Uni SOA Governance for SAP

8/3/2019 Uni SOA Governance for SAP

1/25

Unified

SAPsolutio

SOA Governancefor

Enterprise SOAs with NetWeaver


2/25

www.soa.com Copyright by SOA Software, Inc. 2009. All rights reserved. 1

Table of Contents

1 Summary ...................................................................................................... 2

2 Introduction ................................................................................................... 3

3 Unified SOA Governance Defined ...................................................................... 4

4 Unified SOA Governance Best Practices ............................................................. 7

5 Platform Independent Governance Automation ................................................... 9

6 SOA Infrastructure Reference Model ................................................................ 11

7 Unified SOA Governance System Elements: ...................................................... 12

8 SOA Softwares Unified SOA Governance Solution.............................................. 13

9 Unified SOA Governance for SAP Enterprise SOA with NetWeaver ........................ 15

10 SAP Certifications .......................................................................................... 23

11 About SOA Software ...................................................................................... 24


3/25


1 Summary

SOA Softwares Powered by SAP NetWeaver certified products provide Unified SOAGovernance Automation for SAP Enterprise SOA with NetWeaver. This allows customers

to confidently use SAP NetWeaver products as part of a heterogeneous enterprise SOAenvironment sharing services with other commercial SOA platforms like IBM WebSphere,

Microsoft, BEA, and Oracle, as well as RedHat and other open source providers.

SAP NetWeaver customers add SOA Softwares Unified SOA Governance Automationsolution to SAP Enterprise SOA with NetWeaver to:

Ensure that services they identify, design and build using their NetWeaverproducts are relevant and consumable to applications they design, build and

deploy using other technologies like Microsoft and IBM.

Make services they expose from applications running on NetWeaver productsvisible to and compliant with enterprise policies defined, enforced and audited

across other platforms; and make services they design and build using other

platforms like Microsoft and open source environments visible to and compliant

with enterprise policies defined, enforced and audited across by their NetWeaverapplications.

Promote, ensure and formalize consistent alignment between demand fromservice consumers and the supply of services through Consumer Contract

Provisioning.

SOA Softwares platform-independent Unified SOA Governance Automation solution

promotes the use of best-practices throughout an enterprise SOA program regardless ofwhere services and consumers are planned, designed, built, deployed and operated.Portfolio Manager, Repository Manager, Service Manager, and Policy Manager integrate

seamlessly with development and runtime products from most commercial platforms

including SAP, Microsoft, IBM and BEA, as well as RedHat and other open sourceproviders. They offer deep integration with the SAP NetWeaver Business ProcessPlatform components including: Exchange Infrastructure (XI), Process Integration (PI),

Composition Environment (CE), Enterprise Services Repository and Registry (ESR) andthe SAP NetWeaver Application Server (WebAS).

SOA Softwares products have achieved Powered by NetWeaver, and SAP SolutionManager ready certification.


4/25


2 Introduction

This whitepaper builds on the foundation created in SOA Softwares whitepaper UnifiedSOA Governance, published in December 2007. It describes how SOA Softwares

Portfolio Manager, Repository Manager, Service Manager, and Policy Manager integratewith a wide range of SAP Enterprise SOA solutions implemented using NetWeaver to

provide Unified SOA Governance automation capabilities, and the reasons why thosecapabilities are so important.

Some of the SAP products include some platform-optimized SOA Governancecapabilities. This whitepaper explains what these capabilities are, and how SOA

Softwares products augment them to provide a true enterprise SOA Governance

automation solution.

This document describes the integration points and added governance capabilities for:

SAP NetWeaver Exchange Infrastructure (XI) provides connectivity between

systems from different vendors SAP and non-SAP)

SAP NetWeaver Process Integration (PI) - SAP's platform for process integrationusing the exchange of XML messages

SAP NetWeaver Composition Environment (CE) - provides a toolset and runtime for

developing, running, and efficiently managing composite applications using SAP'senterprise SOA

SAP NetWeaver Enterprise Services Repository and Registry (ESR) support thegoverned definition of SOA assets

SAP NetWeaver Application Server (WebAS) - provides an open and reliableinfrastructure for deploying highly scalable Web applications and Web services


5/25


3 Unified SOA Governance Defined

Unified SOA Governance ensures the applicability, integrity and usability of a wide rangeof assets through all their lifecycle stages from asset identification through deprecation.

