SOA in Action

Fellow ebizQ community activist Brenda Michelson provides a glimpse of panels the SOA Consortium will be hosting at the impending Gartner AADI and EA (Application Architecture, Development, and Integration and Enterprise Architecture) Summits, to be held in O-Town, FLA.

Todd Biske will be involved with both panels, so you know it will be good -- extremely reasoned and informative.

On Wednesday, June 11 at AADI, Todd, along with Melvin Greer and Mike Tavis, will be talking about measuring the value of SOA. The panel, to be moderated by Gartner's Daniel Sholler and SOA Consortium's Richard Soley, will explore companies' experiences in justifying and measuring the value of their SOA activities, including developing initial business cases and continuously demonstrating the benefits.

On Friday, 13 June at EA, John Williams, Maja Tibbling and Marty Colburn will join Todd to discuss SOA & EA lessons learned from the trenches. This panel will be moderated by Gartner's Bruce Robertson and Richard Soley. Panelists will look at the links, synergies and dependencies between SOA and EA. They will address the big question of the moment: How does SOA fit into the EA picture?

_____________________________________________________________________

Posted by joemckendrick in Management • SOA • SOA Events • SOA Research and Analyst Reports  |  Permalink  | Comments (0)  | TrackBacks (0)

The foundation of any SOA effort is the connectivity underneath that brings together all the IT resources needed to bear. On June 4, ebizQ will presenting the next in its series of virtual conferences, "Connectivity in Action."

Enterprise connectivity is almost synonymous with MQ, the backbone from IBM that almost single-handedly created this market. In fact, the occasion for this conference is the 15th birthday of MQ.

As IT veterans may recall, the early 1990s were heady days when systems designers just started out figuring ways to integrate the proliferations of different vendors' platforms that were proliferating. In those days, I was director of an international management association, and we ran our operations off two systems -- and IBM S/36 midrange for membership and product sales files and reports, and a Novell-based PC network for special projects and conference management. Our managers had two screens and keyboards for two separate systems at their desks. The world has come a long way since then, of course. If I still ran the association today, it would be extremely virtual.

Of course, my challenge was relatively tame compared to many large organizations that have multiple back-end systems and hundreds, if not thousands of applications scattered across their enterprises. For these companies, MQ provided a way to weave this fabric together. That's why it's only appropriate that we hear from IBM's MQ gurus to start the day. In a panel discussion, IBM's Dermot Flaherty, Ben Mann, Andrew Bainbridge, and Morag Hughson will discuss the technical issues around enterprise messaging.

The panel discussion will be followed by Larry Fulton, senior analyst at Forrester, who will examine the steps required to build a modern SOA infrastructure and will discuss how to integrate assets with the right Quality of Service to match business needs while addressing scalability, transactional integrity, low latency, Web 2.0 technology, and much more.

Ben Mann, Worldwide WebSphere MQ Product Manager, will discuss the future of WebSphere MQ, as well as issues when connecting wide-ranging assets, such as qualities of service, heterogeneous platforms, and application support.

Marc-Thomas Schmidt, distinguished engineer with IBM, will talk about the MQ-ESB connection, and will describe the demands for a federated model and how governance, security, and management will be required to build a successful federated model.

The conference will wrap up with a customer panel discussion, featuring the senior technical managers of Nationwide Insurance, Department of Massachusetts, and the New York Power Authority. Panelists will describe the types of connectivity solutions these organizations have deployed, what they learned along the way, what obstacles they encountered and how they overcame them, and what they consider the most critical success factors were.

Be sure to check in on June 4 for ebizQ's Connectivity in Action virtual conference.

_____________________________________________________________________

Posted by joemckendrick in SOA Events  |  Permalink  | Comments (0)  | TrackBacks (0)

There are two types of events that fit into enterprise event processing scenarios -- those that matter to IT, and those that matter to the business. While many organizations seem to have a good grasp on managing IT events -- such as a server crashing -- few are ready to handle business events. But this is changing.

In his keynote presentation at ebizQ's recent Event Processing conference, Forrester's Charles Brett described how business event processing is the next great horizon for business, but is fraught with many challenges. (Replay and transcript of Brett's talk here.) The important challenge for organizations is to "understand which events matter," he said, adding that "some people think that all events matter." Those businesses that can successfully leverage event processing are those that can identify the events that have the greatest impact.

This ability rests with the business, not IT, he adds:

"IT doesn't necessarily know which events exist in the business and which ones could be used, or which are more relevant, or which are less relevant. Indeed, one the big dangers in event processing is one could have too many events many of which may not actually have a great deal of relevance."

Brett outlined some scenarios where business event processing can make a difference. For example, if a customer didn't buy something its stops halfway through a transaction, it pays to understand why this happened.

Or, if "a financial exchange came to a halt because they didn't know that something wasn't happening. They thought they knew what was happening; all systems showed green but an event screen wasn't coming through and the exchange grind to halt." Employing event processing to walk them through the chain of events can help prevent this disruption from happening again.

Predictive analysis run against an event engine can help schedule field service calls to improve the uptime of critical services to customers.

Such "non-IT events" businesses need to process and digest may come from sensors, signaling, production lines, and other sources inside the company, as well as outside sources such as radio, television, news channels, weather channels, Websites, and GPS, Brett says. Such events are "the ones that haven't been processed in the past but will be in the future."

The best way to capture business events and direct them to business managers is through Business Activity Monitoring (BAM), Brett says. "BAM is really about taking events and raising them to a level that decision-makers or people who have responsibility for taking actions can do something."

BAM is used for real-time analytics, "not only for processing and analyzing of event data, but also to feed visual dashboards and the like in order that people can see what is going on within the business -- very much intended for business users," he continued. BAM is still relatively new on the scene, and will take time to fully integrate into the business. The challenge with BAM is to avoid overwhelming business users with information, or alternately, reducing information about events to "such simplistic levels that it's just ignored."

While some analysts say event processing is a natural extension of SOA, Brett feels that Integrating event processing capabilities into some earlier SOA implementations may prove difficult. SOA-based services "can be picked up by event processing and similarly when an event processing engine emits events out of on the downstream side, there's no reason why services shouldn't pick it up. So there's no architectural reason why they shouldn't fit together. The question really is going to be how the services were originally designed, architected, and delivered."

A replay and transcript of Brett's talk is available here.

______________________________________________________________________

Posted by joemckendrick in Event Processing • SOA Events • SOA Research and Analyst Reports  |  Permalink  | Comments (1)  | TrackBacks (0)

Financial services companies have had a tough ride over the past year, so anything that can be done to better take advantage of their information technology assets to streamline operations and increase the situational awareness and agility of the business is a good thing. That's where SOA and business process management (BPM) come in.

JPMorgan Chase, of course, is right at the epicenter of the financial storm that has been ravaging the industry, and the company's dominance and stability is due in no small part to its ability to smartly leverage SOA and BPM.

