The CentraSite Community:


Published on

  • Be the first to comment

  • Be the first to like this

The CentraSite Community:

  1. 1. The CentraSite Community: Fast-tracking SOA Governance using best-of-breed solutions Gerd Schneider VP Ecosystem Development, Software AG Justin Vaughan-Brown Director CentraSite Community, Software AG White Paper September 2008
  2. 2. A modular and integrated approach delivering real-world answers to SOA complexities. ExECutiVE SummAry this white paper is part of a collection of documents about SOA Governance provided by Software AG. it highlights the complexity in creating an SOA, the reasons for this and some of the best practices to help you begin governing your SOA. the major focus of this particular white paper is on the technology tools that can help support your SOA Governance initiative. in keeping with many analyst perspectives, it recognizes that no one single vendor can provide leading-class solutions in every SOA Governance-related area, such as Enterprise Architecture, SOA testing and SOA management. What should be at the heart of your governance tools is a central registry/ repository that can store details of all services, their lifecycle stage and all interdependencies to assess the full impact of this upon other related services can be known. the registry/repository needs to be open, open in the sense that it can integrate with complementary areas of SOA to provide end-to-end lifecycle governance, from initial modeling of business processes, to building in quality at every stage of a service through to understanding how a service is performing once deployed. this white paper illustrates how real-world answers to SOA complexities can be achieved with integrated best-of-breed solutions using CentraSite, the market leading registry/repository. Details of real-world integrations are provided, this includes the numerous benefits achievable when using an open standards-based approach. unlike most white papers, this will be updated periodically with additional integration examples as well as introductions and discussions of other areas related to SOA Governance. W H I T E PA P E R | C E N T R A S I T E COM MU N I T Y 2
  3. 3. COntEntS SOA AnD SOA GOVErnAnCE Going beyond the hype 4 CEntrASitE Open, flexible and scalable 7 intrODuCinG thE CEntrASitE COmmunity 9 EntErPriSE ArChitECturE 10 mega 11 QualiWare 12 Alfabet 13 SOA tEStinG 14 itKO 15 Parasoft 16 SOA mAnAGEmEnt 17 AmberPoint 18 Progress Actional 19 COnCluSiOn 20 FurthEr rEADinG 21 W H I T E PA P E R | C E N T R A S I T E COM MU N I T Y 3
  4. 4. SOA AnD SOA GOVErnAnCE: GOinG BEyOnD thE hyPE Service-oriented architecture (SOA) aims to deliver business agility by using services (small ad-hoc modules) that can be quickly built, assembled Despite millions of web references for Service-oriented Architecture (SOA), over a and employed to meet dynamic business decade in existence and the fact that more than two-thirds of enterprises today needs. An SOA is supported by an IT are “using or planning to use it,” there isn’t one commonly accepted definition for infrastructure, development methods, SOA. SOA Governance is a related term that shares a similar lack of a singular organizational processes and integra- definition. in spite of the confusion one thing is clear: SOA and SOA Governance tion capabilities all geared towards are rather complex topics. loosely coupled services. An SOA is kind of a giant LEGO set; the blocks are Our purpose here centers on bringing clarity to SOA, SOA Governance and some different sizes, shapes and colors; they related subjects, as well as to show how a modular and integrated approach can are combined in a predictable and help manage SOA complexities and fast-track business agility. uniform way; yet they are completely flexible, so you can quickly create To cut through some of the technical now we want to promote not just reuse, many different things again and again. jargon surrounding SOA and SOA Gover- but reuse enterprise-wide; yet obtaining Just as LEGO can create buildings, cars, nance, we begin our discussion using a enterprise-wide agreement can be a people and even art, an SOA can business-level abstraction of both: in the challenge. reuse and adapt existing technologies larger sense an SOA is about realizing to meet organizational demands. business agility and SOA Governance facili- New expectations of visibility and inter- SOA Governance is the art of ensuring tates this by enabling the acceleration of operability are running up against familiar that the enterprise is creating the right business change in a controlled manner. territory: complex infrastructures, a business LEGO blocks, combining them in the playing field that is under constant change right ways and doing it consistently Interestingly enough SOA, in contrast to and enterprise divisions that may not across the enterprise to effectively previous IT technology paradigms, has the want to collaborate. Plus the challenges of realize the business objectives. Early attention of both “ends” of the enterprise delivering information are still far different application of SOA Governance lays – business and IT. However despite this than the challenges of using it to drive the foundation for success of the SOA interest and time in existence, only about business competitiveness. initiative. one-third of the SOA adopters to-date have actually realized ROI from their SOA Figure 1: interdependence Creates Complexity efforts, according to a recent survey¹. Customers hr Finance logistics Partners So if the promise of SOA is business agility, but the present reality (for many) is a small pilot project, just a handful of Automated services in production or a mythical ROI – SErViCES one wonders – what makes this paradigm Manual shift any different than the ones that Redundant came before it? The reality is that there is no “one-size- fits-all” Enterprise SOA solution; imple- mainframe Crm third-party ErP manual menting SOA is not so easy. While SOA raises expectations and possibilities, it also increases interdependencies and organiza- tional complexities (Figure 1). For example, ¹ “Best Practices for SOA Governance” User Survey, Software AG, May 2008 W H I T E PA P E R | C E N T R A S I T E COM MU N I T Y 4
