Layer 7: Building Multi Enterprise SOA

1,032 views

Published on

Discussion of multi-enterprise SOA implementations, the challenges involved and how SOA appliances can help build these architectures

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,032
On SlideShare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
23
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Layer 7: Building Multi Enterprise SOA

  1. 1. Building Multi- Multi-Enterprise SOA Philip Walston VP Product Management Layer 7 Technologies September 2008
  2. 2. Overview Discussion of multi-enterprise SOA implementations, the challenges involved and how SOA appliances can help build these architectures • What is multi-enterprise? • The Role of SOA • Real World Issues • Implementation challenges • Characteristics of a solution • The role of SOA appliances • Summary and Questions September 2008 Building Multi-Enterprise SOA
  3. 3. What Exactly is Multi-Enterprise? Multi- Enterprise-Centric • Most ERP and business applications use enterprise-centric architecture • Focus is on meeting the enterprise's objectives Extended enterprise • An attempt to support the needs of partners by extending and elongating the enterprise data and process model • Enables partners to interact with each other more easily, but this environment is not ideal • Each partner still has to learn how to work with each other’s business applications, each integration is point-to-point Multi-enterprise • A new architecture is required for more complex and interactive multi-enterprise business processes Adapted from: The Emergence of the Multienterpise Business Process Platform - Gartner, 11/07 September 2008 Building Multi-Enterprise SOA
  4. 4. Multi- Multi-Enterprise Examples Examples from many business verticals: Manufacturing Manufacturers and suppliers Insurance Insurers and brokers Corporate Corporations and outsourced service providers Telecom Service providers and content providers Architectural models used in these implementations includes: EDI, Web, SOA, B2B, Saas, Cloud … September 2008 Building Multi-Enterprise SOA
  5. 5. Where Does SOA Fit In? Flexible integration across departments, clients and partners Reuse of software components across business processes Interoperability across applications Corporate Untrusted ? Network Entity MQSeries Network Business Partner Unit CORBA Web Services Network Network September 2008 Building Multi-Enterprise SOA
  6. 6. Implementation Challenges • Big step between point solutions and multi-enterprise services Requires managed, standards compliant SOA framework • Not all partners are created equal Rationalizing differences between development skills, security and legal requirements • The real world is messy Making integrations work across all boundaries will be tough Corporate Untrusted ? Network Entity MQSeries Network Business Partner Unit CORBA Web Services Network Network September 2008 Building Multi-Enterprise SOA
  7. 7. The Real World … September 2008 Building Multi-Enterprise SOA
  8. 8. The Real World … Multiple Identity Sources Multiple Domains Multiple Platforms Web Applications Green Screen Systems Multiple Transports September 2008 Building Multi-Enterprise SOA
  9. 9. (Some) Real World Issues Application Silos • Applications from different vendors with narrowly defined interfaces and tight coupling to other systems Islands of Identity • Different identity repositories, schemas and provisioning systems Mixed Transport • SSL, HTTP, JMS, MQ, etc. Heterogeneous Platforms • Linux, UNIX, Windows, client-server, mainframe Heterogeneous Clients • Browsers, green screen, thick clients, other applications Web Portals • May already be default on-ramp for external partners September 2008 Building Multi-Enterprise SOA
  10. 10. Moving to Multi-Enterprise Multi- Security • Much more granular and much stronger • Authentication / authorization mechanism is required • May need to segregate data physically with separate databases Integration • More complex - participating applications and systems are scattered across companies • Integration approaches will need to be simplified and rationalized to manage the increase in complexity across multistep process integration Data and Process Model • Need to be designed around common keys that help link enterprises in their interactions • Gets more complex with potential range of range of one-to-one and one-to-many (and even many-to-many) business processes over time Adapted from: The Emergence of the Multienterpise Business Process Platform - Gartner, 11/07 September 2008 Building Multi-Enterprise SOA
  11. 11. A Spectrum of Implementation Challenges Delivering on the Promise of SOA • How to implement business process • How to avoid “broken” integrations Maintaining Security • Where to enforce security • Ensuring consistent security Meeting SLAs • Measuring and meeting both project and service SLAs • Reporting and acting on SLA violations Ensuring Compliance • Instrumentation of the path and ensuring integrity • Providing validation and alerting mechanisms Management • Providing the tools to manage the system • Fitting into existing internal processes September 2008 Building Multi-Enterprise SOA
