Securities America IS Director Joe Dennick, left, is responsible for creating and managing his firm’s applications, networks and infrastructure.

Joe Dennick, IS director at Omaha-based Securities America, needed an authentication approach using a database-management system–and he needed that system to maintain 99.9% uptime. He did not need it to be expensive–and he had more than 1,500 independent brokers waiting for his solution.

Dennick is responsible for fulfilling commitments for all of Securities America’s networking computer systems. This involves creating and managing applications, networks and infrastructure. “These applications must be always on, because they form part of the core of our competitive advantage,” he says.

Securities America provides its financial representatives with the tools they need to offer the highest-quality guidance and advice to investors. Everything the firm does revolves around fostering independence and helping its representatives deliver the best financial products, services and financial counsel to their clients.

Securities America’s e*Office Advantage online workstation allows representatives to manage their clients’ accounts in one convenient place. This technology makes office work more efficient, so representatives spend more time and resources providing quality advice to their clients and building their practices.

Securities America brokers use an Internet connection when making securities transactions for clients. Brokers need to be able to log onto the company’s network and quickly make transactions in real time, any time, from anywhere. Just as importantly, each broker must be provisioned flawlessly and the network must be completely secure, balanced and available 24/7.

Single point of failure
Further, the login process is a necessary administrative step that acts to vet the broker and pass his entitlements to the other applications. So this step, critical as it is for the security and integrity of the rest of the system, must happen flawlessly and quickly. If brokers had problems logging into the network, Securities America’s business would suffer.

“The authentication function requires a database-management system, yet databases have the potential to be the single point of failure in applications that need to be fault-tolerant,” Dennick says.

To avoid this single point of failure, he determined that a database clustering solution was needed. “We considered two other clustering solutions, but both require shared disk and extra licensing fees, making both solutions an expensive proposition. To solve this problem, we chose the Emic Networks Application Cluster (EAC) to implement a fault-tolerant, load-balanced database cluster on a LAMP application stack, enabling both a robust and a cost-effective solution,” Dennick says.

While building such a critical application on a LAMP (an open source Web platform) application stack is becoming more common, Dennick notes that he has been getting requests for Linux from an unexpected direction: end-users. Usually, Linux is a favorite of programmers and other hard-core computer buffs, and IT managers who want to reduce their software licensing costs, not business users who would have to learn a new, relatively unfriendly operating system, he says. Many of Dennick’s users, however, are business owners themselves.

“Many of our customers have asked us to head in that direction so that they can get out from under Windows,” he says. “They have to buy their own licenses from Microsoft, and they’d rather run Linux so they don’t have to pay for it. That’s definitely an example where cost is an issue.”

Reducing costs was not the sole motivation in the design of the system, however, as a cheap but unreliable system would not be acceptable for either Securities America or its brokers. After careful evaluation, MySQL was chosen as the database-management system for the application. According to Dennick, MySQL is ready for prime time. “In fact we’d like to switch over all of our databases–including mission-critical Sybase databases,” he says.

clustering choice made
In Dennick’s view, however, MySQL is missing certain key functionality, including high availability, scalability, and effective load balancing and failover for users. The MySQL native replication, which is based on a master-slave implementation, was judged unacceptable.

Emic Application Clustering was chosen as the best solution to provide Dennick’s database and Apache Web-based server network the high availability, scalability and manageability services that were required. With EAC for MySQL and Apache, login requests are performed reliably, he says, including IDs, passwords, entitlements and session states. Further, the IT department can easily manage the network from a single management console.

“EAC enabled us to implement a highly available, load-balanced database cluster on relatively inexpensive hardware,” Dennick says.

The cluster is deployed on three Compaq servers that cost approximately $5,000 each, with their own local copy of the database and Web root directories using EAC for both MySQL and Apache.

“Initial Web pages are served by the Apache Web Server, and the login requests are handled by MySQL, which holds all of the users’ login IDs, passwords, entitlements and session states,” Dennick explains. “Combining these services on one cluster means that they are always available, scalable and easy to manage.

“The main benefit gained through this solution is that if one server fails or must be taken out of service for routine maintenance, the other servers can continue to authenticate users, as each has a fully replicated copy of the MySQL database local to it. This provides a ‘shared nothing’ architecture, removing all single points of failure, as well as allowing the cluster to use cost-effective hardware. The data is securely replicated using a total order, secure group communications protocol.”

This is significantly different from any master/slave replication that forces all updates through the master only, he adds. In these cases, a failure of the master will cause the system to go down and slaves could quickly be overwhelmed by high transaction rates.

