RFP Effort

Activities

• Review the current state and prepare a document of our understanding.
• Review CLIENTS/CUSTOMERS's existing Mainframe batch services and real-time SOA services, which were developed for public consumers, government agency consumers, and business services etc.
• Identifying the enterprise-level vision and goals for target state architecture is a task that holds the key to CLIENTS/CUSTOMERS's future IT landscape for API development in building real-time and near real-time services.
• Identify CLIENTS/CUSTOMERS's current security options from an API Management Solution perspective.
• Understand current security controls and fraud/attack prevention requirements.
• Understand current security monitoring/alerting/logging requirements.
• Understand the current API integrity/fraud/attack controls.
• Identify and document high-level API use cases that facilitate integration modernization. Example: How would CLIENTS/CUSTOMERS wrap a legacy system's interface into an API layer?

Deliverables

• Current state architecture and high-level design.
• Document current state connections for internal and external systems at a high level.
• Detailed Architecture diagrams of existing Mainframe, legacy layers.
• Current batch services are near-real-time services addressing the gaps, pain points, and issues.
• The legacy system detailed Assessment findings.
• CLIENTS/CUSTOMERS Architecture API RT and NRT Goals and Objectives.
• Identify and document high-level API use cases that facilitate integration modernization. Example: How would CLIENTS/CUSTOMERS wrap a legacy system's interface into an API layer?

Target state Architecture and vision

Our Architect team will analyze the information discovered during the current state assessment and develop a CLIENTS/CUSTOMERS target state architecture to build real-time APIs, ESB near real-time, batch, and bulk API services with ESB/API Vendor product or open source. Following are the activities:

Architecture Requirements

• Provide data points used to arrive at various components of the target state.
• Architecture, with special focus on the capabilities of API gateway, ESB, and services layers that fit CLIENTS/CUSTOMERS all use cases.
• Develop API's RT and NRT services strategy infrastructure requirements with proper sizing.
• The target state should have decoupled layers as much as possible, i.e. API Layer <-> ESB Layer <-> Services Layer.

Integration Requirements

• Identifying and recommending the best/correct integration patterns for future state.
• Identify how to scale and expand the integration platform.
• Recommendations for Cloud Environment clustering for all API/REST services.
• Detailed document to address target state tiers or layers that are loosely-coupled.

Security Requirements

• Security architecture approval working with enterprise security team for API services

Development Requirements

• Develop a migration plan to replace or phase out/decommission/sunset existing services.
• Establish recommended design patterns for API microservices and ESB Services
• Provide guidance on API governance and faster turnaround time
• Ex: Governance 3-day turnaround time even with all required approvals.
  Deliverables ,Target State Architecture
• Design Blueprint with API and modern SOA/Micro Service platform architecture.
• Integration approach for design, building, testing, and deploying real-time high availability APIs, near real-time if any batch and bulk APIs.
• Define component design with ESB/API Vendor product or open source connections and configure the gateway for both CLIENTS/CUSTOMERS external and internal applications.

The complete security implementation approach includes authentication, authorization, data encryption, and Data masking, along with guidance and Best Practices on the Security Architecture for API services with ESB/API Vendor product or open source API Gateway connecting thru CLIENTS/CUSTOMERS external and internal systems.

API's ESB and CloudHub implementation best practices high-level strategy document. Infrastructure CloudHub architecture and deployment strategy align with CLIENTS/CUSTOMERS enterprise target architecture.

Target state Architecture Strategy

Develop a strategy and roadmap for the CLIENTS/CUSTOMERS department to move efficiently from the current state to the target state. The following are the activities:

Architecture Requirements

• Target State Architecture: The document and presentation to move efficiently from the current state to the target state.
• Migration plan:Detailed migration plan strategy that aims to replace and phase out existing services.
• Resource plan: Allocating detailed tasks based on individual skill sets to reach the target state efficiently.
• High level Significant changes: Identify and address possible high-level changes and dependencies to CLIENTS/CUSTOMERS services that significantly impact the migration process.
• Cloud Deployment Strategy: High-level cloudHub deployment strategy, e.g., IaaS, PaaS, etc.

Integration Requirements

• Create a detailed roadmap for API strategy and Legacy/SOA modernization.
• Create API best practices document by identifying operational considerations and concerns.

Security requirements

• Recommend high-level security requirements for future state ESB/API Vendor product or open-source API's RT/NRT ESB services.

Development requirements

• Recommend design patterns for microservices and APIs based on appropriate use cases and inventory.
• Provide recommendations on ownership and development of APIs from both a business and technical perspective.
• Recommendation of DevOps strategy and best practices for building a robust CICD pipeline using Azure DevOps.