chief technology officer sonic and actional products dan foody visibility and governance in an soa
Post on 19-Dec-2015
216 views
TRANSCRIPT
© 2006 Progress Software Corporation2
You’ve figured out your SOA backplane……Now what?
Browser
User-FacingLogic
Service discovery, binding, multiprotocol communicationWeb services (URL, XML, SOAP, WSDL, HTTP)Runtime support of service deployment and policies (SCA, WCF)
Rich Client
Reliable message delivery
Security
Publish and Subscribe
ESB
Load balance, failover
BPM
Source: Gartner
© 2006 Progress Software Corporation3
Implications Risks
You’ve figured out your SOA backplane……Now what?
Incremental Deployment Gradual migration Cost "spreading" across projects Reduced maintenance cost
Sharing (Reuse) of Services: Faster time to deployment Lower development cost Greater adaptability
Architectural Partitioning Diverse life-cycle "speeds" Synergy of different technologies Optimal tech skills allocation Processes visibility Greater maintainability Easier outsourcing/"offshoring"
Benefits
More Distributed Infrastructure Extensive use of middleware Transaction management Debugging/troubleshooting End-to-end management More granular security Metering/logging
Tighter Management/Governance Ownership/accountability Cost allocation Prioritization/conflict resolution
Higher Upfront Costs Cultural change Infrastructure (SOA backplane) More formal methodology Longer design time for services Testing (unit/end-to-end)
Source: Gartner
© 2006 Progress Software Corporation4
You’ve figured out your SOA backplane……Control the risks to achieve the benefits
Incremental Deployment Gradual migration Cost "spreading" across projects Reduced maintenance cost
Sharing (Reuse) of Services: Faster time to deployment Lower development cost Greater adaptability
Architectural Partitioning Diverse life-cycle "speeds" Synergy of different technologies Optimal tech skills allocation Processes visibility Greater maintainability Easier outsourcing/"offshoring"
Benefits
Robust Distributed Infrastructure Extensive use of middleware Transaction management Debugging/troubleshooting End-to-end management More granular security Metering/logging
Tight Management/Governance Ownership/accountability Cost allocation Prioritization/conflict resolution
Predictable Upfront Costs Cultural change Infrastructure (SOA backplane) More formal methodology Longer design time for services Testing (unit/end-to-end)
Benefits
Source: Gartner
© 2006 Progress Software Corporation5
IT is already disconnected from the businessSilos of infrastructure are the cause
Business
IT
Bottom-up IT-focused monitoring(OpenView, Tivoli, etc.)Detected problems are without context• What customers are impacted?• What business processes are impacted?• What’s the cost to the business?• What’s most important?
Simple business-focused monitoring(BI, dashboards, etc.)Focused, but always-out-of-date visibility• Only sees what you explicitly configure• No understanding of interdependencies• No awareness of IT cause• Only know about issues once it’s too late
© 2006 Progress Software Corporation6
Ignoring the impact of SOA makes the IT-business disconnect even worse
The global enterprise with SOA Business processes span “silos”
• No one team has end-to-end responsibility• No one team knows all the moving parts• No one team makes all the decisions
The one-to-one mapping has disappeared
Traditional line-of-business silos Each business process is self-contained
• One team has end-to-end responsibility• One team knew all the moving parts• One team made all the decisions
►Applications and business functionsmap one-to-one
© 2006 Progress Software Corporation7
Ignoring the impact of SOA makes the IT-business disconnect even worse
?The global enterprise with SOA Business processes span “silos”
• No one team has end-to-end responsibility• No one team knows all the moving parts• No one team makes all the decisions
The one-to-one mapping has disappeared
Traditional line-of-business silos Each business process is self-contained
• One team has end-to-end responsibility• One team knew all the moving parts• One team made all the decisions
►Applications and business functionsmap one-to-one
If you can’t see it:
• You can’t measure it
• You can’t secure it
• You can’t control it
• You can’t optimize it
© 2006 Progress Software Corporation8
ActionalSOA management, security, and governance
Actional products provide discovery, visibility, security and control for• Services• Inter-dependencies• End-to-end business processes
Without application re-coding or performance degradation
Across the many technologies and platforms that make up an SOA
POLICYDRIVENSECURITY
POLICYDRIVENSECURITY
CONTROLOF ROGUESERVICES
CONTROLOF ROGUESERVICES
BUSINESS POLICY ENFORCEMENT
BUSINESS POLICY ENFORCEMENT
END-TO-ENDVISIBILITY
END-TO-ENDVISIBILITY
© 2006 Progress Software Corporation9
Actional fills the SOA blind-spots withvisibility from the eyes of IT and Business
By Infrastructure
• Which services are where?
