Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA...

24
Ready-to-Use SOA Governance for Microsoft

Transcript of Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA...

Page 1: Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA Governance Automation for Microsoft’s Enterprise SOA platform. This allows you to have

Ready-to-Use SOA Governance for

Microsoft

Page 2: Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA Governance Automation for Microsoft’s Enterprise SOA platform. This allows you to have

www.soa.com Copyright © by SOA Software, Inc. 2012. All rights reserved. 1

Table of Contents

1 Introduction ................................................................................................... 3

2 Integrated SOA Governance Defined ................................................................. 4

2.1 Planning Governance – Build the Right Things .............................................. 4

2.2 Development Governance – Build Things Right ............................................. 5

2.3 Operational Governance – Ensure What’s Built Behaves Right ......................... 5

2.4 Policy Governance – Uniform Policy for All Governance Areas ......................... 5

3 Integrated SOA Governance Best Practices ......................................................... 7

3.1 Governance Automation ............................................................................. 7

3.2 Uniform Policy Management ....................................................................... 7

3.3 Metadata Federation .................................................................................. 7

3.4 Service Virtualization ................................................................................. 7

3.5 Trust and Management Mediation................................................................ 7

3.6 Continuous Compliance and Validation ......................................................... 7

3.7 Change Impact Mitigation .......................................................................... 8

3.8 Consumer Contract Provisioning ................................................................. 8

4 Platform Independent Governance Automation ................................................... 9

4.1 Platform Governance Models ...................................................................... 9

4.2 Governed Service Platforms ..................................................................... 10

4.3 Governed Development Platforms ............................................................. 10

5 SOA Infrastructure Reference Model ................................................................ 11

6 Integrated SOA Governance System Elements: ................................................. 12

6.1 SOA Repository ...................................................................................... 12

6.2 SOA Policy Management System ............................................................... 12

6.3 SOA Registry .......................................................................................... 12

6.4 SOA Management System ........................................................................ 12

Page 3: Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA Governance Automation for Microsoft’s Enterprise SOA platform. This allows you to have

www.soa.com Copyright © by SOA Software, Inc. 2012. All rights reserved. 2

6.5 SOA Security System .............................................................................. 12

6.6 SOA Intermediaries ................................................................................. 12

7 SOA Software’s Integrated SOA Governance Solution ........................................ 13

8 Ready-to-Use Integrated SOA Governance for Microsoft ..................................... 15

8.1 SOA Software Service Manager for Windows Communication Foundation (WCF)

17

8.2 SOA Software Service Manager for BizTalk Server ....................................... 19

8.3 SOA Software Service Manager for ASP.NET ............................................... 20

8.4 SOA Software Service Manager and Windows Azure and Windows Azure

AppFabric ........................................................................................................ 22

8.5 About SOA Software ................................................................................ 23

Page 4: Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA Governance Automation for Microsoft’s Enterprise SOA platform. This allows you to have

www.soa.com Copyright © by SOA Software, Inc. 2012. All rights reserved. 3

1 Introduction

This whitepaper builds on the foundation created in SOA Software’s whitepaper

“Integrated SOA Governance.” It describes how SOA Software’s products integrate with

a wide range of Microsoft’s Enterprise SOA products to provide Ready-to-Use SOA

Governance automation, and the reason why those capabilities are so important.

SOA Software’s products provide Ready-to-Use SOA Governance Automation for

Microsoft’s Enterprise SOA platform. This allows you to have confidence that you are

governing Microsoft SOA elements either on their own or as part of a heterogeneous

enterprise SOA environment. Our governance solution makes services exposed from

applications running on WCF, BizTalk and ASP.NET visible to and compliant with

enterprise policies defined, enforced and audited across other platforms. Services from

SAP, IBM and others become visible to and compliant with enterprise policies defined and enforced across your ASP.NET, BizTalk and WCF applications.

Unified governance automation from SOA Software spans the full enterprise service

lifecycle. SOA Software’s Portfolio Manager enables governance of services at the

architecture planning stage. Repository Manager provides governance and policy

definition for the development stage of the lifecycle, while Service Manager and Policy Manager provide monitoring, management and policy enforcement at runtime.

SOA Software’s solutions offer deep integration with the Microsoft SOA and business

process management solutions including: ASP.NET, WCF, BizTalk, Windows Azure, Visual

Studio and Team Foundation Server. SOA Software enables automatic discovery of

ASP.NET and WCF Web services wherever they are in your enterprise. Such Web

services typically have unpredictable levels of governance with respect to security,

contract management, usage thresholds, load balancing, failover and activity

monitoring. We give you the ability to govern some or all of your services using native

Windows Server agents. These agents enforce policy, monitor Web service activity,

enforce service level agreements and usage contracts, and perform authentication and authorization.

Summary of SOA Software Service Manager Agents for Microsoft:

SOA Software Service Manager for Microsoft WCF – Replaces potentially

complex and labor-intensive WCF policy binding with automated, centralized

policy definition and enforcement for WCF Web services. Ships with 18 fully

prebuilt, pretested, and governance-ready WCF services, clients, tools, policy,

and documentation use cases for nearly instant deployment.

