Platform Technical Overview

The Custom Application Challenge

A large enterprise is a complex organization with many interrelated business functions. Some of these functions are found across enterprises — for instance, human resources, supply chain and finance. However, each enterprise also has its own unique business processes. Many of these processes are in fact mission-critical — they provide essential organizational capabilities and create competitive advantages.

To address widely-implemented business functions, enterprises typically use off-the-shelf solutions — such as customer relationship management (CRM) and human capital management (HCM) software. However, they also need custom applications to meet their own unique business requirements. A large enterprise often has dozens of these in-house applications — or even hundreds.

Many of these applications are developed by individual departments within the enterprise. These range from simple spreadsheets through to tools built using legacy Notes or Access technology. Departmental teams do this out of necessity — to date, IT has rarely had the resources needed to deliver hundreds of applications on demand.

However, this proliferation of silo-ed custom applications has serious consequences. It directly affects an enterprise's ability to run and grow their business, innovate, and meet regulatory requirements. They find it difficult to integrate, streamline and enhance their business processes — and lack a single system of record that unifies and unlocks the value of their enterprise data.

Does Cloud Help?

Today, enterprises are moving their applications to the cloud at an increasing pace. Their goal is straightforward — to make it easier to deploy and manage applications.

The ultimate example of this is Software as a Service (SaaS), where a vendor rents out software running on a cloud-based platform. The vendor takes complete responsibility for availability, performance, upgrades, security and data backup. The enterprise no longer has to maintain the software — they simply use it.

However, the SaaS model is only designed for off-the-shelf software. A different approach is required when hosting custom applications.

Currently, two different types of cloud provider address this need:

• Infrastructure as a Service (IaaS) providers abstract away the complexity of hardware infrastructure. They provide rapid, simplified provisioning of virtual servers and storage, giving enterprises access to computing capacity on demand. This is sometimes little more than a bare-metal service — enterprises are left to install and maintain platform components and applications. Examples of this type of provider include Amazon AWS and Rackspace.

• Platform as a Service (PaaS) providers move abstraction further up the stack. In addition to hardware virtualization, they also provide basic platform components such as web servers, databases and application servers. They curate all of these components, taking responsibility for availability, performance and upgrades. In addition, they typically offer a cloud-based version of a traditional development environment — such as .NET or Java. Windows Azure and Heroku are two well-known examples of this type of provider.

Both IaaS and PaaS provide value. They greatly reduce the effort needed to manage hardware infrastructure and software platforms. This translates into lower IT costs and increased agility. However, neither model addresses the core development issue: 
How can enterprises radically reduce the time needed to build custom applications?

Application Platform as a Service (aPaaS)

To create an efficient custom application factory, enterprises need a cloud-based application platform that eliminates unnecessary development complexity. The goal of such an aPaaS platform is to reduce time-consuming, repetitive application development tasks so that developers can focus on coding unique, high-value business logic.

To achieve this goal, an ideal aPaaS platform must have the following capabilities and characteristics:

