Internet EDI Grows Up
Using the new AS2 protocol, Web-based EDI saves thousands of dollars, but you have to become your own VAN.
Computerworld - When a company as big as Wal-Mart talks, everybody listens. When the retailer announced in September that it would do electronic data interchange (EDI) with suppliers over the Web instead of using value-added networks (VAN), it was a signal that EDI over the Web is ready for heavy-duty corporate use after years of development.
Driven by the prospect of saving thousands of dollars a month, more and more trading partners are sending EDI messages over the Internet -- the closest thing in networking to a free lunch -- rather than over third-party network services, according to vendors and analysts.
Although such a move can pay for itself in as little as two months, it requires customers to do some of the work the VAN used to do, such as making sure the proper person is notified if a purchase order or invoice doesn't get through. However, if customers can cost-effectively become their own VANs and choose the right Web EDI tools, the savings can be compelling.
Credit: Richard Borge
Wal-Mart Stores Inc., which declined to comment for this story, is using Commerce Suite software from iSoft Corp. in Dallas to do EDI over the Internet. It's something iSoft CEO Christian Putnam says "some of Wal-Mart's largest trading partners have been doing" for almost a year.
Jewelry and eyeglasses distributor AAi.FosterGrant Inc. in Smithfield, R.I., has so far moved only four of its 30 customers to EDI over the Web, but its VAN bills have already dropped 8% to 10% per month, says IT director Martin Temple. And office furniture manufacturer Haworth Inc. expects to save $3,000 per month by moving EDI traffic at headquarters from a VAN to the Web, says Steve Wilkins, a manager of application support and development at the Holland, Mich.-based company.
Of course, it has been possible to do EDI transactions over the Web for years. But it often meant installing software from the same vendor at both ends of the transaction, something that's hard to do for thousands of trading partners, many of which are small businesses. But over the past year, two things have greatly boosted acceptance of EDI over the Web, says Pete Abell, director of retail research at AMR Research Inc. in Boston.
One is the widespread adoption of AS2, the Electronic Data Interchange Internet Integration Applicability Statement 2 protocol. AS2 provides certificate-based encryption for security and data compression for better performance.
The second is interoperability testing of AS2 products. The testing is sponsored by Lawrenceville, N.J.-based Uniform Code Council Inc. and performed by Fort Worth, Texas-based Drummond Group Inc.
So far, more than a dozen vendors have made the Drummond cut, including bTrade Inc., iSoft, Cyclone Commerce Inc. and Sterling Commerce Inc. This means a large supplier can buy a single Web EDI package and be sure it will work with all of its customers, rather than having to buy different software for use with the various VANs its major customers use.
AS2 also eliminates the need to install proprietary software at supplier sites, because suppliers can conduct EDI either through a Web browser or by using AS2-compliant client software, often provided free or at a nominal cost by a supplier's customer or a software vendor.
With AS2, managing the certificates that encrypt and decrypt EDI documents "is not real difficult," because TDPeer from bTrade provides a "structured library" to track and manage the keys used by trading partners, says Eileen Newell, a systems analyst at AAi.FosterGrant.
Newell says she's not too worried about security, especially after seeing an EDI document a trading partner had encrypted using the wrong key. The message was totally unrecognizable -- just as it would be to a hacker who used the wrong key.
Not everyone is so confident. John Semenek, manager of strategic technology at Levy Home Entertainment LLC, is used to doing EDI transactions with customers using the earlier AS1 protocol, in which security is managed by the Simple Mail Transfer Protocol and EDI transactions flow to a specific mailbox on his system. When the Hillside, Ill., book distributor moves to AS2, as required by Wal-Mart, he'll need to open his internal systems to HTTP traffic coming directly from his customers.
"Obviously, I'm going to try to lock that down as tightly as I can," by allowing inbound traffic only from specific IP addresses, he says.
"But it becomes very dangerous if they change IP addresses or have a range of IP addresses," Semenek says, which would require him to constantly reconfigure his firewall to maintain security.
