The best of the best
July 29, 2009 9:15 PM   Subscribe

If money was no obstacle, what complete eCommerce solution would you deploy for a medium to large online company?

A complete solution could mean two systems tied together, one for the website and another for inventory (think about managing a large warehouse) or a system that handles both. The perfect product could be one developed from scratch, an existing framework that we could manipulate to our specific needs or a complete ready-to-go product.

I'm trying to identify examples of best practice solutions for the medium sized company and upwards - there are plenty of solutions for the small business (magento, shopify etc)

posted by simplesharps to Computers & Internet (3 answers total) 1 user marked this as a favorite
A medium to large online retailer (Fortune 2000) generally has distinct OMS, Payment, Presentation, Content and other back end systems that are integrated in to what is considered a typical e-commerce solution or environment. Generally you have not one silo, but several, including a pre-prod environment which contains your Dev, QA, Staging environments.

This is a good question, but it's one that is best answered with an RFP, as the only real way to answer it in any meaningful way is via a discovery period and vetting of multiple proposed solutions.

For example, you may be on an existing platform that has serious migration constraints pushing you towards a specific OMS implementation and payment card industry relationship. The business may have partnerships that require specific application stack partitioning to be PCI DSS compliant.

All of this is important when you evaluate the cost/value of every element of the infrastructure, from your hosting provider, the operating systems, cloud computing options, static content distribution options, backup solutions, DR and HA.

You simply cannot decide on a best practices implementation without having a thorough work through on the business requirements and a subsequent RFP.

If you're looking for a solid set of guidelines for an RFP, make sure it specifics PCI DSS compliance for all components and make sure every single requirements of the business is articulated, and prepare for meeting those requirements to come at a cost.
posted by iamabot at 9:27 PM on July 29, 2009

Ok, in the spirit of helping you out when money is no object (this is so horrifically expensive only the top e-commerce, banking, medical and airline industry people do it).

Leased Tier 1 Datacenter cages in 2 geographically diverse location.:
- Conditioned redundant power with onsite generation.
- 10 kw/per rack footprint minimum, up to 40kw depending on rack footprint layout.
- Availability of up to 100AMP redundant 3 Phase and all permutations down to single phase 110 non redundant with no rack footprint
- 24/7 remote hands.
- Fully redundant and provable network paths outside of the physical building supporting multiple tier 1 service providers (Verizon/AT&T/Internap/Equinix/Etc)

Logical/Physical Silo's:
Distinct Production, Staging, QA, Dev environments, DR is achieved via a secondary distinct datacenter that is also fully redundant for all components and connectivity.
All pre-prod silos's are distinct and separate from each other, datasets are not re-used from preoduction, the majority of all monitoring infrastructure is not re-used (there is a rising trend of data and network breaches via monitoring infrastructure as it is generally poorly secured and in turn monitored).
Traditional three tiered architecture: distinct DMZ, Presentation, Application and DataBase tiers, all tiers are separated via distinct firewalls, IDS/IPS sensors in high risk every tier and watching every transit vlan.
Application firewalls between Presentation and Application and Application and database tiers.
N+1 redundancy minimum everywhere.
F5 Load balancers with SSL offload, caching and integration with Global Site Load Balancing, Cisco switches and routers and firewalls.
Global Site Load balancing, DR is a duplicate of production and dev environments. DR handles no less than 25% of regular traffic volumes daily, production has the ability to handle 125% of projected peak seasonal load, DR can handle 100% of projected peak seasonal load.

Standardized server hardware:
DMZ, Presentation and App tiers: Vmware ESX running on HP DL360,380,580 for x86 and heavy app tier running ESX (use dedicated iron only where you have to.
IBM p series as your big iron for databases.
All servers attached to a big, fast SAN.

EMC Storage:
DMX 1500 (or up to 4500), plenty of calculation done on your iops and build in a HEALTHY growth factor, you don't want to discover you need a platform upgrade on your san that will cost you 10 million bucks in a peak season out of budget because your OMS grows wildly beyond your dreams, Cisco or Brocade SAN switches.

Network and Datacenter design and build:
For the love of god hire someone who knows what they are doing, it will be expensive as hell but will pay off long term for operations. This means:
Space and Power Planning expertise.
Cable Plant expertise.
Network design expertise.

Keep it Simple for yourself.

Hire people who know what they are doing to manage it or outsource it to a vendor, make them do fully disclosed DR exercises quarterly, hire a fucking wicked good lawyer (who knows the industry) and make sure that contract language includes escape clauses for you with penalties on the vendor for missing

Define measurable performance, buy or build tools to gauge it. Monitoring infrastrictures are expensive but they serve a purpose. E-commerce is not to be trifled with, the pitchforks and torches are already in the villagers hands if you or your vendors screw it up.
posted by iamabot at 9:55 PM on July 29, 2009 [3 favorites]

SImple- PM me for more deets. We just did this. It was grueling. What is "small to medium"? We're about 12 full-time employees doing around 6 mil, about 2-300k of which is in online consumer sales and the rest comes from wholesale stuff.

Our backend is Sage X3. It's a total powerhouse- It handles inventory, purchasing, accounting, broker payments etc etc. It's also a nightmare to implement- They nickle and dime you on everything (They charged us to take their consultant out to dinner. Read that again. Yes.), there is no documentation and large portions of the program are still in French.

Our front-end is Magento. It took some coaxing to get Magento to do what we needed and we're still not there yet, but if you have a dev. on hand, it's a dream machine. I adore it even when I'm looking it's deficiencies up and down.

We have 2 co-lo servers- an app server and a SQL server, same facility, and a VPS for the e-comm.
posted by GilloD at 4:58 AM on July 30, 2009 [1 favorite]

« Older How do I combine survey data collected in two...   |   Single female traveling alone and staying in a... Newer »
This thread is closed to new comments.