• Automatic application creation: The platform must be able to create and run a basic MVC application with minimal data input. This must include create, read, update and delete (CRUD) functionality. This avoids having to re-create basic application infrastructure every time a new application is built.
• Standardized components: When the platform creates an application, it must use standardized components — not code that it generates on the fly. This ensures that application components are tested and upgradable, and that their behavior can be managed consistently across applications.
• Data-driven behavior: Developers must be able to configure the behavior of application components using metadata. This allows them to adapt component behavior to meet the specific requirements of each application. This approach greatly simplifies mundane development activities, so that developers focus their coding efforts on delivering application value.
• Graphical configuration tools: The platform must have intuitive graphical tools that simplify and accelerate metadata creation. These tools must be an integral part of every application component. Providing these tools increases development efficiency, eliminates metadata errors, and shields developers from the underlying metadata syntax.
• Fully programmable: An aPaaS platform must not limit application capabilities or developer creativity. Its goal is to simplify creation of basic application infrastructure while still giving developers full expressive power. Developers must be able to code new functionality, as well as programmatically extend existing platform components.
• Standard programming tools: The platform must use standard tools and languages — such as JavaScript — so that developers leverage their existing coding skills. It has avoid proprietary approaches, since these result in long learning curves and skills shortages.
• Multi-application: The platform must support multiple custom applications on a single system of record. This allows enterprises to unlock synergistic value across applications. It also gives end-users consistent, unified access to all of their enterprise services.
• Data-driven interfaces: While an aPaaS platform needs to support multiple applications, it must also provide clear separation between them to avoid unwanted dependencies and "spaghetti" code. In practice, this means that interactions between applications must be mediated through a shared data services layer that contains persistent state information and other related data.
• Rich integration support: the platform must not create an island of custom applications. It must be able to integrate easily with other enterprise systems, including both packaged software applications and IT infrastructure. For example, consider a custom employee-onboarding application running on an aPaaS platform. This needs to touch multiple off-the-shelf systems — such as human resources and payroll — as well as provision directories and other IT systems with employee data.
• Enterprise-grade security: An aPaaS platform must provide the same level of security as any other enterprise software platform. Furthermore, since the platform exists in the cloud, it must also ensure security when it interacts with systems in the enterprise data center.
• Available and scalable: An aPaaS platform must deliver high availability and on- demand scalability, just like any other cloud-hosting platform. However, unlike other hosting models, an aPaaS service provider needs to take responsibility for the scalability and availability of the application infrastructure itself — not just the underlying virtualized platform.
• Fully managed: Similarly, an aPaaS provider needs to manage the hosted environment. This includes maintaining and upgrading standardized application components — not just the underlying platform software. In reality, this means that all application-specific data — including metadata and code — must be held within the platform's data services layer and managed by the aPaaS provider to ensure upgradability and portability.

Introducing the ServiceNow Platform

ServiceNow is the industry's first fully functional aPaaS platform, and is currently in use with thousands of leading enterprises around the globe. ServiceNow simplifies the complex task of building custom enterprise applications, giving developers the capabilities they need to radically accelerate application development. With ServiceNow, enterprises build applications in a fraction of the time needed for traditional development, consolidating all of their custom applications into a unified, reliable and fully managed cloud environment.

Building a Basic ServiceNow Application

The best way to understand how ServiceNow simplifies development is to look at how a developer creates a basic ServiceNow application.

First, the developer defines a data schema. Typically, this is not a trivial activity — the schema needs to be well defined and clearly linked to the application requirements. This is no different from any other application development approach, and requires the same level of developer knowledge and experience.

Once the developer has defined the schema, however, the power of ServiceNow becomes clear. They simply enter the schema using a built-in graphical tool, and ServiceNow automatically creates all of the corresponding database tables, fields and relationships, which can then be accessed through ServiceNow's object-oriented data services layer. As it does this, it also builds a complete MVC application that includes both client-side interfaces and server-side CRUD logic. The application is fully functional and ready to run without any further inputs.

This basic application provides a complete and fully extensible foundation for subsequent application development. Developers do not have to spend large amounts of time bootstrapping basic application functionality. This vastly increases productivity, freeing developers to focus on core application logic. It also enhances application quality, since it eliminates a large number of laborious, repetitive and error-prone task.

Configurable Components

The basic application that ServiceNow builds from the data schema consists of a number of components. These components are standard across applications — ServiceNow does not generate application-specific code. Instead, the behavior of each component is fully configurable on a per application basis, and the component can also be extended programmatically using JavaScript.

An Component Example: Forms & Lists

ServiceNow applications include client-side forms for data entry and retrieval. By default, there is one form for every object in the application — this contains all of the object's displayable attributes. ServiceNow also creates a list screen for the object, which allows users to browse, filter, create and delete object instances.

This functionality is provided by a Forms & Lists component. This is a generic component used by all applications. It contains all of the logic needed to implement forms and lists, but does not have any application-specific knowledge. Instead, its behavior is controlled by metadata on a per application basis. This metadata is generated when ServiceNow builds the application.

However, this metadata only specifies default behaviors. For example, all of the object's displayable attributes are simply shown in a vertical list. In most cases, these default behaviors do not satisfy the exact requirements of the application. For instance, the developer may need to change the form layout or hide certain fields. They may also want to include data from related objects, or restrict field values using picklists.

To address this, the Forms & Lists component includes a graphical configuration tool. This tool makes it easy to modify a form's layout, data content, and behavior. When

a developer does make changes, the configuration tool updates the corresponding metadata. The Forms & Lists component then interprets the metadata when the application runs, and modifies the forms accordingly.

