Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Governance 2.0: A New Look at SOA Governance in The Age of Cloud and Mobile


Published on

As enterprises extend their IT reach into the cloud and across mobile devices, the need for controlling who gets access to what information becomes more complex. As application data and functionality gets exposed over the Internet enterprises are going to face greater compliance scrutiny, new challenges in identity verification, increased emphasis in SLA conformance, monitoring challenges that span cloud applications and application, policy and interface lifecycle needs that extend to mobile devices and SaaS integrations. This Webinar given by Layer 7 Technologies and HP Software will look at new approaches and best practices for handling Governance across SOA, Mobile and Cloud.

Visit to learn more.

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

Governance 2.0: A New Look at SOA Governance in The Age of Cloud and Mobile

  1. 1. Service Governance 2.0 Governance in the age of cloud, mobilePeter Gibbels Francois LascellesHP Software Product Management ALM/SOA Layer 7 Director of Solutions Engineering
  2. 2. Housekeeping Questions - Chat any questions you have and we’ll answer them at the end of this call Twitter - Today’s event hashtag: - #l7hpwebinar - Follow us on Twitter as well: - @flascelles - @layer7 - @HPSoftwareALM
  3. 3. Today’s enterprise SOA landscape IT assets distributed in various zones Increasing demand for cloud/partner/customer integration Security first partner distributed enterprise SOA IAAS/PAAS SAAS partner enterprise boundary • Sensitive data, apps • Mission critical • ID authority • Legacy mobile
  4. 4. Integrated governance requirements Centralized governance for services distributed across various zones Automated provisioning of runtime contract enforcement Cross-domain security enablement and identity federation Decoupling of security and application logic QoS monitoring across service zones SLA enforcement
  5. 5. Design vs. runtime governance• Solve gap between operation and design• Losing information from design – centralized repository including history• Lots of operation information are defined during design but missing during operation Design time governance Runtime governance • Policy enforcement • Policy definition • SLA/SLO Monitoring • Design time enforcement HP Systinet 4.0 • Rogue artifacts discovery • SLO planning
  6. 6. Governance across service zones Central control of PEPs across service zones Centralized design time governance authority defines access control rules, contracts Policies programmatically pushed to relevant service zone PEP Layer 7 Gateway PEP deployed on public cloud, private cloud, on-premise Cross-domain trust handled at perimeter
  7. 7. HP SOA SystinetAchieve the promise of SOA with Governance Facilitates distributed collaborationEnterprise SOA requires and communication betweengovernance to see cost savings : application development teams using shared services • Ease of use with new Interface • Visual Lifecycle Designer tool Allows organizations to lower costs • Flexible modeling of services & by agreeing on policies for service their dependencies development in advance and building re-usable services and • Partitioned Domains components • Collaboration and distributed Enables organizations to isolate development support sensitive information in partitioned domains, alleviating security concerns of a shared repository Supporting key stakeholders from across IT & the business VP Apps Business Enterprise Architects Analysts
  8. 8. Layer 7 Gateway  Runtime policy enforcement  ATHN/ATHZ capabilities - X.509, SAML, OAuth  SLA enforcement & reporting  QoS monitoring, alerting  Classification, threat protection  Caching, accelerationPolicy Enforcement Point (PEP)  Hardware appliance or virtual applianceGateway Appliance
  9. 9. HP Business Service Management with BAC End-to-End Performance Monitoring ? ? on-premise BAC Deployment ? ? ? CICS MQ TIBCO Sonic Internet/ and Backend Web Servers App Servers Middleware Firewall Data HP BAC Anywhere Business Infrastructure Real Users Diagnostics Transactions MonitoringProactive end-user over-the-firewall Deep diagnostics of applications Align performance mgmt monitoring and business requirements Universal CMDB 360-degree Dashboard
  10. 10. Layer 7 – Systinet Integration Policies created in Layer 7 Policy Manager Policies stored and referenced in Systinet Layer 7 PEP Gateway enforces policies, reports Service endpoint on compliance Compliance Feedback Layer 7 Gateway Systinet Repository / Registry (GIF) Service client Layer 7 Policy Manager HP BTO BSM (BAC+)
  11. 11. Systinet 4.0 Functional Components and integration withLayer 7 PEP Systinet Platform Components Lifecycle Policy Visual Contracts Registry Catalog Management Framework Navigator & SLO’s GIF based integration IDE Plug-ins Metadata STM BAC Workbench Repository
  12. 12. HP SOA Systinet 4 Lifecycle Management (1)
  13. 13. HP SOA Systinet 4 Lifecycle Management (2)
  14. 14. Visualizing applications
  15. 15. Example Layer 7 alerting to BAC using SNMP Alerts showing up in SideScope monitor
  16. 16. Example Layer 7 to BAC performance metricsSiteScope Sript monitor
  17. 17. Cross domain identity federation with Layer 7 STS issues token on behalf of in- zone requester Incoming tokens are validated against federated trust policies
  18. 18. HP + Layer 7 : comprehensive governance solution
  19. 19. for more informationhttp://www.layer7tech.com