company for this info.
Most of the customers are small medical facilities. We supply many of their supply product needs.
(In a larger company, the transactions would be done via EDI, so alot of the data that they need would be easily available to them.)
3. There could be potentially 100 customers using the system, but probably 20-30.
4. They are all accessing the same database. There are actually 2 databases. One for medical supply and the other for housekeeping supply. A parameter I have on the ASP.net page asks which database they want and is passed to the Report via one SQL. Each database has different customers. THey may be the same corp. entity. such as a large group will have a facility for only medical needs.
5. Their own website, no. they have to login to our server.
What we need to do is to assign a static public IP address to NAT it to the internal IP address of the testserver and open up port 80 traffic in the firewall to that IP address.

Then we would create a new dns entry to point to that IP address.

6. Reports are the same.
7. They can have specific reports but this is not an issue. We can use a group name in the customer parameter as well to handle the larger customers. I have 2 reports like this.
8. Formats are as in your question, all supplied by Report Manager and the REport viewer.

 

[jmeckley]

so it sounds like you have the system already built you just need to deploy it.

in that case most of your concerns revolve around infrastructure, not programming.

5. Their own website, no. they have to login to our server.
What we need to do is to assign a static public IP address to NAT it to the internal IP address of the testserver and open up port 80 traffic in the firewall to that IP address.

the little I know about infrastructure I would:
1. dedicate a box as the webserver in a DMZ (between firewall and router?).
2. dedicate a box to sql server as a read-only copy of the data located behind the firewall and router(s).
3. ensure that these boxes can only talk to each other.
4. replicate the necessary data from your production server to the reporting database server at regular intervals. this is DBA administrative stuff. log shipping, replication, etc.
5. lock down the IIS on the webserver and use SSL to encrypt increase the security of the site.

I would also ask for advice in forum183 to assist with locking down the database server. I'm sure there are some windows server forums around TT as well that can provide insight into configuring the web/db servers.

you mentioned pointing the webserver to the test database? why would you give customers access to the testing data, or house the production database on the same server as the testing database?


Jason Meckley
Programmer
Specialty Bakers, Inc.

faq855-7190
faq732-7259

 

[Cooperdam]

Thanks, as far as your last point, we would refresh the databases nightly, this would be sufficient, since they run billing nightly only anyway. They like this approach in terms of security. Do you have think this is a smart idea or not?

 

[jmeckley]

Do you have think this is a smart idea or not?

which idea?

Jason Meckley
Programmer
Specialty Bakers, Inc.

faq855-7190
faq732-7259

 

[Cooperdam]

of using the testserver like that

 

[jmeckley]

absolutely not. I wouldn't send my clients (directly, or indirectly) to any other server by the public-facing web server and database server dedicated to the website.

The point of the test server is to test things, which means there is a high probability of unfavorable results. here is an extreme example. say you are testing some DB code which locks the entire server. now your customers cannot access reports because of R&D.

there is also the security issue. depending on network topology a security hole may be open which once on the testing server the hacker could access other information.

I would dedicate another server/database to the customer reports only. the tables/data could be a subset of your internally used database (after all it's only reports). lock this server down, along with the public facing web server. You may be able to start with a SqlExpress database engine and then upgrade to Sql2005 when the time comes. This also gives you time to budget for the software and licensing.

Jason Meckley
Programmer
Specialty Bakers, Inc.

faq855-7190
faq732-7259