Company and Solution Overview

January 2010

©NexPrise, Inc.www.nexprise.com

Contents

1. Company Background & Experience......................................................................................1History 1Customers 1

2. Architecture............................................................................................................................13. Integration..............................................................................................................................2

Querying/Importing data from external databases 2Exporting Data from NexPrise 2Active directory/ldap Integration 3

4. Installation Requirements......................................................................................................3Supported Web Browsers 3Supported Databases 3Supported Server Operating Systems 3Supported Mail Server Protocols 3Application Server 3Supported Web Servers 3Security 3Recommended Hardware 4

5. Application Security...............................................................................................................4Authentication 4Encryption 4Privacy 4Integrity of data, content, and messages 4Asset Protection 5Non-Repudiation / Server Access Auditing 5

6. Administration........................................................................................................................57. Document Management........................................................................................................6

Document Types 6File Types & Size Limitation 6Keywords 6Revision Control 6Microsoft Office Integration 6Document Lifecycle Management 6Electronic Signature/Comment History 7Document Numbering 7Document Relationships 7Document-Specific Message Threads 7User Initiated Email Notifications 7Subscription-Based Notifications 7

Page | ii

Document Sharing 7Document Importing 7

8. NexPrise Studio......................................................................................................................7Description 7Object Modeler 7Forms Creator 8Workflow Modeler 8

9. Project Collaboration..............................................................................................................9Project repository creation 9Project Administration & Membership 9Project Discussions 9Ad-Hoc Document Routing 9Notifications 9Project Calendar 10Project Web Pages 10Linking 10

10. Action Item Management......................................................................................................10Templates 10Importing 10File Attachments 10Recurring Items 10Privacy 10Reassignments 10Approvals 11Custom Attributes 11Keywords 11DashboardsAutomatic Reminders 11History 11Reporting 11

11. Reporting................................................................................................................................11Report creation 11Aggregated Views 11Charts 12Dashboards 12Report Sharing 12Security Filtering 12Exporting Search Results 12

12. Full Text Searching..................................................................................................................12Indexing 12Project context 12Security 12

Page | iii

Previous revisions 12relevancy ranking 12Advanced Search 12Viewing word matches in search results 12Opening files From Search results 13Accessing Document Record Information from Search Results 13

13. Customizable MyNexPrise Pages...........................................................................................13

Page | iv

1. COMPANY BACKGROUND & EXPERIENCE

H ISTORY With roots as a DARPA-funded project within Lockheed Martin in the mid 1990's, the NexPrise platform was originally conceived to support secure, multi-organizational collaboration in the aerospace and defense industry. Spun off as an independent company in 1997, NexPrise has invested hundreds of man years developing ways to make it easier for users to collaborate and manage information online. Since then, NexPrise has been providing a powerful and adaptable information management platform for companies with distributed partner networks and supply chains. Speed of deployment, distributed administration, low end user training requirements and uncompromising security standards have been hallmarks of the NexPrise solution since its inception.

The NexPrise management team has extensive experience in Product Lifecycle Management (PLM), Content Management and Business Process Automation. This experience has proven critical in addressing the usability, security, integration and administration pitfalls associated with implementing collaborative data management environments — particularly those that span multiple firewalls.

CUSTOMERSThere are currently over 30,000 active NexPrise users worldwide. Major NexPrise customers include Pratt&Whitney, Bell Helicopter, Textron Information Systems, Sikorsky, Subaru, IDT, Augusta-Westland-Bell (AWB), Entropic Communications, Hexcel, and Toray Composites.

2. ARCHITECTURE

NexPrise is a Java (J2EE) application written for highly demanding intranet and extranet environments.

NexPrise utilizes a 3-tier architecture consisting of a Web tier, an application tier, and a database tier. Each tier may run on the same physical server or may be separated across different servers. For extranet implementations, the web tier is typically configured to reside on a server which is publicly accessible over the internet (DMZ), while the application and database tiers are configured behind a firewall on a private network. All ports should be locked out (via firewall rules) except port 443 (https) and port 22 (ssh) for remote administration. Port 22 should be left open to only a specific IP range.