According to Dennick, many of the large, commercial database engines offer a clustered solution, but these often involve shared disks, meaning there is only one physical copy of the database being accessed by multiple database servers (nodes). Emic’s design encompasses both load balancing (sharing the load between multiple servers or nodes) and total order replication. Shared storage (usually in the form of network-attached storage) is expensive to purchase and can lead to a single point of failure. EAC eliminates the need for expensive storage, as well as this single point of failure, he adds.

redundancy in nodes
EAC distributes incoming requests evenly across available nodes and replicates the data on a second (heartbeat) network. If a node crashes, the remaining nodes can carry the load. When the failed node comes back online, it automatically obtains a copy of the data from one of the other nodes so that its copy of the active database and Web root directories is current and up to date.

While Dennick would like to move all his systems to MySQL, given the mission-critical high availability that is gained via the implementation of EAC, Securities America has more than 1,000 stored procedures written for Sybase. If the company switched over fully, all those procedures would have to be rewritten. The next version of MySQL, 5.0, however, is expected to provide full support for stored procedures, but Dennick does not yet know if he will be able to transfer Securities America’s existing procedures over without major rework. 

Securities America also uses a SunGard application called Planning Station, which is an asset-planning utility. “It’s a commercial application but we can run it on any database we want to, and so we’re running it on MySQL,” Dennick says.

The firm is using other open-source applications. “There’s quite a bit of the Apache Web server application,” Dennick says. “We also use the Cyrus e-mail system, Bind DNS and Asterix, an open-source Internet telephony application.”

Other open-source applications are used for Web filtering and blocking spam. “We’re a little further advanced than most firms, but a lot of them are starting to get into open-source platforms because they realize they make sense for their companies,” explains Dennick. “They’re better applications, with lower cost of ownership, faster and easier deployment, and they’re not proprietary. I can run them on any platform I want to run them on.

“Linux is more stable and easier to maintain than Windows,” he adds. Securities America buys support from MySQL and Emic Networks, Dennick says, but for other open-source applications, he has to turn to the open-source community.

“You can find very good support through user groups,” he says, “but it’s obvious that you’re going to find the documentation isn’t quite as mature as for commercial applications. Just getting the stuff installed and finding out what the features are is a little challenging.”

Since the people who actually use it are the ones who write open-source software, it often has more functionality or is better targeted than commercial systems, he says. “It’s safe to say that if a company doesn’t have an open-source policy, it really needs to have one.”

Securities America runs Emic Application Cluster on Red Hat Enterprise Server 2.0 and 3.0, operating on Compaq (HP) ProLiant servers. A software solution, EAC offers clustering for cornerstone, open-source business applications and supports the open-source stack of MySQL, JBoss and Apache. Emic also adds a layer of functionality to MySQL with clustering, load balancing and fault management.

According to Dennick, the software does not require any modifications in the platform or the application. Installation can take from a couple of hours to a day or so, at a cost of $15,000 to $25,000 for a typical deployment.

The total cost of deploying MySQL with high availability and load balancing from Emic is about a fifth of the price of a comparable all-proprietary solution, Dennick says. The cost savings come from being able to use low-cost hardware, an almost-free operating system and an almost-free database program.

Dennick adds he would continue using open-source software even if he has to start paying licensing fees. “We’re not using open source because it’s free,” he says. “We’re using it because it’s good technology. If it means that we have to buy licenses, we’ll do it.”

About Emic Networks Eero Teerikorpi Emic Networks was founded in 2000 by Internet security and traffic-management specialists in response to the explosive growth in the need for reliability and performance in mission-critical applications. Emic has customers in 12 countries and sells its products through direct and indirect channels, targeting customers in the financial services, telecommunication and retail segments. The company is headquartered in San Jose, Calif. Eero Teerikorpi, CEO at Emic, brings more than 20 years of management experience in high-tech companies. Teerikorpi is also a founding partner at Blue White Venture. Prior to co-founding Blue White Venture, he was president of Capslock, and was vice president of business development and a board member at Esker S.A. Teerikorpi previously was president and CEO of Alcom Document Communications Corp., where he led a management buyout. Alcom was acquired by Esker in 1999. Emic develops and markets a suite of high-availability, high-performance and manageability services for open-source solutions. The company supplies synchronous data replication, hot standby with failover, disaster recovery and online maintenance to minimize downtime. To allow applications to scale seamlessly, Emic provides dynamic load balancing and the ability to add new servers to the cluster in real time. For more information from Emic Networks: www.rsleads.com/504cn-262