  5. 5. Figure 2: Governance reference Framework Beyond getting an SOA initiative off to a good start though, SOA Governance is essential to achieving SOA’s potential for long-term success. This is because SOA Governance encompasses all SOA activities OrGAnizAtiOnAl nOrmS throughout the lifecycle, from the initial ElEmEntS ¬ policies definition through creation and execution. ¬ procedures Using a structured approach helps implement SOA ¬ processes SOA Governance effectively across the ASSEtS enterprise. The Governance Reference Framework² (Figure 2) classifies the recommended elements for effective implementation of SOA Governance and management of SOA Assets into three groups: tEChnOlOGy ¬ Organizational elements relate to people; what roles and structures are needed to define, enforce and monitor SOA governance policies. ¬ norms relate to policies, procedures and Yet despite the complexities and constant provides measurements for compliance processes; what standards are needed to change, some organizations have been and success. SOA Governance helps govern the activities surrounding SOA. able to transform their information silos ensure that SOA meets the organizational ¬ technology relates to the tools; techno- into the holy grail of “alignment of business drivers, such as measurable ROI, logies that support SOA Governance to business and IT.” While no two SOA greater IT and business alignment, define, enforce and monitor the norms. implementations or strategies are exactly real-time business visibility, reduced risks, alike, companies successful with SOA do improved quality and business & regula- seem to share some key commonalities; a tory compliance. foundation for SOA success, if you will. These range from using an SOA road map 10 Dangers of an ungoverned SOA and starting with SOA Governance early 1. modeling process has no visibility of existing services and the processes on, to ensuring that the SOA initiative they impact actively involves the business side and fol- lows an approach that suits an add-as- 2 Services may be accessed by those not entitled to do so you-go mentality. 3. no awareness of the impact of changes made to service upon another related one Of these, SOA Governance is emerging as 4. Absence of quality assurance processes before a service is deployed one of the most important to get an SOA 5. lack of holistic view of how it and business are interlinked initiative off to the right start, deliver 6. Poor understanding of service deployment, consumption or downtime business value quicker and improve agility. 7. Policy enforcement is manual, unstructured, and sporadic Implementing SOA without governance can quickly lead to issues, and ultimately 8. no overall view of existing services means they are recreated again, not project failure (See 10 Dangers of an reused Ungoverned SOA). SOA Governance helps 9. Absence of lifecycle management creates version control issues navigate the complexities introduced with 10. lack of responsibility and ownership regarding service creation and an “SOA jungle,” provides a holistic enterprise consumption view, manages business changes and ² Approach to Service-Oriented Architecture (SOA), Deployment Accelerator”, Software AG, October 2007 W H I T E PA P E R | C E N T R A S I T E COM MU N I T Y 5
  6. 6. The methods that the Governance Refer- customer (to update their information), SLA or enforce a policy if the information ence Framework provides to measure and finance (to validate and track the customer’s is trapped in a spreadsheet? guide the SOA Governance plan can be bill) and logistics (to ship the customer’s Using Excel or other unintegrated technologies adapted to suit the organization’s needs. order.) In each case there may be different limits the enterprise’s ability to grow and In addition, it helps an enterprise transition policies surrounding the use of that service. adapt their SOA, plus these fail to provide and fine-tune its organizational structure Tools are an essential part of these processes, a holistic enterprise SOA view. Rather it is for more effective SOA Governance. This without them an organization cannot better to start off with a small set of flexible can be, for example, by establishing an SOA manage and govern their SOA. tools specifically designed for the purpose Competency Center (Figure 3) to gain the Many companies start off their SOA initia- of SOA, and add on as the organization’s needed skills for SOA within the organization. tives with the “management by Excel” needs change. That way the organization approach. They list their small but growing has tools that facilitate the natural evolution leading analysts confirm that no catalog of services in an Excel spreadsheet, of SOA; a “think big, start small” approach. single solution or technology will a virtual registry or “yellow pages”. However be able to meet the diverse SOA this approach is quite inadequate for the lOnG-tErm SOA FlExiBility Governance requirements. Flexible, modular SOA and SOA Governance complex, dynamic nature of an SOA. Enterprises will need the support tools have the biggest organizational impact. of a good SOA ecosystem, built ExCEl iS yEt AnOthEr SilO With them you can grow and adapt SOA as from multiple vendors with a regis- Besides the obvious downside of yet another the organizational needs change over time. try that unifies them. manually maintained spreadsheet, Excel is Modular and automated toolsets allow you not interconnected with the systems that to rapidly implement a customized, best-of- are used to develop, deploy and run elements breed SOA Governance solution; this in turn The Governance Reference Framework related to SOA. As services move through promotes business agility, collaboration also provides a set or catalog of norms the lifecycle, at each step of the process and reuse. Interoperability, best practices that a company can use to jump-start its the Excel sheet would need to be updated; and open standards-based plug-in architec- SOA Governance initiative. These norms and as services are being consumed, what tures combine for a long term approach help guide how the SOA actors perform then? How can an organization ever hope that helps maintain SOA flexibility. their activities to best serve the needs of to measure if a service met the defined the company. Technology is the third fundamental element; these are the tools that facilitate effective SOA Governance. Figure 3: The right tools allow you to plan, design, SOA Competency Center™ Discovery Phase manage and govern SOA infrastructures helping you design and that support the enterprise’s objectives implement your SOA across all aspects of the SOA lifecycle. Optimization Assessment Phase Phase tOOlS CAn hElP CrOSS thE rOi linE Soa In fact, the choice of SOA Governance tools MeThodology and when an organization implements them measure- can often mean the difference between ment Phase Planning & Design success and failure of the SOA initiative. Phase An SOA is by nature complex, often crossing Execution Phase multiple departments, external groups, customers and partners. Just one service that delivers customer information, for example, could be consumed by the W H I T E PA P E R | C E N T R A S I T E COM MU N I T Y 6
