1. Familiarise and plan

Picture: The Familiarise and plan phase

Show larger picture

This section will get you started with deployment of the Suomi.fi Data Exchange Layer. You can also outsource the deployment of the Data Exchange Layer. Read more about the outsourcing from another article. 

Duration of the deployment

The deployment process of the Data Exchange Layer usually takes about 1–3 months but might also be shorter. The actual installation process is not very long in itself, especially if you are already familiar with the process. If an organisation joins the Data Exchange Layer as a service consumer, or if the organisation already has a security server that is connected to the Data Exchange Layer, the deployment process proceeds faster. It is a good idea to reserve a few weeks for firewall openings and granting of certificates. 

Planning of the deployment

Plan your deployment carefully to make it as smooth as possible. Keep in mind that your organisation's needs and resources have an impact on the process and should be taken into account already during the planning phase. Deployment planning is divided into administrative and technical planning. Note that despite this, planning must be carried out in close cooperation with all people and parties involved in the deployment process. You can find the steps that are included in the technical planning of the deployment from another page. 

This section contains: 

1. Learn about the opportunities and obligations
2. Consider the intended use of the Data Exchange Layer and your organisation's role in the Data Exchange Layer: Service consumer and/or Service provider
3. Agree on contact persons
4. Allocate resources and create a schedule
5. Prepare the necessary permits and contracts for your service

1. Learn about the opportunities and obligations 

Start the deployment process by exploring the Data Exchange Layer, the opportunities it offers and the obligations related to the use of the Data Exchange Layer. Below are a few useful pages that you should review before starting the deployment.

The opportunities of the Data Exchange Layer

• Learn about the Data Exchange Layer through the service description and the introduction video (YouTube video in Finnish, subtitles available in English)Opens in a new window.
• You can read in our customer stories how other organisations have benefited the deployment of the Data Exchange Layer.
• Familiarise yourself with the services offered through the Data Exchange Layer in the API CatalogueOpens in a new window.
• Learn about the environments of the Data Exchange Layer and the API Catalogue from a support article
• Familiarise yourself with the Data Exchange Layer's glossary, support articles and frequently asked questions.

The obligations of the Data Exchange Layer

• The deployment of the Data Exchange Layer is the responsibility of the related organisation or a possible intermediary. Therefore, carefully familiarise yourself with the technical overview of Data Exchange Layer in addition to the technical and administrative instructions for deployment
• The use of the Data Exchange Layer always requires applying for a user permit. The implementation of the services offered through Data Exchange Layer may also require applying for various permits. More information about service-specific application policies is provided by the organisation providing each service
• The use of the Data Exchange Layer requires maintenance of own information, security server and possible services. Maintenance is also a responsibility of the organisation or an intermediary that has joined the Data Exchange Layer.
• More about the obligations of the Data Exchange Layer can be read from the service's terms and conditions of use
  Suomi.fi Data Exchange Layer Terms and Conditions of Use (PDF, 473.41 kB)Opens in a new window.

2. Consider the intended use of the Data Exchange Layer and your organisation's role in the Data Exchange Layer

Before your organisation joins the Data Exchange Layer, consider what your organisation intends to use the Data Exchange Layer for. Does your organisation intend to: 

• Provide services for others (provider)? 
• Use the services offered by others (consumer)? 
• Or both?

The choice is not binding, but this is asked in the user permit application, so it is a good idea to have some idea. The role selected in the application can be changed later without a notice of a change in the role.

Service consumer

Implementing services is based on separate agreements between organisations and may require e.g. application for various permits. If your organisation intends to use services provided in the Data Exchange Layer:

• Familiarise yourself with services in the API CatalogueOpens in a new window. and map services that interest your organisation
• Contact the service provider and agree on the implementation
• Please note, that you cannot apply for the use permit of an individual service in the API Catalogue without a functioning subsystem
• Read more about how to implement a service provided through the Data Exchange Layer in a separate support article

Service provider

The services offered in the Data Exchange Layer must follow the data transfer protocol used in the Data Exchange Layer. The service provider must also provide the necessary information about its service and its implementation. If your organisation intends to provide services in the Data Exchange Layer:

• Plan the technical starting point for your services together with the person who is responsible for the technical deployment: SOAP or REST? Read more about the technical implementation of the services in the instructions for the technical deployment.
• Plan the implementation process, permit process and user support model for your services. More instructions can be found later in this section.
• Also plan the service descriptions to be added to the API Catalogue. Read the instructions for writing a service description in a separate article.