At ebizQ's recent Financial Services Live Panel, Ron Ambuter, CTO of the BPM Workstream Group at JPMorgan Chase, described how his company has been able to adapt and adopt technology and methodologies to help reduce costs, improve customer experiences, and maintain a competitive edge. Ronan Bradley, analyst with Lustratus Research and former CEO of PolarLake, led the discussion, and was joined by Keith Swenson, chief architect at Fujitsu Computer Systems, and Hub Vandervoort, CTO of Progress Software. (Archived recordings and transcript available here.)

Ambuter described how JPMorgan Chase was interested in the concept of reusability, which would help the organization "get better leverage out of the efforts that we were making to build and buy applications by reusing components instead of rebuilding and rebuying them over and over again."

With the troubles the industry has been having around subprime mortgages, writedowns, and tighter credit, it's likely

regulation and oversight will only increase, particularly in regards to risk management. Bradley questioned whether the prevalence of regulation holds back or encourages SOA adoption. Ambuter said regulatory mandates have accelerated his company's drive to SOA, noting that "the concept of SOA allows us to react probably quicker, and more expeditiously, more cost effectively."

The panel also discussed the challenges around extending managing services and infrastructure across multiple groups within organizations. Financial services organizations, of course, typically have multiple lines of business, from securities to brokerages to mortgages. Ambuster explained that organizational issues were his greatest challenge as well in implementing a cohesive SOA and BPM strategy at JPMorgan Chase. "We have rules and responsibilities that are compartmentalized by groups of folks, and we realize that as you go into this stuff, education and cross-pollination of information is critically important. It's not just the technology folks that need to understand this stuff, it's the risk folks, and it's the governance folks and it's the finance folks, and it's the business side folks."

Vandervoort agreed that "it's easy to get bogged down in trying to get alignment on a lot of different points across all the groups." He recommended three approaches to the problem, including "getting your transports aligned between business entities so that you can use eventing-oriented mechanisms to communicate across domains"; establishing SLA and security policies that ensure visibility; and establishing a common enterprise data model.

"You have to get your semantics aligned among the members," he said. "And that doesn't have to be a common vocabulary in its entirety, but certainly what we regard as the data in flight, those things that fly between domains and different working groups have to be highly normative."

Aligning SOA and BPM is also important. "While SOA is basically a technology trend, BPM is essentially a management trend," said Swenson. "A lot of people look at BPM and they get confused between the management trend and the technology trend. A lot of technology product companies have looked at BPM and looked only at the technology and come up with a kind of a programming language that they claim to solve the problem, which is great for the IT side of the house, but it leaves the business side out of this. As far as the adoption of BPM goes, one of the biggest barriers to adoption of the real business process is essentially the fear that the manager will lose control of the process."

Complex event processing is also a key initiative financial services companies need to undertake. As Vandervoort observes, "financial services is moving kind of in a logarithmic increase in velocity... things are ten times faster than they were a decade ago. When you go from three days order to settlement or trade to settlement to now under two hours trade to settlement, if I'm doing nightly reporting, I'm way out of alignment. Whereas ten years ago, that was three times faster than the speed of the pipeline. Today, you the ability to run awry in risk, terms, and exposure terms has been seen multiple times in the industry in recent years."

For companies seeking to increase agility and be more responsive to these highly competitive markets -- not just in financial services -- the combination of SOA and BPM can break down the constrictive silos that cut off essential data and processing resources.

____________________________________________________________________

Posted by joemckendrick in Business Process Management • Data Management • Event Processing • Management • SOA • SOA Events  |  Permalink  | Comments (0)  | TrackBacks (0)

Complex events "can be anything from a sequence of temperature readings to something like the First World War, which was a very complex event indeed." -Dr. David Luckham

David Luckham -- considered the "father of complex event processing" -- recently joined Dr. K. Mani Chandy, Rodney Morrison, and Beth Gold-Bernstein for an informative panel discussion on the relationship between EDA (Event Driven Architecture) and SOA. The panel, part of ebizQ's recent Event Processing Virtual Conference, which brought together the leading thinkers and proponents of EDA and Complex Event Processing (CEP).

The panelists were divided, however, over the extent of the role of human involvement in complex events.

Chandy, for example, said that human engagement is essential at some point in the complex event processing cycle. "I’ve seen quite a few applications, but almost none in which there is no human involved" For example, Chandy said, "in military applications, when there is a gun or device is fired to kill somebody. It’s always done with a human being responsible for their final action."

As Chandy pointed out:

"I think its absolutely critical for human beings to be part of this sense and respond system. It's important how the application supports the human being if you're looking at trading or fraud detection. In all these cases, its really important to have a human being involved. Fraud is one case where you might have an application that informs a credit card user that something inappropriate may be going on, without having a human being first check that."

Luckham, however, pointed out that there are many events are processed independent of human intervention. "There are many examples of event driven architectures where there are absolutely no humans whatever," he said. "The CPU on your computer is an event driven architecture, believe me. And its entirely event driven, clocked, without a human in the loop.

EDA is part of SOA on two different levels, Chandy said:

"One way that I’ve seen EDA used in conjunction with SOA is for service management. Many SOA vendors are exposing metrics that can give you information like end to end process time and activity times. Those metrics can be provided to a CEP system to help control and manage those services. I can, for example, do dynamic provisioning for a service that's getting maxed out."

Chandy also connected the dots between EDA and SOA. "If SOA means loosely coupled subsystems with very clean interfaces, so that new systems could be coupled into the substrate. Then EDA events fit within that framework, because EDA is also based on a loose framework, and is extensible." In a request-reply SOA scenario, "then EDA can still be coupled. There will be layering between the push and the pull parts."

_____________________________________________________________

Posted by joemckendrick in Business Process Management • Event Processing • SOA • SOA Events  |  Permalink  | Comments (0)  | TrackBacks (0)

Behold the zebra in the wild savanna -- when a it senses the presence of a lion, it knows to run away, as fast as it can. When it senses food supplies, it knows to act.

Do today's companies have this much situational awareness, and an ability to act quickly to survive and thrive? Not yet, but thanks to new approaches such as complex event processing, they're getting there, according to Gartner VP Roy Schulte. "We can teach computers to do what a zebra does," Roy said. "To collect and process event data to respond quickly and effectively."

In his keynote kicking off ebizQ's recent Event Processing virtual conference, Schulte broke down the essential pieces of complex event processing, and describing how businesses can leverage CEP, or being able to act, in real time, on multiple streams of event data flowing in from different parts of the enterprise. "The value of complex event processing, overall, can be summarized as improving situation awareness. Simply put, that is just knowing what is going on, so you can figure out what to do." The benefits of complex event processing, Schulte said, include better decision quality, faster response times, reduced information glut, and reduced costs.

Schulte defined a business event as a "meaningful change in a state that is something that is relevant to the business. Examples include depositing or withdrawing money from a bank, submitting a purchase order, or hiring an employee." There is also a second term, "event object," that describes how the event is packaged for processing, typically as an XML document these days. "We have to record events using event objects so computers can receive them and do computations on those events," Schulte said.

However, while all companies have always been event driven -- with millions, if not billions, of events in a single day, most events are still handled manually, by people, not computers. "At any one second, a large company has on its network anywhere from 10,000 to 10 billion business events," Schulte explained. "At the low end, that's almost a billion events per day -- at the high end, that’s almost a trillion events per day."