  7. 7. CEntrASitE™: OPEn, FlExiBlE AnD SCAlABlE Validation, WS-I Compliance Check, WSDL Validation, Asset Certification and Approval Workflow; as well as Runtime Policies, such as WS-Security, Monitoring & Alerts, Effective SOA Governance starts with a central registry/repository to act as a Routing and SLAs. “collaboration hub” for all SOA-related efforts – a view which has long been The flexibility and openness of the CentraSite supported by leading analysts. An SOA registry/repository facilitates coordination design ensures that business and SOA because it provides enterprise-wide visibility. For example, users can find all objectives will continue to be met over available services plus those under development or in planning phases. the long-term. CentraSite employs an open standards-based plug-in architecture This visibility is not limited to services foundation for enterprise SOA Governance (Figure 4, page 8) that enables a modular either; all artifacts related to an SOA can initiatives because it: and best-of-breed SOA Governance be centrally stored and accessed, no matter ¬ Brings structure, scale and speed to SOA approach. Enterprises seeking to improve whether they are related to planning, initiatives business agility using SOA Governance are design, development or runtime. This ¬ Guides reuse, automates SOA processes no longer required to: promotes reliable communication and and simplifies complexities & interdepen- ¬ Replace proven tools interoperability among diverse users and dencies ¬ Use a single vendor’s product stack applications, especially enterprise-wide ¬ Enables enterprise SOA Governance with from end-to-end and on a global-level. A central registry/ easy-to-use and automated end-to-end ¬ Have their governance processes repository drives not only reuse but also lifecycle management mandated by a certain vendor’s provides the ability to efficiently govern CentraSite is pre-loaded with best practice implementation of governance across the entire lifecycle. policies to accelerate SOA adoption and ¬ Struggle with manual synchronization The CentraSite3 registry/ repository is lower project risks, and includes a structured or a lack of interconnection between recognized by top analysts as the market’s approach and service automation delivered the SOA Governance domains leading SOA Governance and Lifecycle out of the box. This includes Design & While there continues to be a lot of Management platform. CentraSite is the Change Time Policies, such as Metadata discussion surrounding emerging SOA standards, SOA standards are not fully SOA Governance Standards mature yet. CentraSite architecture is based CentraSite supports commonly-accepted SOA standards such as: on an open-standards approach and ¬ JAxr l0 and l1: Java APi for xml registries supports the commonly-accepted SOA ¬ uDDi v2 and v3: universal Description, Discovery and integration standards (See SOA Governance Standards). ¬ SOAP 1.1 and 1.2: Simple Object Access Protocol That means that as best practices, techno- ¬ ebxml: Electronic Business using extensible markup language logies and solutions for SOA Governance ¬ WebDAV: Web-based Distributed Authoring and Versioning evolve they can easily be interconnected ¬ WSDl: Web Services Description language and implemented with CentraSite as a ¬ WS-Basic Profile 1.0 and 1.1 flexible, powerful command center. ¬ WS-Policy 1.5 and WS-Policy 1.5 Attachment: Web Services Policy Framework ¬ SnmP v2 and v3: Simple network management Protocol CentraSite provides an easy way to begin using an SOA registry/repository with the Other: free of charge CentraSite Community ¬ Data Store Access (xSlt , xPath, xQuery, xQJ, xPDl) ¬ OOtB Eclipse Edition4. Organizations with SOA initiatives, ¬ SOA management (Jmx, WS-Security) consultants, system integrators and software ¬ Federation (lDAP, uDDi, CmDB) companies can start their SOA Governance ¬ repository Artifacts (BPEl 1.1 & 2.0, WSDl, xml Schema, SCA) initiatives with a product that offers UDDI v3 search using predefined metadata models, 3 CentraSite is is a registered trade name of Software AG and Fujitsu. More about CentraSite on 4 Download the Community Edition of CentraSite at W H I T E PA P E R | C E N T R A S I T E COM MU N I T Y 7
  8. 8. Figure 4: CentraSite Architecture Overview Eclipse Plugins Web-based ui Backup ... ... high lifecycle WS interface Smart Federation Versioning Availability management for import Policies Security Active JAxr uDDi xQuery WebDAV lifecycle System management CentraSite™ Data Store a JAXR interface to stored instances of arti- Eclipse. The Eclipse Registry Browser the foundation for a wide-range of modu- facts, WebDAV access to the SOA repository, leverages the basic and advanced search lar tools from a range of different vendors predefined reporting modules and both a abilities, browses on stored SOA assets to that increase SOA Governance transparency Web-based interface as well as an Eclipse provide data in the tree/folder view and and control. Since SOA is exceedingly Registry Browser. provides an analysis on the lineage chain complex to manage and crosses the enter- of object associations. prise, no one company or vendor can CentraSite also manages metadata claim to know it all, nor effectively span generated from integration software, Web In addition besides the functionality the SOA Governance space. Service descriptions, application-specific CentraSite provides to an SOA, its extensi- data (e.g., XSLT, forms, etc.) and in general bility and standard-based architecture sets serves as a central store for documents in native XML and non-XML formats. CentraSite’s Open Design Facilitates: WebDAV is used for storing and retrieving development artifacts in the