SOA Software Service Manager for Microsoft ASP.NET – Runs on Microsoft

IIS and automatically discovers ASP.NET Web services, enabling selective

governance of individual services.

SOA Software Service Manager for Microsoft BizTalk – Governs BizTalk

applications that interact with Web services and other modes of messaging, as

well as messaging that interfaces with the BizTalk Enterprise Service Bus (ESB).

SOA Software Service Manager and Windows Azure and AppFabric -

Whether customer applications run on-premise or in Microsoft’s Windows Azure cloud platform, SOA Software is committed to high quality governance solutions.

Page 5: Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA Governance Automation for Microsoft’s Enterprise SOA platform. This allows you to have

www.soa.com Copyright © by SOA Software, Inc. 2012. All rights reserved. 4

2 Integrated SOA Governance Defined

Integrated SOA Governance ensures the applicability, integrity and usability of a wide

range of assets through all their lifecycle stages from asset identification through

deprecation. The full lifecycle is split into planning governance, lifecycle governance,

and operational governance.

2.1 Planning Governance – Build the Right Things

Planning governance includes the identification analysis and modeling of candidate

services, policies, profiles, processes and information. An effective planning governance

tool will manage an organization’s SOA portfolio while examining existing and planned

applications and determining which capabilities should be exposed as services, and

where applications would benefit from consuming shared services.

Planning Governance is a new area for SOA. It will allow companies to build to plan, and

build to priority modeling current and desired architecture and identifying and

prioritizing candidate services. Planning Governance solutions will maximize the

efficiency of investment in SOA, solidifying the role of existing platforms as foundation

service providers.

I.T. has always struggled with balancing long term planning with addressing the

immediate and short term needs of the business, in most cases the short term

requirements take precedent over long range planning. When this is applied to

enterprise architecture, organizations end up with a bunch of services that deliver

minimal business value, instead of their goal of SOA.

Planning Governance allows organizations to identify potential services in a planned and

managed community including enterprise architects, business analysts and portfolio

managers. When utilizing planning governance, services can be proactively ‘built to plan’

Page 6: Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA Governance Automation for Microsoft’s Enterprise SOA platform. This allows you to have

www.soa.com Copyright © by SOA Software, Inc. 2012. All rights reserved. 5

rather than simply reacting and building single use services. This approach reduces the

risks of service deployment and facilitates Enterprise Architectural goals by avoiding

chaotic ‘service sprawl’.

Planning Governance solutions will require integration with a wide range of existing

enterprise repositories, application portfolio management, and enterprise architecture

planning solutions, to harvest current and desired architectures. The output from the

Planning Governance process will be a set of candidate services that feed into the

Development Governance process, and candidate policies feeding into the Policy

Governance process.

2.2 Development Governance – Build Things Right

Development governance marshals an asset through the development process that

typically spans the design, development, testing and staging phases of its software

development lifecycle. It typically includes a workflow mechanism to approve migration,

policy compliance validation, and a clear separation (logically, physically, or both)

between lifecycle stages. Development governance is the realm traditionally occupied

by registry and repository vendors, although it requires much stronger repository

capabilities and much broader integrations with development environments (IDEs and

SCMs tools), federation with other registries and much stronger service, standards and

taxonomy support than most repositories offer.

The Development Governance solution will depend heavily on Policy Governance for

compliance policy definition, management, and validation. It will use policies to

determine the relevance, and suitability of services at each lifecycle stage, and to

determine if assets meet enterprise standards and guidelines before they can promoted

to the next stage of the lifecycle. For example for a service to move from design to

development the enterprise may require that there is a design document in the

repository, the service has a WSDL, the services is categorized appropriately, and

perhaps even that there are registered consumers waiting for the service.

2.3 Operational Governance – Ensure What’s Built Behaves Right

Operational Governance controls the runtime aspects of SOA. It typically includes

service monitoring, security and management with a runtime policy system. Most Web

Services Management and Web Services Security vendors now position themselves as

providing Operational Governance solutions.

The Operational Governance solution relies heavily on the Policy Governance solution for

discovery of policies for implementation and enforcement. A well architected

Operational Governance solution will fully abstract service consumers and providers from

the complexity of policy implementation and enforcement, service endpoint location,

transport, standards, message exchange pattern, and other impedances to

interoperability. It should provide agents, delegates, and a network resident

intermediary for service virtualization.

2.4 Policy Governance – Uniform Policy for All Governance Areas

Policy Governance defines and manages policies, associates them with various assets,

and validates and reports on policy compliance. It manages a wide range of different

policy types from metadata compliance policies applied in Planning and Development

Page 7: Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA Governance Automation for Microsoft’s Enterprise SOA platform. This allows you to have

www.soa.com Copyright © by SOA Software, Inc. 2012. All rights reserved. 6

Governance processes through security, reliability, and service-level policies applied

through an Operational Governance solution.

