"visibilidad y control del la arquitectura soa"

“Visibilidad y Control del la Arquitectura SOA”

Brandon [email protected]

Manager, US-East, Solution Engineers

October 26, 2007

mailto:[email protected]

© 2007 Progress Software Corporation‹Nº›

About Progress Software

Our Product/Solution Stack

Actional

Demo

Q&A

Agenda


About Progess Software Corporation

Headquarters: Bedford, MAOffices: 90 Worldwide

Employees: 1,600 Revenues: $447 millionNASDAQ: PRGSFounded: 1981

GLOBAL

Deployed at 120,000 customer sites in 135 countries

2,000 Partners deliver 5,000 unique business applications

Over 600,000 new users acquire Progress-based technology annually

Application Infrastructure

Progress supplies open application infrastructure software to simplify and accelerate the development, deployment, integration, and management of business applications.

INNOVATION

InfoWorld Innovation Awards 2005Actional Wins Award: Actional SOA management solutions dramatically reduce the cost and complexity of deploying and managing Web Services projects - NETWORK COMPUTINGApama - Market Leading Event Processing Platform – Bloor Research#1 Enterprise Service Bus – Sonic ESBGartner Dataquest

OPEN TECHNOLOGY

EXPERIENCE


Progress SoftwareInnovation Across All Product Lines

Application Platforms

Services Infrastructure

Data Infrastructure

Develop, Deploy and ManageBusiness Applications

Connect, Mediate, Control and MonitorServices

Manage, Integrate, Replicate, Cacheand Access Data


EnterpriseService Bus

SemanticIntegration

SOAManagement

Best-of-Breed Product Stack

ESP/CEPBAM

MainframeConnectivity

DataAccess

ApplicationPlatform

Messaging-based ESB flexibly integrates new and existing business applications within an SOA

SOA management platform providing operations support, continuous service optimization and policy enforcement

Semantic mediation tools for application and service data management with common information model visualization, impact analysis and testing


Progress Software - Market Recognition for our Products

ApamaEvent Processing Platform Market Leader

DataXtendBest New Product: Semantic Data Integration

Sonic ESB#1 Worldwide for ESB Segment

ApamaWinner ’06 Buy-Side Innovation

Sonic ESBBest Enterprise Service Bus

Actional SOA & Web Services Management Leader


The SOA Management Market – Recognized leader “Actional”

Actional

SLA Exception Identification

and Notification

Service Tracing and Dependency

Mapping2468

10

Active SLA Management

Service Accounting

Service Level Reporting

Actional


and Notification


Mapping2468

10


Service Accounting


Computer Associates


and Notification


Mapping2468

10


Service Accounting


Computer Associates


and Notification


Mapping2468

10


Service Accounting


HP


Mapping2468

10


Service Accounting


HP


Mapping2468

10


Service Accounting


IBM/Tivoli


and Notification


Mapping2468

10


Service Accounting


IBM/Tivoli


and Notification


Mapping2468

10


Service Accounting



“SOA Landscape

"Actional provides a far weightier Web Services management capability and toolset for building, securing, and managing a SOA network than its competitors' offerings ... [with] greater control ..."

Organizational Boundary

Services FromExternal Sources

Services ToExternal Sources

Web Services EJB http/httpsESB RMI JMS JDBC

Visibility - Beyond webservices, XML, SOAP for true end to end transaction visibility. Real time for each and every transaction

Management - Service Policy (security, versioning, operations, change). Measure, manage and report on service level agreements

Security - End to end security including last mile. Full CIA (WSS, XML Enc/DSig, SAML, etc…)

Run-Time Governance – Measure, enforce and audit governance policies and rules in run-time environments. Synchronize registry information with real time service metadata.


Why SOA Management?

How do I ensure quality of service in my SOA,end-to-end, throughout the lifecycle?

How do I understand the impact of a expected change or unexpected problem?

How do I determine root cause toresolve incidents quickly without finger pointing?