• Who uses what services?
• Where are the bottlenecks?
• What’s the impact of change?
By Business Criteria
• How is my business doing?
• Are customer having issues?
• Am I keeping up with demand?
• Am I meeting my commitments?
By Business Process
• What really occurs in ordering?
• How many are in production?
• How long from order to delivery?
• Why has purchasing stalled?
© 2006 Progress Software Corporation10
Beyond the buzzword: What is governance?
The systems and processes in place for ensuring proper accountability and openness in the conduct of an organization's business
The word derives from Latin origins that suggest the notion of steering
© 2006 Progress Software Corporation11
How is governance usually handled?
Ye Olde Book Of Policies• Policies are made available to everyone
• Every reads all the policies
• Everyone follows all the policies
Do you know, understand, and follow, every rule that might apply to you…… at all times…
… as rules change?
© 2006 Progress Software Corporation12
Prioritize governance concerns
Business policies• Complying with rules, regulations, etc.
FinesJail timeLawsuitsRevenue loss
Technical policies• Comply with WS-I, schema requirements, etc.
Reuse is harder / more costly
Focus on what matters most
© 2006 Progress Software Corporation13
What you don’t know can hurt you
If a service is in-production, and it’s not encrypting personally identifiable information,You can face extreme penalties
You don’t get extra credit from the EU if your policy said privacy compliance was required
Service registries can only address technical policies
Business policies require runtime governance
© 2006 Progress Software Corporation14
Business policies require a business focus
Without Actional...…users take the 10s of business policies…and manually convert them…into potentially 100s of enforceable policies
Information Policies Process Policies Contextual Policies
Encrypt all personal identities for EU privacy
directives
Alert if approaching gold customer service
level limit
Audit all steps of financial processes for
US Sarbanes-Oxley
GoldGold
Error prone, complex, costly
© 2006 Progress Software Corporation15
<Licensee><ID>1837363</ID><Name>John Q. Public</Name><SSN>145-98-3847</SSN><Address><Street>100 Any Lane</Street><City>Any Town</City><State>CA</State><Zip>94099</Zip>
</Address></Licensee>
<Licensee><ID>1837363</ID><Name>John Q. Public</Name><SSN>145-98-3847</SSN><Address><Street>100 Any Lane</Street><City>Any Town</City><State>CA</State><Zip>94099</Zip>
</Address></Licensee>
<Licensee><ID>1837363</ID><Name>John Q. Public</Name><SSN>145-98-3847</SSN><Address><Street>100 Any Lane</Street><City>Any Town</City><State>CA</State><Zip>94099</Zip>
</Address></Licensee>
<Licensee><ID>1837363</ID><Name>John Q. Public</Name><SSN>145-98-3847</SSN><Address><Street>100 Any Lane</Street><City>Any Town</City><State>CA</State><Zip>94099</Zip>
</Address></Licensee>
From business policies to enforced policiesWith Actional runtime governance
PersonalIdentity
ShippingDestination
PersonalIdentity
ShippingDestination
CustomerClass
Policy Target
Policy Owner(s)
Service
Owner(s)
Audit
Encrypt
© 2006 Progress Software Corporation16
Actively enforces policies across the SOA
ManagedEnvironment
Automatically adjusts to changes in the SOA
From business policies to enforced policiesWith Actional runtime governance
© 2006 Progress Software Corporation17
Summary
Actional dramatically reduces the risks of SOA• Aligns IT and business• Provides process visibility• Senses and responds in real-time• Automatically enforces policies
This enables organizations to turn SOA into a competitive weapon• Faster time to market• Lower costs• Continuous innovation• Process flexibility