The full lifecycle is split into planning governance, lifecycle governance, and operationalgovernance.

3.1 Planning Governance Build the Right Things

Planning governance includes the identification analysis and modeling of candidate

services, policies, profiles, processes and information. An effective planning governancetool will manage an organizations SOA portfolio while examining existing and planned

applications and determining which capabilities should be exposed as services, andwhere applications would benefit from consuming shared services.

Planning Governance is a new area for SOA. It will allow companies to build to plan, andbuild to priority modeling current and desired architecture and identifying andprioritizing candidate services. Planning Governance solutions will maximize the

efficiency of investment in SOA, solidifying the role of existing platforms as foundation

service providers.

I.T. has always struggled with balancing long term planning with addressing theimmediate and short term needs of the business, in most cases the short term

requirements take precedent over long range planning. When this is applied toenterprise architecture, organizations end up with a bunch of services that deliver

minimal business value, instead of their goal of SOA.

Planning Governance allows organizations to identify potential services in a planned and

managed community including enterprise architects, business analysts and portfoliomanagers. When utilizing planning governance, services can be proactively built to plan


6/25


rather than simply reacting and building single use services. This approach reduces the

risks of service deployment and facilitates Enterprise Architectural goals by avoiding

chaotic service sprawl.

Planning Governance solutions will require integration with a wide range of existing

enterprise repositories, application portfolio management, and enterprise architecture

planning solutions, to harvest current and desired architectures. The output from thePlanning Governance process will be a set of candidate services that feed into the

Development Governance process, and candidate policies feeding into the PolicyGovernance process.

3.2 Development Governance Build Things Right

Development governance marshals an asset through the development process that

typically spans the design, development, testing and staging phases of its softwaredevelopment lifecycle. It typically includes a workflow mechanism to approve migration,

policy compliance validation, and a clear separation (logically, physically, or both)between lifecycle stages. Development governance is the realm traditionally occupied

by registry and repository vendors, although it requires much stronger repository

capabilities and much broader integrations with development environments (IDEs andSCMs tools), federation with other registries and much stronger service, standards andtaxonomy support than most repositories offer.

The Development Governance solution will depend heavily on Policy Governance for

compliance policy definition, management, and validation. It will use policies to

determine the relevance, and suitability of services at each lifecycle stage, and todetermine if assets meet enterprise standards and guidelines before they can promotedto the next stage of the lifecycle. For example for a service to move from design to

development the enterprise may require that there is a design document in the

repository, the service has a WSDL, the services is categorized appropriately, andperhaps even that there are registered consumers waiting for the service.

3.3 Operational Governance Ensure Whats Built Behaves Right

Operational Governance controls the runtime aspects of SOA. It typically includes

service monitoring, security and management with a runtime policy system. Most WebServices Management and Web Services Security vendors now position themselves as

providing Operational Governance solutions.

The Operational Governance solution relies heavily on the Policy Governance solution fordiscovery of policies for implementation and enforcement. A well architected

Operational Governance solution will fully abstract service consumers and providers from

the complexity of policy implementation and enforcement, service endpoint location,transport, standards, message exchange pattern, and other impedances to

interoperability. It should provide agents, delegates, and a network residentintermediary for service virtualization.

3.4 Policy Governance Uniform Policy for All Governance Areas

Policy Governance defines and manages policies, associates them with various assets,and validates and reports on policy compliance. It manages a wide range of different

policy types from metadata compliance policies applied in Planning and Development


7/25


Governance processes through security, reliability, and service-level policies applied

through an Operational Governance solution.

It is critical that the Policy Governance solution ensures consistent policy definition,implementation, enforcement, validation, and audit through all stages of the lifecycle,

and across all distributed and mainframe platforms.


8/25


4 Unified SOA Governance Best Practices

Unified SOA Governance promotes the core SOA governance best practices of:

4.1 Governance Automation

Governance Automation ensures scalability of enterprise processes implementing alifecycle management workflow to implement development approval processes, Unified

provisioning and lifecycle management, and inter-departmental contract managementand negotiation.

4.2 Uniform Policy Management

Uniform Policy Management ensures consistent policy definition, implementation,

enforcement, validation, and audit through all stages of the lifecycle, and across alldistributed and mainframe platforms. It ensures that services can be leveraged as first-

class citizens throughout an enterprise SOA by complying with enterprise policies that

are uniform across all platforms.

