Building Materials Suppliers Dubai | Electrical Suppliers Dubai
Sharing Data with Customers and Suppliers May 2015.pdf · Sharing Data with Customers and Suppliers...
Transcript of Sharing Data with Customers and Suppliers May 2015.pdf · Sharing Data with Customers and Suppliers...
Sharing Data with Customers and Suppliers
Assessing your future Web Services Infrastructure
Graham Cunningham: SW Business Development [email protected]
• Business Outcomes
• The Business Challenge
• Web Services the Issues
• Introducing IBM DataPower
• Deployment
• Latest IBM Datapower Features
• W3P
• Q&A
Agenda
• Days Debt Reduction
• Stock Reduction
• Compliance
• New Channels
• Efficient Processing
• Dynamic Routing
Differing Business Scenario's
• LOB – Engineering Automotive
– More efficient delivery and acknowledgement
– Faster time to Invoice
– More accurate Invoicing
– Days debt reduced by 3 days
Debt Reduction
• LOB – Wholesale Distribution
– More efficient delivery and acknowledgement
– Greater visibility of stock levels at supplier/partner
– JIT ordering easier
– Early visibility of demand changes thru supply chain
Stock Reduction
• LOB – Financial Services
– Flexible approach to delivery of key compliance data
– Easy to modify reporting models
– Reuse of internal reporting services
– Secure method of delivering sensitive information
Compliance
• LOB – Media and Entertainment
– Easy rendering of existing web services to mobile
– Decoupled applications from existing backend apps
• Mobile look and feel
– Speed and responsiveness
– 200 % increase in volume of business
New Channels
• LOB – Outsourcing Services
– Prompt sharing of service requests
– Simplification of integration to customer and internal ERP
– Improved accounting reconciliation
– Flexible billing models possible
– Easy to obtain new clients
Efficient Processing
• LOB – Shipping Transportation
– Dynamic Customer services function enabled
– Transports could be dynamically rerouted
– Improved customer services
– More efficient Fleet
Dynamic Routing
• A Web service is a method of communication between two electronic devices over a network. It is a software function provided at a network address over the Web with the service always on as in the concept of utility computing. The W3C defines a Web service generally as:-
• a software system designed to support interoperable machine-to-machine interaction over a network.[1]
• The W3C Web Services Architecture Working Group defined a Web Services Architecture, requiring a specific implementation of a "Web service." In this:
• [a Web service] has an interface described in a machine-processable format (specifically WSDL). Other systems interact with the Web service in a manner prescribed by its description using SOAP(Simple Object Access Protocol) messages, typically conveyed using HTTP with an XML serializationin conjunction with other Web-related standards.[1]
• The W3C also states:• We can identify two major classes of Web services:• REST-compliant Web services, in which the primary purpose of the service is to manipulate
representations of Web resources using a uniform set of stateless operations.• Arbitrary Web services, in which the service may expose an arbitrary set of operations.
Web Services
Communication Security Protocol ConversionTransformation
The adoption of cloud, analytics, mobile, and social computing is forcing organizations to open IT assets to new business channels
…and challenging them to rethink the way they have traditionally approached security & control
Between 2005
and 2020, the
amount of data
in the world will
grow 300X, from
130 to 40,000
exabytes.
81% of adults
use personally
owned mobile
devices for
conducting
business
70% of
employees are
engaged in
social
activities both
internally and
externally
73% of
organizations
discovered
cloud usage
outside of IT
or security
policies
Market Dynamics
• Need for new partner support
• Increase in partner data volume
• Planned security audit
• Backlog in partner management processing.
• In-house built security solutions
The World is Changing
• Lead Architects
– How do you handle application interface security both inside and outside your enterprise?
– Do you have any challenges administering security between your company and other companies?
• Heads of business units.
– Do you have a need to secure your Web Services?
– Would you like to have a scalable and centralized security solution for your application interfaces?
• Middleware management teams
– Are you relying solely on IP firewalls and SSL proxies to secure your application interfaces?
– Are you using or planning to use XML and/or Web Services in critical applications?