CentraSite SOA Challenges & Objectives CentraSite repository, such as process definitions in XPDL, models, sequences and more. SOA Lifecycle Management Manages all aspects of the SOA lifecycle Open standards-based Architecture is based on commonly adopted An implementation of the Java API for SOA standards XML Registries (JAXR) is included, to inter- act with the CentraSite registry. The CentraSite One source for all SOA data Stores any metadata or SOA artifact registry / repository can be accessed using Standard models Provides standard models that are easily a browser-based interface (CentraSite extensible Control) or an Eclipse-based interface. Services and Web Services definitions can Increase reuse & user adoption User-friendly UI shows objects and be accessed via WebDAV, UDDI, JAXR and relationships allows for easy navigation the XQuery API for Java (XQJ). and drill-down Extensibility ¬ Models are easily extensible The Eclipse Reporting UI allows you to ¬ Can integrate with related tools define reports, based on predefined and ¬ UI can easily be extended customized reports. You can visualize the results with CentraSite Control or by using W H I T E PA P E R | C E N T R A S I T E COM MU N I T Y 8
  9. 9. intrODuCinG thE CEntrASitE COmmunity tions with best-of-breed solutions that are repeatable, transparent and robust. These Community partnerships result in many benefits to organizations, irrespective of the CentraSite Community is an SOA ecosystem comprising software vendors and their stage of SOA adoption. These include: consultancies whose technologies and methodologies complement and integrate ¬ Pre-packaged integrations that fast-track with the CentraSite registry/repository to deliver a comprehensive end-to-end implementations SOA Governance solution, from conceptual modeling through to resulting service ¬ Diverse areas of SOA can be brought deployment and monitoring. together seamlessly ¬ No rip and replace demands – CentraSite Since its creation in June 2006 by such as Enterprise Architecture, Enterprise will integrate with any vendor offering Software AG and Fujitsu Software, the Governance, Business Rules, Business (competitive or not) using commonly CentraSite Community has won awards5 Intelligence, CMDB, SOA Testing and SOA accepted industry standards and grown into an ecosystem of over 50 Management. ¬ Broad range of expertise across the SOA partners in 11+ countries that provide In the past, many of the integrations landscape real-world SOA Governance solutions to bridge the many domains of SOA. between vendors featured a “black box” Vendors who are not yet part of the approach – they were one-offs, designed Community can easily integrate with CentraSite Community partners not only for a particular customer requirement with CentraSite, based on the proven standards- recognize the diverse nature of IT environ- little documentation available. Equally, based approach. ments, they are committed to developing details of exactly how the integration was solutions that continue to support long- achieved would remain in the heads of In the following sections we highlight term SOA strategies. Their complementary the few technical people who built it. some of the major SOA-related sectors, leading and integrated technologies why they are relevant to SOA Governance, address needs across the broad spectrum CentraSite Community partners take an their benefits to the business and of SOA: Define, Create, Run and Govern entirely different perspective, with an introduce some of the real-world partner (Figure 5). Interest in membership comes open standards-based architecture integrations with CentraSite. from vendors in many different sectors, philosophy that delivers proven integra- Figure 5: model and improve Enable legacy systems, Execute applications, the CentraSite Community business processes build and test applications monitor service level encompasses all key SOA agreements, enforce areas, with vendors from Enterprise Architecture, Business Rules, SOA Testing, policies and secure access many sectors participating Enterprise Governance, Application Modernization CMDB Business Intelligence, SOA Management, Security DEFinE CrEAtE run GOVErn 5 SYS-CON Media 2007 SOA World Reader’s Choice Awards Best Web Services or XML Site: CentraSite Community Portal, CentraSite Community logo Please Note: This has not been trapped. W H I T E PA P E R | C E N T R A S I T E COM MU N I T Y 9
  10. 10. EntErPriSE ArChitECturE DEFinE how do you change the enterprise to achieve BrinGinG EA AnD SOA GOVErnAnCE your business goals? intO OnE WOrlD The partnership of Enterprise Architecture software vendors with Software AG provides WhAt iS EntErPriSE ArChitECturE? ¬ Supports better decision making. an SOA Governance solution that connects When we use the term Enterprise Architec- ¬ Helps manage complexities. the conceptual planning world with that of ture, or EA, we can be referring to either a ¬ Provides a transformation road map. the concrete executional one. The integra- process or a result. In the first case, EA is ¬ Helps realize unique value propositions tion between EA toolsets and Software AG’s the process we use to holistically describe more quickly. CentraSite provides increased visibility for an enterprise, its interrelationships and Business and IT stakeholders and enables business objectives, as well as plan changes ChAllEnGES OF EA end-to-end management of SOA (Figure 6). that effectively achieve the defined goals. EA relies on a great deal of up-to-date This allows you to: In the second case, EA is the documentation information for effective planning and ¬ Automate and enforce EA governance with that describes the enterprise’s business control. EA tools not only help manage dynamic design-time and runtime policies. strategy, business model, information complexities, but also facilitate the capture, ¬ Increase service reuse by making all systems, and so on. analysis and optimization of the portfolio services visible to the Enterprise Architect. of business strategies, organizational ¬ Govern business services and processes To manage scale and complexity, the EA structures, business processes, information as defined in EA over the entire lifecycle. process commonly uses methodologies and flows, applications and technology infra- ¬ Align business transformation with the frameworks such as those defined by structure. SOA lifecycle. Zachman, TOGAF