4.3 Metadata Federation

Metadata Federation provides seamless, heterogeneous SOA Governance and standards-

based support for governance automation (UDDIv3, WS-MEX, WS-Policy) to ensure that

governance processes are uniformly applied across all platform investments. Whenmetadata is federated and consistent across multiple governance platforms, the businessvalue of service (cost, usage, production issues) becomes visible and measurable across

the enterprise service lifecycle.

4.4 Service Virtualization

Service Virtualization provides location-transparency, service mobility, impedance

tolerance and reliable service delivery without requiring a re-platforming of existingplatforms or introducing yet another service platform to support the required solutionarchitecture.

4.5 Trust and Management Mediation

Trust and Management Mediation ensures interoperability across disparate partners and

platforms, trust enablement and trust mediation complementing threat preventionsystems. It provides provide last-mile security, metric collection and reporting, SLAmonitoring and management, to ensure that services are governed, managed, and

secured, and policy implementation and mediation to allow consumers to communicate

with a wide range of mission critical business services exposed from any platform.

4.6 Continuous Compliance and Validation

Continuous Compliance and Validation ensures consistent policy implementation and

enforcement across all stages of the lifecycle, preserving the fidelity of the governance

models, structures and mechanisms supporting enterprise SOA programs and ensure therelevance, applicability and suitability of services.


9/25


4.7 Change Impact Mitigation

Change Impact Mitigation provides change management and impact analysis processes

Unified with the governance workflow to ensure that changes to services or other assetsdont cause major outages by breaking the consumption model.

4.8 Consumer Contract Provisioning

Consumer Contract Provisioning provides offer, request, negotiation and approval

workflows for service access, capacity, SLA and policy contracts. It ensures that theservice provides know which applications and users are consuming their services and

allows them to treat different consumers with different priorities and service levels.


10/25


5 Platform Independent Governance Automation

Much of the benefit of SOA is derived from the promise of seamless interoperabilitybetween platforms, with applications built using .NET and WCF consumer services

exposed from COTS, Mainframe, or Java applications. One of the core goals of SOAGovernance is to ensure that services are relevant and consumable between platforms.

As such it makes no sense to leverage governance capabilities built into the platformsthemselves, as this simple promotes silos of services within platform domains.

5.1 Platform Governance Models

Not all platforms are governable; in fact platforms fall into one of 3 categories:

Ungoverned Platforms the purest form of Informal Governance. This often

results in Random SOA or Accidental SOA. This includes any container thatdoesnt support policy enforcement natively or with an agent

Self-Governed Platforms a mixture of Formal and Informal. Some tasks and

activities are governed, some are not. SOA Governance is as weak as the

weakest link in the chain. This category includes containers that use their own

tooling without policy integration with a centralized enterprise SOA Governancesolution.

Governed Platforms a real or virtual organization exists that is devoted to thepromotion of SOA programs and causes that is accepted as a fundamental part ofan SOA culture. Governed Service Platforms have:

Clear job titles / responsibility support SOA Governance activities Supports clear separation between implementation activities and governance

activities

Provides standards-based governance integration interfaces

Unified SOA Governance solutions integrate seamlessly with the platforms providing

varying degrees of configuration, policy implementation and enforcement, messagehandling, and workflow support, largely depending on the level of sophistication of the

platform itself.


11/25


We divide governed platforms into two categories:

5.2 Governed Service Platforms

All applications that expose and consume services at runtime are service platforms.These include application services like IBM WebSphere, Microsoft IIS, Oracle/BEA

WebLogic, JBoss and others; ESBs from vendors including IBM, Microsoft Oracle/BEA,JBoss, TIBCO and others; mainframe applications running in CICS and IMS; COTS

applications like CICS; and SaaS environments like Salesforce.com and Amazon.

As described above, Governed Service Platforms offer standards-based governance

integration interfaces, and support the concepts of governance by an external enterprisegovernance system.

5.3 Governed Development Platforms

Most platform vendors provide an Unified development environment (IDE), source code

management and version control system, defect tracking/change request tooling, and in

many cases, a document management and/or asset management repository. An Unified

SOA Governance solution can provide asset lifecycle management and policy compliancecapabilities to ensure that developed software assets (such as services, components and

applications) are appropriate and relevant to the enterprise, and that they comply with

applicable policies.