It is critical that the Policy Governance solution ensures consistent policy definition,

implementation, enforcement, validation, and audit through all stages of the lifecycle,

and across all distributed and mainframe platforms.

Page 8: Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA Governance Automation for Microsoft’s Enterprise SOA platform. This allows you to have

www.soa.com Copyright © by SOA Software, Inc. 2012. All rights reserved. 7

3 Integrated SOA Governance Best Practices

Integrated SOA Governance promotes the core SOA governance best practices of:

3.1 Governance Automation

Governance Automation ensures scalability of enterprise processes implementing a

lifecycle management workflow to implement development approval processes,

integrated provisioning and lifecycle management, and inter-departmental contract

management and negotiation.

3.2 Uniform Policy Management

Uniform Policy Management ensures consistent policy definition, implementation,

enforcement, validation, and audit through all stages of the lifecycle, and across all

distributed and mainframe platforms. It ensures that services can be leveraged as first-

class citizens throughout an enterprise SOA by complying with enterprise policies that

are uniform across all platforms.

3.3 Metadata Federation

Metadata Federation provides seamless, heterogeneous SOA Governance and standards-

based support for governance automation (UDDIv3, WS-MEX, WS-Policy) to ensure that

governance processes are uniformly applied across all platform investments. When

metadata is federated and consistent across multiple governance platforms, the business

value of service (cost, usage, production issues) becomes visible and measurable across

the enterprise service lifecycle.

3.4 Service Virtualization

Service Virtualization provides location-transparency, service mobility, impedance

tolerance and reliable service delivery without requiring a re-platforming of existing

platforms or introducing yet another service platform to support the required solution

architecture.

3.5 Trust and Management Mediation

Trust and Management Mediation ensures interoperability across disparate partners and

platforms, trust enablement and trust mediation complementing threat prevention

systems. It provides provide last-mile security, metric collection and reporting, SLA

monitoring and management, to ensure that services are governed, managed, and

secured, and policy implementation and mediation to allow consumers to communicate

with a wide range of mission critical business services exposed from any platform.

3.6 Continuous Compliance and Validation

Continuous Compliance and Validation ensures consistent policy implementation and

enforcement across all stages of the lifecycle, preserving the fidelity of the governance

models, structures and mechanisms supporting enterprise SOA programs and ensure the

relevance, applicability and suitability of services.

Page 9: Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA Governance Automation for Microsoft’s Enterprise SOA platform. This allows you to have

www.soa.com Copyright © by SOA Software, Inc. 2012. All rights reserved. 8

3.7 Change Impact Mitigation

Change Impact Mitigation provides change management and impact analysis processes

integrated with the governance workflow to ensure that changes to services or other

assets don’t cause major outages by breaking the consumption model.

3.8 Consumer Contract Provisioning

Consumer Contract Provisioning provides offer, request, negotiation and approval

workflows for service access, capacity, SLA and policy contracts. It ensures that the

service providers know which applications and users are consuming their services and

allows them to treat different consumers with different priorities and service levels.

Page 10: Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA Governance Automation for Microsoft’s Enterprise SOA platform. This allows you to have

www.soa.com Copyright © by SOA Software, Inc. 2012. All rights reserved. 9

4 Platform Independent Governance Automation

Much of the benefit of SOA is derived from the promise of seamless interoperability

between platforms, with applications built using .NET and WCF consumer services

exposed from COTS, Mainframe, or Java applications. One of the core goals of SOA

Governance is to ensure that services are relevant and consumable between platforms.

As such it makes no sense to leverage governance capabilities built into the platforms

themselves, as this simple promotes silos of services within platform domains.

4.1 Platform Governance Models

Not all platforms are governable; in fact platforms fall into one of 3 categories:

Ungoverned Platforms – the purest form of Informal Governance. This often

results in “Random SOA” or “Accidental SOA”. This includes any container that

doesn’t support policy enforcement natively or with an agent

Self-Governed Platforms – a mixture of Formal and Informal. Some tasks and

activities are governed, some are not. SOA Governance is as weak as the

weakest link in the chain. This category includes containers that use their own

tooling without policy integration with a centralized enterprise SOA Governance

solution.

Governed Platforms – a real or virtual organization exists that is devoted to the

promotion of SOA programs and causes that is accepted as a fundamental part of

an SOA culture. Governed Service Platforms have:

Clear job titles / responsibility support SOA Governance activities

Supports clear separation between implementation activities and governance

activities

Provides standards-based governance integration interfaces

Integrated SOA Governance solutions integrate seamlessly with the platforms providing

varying degrees of configuration, policy implementation and enforcement, message

handling, and workflow support, largely depending on the level of sophistication of the

platform itself.

Page 11: Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA Governance Automation for Microsoft’s Enterprise SOA platform. This allows you to have

www.soa.com Copyright © by SOA Software, Inc. 2012. All rights reserved. 10

We divide governed platforms into two categories:

4.2 Governed Service Platforms

All applications that expose and consume services at runtime are service platforms.