and Spewak’s Enterprise Architecture Planning (EAP). EA also defines, hOW DOES EA rElAtE tO SOA Enterprise Architecture vendors make up establishes and maintains the internal GOVErnAnCE? the largest subset within the CentraSite controls needed to keep the organization One of the greatest challenges in imple- Community, validating the importance of in sync. menting an SOA is to connect the business the relationship between the conceptual objectives with the actual execution in modeling world and the creation of Why EA? order to effectively realize critical enterprise services often based upon the models EA There are many reasons why Enterprise initiatives. SOA Governance is the key as it tools inspire. The following pages highlight Architecture is important for the organization. both keeps the SOA initiative on track and some of the integrations created by Some of the most common are that it: in sync with business governance. leading EA partners in the Community. Figure 6: CentraSite impact Analysis of a business process; synchronized EA and SOA landscapes provide end-to-end visibility and enable effective SOA Governance W H I T E PA P E R | C E N T R A S I T E COM MU N I T Y 10
  11. 11. EntErPriSE ArChitECturE mEGA & SOFtWArE AG DEFinE from the CIO and business process analysts business process optimization to shorten to internal auditors and project managers. the time between business process design Some key benefits: and implementation, for example: ¬ Leverages SOA across business process ¬ MEGA can discover services stored in optimization initiatives to automate CentraSite by name, organization or life- workflow models end-to-end. cycle state (Figure 7). ¬ Provides a Meta-Object Facility (MOF) 2.0 ¬ Existing services in CentraSite can be compliant platform along with an em- reused and orchestrated in MEGA as part bedded customizable methodology library. of existing and new workflows. ¬ Includes templates for governance frame- ¬ MEGA-defined workflows can be connected the partnership of mEGA and Software AG works such as ITIL, eTOM and TOGAF. in CentraSite with other SOA artifacts. unites SOA Governance and Enterprise ¬ Extends SOA Governance across ¬ CentraSite’s Impact Analysis reveals the Architecture to bring SOA transparency compliance, risk management and audit effect of design and implementation and control enterprise-wide. initiatives. changes to related EA artifacts. Automated discovery and synchronization ASSOCiAtED PrODuCt ¬ MEGA’s Impact Analysis links SOA incorporates services into business processes mEGA modeling Suite describes all orga- Governance information with business and workflows to facilitate communication, nizational assets, from strategic objectives processes and objectives. increase reuse and ensure consistency. In and customer value chains to IT systems addition, business process analysis models and infrastructure designed to reveal inefficiencies in the production chain help pinpoint where thE mEGA AnD CEntrASitE service automation will have the greatest intEGrAtiOn business impact. Role-based access provides The MEGA-CentraSite integration facilitates perspectives for a wide range of users, SOA planning, management and SOA-based Figure 7: After searching for a Web Service from CentraSite, several are found and can be imported into mega for further reuse W H I T E PA P E R | C E N T R A S I T E COM MU N I T Y 11
  12. 12. EntErPriSE ArChitECturE QuAliWArE & SOFtWArE AG DEFinE MAKE IT HAPPEN changes into the business operation Governance repositories are synchronized ¬ Configure new functions and capabilities on various levels, for example: without the need for development. ¬ Web Services defined in either system ¬ Gain flexibility with user-defined can be reused in the other. This allows metamodels, versatile business models the QualiWare model analysis and and a full complement of object-orient- design to cover all aspects of the ed design and analysis capabilities. realized environment. The web service ASSOCiAtED PrODuCt definitions include all details, such as QualiWare EA Suite is a toolset for bindings, operations, parameters, implementing EA initiatives; it ensures attributes and methods. the partnership of QualiWare and that all areas of the architecture are linked ¬ Business processes expressed in BPMN Software AG intersects the SOA and integrated. QualiWare’s EA Suite notation in QualiWare are synchronized Governance and Enterprise Architecture provides a tailored, metamodel-driven with CentraSite for further development; domains with a focus on enterprise- approach for all aspects, methods and either BPEL or XPDL can be used to trans- level quality improvements. types of business models. Its object-based fer the process definitions to CentraSite. QualiWare’s Enterprise Architecture Frame- model repository and functionality is ideal ¬ As a result, CentraSite can apply work provides a holistic proven approach for management and governance of large governance to any of these definition to organizing knowledge content. The scale enterprise architecture initiatives. levels. flexible, state-of-the-art environment facilitates a successful path from strategic thE QuAliWArE AnD CEntrASitE vision to SOA Governance and process intEGrAtiOn management. Some key benefits: The QualiWare EA Suite integration with ¬ Quickly assess the impact of changes to CentraSite provides the customer with one any part of the architecture (Figure 8). solution for modeling, designing, implement- ¬ Effectively manage architectural changes; ing and governing the SOA environment. clearly define, implement and integrate The QualiWare EA and CentraSite SOA Figure 8: QualiWare analysis of a CentraSite generated service W H I T E PA P E R | C E N T R A S I T E COM MU N I T Y 12
