Layer 7: Getting Your SOA to Production Without Cost and Complexity
-
Upload
ca-api-management -
Category
Technology
-
view
1.129 -
download
0
Transcript of Layer 7: Getting Your SOA to Production Without Cost and Complexity
1
TITLE SLIDE: HEADLINE
Presenter nameTitle, Red HatDate
Getting Your SOA to Production Without Cost and
Complexity
Pierre FrickeDirector, SOA Product Line, Red HatFrancois LascellesTechnical Director, Europe, Layer 7October 29, 2009
3
Challenges with SOA Today
Complex IT environment Complex product
offerings Difficult to develop to-
and use- products Expensive product
offerings Expensive service
offerings What are the business
benefits?
Closed-sourceESB / SOA Suite
$25K / CPU; difficult programming env.80% you don't need 80% of the time
File
SOAP
ServiceRegistry
ES
B
Composition
EngineProce
ssStore
JBoss Enterprise SOA Platform
$5K / CPU; OSS-built programming env.Highly flexible and configurable
4
Red Hat SOA Strategy
Deliver enterprise-class SOA middleware working with the open source community and customers that are…
simple, open, and affordable and
significant value-adds to business and IT
Creates a highly flexible SOA platform portfolio from the highest quality and innovative components
JBoss Enterprise Middleware
Virtualization
MRG
Cloud
Extend to a Business Process Automation Platform to bring SOA to life with the greatest flexibility
BRMS
EDA / CEP
BPMS
Data Integration in an SOA
5
Continuing to Redefine SOA with SOA Platform
Simple: Easy-to-consume SOA portfolio Expanded JBoss Operations Network support to JBoss Enterprise SOA Platform Industry-leading Support and Services Enterprise-class Stability and Performance – easy decision vs. OSS SOA frameworks
Open: Unparalleled Flexibility and Control of Open Source Open Standards-based Choice of SOA administration, management, and governance tools
Affordable: Significantly lower Total Cost of Ownership (TCO) Subscription Model JBoss Operations Network Re-focus resources on the things that differentiate your business
Red Hat SOA Value Proposition – the Simple, Open and Affordableway to automate your business and value chain.
8
SOA Evolution and Red Hat Offerings
1 2 3 4 5 6
Business Process Understanding: How is the work done?
IT Assessment: What IT assets exist supporting the business process?
SOA Design/ Determination: What should be a service?
SOA Enablement (Java EE, .NET, federated data): How will application and data services be developed and deployed?
Infrastructure (ESB, Registry, Management Governance: How will services, application, people interact and communicate
Process Orchestration/ Composition: How will business processes and rules be developed and deployed
Consulting Services: SOA Assessment/ Planning Service
Application Platform BRMS Data Services Platform JBoss Developer Studio Training & Consulting
SOA Platform Portal Platform Training & Consulting Layer 7
Architects / DevelopersProcess Owners Architects Architects/BAs
9
JBoss Enterprise SOA Platform with Layer 7
ServiceRegistry Message
Store
Transformation Routing
Infrastructure Services
Security Management
DeclarativeOrchestrati
onEnginejPDL
ProcessStore
EventNotificat
ion
Pluggable Architecturefor integrating infrastructure mediation
services
Web Services (Proxy)
EJB
POJOs
J2EE 1.4/Java EE 5
Business Servicesruns within a container or standalone
HTTP(S)
(S)FTP
File
JMS*
SOAPExcel
Browser
EJB
Native(SI)
ASCIIXML
Binary
Transports
Seam
SQL
Event Listeners and Actions provide transport mediation
Socket
Hibernate
JCA/Inflow BA
M
Drools
Spring
Groovy
4.2 4.3 Future
BPEL
UDDI v3
DataSourcesMetaMatrix
S
S
Improvements in 4.3
InVM
Jython
Beanshell
Seam JCA
Service Component Architecture
Service Data Object
JRuby
Business
Data
ESB
CEP
DSL
Decision Table
JMS* - JBoss Messaging, IBM WebSphere MQ, TIBCO EMS
10
About Layer 7
Layer 7 is the leading vendor of security and governance for:
2003 2006 2009
Cu
sto
mer
s
Rev
enu
e
XML
SOA
Cloud
11
Why Layer 7 SecureSpan?
Faster time to market
• Reduce development, deployment and management efforts
• JBossESB infrastructure service, delegate business logic
• Faster additions, changes
Governance
• Enterprise-wide view of services
• Real time monitoring, reporting
Agility
• Service virtualization
• Decoupled policy enforcement
Security
• Threat protection, access control, trust management, …
12
SecureSpan Gateway Policy Enforcement Point
• edge access point• service virtualization• security implementation• id federation• threat protection• service level agreement
service zone boundary
13
Hardware or software appliance form factor
Hardware Appliance
• Military grade security device• Telecom grade performance• FIPS 140-2 level 3 certified HSM• Hardware XML acceleration
Virtual Appliance
• Pre-installed, hardened image• VMWare ESX, Amazon• FIPS certified software mode• XML acceleration software mode
COTS appliance form factor enables ‘drop-in’ solution with minimal deployment time and instant value. No agents to deploy, no dependencies.
14
Policy Studio
Policies are created by organizing assertions in logical tree structures.
Policies are changed on the fly, without service interruptions.
Rich palette, extensible through JAVA API.
Design, implementation and deployment in hours, not months or years.
Automated, scripted provisioning and management through API.
15
Delegating endpoint security
inboundXML Gateway enforces security for incoming traffic on behalf of protected services.
outboundXML Gateway secures outgoing traffic on behalf of protected services.
protectedservices
16
Identity Federation, Trust Management
• Identity and Access Management interfacing
• Runtime access control rules enforcement
• LDAP, SUN OpenSSO, Novell AM, Oracle AM, Netegrity, Tivoli, MSAD
• STS, SSO
• SAML issuing, validation
• WS-Trust, SAML-P
• WS-SecureConversation
• WS Federation
• Fined grain trust management
17
Threat Protection
• Network/OS level threats
• Message level threats
• Consistent security policies for heterogeneous environment
Schema poisoningRecursive entity attacks
Code injectionsWSDL fishingParser attacks
…
18
Service level monitoring, enforcement
• Real time contract lookup and enforcement (SLA)
• Throughput quotas
• Per identity, per operation
• Throttling
• Protect service endpoints
• Monitoring of response times
• Custom alert triggers
• Custom reporting
• Priority routing rules
19
ESB co-processing
SecureSpan Infrastructure Service
• Accelerated XSLT
• Accelerated XSD
• Accelerated pattern detection
• WSS Processing
• SLA Enforcement
JBossESB
20
TITLE SLIDE: HEADLINE
Presenter nameTitle, Red HatDate
For more information:
Pierre [email protected]
http://www.redhat.com/soa
http://www.layer7tech.com/main/partners/partners.html
Francois [email protected]