Components Share a Common Pattern

The Forms & Lists example illustrates a pattern that is shared by many ServiceNow components — numerous client-side and server-side components behave in a similar way. One example of this is the UI Actions component, which lets developers incorporate active elements such as buttons into forms. Again, this is a generic component that is configured using a graphical tool which creates application-specific metadata.

ServiceNow Supports Extensive Programming Capabilities

No application development platform should limit a developer's ability to implement application functionality. One of the key concerns with a purely data-driven approach to application development is that it significantly restricts a developer's expressive power. At best, application functionality is limited to what can be defined in the metadata. At worst, the application is constrained by the capabilities of the graphical tools that expose the metadata.

Because of this, ServiceNow gives developers complete flexibility to extend application behavior programmatically. Most ServiceNow components have extension points where developers can integrate code using JavaScript. By combining a data-driven approach with coding, ServiceNow gives developers the best of both worlds — they can save time through configuration while retaining complete   flexibility through code.

These extensions are available at almost every level in the application stack using JavaScript — both on the server and client side. For instance, developers can create complex presentation logic and bind this directly into the application client. Using this approach, a standard ServiceNow form can be transformed to provide custom functionality, or to align with a specific look and feel.

A real-world example of this is shown below. Here, developers at Brigham Young University have completely modified the behavior and appearance of a ServiceNow instance to provide a student portal that is fully consistent with their overall branding and information architecture.

Implementing Server-Side Logic

ServiceNow takes the same consistent approach to both server-side logic and client-side logic. Developers can configure functionality using graphical tools, or they can implement it programmatically. They are also able to combine the two approaches — giving them complete flexibility.

To program server-side logic on ServiceNow, developers create business rules using JavaScript. These rules execute when the data services layer is accessed, and can be configured to run before or after the data operation. In many ways, this is very similar to the way that a relational trigger works. However, it is much more powerful — ServiceNow triggers a complete JavaScript object that has access to the full set of platform capabilities. A sample business rule is shown in the figure below.

When coding business rules, developers can directly access capabilities provided by ServiceNow's built-in components. One example is ServiceNow's Glide API, which gives developers powerful capabilities to access and manipulate groups of data records through ServiceNow's data services layer.

Commonly Used ServiceNow Components

ServiceNow includes a rich ecosystem of components and capabilities. Taken together, these give developers a comprehensive set of tools that simplify and accelerate development, while providing the flexibility to configure and code business logic without restrictions. Some of the most commonly used components and capabilities within this ecosystem are shown in the figure below.

The Workflow Engine

One of the most widely used ServiceNow components is the workflow engine. This is used to implement server-side business logic. Developers are not required to use this — they can code all of an application's business logic just by using JavaScript business rules. However, the workflow engine can dramatically simplify business logic implementation.

Using ServiceNow's intuitive drag and drop work ow designer, developers can set up complete state-driven workflows. Just like business rules, the workflows are triggered by data changes made through ServiceNow's data services layer, including insertions, updates and deletions. They also have access to the same rich palette of components that are available to JavaScript business rules — these can simply be dragged into the work ow during the design process.

Developers can also extend workflows programmatically by integrating JavaScript into individual workflow nodes. Using this approach, developers can in effect code business rules into the overall workflow framework. In addition, developers can also invoke other types of scripts from the workflow engine when required.

An example of a ServiceNow work ow is shown in the figure below.

The Service Catalog

ServiceNow's Service Catalog is another widely-used component. This gives users a way to request corporate services without having to understand how their request is fulfilled. This is a concept borrowed from IT, which ServiceNow extends across all corporate and IT services.

For example, an enterprise's marketing department might create an application that handles assignment of marketing assets — for instance, display stands or audiovisual equipment — to specific events such as trade shows or customer presentations. While the marketing department uses the application directly, they also need to receive requests for marketing assets from sales.

Rather than giving sales full access to the application, they simply add a request template to the Service Catalog. When they do this, the corresponding service is automatically displayed whenever sales — or any other authorized user — accesses the Service Catalog. This gives sales a familiar way of requesting marketing assets, since the new service is simply displayed alongside all of the other services that they already use.