See illustration below for recommended extranet configuration:

Page | 1

NexPrise managed files are stored in a designated NexPrise data directory only accessible by the NexPrise application and server administrator. The NexPrise data directory may be located on local storage or on a remote SAN/NAS and backed up based on established backup procedures. All files stored in the data directory are “hashed” where the file names and types are replaced with numerical IDs. Thus, in the unlikely event that someone gains access to the server database, they will not be able to search for a specific file.

3. INTEGRATION

QUERYING/IMPORTING DATA FROM EXTERNAL DATABASESThe NexPrise platform supports seamless connectivity to external Oracle, MS SQL Server, MS Access and MySQL databases via a JDBC interface. External database connections enable read-only “look-up” of information within NexPrise forms to auto-populate mapped fields. This eliminates redundant data entry.

NexPrise also supports the importing of database dumps via XML or delimited files. Import operations may be configured to populate the NexPrise database or an external Oracle lookup table on the NexPrise server.

EXPORTING DATA FROM NEXPRISEExporting NexPrise data is facilitated via an XML export utility. Using a command line interface, an export operation may be scheduled to occur at defined interval. In addition, an export operation may be triggered by the completion of a NexPrise workflow activity.

All NexPrise report results are also exportable in .CSV format.

Page | 2

ACTIVE DIRECTORY/LDAP INTEGRATIONFor on-premise installations of the NexPrise server, NexPrise may be integrated with an existing Microsoft Active Directory or LDAP server to avoid redundant user administration. In the event that customers, partners or suppliers need access to the NexPrise server, those external users may be managed in NexPrise while all internal users are managed on the Active Directory/LDAP server.

4. INSTALLATION REQUIREMENTS

SUPPORTED WEB BROWSERS Firefox 3.x or later. Internet Explorer 6.x or later Safari Chrome

SUPPORTED DATABASES Database Configuration Oracle 9 or 10 Microsoft SQL Server 2000-2005

SUPPORTED SERVER OPERATING SYSTEMS Windows Server 2003 Redhat Enterprise Linux 3, 4 or 5

SUPPORTED MAIL SERVER PROTOCOLS IMAP POP3 SMTP

APPLICATION SERVERA Java Application Server (Resin) is built-in and installs automatically as part of the NexPrise installation process.

SUPPORTED WEB SERVERS Apache 2.x IIS

SECURITY SSL RSA Verisign Digital Certificates HTTPS

Page | 3

RECOMMENDED HARDWARE Pentium 2.4 GHz (1 to 2 dual or quad core processors.) 2-4 GB RAM, 40+ GB local hard drive or NAS/SAN

5. APPLICATION SECURITY

AUTHENTICATIONAuthentication refers to the verification of users, servers, devices, and systems Authentication ensures that entities sending message, receiving messages, or accessing information are indeed who they say they are, and have the privilege to undertake such actions.

NexPrise meets all authentication requirements for a B2B extranet through its use of client digital certificates, SSL, and smart token ID’s in conjunction with usernames and passwords. With NexPrise, any user (or server or 3rd party device) logging into the NexPrise system is first authenticated before being granted access.

The NexPrise authentication module can be extended to support a customer's 3rd party authentication mechanism to augment the NexPrise username/password authentication (for example, RSA SecurID or PKI security). Additionally, NexPrise supports various password policy options to require stronger passwords, limit password re-use and enforce password expiration.

ENCRYPTIONEncryption prevents unauthorized access to data & content during transmission between a server and a client. NexPrise meets all encryption requirements for a B2B extranet through its use of 256-bit SSL.