One early concern -- that the Web is slower and less reliable than VANs -- doesn't seem to be a big issue for IT shops. Customers say they've seen dramatic performance increases by moving trading partners from dial-up connections to high-bandwidth Web connections. The data compression provided by AS2 doesn't hurt, and neither do capabilities such as load balancing and queuing, which are offered by vendors such as iSoft.
Another service typically provided by VANs is nonrepudiation, that is, proving a customer sent a transaction in case of a dispute. Nonrepudiation is handled by the AS2 protocol and isn't much of a problem in the business-to-business world, says Putnam, since suppliers typically "don't argue with their major customers" over such issues.
One job that can take extra time, though, is configuring firewalls to make sure that only the right traffic gets through. Tasks such as this are why it takes longer to bring a new trading partner into the EDI loop, Newell says.
When Newell used a VAN, bringing up a new business partner on EDI took only about eight hours. But doing the same thing for one new customer on the Internet, along with testing EDI Web links for two other customers, "has been my full-time job" for the past two months, she says.
Other problems can arise when steps that improve security cause data formatting problems, says Kerri Apple, vice president of development and operations at bTrade in Irving, Texas. One example: Putting a Windows-based AS2 server outside the corporate firewall will help keep the internal network secure, but then you'll have to translate that data into a form that can be read by an AS/400 behind the firewall.
According to Newell, monitoring EDI transactions to make sure that the proper transactions went through over the Internet takes an extra half-hour per day on top of the hour she already spends monitoring transactions done over a VAN.
Vendors build alerts into their software that trigger when a trading partner fails to send a "message-disposition notification" to the sender, says Apple, but the sender must still have someone who knows "what to do in the event of these failures."
Semenek is also concerned that he'll lose control over when he receives and must respond to EDI transmissions from his trading partners. "If they just start banging out transactions whenever they choose and as often as they choose, they might expect an immediate response," he says, which could interfere with other scheduled systems work, such as backup or maintenance.
But Frank Kenney, an analyst at Gartner Inc., says most companies are turning to EDI over the Web to cut costs, not to process transactions more quickly. Even if it's not a free lunch, it's plenty appetizing for many former VAN customers.
Scheier is a freelance writer in Boylston, Mass. He can be reached at email@example.com.
- Network Turbulence Ahead!
- The Story So Far: The Telecom Industry
- Coping With Telecom Turmoil
- Internet2 and You
- Internet Protocol Version 6
- Ethernet Goes Metro
- Wringing Savings From VOIP
- Internet EDI Grows Up
- How Your Career Can Thrive in the Networking Field
- The Next Chapter: Wide-Area Networks
- The Almanac: Enterprise Networking
- User cuts telecom costs by 20%
- Where computers and telephony meet
Read more about Networking in Computerworld's Networking Topic Center.
- Capabilities You Need in an IP Address Management Solution A mismanaged IP space can cripple an otherwise healthy network. Take a moment to understand what you need in an enterprise-ready IPAM solution.
- IPv6 Fundamentals IPv6 is needed to sustain the growth of the Internet. The transition from IPv4 will require planning and likely some degree of support...
- Fixing Intermittent Performance Problems Intermittent performance problems are among the most frustrating and time-consuming issues IT administrators face. Read this white paper and learn how technology advances...
- 3G/4G Digital Signage Guide Today, the widespread availability of 3G and 4G cellular or wireless broadband networks enables digital signage to be deployed virtually anywhere.
- Live Webcast 5 Steps to Assuring Quality of Experience In order to align monitoring and management practices with the true demands of the business, IT professionals must expand beyond traditional comfort zones...
- Live Webcast Master the Changing SAP Landscape with Performance Management SAP landscapes are not getting simpler. Gradually, business processes that used to be contained on a single SAP system now involve a range...
- Navigating the New Wireless Landscape Thriving in the new wireless landscape View Now>>
- Deep Dive into Advanced Networking and Security with Hybrid Cloud Security and networking are among the top concerns when moving workloads to the cloud. VMware vCloud® Hybrid Service™ enables you to extend your... All Networking White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!