How do I proactively detect problems in the SOAbefore end users do?

How can I track all services in production, what they depend on, who’s really using them, and how often?


SOA MANAGEMENT

Enterprise Management

Identity Management

DirectoriesACTIONAL

SERVER

USERS

Actional SOA Management Architecture

Services From

External Sources

Services ToExternal Sources

SERVICES

Insight and control over mission critical SOA projects

Business Owners

SOA Operations Staff

Security and Compliance Staff


Actional SOA Management Components

Actional Point of Visibility

Actional Point of Control

Weightless, non-intrusive (microseconds of latency) Web services, database, messaging, and more End-to-end process visibility and auto-mapping across applications Automatic discovery, auditing, alerting, analysis, and reporting of service activity

Runs standalone or in conjunction with Actional Server Policy enforcement (security, compliance, etc.) Zero downtime service versioning Adaptive content based routing, load balancing, and proactive fail-over for

applications

Actional Server Centralized visibility and control of distributed SOA infrastructure Integrates IT and business views Root cause analysis and triage of problems across tiers Automatic discovery of dependencies, rogue services, and mapping of application

topology


APPLICATION OWNERS

Why is it myproblem?

IT Operations seesnormal behavior

HELPDESK

Experiences issue

Actional for SOA OperationsNo one knows what’s really going on

IT PERSPECTIVE

SOA PERSPECTIVE

SOA OWNER

Why look at me?

USER

?

????


Actional for SOA Operations

SOAEnvironment

Discover process flowsMap dependencies

End to end across HTTP, RMI, EJB, Web services,.NET, database, messaging, custom apps

No Custom Coding or Configuration?

?

?



Monitor service levelsAlert on performanceand availability issues

Snapshot individual transactions to easily isolate the root cause of problems

Less than 1% overhead


Over 50 applications integrated to provide overall service

Case Study: Telematics provider, for in-car services

“... We don’t know where. We don’t know why. We don’t know when.”

“Some of our most mission critical transactions are not always completing…”

“Our BMC, OpenView, and Mercury systems are all showing green lights.”

“We know all of our services and applications are running properly.”

RESULTS Automatically detected problems that were

previously reported by customers Reduced mean-time-to-resolution by 75%

for web service issues >50% drop in related number of help desk

incidents (due to reduced MTTR) Cost of help desk incidents estimated to be

$150 each

SOLUTION Used Actional to monitor SOA

interactions, alert on detection of issues, and isolate the root cause of the issues



Demo

DEMO

Actional’s “Flowmap” Patented Technology


Actional Value Propositions

SOA Initiative ScopeEnterpriseDepartment

ProjectBudget

CorporateBudget

FundingLevel

ROOT-CAUSEANALYSIS

ROOT-CAUSEANALYSIS

BUSINESS POLICY ENFORCEMENT


POLICYDRIVENSECURITY


ROGUESERVICECONTROL

ROGUESERVICECONTROL


UnexpectedReuse

Rogue Services

The Problem

Registry

Rogue Service

SensitiveCustomerData

SOA Environment

Rogue ServiceRogue Service


Rogue Services

Actional Solution

Registry

SOA Environment

SensitiveCustomerData

Rogue Service

UnexpectedReuse

Rogue ServiceRogue Service


Trust Zones Protect the Last Mile

Normal Path

CONSUMER

TRUSTZONE

X

MD5(of trust key) +

Caller IP Address +

Timestamp +

Interaction ID +

Security ID (user ID from credentials, if available)

Trust Signature = MD5(of all of the above items)

Trust key = secure pseudo random key encrypted using secret symmetric platform key

INTERNAL CONSUMER

Last-mileSecurityAttack

Service

Service


Rogue Services

“We know there are about 5 applications using our service”

They thought wrong!

34 apps usedthe service.

With Actional they: Isolated the cause Understood the impact Prioritized business-critical

requests Upgraded without disruption

“We gave the WSDL to 5 groups, but we think they’ve given it out.”