The challenge is that most of the stovepiped and legacy applications that power enterprises are not yet event driven, Schulte observes.

But there's great practicality in automating the ability to capture and make decisions on multiple event streams coming into the core business systems, Schulte says. "For example, you can have a complex event that says, ‘this mornings sales were 30% above our daily average.' That of course is much easier to digest and act on than sending a person 500 detailed sales records, and making the person compute what happened that day manually."

The growing array of sensors, such as RFID tags, combined with front-end systems such as business activity monitoring (BAM) dashboards make complex event processing a reality with today's technology, Schulte points out.

"In many cases, the complex event processing system Is just a front end being used for decision support. The output of the CEP engine is sent to a person through a BAM dashboard, or through an alert such as email or SMA or an Atom or RSS feed. in this case, we have a two-stage computation. In the first stage we’re using a computer to narrow down the data. And in the second stage, we still have a person involved to do the final analysis.

"An application system, or some other device or some other system, detects the event, and generates a message or a notification that is sent to a person. That notification is the event object or event report sent in the form of a message through message-oriented middleware, RSS, a Web service, or an email, or some other communication mechanism. The response to an event may be a manual activity, done by a person or it may be a SOA service or business process or some other application."

However, things could get interesting as CEP systems develop, Schulte added. Namely, the need for human processing could be taken out of the equation all together. "We can bypass that person entirely; we can build enough smarts into the complex event processing engine to determine the specific response that is needed."

Schulte provided a working example of complex event processing in action within the airline industry:

"In large airlines, there is an event oriented middleware that... acts as an enterprise nervous system. Information from hundreds of sources, including sensors on board the aircraft, information coming in from the FAA, and information coming in from standard systems is sent to the enterprise nervous system, and is temporarily stored in event databases. It helps to create the data, the outgoing alerts and notifications that is sent to hundreds of applications on the consuming side to respond to threat and opportunity situations as they emerge. By having information quickly, each of these systems in their respective departments can respond faster. ...Information helps the fueling and maintenance management applications to change their schedules and so forth. By using an event based system, the turnaround time of each plane can be shortened… Fewer airplanes are needed to handle the same schedule."

______________________________________________________________________

Posted by joemckendrick in Business Process Management • Data Management • Event Processing • Management • SOA • SOA Events • SOA Research and Analyst Reports  |  Permalink  | Comments (0)  | TrackBacks (0)

Everyone considers their systems to be "special" in many ways. They represent years of planning, installations, and modifications. However, sometimes "specialness" can get in the way of the ability to deliver agility and flexibility to business clients.

At the recent Tibco TUCON users' conference in San Francisco, Allstate's vice president of technical solutions, Anthony Abbatista, described how his company managed to automate most of its systems and processes in the 1960s and 1970s with what was in it's time a new generation of "special applications." Everything from policy administration to underwriting was captured on the company's array of mainframe computers.

Of course, application designers in these first waves of automation could never have imagined the uses that their systems would be getting nowadays. They never could have envisioned parts of these systems being opened up to the world via the Web.

These systems, Abbatista explained, were all hand-crafted and hand-coded. Commercial off-the-shelf applications just didn't exist in the 1960s and 1970s. However, the Allstate commitment to rolling its own applications continued right up to recent years. At Allstate everything was custom-built, "and we were proud of that," he said. "everything was very 'special,' with limited reuse."

Adding to the complexity and inflexibility, the company had a plethora of systems and vendors for the commercial solutions it did start buying. "Up until five years ago, we never met a software vendor we didn't like," Abbatista said.

The company, which now has $156 billion in assets and 17 million customers, always had plenty of resources for information technology. However, the company needed more responsive and agile IT solutions to succeed in an increasingly competitive environment for the insurance industry.

"When I first arrived at Allstate, we had three to five different integration platforms," Abbatista related. "We had an executive IT board that mirrored the military model, run by 'generals.' We had an abundance of point-to-point integration."

Allstate knew that it needed to embark on a more consolidated, service oriented architecture if its systems were to continue to deliver value.

Areas being modernized include claims processing, which was spread across nine different mainframe-based silos tied together by custom-built middleware. The company employed a standard enterprise service bus to handle claims processing through a single interface across the entire enterprise.

Another initiative was to establish a common integration layer for the company's fast-growing data environment. "Our data hubs are growing 30%-40% a year," Abbastista said. The company also pared down its vendor list to a "handful of strategic partners," numbering 12 to 15 vendors, he said.

Changing the organizational culture was another challenge, Abbatista remarked. "We had to make a substantial commitment to technology, skills, and also selling integrated teams that we had a better approach," he said. SOA governance was also tied to the operations of the procurement organization. This helped provide better visibility of available services, as well as increase reuse, he said. "How many error-logging services did we really need?" he asked.

______________________________________________________________________

Posted by joemckendrick in Case Study • Management • SOA • SOA Events  |  Permalink  | Comments (0)  | TrackBacks (0)

Does your SOA initiative remind you more of the gunslinging, saloon-brawling days of the Wild West than of the intrepid pioneers?

Don't feel bad -- most companies are still struggling to tame their Wild West SOA frontiers. The right approaches and solutions can help keep rogue services at bay, while delivering greater value from reusable assets.

I will be joining Christian Hastedt Marckwardt, solution marketing director with SAP, on Tuesday, April 29, at Noon Eastern Time in a special Webinar to discuss the results of a new ebizQ-SAP survey on SOA governance trends and practices.

The survey explored the depth of SOA and SOA governance at organizations. Be sure to join us for a compelling hour, as well as receive a complimentary copy of the complete survey results!

______________________________________________________________________

Posted by joemckendrick in Management • SOA • SOA Events • SOA Research and Analyst Reports • SOA Vendors  |  Permalink  | Comments (0)  | TrackBacks (0)

Dave Rosenberg, CEO of MuleSource, works with a lot of organizations that are starting their SOA journeys, and noticed that many make the same mistake: they spend all their time worry about the technical details of their implementations, but don't pay enough attention to governance.

In a new post here at ebizQ, Dave outlined what he sees as the five greatest mistakes in SOA governance:

1-Decentralizing common artifacts: "When common artifacts such as WSDLs, schemas or configs are scattered in various locations, organizations waste time searching for interfaces and schemas," Dave says. "This is because they lack a central authority for the published service interface, which discourages discovery and reuse across an enterprise."

2-Reinventing the wheel: Perhaps the biggest problem SOA was meant to correct. "Services and applications are often written again and again to perform the same function," Dave says. "As a result, many different versions of the same artifact are built and integrated, increasing development times and creating a huge maintenance cost burden." The solution is a centralized repository or registry available to the enterprise.

3-Hoping for best practices: "Developers may not inherently know best practices, and even if they do, they may not follow them every time," Dave says. Best practices can and should be enforced as enterprise-wide policies, anywhere from the build to the registry to people and processes.

4-Forgetting about service consumers: It is important to continuously be aware of how a service is being used by the final consumer at the end of the process, Dave says. He recommends adopting tools that track dependency management.