PRIVACYNexPrise meets all privacy requirements for a secure B2B extranet through the use of fine grained security partitioning. With NexPrise, visibility and editing privileges can be defined down to the individual object level within the system (i.e. document-level, form-level, action item level, etc.). Visibility and editing privileges are granted to groups, roles, or specific individuals.

INTEGRITY OF DATA , CONTENT , AND MESSAGESThis requirement guarantees that messages have not been altered by another party since they were sent within the context of a B2B extranet. It protects data, content, and messages from corruption, destruction or unauthorized changes. It also protects configurations and basic integrity of servers, applications, and networks.

NexPrise guarantees the integrity of its data, content and messages in all its transmissions and storage. Through the use of Cyclic Redundancy Checking (CRC) that ensures that data did not get corrupted during transmission, and by using Digital Certificates and SSL, every piece of data, content, or message transmitted within NexPrise maintains unwavering integrity.

Page | 4

ASSET PROTECTIONThis requirement ensures assets and intellectual property within a B2B extranet are always protected. This is a critical requirement since perimeter defenses such as firewalls are insufficient and less central to a good security framework -- protection of assets is more critical than protection of just the perimeter.

NexPrise works with any asset protection strategy and firewalls in existence. NexPrise solutions go over and beyond the protection that a firewall can offer. NexPrise security works independent of the presence or absence of a firewall. NexPrise’s proprietary and patented technologies tunnel through firewalls (using standard ports in the firewall – NexPrise does not require any additional ports to be open) to provide the encryption and collaboration capabilities needed by end users on a B2B extranet. Separately, NexPrise’s fine security partitioning described earlier (under Privacy) provides granular levels of access control to protect team assets and intellectual property. In addition, the files stored on the server are “hashed” where the file names and types are replaced with numerical IDs. Thus, in the unlikely event that someone gains access to the server database, they will not be able to search for a specific file.

NON-REPUDIATION / SERVER ACCESS AUDITINGA “non-repudiation” requirement simply means that a system must establish the sender of each message so that a user cannot later claim that they did not send it. This is to prevent denial of a valid eBusiness transaction between authorized parties.

NexPrise fully supports this requirement by recording and maintaining audit trails of user activity. Audit trail database information can later be mined by approved parties to validate specific transactions. Specifically:

• NexPrise tracks each user’s login/logout activity and audits what data they accessed during a session (create, read, update and delete operations),

• NexPrise tracks which vaulted files users have viewed or downloaded. • NexPrise records when users have been granted access to specific project areas (content

repositories) and offers administrative reports exposing a user’s specific access permissions within a particular project.

• NexPrise tracks all outgoing email notifications from the server.• NexPrise permanently records the approval history (activity name, user name, start

date/time, completion date/time, disposition and comments) associated with all NexPrise workflow activities.

6. ADMINISTRATION

Many enterprise systems offer rigid server administration functions conceived for centralized Intranet management. As such, these systems often impose a large burden on I.T. resources when extended to outside parties.

Alternatively, NexPrise is designed specifically for easy management of multi-company extranet environments. NexPrise server administrators may control the visibility between companies, create global or

Page | 5

company-specific roles, and setup connections to external data sources. Better yet, server admin responsibilities may be distributed across organizations to let partners and suppliers manage their own NexPrise user accounts.

Designed from its inception for multi-organizational collaboration on the public Internet, the management of content access and editing permissions in NexPrise may be delegated directly to project owners and co-owners regardless of their company affiliation or geographic location.

Since project owners are typically most familiar with their content and who should be able to see and/or change it, NexPrise separates this kind of content administration from general server administration responsibilities.

7. DOCUMENT MANAGEMENT

DOCUMENT TYPESCreate custom document types, each with their own set of required and optional attributes. Document types may be created in a simple, browser-based administrative interface or in the NexPrise Studio, a separate Windows application for NexPrise developers.

F ILE TYPES & S IZE L IMITATIONUpload any type of electronic file of any size. No file size limit.

KEYWORDSTag documents with one or more keywords to group related documents and improve document searching.

