Loosely coupled systems are better
By was on Jan 25, 2009
My team and I have never been part of IT. We've always been somewhere on the peripheral, building, hosting, running web systems. I don't know if that's good or bad, but there have been side effects.
One of those side effects is that we never had access to back end IT systems inside of Sun's wide area network. We just ran things ourselves out on the edge. If someone inside needed data from our databases, we'd either copy the database daily or open SSH tunnels from inside to the external databases.
This turned out to have lots of advantages, and some disadvantages. The biggest disadvantage was that we really wanted access to some of those IT systems (customer record systems, etc.) Another disadvantage was that we had to maintain the SSH tunnels which became problematic over time.
So we created persistent VPN tunnels. And have paid the price ever since. Since we're not part of core IT, things happen on the network, we don't get notified, and the VPN drops. This has happened so often, I've thought of dropping the VPN. I'm starting to think of an alternate - like the VPN should be treated as a really terrible phone line. It only works occasionally, so use it that way.
Unfortunately my engineering teams have come to depend on the VPN - and that's going to have to change. Which means more work, and work I really don't want to do.