WebSphere DataPower B2B Appliance overview

6,006 views
5,747 views

Published on

Extending Connectivity with the IBM WebSphere DataPower B2B Appliance XB62


http://www-01.ibm.com/software/integration/datapower/b2b_xb60/

Published in: Technology
0 Comments
9 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
6,006
On SlideShare
0
From Embeds
0
Number of Embeds
13
Actions
Shares
0
Downloads
0
Comments
0
Likes
9
Embeds 0
No embeds

No notes for slide
  • The B2B Appliance is part of a bigger DataPower family of products, which consists of a Security Gateway appliance, an integration appliance which is also available in a Blade form factor, an Low Latency Messaging appliance and the new Edge appliance. In June we intend to release the new DataPower hardware 2U form factor, this new form factor will replace the 1U hardware form factor used for the XB60 and XI52 by the end of 2011. The XB60/XB62 is a supper set of the XI50/XI52 and XS40 in that it has all of the same functionality as the two models plus B2B functionality.
  • The XM70 is our low latency appliance that provides ….
  • Application Integration with standalone B2B Gateway capabilities supporting B2B patterns for EDIINT AS1/2/3 and Web Services Full featured User Interface for B2B configuration and transaction viewing; correlate documents and acknowledgments displaying all associated events Trading Partner Management for B2B Governance; B2B protocol policy enforcement, access control, message filtering, and data security
  • *** Fix paragraph spacing My Datapower clients may have seen this before. This is a slide I often draw for my clients to describe the most basic idea of an appliance. The packaging of this B2B solution in a physical box is often referred to as a hardware form factor. There are things you often see in integration middleware such as content based routing, conditional processing, support for many protocols like http, MQ, JMS, etc… Then there are things you can really appreciate about hardware devices such as routers. You see things like high throughput, ability to handle many connections, firewall rules. And perhaps the best thing is they are firmware based which means you have simple firmware uploads. In a nutshell, here is the magic combination that makes appliances work so well for B2B and SOA: If you take some characteristics of the stuff at the top (the highly flexible integration software … and some characteristics of the stuff at the bottom (hardware simplicity and high performance … And smoosh them together in a purple pizza box taking attractive characteristics from the hardware and software solutions. The software stacks tend to be very flexible for many integration tasks. But they also take a lot of care and feeding.
  • I’m going to paraphrase our next presenter here… The story - Oven Let’s imagine I own a restaurant I want to serve hot food to our customers But I am not an expert in the scientific process of creating heat from electricity or gas Luckily the marketplace offers this thing called an oven… how lucky for me I can put the food in the oven I turn a single knob to a certain temperature I set the timer and press start Some time later I have hot food, which makes my customers happy The story – B2B Appliance I am a supplier and I need to make my most important customer happy. They want to take advantage of the reduced costs of electronic trading. They have been after me to get this done for a while. Right now they FTP me some documents and sometimes even send me a fax. In the past we have had a lot of problems with these FTP documents getting lost, or showing up late, or showing up duplicated. I’m afraid that if I can’t start doing B2B at some point they will go with a lower cost supplier for some or all of their orders. So my goal is to be easier and cheaper to trade documents with. I am not an expert in B2B messaging protocols, or deploying software onto the public internet, or signing or encrypting messages, or secure logging of messages. But I know I’ll need to do these things because my customer has various B2B requirements related to security of credit cards, and customer data, and other bits of data that will be in these B2B messages. Lucky for me there is this thing called a B2B appliance that knows how to do those things. I can configure my partner profiles, my logging requirements, acknowledgement and security requirements The appliance will take care of my data and put it into the B2B messaging wrapper Come up with an example: When you use your oven you aren’t really interested in the scientific aspects of heat and convection Similarly, when you use want to use Digital Signatures you should have to be an expert on security-style programming to get your documents signed.
  • Purchasing Notes: There are several hardware options that require extra lead time for Build-to-Order systems: Hardware Security Module (HSM) FIPS 140-2 Level 3 and Level 2 XS40 + HSM : 9235-34X (that is, <Machine Type> - <Model>) XS40 + Hard Disk Drive (HDD) + HSM : 9235-3DX XI50 + HSM : 9235-44X XI50 + HDD + HSM : 9235-4DX XG4 Acceleration (better than XG3 standard acceleration) XI50 + XG4 : 9235-43X XI50 + HDD + XG4 : 9235-4CX XG4 and XSM XI50 + HSM + XG4 : 9235-45X XI50 + HDD + HSM + XG4 : 9235-4FX For clarity, the HDD option does not have extra lead time. Dual swappable power supplies: Separate power cords, designed for high availability Careful thermal design: Multiple fans & high air flow capacity Integrated failover: VRRP-like failover ensures systems defaults to redundant appliance without service interruption Works seamlessly with existing load balancers, firewalls, routers and other network infrastructure No spooled application messages on device: - Prevents stored message loss in the unlikely event of device failure Internal self-monitoring & self-healing features Extensive utilization monitoring & alerts (see Configuration & Logging)
  • Primarily, organizations are looking for the following value from a B2B integration provider: ● A single, cost-effective, easy-to-use package based on a powerful management-by-exception paradigm that reduces ongoing operational costs ● A B2B gateway that allows modular configuration and reusable building-block approaches, delivering large-scale, rapid onboarding of trading partners, low maintenance and strong return on investment (ROI) ● An architecture that delivers scalability for both small- and large-scale implementations, supporting mission-critical business processes with automated enablement and comprehensive event support, delivering extreme scalability for even the most demanding workloads, full extensibility and broad interoperability—validated in many small and large innovative deployments across the globe These critical needs arise from recent business and market dynamics such as supply chain integrations, mergers and acquisitions, or spin-offs. As departments increasingly consolidate trading partners into their processes, information exchange is exploding. Data transfer size and frequency are growing at a rapid pace. The need for B2B Integration is crucial for a multienterprise business process platform (ME-BPP). A B2B solution is a critical component of any IT portfolio that addresses a multienterprise integration strategy. Centralized and consolidated B2B trading partner and transaction management tools. Outsource non-core business functions to third parties for improved operational efficiency and reduced cost. Rapidly adjust product and service offerings to meet changing customer requirements. Access new customers and increase revenue opportunities with new routes to market for products and services.
  • There are three primary B2B Technologies in IBM: The WebSphere DataPower B2B Appliance XB62 is the only B2B appliance form factor at this time, is IBM strategic direction for B2B appliances and our intent is to expand its capabilities to better integrate to Sterling Software solutions over the next several releases. Sterling Integrator and the Collaboration Network is IBM’s strategic direction as a basis for our B2B Software and B2B “Software as a Service” solutions; our intent is to enhance Sterling technology with IBM technology over time where it makes the most sense to do so WebSphere Transformation Extender is IBM’s Leading solution for industry standards and any-to-any transformation; our intent is to continue to offer WTX and to enhance Sterling products to integrate with WTX.
  • Standalone Consolidated B2B Solutions Use XB60 when customers need B2B governance in the DMZ, Exceptional EDIINT data throughput or wish to bridge application integration and B2B in a single purposed appliance Use XB60 when customers want a standalone B2B appliance at network edge functioning as a light weight B2B solution – EDIINT routing with any payload and pass-thru delivery to partners or back-end Extensible Distributed B2B solutions Use the XB62 with WebSphere MQFTE when customers need to enable transfers across boundaries with their trading partners and need to support a wide range of B2B and non-B2B protocols with the ability to ensure data security and partner identity while the files traverse the Internet. Use the XB62 with WTX and Industry packs when customers demand B2B governance and high performance at the network edge and also needs full any-to-any data transformation and document processing Use the XB62 with WPS when customers demand B2B governance and high performance at the network edge and needs to support using information in the payload to trigger key business processes in their downstream systems Use the XB62 with Sterling when customers demand B2B governance and high performance at the network edge, need to provide a single secure network entry point for all business transactions and also needs the ability to process large volumes of EDI transactions.
  • File Name Here.ppt B2B Gateway Service The B2B Gateway uses profile management to ensure B2B Governance by enforcing Trading Partner Agreements, the processing of EDIINT Message formats and routing the payload to the appropriate internal systems and/or external trading partners. Profiles Rules are created in a multi-step processing policy in the receiving partner profile to provide dynamic destination routing and/or to manipulate the data as it flows through the B2B Gateway Service. For outbound data flows the payload data is parsed for the sender and receiver id’s and is wrapped in an AS2 envelope as defined in the external partner’s destination. For inbound data flows the AS2 envelope is processed, the partner profiles are located using the AS2 headers and the payload is routed to the internal partner’s destination. B2B Transaction Viewer The B2B Transaction Viewer is used to monitor the state of AS2 transaction data that was processed by the B2B Gateway Service. Administrators can view all transactions and partners can view only their own transactions; access is controlled using DataPower’s Role Based Management capabilities. Failed transactions can be resent from the B2B Viewer to external partners.