When a user submits a request from the Service Catalog, the data is associated with the request is written through the data services layer into the corresponding application data store. At this point, the application can carry out further manual or automated processing. For example, the marketing application could be triggered when its request data is updated, at which point it could send a notification to the marketing person who owns that equipment. Alternatively, marketing staff could simply retrieve and process new requests when they log in to the marketing application.

As with other components, the Service Catalog can be configured to provide application- specific functionality. For example, a request for marketing assets might require additional information not found in other types of requests. To implement this additional information, the developer simply needs to configure the additional fields using the Service Catalog's built-in configuration GUI.

While the Service Catalog is a component, it is also really a small built-in ServiceNow application. The way it interacts with custom applications is similar to the way that custom applications interact with each other. Specifically, communication between custom applications is mediated through shared data in ServiceNow's data services layer, providing clear functional separation between applications.

Additional Platform Capabilities

ServiceNow delivers a number of additional capabilities that simplify application development, deployment and use. These are in addition to the wide range of components that ServiceNow provides for developers.

• Application Portability: All of the data associated with a ServiceNow application is persistently stored in the ServiceNow data services layer. This includes application data, metadata and JavaScript code. All of the data can be exported into an XML format, and then subsequently restored to another ServiceNow instance. This makes it easy to move applications from development to production platforms during deployment, and also simplifies cloning of production systems for development and test purposes.
• Mobile device support: ServiceNow includes comprehensive mobile support. It automatically recognizes different types of mobile devices, and renders the most appropriate screen designs for each device's form factor. Developers can define device-specific layouts when configuring the user interface, which ServiceNow then stores as metadata associated with the application. Developers are free to modify all aspects of a screen's design, including both layout and data elements. This makes it easy to support mobile-specific use cases, or to design simplified mobile interfaces that are not overburdened with an impractical level of detail.
• Built-in reporting and analytics: With ServiceNow, developers can create a wide range of application-specific reports using built-in graphical tools. They have access to a broad palette of graphical elements, including pie, bar, line, Pareto, box and trend charts. Other available chart elements include calendars, pivot tables, availability charts and histograms. They can also control which users or user groups have access to specific reports — or this can be configured by the system administrator at any time. ServiceNow supports both scheduled and on-demand reports, and can export reports in PDF, Excel, PNG or CSV format. Users with appropriate permissions can also define and run their own reports — they do not have to go back to development when they need additional report types.

Architectural Benefits

Architectural considerations are as important as development needs when selecting an aPaaS platform. ServiceNow is designed as an enterprise-grade cloud platform, providing the scalability, security and availability needed for mission-critical applications. It also provides extensive integration capabilities through Web services, as well as through a broad range of other mechanisms.

Availability, Reliability and Scalability

ServiceNow runs in an advanced high availability cloud that delivers world-class reliability and scalability. This provides full redundancy and fault tolerance for the entire ServiceNow application and platform stack, including electrical, cooling, network, security and server infrastructure.

Customer instances run in mirrored data centers in every major geography around the globe — see the ServiceNow website for a complete list of locations. These data centers are completely independent of ServiceNow's own corporate IT infrastructure. Each data center has multiple connections to the Internet, providing reliable access. Application data is replicated in near real time from the production data center to the backup data center, so that operations switch seamlessly and automaticallyto the backup data center in the event of a failure of the production environment. ServiceNow instances within a data center also run on load-balanced clusters, providing superior scalability and fault tolerance.

Operation of customer instances is also transferred to the backup data center during normal maintenance and upgrade activities. This vastly reduces service disruptions due to ongoing platform management activities by ServiceNow personnel. It also exercises the transfer process on a regular basis, ensuring that it will work properly during failover scenarios.

In addition to replicating data in mirrored data centers, ServiceNow also backs up data from customer instances using traditional backup and recovery mechanisms. This delivers an additional layer of data reliability, and allows ServiceNow customers to roll back data if required. ServiceNow maintains seven daily and three weekly backups on disk for all customer instances, including those in the primary and backup data center. This data never leaves the ServiceNow data center, providing a high level of security.

ServiceNow's technical personnel monitor and maintain the ServiceNow platform 24x7. There are multiple teams located in different geographic regions, and a remote team is able to take over full 24x7 operation in the event of a disaster in another region.

Integration

With ServiceNow, custom applications become an integral part of the enterprise architecture. This is essential — custom applications need access to data and capabilities that reside in other enterprise systems, such as ERP platforms, CRM software, and data warehouses. They must also provide information to these systems to enable end-to-end processes and data correlation.