REVISION CONTROLEnable full document revision control with "check-in" and "check-out" functionality and define a customized revision numbering scheme for each document type. Older revisions maintained in history. Rollback to older revision or purge certain revisions (with the appropriate admin rights).

M ICROSOFT OFFICE INTEGRATIONOptional ActiveX plug-in allows check-in and check-out of documents directly within Microsoft Office applications such as Word, Excel, PowerPoint, etc.

DOCUMENT L IFECYCLE MANAGEMENTDefine document lifecycle approval workflows and enforce these workflows on check-in. Simple lifecycles are defined in a browser-based administrative interface. More complex workflows are modeled in the NexPrise Studio, a separate Windows application for NexPrise developers.

Page | 6

ELECTRONIC S IGNATURE/COMMENT H ISTORYThe electronic signatures and comments associated with every lifecycle-controlled document revision are stored in a permanent and unalterable “Route History” table. The Route History table is included in a printable view of each document record.

DOCUMENT NUMBERINGAutomatically number your controlled documents using a powerful number generator.

DOCUMENT RELATIONSHIPSAssociate documents with other records managed in NexPrise. (i.e. Reference an existing document within a NexPrise form.)

DOCUMENT-SPECIFIC MESSAGE THREADSCapture document-specific comments and discussions via linked discussion threads containing text, images, links, tables, etc. Threads are revision-specific.

USER INITIATED EMAIL NOTIFICATIONSSend email alerts to selected users, linking them directly to documents, files, or folders.

SUBSCRIPTION-BASED NOTIFICATIONSProactively subscribe to any NexPrise document or folder to receive automatic change notifications.

DOCUMENT SHARINGQuickly create a folder with internal or external team members, granting them “read”, “read-write”, or “full” access permissions to all content in that folder as appropriate. Alternatively, set explicit access permissions at the document level to control access to a specific document rather than an entire folder.

DOCUMENT IMPORTINGLeverage a multi-file upload Applet to bulk upload entire file system directories to the NexPrise server.

8. NEXPRISE STUDIO

DESCRIPTIONUsing a Windows application called the NexPrise Studio, NexPrise administrators may define database objects/records, layout Web forms, and model workflows — all in a single integrated tool. All definitions authored in the NexPrise Studio are published to the server via a series of XML files. This speeds the development and testing of business processes and insures changes can be visualized and tested immediately.

OBJECT MODELER An Object Modeler is used to create customer specific document definitions or business objects by adding the custom fields/attributes necessary to support workflow rules and provide visibility and reporting. In addition, custom attributes may be mapped to existing enterprise data sources (either directly or via

Page | 7

intermediate database tables or data extracts). This eliminates redundant data entry by allowing enterprise information to be queried and any associated NexPrise form fields to be "auto-filled". Creating these definitions is simple. Just add the necessary attributes and publish the object definition to the NexPrise Server.

Object Modeler Key Features:

Supports all standard Attribute data types including (i.e. Date, string, Text Area, Currency, etc.) Supports Required, Frozen and Hidden Attributes. Supports Enumerated Lists, Numeric Ranges and Date Ranges. Supports Aggregate Objects, Relationships between Objects. Supports access to External Data Sources. "Publish" changes directly to NexPrise platform for immediate updates.

FORMS CREATORA Forms Creator can then be used to create the screens that users will interact with throughout the business process, separating the presentation layer from the data layer. Using the Forms Modeler, related attributes can be grouped together (similar to paper based forms). These groups can then be hidden or made non-editable based on who's viewing the form and the workflow activity being performed. This functionality enhances the end user experience by exposing only the information necessary to complete a given task.

Forms Creator Key Features:

Organize common attributes on the form into Attribute Groups. Set the visibility or editability of attribute groups based on each workflow activity being performed. Quickly add File Attachment, Message Thread, or other special form components as needed. Create related Sub-Forms and display sub-form data as line items in the parent form. Control attribute formatting options and write custom Java expressions for advanced functionality. "Publish" changes directly to NexPrise platform for immediate updates.