Governed Development Platform status means that the development platform integrateswith a Unified SOA Governance solution to make and share decisions about assets and

artifacts.


12/25


6 SOA Infrastructure Reference Model

SOA Infrastructure is the set of tools and technologies that an organization deploys tosecure and manage services and service-oriented business applications. It provides the

delivery mechanism for a comprehensive governance solution including Registry,Repository, Management, and Security services, and intermediaries to ensure the

application and use of these services.

The SOA Infrastructure reference model shown above is published by SOA Software, theleading provider of SOA Infrastructure software products. It provides a product and

vendor agnostic view of the concepts, components and standards that make up asuccessful SOA Infrastructure. For more information see SOA Softwares whitepaper

The SOA Infrastructure Reference Model, published in May 2006.


13/25


7 Unified SOA Governance System Elements:

The core elements of the Unified SOA Governance system are the Planning andDevelopment Repository and Registry, Policy Management System, Virtualization

System, Management and Security System, and their associated intermediaries. Also, asdescribed above, governance products and systems not having deep integration between

these elements would offer minimal value to an SOA implementation.

7.1 SOA Repositories

The SOA Repositories provides solutions for the governance of planning anddevelopment assets and artifacts. Governance in this context includes registration,lifecycle management, planning, design-time, and run-time policy invocation, and

business value visibility. The repository implements registry standards for metadata

exchange. It is the main source of SOA information for end users and applications.

7.2 SOA Policy Management System

The SOA Policy Management System provides a framework for defining and managing

policies that are enforced throughout the planning, lifecycle, and operational governanceprocesses. It ensures that policies are applied uniformly across all governed andgovernable platforms.

7.3 SOA Registry

The SOA Registry supports the categorization, classification, tagging, and publication of

services. It provides browse and search interfaces for service discovery, a publicationinterface for service registration, and a subscription interface for synchronization with

other registries and repositories.

7.4 SOA Management System

An SOA Management solution monitors and manages the reliability, availability and

performance of services.

7.5 SOA Security System

An SOA Security solution provides service and message security capabilities including

authentication (identity assertion and token exchange), authorization, privacy, non-

repudiation and audit.

7.6 SOA Intermediaries

SOA intermediaries exist in a number of forms, the most important of which are stand-

alone (proxy/router), and agent (embedded in container). Intermediaries enforce andimplement policy for Management and Security solutions. The primary role of the agentintermediary is to ensure last-mile policy enforcement, while the primary role of thestand-alone intermediary is to provide service virtualization to isolate consumers from

service location, policy, implementation, and change.


14/25


8 SOA Softwares Unified SOA Governance Solution

SOA Software builds its Integrated SOA Governance solution around its Policy

Manager, Repository Manager, and Service Manager products for SOA PolicyGovernance, Development Governance, and Operational Governance.

SOA Softwares Portfolio Manager, Repository Manager, Policy Manager, andService Manager combine to form a comprehensive Integrated SOA Governance

Automation solution.

Portfolio Manager is an innovative Planning Governance product that helps ensure thealignment of SOA Programs with strategic IT investment and business objectives andmakes sure that enterprises build the right services at the right time. It helps

customers identify candidate services and build an SOA roadmap through SOA Modeling,Asset Identification, and a Portfolio Management process. To achieve these goalsPortfolio Manager functions as part of a unified SOA Governance automation suite with

seamless integration with Repository Manager and Policy Manager.

Repository Manager provides an advanced software development asset (SDA)

repository, lifecycle management, and metadata federation solution. It governs leadingdevelopment platforms, ensuring consistent definition and management of services and

other assets across all development environments. Repository Manager supports

advanced SDA repository and governance capabilities including the ability to define andmanage custom asset and artifact types, asset relationship management, integrated

development environment (IDE) integration, and comprehensive asset federation. Itintegrates seamlessly with Policy Manager where policy decisions are required in theDevelopment Governance process, as well as provisions service consumption

agreements made by developers to Policy Manager for further governance. Repository

Manager supports application development and architecture teams, providing acomprehensive Development Governance solution.


15/25


Service Manager automatically implements and enforces policies from Policy Manager.

It generates usage, performance and policy compliance metrics that it reports to Policy

Manager so that it can audit that policies are being enforced in a closed-loop process.Service Manager support SOA and enterprise operational management functions,ensuring that services are security, reliable, and meet the performance goals for each

consumer.