ServiceNow delivers comprehensive Web services capabilities — including both inbound and outbound messaging. It supports Simple Object Access Protocol (SOAP) and REpresentational State Transfer (REST), as well as an Open Database Connectivity (ODBC) bridge on top of the Web services interface. Unlike other platforms, it also automates access to application-specific data by generating Web services Description Language (WDSL) files, which allow the data to be accessed through ServiceNow's data services layer.

Clients have used ServiceNow's Web services to integrate with hundreds of packaged and homegrown applications, numerous types of middleware, and many other data sources. These implementations range from standard connectivity using generated WDSL through to completely custom Web services. Clients have implemented both real-time and batch interfaces, and have also used ServiceNow to drive multisystem, enterprise-wide workflows.

ServiceNow also provides an extensive range of other integration mechanisms, including JDBC, FTP, command line invocation, and script execution. It is also pre-integrated with Chef and Puppet, allowing it to orchestrate complex IT configuration tasks — including provisioning of cloud infrastructure components and end-to-end business services.

Security is a common concern when integrating cloud-based platforms with on-premises systems. Automation requires deep integration using numerous interface points and protocols — but this normally means opening up multiple ports in the enterprise firewall. This creates a significant security exposure, since there is direct connectivity between an external platform and multiple systems in the data center. These open ports expose the on-premises systems, and are also open to malicious exploits.

ServiceNow addresses this issue with its Management, Instrumentation and Discovery (MID) Server. This is a Java application that runs as a Windows service or UNIX daemon within the data center. The MID Server acts as a proxy for the cloud-based ServiceNow platform, communicating securely with it over a single HTTPS connection. The MID server in turn communicates with on-premises systems using Web services and other protocols. All require credentials are stored locally on the MID server, and are optionally encrypted. The MID Server also supports clustered operation, providing both load-balancing and failover capabilities.

Security

ServiceNow is designed to meet the stringent security needs of today's large enterprises. It is deployed at some of the world's most security-conscious organizations, including major financial institutions and government agencies. It is also certified by leading third- party security authorities — a list of which can be found on the ServiceNow website.

The security capabilities provided by ServiceNow include:

• Compliance with Enterprise Security Policies: ServiceNow can be easily configured to meet the particular security requirements of individual enterprises. For example, password policies, IP address range restrictions, audit trails and system logs can all be configured to align with enterprise-specific security policies.
• Compatibility with existing authentication and SSO mechanisms: ServiceNow integrates directly with directories that support Lightweight Directory Access Protocol (LDAP), including Microsoft's Active Directory. It also supports Security Assertion Markup Language (SAML), which allows it to be integrated into a wide range of other SSO environments.
• Application-Level Security: ServiceNow has a flexible, fine-grained application security model. This model provides full access control for individual applications, including down to the individual record and field level. Security can be configured for individual users and user groups, as well as by role, making it easy to manage large numbers of users. It provides an intuitive GUI for creating access rules, and also allows custom rules to be built using scripts if required.

Conclusion

Large enterprises are moving their off-the-shelf applications to the cloud, but most are still struggling to migrate the applications that they have developed in-house. Many enterprises have hundreds of these custom applications, often on isolated legacy platforms.

While existing cloud service providers abstract away the complexity of hardware and software infrastructure, they do not address the fundamental issue with custom applications — how do you accelerate the development and deployment of these applications in a cloud environment?

ServiceNow radically simplifies the delivery of custom cloud applications. With ServiceNow, developers automatically create a complete framework application simply by defining the application's data model. These framework applications are based on standard components that are configured graphically to meet application-specific requirements. This eliminates time-consuming, error-prone activities — freeing up skilled developers to focus on coding high-value business logic. The result is faster application delivery, better application quality and lower development costs.

At the same time, ServiceNow provides a highly capable and robust cloud platform for these custom applications. High availability, superior scalability and enterprise grade security make it the platform of choice as enterprises migrate their in-house applications to the cloud. ServiceNow's multi-application platform and rich integration capabilities also make it easy to drive end-to-end processes across both custom and off-the-shelf applications — turning custom applications from a liability into a strategic advantage.

...................................................................

Click Here to download PDF version.

...................................................................