  13. 13. EntErPriSE ArChitECturE AlFABEt & SOFtWArE AG DEFinE implement SOA to achieve the most budget. This facilitates collaborative business value. This benefits business planning with automated full architecture analysts and solution architects, as well as lifecycle support, “what-if” scenarios and CIOs managing the program portfolio. simulation of future states. The partnership allows organizations to: thE PlAnninG it AnD CEntrASitE ¬ Use IT Planning best practices to install intEGrAtiOn a formal process for systematically intro- The planningIT-CentraSite integration bridges ducing SOA to the enterprise. the gap between IT Planning and Manage- ¬ Capture an inventory of dynamic data ment and SOA Governance, thereby linking from business, technology, information the partnership between alfabet and business objectives with the services that and application architectures, organiza- Software AG delivers end-to-end SOA implement them, for example: tional structures, hierarchical planning Governance by uniting Enterprise processes, service lifecycle and financial ¬ Web Service performance data stored in Architecture management and it data – a complete information base to CentraSite can be analyzed using planningIT Planning with SOA design and imple- support SOA-related decision making. to determine quality of service, technical mentation. ¬ Perform visual assessments and performance, user satisfaction and so forth. Service information is captured as an quantitative metric comparisons with ¬ Business planners can evaluate if the integral part of the Enterprise Architecture. user-friendly data views that appeal to services support the business objectives EA and IT Planning best practices are the diverse pool of stakeholders involved as intended, are candidates for reuse in built-in to provide both service planning in planning for services. another business process, adhere to SLAs and change management with transpar- ¬ Evaluate and relate service performance or should be retired. ency on the entire SOA lifecycle. The data to enterprise-specified criteria to ¬ Planners can shape the criteria for enhanced alignment of current and future architec- ensure business–IT alignment. business planning using data stored in ture and SOA initiatives with business CentraSite; dimensions such as Business priorities, SOA strategies and IT deliver- ASSOCiAtED PrODuCt Criticality, Operational Stability and ables means that a wider audience has alfabet’s planningit supports all aspects Maintainability Risk (Figure 9). a better understanding of where to of the IT planning process from demand to Figure 9: planningit’s Portfolio Analysis of Web Service performance data sourced from CentraSite W H I T E PA P E R | C E N T R A S I T E COM MU N I T Y 13
  14. 14. SOA tEStinG CrEAtE how can your organization maintain quality in a Testing verifies that SOA assets meet the complex and constantly changing environment? functional and operational business requirements, and provides an actionable means of enforcing policy within the testing WhAt iS SOA tEStinG? Why SOA tEStinG? process. To maintain a continuous quality Contrary to what one might have expected, Some of the most common reasons why focus across all SOA lifecycle stages, SOA SOA Testing involves far more than just SOA Testing is important to the success of Testing tools need to be integrated with applying traditional QA techniques and an SOA initiative are that it: SOA Governance tools. unit test approaches to SOA. Enterprise ¬ Establishes trust and predictability. SOA applications are complex, modular, ¬ Helps manage exceptions and ensure BrinGinG SOA tEStinG AnD SOA decentralized and dynamic. Conventional service levels are met. GOVErnAnCE intO OnE WOrlD testing methods are mostly ineffective; no ¬ Improves reuse and agility as services The integration between SOA Testing tool- longer can you “draw a box around it” or are more reliable. sets and Software AG’s CentraSite helps leave testing to be a “last step before ¬ Helps reduce costs and improve quality. ensure quality and compliance throughout production” project activity. the service lifecycle – a key SOA Governance ChAllEnGES OF SOA tEStinG requirement. This automated approach On a very simplistic level, an SOA imple- SOA introduces a number of challenges to allows you to: ments business processes as a collection the world of testing, many of them complex ¬ Detect defects earlier and reduce costs. of one or more services; individual services and difficult to control. These range from ¬ Manage SOA Testing scripts across the can be added or tuned to quickly create loosely coupled services and lack of a service lifecycle. new business capabilities. This means that service user interface, to a “work-in-progress” ¬ Trigger lifecycle stages based on testing to meet the demands of service reusability, environment, external business units and results. for example, service quality and trust need distributed development. Testing needs to ¬ Activate test procedures based on to be established and re-verified through- ensure continuous quality across all services, lifecycle state changes. out the service lifecycle. SOA Testing needs endpoints and interfaces. Automated SOA ¬ Store test results as part of the SOA an end-to-end quality management Testing tools make it possible to keep up asset metadata (Figure 10). strategy to ensure business requirements with the dynamic nature of an SOA. are met. This strategy should also address The following section highlights several testing for performance and security across hOW DOES SOA tEStinG rElAtE tO integrations between CentraSite and multiple integration layers, a variety of SOA GOVErnAnCE? leading Testing vendors. delivery platforms and at both the business Fundamental to SOA Governance are the process and service level. key elements of trust and credibility. SOA Figure 10: the ui extension of the detailed service view via the additional “SOA test Status” tab, contains the test result summary W H I T E PA P E R | C E N T R A S I T E COM MU N I T Y 14
  15. 15. SOA tEStinG itKO & SOFtWArE AG CrEAtE ¬ Invoke and verify services, as well as reference point for an SOA initiative that: critical layers of the underlying application ¬ Certifies and enforces SOA policies (e.g., the service exposes, including Web UIs, structural, behavioral or performance- ESB and integration servers, Java objects, related) before publishing as well as at databases and mainframes. runtime; policies declared in CentraSite ¬ Ensure adherence to behavior and are certified and enforced with iTKO LISA. performance polices. ¬ Functionally validates SOA endpoints to ¬ Enable complete, collaborative and help ensure reliability and trust. continuous SOA testing. ¬ Automatically executes tests via action templates; events or state changes in the partnership of itKO and Software AG ASSOCiAtED PrODuCt CentraSite, such as promotion of one state unites SOA Governance with automated iTKO LISA is a comprehensive automated to another or adding a WDSL, invoke quality. testing tool built