• C level execs
– Protecting company reputation
– Passing industry audits
– Utilising all channels to customer/suppliers
The Business Challenge
The technologies tend to be a bit different
JSON/REST instead of SOAP/XML, OAuth instead of SAML
Bandwidth and battery life are at a premium
Need to minimize back and forth communications
Security is a paramount concern
Mobility of devices makes them easier to steal or spoof
Access patterns and volumes are less predictable
More service calls on mobile devices, potentially more users, anytime
Performance matters
Performance expectations are much higher on mobile
Mobile Issues
Websites
Connected appliances
Partners
Websites
Internet TVs Smart phones
Tablets
Game consoles
Connected cars
Millions 1993 - 2000 Trillions 2013+
15
The Current Landscape
•Build more resources
•Acquire new skills
•Address new challenges: mobile, Internet of Things
•Maintain a secure and robust infrastructure
How can you do this?
Why an Appliance For Connectivity?
http
://ww
w.w
3p
artnersh
ip.co
m
• Consumable hardware platform• Certified security assurance• Achieves fast performance• Many functions in a single device• Simplified maintenance model• Lower cost and complexity
IBM DataPower
1717
IBM DataPower Gateways provide a low startup cost,helping clients increase ROI and reduce TCO with
specialized, consumable, dedicated gateway appliances thatcombine superior performance and hardened security in
physical and virtual form factors
INTEGRATE Systems of Engagement with Systems of Record
CONTROL & MANAGE Traffic and Service Level Agreements
SECURE Mobile, API, Web, SOA, B2B and Cloud Workloads
OPTIMIZE Data Delivery and User Experiences
CONSOLIDATE & Simplify Infrastructure Footprint
DataPower Gateways
Single security and integration gateway platform to provide security, integration, control & optimized access to a full range of Mobile, API, Web, SOA, B2B, & Cloud workloads
B2B
Simplify mobile security with single, purpose-built gateway; control mobile traffic and accelerate delivery
WebSimplify web security with single, purpose-built gateway; control traffic and accelerate delivery for intranet and internet web applications
CloudDataPower gateway functionality
in a virtual appliance form factor,
supports multiple hypervisor &
cloud environments
IBM DataPower
GatewayAPIEasily secure, control,
publish, monitor &
manage your APIs
SOASecure, integrate, control
& manage SOA workloads
in the DMZ and Trusted
zones
Extend Connectivity & Integration beyond the enterprise with DMZ-ready B2B edge capabilities
Mobile
Gateway for the Multi-channel Enterprise
Application or Service
5 SOA & API Gateway
6 ESB / Integration Gateway
7 Internal Security Enforcement
8 Web Services Governance & Management
9 Legacy Integration
z System
IBM DataPower Gateway Appliances are the industry-leading
Security & Integration gateways that help provide security, integration,
control and optimized access to a full range of
Mobile, Web, API, SOA, B2B, & Cloud workloads
Internet Trusted Domain
Consumer
DMZ
Trading partners
1 Mobile Gateway
2 API Gateway
3 Web Gateway
4 B2B Partner Gateway
Consumer
Middleware
DataPower Gateway DataPower Gateway
Common Use Cases
Proficiency
Before DataPower GatewayAfter DataPower Gateway
Control
Integrate
Optimize
SecureConsumer
Consumer
Consumer
Consumer
Simplify, offload & centralize critical functions
IntegrateAny-to-any message
transformation
Transport protocol bridging
Message enrichment
Database connectivity
Mainframe connectivity
B2B trading partner
connectivity
Control OptimizeSecureSSL / TLS offload
Hardware accelerated
crypto operations
JSON, XML offload
JavaScript, JSONiq, XSLT,
XQuery acceleration
Response caching
Intelligent load distribution
Service level management
Quota enforcement, rate
limiting
Message accounting
Content-based routing
Failure re-routing
Integration with management
& visibility platforms
Authentication, authorization,
auditing
Security token translation
Threat protection
Schema validation
Message filtering & semantics
validation
Message digital signature
Message encryption
Functions
Deployment
• Appliance On Premise
• Virtual device On Premise- Licensed as IBM s/w
• Virtual Device (cloud)- Rental Model
Purpose-built hardware provides physical security
• Sealed, tamper-evident case
• No usable USB, VGA, other ports
• Intrusion detection switch
• Trusted Platform Module
• Encrypted flash drive
• FIPS 140-2 level 3 Hardware Security Module (option) for secure storage of private keys
Hardened firmware provides platform security for physical & virtual gateways
• Single signed and encrypted firmware by IBM
• No arbitrary software
• Optimized, embedded operating system
• High assurance, “locked-down” configuration
• Key materials are not exportable from the appliance *
Security
23
HTTP MQ JMS FTP IMS
SOAPXML
COBOL
CSV
• Integrate disparate transport protocols with extreme ease
• Transform the message format with ultimate flexibility for data mapping