These include application servers like IBM WebSphere, Microsoft IIS, Oracle WebLogic,

JBoss and others; ESBs from vendors including IBM, Microsoft Oracle, JBoss, TIBCO and

others; mainframe applications running in CICS and IMS; COTS applications like CICS;

and SaaS environments like Salesforce.com and Amazon.

As described above, Governed Service Platforms offer standards-based governance

integration interfaces, and support the concepts of governance by an external enterprise

governance system.

4.3 Governed Development Platforms

Most platform vendors provide an integrated development environment (IDE), source

code management and version control system, defect tracking/change request tooling,

and in many cases, a document management and/or asset management repository. An

Integrated SOA Governance solution can provide asset lifecycle management and policy

compliance capabilities to ensure that developed software assets (such as services,

components and applications) are appropriate and relevant to the enterprise, and that

they comply with applicable policies.

Governed Development Platform status means that the development platform integrates

with an Integrated SOA Governance solution to make and share decisions about assets

and artifacts.

Page 12: Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA Governance Automation for Microsoft’s Enterprise SOA platform. This allows you to have

www.soa.com Copyright © by SOA Software, Inc. 2012. All rights reserved. 11

5 SOA Infrastructure Reference Model

SOA Infrastructure is the set of tools and technologies that an organization deploys to

secure and manage services and service-oriented business applications. It provides the

delivery mechanism for a comprehensive governance solution including Registry,

Repository, Management, and Security services, and intermediaries to ensure the

application and use of these services.

The SOA Infrastructure reference model shown above is published by SOA Software, the

leading provider of SOA Infrastructure software products. It provides a product and

vendor agnostic view of the concepts, components and standards that make up a

successful SOA Infrastructure. For more information see SOA Software’s whitepaper –

“The SOA Infrastructure Reference Model.”

Page 13: Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA Governance Automation for Microsoft’s Enterprise SOA platform. This allows you to have

www.soa.com Copyright © by SOA Software, Inc. 2012. All rights reserved. 12

6 Integrated SOA Governance System Elements:

The core elements of the Integrated SOA Governance system are the Registry,

Repository, Policy Management System, Virtualization System, Management and

Security System, and their associated intermediaries. Also, as described above,

governance products and systems not having deep integration between these elements

would offer minimal value to an SOA implementation.

6.1 SOA Repository

The SOA Repository provides a solution for the governance of development assets and

artifacts. Governance in this context includes registration, lifecycle management, run-

time and design-time policy invocation, and business value visibility. The repository

implements registry standards for metadata exchange. It is the main source of SOA

information for end users and applications.

6.2 SOA Policy Management System

The SOA Policy Management System provides a framework for defining and managing

policies that are enforced throughout the planning, lifecycle, and operational governance

processes. It ensures that policies are applied uniformly across all governed and

governable platforms.

6.3 SOA Registry

The SOA Registry supports the categorization, classification, tagging, and publication of

services. It provides browse and search interfaces for service discovery, a publication

interface for service registration, and a subscription interface for synchronization with

other registries and repositories.

6.4 SOA Management System

An SOA Management solution monitors and manages the reliability, availability and

performance of services.

6.5 SOA Security System

An SOA Security solution provides service and message security capabilities including

authentication (identity assertion and token exchange), authorization, privacy, non-

repudiation and audit.

6.6 SOA Intermediaries

SOA intermediaries exist in a number of forms, the most important of which are stand-

alone (proxy/router), and agent (embedded in container). Intermediaries enforce and

implement policy for Management and Security solutions. The primary role of the agent

intermediary is to ensure last-mile policy enforcement, while the primary role of the

stand-alone intermediary is to provide service virtualization to isolate consumers from

service location, policy, implementation, and change.

Page 14: Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA Governance Automation for Microsoft’s Enterprise SOA platform. This allows you to have

www.soa.com Copyright © by SOA Software, Inc. 2012. All rights reserved. 13

7 SOA Software’s Integrated SOA Governance Solution

SOA Software builds its Integrated SOA Governance solution around its Policy

Manager™, Portfolio Manager™, Repository Manager™, and Service Manager™ products

for SOA Policy Governance, Planning Governance, Development Governance, and

Operational Governance.

SOA Software’s Portfolio Manager™, Repository Manager™, Policy Manager™, and

Service Manager™ combine to form a comprehensive Integrated SOA Governance

Automation solution.

Portfolio Manager™ is an innovative Planning Governance product that helps ensure the

alignment of SOA Programs with strategic IT investment and business objectives and

makes sure that enterprises build the right services at the right time. It helps

customers identify candidate services and build an SOA roadmap through SOA Modeling,

Asset Identification, and a Portfolio Management process. To achieve these goals

Portfolio Manager functions as part of a Ready-to-Use SOA Governance automation suite

with seamless integration with Repository Manager™ and Policy Manager™.