  • File Name Here.ppt In this example Partner A sends an EDI file into their B2B Hub (1) which wraps the file in an AS2 envelope and sends it to Partner B (2), Partner B’s B2B Gateway Services in the XB60 transforms the EDI file to XML (3a) and sends it to the backend application over any XB60 supported protocol (3b), after the transaction has been successfully received by the back-end, Partner B’s B2B Gateway Service generates and sends an MDN back to partner A. Optionally, the Admin user can view the state of the transaction in the B2B viewer (5).
  • File Name Here.ppt Web Service Proxy The Web Service Proxy provides the ability to use a WSDL to define a service we want to use to receive files from our trading partner A processing policy is used in this Web Services Proxy to take the payload and wrap it in a minimal AS2 header with appropriate AS ID’s for integration into the B2B Gateway Service B2B Gateway Service The B2B Gateway consumes the AS2 message passed from the Web Service Proxy and processes the AS2 (Note MDN’s are not used between services). After it processes the AS2 envelope the file is routed to an internal system. Optionally, you could use a processing policy in the internal profile to validate/transform or look at content for dynamic destination routing Profiles Rules are created in a multi-step processing policy in the receiving partner profile. For outbound, the files passed into the B2B Gateway are parsed for sender and receiver information, the processing policy in the receiving profile is used to wrap the file in SOAP and pass it to the Web Service Proxy For inbound data flows the B2B Gateway Service gets partner information from the AS2 headers that were added by the Web Service Proxy B2B Transaction Viewer The B2B Transaction Viewer is used to monitor the state of AS2 transaction data that was processed by the B2B Gateway Service. Administrators can view all transactions and partners can view only their own transactions; access is controlled using DataPower’s Role Based Management capabilities. Failed transactions can be resent from the B2B Viewer to external partners.
  • File Name Here.ppt A flat file is passed from Partner A’s back-end application into a process that wraps the file in a SOAP envelope as defined in the WSDL. Partner A sends the SOAP message to Partner B over HTTP or HTTPS. Partner B unwraps the SOAP envelop based on information defined in the WSDL using a Web Service Proxy service Partner B wraps the flat file payload in a minimal AS2 header using a processing policy within the Web Service Proxy service and routes the AS2 message into a B2B Gateway Service over HTTP or HTTPS Partner B’s B2B Gateway service unwraps the AS2 message and sends the flat file to Partner B’s back-end application using any protocol supported by the B2B appliance. Optionally, if a Web Services response indicating the message was required by the sender this can be generated in the processing policy and sent after the file has been routed to the application. If the response is generated from the back-end Web Service application this could be passed back into the policy and sent to the partner. The user can view the state of the transactions using the B2B Transaction Viewer.
  • File Name Here.ppt B2B Gateway Service This method of integration allows us to receive files in the B2B Gateway Service and natively integrate with MQ File Transfer Edition using new protocol handlers. Profiles For this inbound data flow a file is sent into the XB62 over an of the supported front-side protocols, if using and AS standard or ebMS the message envelope and acknowledgment is processed. Partner profiles are identified and checked against the configuration if partner information cannot be extracted from the payload it must be set in the Binary Routing Processing Policy for the B2B Gateway service. Optionally, an processing policy in the receiving profile can be used to send or set MQ FTE metadata using RFH2 headers. B2B Transaction Viewer The B2B Transaction Viewer is used to monitor the state of any transaction data that was processed by the B2B Gateway Service. Administrators can view all transactions and partners can view only their own transactions; access is controlled using DataPower’s Role Based Management capabilities. Failed transactions can be resent from the B2B Viewer to external partners. Additional functionality exist in the viewer to allow they user to view the integration ID that ties the MQ FTE transactions to the XB62 transaction; when this ID is clicked on it will query the MQ FTE logging database and return all of the MQ FTE metadata associated with the transaction. New B2B Viewer capabilities provide support for improved end-to-end visibility and correlation of transactions that flow through both the B2B Gateway and MQ File Transfer Edition
  • File Name Here.ppt 1: Trading Partner sends a file into the B2B Gateway service over any support protocol. The B2B GW uses profile management to identify the partner and process any messaging envelopes that may exist (Security, compression, acknowledgements, etc. - depends on standard used). 2: The B2B Gateway routes the file to a MQ Queue that is shared with an MQ FTE Agent. 2a: Optionally, a processing policy may be used in the B2B Gateway to set RFH2 headers and or trigger the MQ FTE file transfer. 3: The B2B Gateway recognizes the responses from MQ and if a B2B Messaging protocol (AS1, AS2, AS3, etc.) was used it will generate a message disposition notification and send it to the trading partner. 4: The Source Agent moves the file to the Target Agent based on either XML command file instructions or if the Agent was set to poll the shared MQ Queue. 5: The Target Agent moves the file off of the MQ Queue to the file system destination. 6: The back-end application uses the file to complete the flow. NOTE: you may be using adapters on IBM SOA products to integrate to apps like SAP, this is not depicted in this picture.
  • File Name Here.ppt B2B Gateway Service The B2B Gateway uses Collaboration Protocol Profiles to enforce Collaboration Protocol Agreements (CPA), the processing of B2B Message formats and routing the payload to the appropriate internal systems and/or external trading partners. Profiles CPAs contain the details necessary to perform protocol and data mediation between internal and external partners (including destinations and security requirements). CPAs can be imported into appliance using configuration management interfaces; such as WebGUI, CLI, or SOMA (appliance configuration web service). The B2B appliance provides a CPA Import utility that maps the public side definitions of internal party in the CPA file to B2B Gateway structures, save the certificates defined in the CPA file in the file system, and automatically configures the Gateway with CPA entries, two Partner Profiles, front-side protocol handler(s), and crypto objects . All private objects that could not be stored in a CPA need to be configured manually (Private Keys, internal integration points, etc.) B2B Transaction Viewer The B2B Transaction Viewer is used to monitor the state of ebMS transaction data that was processed by the B2B Gateway Service. Administrators can view all transactions and partners can view only their own transactions; access is controlled using DataPower’s Role Based Management capabilities. Failed transactions can be resent from the B2B Viewer to external partners. Under the ebMS specific view, admin can examine the CPA details of a transaction by looking at the CPA Info fly-out of the B2B Transaction Viewer.
  • File Name Here.ppt Think of the analogy of WSDL - SOAP over HTTP - WebServices for CPPA - ebMS - ebXML relations -- but wider in CPPA. WSDL describes Web Services and how to access the services; SOAP over HTTP is used to invoke the Web Services. CPA (and ebBP) describes the agreed of business collaborations and the technical capabilities how two trading partners do e-business; ebMS, which is protocol-independent, is used to invoke the business services. An external partner sends an ebMS message into the B2B Gateway service over http or https. The B2B GW uses profile management in combination with CPA entries associated with the B2B Gateway service to identify the ebXML collaboration and process the ebMS message. The B2B Gateway routes the ebxml payload to the back-end applications. After the ebXML payload is successfully transferred to the back-end the B2B Gateway Service generates an ebms ack (signal) message and sends it to the external trading partner. The user can view the state of the transactions using the B2B Transaction Viewer.
  • File Name Here.ppt B2B Gateway Service The B2B Gateway uses profile management to ensure B2B Governance by enforcing Trading Partner Agreements, the processing of B2B Message formats and routing the payload to the appropriate internal systems and/or external trading partners. Profiles Rules are created in a multi-step processing policy in the receiving partner profile. For outbound data flows the processing policy in the external profile is used to determine if the HL7 documents are version 2 or version 3, if the documents are version 2 (EDI) they are transformed to version 3 (XML) using a map created in WebSphere Transformation Extender Design Studio (The HL7 WTX industry pack can be used as a basis for map development), if the documents are version 3 they will be passed through without modification and routed to the external partner using AS2 to provide B2B security and governance. For inbound data flows the AS2 messages is processed and the processing policy in the internal profile is used to validate the HL7 version 3 (XML) document and transform it to a format that the receiving healthcare application can understand. B2B Transaction Viewer The B2B Transaction Viewer is used to monitor the state of HL7 transaction data that was processed by the B2B Gateway Service. Administrators can view all transactions and partners can view only their own transactions; access is controlled using DataPower’s Role Based Management capabilities. Failed transactions can be resent from the B2B Viewer to external partners.
