Security, Reliability, Scalability, and Availability
An enterprise system must be secure, reliable, scalable, and available. Notification Services addresses these requirements in the programming framework and in the architecture of the server running Notification Services.
Notification Services, the Microsoft .NET Framework, and SQL Server incorporate design features that allow application developers and administrators to enforce end-to-end security for the applications and the overall deployment:
- Notification Services uses industry-standard Web security models to communicate across the Internet using wired and wireless devices. It uses standard Microsoft Windows security mechanisms and SQL Server 2000–based security mechanisms to protect the server.
- Individual Notification Services instances are isolated from each other using SQL Server 2000–based security mechanisms. This ensures that multiple instances can be hosted on the same computers while safeguarding the security of each individual instance.
- Individual subscribers are isolated from each other because of the programming paradigm that notification applications support. As a result, each subscription is processed as though it were the only subscription in the system.
- Application developers can extend Notification Services by defining their own event providers. These are run as managed code supported by the .NET Framework, thereby ensuring that they do not compromise the security of the server.
SQL Server 2000 has a highly reliable database engine that stores data and processes subscriptions. Notification Services, by using managed code for custom components, ensures that custom components do not compromise the stability of the system. Notification Services benefits in the following ways:
- The subscription data managed by Notification Services is stored in SQL Server 2000, a highly robust database server that supports write-ahead logging and failover clustering.
- The processing of events, subscriptions, and notifications in Notification Services is fully transactional, thereby providing additional reliability guarantees. Note that some delivery protocols (for example, Simple Mail Transfer Protocol or SMTP) do not provide guaranteed delivery of messages; however, the Notification Services platform has retry logic that enables an application to resend messages to attempt delivery again.
- Application developers can build reliable event providers and reliable delivery protocols, for example, based on Message Queuing (also known as MSMQ), thereby achieving complete end-to-end reliability.
Notification Services supports high-throughput applications with thousands of incoming events per minute, millions of subscriptions matched, and thousands of notifications delivered per minute on a multiprocessor Windows–based server. Applications can scale in several ways:
- Subscription logic can be run in parallel, benefiting from scale-up efficiencies in the underlying SQL Server database engine.
- Notification Services is multithreaded and scales up when run on a multiprocessor computer.
- The Notification Services service can be deployed on one server and the Notification Services database can be deployed on another server. This configuration is very efficient because notification generation is performed on the database server while notification formatting is performed on the Notification Services server.
- A single instance can support multiple event providers and multiple distributors. You can distribute the event providers, generator, and distributors across two or more servers. The ability to scale out the distributors is important in deployments where there are large notification volumes with significant formatting and delivery overheads.
- For further scale-out, you can partition subscriptions across multiple Notification Services instances, each of which operates independently. Because the application model makes the subscriptions independent of each other, such partitioning is natural, which makes notification applications highly scalable. You must implement subscription partitioning in your application. Notification Services does not currently partition subscriptions for you automatically.
In an instance of Notification Services, all data and state is maintained in the SQL Server database server. Only transient data is maintained in the event provider, generator, and distributor. This is a critical aspect of the design, because it makes system availability solely dependent on the availability of the database server.
SQL Server is a reliable database server with a variety of high-availability technologies, including SQL Server 2000 failover clustering, log shipping, and transactional replication. The database server can be configured to handle hardware failures seamlessly.