Repository Manager™ provides an advanced software development asset (SDA)

repository, lifecycle management, and metadata federation solution. It governs leading

development platforms, ensuring consistent definition and management of services and

other assets across all development environments. Repository Manager supports

advanced SDA repository and governance capabilities including the ability to define and

manage custom asset and artifact types, asset relationship management, integrated

development environment (IDE) integration, and comprehensive asset federation. It

integrates seamlessly with Policy Manager where policy decisions are required in the

Development Governance process, as well as provisions service consumption

agreements made by developers to Policy Manager for further governance. Repository

Page 15: Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA Governance Automation for Microsoft’s Enterprise SOA platform. This allows you to have

www.soa.com Copyright © by SOA Software, Inc. 2012. All rights reserved. 14

Manager supports application development and architecture teams, providing a

comprehensive Development Governance solution.

Service Manager™ automatically implements and enforces policies from Policy Manager.

It generates usage, performance and policy compliance metrics that it reports to Policy

Manager so that it can audit that policies are being enforced in a closed-loop process.

Service Manager support SOA and enterprise operational management functions,

ensuring that services are security, reliable, and meet the performance goals for each

consumer.

Policy Manager™ provides a comprehensive SOA Policy Governance solution, with

powerful governance automation capabilities. Governance automation minimizes the

overhead associated with governance processes, and turns governance from a painful

workload, into a productivity tool. Policy Manager includes a built-in policy and service

metadata repository supporting its policy governance processes. Policy Manager

supports enterprise and SOA architecture functions, ensuring consistent application of

policies throughout an enterprise SOA program. Using this solution architects,

developers, security administrators, and operations managers can define and govern

policies that are applied to services throughout the appropriate stages of their lifecycle.

Using this solution architects, developers, security administrators, and operations

managers can define and govern policies that are applied to services throughout the

appropriate stages of their lifecycle.

Page 16: Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA Governance Automation for Microsoft’s Enterprise SOA platform. This allows you to have

www.soa.com Copyright © by SOA Software, Inc. 2012. All rights reserved. 15

8 Ready-to-Use SOA Governance for Microsoft

SOA Software’s Ready-to-Use SOA governance products have the goal of helping

customers govern a wide range of Microsoft Service-Oriented Architecture (SOA) use

cases. SOA Software products are written in native Windows .NET code and deploy

easily using Microsoft Installer (MSI) files. They run alongside Microsoft-based

applications in Windows Server. Governance features for Web services on the Microsoft platform include:

Portfolio management of enterprise services regardless of delivery platform

18 full-tested use cases available for nearly instant deployment, including:

o Kerberos, .NET.TPC, NTML, X.509 security, WsHttpBinding

Uniform lifecycle and policy governance across existing platform investments

Assurance of interoperability with other platforms

Seamless, heterogeneous SOA governance, security and management integration

with IBM middleware infrastructure

Performance and reliability management

Interoperability across disparate partners and platforms

Integrated provisioning and lifecycle management

Inter-departmental consumer contract provisioning and negotiation

Standards support for governance automation (UDDIv3, WS-MEX)

Trust enablement and trust mediation

Integration with Visual Studio Team and Team Foundation Server

Support for Oracle database connectivity with Windows-server based Web services.

Page 17: Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA Governance Automation for Microsoft’s Enterprise SOA platform. This allows you to have

www.soa.com Copyright © by SOA Software, Inc. 2012. All rights reserved. 16

On a product-by-product basis, the SOA Software governance solution provides the following value added governance capabilities to the Microsoft stack:

Microsoft Product SOA Software Added Value

WCF

Automation of WCF policy binding

Governance federation

Metadata management

Mediation for interoperability

Policy enforcement, implementation, monitoring

Security policy implementation and enforcement

Automated PKI key distribution

18 fully-tested use cases, including Kerberos, NET.TCP,

NTLM, X.509 and WsHttpBinding

ASP.NET Web

Services

Governance federation

Metadata management

Mediation for interoperability

Policy enforcement, implementation, monitoring

Security policy implementation and enforcement

Automated PKI key distribution

BizTalk Server Governance federation Metadata management

Policy enforcement, implementation, and monitoring

Monitor any port type regardless of protocol

Office Dynamic policy implementation

Abstraction of Office application service programming

model from complex policy semantics and operations

VisualStudio

Easy access from the popular IDE to services and other

assets stored in SOA Software Repository Manager

(Development stage governance.)