  • HL7 v2.x data does not adhere to the EDI X12 spec when it comes to segments and thus it has no ISA segment, but rather a MSH segment. Since we don't natively parse the MSH segment in a B2B Gateway and since the elements used to identify sender and receiver are optional, HL7 data must be handled as binary data when passing it into a B2B Gateway for outbound processing. Partner A sends an HL7 v3.0 XML file wrapped in an AS2 envelope into Partner B’s B2B Gateway service over http or https. The B2B Gateway service uses profile management to identify the sender and receiver partner profiles and routes the HL7 XML file into a processing policy in the internal partner profile. The B2B Gateway service validates the HL7 XML payload against its schema and transforms the file into an HL7 EDI file using the processing policy. The B2B Gateway service transfer the HL7 EDI file to the back-end healthcare applications using any B2B appliance supported protocol. After the HL7 payload is successfully transferred to the back-end the B2B Gateway Service generates an AS2 message disposition notification (MDN) and sends it to Partner A. The user can view the state of the transactions using the B2B Transaction Viewer.
  • XB60 Active/Passive High Availability Deployment Pattern Configuration: Standby Control must be configured on the Ethernet adapter being used for data transfer with both the primary and secondary device. Both devices in the standby group need to be set to a priority of 100. This will create a Virtual IP Address that is shared between the two devices in the Standby Group. The Primary device receives data over the VIP, if a failure condition arises the Secondary device takes over the VIP and starts to receive data. B2B Payload Data for each B2B Gateway must be stored off device to a shared directory (options for NFS or ISCSI). The storage system can be placed either in the DMZ or protected zone depending on your security requirements. If deployed in the protected zone it is recommended to isolate one of the Ethernet Controllers to the connection and open the appropriate ports through the inner firewall. Pollers must not be configured in the B2B Gateway; they should be configured in a Multi-Protocol Gateway that outputs to the VIP Address and port number of a HTTP front-side handler in B2B Gateway Service. This ensures that the metadata store does not receive active data from pollers. The B2B Gateways and Multi-Protocol Gateways (used for pollers) must be configured identical on both the primary and the secondary systems. The B2B metadata store must be configured as primary on the active device and secondary on the passive device.
  • are typically cost prohibitive
  • This book is the single most critical resource, available on amazon, barnes & noble, etc. all this shows our commitment to appliances and maturity, competitors don’t have this stuff
  • WebSphere DataPower B2B Appliance overview

    1. 1. Extending Connectivity with the IBM WebSphere DataPower B2B Appliance XB62 Rich Kinard, Sr. Product Manager, WebSphere DataPower Appliances
    2. 2. DataPower Appliances meet your connectivity needs XS40 <ul><li>Web Services security </li></ul><ul><li>Centralized policy management </li></ul><ul><li>Rich authentication </li></ul><ul><li>Fine-grained authorization </li></ul>XI50 & XI50B <ul><li>Hardware ESB </li></ul><ul><li>“ Any-to-any” conversion at wire-speed </li></ul><ul><li>Broad protocol bridging </li></ul><ul><li>Dynamic routing and intelligent load distribution </li></ul><ul><li>SFTP Client/Poller </li></ul><ul><li>ESB functions in a dense, high compute, IBM BladeCenter form-factor (XI50B) </li></ul><ul><li>Compatible with BladeCenter BCE, BCH and BCHT Chassis (XI50B) </li></ul>XI52 XB60 <ul><li>EDIINT AS1/AS2/AS3 support </li></ul><ul><li>Trading partner profile management </li></ul><ul><li>Transaction viewing and resend support </li></ul><ul><li>EDI Routing and Transformation </li></ul><ul><li>ebXML Messaging Service v2.0 support </li></ul><ul><li>ebXML Collaboration Protocol Profile and Agreement v2.0 support </li></ul>XB62
    3. 3. DataPower Appliances meet your connectivity needs AWARDS & RECOGNITIONS FOR DATAPOWER APPLIANCES <ul><li>Extreme volume, microsecond latency </li></ul><ul><li>Enhanced QoS and performance </li></ul><ul><li>Configuration-driven approach to LLM </li></ul><ul><li>Messaging protocol bridging </li></ul>XM70 XE82 <ul><li>Traffic consolidation, monitoring, management and acceleration for web application delivery </li></ul><ul><li>Appliance-based proxy gateway for web application delivery </li></ul><ul><li>Integrated edge-of-network traffic gateway for use with WebSphere Application Acceleration for Public Networks </li></ul><ul><li>Appliance based proxy gateway for external application access to Software-as-a-Service (SaaS) and cloud-based applications </li></ul>
    4. 4. DataPower Use Cases <ul><li>Internal Security </li></ul><ul><li>Enterprise Service Bus </li></ul><ul><li>Legacy Integration </li></ul><ul><li>Web Service Management </li></ul><ul><li>XML Acceleration </li></ul><ul><li>B2B Gateway </li></ul><ul><li>Security Gateway (for Web Services & Web Applications) </li></ul><ul><li>HTTP Proxy Services, Load Balancing and Workload Distribution </li></ul>Mainframe DMZ Trusted Domain Consumer Internet Consumer
    5. 5. What is the XB62?
    6. 6. Business to Business (B2B) Appliance XB62 Purpose-built B2B hardware for simplified deployment, exceptional performance and hardened security <ul><li>Extend integration beyond the enterprise with B2B </li></ul><ul><li>Hardened Security for DMZ deployments </li></ul><ul><li>Easily manage and connect to trading partners using industry standards </li></ul><ul><li>Simplified deployment and ongoing management </li></ul><ul><li>Trading Partner Management for B2B Governance; B2B protocol policy enforcement, access control, message filtering, and data security </li></ul><ul><li>Application Integration with B2B Gateway Service capabilities supporting B2B patterns for AS1, AS2, AS3, ebMS v2.0, FTP(S), SFTP, HTTP(S), SFTP/POP3, MQ, MQ FTE, JMS and more </li></ul><ul><li>Full featured User Interface for B2B configuration and transaction viewing; correlate documents and acknowledgments displaying all associated events </li></ul><ul><li>Simplified deployment, configuration and management providing a quicker time to value by establishing rapid connectivity to trading partners </li></ul>
    7. 7. DataPower B2B Appliance XB62 - B2B Components <ul><li>B2B Gateway Service </li></ul><ul><ul><li>AS1, AS2, AS3 and ebMS v2.0 </li></ul></ul><ul><ul><li>Plaintext email support </li></ul></ul><ul><ul><li>EDI, XML and Binary Payload routing </li></ul></ul><ul><ul><li>Front Side Protocol Handlers </li></ul></ul><ul><ul><li>Hard Drive Archive/Purge policy </li></ul></ul><ul><ul><li>CPA and Partner Profile Associations </li></ul></ul><ul><ul><li>MQ File Transfer Edition integration </li></ul></ul><ul><li>Trading Partner Profiles </li></ul><ul><ul><li>Two Types – Internal and External </li></ul></ul><ul><ul><li>ebXML CPPA v2.0 </li></ul></ul><ul><ul><li>Multiple Business IDs </li></ul></ul><ul><ul><li>Multiple Destinations (URL Openers) </li></ul></ul><ul><ul><li>Certificate Management (S/MIME Security) </li></ul></ul><ul><ul><li>Multi-step processing policy </li></ul></ul><ul><li>B2B Viewer </li></ul><ul><ul><li>B2B transaction viewing </li></ul></ul><ul><ul><li>MQ FTE transaction viewing </li></ul></ul><ul><ul><li>Transaction resend capabilities </li></ul></ul><ul><ul><li>Transaction and Acknowledgement correlation </li></ul></ul><ul><ul><li>Role based access </li></ul></ul><ul><li>Persistent Storage </li></ul><ul><ul><li>AES Encrypted B2B document storage </li></ul></ul><ul><ul><li>Option for Off-Box Storage (NFS or iSCSI) </li></ul></ul><ul><li>Transaction Store </li></ul><ul><ul><li>B2B metadata storage </li></ul></ul><ul><ul><li>B2B state management </li></ul></ul>The DataPower B2B Appliance extends your ESB beyond the enterprise by supporting the following B2B functionality: DataPower XB62 B2B Gateway Service Partner Connection Front Side Handlers Internal Partner Destinations Integration Front Side Handlers External Partner Destinations B2B Viewer Metadata Store (DB) Document Store (HDD) Partner Profiles
    8. 8. 1) Take some characteristics from integration software stacks 2) Take some characteristics of networking & firewall devices 3) Combine them into a hardware device (aka hardware form factor) known as a B2B Appliance that has characteristics of both application stacks and networking gear. The appliances offer a more efficient method for performing B2B tasks that can be packaged into firmware (parsing, routing, transformation, logging, security) <ul><li>Programmability by developers </li></ul><ul><li>Message level routing and security (including by partner for B2B) </li></ul><ul><li>Integration with other SOA infrastructure & governance software such as Registry, Repository, etc… </li></ul><ul><li>Conditional Processing (if, else, split, join) </li></ul><ul><li>Transformation of any-2-any formats </li></ul><ul><li>High throughput </li></ul><ul><li>Many concurrent connections </li></ul><ul><li>IP level security and routing (can’t see inside message but route by source and target) </li></ul><ul><li>Simplified Management and reduced maintenance costs through firmware updates </li></ul><ul><li>Reliability </li></ul>Revisiting the Appliance formula = XB62
    9. 9. DataPower vs. Typical Software-based Solution Special Purposed Hardware Firmware XML Acceleration Crypto Acceleration Configuration Hardware Floppy CD Rom USB Port Disk Operating system Web Server Config XML Library C Library Dev Platform Application Server Server Daemon Proprietary Software Database DataPower’s Hardware Network Appliance Server-based Software Appliance Config Config Config Config Config
    10. 10. SIMPLE PURPOSE BUILT WORKHORSE An Appliance Analogy AS2 (XML) XML AS2 (MDN)
    11. 11. What Kind of Value Can You Expect from the DataPower Appliances?