3. Agree on contact persons

Agree on the contact persons for the deployment together with the person responsible for the technical deployment before the actual implementation of the Suomi.fi Data Exchange Layer. Appoint the following people in your organisation: 

• Administrative contact person 
• Deputy administrative contact person 
• Technical contact person 
• Deputy technical contact person

The administrative and technical contact person may be the same person. Please note that you need the names and contact details of the contact persons and the deputy contact persons for the user permit application of the Data Exchange Layer. 

Administrative contact persons might be, for example, Project Managers, Programme Managers or IT Managers. The administrative contact person should have the right to sign for the organisation. The administrative contact person is usually responsible for the overall coordination of the deployment process, user permit applications and resourcing, for example. 

Technical contact persons can be people responsible for administering your organisation’s information systems. The technical contact person is responsible for the installation, configuration and administration of the Security Server, among other things.

The role of the appointed contact persons

Please note that you will need the contact information of the contact persons for the Data Exchange Layer's user permit application.

Requests for changes to the system (e.g. adding subsystems, opening firewall ports) must be made through the contact persons indicated in the Data Exchange Layer's user permit application. The making of change requests can be transferred to a third party, and the responsible contact person must inform Data Exchange Layer's maintenance about this.

4. Allocate resources and create a schedule

Agree on the budget for the deployment phase and prepare the necessary procurement contracts, for example for servers and personnel resources. Plan the schedule for joining both the test and productions environment of  the Data Exchange Layer.

Take the following matters into consideration when allocating the resources: 

• Joining the Data Exchange Layer and the certificates required for its use are free of charge. 
• Your organisation is responsible for the costs of setting up a Security Server or purchasing it from an external service provider, for example. 
• The maintenance of a Security Server also requires resources. Read more about the maintenance from another page.

You can estimate deployment costs using the Nordic Institute for Interoperability Solutions’ calculator (Excel file)Opens in a new window.. As the calculator was developed to estimate the general costs of the X-Road software, not all of its items are directly applicable to the Data Exchange Layer. For example, certificates are free of charge in the Data Exchange Layer. However, the calculator provides approximate cost estimates. Please also note that the Data Exchange Layer costs only cover a small portion of the total costs of connecting systems.

Take the following matters into consideration when planning the schedule:

• The expiration of the certificates will lead to interruption of the services. Certificates expire every year, so they should be renewed well before they expire. You will find more information about renewing certificates in a separate article.
• Deployment usually takes approximately 1-3 months.
• Please note that your organisation's role in the Data Exchange Layer affects the schedule; as a consumer of a service, the deployment process is slightly shorter.
• Note also that connecting a large information system or service to the Data Exchange Layer often requires more time for planning, adjustments and testing. 

5. Plan the necessary permits and contracts for your service

If you provide services through the Data Exchange Layer, define the necessary permits needed for the implementation of your service and plan a support model for your services. The organisation providing services must itself define the possible permissions and contracts for the services it offers. However, the following points should be considered when planning the permits and contracts:

Permit process for the implementation of the services:

• What permits must be applied for to use the service?
• Where can one apply for a permit?
• How are applications processed? How long does the processing take?

User support and service level agreement (SLA) for the service

Plan a support model that covers at least the following things:

• how the service is available
• who is responsible for solving problems that might occur in the system
• how you provide the user support for the users of the service. Add the contact information of the user support to the service description in the API Catalogue.

Define also

• how quickly system related problems are reacted to,
• how fast the system related problems are solved and
• which are the sanctions for for falling below these requirement levels.

Continue to the next section