Analyst reaction to Vordel's Cloud Edition Gateway:
Phil Schacter, Vice President and Service Director with Burton Group said "The cloud services market is immature with few standards on how customers establish and control access by their users, and how providers protect information and report activity back to the customer. The concept of an enterprise gateway that connects to all internal and public cloud services accessed by various departments and users is an important innovation that allows a focal point for enforcing policy and auditing usage of services, and that is independent and transparent to specific cloud providers."
http://www.vordel.com/news/press/30_06_09.html
This is the key - an enterprise gateway being the focal point for enforcing policy and auditing usage of services (or "container" in the terminology proposed by Gunnar Peterson) . And it is another kind of point: the pivot point between local applications, Cloud services, and between the Cloud services themselves.
Friday, July 3, 2009
Friday, June 19, 2009
Interoperability - missing in the Cloud?
"There’s no mention of interoperability with other clouds like Google or Salesforce.com; that will have to be left to third parties like Vordel"
From Cloud Computing Journal: http://cloudcomputing.sys-con.com/node/1003149
Besides security, the other big push-back against Cloud Computing is interoperability. Most organizations do not want to have to choose one Cloud Computing vendor exclusively. Certainly, in cases like the US Government (with its new emphasis on Cloud Computing) , using a provider which doesn't explicitly offer interoperability with other providers is unthinkable.
Gateways act as the pivot point between applications and Cloud-based services, as well as between the services themselves. They provide the link from local applications up to the cloud, the "on-ramp". They also mediate between different Cloud providers.
Unfortunately, when a new Cloud Platform doesn't address the interoperability issue, it is adding to the problem, not fixing it. Gateways are the answer to that particular problem.
From Cloud Computing Journal: http://cloudcomputing.sys-con.com/node/1003149
Besides security, the other big push-back against Cloud Computing is interoperability. Most organizations do not want to have to choose one Cloud Computing vendor exclusively. Certainly, in cases like the US Government (with its new emphasis on Cloud Computing) , using a provider which doesn't explicitly offer interoperability with other providers is unthinkable.
Gateways act as the pivot point between applications and Cloud-based services, as well as between the services themselves. They provide the link from local applications up to the cloud, the "on-ramp". They also mediate between different Cloud providers.
Unfortunately, when a new Cloud Platform doesn't address the interoperability issue, it is adding to the problem, not fixing it. Gateways are the answer to that particular problem.
Tuesday, June 16, 2009
Cloud Governance and Security
Today in IBM DeveloperWorks - Cloud Governance and Security
Covers applying policy to Amazon services, Force.com, client-side and "cloud-side" governance, and the role of the Gateway as a Cloud on-ramp.
Covers applying policy to Amazon services, Force.com, client-side and "cloud-side" governance, and the role of the Gateway as a Cloud on-ramp.
Wednesday, June 10, 2009
SOA at the Federal Aviation Administration (FAA)
Government Computing News (GCN) covers this story about the selection of Vordel Gateways by the FAA, for its SWIM (System Wide Information Management) project. A lot more information on SWIM is available online (e.g. this IEEE paper). It is great to see a governement agency really using SOA to link systems together and save costs.
Tuesday, June 9, 2009
Who's been using my services? (and what response times did they experience?)
It is frightening to think about how many organizations deploy SOA (or even "just a bunch of Web Services") but have no idea about how the services are being used, who is using them, what the service uptime is, and what response times their clients are experiencing. Visibility is a big issue for SOA.
This is why we build VordelReporter. By sourcing its information from Vordel Gateways, it allows administrators to see in real-time who is using services. They can drill into individual gateways in order to see the usage and performance of services which are in that Gateway's sphere of control.
Using Gateways for SOA visibility is non-invasive, requiring no changes to the services themselves. By using the information from a product which is already deployed, the XML Gateway, it removes the danger of creating a new, standalone "SOA Governance silo".
You can do neat things like discover if a service is not performing to its SLA, and then take remedial action by offloading its XML processing on the Vordel Gateway where it benefits from XML Acceleration. Then you can see in real-time how the service response time increases. So you're actually solving a problem, using products which also perform other functions (acceleration, protocol mediation, content inspection) rather than just putting a "governance silo" in place for its own sake. With Gateways, if you discover that a service is running slowly, you an solve the problem by offloading processing onto the Gateway. With a standalone "SOA Governance silo", you can discover that a service is running slowly, but that is that.