    12. 12. WebSphere DataPower Appliances… WebSphere DataPower Appliances provide a low startup cost , helping companies increase their ROI and reduce their TCO with specialized, consumable, dedicated appliances that combine superior performance and hardened security SIMPLIFY your connectivity infrastructure ACCELERATE your time to value SECURE your SOA, Web 2.0, B2B, and Cloud environments GOVERN your evolving IT architecture
    13. 13. Why use an appliance for connectivity? <ul><li>Purpose-built, fine-tuned consumable hardware platform </li></ul><ul><li>Provides high levels of certified security assurance </li></ul><ul><ul><li>FIPS 140-2 Level 3 </li></ul></ul><ul><ul><li>Common Criteria EAL4 </li></ul></ul><ul><li>Achieves fast performance with multiple layers of specialized hardware acceleration </li></ul><ul><li>Many functions incorporated in a single device </li></ul><ul><ul><li>Service level management </li></ul></ul><ul><ul><li>Dynamic routing and load distribution </li></ul></ul><ul><ul><li>Edge security </li></ul></ul><ul><ul><li>Policy enforcement </li></ul></ul><ul><ul><li>Transport and message transformation </li></ul></ul><ul><li>Simplified maintenance model </li></ul><ul><ul><li>Drop-in appliance form-factor </li></ul></ul><ul><ul><li>Secures traffic in minutes </li></ul></ul><ul><ul><li>Push-button flash upgrade process </li></ul></ul><ul><ul><li>Integrates with existing operations </li></ul></ul>
    14. 14. DataPower’s core value proposition: The SOA appliances simplify and centralize key functions <ul><li>High speed routing, transformation, and securing of messages to multiple applications without coding changes </li></ul><ul><li>Reduced complexity resulting in lower hardware, software, maintenance and administration costs, improved productivity </li></ul><ul><li>Increased flexibility that enables new functionality may be delivered to the business more quickly </li></ul>Secure, route, transform all applications instantly No changes to applications After SOA Appliances Higher cost: Application servers must be updated individually Before SOA Appliances Routing Transformation New XML standard Access control update Security Processing Change purchase order schema
    15. 15. Why WebSphere DataPower Appliances? “ IBM ESBs [including DataPower] have the broadest set of supported runtime protocols, connectivity options, mediation capabilities, security, commercial data standards, and service monitoring and management — hands down.&quot; - Forrester <ul><li>Why an Appliance? </li></ul><ul><li>Hardened, high-performance hardware </li></ul><ul><li>Many functions integrated into a single device </li></ul><ul><li>Enables run-time SOA governance and policy enforcement </li></ul><ul><li>Addresses divergent needs of different groups </li></ul><ul><li>Simplified deployment and ongoing management </li></ul><ul><li>Proven Green / IT Efficiency Value </li></ul><ul><li>Tightly integrated hardware and firmware </li></ul><ul><li>High performance </li></ul><ul><li>Security without performance bottlenecks </li></ul><ul><li>Simplicity </li></ul><ul><li>connectivity requires: </li></ul><ul><li>service level management </li></ul><ul><li>routing, policy, transformation </li></ul><ul><li>dynamically control </li></ul><ul><li>service availability </li></ul><ul><li>security </li></ul><ul><li>performance </li></ul><ul><li>endpoint selection </li></ul><ul><li>enterprise architects </li></ul><ul><li>network operations </li></ul><ul><li>security operations </li></ul><ul><li>identity management </li></ul><ul><li>web services developers </li></ul><ul><li>Example: Appliance performs XML and Web services security processing as much as 72x faster than server-based systems </li></ul><ul><li>Impact: Same tasks accomplished with reduced system footprint and power consumption </li></ul><ul><li>reduces need for in-house SOA skills & accelerates time to SOA benefits </li></ul>
    16. 16. Hardware superiority <ul><li>Benefits of DataPower Hardware </li></ul><ul><li>Dedicated, tightly optimized hardware and firmware </li></ul><ul><li>High reliability </li></ul><ul><li>High security assurance </li></ul><ul><li>High performance </li></ul><ul><li>Monitoring and management </li></ul>“ The DataPower [XS40]... is the most hardened ... it looks and feels like a datacenter appliance, with no extra ports or buttons exposed… &quot; - InfoWorld “ These boxes work,” wrote one judge. “In fact they work so well that people sometimes think they sound too good to be true. They aren't. Security doesn't have to be a problem, thanks in large part to gateway appliances.” -SearchSOA, 2007 Product of the Year for SOA Security Citation <ul><li>physical intrusion detection </li></ul><ul><li>crypto acceleration </li></ul><ul><li>signed firmware </li></ul><ul><li>only Ethernet and serial ports </li></ul><ul><li>XS40 and XI50 </li></ul><ul><li>locked-down structure (CC EAL4) </li></ul><ul><li>HSM option (FIPS-140-2 Level 3) </li></ul><ul><li>swappable redundant components </li></ul><ul><li>whole-box VRRP-style failover </li></ul><ul><li>careful design, RAID 1 for HDD options </li></ul><ul><li>non-HDD options avail </li></ul><ul><li>self-monitoring and self-healing </li></ul><ul><li>rich remote monitoring and administrative capabilities </li></ul><ul><li>iSCSI acceleration </li></ul><ul><li>XG4 additional acceleration available </li></ul><ul><li>crypto acceleration </li></ul><ul><li>Low latency and high throughput </li></ul><ul><li>patented technology </li></ul><ul><li>simplicity </li></ul><ul><li>manageability </li></ul><ul><li>serviceability </li></ul>
    17. 17. Exceptional Security <ul><li>Sign, verify, encrypt & decrypt </li></ul><ul><ul><li>AS1, AS2 and AS3 Messaging Security (XB62 Only): </li></ul></ul><ul><ul><ul><li>S/MIME Security </li></ul></ul></ul><ul><ul><ul><li>Digital Signatures </li></ul></ul></ul><ul><ul><ul><li>Payload Encryption </li></ul></ul></ul><ul><ul><li>XML Encryption & XML Digital Signature: </li></ul></ul><ul><ul><ul><li>Message-level </li></ul></ul></ul><ul><ul><ul><li>Part-of-message or field-level </li></ul></ul></ul><ul><ul><ul><li>Headers, as building block of other security specs </li></ul></ul></ul><ul><ul><ul><li>ebMS Protocol Security (XB62 Only) </li></ul></ul></ul><ul><li>Trading Partner policy enforcement (XB62 only) </li></ul><ul><li>Field-level security configurable from the WebGUI </li></ul><ul><li>Verify-all option (data-driven verification of all signatures) </li></ul><ul><li>DataPower’s own implementation, listed in W3C Interop matrix: </li></ul><ul><ul><li>http://www.w3.org/Signature/2001/04/05-xmldsig-interop.html </li></ul></ul><ul><ul><li>http://www.w3.org/Encryption/2002/02-xenc-interop.html </li></ul></ul><ul><ul><li>Agility for interoperability or customization </li></ul></ul><ul><li>Secure Attachment Processing: </li></ul><ul><ul><li>Supports the full SOAP with Attachments specification (MIME/DIME) </li></ul></ul><ul><ul><li>WS-Security </li></ul></ul><ul><li>Last-mile Security for SOA </li></ul>