especially for SOA and a validation test in iTKO LISA via action composite application integration. iTKO LISA’s templates. This overcomes the limitations of conven- declarative, no-code testing approach helps ¬ Reports test results back to CentraSite via tional testing methodologies and provides maximize quality delivered and minimize UDDI or JAXR. accelerated delivery of an integrated quality business risk. LISA provides implementation ¬ Verifies that new service versions will process for SOA. QA can quickly construct and testing teams with a 360-degree view not disrupt the business. test cases assisted by virtualization of any of quality and reliability at every stage of technology component not (yet) available. the lifecycle across applications and into This drives a high level of test automation implementation layers. and reuse across the application lifecycle. To ensure trust in critical business applica- thE itKO liSA AnD CEntrASitE tions, orchestrated test suites help verify intEGrAtiOn that scalability or latency issues will not The iTKO LISA-CentraSite out-of-the-box, show up in production. Key benefits in- native integration (Figure 11) provides clude the ability to: an immediate and continuous quality Figure 11: itKO liSA test cases can be stored in and invoked directly from CentraSite, enabling services and underlying layers to be validated with rich test data and metrics feeding back into the SOA repository W H I T E PA P E R | C E N T R A S I T E COM MU N I T Y 15
  16. 16. SOA tEStinG PArASOFt & SOFtWArE AG CrEAtE ¬ Validation of implementation of service thE PArASOFt SOAtESt AnD policies, contracts and business scenarios CEntrASitE intEGrAtiOn using a series of automated regression The Parasoft SOAtest-CentraSite integration suites provides a number of benefits to an SOA ¬ Automatically generated test cases and initiative, such as: test suites can be run as part of the ¬ Extension of the UI within CentraSite en- nightly regression test process. ables the display of a Parasoft test results ¬ Service reliability, quality, security and summary, with a link to the detailed test interoperability can be ensured. report stored in the CentraSite WebDAV ¬ There is correlation of test cases with repository. In doing so, CentraSite acts as the partnership of Parasoft and requirements and bug tracking systems, a cockpit indicating a service’s quality or Software AG means SOA initiatives get automation of test execution provides test coverage. off to a fast start: automatically generated results in the format or test management ¬ Ability to assess a service’s historical quality tests are instantly executable, while framework of your choice. data, which can be used as the basis for inherent best practices and workflows assessing its suitability for reuse. help ensure error prevention is always ASSOCiAtED PrODuCt ¬ Based on CentraSite service descriptions, paramount. Parasoft SOAtest is designed to handle the SOAtest automatically creates executable In addition, workflow elements promote evolving complexities inherent in testing test scenarios, such as a set of tests for reuse of testing assets in a distributed an SOA related to policy compliance, each operation of a service in a WSDL file development environment. The ability to security, scenario testing, scalability, and so or all services used in a specific business graphically model and test complex, multi- on. A streamlined collaborative workflow, process (Figure 12). layered transactions over multiple protocols, along with the ability to rapidly construct, ¬ Intelligent “stubs” can validate a service’s then report test results directly to CentraSite reuse and place any use case into a conformance to mutually agreed test stan- and view them in the integrated UI, continuous regression suite facilitates the dards. This means services can be exposed streamlines SOA testing efforts. This joint creation of realistic test scenarios at any to a third party in confidence, with no approach means: stage of the SOA lifecycle. “finger pointing” should issues arise. Figure 12: An executed test on a service whose description (including associated policies) was imported from CentraSite can be viewed in SOAtest W H I T E PA P E R | C E N T R A S I T E COM MU N I T Y 16
  17. 17. SOA mAnAGEmEnt run how can your organization ensure hOW DOES SOA mAnAGEmEnt what should happen, does happen? rElAtE tO SOA GOVErnAnCE? The relationship between SOA Management and SOA Governance is an interdependent WhAt iS SOA mAnAGEmEnt? is and be able to maintain control. What one (Figure 13). The visibility, monitoring SOA Management is not the same thing as good is reuse if lower priority consumers and security requirements as defined in SOA Governance, rather it is an integral cause service performance to drop below the SOA Governance policies will drive the part of SOA Governance. To put them in SLAs for your key customers? Or where requirements for an SOA Management context, if we wanted to build a car, SOA unexpected consumers cause performance solution. Governance would plan, design, build and bottlenecks or obtain access to sensitive operate the car; while SOA Management data? Even worse, what if one of these BrinGinG SOA mAnAGEmEnt AnD would observe who drove the car, where exceptions related to a Sarbanes-Oxley SOA GOVErnAnCE intO OnE WOrlD and how fast it went, take the keys out of requirement or exposed credit card numbers? The partnership of SOA Management vendors the ignition if a 10-year-old tried to drive Without SOA Management, you may not with Software AG provides end-to-end it around the block, and raise an alert if even be aware of the problem. visibility across design, change and runtime. the car’s engine or brakes were not Feedback improves planning, alerts where performing as expected. In terms of an ChAllEnGES more controls are needed and validates if SOA, SOA Management focuses on the OF SOA mAnAGEmEnt requirements are met. This integrated and runtime visibility, monitoring, performance Conventional security and management automated approach allows you to: and security aspects. It provides the solutions cannot deliver the control and ¬ Discover unknown services and information for “what is really happening visibility needed in the complex environ- configuration changes. in production?” It makes sense that for ment that comprises an SOA. SOAs need ¬ Use advanced security features, such