Portal vs. ArcGIS OnlineWhen, Why & How to Install Each
What’s a Portal?
It’s a very generic word:
Roots dating back hundreds of years
Computing Portal
A Web portal or public portal refers to a Web site or service that offers a broad array of resources and services, such as e-mail, forums, search engines, and online shopping malls. The first Web portals were online services, such as AOL, that provided access to the Web, but by now most of the traditional search engines have transformed themselves into Web portals to attract and keep a larger audience.
An enterprise portal is a Web-based interface for users of enterprise applications. Enterprise portals also provide access to enterprise information such as corporate databases, applications (including Web applications), and systems.
Use of the word Portal
~1994: AOL becomes a Portal
…a web site or service that offers a broad array of resources and services, such as e-mail, forums, search engines, and online shopping malls.
Enterprise Mapping Portal Enterprise portals cover all areas of business Mapping Portals were a logical evolution of
GIS
ArcGIS Meets Portal The first portal offering was ArcGIS Online Defined Web GIS
ArcGIS Meets Portal Portal for ArcGIS simply moves Web GIS onto Your Infrastructure
The Importance of Capitalization
Upper Case Portal = Portal for ArcGIS Lower case portal = ArcGIS Online
(or lack thereof)
An ArcGIS portal is a web-based interface for users of enterprise mapping applications and/or informational products. An ArcGIS portal may be used via Esri’s software as a service (SAAS) offering called ArcGIS Online or fully on-premise via a local installation of the Portal for ArcGIS product.
The intent and usage of an ArcGIS portal are the same either way.
Why All the Talk About Portal?
Portal is the technology by which most GIS data will be served up and consumed in the future.
Really?
Let’s talk for a moment about why I say this.
The Utility Network is Coming
The utility network is Esri’s new network for managing connected electric, gas, & water facilities.
In Alpha right now, SSP has been testing & providing feedback (sworn to secrecy)
Many new benefits including non-coincident connectivity, structural associations, and containment modeling….
Editing of utility network will occur natively in ArcGIS Pro
SSP-Sponsored Pre-Conference Workshop at EGUG
Utility Network Runs on Fairy Dust
Where Fairy Dust = Portal Web Services! The Alpha version currently runs off direct connect to GDB BUT the final release will run off of REST End Points
Increased Performance Centralized Data Access
Also Available to WebMaps, Runtime, Third Party Integration
In my humble opinion, it will be a while before you use the Utility Network in a production system
But educate and prepare yourselves for the road ahead
Related Sidebar
1. Upgrade to ArcGIS Desktop 10.2.1 Esri will support this version until the Utility Network is ready Schneider will follow the leadership of Esri
Significant Performance Improvements Optionally Feeder Manager 2.0 Major Conflict Management Improvements
Esri Utility Patches Schneider 10.2.1b This only applies to Desktop/GDB, not to Server/Platform
The point is, utility network is not going to be ready in time for you to have a roadmap that excludes 10.2.1.
What Should We Do to Prepare for the Road Ahead
Related Sidebar
2. Implement a GIS portal Our topic for today!
ArcGIS Online (lower case p) Portal for ArcGIS (upper case p)
Introduces key future concepts to the utility: Web Services Named Users Operational Patterns: Expose, Collect, Empower
A GIS portal has major operational benefits to your utility today AND it creates the bridge between the geodatabase and ArcGIS Pro. Embrace a portal today to minimize change in the future.
What Should We Do to Prepare for the Road Ahead
Related Sidebar
3. Begin Using ArcGIS Pro Pro will be the primary editing environment for the Utility Network,
ArcMap cannot be used However, Pro cannot edit the geometric network we use today
We CAN use Pro for analysis, visualization, & content sharing ArcGIS Pro is directly tied to a GIS portal
Licenses are administered via your portal Login / data usage is tied directly to your portal Runs natively off of WebMaps / REST Services
Your ArcFM data can be used via services today
ArcGIS Pro will become very important to utilities in the future. Change management can be embraced early by starting adoption today. At least to start getting familiar with the application within the GIS department.
What Should We Do to Prepare for the Road Ahead
Administering ArcGIS Pro Licenses Licenses assigned in portal to a named user within your
organization. Standard or Advanced required for Utility Network
Architecture – ArcGIS Online SSP’s minimal recommended architecture
1.
2. 3.
4.
5.
6.
7.
Architecture – ArcGIS Online SSP’s minimal recommended architecture benefits
Fully secured via ssl (https) At ArcGIS Server (6443) At Web Adaptor (443)
Can store ArcGIS Server credentials in ArcGIS Online REST endpoints fully available to internet Any authorized device can access via internet Full editing available via proxy
_
Architecture – ArcGIS Online SSP’s simplified architecture with VPN
1.
2. 3. No Security Required
4.