    18. 18. Application Integration <ul><li>Built on top of the IBM Hardware ESB (XI52) </li></ul><ul><ul><li>Sophisticated multistage pipeline processing and content-based message routing </li></ul></ul><ul><li>Drop-in integration for heterogeneous environments </li></ul><ul><ul><li>Any-to-Any data transformation between a wide range of data formats (WTX tooling, XSLT, etc.) </li></ul></ul><ul><ul><li>Optimized bridging between wireline messaging protocols (HTTP, MQ, JMS, FTP, SMTP, etc.): </li></ul></ul><ul><li>Security </li></ul><ul><ul><li>Data validation </li></ul></ul><ul><ul><li>Field-level security operations </li></ul></ul><ul><ul><li>Web services management and access control </li></ul></ul><ul><ul><li>Centralized Service Level Management, Service Virtualization, Policy Management </li></ul></ul><ul><ul><li>All security functions of XS40 included </li></ul></ul><ul><li>Enablement of existing infrastructure for XML and Web services </li></ul><ul><ul><li>Communicate directly with remote Database instances </li></ul></ul><ul><li>Policy driven approach to Web Services and SOA governance </li></ul><ul><li>Direct to Database access </li></ul><ul><li>Easy Configuration & Management: </li></ul><ul><ul><li>WebGUI, CLI, IDE and Eclipse configuration to address broad organizational needs (Architects, Developers, Network Operations, Security) </li></ul></ul><ul><li>Simplicity, Robustness, Governance, Speed </li></ul>
    19. 19. IBM® WebSphere® DataPower B2B Appliance XB62 extends your business to customers and partners with DMZ-grade security <ul><li>Make it easier for your partners and customers to do business with you. Reduce infrastructure costs and increase the speed of on-boarding new partners with a configuration-driven appliance that tackles today’s B2B integration challenges. </li></ul><ul><li>Centralize and consolidate B2B trading partner connectivity and transaction management with a DMZ-ready B2B gateway </li></ul><ul><li>Quickly access new customers and new routes to market with standards-based trading partner management. </li></ul><ul><li>Rapidly adjust product and service offerings to meet changing requirements with support for Web 2.0 technologies. </li></ul><ul><li>Unlock siloed information with drop-in B2B integration for heterogeneous environments. </li></ul><ul><li>Improve the performance and scalability of your B2B </li></ul>
    20. 20. Consolidated Partner Management With Cost Effective Easy to Use B2B Tools <ul><li>Centralized and consolidated B2B trading partner and transaction management </li></ul><ul><li>Highly secure connection to trading partners over a wide range of protocols </li></ul><ul><li>Access new customers and increase revenue opportunities </li></ul><ul><li>Decrease in Total Cost of Ownership </li></ul>Trading Partners Multi-Enterprise Organizations
    21. 21. DataPower reduces costs, improves productivity, accelerates deployment and time to value <ul><li>IT cost reduction through </li></ul><ul><ul><li>Improved IT development productivity (example: replaces time spent hand coding and testing message-level security) </li></ul></ul><ul><ul><li>Reduced infrastructure costs including a reduction in the number of servers required </li></ul></ul><ul><ul><li>Improved application integration productivity </li></ul></ul><ul><ul><li>Improved IT security operations management productivity: </li></ul></ul><ul><ul><ul><li>Policy management </li></ul></ul></ul><ul><ul><ul><li>Intrusion management </li></ul></ul></ul><ul><ul><ul><li>Repair and resolution </li></ul></ul></ul><ul><ul><ul><li>Forensics and counter measures </li></ul></ul></ul><ul><ul><ul><li>Reporting, analysis, audit </li></ul></ul></ul><ul><ul><li>Reduced infrastructure management costs </li></ul></ul><ul><ul><li>Improved Service governance and reuse </li></ul></ul><ul><ul><li>Reduced IT backlog (less time spent hand coding, testing) </li></ul></ul><ul><li>Improved business operation efficiencies </li></ul><ul><ul><li>Security Risk Avoidance including: </li></ul></ul><ul><ul><ul><li>Reduction in denial of service </li></ul></ul></ul><ul><ul><ul><li>Intentional data destruction </li></ul></ul></ul><ul><ul><ul><li>Theft of proprietary information </li></ul></ul></ul><ul><ul><ul><li>Illegal system access </li></ul></ul></ul><ul><ul><li>Improved Back-Office application availability </li></ul></ul><ul><ul><li>Reduced documentation and compliance costs </li></ul></ul><ul><li>Revenue advantages </li></ul><ul><ul><li>Improved Front-Office application availability </li></ul></ul><ul><ul><li>Higher transaction volumes, faster transaction possessing </li></ul></ul>
    22. 22. DataPower reduces costs, improves productivity, accelerates deployment and time to value <ul><li>IT cost reduction through </li></ul><ul><ul><li>Improved IT development productivity (example: replaces time spent hand coding and testing message-level security) </li></ul></ul><ul><ul><li>Reduced infrastructure costs including a reduction in the number of servers required </li></ul></ul><ul><ul><li>Improved application integration productivity </li></ul></ul><ul><ul><li>Improved IT security operations management productivity: </li></ul></ul><ul><ul><ul><li>Policy management </li></ul></ul></ul><ul><ul><ul><li>Intrusion management </li></ul></ul></ul><ul><ul><ul><li>Repair and resolution </li></ul></ul></ul><ul><ul><ul><li>Forensics and counter measures </li></ul></ul></ul><ul><ul><ul><li>Reporting, analysis, audit </li></ul></ul></ul><ul><ul><li>Reduced infrastructure management costs </li></ul></ul><ul><ul><li>Improved Service governance and reuse </li></ul></ul><ul><ul><li>Reduced IT backlog (less time spent hand coding, testing) </li></ul></ul><ul><li>Improved business operation efficiencies </li></ul><ul><ul><li>Security Risk Avoidance including: </li></ul></ul><ul><ul><ul><li>Reduction in denial of service </li></ul></ul></ul><ul><ul><ul><li>Intentional data destruction </li></ul></ul></ul><ul><ul><ul><li>Theft of proprietary information </li></ul></ul></ul><ul><ul><ul><li>Illegal system access </li></ul></ul></ul><ul><ul><li>Improved Back-Office application availability </li></ul></ul><ul><ul><li>Reduced documentation and compliance costs </li></ul></ul><ul><li>Revenue advantages </li></ul><ul><ul><li>Improved Front-Office application availability </li></ul></ul><ul><ul><li>Higher transaction volumes, faster transaction possessing </li></ul></ul><ul><li>IBM’s Business Value Assessment (BVA) captures and quantifies the potential business benefit of a robust, scalable, and flexible technical infrastructure. </li></ul><ul><li>DataPower BVA examples: </li></ul><ul><ul><li>Automotive industry customer: 7m€ saved over 5 years, breakeven in less than 6 months </li></ul></ul><ul><ul><li>Retail industry customer: 4m€ saved over 5 years, breakeven in less than 6 months </li></ul></ul><ul><ul><li>Retail banking industry customer: $5M saved over 3 years, breakeven in 11 months </li></ul></ul>
    23. 23. DataPower Business Value Assessment Example: German Automotive Customer WVE Target Utilization at 60% Note the reduction in number of servers, development/fix and change effort, and administration DataPower handling XML acceleration and message-level security
    24. 24. How is the XB62 Positioned with other IBM B2B Products?