Here's a short video showing the drill-down from a SOA topology, to a Gateway, to individual service invocations:
Paradoxically, one great feature of VordelReporter is that you don't even have to view its reports. How is that possible? The answer is that because VordelReporters real-time monitoring sources data from Vordel Gateways via a secured REST-ful pipe (here we are eating our own dogfood), can also simply send the metrics to products such as Oracle Enterprise Manager. This also helps SOA visibility, and is another example of using existing infrastructure rather than creating a "SOA Governance silo".
Tony Baer put it well back in January:
"...we also believe that the run-time governance of SOA or services cannot be divorced from the physical aspects of running IT infrastructure. Service level management of SOA services is directly impacted by how effectively IT delivers business services, which is the discipline of IT Service Management (ITSM). When there is a problem with publishing a service, it should become an incident that is managed, not within its own SOA cocoon, but as an IT service event that might involve problems with software or infrastructure."
http://www.sandhill.com/opinion/daily_blog.php?id=1&post=488
More on VordelReporter here
This is why we build VordelReporter. By sourcing its information from Vordel Gateways, it allows administrators to see in real-time who is using services. They can drill into individual gateways in order to see the usage and performance of services which are in that Gateway's sphere of control.
Using Gateways for SOA visibility is non-invasive, requiring no changes to the services themselves. By using the information from a product which is already deployed, the XML Gateway, it removes the danger of creating a new, standalone "SOA Governance silo".
You can do neat things like discover if a service is not performing to its SLA, and then take remedial action by offloading its XML processing on the Vordel Gateway where it benefits from XML Acceleration. Then you can see in real-time how the service response time increases. So you're actually solving a problem, using products which also perform other functions (acceleration, protocol mediation, content inspection) rather than just putting a "governance silo" in place for its own sake. With Gateways, if you discover that a service is running slowly, you an solve the problem by offloading processing onto the Gateway. With a standalone "SOA Governance silo", you can discover that a service is running slowly, but that is that.
Here's a short video showing the drill-down from a SOA topology, to a Gateway, to individual service invocations:
Paradoxically, one great feature of VordelReporter is that you don't even have to view its reports. How is that possible? The answer is that because VordelReporters real-time monitoring sources data from Vordel Gateways via a secured REST-ful pipe (here we are eating our own dogfood), can also simply send the metrics to products such as Oracle Enterprise Manager. This also helps SOA visibility, and is another example of using existing infrastructure rather than creating a "SOA Governance silo".
Tony Baer put it well back in January:
"...we also believe that the run-time governance of SOA or services cannot be divorced from the physical aspects of running IT infrastructure. Service level management of SOA services is directly impacted by how effectively IT delivers business services, which is the discipline of IT Service Management (ITSM). When there is a problem with publishing a service, it should become an incident that is managed, not within its own SOA cocoon, but as an IT service event that might involve problems with software or infrastructure."
http://www.sandhill.com/opinion/daily_blog.php?id=1&post=488
More on VordelReporter here
Monday, May 25, 2009
SOA Visibility
This video shows how VordelReporter provides visibility on SOA traffic, including service response times and usage patterns. You can drill into particular services, in order to see reports on usage, uptime, and response times. New in v5.2, you also can view the Real-Time Monitoring statistics, live on the screen.
Friday, May 15, 2009
(SOA is Dead) is Dead?
Joe McKendrick blogs about the report from Randy Heffner at Forrester about perceptions of SOA methodology (e.g. "only one percent of current SOA adopters say they have received little or no benefit from the methodology").
The key word in the paragraph above is "methodology". There has been cynicism of SOA in organizations where products such as Registries or Agent-based SOA Governance tools were put in place, but then were not used or, if they were used, did not perform. That is the fault of thinking "let's buy this product and then we are doing SOA". However, SOA is a methodology. Breaking out re-usable components, and then creating services which can actually be used by other application is the key. There is a widespead agreement that SOA is a good methodology. But throwing registries or agents at the architecture doesn't help, without this methodology in place.
The other reason for cynicism has been the proliferation of SOA "silos" within larger organization. For example, in the government area, there has been a tendency to say "SOA is great, we'll have 100 of them". And then those silo-ed SOAs do not link together. That's where XML Networking products like an XML Gateway come in, by providing the backbone for SOA. That also allows SOA methodology to be effectively applied not only in silos, but across the organization.