5-Inconsistent application deployment strategy: "Many application deployment strategies are ad-hoc, not well documented, and only understood by one person," Dave says. A registry and repository can help automate developer actions, and thus ensure consistency.

How far along are most organizations with their SOA governance? ebizQ recently conducted a survey on SOA governance trends, and I will be joining Christian Hastedt Marckwardt, solution marketing director with SAP, on Tuesday, April 29, at Noon Eastern Time in a special Webinar to discuss the survey results and implications. Be sure to join us for a compelling hour, as well as receive a complimentary copy of the complete survey results!

______________________________________________________________________

Posted by joemckendrick in Management • SOA • SOA Events  |  Permalink  | Comments (0)  | TrackBacks (0)

Business-IT alignment... Has a day gone by over the past ten years that we have not heard that phrase?

While it seems to be a constant but elusive dream -- like peace on Earth -- some companies indicate that SOA may be moving them closer to reality.

Fellow ebizQ colleague James Taylor, out at the IBM Impact confab this week, provides an account of an end-user customer panel on the ever-vexing challenge of business-IT alignment. Is service-oriented architecture helping to bring about some of this alignment?

A panel of corporate practitioners talked about their SOA efforts, and the impact SOA was having on alignment -- a positive impact, by the way. James reports that Randy Wallace from Michelin said one of his company's biggest challenges is "B2B with lots of billers to interface directly in their order management systems so, for instance, allow dealers to integrate orders with Michelin. They are currently evolving their order-to-cash system using Process Server and SOA."

Who much alignment has Michelin seen? According to Wallace, the company has come a long way, "from having a very small percentage of IT spend aligned with key business goals (6%) to one that is much more so (81%)."

That's pretty impressive. Wallace cited some examples: "For instance, in the past business units in different regions picked i2 and Manugistics at the same time and both were implemented resulting in separate systems. A stronger governance process and overall architecture are now established, driven by business ambitions and regularly updated. Far fewer and more focused projects as a result. Senior executive user satisfaction has risen steadily."

Austin Waldron from Health Care Services Corporation (HCSC) said his company's "focus is on using SOA in legacy modernization where many disparate systems are being replaced by a unified set of shared services. The governance issues seem to have been key for HCSC."

Waldron also talked about moving closer to business-IT alignment. "They had some years of IT spend focused more on basic IT infrastructure (security, robustness etc) but now investments much more driven by the business strategy."

Another panalist talked about more alignment at the front lines of the business. Jeff Auker from The Hartford "talked about challenge of consumer front-ends. Consumers working directly with The Hartford now expect a much more interactive online experience for sales and service - this is being driven by GEICO and Progressive’s campaigns. SOA is key because they have some front-ends that are tightly integrated with very old back-ends and SOA let’s them decouple them."

Thanks again to James Taylor for this report .

______________________________________________________________________

Posted by joemckendrick in Business Process Management • Case Study • Management • SOA • SOA Events • SOA Vendors  |  Permalink  | Comments (0)  | TrackBacks (0)

I recently had the opportunity to host an ebizQ Webinar on managing SOA performance with Forrester's Randy Heffner and AmberPoint's Ed Horst.

SOA has a lot of moving parts, and digging down to spot the root cause of a service problem is not always easy. SOAs are multilayered creatures. Is it the service itself that's creating an issue? Is it the database? Is it one of the servers?

As Randy put it:

"We’re talking about managing complex SOA services. So we’re diving into an advanced topic that comes up as you realize how deep your service implementations can go, and as you realize some of the dependencies that happen between the various components behind the implementation of your service. Your SOA management solution however you construct it and buy it must handle SOA-based service requests that have complex service implementations."

Randy says when troubles arise with services in SOA, it's often a challenge to pinpoint the source of the troubles, and a number of teams may get involved in the process of identifying issues -- and not have the big picture. Now, Heffner says, "great, we’ve identified there’s a problem with a service, who we going to call?" With complex SOA implementation, and multiple teams, the only answer that will be coming from everyone within their respective teams saying, "it's not me -- my stuff is working fine." That's because everyone has a view limited to their piece of the infrastructure, Randy says.

SOA management tools need to address "deep service" management, Randy pointed out. SOA management tools all do a fairly good job of altering administrators to problems with a service. Even in a complex service implementation -- it could be Java, .NET, messaging middleware, or legacy connectors -- when trouble is afoot, a good management tool will do a good job of sending an alert out.

Randy urges configuring SOA management strategies and solutions to conduct "deep service management." Typically, SOA management solutions employ solutions that don't look beyond the SOAP interface. A new generation of tools that are emerging, however, that can look beyond the service interface to the databases, services, and messaging layers beneath.

SOA management should be able to handle a variety of SOA deployments, ranging from services that invoke Java Message Service, MSMQ, Java RMKI, or CORBA, to ESBs or app servers. Many deep service SOA management approaches can start with agents that many SOA management solutions provides, Heffner said. Then, there are also an increasing number of management solutions that run natively on various platforms.

They key is to employ these solutions -- with or without agents -- to gain better visibility into the systems behind the services, he said. "SOA management solutions may have various ways to construct or correlate a picture, such as dropping tags into a message... or, you might have to do a little work in the configuration..." As services arise, problems will be better isolated, and administrators will know which team to call for assistance. Such deep service management also delivers benefits beyond root cause analysis, such as capacity management.

Randy makes the following recommendations for achieving deep service management:

"Formulate your SOA management strategies; how you’re going to do successful SOA management before you start thinking about products to do SOA management.... You have to deeply know the technologies, know how complex your implementations are. Will your SOA solutions will be able to help you manage your services across the technologies? Will your SOA management solution be able to tie together the complexity and correlate the complexity?

"...Build deep SOA monitoring and management into your whole overall SOA management. It has to do with the design of your architecture, and all the elements that are part of the implementation of your services, and everything that's behind your service interfaces. Build deep service monitoring criteria into your product selection criteria as you are selecting SOA management solutions. ...Think in terms of orchestration engines, integration products, application servers, SOA applications, repository, and SOA management. Think of them and SOA management as one cohesive SOA management platform.

"So you need to understand the relationships and connections. The bottom line is to think about deep service management as you’re pursing your solution."

_____________________________________________________________________

Posted by joemckendrick in Management • SOA • SOA Events • SOA Podcasts • SOA Research and Analyst Reports  |  Permalink  | Comments (0)  | TrackBacks (0)

Why should self-respecting business care about event-driven architecture (EDA) and complex event processing (CEP)?

Because almost every company has operational activities that run continuously and must respond to rapidly changing conditions. Roy Schulte, Gartner VP and one of the world's leading authorities on enterprise systems, says that businesses should get to know EDA and CEP very well, as they are the tickets to early problem detection and predicting future threats and opportunities before they materialize.

Schulte will be talking about EDA and CEP in some detail at ebizQ's upcoming Event Processing Virtual Conference, to be held May 7th. Along with Schulte's keynote, esteemed speakers such as Forrester's Charles Brett will provide a taxonomy for event processing. David Luckham (founder of Rational Software) and Dr. K. Mani Chandy (CalTech) will provide perspectives on the convergence between EDA and SOA.