5. VPN Client Req’d
• HTTP or HTTPS• Cannot Store
Creds
Architecture – ArcGIS Online SSP’s simple architecture with VPN benefits
Less need for security because no internet exposure Editing now works with latest versions of ArcGIS Online
Proxy no longer required
Possible Issues Cannot store ArcGIS Server credentials in ArcGIS Online
Possible Solution = leave the credentials off the REST endpoints (only available in back office)
REST endpoints are NOT available to internet Must have VPN on all internet clients
ArcGIS Online - Authentication Local Named User Storage in ArcGIS Online
Dedicated Username and Password Must manage separate password for these accounts
Easiest to Configure No need for ArcGIS Online to Access Internal LDAP
No LDAP / Active Directory Tie In No Single Sign On From an Authorization
Perspective, can still Authorize REST services with AD
ArcGIS Online Authentication
ArcGIS Online - Authentication LDAP / Active Directory User Tied to Named Users
Everyone Loves Single Sign On BUT, It’s proven Challenging to Configure via SAML
Must expose an Active Directory Federation Services (ADFS) Endpoint to the Internet Must load the XML Metadata from ADFS into ArcGIS Online Must generate and load XML Metadata from ArcGIS Online back into ADFS
Creates a Trusted Handshake Between the Systems
Most utilities have not been able to support the SAML Authentication requirements
ArcGIS Online Authentication
Architecture – Portal for ArcGIS SSP’s recommended Portal architecture
1.
2.
3. Full Portal
4.
5.
6.
7.
Architecture – Portal of ArcGIS SSP’s recommended architecture benefits
Fully secured via ssl (https) At ArcGIS Server (6443) At Portal (7443) At Web Adaptor (443)
All Authenticated Components Behind the Firewall Active Directory Can More Easily Be Used for User Authentication
Though not required
Full Portal Access via the Internet Any authorized device can access via internet Full editing available
_
Architecture – Portal for ArcGIS SSP’s Portal architecture with VPN
1.
2.
3. Full Portal w/Web Adaptor
4.
5.
Architecture – Portal of ArcGIS SSP’s recommended VPN architecture benefits
Fully secured via ssl (https) – Portal Runs with HTTPS Regardless At ArcGIS Server (6443) At Portal (7443) At Web Adaptor (443)
Authenticated Components Behind the Firewall Active Directory Can More Easily Be Used for User Authentication
Though not required
Full Portal Access via the Back Office & VPN Must have VPN on all Internet clients
Full editing available
_
Portal of ArcGIS - Authentication Can use the built-in user store
Locally defined users with unique passwords (identical to ArcGIS Online) Can use LDAP / AD for Authentication
Portal runs on a server associated with Active Directory Can therefore more easily use AD authentication
Simple JSON configuration using a system AD account for access Configure Windows Authentication at the IIS Level
Allows for standard AD challenge at the website level, pass-through to Portal
3 Approaches to Using Portal1. Registering REST Services Manually
This is how ArcGIS Online Works Publish MXD to REST Service Copy and Paste the REST URL into Portal
If secured, save credentials with the Service Item Add Service Items to WebMap
Loosely Coupled
3 Approaches to Using Portal2. Federating ArcGIS Server via Portal
Switch your ArcGIS Server Authentication to utilize Portal Both Server and Portal use the SAME identity store (both use AD) All Authentication to Server requires a Portal token Portal essentially owns your ArcGIS Server
When users publish MXDs to Server Automatic Creation of Service Items in Portal Simplifies the publishing process Can define portal metadata, sharing, etc. within MXD publishing process Keeps items in sync between Server and Portal
Server and Portal MUST be the same release
3 Approaches to Using Portal3. Designating Portal as a Hosted Server
Similar to Federation but Portal now has a Dedicated Geodatabase Allows Portal to host data just like ArcGIS Online does Requires adding a “managed” data store to ArcGIS Server
Publishers or Admins in Portal can add hosted feature services Upload a file GDB, shapefiles, CSV, etc. Mapping / Feature services can be created automatically Can also use with Esri Maps for Apps (ex. Excel can upload data to Portal via Maps for
Office) Server and Portal MUST be the same release
MUST be federated and MUST have a managed geodatabase configured NOTE: You can have multiple federated servers with Portal but only one hosted server
So when to use each? Both portals render similar Web GIS functionality when fully
implemented: Service Items WebMaps Web Applications Use of native iOS and Android Apps Data sharing Data collection Named User Model
So when should we use ArcGIS Online vs. Portal for ArcGIS?
Portal for ArcGIS Portal provides Significant Value @ Significant Cost
Key Pros: Fully On-Premise for Data AND Software Solution Significantly Easier Integration with Active Directory (no ADFS required) Federation Is a Nice-to-Have Allows you to own the entire solution
Key Cons: Additional Hardware Likely Required to Scale the Solution Additional Project Cost for Install, Configure, Secure Higher Support Costs for Patches, Upgrades, General Server
Support/Knowledge Summary = Higher Total Cost of Ownership
ArcGIS Online ArcGIS Online Includes Most Portal Functionality w/Out Setup
Key Pros: Full SAAS Offering Data Maintained Securely On-Premise Esri Handles Quarterly Releases, Support, Patches Updates No additional project cost for install, configure, secure Lower support costs Summary = Lower Total Cost of Ownership
Key Cons: Challenging Integration with Active Directory Requiring ADFS Heard of Some Performance Scaling Issues for Very Large Customers
Who wins in your fight? The decision will vary by utility based on your requirements
I believe it comes down to the importance of authentication & money
All things being equal, we recommend using ArcGIS Online whenever possible due to better benefits and a lower total cost of ownership.
Portal vs. ArcGIS OnlineWhen, Why & How to Install Each
Questions?
Skye [email protected]
www.sspinnovations.com | @SSPInnovations on Twitter | www.slideshare.net/sspinnovations
Top Related