WORKFLOW MODELER A full featured Workflow Modeler and robust workflow engine support any type of business process, with serial and parallel workflow activities, approval loops and conditional branching. A drag and drop interface makes it easy to create complex workflows and associate them with your existing documents and Web Forms. Intelligent workflow ensures all electronic documents, drawings and data are routed together throughout the review, modification and approval process, while automatic notifications and reminders keep the process moving.

Electronic signatures and comment histories are retained with each revision, providing the audit trail necessary for compliance with standards bodies such as ISO or government agencies like the FDA.

Page | 8

Workflow Modeler Key Features:

Easy to use Drag and Drop user interface. Create serial and parallel workflow activities and define whether each activity is performed by one

or more users. Create Loops and Nested Loops. Enforce, Single, Unanimous or Majority Approvals. Capture Auditable Route History (electronic signatures). Trigger Automatic and Customizable Email Notifications. Model Sub Workflows Leverage a Built in Java Expression Evaluator for Advance Functionality. "Publish" changes directly to Server for Immediate Updates.

9. PROJECT COLLABORATION

PROJECT REPOSITORY CREATIONNexPrise centralizes all project related documents, files, and data into a secure project repository. Using Web-based tools, NexPrise lets you organize your projects in a familiar and user-friendly folder structure so you can rapidly organize, manage and track all participants, processes, tasks and deliverables. Folder structures may be built manually, or can be imported from Microsoft Project or Excel.

PROJECT ADMINISTRATION & MEMBERSHIPNo one gains access to any NexPrise managed content unless they’ve been granted membership to a secure NexPrise project area. Project membership and access permissions are controlled by a Project Owner. Project membership may be granted to individuals, roles, or entire companies and Project Owners may delegate project administration responsibilities to other co-owners. They may even give certain team members outside their own organization certain project administration rights.

PROJECT D ISCUSSIONS Create a general project discussion area to exchange ideas, or start discussion threads linked to any document, action item or other managed content.

AD-HOC DOCUMENT ROUTINGRoute a document to one or more team members in multiple serial or parallel steps, capturing all user comments along the way. Save your route as a template for later re-use.

NOTIFICATIONS Send email notifications to one or more team members notifying them of changes to important content and linking them directly to the information in NexPrise.

Page | 9

PROJECT CALENDARPost and share project-related events and display personal workflow and action item assignments on a Web-based calendar.

PROJECT WEB PAGESCreate and share revisable project Web pages without HTML knowledge. These pages may include text, images, links, tables, redlines and other information-an ideal way to publish work instructions or facilitate design reviews. Links in the Web pages may point directly to other documents or objects managed in NexPrise. Viewing previous revisions shows the evolution of the Web page over time--a powerful knowledge management feature for distributed design teams.

L INKINGSince everything in a NexPrise project area has a URL pointing users to the latest revision, links to NexPrise managed objects placed within Word, Excel and HTML documents always remain current.

10. ACTION ITEM MANAGEMENT

TEMPLATESConstruct action item lists from pre-saved NexPrise templates to reduce data entry. Templates may contain default action items, sub-items, assignees, start offsets, durations, weighting factors and reference documents.

IMPORTINGImport action items from MS Excel.

F ILE ATTACHMENTSUpload any number of associated files to an action item.

RECURRING ITEMSCreate recurring action items based on a defined period and sequence.

PRIVACYBy default, Action Items are only visible to project members with at least “Read-Only” access. For more granular privacy, optionally designate an action item as “private” so that only the assignor, assignee and approver(s) can see it.

REASSIGNMENTSAll action items may be reassigned by the assignor (owner) of the item. In addition, an action item may be flagged as “Reassignable” so that the assignee may optionally reassign it to someone else.

APPROVALSAssign one or more approvers to an action item to approve its closure after an assignee reports the item complete.