Click here for more details on ebizQ's one-day Event Processing Virtual Conference.

_____________________________________________________________________

Posted by joemckendrick in SOA Events  |  Permalink  | Comments (0)  | TrackBacks (0)

Beth Gold-Bernstein, my colleague here at ebizQ, recently hosted an extremely compelling online panel discussion on the growing convergence between SOA and Web 2.0. Beth was joined by luminaries including Dion Hinchcliffe, whom I would consider the leading analyst in the Web 2.0 realm, ZapThink's Ron Schmelzer, and Doug Wilson, CTO of portals and collaboration products at IBM. (A full transcript is posted here.)

The discussion was refreshingly straightforward. Doug Wilson even came out and said that SOA can be pretty "boring," as in "SOA is kind of a boring thing if the end user can't interact in some way with the service oriented architecture. If they can't avail themselves of the capabilities, and they can't drive the compositional nature of that."

As explored in this blogsite, SOA has been delivering plenty of success stories. But how often is your latest SOA project the subject of chats at weekend parties? Conversely, there's been a stampede to Web 2.0. And, Web 2.0 probably is a subject brought up at parties. And people's eyes don't even glaze over.

The question is, how can we capture just a piece of this enthusiasm and apply it to SOA? The fact of the matter is, as expressed by the panelists, Web 2.0 may ultimately be SOA's savior. Some experts say that the lightweight, user-friendly techniques seen in the Web 2.0 experience can serve as SOA's best selling tool. Some even say that eventually, the two worlds may even blend to the point where they are indistinguishable.

Doug Wilson pointed out that "it's not always obvious for people to see the connection" between SOA and Web 2.0. However, at the end of the day, aspects of Web 2.0, such as mashups, "are the juxtaposition or combination of information from multiple back end services. In fact, mashups are a compositional mechanism by which an end user or programmer can bring multiple sources of information or transactions to bear on one problem. This goes right to the heart of SOA and SOA composition." Doug also stated that enabling users to easily compose services that make calls to back-end systems will go a long way to helping businesses see the value in SOA.

Dion provided a good working definition of what Web 2.0 is all about:

"Defining Web 2.0 can be a challenge because it represents a number of significant but very interrelated trends. The simple nontechnical definition is that it's 'Networked applications that leverage network effects.' What we're really talking about is software and communities that get smarter the more people participate in them."

Dion also provided this example of how Web 2.0 sweeps through the enterprise:

"AOL rolled out...a very heavyweight content management platform. But users gravitated to a new media wiki platform, the same platform that powers Wikipedia. Within a couple of months, because the tool was so much easier to use, and had been proven on a very large scale, with all the adoption kinks worked out of it in that very large laboratory called the Web... it was successful to the point where 95% of their content management now occurs in those platforms."

For some, SOA may meld into Web 2.0, and the result will be a global SOA, with various islands comprised of enterprise SOAs. Dion Hinchcliffe put it this way: "Look at the Web as it is today -- it has now become the world's largest service oriented architecture. Over 600 companies have opened their business up as Web services."

However, currently, the tools and protocols being used for Web 2.0 engagements are "not what we're using in the enterprise," Dion observed. "We're seeing this rise to Web oriented architecture that's happening outside our organization -- they're using REST instead of SOAP."

Will Web 2.0-style approaches eventually permeate through enterprise walls? It's inevitable, Dion continued. Web 2.0 is "leading to a realignment in the way we look at SOA. When I talk to many SOA architects, they're trying to figure out where this fits in. We are seeing some differences and some changes to the way we might want to do things on the infrastructure side."

Ron Schmelzer pointed out that it this point, they are separate efforts -- "companies are still trying to understand SOA and Web 2.0 on their own. However, he added, both business and IT are recognizing that enterprise systems, applications, and data need to be less stodgy. "When we go home and we're away from out offices, and we use the Net, and we use the latest experiences -- Google, YouTube, blogs -- we're experiencing the broad movement to Web 2.0 as part of our general computer using experience. And then we go back to our office... where we're faced mostly with technology that's still in the 90s."

"There's a lot of desire, especially among the folks in IT, to Bridge the gap," he said. "The vector, the movement... is toward this more holistic, architectural loosely coupled user-empowered style of IT -- and away from a central architecture trying to fit everything into a set of homogeneous set of systems that are tough to integrate with."

However, Ron pointed out that Web services and SOA are two very different things, meant to serve different purposes:

"The concept of SOA actually predates Web services by at least five or six years. The main proponents of service oriented architecture at that time created architecture around CORBA. The use of Web services technology is only appropriate for certain circumstances; it's not appropriate for all uses of service oriented architecture. For example, I wouldn't want a mobile device sitting on a network consuming heavy Web service and protocols."

Web 2.0 and SOA also have different philosophies, Ron added. "SOA is about empowering the enterprise, and Web 2.0 is about empowering the individual," he said. "The ideas of Web 20 and SOA are definitively different. They espouse different ideas. SOA is primarily architectural, which means it's an approach a methodology a style and a design. Web 2.0 is a broad-based movement that covers a variety of topics."

In combination, however, Web 2.0 and SOA are a power to be reckoned with. "We want the user to become increasingly more familiar with in the broad Internet, and bring that experience into the enterprise," Ron said. "At the same time, allowing the enterprise to free up its assets, and empower the business user."

The complete panel Webcast can be found here. A full transcript is posted Posted by joemckendrick in Enterprise 2.0 • SOA • SOA Events • Software as a Service  |  Permalink  | Comments (0)  | TrackBacks (0)

EbizQ has just posted a transcript of my recent Webcast with IBM's Leif Davidson is now available for perusal.

Some highlights of our discussion:

Leif Davidson on how SOA always starts off with good intentions, but...

"The past history of the whole IT business has shown what happens when there is no control, you know, as we talked about earlier in terms of creating rat’s nest. Everybody, you know, no one comes in with the intention of how can I make things more complicated and less flexible. Everyone starts off with good intentions and, you know, an SOA project whether it’s done by one team or, you know, 21 teams in a business could be done with the best intentions but could end up the with a mess."

"And I think SOA’s particularly that way if you think about what it actually means in the business sense; these composite applications, invoking services from across and beyond your business. If you don’t actually have control from the very early days of SOA, you’ve now got a much more dynamic flexible business and much more dynamic and flexible access across your business to your IT. If you don’t have that sort of sense of control and ownership and governance its probably the right word, then I think you do risk much more than in a traditional IT infrastructure."

Yours truly on impending SOA growth:

"We find [in our survey of 244 companies] that organizations are really ramping up their SOA initiatives. There’s going to be a lot of steady growth for SOA. We actually looked at companies -- we actually looked at the number of services, the number of enterprise services being shared or reused. They intend to deploy large numbers of services. By next year this time, according to what our respondents are telling us, those companies with more than 25 services will jump dramatically, the percentage of companies from 24% to 39% over the next 12 months."