    25. 25. View of B2B Solutions within IBM WebSphere TX for Integration & Industry packs Purpose-built B2B hardware for simplified deployment, exceptional performance and hardened security Universal Transformation for complex industry standards with accelerated time to value and reduced cost Sterling Integrator Consolidated B2B software based on the Sterling platform, for a broad range of requirements Business Partners Applications & Systems DataPower B2B Appliance XB62
    26. 26. XB62 complements IBM‘s family of software B2B Solutions <ul><li>Standalone Consolidated Patterns </li></ul><ul><ul><li>Deploy standalone for purpose built B2B gateway functionality in the DMZ utilizing exceptional security and B2B transaction volumes for quickly connecting to trading partners </li></ul></ul><ul><li>Enterprise B2B Integration Pattern </li></ul><ul><ul><li>Deploy with MQFTE for B2B enabled Managed File Transfer </li></ul></ul><ul><ul><li>Deploy with WTX-TM for end-to-end EDI Processing </li></ul></ul><ul><ul><li>Deploy as B2B entry point for BPM and ESB solutions </li></ul></ul><ul><ul><li>Supplement Sterling Integrator by offloading partner connectivity, security functions and advanced web services </li></ul></ul>Application DMZ Trusted Domain Internet WebSphere DataPower XB62 Sterling Integrator WebSphere Transformation Extender WPS, WESB, WMB, DP XI52 Partner WebSphere MQ FTE
    27. 27. Common XB62 Patterns
    28. 28. EDIINT AS1, AS2 or AS3 exchanged between Partners Partners agree to use EDIINT to exchange B2B messages <ul><li>The EDIINT B2B pattern is a common pattern used to exchange B2B data that has been wrapped in a B2B messaging envelope. The Applicability Statements (AS1, AS2, AS3) provide a mechanism to securely transport data over a public network. They provide encryption, signatures and identity of the sender and receiver as well as providing for non-repudiation of origin and receipt. Although EDIINT stands for EDI over the Internet, over the years it has evolved to be payload agnostic and is commonly used to envelope any payload data format. This pattern as depicted in the next slide demonstrates the B2B appliance’s ability to consume an AS2 message from a trading partner that contains an EDI payload and transforming the payload to XML. </li></ul><ul><li>Using EDIINT to exchange data over the Internet provides the following business value: </li></ul><ul><li>Verification of partner information using partner profile management and security policy enforcement </li></ul><ul><li>Protects sensitive data as it traverses the Internet or any public network using S/MIME security </li></ul><ul><li>Improved Interoperability between disparate vendor B2B solutions </li></ul><ul><li>Confirmation of delivery of the B2B message utilizing message disposition notifications </li></ul>
    29. 29. EDIINT Flow: Simple AS2 transaction flow with Transform Application Browser Application EDI XML AS2 (EDI) AS2 (MDN) B2B Hub Partner B Partner A XB62 Note: This flow works the same for any AS protocol as well as for ebMS B2B messages. Data Store AS2 Process B2B Gateway Service Transaction Viewer 4 3a 3b 2 1 5
    30. 30. Web Services exchanged between Partners Partners agree to use WS to communicate B2B messages The Web Services bridging pattern is a common pattern for company’s that need to consume a B2B payload over Web Services but wish to pass all inbound B2B data as a canonical B2B messaging format into their B2B gateway service; typically this is due to a trading partner’s requirement to only exchange data with external partners using the Web Services protocol. In this scenario we have chosen to use the AS2 protocol as the canonical protocol of choice. The benefit of tying other DataPower services to the B2B Gateway Service is it provides you with the flexibility to utilize all of the integration functionality included in the device to connect to a wide variety of trading partners whom typically demand that you communicate in a manner that is convenient for them. Essentially, the other services on the B2B appliances can act as a pre or post process to the B2B Gateway Service giving you the extensibility needed to support the most demanding B2B transaction flows.
    31. 31. Web Services bridged to AS2 File Transfer Pattern WS Client Browser Flat B2B Hub Partner B Partner A XB62 Flat Note: A Multi-Protocol Gateway Service can also be used to support this flow as well as receiving and sending data over any of the 16 supported protocol handlers. When Services are tied together in front of or behind a B2B Gateway Service they are handled like pre and post processes. Web Service Process Web Service Proxy Transaction Viewer B2B Gateway Service AS2 Pre-Process SOAP Data Store 7 4 5 6 3 2 1
    32. 32. File-based exchange between Partners Partners agree to use files to communicate B2B messages and internally use MQ messages <ul><li>The business-to-business (B2B) enabled multi-enterprise file transfer pattern is a common pattern for company’s that wish to integrate their MQ File Transfer Edition backbone, located inside the protected network, with their external trading partners. The B2B appliance’s ability to protocol bridge between MQ FTE and any supported protocol provides a secure connection to external trading partners. </li></ul><ul><li>There is significant business value in combining the WebSphere DataPower B2B Appliance and WebSphere MQ File Transfer Edition to enable reliable and auditable internal file transfers and securing external file transfers between organizations by providing B2B governance and security at the edge of the network. </li></ul><ul><li>The following list describes the combined benefits that you can expect from this type of deployment scenario: </li></ul><ul><li>Integration between the B2B appliance and MQ FTE is over WebSphere MQ instead of a shared file system. </li></ul><ul><li>Files transferred between the B2B appliance and MQ FTE can be correlated using the integration ID from MQ; this ID can also be seen in the B2B Viewer. </li></ul><ul><li>The combined B2B messaging flow through the B2B appliance and file transfer flow through MQ FTE can be viewed through the B2B Viewer on the appliance. This provides the user with an end-to-end view of the file transfer. </li></ul><ul><li>File transfers can be set up to occur at specified times or dates, or repeated at specified intervals. File transfers can also be triggered by a range of system events, such as new files or updated files. </li></ul>
    33. 33. MQ FTE Integration Pattern – Inbound File to Message Internet Browser (LOB User) XB60 Trading Partner XB62 Data Store Browser (Admin) Browser (Partner view) Server Data Store Enterprise MQFTE Network Queue Manager Queue Manager Queue Manager Queue Manager MQ Explorer DB Logger (DB2 or Oracle) B2B Gateway Service Transaction Viewer Profile Mgmt Source Agent Applications Target Agent 1 4 2a 3 6 5 2
    34. 34. XB62 for ebXML with CPPA B2B Collaboration Standards Support (CPPA and ebMS) <ul><li>Standards based ebXML is an open, XML-based infrastructure that enables the global use of electronic business information in an interoperable, secure, and consistent manner by all trading partners. Collaborative Protocol Profile and Agreements are XML based documents specifying a trading agreement between trading partners. Each trading partner will have their own Collaboration Protocol Profile (CPP) document that describes their abilities in an XML format. The Message Service Specification (ebMS) describes a communication-neutral mechanism with Message Service Handlers (MSH) that must be implemented in order to exchange business documents. ebMS2.0 is the current version of the specification and is built as an extension on top of the SOAP with Attachments specification. </li></ul><ul><li>The B2B appliance provides a CPA Import utility that maps the public side definitions of internal party in the CPA file to B2B Gateway structures, save the certificates defined in the CPA file in the file system, and automatically configures the Gateway with CPA entries, two Partner Profiles, front-side protocol handler(s), and crypto objects. The import process attempts to capture as much semantics contained in the CPA file to DataPower configuration, post import the users will need to perform essential configurations to make the Gateway service operational (for example, attach private key for the newly created Crypto Key object since there can not be private key materials inside the CPA file) and define the internal side interfaces like front-side protocol handler for accepting documents coming from internal application in an outbound gateway or the internal partner's Destination for an inbound gateway. </li></ul>June 2011