  12. 12. The SecureSpan Product Line First suite of security and networking products to address the full spectrum of XML deployments: • Service Oriented Architectures (SOA) • Web 2.0 and Web Oriented Architectures (WOA) • AJAX, REST and non-SOAP applications • ESB, Portal, B2B and Application Oriented Networking September 2008 Building Multi-Enterprise SOA
  13. 13. A SOA Gateway’s View of the World What roles does a SecureSpan XML Networking Gateway perform? • Read policies • Create / store policies • Enforce policies • Identify exceptions • Act on exceptions • Report exceptions • Capture audit trail *Enforcement points enforce policies within a specific context September 2008 Building Multi-Enterprise SOA
  14. 14. A SOA Gateway’s View of the World What roles does a SecureSpan XML Networking Gateway perform? • Read policies Design-Time • Create / store policies • Enforce policies • Identify exceptions Run-Time • Act on exceptions • Report exceptions Diagnostic • Capture audit trail *Enforcement points enforce policies within a specific context September 2008 Building Multi-Enterprise SOA
  15. 15. A Few Policy Examples Threat Protection • Screen messages for specific / general threats Identity Based Access Control • Grant access to specific users or groups Content-Based Processing • Perform different processing based on specific content Selective Version Control • Transform to mediate client / service versioning issues Service-Level Agreement • Process based on measured quota or class of service September 2008 Building Multi-Enterprise SOA
  16. 16. Common Multi-Enterprise SOA Requirements Multi- • Identity and Trust Control Process Authenticating and certifying identities • Policy Definition Environment Tailor security (and other) policies to each service consumer and provider relationship • Automated Policy Provisioning and Coordination Establish policies that can be distributed, verified and managed • Compliance Verification Framework Enforce, audit, alert and report compliance to policies and SLAs September 2008 Building Multi-Enterprise SOA
  17. 17. SOA Appliances and Multi-Enterprise SOA Multi- • Security policy composed in policy editor • Enforcement point acts on policy Service Endpoints • Client software conforms to policy (Secure Zone) • Enforcement point reports on compliance Internal Firewall External Firewall Corporate Identity Server Business Partners SOA Gateway Policy Editor DMZ September 2008 Building Multi-Enterprise SOA
  18. 18. SecureSpan and Multi-Enterprise SOA Multi- • Security policy composed in SecureSpan Manager • XML Networking Gateway acts on policy • Client software conforms to policy OR Service • XML VPN Client conforms to policy Endpoints (Secure Zone) • Enforcement point reports on compliance Service Consumer with Hard-Coded Policy Corporate Identity Server SecureSpan XML Service Consumer WS-Policy Networking Gateway with SecureSpan XML VPN Client WS-Policy SecureSpan Manager September 2008 Building Multi-Enterprise SOA
  19. 19. (Some) Real World Issues Application Silos • Applications from different vendors with narrowly defined interfaces and tight coupling to other systems Islands of Identity • Different identity repositories, schemas and provisioning systems Mixed Transport • SSL, HTTP, JMS, MQ, etc. Heterogeneous Platforms • Linux, UNIX, Windows, client-server, mainframe Heterogeneous Clients • Browsers, green screen, thick clients, other applications Web Portals • May already be default on-ramp for external partners September 2008 Building Multi-Enterprise SOA
  20. 20. How SecureSpan Addresses Real World Issues Application Silos • Almost all major commercial applications are SOA-enabled Islands of Identity • SecureSpan can leverage LDAP, SSO and federation systems Mixed Transport • SecureSpan supports a mix of transports including HTTP, FTP, JMS Heterogeneous Platforms • SecureSpan is standards-based and application platform independent Heterogeneous Clients • SecureSpan has solutions to help fill the gap between clients and apps Web Portals • SecureSpan works in conjunction with both portals and SSO systems September 2008 Building Multi-Enterprise SOA
  21. 21. Multi- Multi-Enterprise Wide-Area Routing Fabric Wide- Business Partner Business Partner With SecureSpan With SecureSpan Appliances Appliances Business Partner SecureSpan With SecureSpan XML Networking Appliances Gateway Cluster September 2008 Building Multi-Enterprise SOA
  22. 22. Summary SOA Can Be Extended Outside of the Enterprise • Identity, security, provisioning, management … SOA Appliances Can Help • Can provide fine-grained personalization of policies • Robust, high-performance enough for the DMZ Be Aware of Potential Blockers • Establishing meaningful authentication, negotiating portals … • Coordinating policies with partners Multi-Enterprise SOA is Not a Product • No single solution, but lots of products can help • Good choices can meet immediate and long-term needs September 2008 Building Multi-Enterprise SOA
  23. 23. September 2008

×