"The growth -- this growth in businesses that are crossing this threshold into multiple critical mass of services, 25 or more services is a significant number because once they cross this threshold they need to start treating SOA as a critical strategy and need to address -- start addressing many aspects, the management, and policy enforcement aspects, for example. Connecting up their mission critical services becomes an important priority."

Leif on federated ESBs:

"A Federated ESB is really a logical step from what we’ve talking about having separate ESB’s to meet different departmental and project needs. As you see on this chart any different department may have its own ESB but that doesn’t actually get away from the needs for all of those ESBs to deliver common capabilities but by the integration across different departments. And so the Federated ESBs really allowing businesses to select multiple different ESBs but allowing them to work together to provide common capabilities across that disparate infrastructure.

Click here for the Webcast; here for the transcript.

____________________________________________________________________

Posted by joemckendrick in Management • SOA • SOA Events  |  Permalink  | Comments (0)  | TrackBacks (0)

There's no such thing as a single enterprise SOA. At least not yet.

I just had the opportunity to co-present a Webinar with IBM's Leif Davidson on the topic of "Identifying and Federating Today's SOA Power Centers," in which we explored the results of a recent ebizQ survey of 244 companies.

The survey finds that there's no question that enterprises are firmly committed to service oriented architecture as a strategy going forward - and they're willing to put budget dollars into the endeavor.

But the survey also shows that there's no such thing as a single, all-encompassing SOA effort that covers every service initiative from every corner of the enterprise. Rather, most SOA or enterprise service efforts are "islands" of integration that arise within individual business units, designed to address specific problems.

The challenge is that these separate SOA efforts have different formats and technology foundations under development or implemented within their walls. Many use application servers to support enterprise services, others leverage composite applications on middleware, and others rely on enterprise service buses. In fact, the survey showed that enterprises are taking multiple approaches to building and supporting SOA, including application servers, composite middleware, and enterprise service buses.

The survey also found that most of these service deployments aren't yet interfacing with mission-critical systems. But this is changing rapidly, as the number of services designed for reuse proliferate. The survey finds steady, unrelenting growth in organizations maintaining large volumes of SOA-based services - the number with more than 100 services in production is expected to double.

The bottom line is that there is no single approach to SOA. SOA requires a mix of solutions but the eventual result should be a more reliable, simple and flexible infrastructure and business.

There are two interconnected levels to addressing the problem. First, on a technology level, is federation. One out of four companies have already moved to a federated infrastructure to support multiple instances of ESBs or intermediaries. The survey also shows that those with federated infrastructures are more likely to be able to move from siloed SOA to enterprise-scale SOA.

Then, on a business level, there's governance. Effective governance will make the difference between ending up with a tangle of services -- JBOWS -- or a functioning SOA that truly supports business endeavors at any endpoint across the enterprise. The survey finds that organizations recognize the urgency of governance, but a surprisingly large percentage leave this up to the IT department.

The Webinar in which Leif and I discuss the implications of the survey results can be found here at the ebizQ site. (Registration required.)

____________________________________________________________________

Posted by joemckendrick in Management • SOA • SOA Events • SOA Research and Analyst Reports • SOA Vendors  |  Permalink  | Comments (0)  | TrackBacks (0)

One of the interesting findings to come out of our recent survey on Enterprise SOA is the mixed state of governance that still exists out there. While a third do have a board or committee to oversee governance, another 16% rely on a "center of excellence" to manage the process and gain business buy-in.

What advantage does governance provide to SOA, besides acting as a central clearinghouse for vetting services? For one, governance boards or centers of excellence assure that projects are put into motion based on their merit to the organization, versus individual political agendas. This helps keep SOA decisions above the political fray.

As reported in Application Development Trends, Ian Koenig, senior vice president and chief architect at Thomson Financial, recently spoke on the importance of SOA governance. Koenig provided these key lessons learned about SOA governance:

Lesson Learned: Choose Policies That Matter, or Risk 'Death by Governance': "Having too many policies is just as bad as having none at all," Koenig said. He said his team looked at 5,000 really good ideas and then distilled them down to 170 policies that really mattered.

Lesson Learned: People Don't Communicate: Often, people don;t even see eye to eye on what problems they're trying to solve. "When two or more smart people disagree on a solution, it's almost always true that they don't agree on the problem they are trying to solve," Koenig said. His team employed the UML 2.0 specification to diagram how data should flow.

Make Governance Easy and Do It Early: Here's how people react to complexity, Koenig said: "Sixty percent will do the easy thing, regardless of whether it's right; 40 percent will do the right thing, regardless of whether it's the easy thing to do." The key is to make governance as simple as automatic as possible -- and automation is the best route.

Lesson Learned: Reusability Is Not Cheap: Koenig said reuse is expensive: "Our rough calculation is it's about 2.5 times more expensive to make something reusable as not." Therefore, it's going to take some customer education to sell the idea of putting more funds in up front for an integration project.

Identify an Owner for Each Service: "It's important to identify who defines the value proposition for the service," Koenig said. You need to know "who gets called at 3:00 in the morning if it's not meeting its SLAs."

Fair enough.

____________________________________________________________________

Posted by joemckendrick in SOA • SOA Events • SOA Research and Analyst Reports  |  Permalink  | Comments (0)  | TrackBacks (0)

This Wednesday the 12th, IBM's Leif Davidsen and I will be delivering the results of and commentary around ebizQ's latest survey results on SOA and trends toward ESB federation. (To sign up for the Webinar, click here.)

To help build the conversation that will be taking place within the Webinar, we invite you to join in with any questions or observations you may have.

One inquiry focused on the viability of Web Services Description Language, or WSDL,in a federated environment. Would exposing ESBs as a WSDL be sufficient to link different vendors' ESBs together?

Leif responds that while WSDL can help make the connection, but more is required for a robust SOA infrastructure across business units. "To make the most out of an SOA infrastructure, resources should be used and reused across the business. This will drive the connection of these ESBs to provide end-to-end seamless connectivity," he said.

"From a purely functional point-of-view a service provider and consumer can connect using a WSDL interface. But when looking at the business perspective, important issues such as Governance, Security, Transactionality and Systems Management come into view. In order to invoke the services through a WSDL interface, the service needs to be located. If it exists in a remote system, the security credentials need to be passed along. Updates to transactions add to the complexity and criticality. And of course not every asset is exposed as a Web Service."

"So while WSDL maybe a part of the solution for connecting web services through different ESBs, there are many other aspects to consider other than simple web services connectivity that will be important to businesses when considering the implications of actual deployment."

Join us Wednesday an Noon Eastern Time for the latest data and solutions in managing multiple SOA implementations in our Webinar, Identifying and Federating Today's SOA Power Centers Through Enterprise Service Buses.

_____________________________________________________________________

Posted by joemckendrick in Management • SOA • SOA Events • SOA Research and Analyst Reports • SOA Vendors  |  Permalink  | Comments (0)  | TrackBacks (0)

Lately, many pundits and trade publications have been fretting whether service-oriented architecture is catching on, or if it's still a dream trapped within the IT silo.