The key word in the paragraph above is "methodology". There has been cynicism of SOA in organizations where products such as Registries or Agent-based SOA Governance tools were put in place, but then were not used or, if they were used, did not perform. That is the fault of thinking "let's buy this product and then we are doing SOA". However, SOA is a methodology. Breaking out re-usable components, and then creating services which can actually be used by other application is the key. There is a widespead agreement that SOA is a good methodology. But throwing registries or agents at the architecture doesn't help, without this methodology in place.
The other reason for cynicism has been the proliferation of SOA "silos" within larger organization. For example, in the government area, there has been a tendency to say "SOA is great, we'll have 100 of them". And then those silo-ed SOAs do not link together. That's where XML Networking products like an XML Gateway come in, by providing the backbone for SOA. That also allows SOA methodology to be effectively applied not only in silos, but across the organization.
Thursday, May 14, 2009
White House mandate for Cloud Computing
The White House has released a budgeting document which includes a mandate for US Federal Govt usage of Cloud Computing. The document notes that "Businesses facing market pressures from which the Government is more insulated are forced to innovate, adopting emerging technologies with agility, to achieve maximum efficiency. Where appropriate, the Government needs to adopt innovations with the same agility."
http://www.whitehouse.gov/omb/budget/fy2010/assets/crosscutting.pdf
I've added emphasis to some of documents recommendations on Cloud Computing:
Pilot projects will be implemented to offer an opportunity to utilize more fully
and broadly departmental and agency architectures to
identify enterprise-wide common services and solutions,
with a new emphasis on cloud-computing. The pilots will
test a variety of services and delivery modes, provisioning
approaches, options, and opportunities that cloud computing
brings to Federal Government. Additionally,
the multiple approaches will focus on measuring service,
cost, and performance; refining and scaling pilots to full
capabilities; and providing financial support to accelerate
migration. These projects should lead to significant savings,
achieved through basic changes in future Federal
information infrastructure investment strategies and
elimination of duplicative operations at the agency level.
Cloud-computing is a convenient, on-demand model for
network access to a shared pool of configurable computing
resources (e.g., networks, servers, storage, applications,
services) that can be rapidly provisioned and released with
minimal management effort or service provider interaction.
The cloud element of cloud-computing derives from
a metaphor used for the Internet, from the way it is often
depicted in computer network diagrams. Conceptually
it refers to a model of scalable, real-time, internet-based
information technology services and resources, satisfying
the computing needs of users, without the users incurring
the costs of maintaining the underlying infrastructure.
Examples in the private sector involve providing common
business applications online, which are accessed from a
web browser, with software and data stored on the “cloud”
provider’s servers.
Implementing a cloud-computing platform incurs different
risks than dedicated agency data centers. Risks
associated with the implementation of a new technology
service delivery model include policy changes, implementation
of dynamic applications, and securing the dynamic
environment. The mitigation plan for these risks depends
on establishing a proactive program management office to
implement industry best practices and government policies
in the management of any program. In addition, the
Federal community will need to actively put in place new
security measures which will allow dynamic application
use and information-sharing to be implemented in a secure
fashion. In order to achieve these goals, pilot programs will
provide a model for scaling across the Government.
It is good that the risks are being noted up-front. But, it seems to me like a "jump over to the cloud" approach - rather than identifying current government applications and surgically adding Cloud Computing components to them. For some of the pilots which the document mentions, I'd like to see examples of current applications which are made more "elastic" (adding capacity quickly) or more cost-effective through the usage of Cloud Computing. It can't be only "let's create pilot programs which are only Cloud-based". I've written about this model - combining traditional applications with the Cloud - here in this IBM DeveloperWorks article: Connecting to the cloud, Part 1: Leverage the cloud in applications (and Part 2 of the IBM DeveloperWorks series, which includes a sample application and source code). This is the kind of thing I'd like to see the govt doing.
And what about interoperability between Cloud platforms? "Imagine a federal mandate advocating cloud interoperability among any federal cloud vendors?" - Bob Marcus of the OMG, quoted by Reuven Cohen:
http://www.elasticvapor.com/2009/05/white-house-leading-cloud-computing.html
http://www.whitehouse.gov/omb/budget/fy2010/assets/crosscutting.pdf
I've added emphasis to some of documents recommendations on Cloud Computing:
Pilot projects will be implemented to offer an opportunity to utilize more fully
and broadly departmental and agency architectures to
identify enterprise-wide common services and solutions,
with a new emphasis on cloud-computing. The pilots will
test a variety of services and delivery modes, provisioning
approaches, options, and opportunities that cloud computing
brings to Federal Government. Additionally,
the multiple approaches will focus on measuring service,
cost, and performance; refining and scaling pilots to full
capabilities; and providing financial support to accelerate
migration. These projects should lead to significant savings,
achieved through basic changes in future Federal
information infrastructure investment strategies and
elimination of duplicative operations at the agency level.