• Support synchronous, asynchronous, publish & subscribe and guaranteed-delivery message patterns
Simplify - Transport and payload transformations
24
• Enforce security standards with zero coding
• Uses intuitive pipeline message processing
• Import/export configurations between environments
• Transaction probe shows message content between actions for debugging
Accelerate - Configuration Approach
25
• Easily integrate DataPower with your existing monitoring infrastructure
• Leverage advanced SOA monitoring tools for a more holistic analysis
• Create advanced log and audit solutions that meet your application requirements
• Customize your monitoring with a flexible log subscription engine
– Send to multiple targets
– Send in multiple formats
SNMPsyslog
OtherITCAM
SOAsyslog
Governance - DataPower Monitoring
Secure. Integrate. Control. Optimize.
Released
Nov 2014
Consolidated productSingle, modular & extensible gateway
platform to secure, integrate, control, &
optimize full range of workloads
New hardware platformIncrease capacity & throughput while
reducing latency with latest
generation hardware
Deployment flexibilityUse physical or virtual appliance with
seamless configuration migration with
on-premise & cloud deployments
B2B moduleCentralize B2B trading partner
connectivity & transaction management
with high performance secure entry point
in the DMZ
Multi-channel gatewayUtilize single gateway with integrated
access enforcement from ISAM to secure &
optimize delivery of mobile, API, web, SOA,
B2B, cloud apps, and integrate with IBM
MobileFirst & WebSphere platforms
Enhanced securityEnable additional flexible authentication
from internet consumers & Non-Microsoft
consumers to Microsoft systems
IBM Gateway 7.1DataPower
Single multi-channel gateway platform to secure & optimize delivery
of mobile, API, web, SOA, B2B, cloud apps, and integrate with IBM
MobileFirst & WebSphere platforms
Integrates industry-proven access enforcement capabilities of IBM
Security Access Manager into the DataPower platform, available as
add-on ISAM Proxy Module
IBM DataPower Gateway is the new name of a consolidated,
extensible & modular platform
Converges three existing products, XG45 / XI52 / XB62, into a single
modular offering
Physical appliance uses purpose-built latest generation hardware
platform to provide increased performance & capacity
Virtual appliance runs on VMware & Citrix XenServer hypervisors and
cloud platforms that support them
Easy-to-use & secure B2B integration capabilities, formerly on XB62
appliances only, available as add-on B2B Module
Enable authentication from internet consumers & Non-Microsoft
consumers to Microsoft systems with Kerberos S4U2Self support
Highlights of IBM DataPower Gateway & V7.1
Modules
ISAM Proxy Module User access control, session
management, web SSO
enforcement
Advanced mobile security: mobile
SSO, context-based access, one-
time password, multi-factor authn
Integration w/ ISAM4Mobile
Application Optimization
Module Frontend self-balancing
Backend intelligent load
distribution
Session affinity
z Sysplex Distributor integration
Integration
Module Any-to-Any message
transformation
Database connectivity
Mainframe IMS connectivity
B2B Module B2B DMZ gateway
EDIINT AS1,AS2,AS3,ebXML
Partner profile management
B2B transaction viewer
Any-to-Any message transformation
Database connectivity
TIBCO EMS
Module Integrate with TIBCO EMS
messaging middleware
Support for queues & topics
Load balancing & fault-tolerance
IBM DataPower Gateway (Base)Secure
Authentication, authorization
Security token translation
Service / API virtualization
Threat protection
Message validation
Message filtering
Message digital signature
Message encryption
AV scanning integration
Integrate Transport protocol bridging
Message enrichment
Message transformation &
processing using JavaScript,
JSONiq, XQuery, XSLT
Mainframe integration &
enablement
Flexible pipeline message
processing engine
Control & Manage Service level management
Quota & rate enforcement
Content-based routing
Message accounting
Integration w/ management
& visibility platforms
including IBM API
Management & WSRR for
policy enforcement
Optimize & Offload SSL / TLS offload
Hardware accelerated crypto
JSON, XML offload
JavaScript, JSONiq, XSLT,
XQuery acceleration
Local response caching
Distributed caching w/ XC10
Backend load balancing
(2U Physical or Virtual Edition)
Single, modular & extensible platform
DataPower resources
DataPower on
Slideshare
LinkedInIBM DataPower Gateway Group
developerWorks
Blog
YouTubeIBM DataPower Gateway
Channel
Twitter@IBMGateways
Online User Forum
• YouTube Channel: IBM DataPower Gateways
• Slideshare: IBM DataPower Gateway
• Twitter: @IBMGateways
• LinkedIn Group: IBM DataPower Gateway
• developerWorks blog: IBM DataPower Gateway
• GitHub: IBM DataPower Gateway
• Online User Forum
• Product page on ibm.com
• Product documentation
Who Are W3Partnership?
