digatus_logo
Search
Generic filters
Filter by Standorte
Filter by Funktionen
Search
Generic filters
Filter by Standorte
Filter by Funktionen

Enhancement of the Nokia Software Monetization Platform

As part of the further development of Nokia’s own software Monetization Platform, we supported the Nokia team in integrating new features into the system and provided advice on technical issues.

Customer: Nokia

Nokia is one of the world’s leading communications service providers and is involved in constructing and maintaining communications networks. Furthermore, Nokia is currently strong in research and development of 5G networks. Nokia has 155 years of experience and currently employs approximately 98000 people around the world.

Situation and challenges

The Software Monetization Platform department is responsible for providing various software packages to Nokia customers. The focus is on the highest possible degree of automation of the process from upload to deployment. A JFrog Enterprise+ installation takes over the central administration of the individual software packages. Nokia extends this platform with additional services for better adaptation to the rest of the environment. The task of digatus was to integrate new features into the system through different services and provide advice on technical issues.

The first requirement was to create a possibility to provide the software packages via an SFTP server. The SFTP server should be secured by engaging certificate-based authentication. Customers should receive the current software packages from the SFTP server without having to access an Artifactory instance.

The second requirement was establishing a malware scanning process to scan all software packages for unintentionally introduced viruses or other malware before delivery and to interrupt the delivery process if infections are found.

Another task that digatus took on was establishing new JFrog Enterprise+ environments on Microsoft Azure Cloud, in order to increase the coverage of software deliveries to additional key customers of Nokia, as well as to provide internal build pipeline verification possibilities for multiple development units in Nokia.

“To summarize, all team members have been providing excellent performance and managed to fulfill the expectations defined towards the team. It has been a pleasure to work with the high-performing digatus team, and I look forward to continue the cooperation with them in the upcoming period as well.”

Andor Fauszt – SW Monetization Product Owner, Nokia

Solution

The digatus crew was integrated into the existing team by a product owner on the Nokia side. The project was organized according to the SAFe Framework.

When it comes to the first requirement, the following solution has been agreed upon and implemented by the team: the release bundle should be delivered to the SFTP server. After that, a publishing process is initiated, which usually transfers the release bundle to a so-called Artifactory Edge Node. An Artifactory plugin intercepts this request and forwards it to a Golang service on the SFTP server. This service authenticates itself against Artifactory and downloads the required files into a folder shared with the SFTP service. Installing the services in separate containers ensures that in case of a compromised SFTP server, Artifactory cannot be accessed.

A plugin and additional service realized the mal- ware scanning in Artifactory. Every single upload to Artifactory happens in a separate area, which is not accessible by customers. The service downloads the files for scanning and forwards the request to a malware scanner. Based on the scan result, the file is either being quarantined or published. This way, it is ensured that no file can be delivered to the customer without being scanned.

The digatus team also took over the installation of two new JFrog Enterprise+ instances in an Azure environment. Artifactory is executed in a high-availability configuration to ensure increased reliability and fault tolerance.

Customer benefits

digatus was able to contribute to increase software delivery coverage to customers and internal verification possibilities, ensuring faster feedback loops, better quality of software deliveries and hence achieving increased customer satisfaction. Through the SFTP service an important customer of Nokia can be served via the SFTP protocol. Furthermore, the malware scanning process ensures the security and integrity of the delivered software.

The implemented improvements as well as the technical advice provided by digatus, enhance the progress on the way to the automated software monetization platform.

Daniel Bäumler

Daniel Bäumler
As a driving force for digital transformation in companies, he is responsible for the technical orientation in the area of development and digitization of business processes. His expertise ranges from agile software development and new communication media to the customer- and data-optimized design of complex platforms.

Contact

Get in touch with our experts. Please call +49 89 2 62 07 56 12 or use the contact form:
By submitting this form, I consent to the processing of personal data in accordance with the Privacy Policy.*

Similar Posts

Carl-Friedrich Heintz
Munich / Paris, May 2024. digatus, the IT services and consulting group, continues its growth course and launches activities to expand into the French market.
Hannes Götz
After the sale of the former Siemens ITS division and the change of name to Yunex Traffic, the new company had to stand on its own two feet in order to sever the connections and dependencies to the Siemens Mobility systems. Thanks to its many years of experience with carve-outs in large companies, digatus was able to provide Yunex Traffic with targeted and efficient support on the path to transformation.
Ida Mußack
The Willi Elbe Group currently consists of the headquarters in Tamm, Germany, as well as six other locations in Germany, Bulgaria, Norway, Mexico and China. Information security is an issue of rapidly increasing importance, which is why the TISAX label was introduced in the automotive industry. OEMs are currently asking their suppliers to provide evidence of this label as a prerequisite for further co-operation. Accordingly, the Willi Elbe Group is also faced with the task of fulfilling the information security requirements.