Cloud-computing is a convenient, on-demand model for
network access to a shared pool of configurable computing
resources (e.g., networks, servers, storage, applications,
services) that can be rapidly provisioned and released with
minimal management effort or service provider interaction.
The cloud element of cloud-computing derives from
a metaphor used for the Internet, from the way it is often
depicted in computer network diagrams. Conceptually
it refers to a model of scalable, real-time, internet-based
information technology services and resources, satisfying
the computing needs of users, without the users incurring
the costs of maintaining the underlying infrastructure.
Examples in the private sector involve providing common
business applications online, which are accessed from a
web browser, with software and data stored on the “cloud”
provider’s servers.
Implementing a cloud-computing platform incurs different
risks than dedicated agency data centers. Risks
associated with the implementation of a new technology
service delivery model include policy changes, implementation
of dynamic applications, and securing the dynamic
environment. The mitigation plan for these risks depends
on establishing a proactive program management office to
implement industry best practices and government policies
in the management of any program. In addition, the
Federal community will need to actively put in place new
security measures which will allow dynamic application
use and information-sharing to be implemented in a secure
fashion. In order to achieve these goals, pilot programs will
provide a model for scaling across the Government.
It is good that the risks are being noted up-front. But, it seems to me like a "jump over to the cloud" approach - rather than identifying current government applications and surgically adding Cloud Computing components to them. For some of the pilots which the document mentions, I'd like to see examples of current applications which are made more "elastic" (adding capacity quickly) or more cost-effective through the usage of Cloud Computing. It can't be only "let's create pilot programs which are only Cloud-based". I've written about this model - combining traditional applications with the Cloud - here in this IBM DeveloperWorks article: Connecting to the cloud, Part 1: Leverage the cloud in applications (and Part 2 of the IBM DeveloperWorks series, which includes a sample application and source code). This is the kind of thing I'd like to see the govt doing.
And what about interoperability between Cloud platforms? "Imagine a federal mandate advocating cloud interoperability among any federal cloud vendors?" - Bob Marcus of the OMG, quoted by Reuven Cohen:
http://www.elasticvapor.com/2009/05/white-house-leading-cloud-computing.html
Tuesday, May 12, 2009
Breaking the rules
The first sentence of Malcolm Gladwell's piece in this week's New Yorker on "When David beats Goliath - When underdogs break the rules" starts:
"When Vivek Ranadivé decided to coach his daughter Anjali’s basketball team, he settled on two principles."
At this point, like any tech professional, I thought "Is that Vivek Ranadivé from TIBCO?". And, when I flicked a couple of pages further to check, sure enough it is Vivek Ranadivé the CEO of TIBCO.
Well worth reading the article. Gladwell talks about how the "full press" strategy for basketball, while not pretty, can unsettle more skilful opponent team and allow the underdog to win. Gladwell uses a number of analogies, such as Laurence of Arabia's campaign against the Ottoman Empire, though I'd say a glaring omission is Jack Charlton's "Put them under pressure" strategy for the Republic of Ireland team in the Italia '90 World Cup campaign. That strategy was based on harassing the other team into losing the ball, and generally closing down the other team and not letting them play. It meant that the Irish team did much better than expected, reaching the quarter finals versus Italy in Rome. However, the strategy fell down when the other team didn't play (witness the notorious game versus Egypt) but it generally worked well. But, as Gladwell asks, what if every team did this? I think the secret is practice, attitude and training, something which is a common thread with Gladwell (that practice, training, and attitude trump talent - e.g. the Beatles spent a year performing 8-hour sets in Hamburg in order to hone their art). Not every team gets the attitude right, and that's what Ranadivé instilled.
"When Vivek Ranadivé decided to coach his daughter Anjali’s basketball team, he settled on two principles."
At this point, like any tech professional, I thought "Is that Vivek Ranadivé from TIBCO?". And, when I flicked a couple of pages further to check, sure enough it is Vivek Ranadivé the CEO of TIBCO.