VisualStudio tool for SOA Software Policy Manager

(Runtime governance)

Visual SourceSafe

and Team

Foundation Server

Automated asset assembly to Repository Manager based

on SDLC triggers

Seamless artifact access to services and other assets

stored in this system of record

Page 18: Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA Governance Automation for Microsoft’s Enterprise SOA platform. This allows you to have

www.soa.com Copyright © by SOA Software, Inc. 2012. All rights reserved. 17

8.1 SOA Software Service Manager for Windows Communication Foundation

(WCF)

SOA Software Service Manager provides a native Windows Server agent for governing

WCF Web services. SOA Software has loaded this product with prebuilt, pretested, and

governance-ready WCF services, clients, tools, policy, and documentation. Windows

Communication Foundation (WCF) provides a unified framework for rapidly building

service-oriented applications that makes it easy to build and consume secure, reliable,

and transacted Web services. WCF’s single programming model unifies the capabilities in

ASMX, WSE, Remoting, COM+, and MSMQ; therefore developers need to learn only one

programming model.

In addition, WCF services now offer more design flexibility by supporting architectures

such as Representational State Transfer (REST), JavaScript Object Notation (JSON), and

Plain Old XML (POX) encoding. By default, WCF services speak standard WS-* protocols

when sending and receiving messages for maximum interoperability. These features

include:

• Interoperable security, reliable messaging, and transaction support are provided

through WS-* implementations.

• Reliable messaging guarantees “in order” and “exactly once” delivery.

• MSMQ infrastructure provides queued messaging.

• Transaction support enables reliable execution or rollback of multi-step

operations.

Hosting model independence enables WCF code to run in IIS as well as in any

managed code application (ASP.NET, EXEs, NT Services, WinForm, etc.).

SOA Software’s Agent for WCF helps Windows Server administrators solve a difficult

challenge inherent in managing governance policies for WCF Web services. Out of the

box, WCF provides the capability for policy and configuration binding that allows you to

define a policy or configuration and then bind it for enforcement on a WCF Web service.

However, the process of configuring these bindings is largely manual. Configuration

must be done on a machine by machine basis. Managing configurations for a complex

SOA environment running on multiple Windows Servers can thus become a time

consuming task or even a full time job.

The SOA Software agent for WCF replaces this labor-intensive WCF policy binding with

automated, centralized policy definition and enforcement for WCF Web services.

Running from an MSI install, our agent deploys and then automatically discovers WCF

Web services running in your environment. From a central management console, you

can select services that require governance and then define and enforce policies for each

one. The policy definition and enforcement results in an automatic binding configuration

that is native to WCF. SOA Software operates completely within the WCF framework at

runtime. SOA Software’s product ships with more than 18 fully-tested use cases. These

use cases include areas such as Kerberos, NET.TCP, NTLM, X.509 security, and

WsHttpBinding. The Agent also includes support for; governing Microsoft BizTalk

applications exposed as WCF services; native NET.TCP binding support in SOA Software

Policy Manager; automated certificate provisioning; an enhanced logging framework;

Page 19: Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA Governance Automation for Microsoft’s Enterprise SOA platform. This allows you to have

www.soa.com Copyright © by SOA Software, Inc. 2012. All rights reserved. 18

and improved operational alerts. The Agents now supports Oracle database connectivity for Windows Server-based Web services.

The agent for WCF goes beyond automating WCF policy binding. It also enables a

robust governance capability that allows for monitoring of Web services, SLAs, contract

definition and enforcement, alerting, and security.

SOA Software’s Policy Manager and Service Manager ensure that WCF can facilitate and

benefit from the core Integrated SOA Governance Automation best practices:

Trust & Management Mediation – provide last-mile security, metric collection and

reporting, SLA monitoring and management, to ensure that services published

using WCF are governed, managed, and secured. Provide policy implementation

and mediation to allow WCF to communicate with a wide range of mission critical

business services exposed from both Microsoft and non-Microsoft platforms.

Service Virtualization – conveniently make WCF services available to partners and

allow WCF applications to consume partner services

Governance Automation – automate the publishing of WCF services, providing

lifecycle workflow with approvals, collaboration services, and consumer contract

provisioning

Continuous Compliance and Validation - ensure the relevance, applicability and

suitability of WCF services

Metadata Federation - ensure that WCF services are visible to, relevant, and

consumable by other platforms – and make services from other platforms visible

to, relevant and consumable by WCF. Automatically discover services in Process

Server and publish them into Policy Manager subject to governance policies

Change Impact Mitigation - make sure that changes to WCF services don’t cause

major outages by breaking consumers

Uniform Policy Management - ensure that WCF services can be leveraged as first-

class citizens throughout an enterprise SOA by complying with enterprise policies

that are uniform across all platforms

Page 20: Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA Governance Automation for Microsoft’s Enterprise SOA platform. This allows you to have

www.soa.com Copyright © by SOA Software, Inc. 2012. All rights reserved. 19

8.2 SOA Software Service Manager for BizTalk Server

BizTalk Server presents an unusual SOA governance challenge to system administrators.

The very openness and utility of the BizTalk service bus (ESB) makes it a multi-platform

solution. A successful BizTalk implementation is going to be consuming and exposing

Web services from many different vendor stacks. In addition to ASP.NET and WCF Web

services, there will invariably be services that originate on SAP NetWeaver, IBM

WebSphere, and many others. Similarly, BizTalk will likely be providing message

management for Microsoft-based Web services that are invoking non-Microsoft services. How can you manage all of these heterogeneous, interdependent Web services?