    35. 35. Browser WebSphere DataPower B2B Appliance Applications External Partners Internet ebXML ebXML with CPPA Pattern June 2011 DMZ Secured Network Public Network B2B Gateway Service Collaboration Partner Agreement Entries Internal Collaboration Partner Profile External Collaboration Partner Profile CPAId / Collaboration Transaction Viewer Collaboration Partner Agreement Entries Internal Collaboration Partner Profile External Collaboration Partner Profile CPAId / Collaboration Collaboration Partner Agreement Entries Internal Collaboration Partner Profile External Collaboration Partner Profile CPAId / Collaboration Collaboration Protocol Agreement Entry Internal Collaboration Partner Profile External Collaboration Partner Profile CPAId / Collaboration ebMS (Ack) ebMS (ebXML) ) 5 4 3 2 1
    36. 36. XB62 for Canonical HL7 V3 (Data Transformation and Routing) <ul><li>HL7 is an ANSI accredited standards body; its mandate is to produce interoperable data standards for exchanging information across the entire healthcare industry. There are currently two versions of HL7; version 2 and version 3. HL7 v2 is based on EDI and is currently the most predominately used of the HL7 versions. HL7 v3 is based on XML and is very well suited for communication between applications. As HL7 v3 adoption grows, having a B2B solution that can support both versions when communicating with trading partners is essential. The B2B Appliance XB62 supports this pattern very well in that it uses DataPower's implementation of WebSphere Transformation Extender to execute maps (DataPower Mode Maps) that are created in the WTX Design Studio and compiled to run on DataPower. The maps transform the HL7 EDI format (v2) into a canonical HL7 XML format (v3) before routing the data to trading partners or the back-side healthcare applications. </li></ul><ul><li>Health and Clinical Management Domains: </li></ul><ul><ul><li>Laboratory </li></ul></ul><ul><ul><li>Clinical Genomics </li></ul></ul><ul><ul><li>Medical Records </li></ul></ul><ul><ul><li>Patient Care </li></ul></ul><ul><ul><li>Pharmacy </li></ul></ul><ul><ul><li>Public Health Reporting </li></ul></ul><ul><ul><li>Regulated Studies </li></ul></ul><ul><li>Administrative Management Domains: </li></ul><ul><ul><li>Account and Billing </li></ul></ul><ul><ul><li>Claims & Reimbursement </li></ul></ul><ul><ul><li>Patient Administration </li></ul></ul><ul><ul><li>Personnel Management </li></ul></ul><ul><ul><li>Scheduling </li></ul></ul>HL7 creates messages and documents to facilitate interoperability in the following areas:
    37. 37. Healthcare Applications Partner B Hospital Internet AS2 (HL7 V3) AS2/MDN Validate XML and Transform to any V.2.x format Browser Healthcare Applications HL7 V3 Partner A Regional Healthcare Center Any Transport HL7 V2.x Any Transport HL7 V3.x Health Level 7 Pattern with Transformation Browser B2B Hub AS2 Process B2B Appliance B2B Gateway Service Profiles Internal Profile Regional Center External Profile Hospital Transaction Viewer 5 4 3 2 1 6
    38. 38. XB60 Active/Passive High Availability Deployment Pattern Applications DMZ Trusted Domain Internet Partners Application Integration Middleware WebSphere DataPower XB60 B2B Viewer B2B Metadata Storage B2B Payload Storage File Server (SAN) Multi-Protocol Service (pollers) WebSphere DataPower XB60 B2B Viewer B2B Metadata Storage Primary System (Active) Secondary System (Passive) Real-time Data Synchronization Active/Passive Standby Control B2B Gateway Service Multi-Protocol Service (pollers) B2B Gateway Service Partners Partners Shared Virtual IP Address
    39. 39. Using AS2 for Health Care Claim Processing HIPAA 837/835 Transaction Flow
    40. 40. AS2/EDI-X12 Purchase Order / Advance Ship Notice / Invoice Data Flow with Transform to XML
    41. 41. Customer Success Stories?
    42. 42. German Automotive Manufacturer <ul><li>Smarter Business Outcomes: </li></ul><ul><li>Reduced IT complexity with rapid, simplified integration into existing infrastructure </li></ul><ul><li>Lower total cost of ownership with a configuration approach and consolidation of edge servers </li></ul><ul><li>Centralized profile management and reliable and secure data exchange with thousands of trading partners </li></ul><ul><li>Industry Pains: </li></ul><ul><li>STAR/XML payload processing </li></ul><ul><li>Interoperability of AS2, ebMS and Web Services </li></ul><ul><li>Integration to external identity managers for authentication, authorization and auditing (AAA) </li></ul><ul><li>High throughput and low latency are typically cost prohibitive </li></ul>Drop-in appliance creates centralized, DMZ deployable and scalable B2B gateway with exceptional security and operational performance supporting a wide range of document and B2B standards utilized in the automotive industry Value of DataPower B2B Appliances for Automotive?
    43. 43. An European Energy and Gas Company <ul><li>Smarter Business Outcomes: </li></ul><ul><li>Reduced IT complexity with rapid, simplified integration into existing infrastructure </li></ul><ul><li>Reliable and secure data exchange with thousands of partners </li></ul><ul><li>Centralized B2B management capabilities </li></ul><ul><li>Industry Pains: </li></ul><ul><li>EASEE-Gas Mandate for AS2/XML by Jan 2010 </li></ul><ul><li>Dependence on wide array of trading partners </li></ul><ul><li>Information and data security concerns </li></ul>Drop-in appliance creates centralized, scalable AS2 gateway system, with exceptional security and operational performance Value of DataPower B2B Appliances for Extending Connectivity?
    44. 44. BlueCross BlueShield of North Carolina <ul><li>Smarter Business Outcomes: </li></ul><ul><li>Reliable and secure routing of customer sensitive data </li></ul><ul><li>Easy to use and maintain; no additional skill needed </li></ul><ul><li>XML Messages with attachments are authenticated, authorized, and virus scanned </li></ul><ul><li>Industry Pains: </li></ul><ul><li>HIPAA Security requirements for transporting data over the Internet </li></ul><ul><li>HL7 v3.0 XML threat protection </li></ul><ul><li>Complexity of B2B for healthcare </li></ul>Secure appliance form factor providing secure connections to trading partners, advanced threat protection and reliable file delivery of confidential medical information Value of DataPower B2B Appliances for Extending Connectivity?
    45. 45. Non-US Postal Service <ul><li>Smarter Business Outcomes: </li></ul><ul><li>Extensive support for a wide variety of protocols and standards based communications </li></ul><ul><li>Drummond Interoperable AS2 with exceptional transaction throughput </li></ul><ul><li>Excellent integration with a variety of external sources for authentication, authorization and auditing (AAA) </li></ul><ul><li>Industry Pains: </li></ul><ul><li>Customers need to connect over a wide variety of protocols </li></ul><ul><li>Many trading partners are moving to AS2 for secure, reliable messaging </li></ul><ul><li>Connections need to be authenticated, authorized and audited </li></ul>Drop-in appliance provides the ability to securely connect to more trading partners faster and easier, with assured delivery of data over a wide range of file transfer protocols Value of DataPower B2B Appliances for Extending Connectivity?