Policy Manager provides an SOA Registry/Repository and comprehensive SOA Policy

Governance solution, with powerful governance automation capabilities. Governanceautomation minimizes the overhead associated with governance processes, and turnsgovernance from a painful workload, into a productivity tool. Policy Manager includes a

built-in policy and service metadata repository supporting its policy governance

processes. Policy Manager supports enterprise and SOA architecture functions, ensuringconsistent application of policies throughout an enterprise SOA program. Using this

solution architects, developers, security administrators, and operations managers candefine and govern policies that are applied to services throughout the appropriate stages

of their lifecycle.

Using this solution architects, developers, security administrators, and operations

managers can define and govern policies that are applied to services throughout theappropriate stages of their lifecycle.


16/25


9 Unified SOA Governance for SAP Enterprise SOA with NetWeaver

SAP does not focus on SOA Governance, although it does offer a Service Repository andRegistry in its SOA product portfolio. The SAP NetWeaver Enterprise Service Repository

and Registry is platform optimized for the SAP NetWeaver product family, and isextended by an enterprise Unified SOA Governance Automation solution.

SAP customers are adding SOA Softwares Portfolio Manager, Repository Manager,

Service Manager, and Policy Manager to provide Unified SOA Governance Automation fortheir SAP Enterprise SOA solutions implemented with NetWeaver to provide a number ofsolutions:

Uniform lifecycle and policy governance across existing platform investments

Lifecycle Management workflow to implement building permit process

Ensure interoperability with other platforms Seamless, heterogeneous SOA Governance, Security and Management

integration with SAP Middleware infrastructure

Performance and reliability management

Interoperability across disparate partners and platforms Unified provisioning and lifecycle management Inter-departmental consumer contract provisioning and negotiation

Standards support for Governance automation (UDDIv3, WS-MEX) Trust enablement and trust mediation

SOA Softwares products support and promote common Unified SOA Governance best

practices, and enable the consistent execution of these best practices with the SAPNetWeaver platforms. They offer the added benefit that there is no requirement to

introduce another non-SAP platform in order to support the required architecture.

Using Portfolio Manager, Repository Manager, Service Manager, and Policy Manager SOASoftware certifies SAPs products as Governed Service Platforms, or in the case of ESR, a


17/25


Governed Service Repository. Certified Governed Service Platform status means that

customers can be confident that their platforms will preserve the fidelity of the

governance models, structures and mechanisms supporting an enterprise SOA program.

SOA Softwares products offer a comprehensive Unified SOA Governance Automation

solution for SAP:

9.1 SAP NetWeaver Exchange Infrastructure (XI)

From SAPs product description:http://help.sap.com/saphelp_nw04/helpdata/en/14/80243b4a66ae0ce10000000a11402f

/frameset.htm

SAP Exchange Infrastructure (SAP XI) enables you to implement cross-system

processes. It enables you to connect systems from different vendors (non-SAP and SAP)in different versions and implemented in different programming languages (Java, ABAP,and so on) to each other. SAP Exchange Infrastructure is based on an open architecture,

uses open standards (in particular those from the XML and Java environments) and

offers those services that are essential in a heterogeneous and complex system

landscape:

Modeling and design of messages, transformations, and cross-component

integration processes

Configuration options for managing collaborative processes and message flow

Runtime for message and process management

Adapter Engine for integrating heterogeneous system components Central monitoring for monitoring message flow and processes

SAP XI supports internal company scenarios and cross-company scenarios.

9.1.1 Governance Automation Model

SOA Software is certifying SAP NetWeaver Exchange Infrastructure (XI) as a GovernedService Platform. This will allow customers to use XI to implement and enforcegovernance policies for enterprise services providing reporting data to enable a closed-

loop audit process as part of their enterprise SOA.