Background Information:
• W3Partnership is an independent provider of business consulting and Integration expertise
• Specialise in implementing Service Oriented Architecture and the standards and technologies associated with SOA
• Capabilities:
• Project Management, Technical Architecture, Design, Delivery and Support
• Expertise in WebSphere Message Broker (IBM Integration Bus – IIB), WebSphere MQ , IBM DataPower, WebSphere Application Server
• Open Source Middleware WSO2
• JEE, Java, JMS, SOAP, WSDL, XSD, XML, XSLT & BPEL
• Developed:
• Own IP called W3 Pattern Application Developer (W3PAD)
Call to Action
Graham Cunningham IBM SW Business Development 07802 461612 [email protected]
Book a 1-1 Meeting(F-F) or Conference call with Meridan Agenda
Use Case VolumesPayloadsSecurity RequirementsProtocols
OutputsA Business CaseSample ConfigurationImplementation Schedule
• Graham Cunningham IBM SW Business Development 07802 461612 [email protected]
• Marcus Langford Thomas Chief Operations Officer 07572 103794 [email protected]
Contact Details
Visit us at www.w3partnership.com or follow us on:
https://www.linkedin.com/company/w3partnership @w3partnership
Questions
Positioning versus ESB
What is the primaryintegration need?
• IIB for the Integration Bus
• IIB for the integration bus
• Augment and accelerate with DataPower as security & integration gateway
• DataPower as a secure gateway in the DMZ
Integrating a heterogeneous IT
environment i.e. createan integration bus
Secure & optimize delivery of web apps & services to external
consumers/partners in the DMZe.g. edge of network Gateway
Do you require secure connectivity, intelligent load distribution or acceleration between apps & services?
No
Yes
Yes
• DataPower as security & integration gateway
• DataPower as security & integration gateway
• Augment with IIB for broader connectivity
Securing, optimizing & targeted integration to apps or services within
the enterprisee.g. creating an
Integration GatewayYes
Does customer also need a universal connectivity
solution?
No
• Installation, configuration and development experience on XG45, XI50/XI52, and XB60/62
• Previous engagements
• Retail Banks
• Government
• Automotive industry
• Mobile phones retailer
• Credit card company
W3Partnership DataPower credentials
DataPower – Customer Issues
• Users need to architect, design and build common functions on a repetitive basis
• Skilled consultants needs specialist training. A potential inhibitor to fast ROI
• Need to be able to control the versioning of services
– No central control or visibility of interfaces across the enterprise.
– Lack of guidance on implementation of patterns.
• Ease of management in the deployment of services
• Patterns are abstraction mechanisms that can be applied repeatedly for recurring technical challenges
• Patterns enforce architectural standards and principles
• A service pattern defines the architectural standard, structure and technology ready for implementation.
Patterns
W3PAD - Product Capabilities
• Working with patterns• Create new patterns• Load existing patterns• Add new services• Clone patterns• Simply & quickly deploy
services based on existing patterns
• Maintain a record of all services created / deployed (Release Management)