The SOA Software Service Manager Agent for BizTalk Server is a native, MSI installed

Windows application that enables you to govern, monitor and manage BizTalk

applications that consume or invoke Web services from multiple platforms. You can

define and control the BizTalk enterprise service bus (ESB) access to services, even

when they are part of a complex, machine-to-machine orchestration scheme. Other features include:

SOA Software’s Policy Manager and Service Manager ensure that BizTalk can facilitate

and benefit from the core Integrated SOA Governance Automation best practices:

Governance federation

Metadata management

Policy enforcement, implementation, and monitoring

Monitor any port type regardless of protocol

Trust & Management Mediation – provide last-mile security, metric collection and

reporting, SLA monitoring and management, to ensure that services exposed by

BizTalk are governed, managed, and secured. Provide policy implementation and

mediation to allow BizTalk to communicate with a wide range of mission critical

business services exposed from both Microsoft and non-Microsoft platforms.

Page 21: Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA Governance Automation for Microsoft’s Enterprise SOA platform. This allows you to have

www.soa.com Copyright © by SOA Software, Inc. 2012. All rights reserved. 20

Service Virtualization – conveniently make BizTalk services available to partners

and allow it to consume partner services

Governance Automation – automate the publishing of BizTalk services, providing

lifecycle workflow with approvals, collaboration services, and consumer contract

provisioning

Continuous Compliance and Validation - ensure the relevance, applicability and

suitability of BizTalk services

Metadata Federation - ensure that BizTalk services are visible to, relevant, and

consumable by other platforms – and make services from other platforms visible

to, relevant and consumable by BizTalk. Automatically discover services in

Process Server and publish them into Policy Manager subject to governance

policies

Change Impact Mitigation - make sure that changes to BizTalk services don’t

cause major outages by breaking consumers

Uniform Policy Management - ensure that BizTalk services can be leveraged as

first-class citizens throughout an enterprise SOA by complying with enterprise

policies that are uniform across all platforms

SOA Software provides a fully functional Agent for BizTalk. The Agent deploys into the

BizTalk Server to monitor and manage messages. It provides a policy engine to enforce

governance policies for BizTalk. The policy engine discovers its policies using WS-

MetadataExchange and WS-Policy from Policy Manager, and reports metrics, usage, and

exceptions to Policy Manager.

8.3 SOA Software Service Manager for ASP.NET

The .NET Framework is a development and execution environment that allows different

programming languages and libraries to work together seamlessly to create Windows-

based applications that are easier to build, manage, deploy, and integrate with other

networked systems.

Built on Web service standards, ASP.NET enables both new and existing personal and

business applications to connect with software and services across platforms,

applications, and programming languages. These connections give users access to key

information, whenever and wherever you need it.

Many of the Web services running on the Microsoft platform today were created using

Microsoft’s first generation ASP.NET-based Web Services technology and run on the IIS

Web Server. The simplicity of developing Web services on ASP.NET and deploying to IIS

is quite appealing to IT architects given how efficient it can make creating a service-

oriented architecture. At the same time, however, having an unknown quantity of

largely ungoverned Web services distributed across your enterprise presents a serious

governance challenge. System administrators need a way to know which ASP.NET

services are running, control who has access to them, manage their availability, monitor

their performance, and so forth. The SOA Software Service Manager Agent for ASP.NET Web services addresses this challenge.

Page 22: Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA Governance Automation for Microsoft’s Enterprise SOA platform. This allows you to have

www.soa.com Copyright © by SOA Software, Inc. 2012. All rights reserved. 21

The Service Manager Agent for ASP.NET runs on IIS and automatically discovers

ASP.NET Web services, enabling selective governance of individual services. Installed

from an MSI file and running natively in Windows Server, the agent enables you to

define and enforce policy for selected ASP.NET Web services running on IIS. Specific features include:

SOA Software’s Policy Manager and Service Manager ensure that ASP.NET Web services

can facilitate and benefit from the core Integrated SOA Governance Automation best

practices:

Governance federation, including governance for and by non-Microsoft platforms

Metadata management

Mediation for interoperability

Policy enforcement, implementation, monitoring

Security policy implementation and enforcement

Automated PKI key distribution

Trust & Management Mediation – provide last-mile security, metric collection and

reporting, SLA monitoring and management, to ensure that services created in

ASP.NET are governed, managed, and secured. Provide policy implementation

and mediation to allow ASP.NET to communicate with a wide range of mission

critical business services exposed from both Microsoft and non-Microsoft

platforms.