SOA Softwares Policy Manager and Service Manager ensure that XI can facilitate and

benefit from the core Unified SOA Governance Automation best practices:

Trust & Management Mediation provide last-mile security, metric collection and

reporting, SLA monitoring and management, to ensure that services exposed by

XI are governed, managed, and secured. Provide policy implementation and

mediation to allow XI to communicate with a wide range of mission critical

business services exposed from non-SAP platforms. Service Virtualization conveniently make XI services available to partners and

allow it to consume partner services

Governance Automation automate the publishing of XI services, providing

lifecycle workflow with approvals, collaboration services, and consumer contract

provisioning

Continuous Compliance and Validation - ensure the relevance, applicability and

suitability of XI services


18/25


Metadata Federation - ensure that XI services are visible to, relevant, and

consumable by other platforms and make services from other platforms visible

to, relevant and consumable by XI. Automatically discover services in Process

Server and publish them into Policy Manager subject to governance policies

Change Impact Mitigation - make sure that changes to XI services dont cause

major outages by breaking consumers Uniform Policy Management - ensure that XI services can be leveraged as first-

class citizens throughout an enterprise SOA by complying with enterprise policies

that are uniform across all platforms

SOA Software will provide a fully functional Agent for XI. The Agent will deploy into the

NetWeaver container hosting XI and will provide a management application, a policyengine, and a handler mechanism. The management application will monitor XIs

management API for new services. When it discovers a new service, depending on itspolicies it will either automatically install a handler into the XI process to intercept

messages for processing by the policy engine, or simply register the service with Policy

Manager. The policy engine discovers its policies using WS-MetadataExchange and WS-

Policy from Policy Manager, and reports metrics, usage, and exceptions to PolicyManager.

SOA Software will also provide a fully functional Delegate for XI. The Delegate will

deploy into XI processes to abstract them from the location, transport and other policyrepresentations of consuming services.

9.2 SAP NetWeaver Process Integration (PI)

From SAPs product description: https://www.sdn.sap.com/irj/sdn/nw-pi71

SAP NetWeaver Process Integration (SAP NetWeaver PI), based on SAP NetWeaverExchange Infrastructure (SAP NetWeaver XI), is SAP's platform for process integration

using the exchange of XML messages.


SOA Software is certifying SAP NetWeaver Process Integration (PI) as a GovernedService Platform. This will allow customers to use PI to implement and enforcegovernance policies for enterprise services providing reporting data to enable a closed-


SOA Softwares Policy Manager, Repository Manager and Service Manager ensure that PIcan facilitate and benefit from the core Unified SOA Governance Automation best

practices:

Trust & Management Mediation provide last-mile security, metric collection andreporting, SLA monitoring and management, to ensure that services exposed by

PI are governed, managed, and secured. Provide policy implementation and

mediation to allow PI to communicate with a wide range of mission critical

business services exposed from non-SAP platforms.

Service Virtualization conveniently make PI services available to partners and



19/25


Governance Automation automate the publishing of PI services, providing

lifecycle workflow with approvals, collaboration services, and consumer contract

provisioning


suitability of PI services

Metadata Federation - ensure that PI services are visible to, relevant, andconsumable by other platforms and make services from other platforms visible

to, relevant and consumable by PI. Automatically discover services in Process

Server and make publish them into Policy Manager subject to governance policies

Change Impact Mitigation - make sure that changes to PI services dont cause

major outages by breaking consumers

Uniform Policy Management - ensure that PI services can be leveraged as first-

class citizens throughout an enterprise SOA by complying with enterprise policies


SOA Software will provide a fully functional Agent for PI. The Agent will deploy into the

NetWeaver container hosting PI and will provide a management application, a policyengine, and a handler mechanism. The management application will monitor PIs

management API for new services. When it discovers a new service, depending on itspolicies it will either automatically install a handler into the PI process to intercept

messages for processing by the policy engine, or simply register the service with Policy

Manager. The policy engine discovers its policies using WS-MetadataExchange and WS-Policy from Policy Manager, and reports metrics, usage, and exceptions to PolicyManager.

SOA Software will also provide a fully functional Delegate for PI. The Delegate willdeploy into PI processes to abstract them from the location, transport and other policyrepresentations of consuming services.

9.3 SAP NetWeaver Composition Environment (CE)

From SAPs product description: https://www.sdn.sap.com/irj/sdn/nw-ce

Composite applications, or "composites," access existing functionality via service-enabled interfaces. The SAP NetWeaver Composition Environment 7.1 provides a toolset

and runtime for developing, running, and efficiently managing composite applicationsusing SAP's enterprise SOA. It builds upon proven technologies that have been

enhanced and integrated to provide greater functionality and flexibility. Among them

are:

SAP NetWeaver Developer Studio for service creation and provisioning SAP NetWeaver Application Server for Java Service Registry and repository for service management

Guided Procedures for process modeling

SAP NetWeaver Visual Composer for UI modeling SAP Composite Application Framework for Java business object modeling and

service abstraction


20/25



SOA Software is certifying SAP NetWeaver Composition Environment (CE) as a Governed

Service Platform. This will allow customers to use CE to implement and enforcegovernance policies for enterprise services providing reporting data to enable a closed-loop audit process as part of their enterprise SOA.

