digatus_logo
Search
Generic filters
Filter by Standorte
Filter by Funktionen
Search
Generic filters
Filter by Standorte
Filter by Funktionen

Enhancement of the Nokia Software Monetization Platform

As part of the further development of Nokia’s own software Monetization Platform, we supported the Nokia team in integrating new features into the system and provided advice on technical issues.

Customer: Nokia

Nokia is one of the world’s leading communications service providers and is involved in constructing and maintaining communications networks. Furthermore, Nokia is currently strong in research and development of 5G networks. Nokia has 155 years of experience and currently employs approximately 98000 people around the world.

Situation and challenges

The Software Monetization Platform department is responsible for providing various software packages to Nokia customers. The focus is on the highest possible degree of automation of the process from upload to deployment. A JFrog Enterprise+ installation takes over the central administration of the individual software packages. Nokia extends this platform with additional services for better adaptation to the rest of the environment. The task of digatus was to integrate new features into the system through different services and provide advice on technical issues.

The first requirement was to create a possibility to provide the software packages via an SFTP server. The SFTP server should be secured by engaging certificate-based authentication. Customers should receive the current software packages from the SFTP server without having to access an Artifactory instance.

The second requirement was establishing a malware scanning process to scan all software packages for unintentionally introduced viruses or other malware before delivery and to interrupt the delivery process if infections are found.

Another task that digatus took on was establishing new JFrog Enterprise+ environments on Microsoft Azure Cloud, in order to increase the coverage of software deliveries to additional key customers of Nokia, as well as to provide internal build pipeline verification possibilities for multiple development units in Nokia.

“To summarize, all team members have been providing excellent performance and managed to fulfill the expectations defined towards the team. It has been a pleasure to work with the high-performing digatus team, and I look forward to continue the cooperation with them in the upcoming period as well.”

Andor Fauszt – SW Monetization Product Owner, Nokia

Solution

The digatus crew was integrated into the existing team by a product owner on the Nokia side. The project was organized according to the SAFe Framework.

When it comes to the first requirement, the following solution has been agreed upon and implemented by the team: the release bundle should be delivered to the SFTP server. After that, a publishing process is initiated, which usually transfers the release bundle to a so-called Artifactory Edge Node. An Artifactory plugin intercepts this request and forwards it to a Golang service on the SFTP server. This service authenticates itself against Artifactory and downloads the required files into a folder shared with the SFTP service. Installing the services in separate containers ensures that in case of a compromised SFTP server, Artifactory cannot be accessed.

A plugin and additional service realized the mal- ware scanning in Artifactory. Every single upload to Artifactory happens in a separate area, which is not accessible by customers. The service downloads the files for scanning and forwards the request to a malware scanner. Based on the scan result, the file is either being quarantined or published. This way, it is ensured that no file can be delivered to the customer without being scanned.

The digatus team also took over the installation of two new JFrog Enterprise+ instances in an Azure environment. Artifactory is executed in a high-availability configuration to ensure increased reliability and fault tolerance.

Customer benefits

digatus was able to contribute to increase software delivery coverage to customers and internal verification possibilities, ensuring faster feedback loops, better quality of software deliveries and hence achieving increased customer satisfaction. Through the SFTP service an important customer of Nokia can be served via the SFTP protocol. Furthermore, the malware scanning process ensures the security and integrity of the delivered software.

The implemented improvements as well as the technical advice provided by digatus, enhance the progress on the way to the automated software monetization platform.

Daniel Bäumler

Daniel Bäumler
As a driving force for digital transformation in companies, he is responsible for the technical orientation in the area of development and digitization of business processes. His expertise ranges from agile software development and new communication media to the customer- and data-optimized design of complex platforms.

Contact

Get in touch with our experts. Please call +49 89 2 62 07 56 12 or use the contact form:
By submitting this form, I consent to the processing of personal data in accordance with the Privacy Policy.*

Similar Posts

Mathias Müller
Over the last few years, we have been intensively addressing one question and solving the resulting problems: Why do so many companies underestimate the complexities and challenges when it comes to new modern IT solutions, especially in the context of Microsoft365? Of course, there is no simple answer that is 100% right for everyone. However, with the right partner and a suitable concept, every company can avoid the biggest problems in this context. To this end, we have collected all our experience from projects that have run well and those that have not, structured it and summarized it into our own approach three years ago: our Cloud Innovation Journey. In this reference, we show how we helped NürnbergMesse GmbH to implement a clean and successful cloud project precisely through this structure and approach.
Alexander Dürst

Data has long been considered the new oil. But without the appropriate processing, even oil is worthless. The same is true for data. Only when valuable information is extracted from it are data pools in companies valuable. One way to extract information for process optimization is process mining.

Dennis Heller

The idea for this blog post series arose from the situation at a customer, where we introduced CI/CD because the manual workload was no longer manageable. The following instructions are therefore fresh from practical experience. For simplicity, we have shortened the long road of trial and error and present here only the final results. The code snippets are exemplary but sufficient to present the functionality.