Service Virtualization – conveniently make ASP.NET services available to partners

and allow it to consume partner services

Governance Automation – automate the publishing of ASP.NET services,

providing lifecycle workflow with approvals, collaboration services, and consumer

contract provisioning

Continuous Compliance and Validation - ensure the relevance, applicability and

suitability of ASP.NET services

Metadata Federation - ensure that ASP.NET services are visible to, relevant, and

consumable by other platforms – and make services from other platforms visible

to, relevant and consumable by ASP.NET. Automatically discover services and

publish them into Policy Manager subject to governance policies

Page 23: Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA Governance Automation for Microsoft’s Enterprise SOA platform. This allows you to have

www.soa.com Copyright © by SOA Software, Inc. 2012. All rights reserved. 22

Change Impact Mitigation - make sure that changes to ASP.NET services don’t

cause major outages by breaking consumers

Uniform Policy Management - ensure that ASP.NET services can be leveraged as

first-class citizens throughout an enterprise SOA by complying with enterprise

policies that are uniform across all platforms

SOA Software provides the fully functional Agent for ASP.NET for ASP.NET services

published in IIS. The agent deploys as lightweight component into the IIS container

providing a management application, a policy engine, and a handler mechanism. The

management application monitors IIS’s configuration database looking for new services.

When it discovers a new service it will, depending on its policies, automatically intercept

messages for processing by the policy engine. The policy engine discovers its policies

using WS-MetadataExchange and WS-Policy from Policy Manager and reports metrics,

usage, and fault data back to Policy Manager.

SOA Software also provides a fully functional client side component, called a delegate, in

the form of C# SDK. The delegate deploys into .NET client applications to abstract them

from the location, transport and policy complexities of consuming services.

8.4 SOA Software Service Manager and Windows Azure and Windows Azure

AppFabric

Microsoft’s Windows Azure cloud platform offers great advances in how applications are

designed, architected and deployed. Web services running in the Windows Azure cloud

offer numerous advantages in terms of scalability and flexibility. They can be difficult to

govern, though, especially when they connect with on-premise applications running

behind the firewall.

Services and applications designed for and deployed to the Windows Azure cloud require the same critical level of SOA governance as the SOA components deployed on-premise.

In addition to services and applications, Windows Azure solutions utilizing Windows

Azure AppFabric require SOA governance solutions to ensure a fully automated SOA

governance infrastructure. Whether utilizing the Service Bus for optimal connectivity and

security among services, Access Control for powerful federated identity solutions, or

BizTalk Server integration capabilities to ensure enterprise application integration, a

solid governance solution will ensure that Windows Azure AppFabric composite solutions

are effectively governed as part of a larger SOA infrastructure.

SOA Software offers a comprehensive SOA Governance Automation solution for Web

services on the Microsoft platform.

SOA Software believes that users of AppFabric should consider the role that SOA

governance plays in the use of such a dynamic new middle tier technology. AppFabric is

a great boon to architects and developers, as it streamlines many of the difficulties

associated with using Web services in a complex cloud/on-premise hybrid application.

However, the very efficiency of AppFabric add governance challenges to an enterprise

SOA by making it easier than ever to expose and invoke Web services to a range of new

consumers both inside and outside the firewall. Our recommendation is that architects

Page 24: Ready-to-Use SOA Governance for Microsoft...SOA Software’s products provide Ready-to-Use SOA Governance Automation for Microsoft’s Enterprise SOA platform. This allows you to have

www.soa.com Copyright © by SOA Software, Inc. 2012. All rights reserved. 23

considering Web services with AppFabric and Windows Azure consider the complete

governance requirements of the SOA as part of their planning process.

8.5 About SOA Software

SOA Software is a leading provider of unified SOA governance, cloud and enterprise API

Management products that enable organizations to plan, build, and run enterprise

services and open APIs. The world’s largest companies including Bank of America,

Pfizer, and Verizon use SOA Software solutions to transform their business. For more

information visit www.soa.com and www.soa.com/microsoft

SOA Software, Atmosphere, atmos.phe.re, Policy Manager, Repository Manager, Service Manager, and SOLA are trademarks of SOA Software, Inc. All other product and company names herein may be trademarks and/or registered trademarks of their registered owners.

SOA Software, Inc.

12100 Wilshire Blvd, Suite 1800

Los Angeles, CA 90025

866-SOA-9876

www.soa.com

[email protected]

Copyright © 2012 by SOA Software, Inc.

Disclaimer: The information provided in this document is provided "AS IS" WITHOUT ANY WARRANTIES OF ANY KIND INCLUDING WARRANTIES OF

MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT OF INTELLECTUAL PROPERTY. SOA Software may make

changes to this document at any time without notice. All comparisons, functionalities and measures as related to similar products and services

offered by other vendors are based on SOA Software's internal assessment and/or publicly available information of SOA Software and other vendor product features, unless otherwise specifically stated. Reliance by you on these assessments / comparative assessments are to be made solely on

your own discretion and at your own risk. The content of this document may be out of date, and SOA Software makes no commitment to update

this content. This document may refer to products, programs or services that are not available in your country. Consult your local SOA Software

business contact for information regarding the products, programs and services that may be available to you. Applicable law may not allow the exclusion of implied warranties, so the above exclusion may not apply to you