    46. 46. Summary – DataPower XB62: IBM Specialized Hardware for Extending Connectivity to Customers & Partners <ul><li>Hardened, specialized product for helping integrate, secure & accelerate B2B solutions </li></ul><ul><li>Many functions integrated into a single device extending application integration beyond the enterprise with B2B messaging </li></ul><ul><li>Exceptional EDIINT AS1/2/3 data throughput </li></ul><ul><li>Broad integration with both non-IBM and IBM software </li></ul><ul><li>Simplified deployment and ongoing management </li></ul><ul><li>http://www.ibm.com/software/integration/datapower/ </li></ul><ul><li>Manage and securely connect to your trading partners quickly </li></ul><ul><li>Support simple and complex B2B data flows </li></ul><ul><li>Provide B2B governance in the DMZ </li></ul>B2B Appliances: Creating customer value through exceptional B2B messaging performance and security
    47. 47. Backup
    48. 48. WebSphere DataPower B2B Appliance XB62 Roadmap <ul><li>EDIINT AS2 & AS3 Protocols </li></ul><ul><li>B2B Gateway Service </li></ul><ul><li>Trading Partner Management </li></ul><ul><li>B2B Transaction Viewer </li></ul>v1.0 (4Q08) <ul><li>SFTP Server support </li></ul><ul><li>B2B Viewer – trading partner visibility </li></ul><ul><li>Drummond AS2 Conformance </li></ul><ul><li>Customizable drive encryption </li></ul><ul><li>Usability improvements </li></ul><ul><li>Performance improvements </li></ul>v3.7.3 (2Q09) <ul><li>EDIINT AS1 Protocol </li></ul><ul><li>B2B Payloads over plaintext email </li></ul><ul><li>Drummond AS2 Certification </li></ul><ul><li>Usability improvements </li></ul><ul><li>Performance improvements </li></ul><ul><li>ebMS v2.0 Protocol </li></ul><ul><li>Active/Standby High Availability </li></ul><ul><li>Drummond AS2 Certification </li></ul><ul><li>EDI Transformation </li></ul><ul><li>SFTP Client/Poller </li></ul><ul><li>Usability improvements </li></ul><ul><li>Performance improvements </li></ul>v3.8.1 (2Q10) <ul><ul><ul><li>Information regarding potential future products is intended to outline our general product direction and it should not be relied on in making a purchasing decision. The information mentioned regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code or functionality. Information about potential future products may not be incorporated into any contract. The development, release, and timing of any future features or functionality described for our products remains at our sole discretion. </li></ul></ul></ul><ul><li>Drummond AS2 Certification </li></ul><ul><li>WTX HL7 Industry Pack Support </li></ul><ul><li>Enhanced FTP and NFS </li></ul><ul><li>Usability Improvements </li></ul><ul><li>Performance Improvements </li></ul>v3.8.0 (4Q09) v3.8.2 (4Q10) <ul><li>Native MQ FTE Integration </li></ul><ul><li>Drummond AS2 Certification </li></ul><ul><li>ebXML CPPA v2.0 Support </li></ul><ul><li>Usability Improvements </li></ul><ul><li>Performance Improvements </li></ul><ul><li>Active/Active HA </li></ul><ul><li>Application Optimization Option </li></ul><ul><li>IPV6 Support </li></ul><ul><li>EDI, EDIFACT WTX Pack support </li></ul><ul><li>Drummond AS2 Certification </li></ul><ul><li>Integration to Sterling Technology </li></ul><ul><li>Usability Improvements </li></ul><ul><li>Performance Improvements </li></ul>Next +1 (2Q12) <ul><li>B2B Reports (volume, partner usage) </li></ul><ul><li>Enhanced Alerting </li></ul><ul><li>PGP Security Support </li></ul><ul><li>Drummond AS2 Certification </li></ul><ul><li>Drummond ebMS Certification </li></ul><ul><li>Integration to Sterling Technology </li></ul><ul><li>Usability Improvements </li></ul><ul><li>Performance Improvements </li></ul><ul><li>Additional Protocol support </li></ul><ul><li>Drummond AS2 Certification </li></ul><ul><li>Integration to Sterling Technology </li></ul><ul><li>Usability Improvements </li></ul><ul><li>Performance Improvements </li></ul>Next +3 (2Q13) Next +2 (4Q12) ** Fix Packs are typically released every 6 to 8 weeks. <ul><li>HSM Module Support </li></ul><ul><li>ebXML Enhancements </li></ul><ul><li>Drummond ebMS 2.0 Certification </li></ul>Next (3Q11) 4.0.1 (2Q11)
    49. 49. WebSphere DataPower – Established Resources www.ibm.com/software/integration/datapower <ul><li>IBM DataPower Web Page (support, technotes, doc): </li></ul><ul><li>http://www-01.ibm.com/software/integration/datapower/ </li></ul><ul><li>DeveloperWorks DataPower Discussion Area: </li></ul><ul><li>http://www.ibm.com/developerworks/forums/forum.jspa?forumID=1198 </li></ul><ul><li>IBM Redbooks: </li></ul><ul><li>http://www.redbooks.ibm.com/cgi-bin/searchsite.cgi?query=datapower </li></ul><ul><li>External Publications: </li></ul><ul><ul><li>http://www.amazon.com/gp/product/0137148194?ie=UTF8&tag=dph-20&link_code=as3&camp=211189&creative=373489&creativeASIN=0137148194 </li></ul></ul><ul><li>Vast library of published articles: </li></ul><ul><ul><li>http://www.ibm.com/developerworks </li></ul></ul>
    50. 50. DataPower XB62 – Configuration <ul><li>New B2B Service Objects </li></ul><ul><li>top-level service </li></ul><ul><li>partner management </li></ul><ul><li>transaction viewing </li></ul>
    51. 51. DataPower XB62 – Partner Profile Configuration (Main) <ul><li>B2B Partner Profile - Main </li></ul><ul><li>Top-level container to configure external and internal partner profiles </li></ul><ul><li>Profiles can have multiple types of Business IDs as well as any number of IDs </li></ul><ul><li>Profiles can also be identified by an email address when using AS1 or a POP handler. </li></ul><ul><li>Profiles can utilize processing policies to manipulate the payload during the transaction flow. </li></ul>
    52. 52. DataPower XB62 - Partner Profile Configuration (AS Settings) <ul><li>Partner Profile - AS Security (Internal Profile) </li></ul><ul><li>Configure inbound and outbound AS security requirements by supplying credentials for security enforcement </li></ul><ul><li>Force AS ID for this partner overriding the payload ID </li></ul><ul><li>Partner Profile - AS Security (External Profile) </li></ul><ul><li>Configure inbound AS security requirements by supplying credentials for security enforcement (outbound security is configured in the destination or in the processing policy) </li></ul><ul><li>Force AS ID for this partner overriding the payload ID </li></ul>ExtPrtnr (up)
    53. 53. DataPower XB62 - Partner Profile Configuration (ebMS Settings) <ul><li>Partner Profile – ebMS Security (Internal Profile) </li></ul><ul><li>Configure the expected CPA Role </li></ul><ul><li>Configure inbound and outbound ebMS security requirements by supplying credentials for security enforcement </li></ul><ul><li>Partner Profile - ebMS Security (External Profile) </li></ul><ul><li>Configure the default CPA information to be set in outbound message (Only used if no CPA is provided in the Gateway) </li></ul><ul><li>Configure Reliable Messaging for returning Async acknowledgements </li></ul><ul><li>Configure inbound ebMS security requirements by supplying credentials for security enforcement (outbound security is configured in the destination, processing policy or CPA </li></ul>ExtPrtnr (up)
    54. 54. DataPower XB62 - Partner Profile Configuration (Destinations) <ul><li>Partner Profile - Destinations </li></ul><ul><li>Multiple destinations (Default destination can be chosen) </li></ul><ul><li>Configure document types to allow over the specified destination </li></ul><ul><li>Over twenty protocol variations, each with specific attributes to be set </li></ul>
    55. 55. DataPower XB62 - Partner Profile Configuration (Contacts) <ul><li>Partner Profile - Contacts </li></ul><ul><li>Optionally supply contact information </li></ul><ul><li>Multiple contacts can be entered </li></ul>
    56. 56. DataPower XB62 – B2B Gateway Configuration (Main) <ul><li>B2B Gateway - Main </li></ul><ul><li>Specify a document storage location (can optionally be off device) </li></ul><ul><li>All payload data stored on the local drive is AES encrypted </li></ul><ul><li>Add Protocol Handlers for inputting data into the B2B Gateway </li></ul><ul><li>Attach Partner Profiles for sending data out of the B2B Gateway </li></ul><ul><li>Use Profile Groups to group like profiles together (e.g. Multiple profiles for the same company) </li></ul><ul><li>Turn on the Troubleshooting probe to diagnose processing policy used in the flow </li></ul>
    57. 57. DataPower XB62 – B2B Gateway Configuration (Archive) <ul><li>B2B Gateway - Archive </li></ul><ul><li>Manage file system space with archive and purge settings </li></ul><ul><li>Purge mode available </li></ul><ul><li>Archive Documents off of the device </li></ul><ul><li>Choose which packaged payloads to include in the archive file </li></ul><ul><li>Archive file is in XML format </li></ul>
    58. 58. DataPower XB62 – B2B Gateway Configuration (XML Formats) Identify partner IDs, Document IDs and timestamp, using XPath <ul><li>XML Document Identity </li></ul><ul><li>Identify XML documents for partners using XPath </li></ul><ul><li>Xpath tool allows an easy way to find the correct XPaths </li></ul>
    59. 59. DataPower XB62 – B2B Gateway Configuration (ebXML) <ul><li>B2B Gateway - ebXML </li></ul><ul><li>Use the CPA Import Wizard to import CPA’s </li></ul><ul><li>Manage ebXML Collaboration Protocol Agreements </li></ul><ul><li>Fine tune/change the services as needed </li></ul>
    60. 60. DataPower XB62 – B2B Gateway Configuration (Advanced) <ul><li>B2B Gateway - Advanced </li></ul><ul><li>Set the Priority of the B2B Gateway </li></ul><ul><li>Configure default values for AS Async MDN return paths </li></ul><ul><li>Use the Document Routing Preprocessor to define sender and receiver IDs for binary files </li></ul><ul><li>Configure the SQL Data Source for connecting to the MQ FTE DB Logger </li></ul>
    61. 61. DataPower XB62 – Transaction Viewer <ul><li>B2B Viewer </li></ul><ul><li>View transactions metadata and status </li></ul><ul><li>Permission based usage for access </li></ul>Manually resend transactions View inbound and outbound message payloads Display transaction header data View the state of the transaction View the state of the MDN 13k392jl33 View the MQ FTE Correlation ID and when clicked view the MQ FTE metadata Pre-defined filers for files, AS, or ebMS

    ×