SOA Softwares Portfolio Manager, Repository Manager, Service Manager and PolicyManager ensure that CE can facilitate and benefit from the core Unified SOA Governance

Automation best practices:



CE are governed, managed, and secured. Provide policy implementation and

mediation to allow CE to communicate with a wide range of mission critical


Service Virtualization conveniently make CE services available to partners and


Governance Automation automate the publishing of CE services, providinglifecycle workflow with approvals, collaboration services, and consumer contract

provisioning


suitability of CE services

Metadata Federation - ensure that CE services are visible to, relevant, and


to, relevant and consumable by CE. Automatically discover services in Process

Server and make publish them into Policy Manager subject to governance policies

Change Impact Mitigation - make sure that changes to CE services dont cause

major outages by breaking consumers

Uniform Policy Management - ensure that CE services can be leveraged as first-class citizens throughout an enterprise SOA by complying with enterprise policies


SOA Software provides a fully functional Agent for CE. The Agent deploys into theNetWeaver container hosting CE and provides a management application, a policyengine, and a handler mechanism. The management application monitors CEs

management API for new services. When it discovers a new service, depending on itspolicies it either automatically installs a handler into the CE process to interceptmessages for processing by the policy engine, or simply registers the service with PolicyManager. The policy engine discovers its policies using WS-MetadataExchange and WS-

Policy from Policy Manager, and reports metrics, usage, and exceptions to Policy

Manager.

SOA Software will also provide a fully functional Delegate for CE. The Delegate will

deploy into CE processes to abstract them from the location, transport and other policyrepresentations of consuming services.

9.4 SAP NetWeaver Enterprise Services Repository and Registry (ESR)

From SAPs product description: https://www.sdn.sap.com/irj/sdn/nw-esr


21/25


The Enterprise Services Repository and Registry (ES Repository and Registry) support

the governed definition of SOA assets (such as services and data types) for SOA by

evolution.

They provide transparency of the business semantics exposed by enterprise services for

designers and developers of solutions on top of BPP. It is the basis for enabling easy

access to enterprise services - described with rich business classifications - whendeveloping composite applications and business processes. The Enterprise Services

Repository is open to managing non-SAP services (provided by customers and ISVs) in acustomer landscape and as such provides the single source of truth of a customers BPP.


SOA Software is certifying SAP NetWeaver Enterprise Service Repository and Registry asa Governed Service Repository. This will allow customers to use ESR as a federated

repository within a Unified SOA Governance solution as part of their enterprise SOA.

SOA Softwares Portfolio Manager provides a planning solution for customers wishing toleverage SAP services as part of their enterprise service portfolio. Portfolio Manager

allows architects to filter ESR services choosing services that align with businessprocesses and requirements.

SOA Softwares Policy Manager will ensure that ESR can facilitate and benefit from thelifecycle governance best practices driven by Unified SOA Governance Automation:

Governance Automation automate the publishing of the SAP Enterprise SOA

enterprise services, providing lifecycle workflow with approvals, collaboration

services, and consumer contract provisioning


suitability of services published in ESR

Metadata federation - ensure that WebSphere services published in ESR are

visible to, relevant, and consumable by other platforms, and that servicespublished by other platforms are visible to, relevant, and consumable by SAP

NetWeaver products via ESR

Change impact mitigation - make sure that changes to services published in ESR

dont cause major outages by breaking consumers

Uniform policy management - ensure that the SAP NetWeaver platform can be

leveraged as a first-class citizen throughout an enterprise SOA by using policies

that are uniform across all platforms distributed via ESR

SOA Softwares Policy Manager and Repository Manager will federate with the SAP

NetWeaver Enterprise Service Repository and Registry. They will synchronize selected

services, WSDLs, interfaces, schemas, and taxonomies to ensure consistency betweenWorkbench and ESR. The integration will extend the Policy Managaer contract

provisioning, compliance policy and workflow models to provide consumer contract

provisioning and lifecycle governance compliance and workflow capabilities to assetspublished in ESR.