A new survey ebizQ conducted in conjunction with IBM finds SOA is gaining traction across the enterprise. However, the challenge is that there may be many separate SOA efforts going on under one roof. Can these separate efforts be brought together, to properly fulfill the vision of SOA? (Less complexity, more simplicity, outside of the silos.)

The survey of 244 companies found that organizations are firmly committed to SOA as a strategy going forward - and they're willing to put budget dollars into the endeavor.

However, in most cases, SOA is not one effort that an enterprise launches, but a series of initiatives that arise to address different challenges within different business units. There's no such thing as a single, all-encompassing SOA effort that covers every service initiative from every corner of the enterprise.

Enterprises are taking multiple approaches to building and supporting SOA, including application servers, composite middleware, and enterprise service buses. One out of four companies have moved to a federated infrastructure to support multiple instances of ESBs or intermediaries. Those with federated structures are more likely to be able to move from siloed SOA to enterprise-scale SOA.

On Wednesday, May 12, I will be teaming up with Leif Davidsen, worldwide content lead for SOA reuse and connectivity marketing at IBM, in Webinar to talk about the results of this landmark survey, as well as cover solutions that address the need to better integrate scattered SOA initiatives. All participants will receive a copy of the survey results.

For information and access to the Webinar, click here. We hope you will join us.

____________________________________________________

Posted by joemckendrick in SOA • SOA Events  |  Permalink  | Comments (0)  | TrackBacks (0)

SOA makes us more agile, BPM makes us consistent. That's a combination explored in some depth by Gartner analyst Daryl Plummer at this year's DIALOG 08 event.

ebizQ colleague James Taylor is blogging live from DIALOG 08, and provides a thorough report on Daryl's presentation. Daryl spoke of the rise of "Dynamic BPM," which is the intersection between business process management and service-oriented architecture. As James relates, Daryl pointed out that "Dynamic BPM is becoming a requirement, not an option, as the frequency of change is increasing while the amount of change (the amplitude) is also increasing."

Companies that don't start marshaling their BPM and SOA resources in an integrated fashion risk increased costs and diminished opportunities, Daryl said: "If we don’t keep up we get lots of chaos, more expensive governance as we react, business agility becomes harder and decision making becomes increasingly 'seat of the pants.'"

The movement away from distributed systems or silos make business agility more of a possibility. As James quoted Daryl: "The growth of standards and frameworks, middleware and more has made it easier and provided a better platform. Adding event-processing, ESB and SOA meant that BPM could really deliver."

I like Daryl's ultimate definition of a service: "Something which does something for me without me having to do it or know how it was done - I ask, it does, it tells me its done."

Posted by joemckendrick in Business Process Management • SOA Events  |  Permalink  | Comments (0)  | TrackBacks (0)

At Delta Airlines, SOA is cutting the cost of ownership by half for its various applications and systems. That's good news, of course, but the company's experience with proactive governance also provides some valuable pointers for other companies wrestling with the politics of SOA.

Delta's SOA has been under development for more than 10 years and is now its third phase, says Bret Martin, principal enterprise architecture for Delta Technology Inc., a wholly owned subsidiary of Delta Airlines.

In a session (registration required) at a recent online conference put on by Tibco, Martin said that phase one of what the airline calls its "Digital Nervous System," or DNS, commenced with proprietary and home-grown integration hooks in 1996. As SOA and Web services evolved earlier this decade, Delta focused on bringing DNS in line with industry standards such as SOAP over HTTP, delivered through an enterprise service bus at the back end.

Now, in the latest phase of the effort, the goal is to see that "SOA is infused with the enterprise," Martin related. "SOA is a way of life for implementing business applications across the enterprise."

The greatest value Delta is seeing from SOA is reuse of IT assets and data, Martin pointed out. "Reuse is one of the big drivers for our SOA environment," he said. Delta's SOA, for example, is reusing the same customer and operational data across a range of systems, from the Delta.com Website to ticketing kiosks to ticketing counters and gate systems. "It allows check-in to happen in a uniform way," he explained. Another way services are being leveraged are by exposing services to vendors and partners, such as American Express or operations companies.

Delta engaged a cross-enterprise governance team to perform all the tasks that are expected from an SOA governance group: managing registry and repository in making sure that services are registered, defining the policies that are going to go into the deployment of a service, defining security, defining service-level agreements.

However, Delta recognized the value that the governance team was bringing beyond merely approving, registering, and managing services, Martin says. "Its not only registering services, but also trying to promote services that we already have defined, and have already put into production." This is essential, he said, because developers and architects aren't necessarily aware of what services are available out there, or where they can be found.

"What we needed is a governance organization that says they can help, 'here is a SOA business process, and is is how it can be implemented," says Martin. "Having a group that stands in front of those services, and matches business requirements to the services that we have… is a huge benefit."

Posted by joemckendrick in Business Process Management • Case Study • Management • SOA • SOA Events  |  Permalink  | Comments (0)  | TrackBacks (0)

How secure is SOA? Security has long been considered the Achilles Heel of both Web services and SOA, since both mission-critical applications and data are being opened up to the cloud.

Surveys I have worked on for Evans Data over the past several years find Web services and SOA developers overwhelmingly rely on Secure Sockets Layer (SSL) for their security needs. This is not enough, of course -- a holistic approach is required, that not only encompasses service and application security, but also a layered approach involving network security, OS security, and physical security of the facilities where apps are run and data is stored.

In a couple of weeks, Mike Rothman, President and Principal Analyst, Security Incite will be joining Gunnar Peterson, Managing Principal, Arctec Group for a discussion on the state of security in SOA. The session promises to be an eye-opener, with a frank discussion on new attack vectors introduced by SOA, the best places to implement SOA security, and identity and access management options.

In the meantime, ebizQ's Peter Schooff provides some good pointers for better securing SOA in his latest post.

Don't assume that your vendor "is taking care of" security. It's up to you to protect you're own company's assets -- your vendor's not going to care.

Security is not one-dimensional. Don't assume that "because your firewall is up and functioning doesn't mean your secure," Peter cautions. "With SOA, security is much more than just perimeter and means working security in during the design and implementation phase."

Don't rely on a cursory risk assessment. Resources are limited, and a company is likely to let some things lapse while attending to more "pressing" issues. Peter gives the example of a company that rationalizes that an unpatched router is a greater threat than flaws in its SOA framework.

Don't rely too much on security standards or security features. Standards such as SSL, S/MIME, and WS-Security are helpful, but don't fully secure the system, Peter cautions.

Posted by joemckendrick in Management • SOA • SOA Events • SOA Research and Analyst Reports  |  Permalink  | Comments (0)  | TrackBacks (0)

At this week's Open Group Enterprise Architecture conference conference, I had the opportunity to join a vigorous panel discussion in which we performed a "reality check" on the state of SOA. We were joined by moderator Eric Knorr of InfoWorld, along with Tony Baer (onStrategies), David Linthicum, Tom Morgan (AutoDesk) and Chris Harding (Open Group).

Members of the panel examined the matter of SOA efforts getting stuck, or whether a "trough of disillusionment" had set in. Our panel also explored SOA's uncertain relationship with other disciplines. It was agreed, for example, that business process management is a key element of SOA and visa-versa. However, we also agreed that there is still a wide chasm between the two. Tom Morgan observed that while his organization, AutoDesk, has had a far-reaching SOA effort underway for a number of years now, they "punted" on applying BPM to the effort.