“At some times of the day, the service gets slow – but we don’t know what’s causing it, and we don’t know who is impacted”


Business Policy Enforcement

Actional Solution

Actional actively enforces policies across the SOA

ManagedEnvironment

Actional automatically adjusts to changes in the SOA


Making Active Policy Enforcement Possible

Centralized creation and management of policies with distributed enforcement

Policy Groups

Security and Compliance

Officers

Policies can change independent of services


Root-Cause Analysis

The Problem

Middleware Is Blamed

!


Root-Cause Analysis

SOAEnvironment

Actional Solution

TransactionFlow Map


Root-Cause Analysis

Actional Solution

Path Explorer Drilldown

DEMO

Lets Go Back


By Infrastructure

• Which services are where?

• Who uses what services?

• Where are the bottlenecks?

• Impact of change?

By Business Criteria

• How is my business doing?

• Are customers having issues?

• Am I keeping up with demand?

• Am I meeting my commitments?

Tying the business and IT contexts together automatically

By Business Process

• What really occurs in ordering?

• How many are in production?

• How long from order to delivery?

• Why has purchasing stalled?

The Value of SOA Management -Actional Continuous Service Optimization


Policy-Driven Security

The Problem

SecuritySecurity

ServiceLogic

ServiceLogic

SecuritySecurity

ServiceLogic

ServiceLogic

SecuritySecurity

ServiceLogic

ServiceLogic

AuthorizationAuthenticationCredential typesEncryptionDigital signatures

AuthorizationAuthentication

Credential typesEncryption

Digital signatures

ServiceConsumers


Policy-Driven Security

Actional Solution

Actional Policy-driven Security

AuthorizationAuthenticationCredential typesEncryptionDigital signatures

ServiceConsumers

SecuritySecurity SecuritySecurity SecuritySecurity

ServiceLogic

ServiceLogic

ServiceLogic

ServiceLogic

ServiceLogic

ServiceLogic

Security Specialist

Last-Mile Security

Globalsecuritypolicy

Projectsecuritypolicy


Governance Interoperability for Actional

Leverage service contracts and approved service catalog

Discover services, consumers, and use patterns toreport back to registry

SOA OperationsContinuous Service OptimizationActive Policy Enforcement

Lifecycle policy enforcement

SOAGOVERNANCE


“Why Actional?

"Actional's Web services management platform delivers a comprehensive solution to the unique application management challenges commonly faced in enterprises. This combined solution will help customers to rapidly deploy Web services and immediately capitalize on the benefits across their enterprise."

Dan Lewin, Vice President .NET Business Development at Microsoft

ROGUESERVICECONTROL

ROGUESERVICECONTROL



ROOT-CAUSEANALYSIS

ROOT-CAUSEANALYSIS



Only Actional can automatically detect and control unregistered services

Only Actional can provide policy driven security and secure the last mile

Only Actional can analyze the root cause of any policy violation, not just IT exceptions

Only Actional can apply policy by content, business process, or business criteria, vastly simplifying the alignment of IT with business


Actional SOA Management

SOA Operations performance monitoring and alerting, dependency mapping and root cause analysis

Continuous Service Optimization business insight for decision support and runtime control of business outcomes

Active Policy Enforcement central creation and management of policies for SOA security and compliance


CONTINUOUS SERVICEOPTIMIZATION

CONTINUOUS SERVICEOPTIMIZATION

Summary

SOA operations ensures the performance and availability of the end-to-end SOA production environment

Continuous Service Optimization enables visibility and dynamic optimization of the SOA from a business context

Active policy enforcement ensures compliance with security and regulatory policies while reducing costs

ACTIVEPOLICYENFORCEMENT

ACTIVEPOLICYENFORCEMENT

SOAOPERATIONS

SOAOPERATIONS

"visibilidad y control del la arquitectura soa"

Documents

soa security

soa landscape actional

soa network

management of policies

servicedata management

rogue services

monitor services

actional wins award