as effective SOA Governance, you need to SOA-specific solutions that are able to XML threat & intrusion protection. know how and where your services are auto-discover producers, consumers, ¬ Perform advanced impact analysis based being used and be able to control them. dependencies and rogue services; apply on runtime dependencies. security and policies dependent on the Why SOA mAnAGEmEnt? service user; handle services consumed The next section highlights some of the In order to achieve the benefits of SOA, outside the firewall; and report results back real integrations of Community SOA you need to know how effective your SOA in real-time. Management partners and CentraSite. Figure 13: SOA management tool SOA management assists SOA Governance Brings rogue services under control, governs them Discovers all runtime relationships Prevents end-runs around runtime policies Publishes key service metrics Delivers alerts on SlA and policy violations Publishes runtime policies CentraSite registry/repositry W H I T E PA P E R | C E N T R A S I T E COM MU N I T Y 17
  18. 18. SOA mAnAGEmEnt AmBErPOint & SOFtWArE AG run automatic policy provisioning system thE AmBErPOint SOA mAnAGE- reduce costs by minimizing the time and mEnt SyStEm AnD CEntrASitE skills required to set new policies. The intEGrAtiOn partnership enables organizations to: The AmberPoint-CentraSite integration (via ¬ Monitor and manage business transac- UDDI) keeps complex SOA design-oriented tions flowing across many technologies, activities and deployed realities in line. from leading platform vendors to open For example: source SOA solutions and low-level ¬ Bi-directional exchange of design-time custom components. metadata and runtime information with ¬ Identify rogue services and policies, as CentraSite helps maximize component the partnership of AmberPoint and well as outdated service versions on reuse and minimize disruptions. Software AG connects the SOA Gover- production servers. ¬ Runtime policies in CentraSite are nance and SOA management domains ¬ Submit all synchronized information automatically synchronized and enforced with advanced visibility and monitoring (services, endpoints and policies) for by AmberPoint. capabilities that bridge the gap approval before promotion to the ¬ Service Scorecards published to between design-time intentions and production environment. CentraSite provide vital performance runtime realities. data, such as throughput, availability, ASSOCiAtED PrODuCt response times, faults, service level Ongoing automatic discovery of deployed the AmberPoint SOA management agreement violations and exceptions. components, services and dependencies System is a comprehensive platform for This allows developers and architects to is used to create runtime SOA blueprints runtime governance of SOA applications. It select services based on behavior and that support SOA Governance. Strategic enables policy-based management of the service characteristics relative to instrumentation of the entire service net- service network, providing unprecedented performance. work provides end-to-end SOA visibility visibility into and control of a services- ¬ Service-to-consumer dependencies with policy enforcement at key points to based environment including supporting published to CentraSite facilitate impact minimize latency (Figure 14). In addition, components such as EJBs, databases, analysis based on actual runtime usage. a pioneering policy reuse mechanism and third-party appliances, etc. Figure 14: Closed-loop SOA Governance with CentraSite W H I T E PA P E R | C E N T R A S I T E COM MU N I T Y 18
  19. 19. SOA mAnAGEmEnt ACtiOnAl & SOFtWArE AG run service throughout the business day. Some Actional for Active Policy Enforcement key benefits include: ensures compliance with security and regulatory policies. It centralizes SOA ¬ Obtain an accurate picture of the SOA in policy creation and management, provides operation with “always-on” SOA Manage- consistent, distributed policy enforcement ment; detect even unanticipated issues as and helps reduce costs. services and consumers change over time. ¬ Use efficient and lightweight agents to thE ACtiOnAl AnD CEntrASitE monitor SOA performance, enforce intEGrAtiOn security and privacy policies, and then The Actional-CentraSite integration provides aggregate the information for advanced the partnership of Actional and increased runtime visibility, monitoring and impact analysis. Software AG joins the SOA Governance control that allow you to: ¬ Snapshot problem transactions to help and SOA management domains to isolate the root cause of issues without ¬ Get deep visibility into your SOA Infra- provide full lifecycle policy enforce- impacting performance. structure to enable root cause analysis. ment with advanced visibility and ¬ Automatically discover process flows and ¬ Jump start SOA Governance by automating monitoring capabilities. apply defined policies across the entire registration of existing deployed services This enables, for example, performance process with just a few key strokes. to CentraSite. monitoring for SLAs, automatic discovery ¬ Provide automatic correlation between of dependencies, and historically-based ASSOCiAtED PrODuCtS service interactions and business processes. traffic and performance analysis. Service Actional for SOA Operations provides ¬ Merge dependencies from Actional into dependencies can be managed better end-to-end visibility across the SOA the existing dependencies of CentraSite across the SOA landscape and the root landscape to accelerate problem resolu- to get a complete view of your SOA cause of problems diagnosed faster. Costs tion and mitigate risks. Environment. for governance, security and compliance Actional for Continuous Service ¬ Detect rogue services and unexpected are reduced both initially and over time. Optimization (CSO) provides business in- consumers and bring them into the Service metrics and alerts are real-time so sight into SOA operations for decision support governance process. the user has a clear view, for example, and integrated runtime controls for continu- ¬ Quickly diagnose the root cause of policy into average response times for a particular ous optimization of business outcomes. violations (Figure 15). Figure 15: A simple click within CentraSite takes you into a detailed metrics report from Actional W H I T E PA P E R | C E N T R A S I T E COM MU N I T Y 19