Well worth reading the article. Gladwell talks about how the "full press" strategy for basketball, while not pretty, can unsettle more skilful opponent team and allow the underdog to win. Gladwell uses a number of analogies, such as Laurence of Arabia's campaign against the Ottoman Empire, though I'd say a glaring omission is Jack Charlton's "Put them under pressure" strategy for the Republic of Ireland team in the Italia '90 World Cup campaign. That strategy was based on harassing the other team into losing the ball, and generally closing down the other team and not letting them play. It meant that the Irish team did much better than expected, reaching the quarter finals versus Italy in Rome. However, the strategy fell down when the other team didn't play (witness the notorious game versus Egypt) but it generally worked well. But, as Gladwell asks, what if every team did this? I think the secret is practice, attitude and training, something which is a common thread with Gladwell (that practice, training, and attitude trump talent - e.g. the Beatles spent a year performing 8-hour sets in Hamburg in order to hone their art). Not every team gets the attitude right, and that's what Ranadivé instilled.
Thursday, May 7, 2009
CSO Magazine on Vordel rollout for SOA Security in the banking sector
Check out CSO Magazine's profile of how EBS has secured its SOA. In addition to the online story, there is a podcast / audio recording of an interview with David Yeates, whose responsibility it was to secure the SOA infrastructure.
There is a wealth of great information and advice in this case study. For example:
- "...the internal network has also to be considered a dirty environment."
- "A process-driven development creates dynamic applications where business processes can be easily created and changed. This presents major change management, service management and compliance challenges for an organization. Transactional security becomes very complex, very fast."
- "The strongest approach was to embed security within the services infrastructure itself, provide consistent security policy enforcement and to protect all endpoints, not just the perimeter."
More on why Vordel was chosen to secure this infrastructure, on Page 2 of the CSO Online article.
There is a wealth of great information and advice in this case study. For example:
- "...the internal network has also to be considered a dirty environment."
- "A process-driven development creates dynamic applications where business processes can be easily created and changed. This presents major change management, service management and compliance challenges for an organization. Transactional security becomes very complex, very fast."
- "The strongest approach was to embed security within the services infrastructure itself, provide consistent security policy enforcement and to protect all endpoints, not just the perimeter."
More on why Vordel was chosen to secure this infrastructure, on Page 2 of the CSO Online article.
Wednesday, May 6, 2009
Vordel chosen for Federal SOA Implementations
Saturday, April 11, 2009
Cloudy Links
Three cloud-y links on a cloudy day in Boston:
- The cloud.com domain is to be auctioned:
http://domainnamewire.com/2009/03/24/meetupcom-founder-puts-cloudcom-on-the-block/
- A photograph of a Google server, which includes a 12 volt battery as a neat UPS solution, as opposed to relying on a central data center UPS:
One of the more surprising innovations of Google's server design -- seen here in a CNET photograph -- appears to be rather mundane: The company's custom-designed server hardware includes a 12-volt battery that functions as an uninterruptible power supply. This obviates the need for a central data center UPS, which turns out to be less reliable than on-board batteries.
From http://www.informationweek.com/news/internet/google/showArticle.jhtml?articleID=216500267
and finally:
- Two lawyers write about E-Discovery and the Cloud
"...this technological revolution means new e-discovery challenges are on the horizon for lawyers as clients move discoverable electronically stored information from their own networks to networks controlled by someone else."
- The cloud.com domain is to be auctioned:
http://domainnamewire.com/2009/03/24/meetupcom-founder-puts-cloudcom-on-the-block/
- A photograph of a Google server, which includes a 12 volt battery as a neat UPS solution, as opposed to relying on a central data center UPS:
One of the more surprising innovations of Google's server design -- seen here in a CNET photograph -- appears to be rather mundane: The company's custom-designed server hardware includes a 12-volt battery that functions as an uninterruptible power supply. This obviates the need for a central data center UPS, which turns out to be less reliable than on-board batteries.
From http://www.informationweek.com/news/internet/google/showArticle.jhtml?articleID=216500267
and finally:
- Two lawyers write about E-Discovery and the Cloud
"...this technological revolution means new e-discovery challenges are on the horizon for lawyers as clients move discoverable electronically stored information from their own networks to networks controlled by someone else."
Subscribe to:
Posts (Atom)