The panel also discussed the issues that linger around governance, especially in the areas of registry and repository. Tony Baer observed that there were still too many issues at the metadata level, and vendors keep pushing registry/repository as a panacea for governance.

Mashups and Web 2.0 are another area colliding with SOA. Dave Linthicum stated that mashups are, indeed, a viable part of SOA taking place within organizations. However, Eric Knorr said he has heard many organizations are not keen on letting data in or out of the corporate firewall.

SOA can work hand in hand with data management, and Tom pointed out that AutoDesk has been very effectively employing SOA-based services to pull, rationalize, and cleanse customer support data from across the enterprise.

Prior to the panel, David Linthicum delivered the keynote for the Open Group event, issuing a warning that all too often, we're still engaging in SOA for SOA's sake. SOA proponents need to redouble efforts to emphasize the business case, and de-emphasize the technology aspect, he said. "It all boils down to architecture." Still, he said, the reuse inherent in SOA can be made to work, and projects where CEOs can see demonstrable value -- such as a real-time analytics dashboard -- can achieve quick success.

Posted by joemckendrick in Business Process Management • Data Management • Enterprise 2.0 • Management • SOA • SOA Events  |  Permalink  | Comments (0)  | TrackBacks (0)

What lessons have we learned from SOA that can be applied to Web 2.0? Plenty. But perhaps the most important is the role of governance, so organizations can get the most out of the services that are created under their roofs.

ebizQ colleague Gian Trotta recently spoke with Kelly Emo, SOA product marketing manager with HP Software, who worries that end users may be running away with Web 2.0-based services as end-runs around busy IT departments. (Listen to the complete podcast here, or see the transcript here.)

She notes that IT departments are dealing with "meaty back office problems" but end users are sometimes too impatient to wait for IT departments and their planning processes. So they take their needs into their own hands with new approaches like mash-ups and Web collaboration.

IT is caught up in issues such as "'how do I leverage the legacy infrastructure structure,' 'how to do I change my point-to-point integration into more flexible, loose coupling, more dynamic.' 'how do I break up my application silos'? They’re using serious architectural disciplines such as identifying their key reusable components and exposing those as standard space services."

What is happening on the user end is that "creative end users don’t have the time or the patience to wait for this plan to meticulous processes," Emo explains. "So they’re taking their needs into their own hands and using approaches, kind of Wild West approaches like mash-ups and Web collaboration."

But don't worry -- it's all good, Emo says. "These mash-ups in many cases are resulting in big productivity gains," she says. And these productivity gains "are getting the attention of the VPs of the business domains -- the folks with the money," she points out. "And they’re coming back to IT and saying 'make it so' -- support this application."

So the ball eventually ends up in IT's court anyway. The key is that IT will embrace the new "Wild West of Web 2," but pay attention to governance, Emo says. "They can embrace this capability. And they can make it work using the same level of robustness, the same level of service, quality of service. Or they can put up roadblocks and say, 'no, I am not going to let this rogue capability into IT.'

The best bet for managing Web 2.0 approaches, Emo says, is to "combine it with the productivity and architectural best practices of SOA. Effectively, what IT is doing is combining innovation and discipline. And the concept behind this is what HP is calling 'implicit governance.'"

The good part about implicit governance is that Web 2 consumers are "not even aware that they’re participating in an IT governance process, but in essence they are," Emo relates. "They’re assured of getting the service that they just basically have grown up to expect -- the always-on capability."

Emo will be speaking on this issue in a presentation called "Enterprise Mash-Ups for Wall Street: Leveraging SOA Web 2.0" at the Web Services/SOA on Wall Street show set for February 11.

Posted by joemckendrick in Enterprise 2.0 • Management • SOA • SOA Events • SOA Podcasts • SOA Vendors  |  Permalink  | Comments (0)  | TrackBacks (0)

'Pirate SOA -- IT's Secret Weapon' -- that's a good way to describe the gist of the recent panel discussion I hosted with SOA-digerati luminaries Dana Gardner and Phil Wainewright, as part of ebizQ's SOA in Action conference. Complete transcript here, podcast here.)

For many organizations, 'Pirate SOA' may be the only way to get SOA methodologies and sensibilities into their organizations. Management may be too hesitant, or simple too clueless about what SOA can mean for them.

Web 2.0 -- through mashups and SaaS -- introduces rapid, user-driven development and deployment to SOA scenarios. Dana says that a good term to describe the Web 2.0-ish approaches to building out service-oriented architecture is "Guerrilla SOA" -- meaning that "small groups of people, working with lightweight architecture and tools, can accomplish an awful lot when it comes to green field development of services and when it comes to down-and-dirty projects to do integration, compositing and to basically solve the problem of the day on an ad hoc basis."

Of course, as Phil pointed out, the fears around the chaotic and unsupervised nature of Web 2.0-based development and deployment sounds exactly like the fears that surrounded Web services and SOA in its early days. "There was a time when SOA was seen as very emergent and perhaps threatening," he said, pointing out that many people see the result as having been "'just a bunch of Web services' in which people kind of start of do point-to-point Web service integration and perhaps end up with a whole spaghetti mess of uncoordinated, ungoverned SOA, perhaps not worthy of the name architecture. Of course, I think that's the fear around Web 2.0 that because it's emergent and by their nature, emergent technologies are chaotic, uncontrolled, ungovernable, there's this sense that you don't really want them in your nicely cultivated, managed service-oriented architecture in case it kind of ruins the show."

Nevertheless, Dana warned that the rise of the Web 2.0 methodologies -- which provide Web-based platforms at almost no cost -- will seriously disrupt the current marketplace. "The smaller companies that can be capitalized for much less money than in the past, that can start up and go into existing markets and work much more quickly than to help customers or users acquire services and to gain some productivity and business benefit, but without having to drag along the legacy of IT infrastructure -- and to avail themselves of services off the wire increasingly and the ability to host themselves cheaply and such things as what Amazon is providing with Elastic Compute Cloud."

If this scenario plays out, Dana continued, "We have a situation in the marketplace where there's a great deal of disruption from small start-ups that can work in almost like we saw in the 80s with pirates, corporate raiders that would come in and break companies up and sell the parts. It's almost the same notion of a raider or a pirate mentality I would think for small Web 2.0 services-oriented organizations and if that's the case, that's going to compel and force the bigger companies to adopt these sorts of practices."

Posted by joemckendrick in SOA Events  |  Permalink  | Comments (0)  | TrackBacks (0)

I’ll be keynoting this week’s SOA Congress, being held in the beautiful city of Mainz, Germany. The topic is “Roadmap to SOA - How to implement a Successful SOA Project” — I’ll be talking about the role SOA proponents need to play to foster change within their enterprises, recent SOA research, and trends for the year ahead. I look forward to meeting everyone there.

Posted by joemckendrick in SOA Events  |  Permalink  | Comments (0)  | TrackBacks (0)