Page | 10

CUSTOM ATTRIBUTESAdd custom attributes to action item definitions for enhanced reporting.

KEYWORDSAdd keywords to action items to facilitate later search and retrieval.

PROGRESS DASHBOARDOrganize action related action items into a defined list. Track status of action items by Progress, including Estimated vs. Actual Completion Dates. Create sub-items and see automatic rollup of progress and estimated completion date. View color-coded status indicators (red = late, yellow = due soon, green = OK).

AUTOMATIC REMINDERSReminder notifications when Action Items are Due Soon or Overdue.

H ISTORYAll updates and comments associated with an action item are viewable in an expandable “History” section.

REPORTINGCreate customizable action item reports and charts, leveraging all system and extended attribute information.

11. REPORTING

REPORT CREATIONNexPrise offers a powerful reporting tool which facilitates querying of objects in the NexPrise database. Query expressions can be created without programming and can be configured to prompt the user for input parameters. Report columns and column labels are configurable by the report creator, as are default sort conditions, number of results per page, and other settings.

AGGREGATED V IEWSProcess attributes and managed object attributes may be combined in a single report view. This enables the creation of detailed status reports showing where certain documents or forms are in a workflow process, who they are assigned to, and how long they’ve been there.

CHARTSA chart builder enables the creation of pie, bar, and other chart types from any report results.

DASHBOARDSReport results and/or charts may be embedded in a MyNexPrise page designed to serve as a status “dashboard”.

Page | 11

REPORT SHARINGBy default, reports are private until shared with other companies, roles, or users.

SECURITY F ILTERINGLike full text search results, database queries are filtered based on a user’s access permissions.

EXPORTING SEARCH RESULTSThe results of any report may be exported to a .CSV file for opening in Excel or export to other applications.

12. FULL TEXT SEARCHING

INDEXINGFiles with searchable text are indexed immediately upon upload and are removed from the index upon deletion. Files with searchable text are also indexed upon the revision of any NexPrise document.

PROJECT CONTEXTA search executed from the server home page will span all projects that a user is a member of. A search executed within a specific project area will return results only from that project.

SECURITYAll search results are post-filtered based on a user’s project membership credentials and access permissions. No user sees a result unless they have at least “Read” privileges to the document.

PREVIOUS REVISIONSBy default, prior revisions are filtered from search results. However, users may search prior revisions from the Advanced Search page.

RELEVANCY RANKINGPowerful relevancy ranking rules insure the most relevant word/phrase matches appear first. For example, matches in a document’s name, description and body would out-rank a match in the body alone.

ADVANCED SEARCHAn advanced full text search interface allows users to specify file type(s), last modified date range, keywords, authors and other criteria before running the query.

V IEWING WORD MATCHES IN SEARCH RESULTSWithin a list of search results, search term(s) are highlighted within a snippet of text dynamically extracted from the document. This gives users an indication of where the match occurred without requiring them to open the associated file.

OPENING FILES FROM SEARCH RESULTSA file in NexPrise may be opened directly from the search results page.

Page | 12

ACCESSING DOCUMENT RECORD INFORMATION FROM SEARCH RESULTSThe document record associated with each file is displayed so that the user may link directly to the document properties page. The properties page displays document attributes, discussion threads, revision history and other important information.

13. CUSTOMIZABLE MYNEXPRISE PAGES

NexPrise offers the ability for administrators to create customized NexPrise home pages from a collection of available page components such as:

My Events My Reports My Workflow Assignments My Action Items My Recent Items My Favorites

In addition to the above components (whose templates may be modified as needed), custom HTML components may be created using a WYSIWYG editor or by pasting in existing source code. These components may contain text, links, and images. Also, custom charts and report results may be embedded into home pages to satisfy any executive dashboard requirements.

Different default home pages may be created for different companies or roles. This provides a personalized landing page tailored to the unique needs of different audiences.

Page | 13