22/25


9.5 SAP NetWeaver Application Server (WebAS)

From SAPs product description:

http://www.sap.com/platform/netweaver/components/applicationserver/index.epx

SAP NetWeaver Application Server brings together a proven infrastructure with the

interoperability and flexibility of Web services technology. With this component of SAPNetWeaver, you get support for platform-independent Web services, business

applications, and standards-based development.

SAP NetWeaver Application Server provides an open and reliable infrastructure for

deploying highly scalable Web applications and Web services.


SOA Software is certifying SAP NetWeaver Application Server (WebAS) as a GovernedService Platform. This will allow customers to use WebAS to implement and enforcegovernance policies for enterprise services providing reporting data to enable a closed-


SOA Softwares Policy Manager, Repository Manager and Service Manager ensure that

WebAS can facilitate and benefit from the core Unified SOA Governance Automation bestpractices:



WebAS are governed, managed, and secured. Provide policy implementation and

mediation to allow WebAS to communicate with a wide range of mission critical


Service Virtualization conveniently make WebAS services available to partners

and allow it to consume partner services

Governance Automation automate the publishing of WebAS services, providinglifecycle workflow with approvals, collaboration services, and consumer contract

provisioning


suitability of WebAS services

Metadata Federation - ensure that WebAS services are visible to, relevant, and


to, relevant and consumable by WebAS. Automatically discover services in

Process Server and make publish them into Policy Manager subject to governance

policies

Change Impact Mitigation - make sure that changes to WebAS services dont

cause major outages by breaking consumers Uniform Policy Management - ensure that WebAS services can be leveraged as

first-class citizens throughout an enterprise SOA by complying with enterprise

policies that are uniform across all platforms

SOA Software provides a fully functional Agent for WebAS. The Agent deploys into the

NetWeaver WebAS container and provides a management application, a policy engine,and a handler mechanism. The management application monitors WebASs


23/25


management API for new services. When it discovers a new service, depending on its

policies it either automatically installs a handler into the deployed application to

intercept messages for processing by the policy engine, or simply registers the servicewith Policy Manager. The policy engine discovers its policies using WS-MetadataExchange and WS-Policy from Policy Manager, and reports metrics, usage, and

exceptions to Policy Manager.

SOA Software will also provide a fully functional Delegate for the WebAS. The Delegate

will deploy WebAS to abstract deployed applications from the location, transport andother policy representations of consuming services.


24/25


10 SAP Certifications

SOA Softwares Portfolio Manager, Repository Manager, Policy Manager, and ServiceManager have achieved SAP certification as powered by the SAP NetWeaver

technology platform and SAP Solution Manager Ready.

Through these certifications, these solutions have been proven to integrate with SAPsolutions, allowing customers to confidently deploy SOA Softwares products alongside

SAP NetWeaver in the following ways:

To help ensure that services identified, designed and built using SAP solutions arerelevant and consumable to applications designed, built and deployed using otherplatforms, technologies and products.

To make services exposed from applications running on SAP solutions visible to

and compliant with enterprise policies defined, enforced and audited across otherplatforms; and make services designed and built using other platforms likeMicrosoft .NET, WCF and Oslo and open source environments visible to and

compliant with enterprise policies defined, enforced and audited across by their

SAP NetWeaver-based applications. To promote, ensure and formalize consistent alignment between demand from

service consumers and the supply of services through Consumer Contract

Provisioning.

These certified solutions from SOA Software offer integration with the SAP NetWeaver

technology platform, including the SAP NetWeaver Composition Environment (SAP

NetWeaver CE), Enterprise Services Repository (ES Repository) and the SAP NetWeaverApplication Server (SAP NetWeaver AS).

The SAP Integration and Certification Center has certified that SOA Software Policy

Manager 6.0 and SOA Software Service Manager 6.0 are certified for integration via theJAVA-EE-STD (Java certification) scenario based on a 64-bit Java EE 5 Edition-based

deployment of SAP NetWeaver CE 7.1. In addition, both solutions have achieved SAPSolution Manager Ready status. Solutions that qualify as SAP Solution Manager ready

are made visible to the customers SAP system landscape directory, displayed within theSAP Solution Manager application management solution at the customer site.


25/25

www soa com Copyright by SOA Software Inc 2009 All rights reserved 24

11 About SOA Software

SOA Software is a leading provider of unified governance automation products thatenable organizations to successfully plan, build, and run enterprise services. The worlds

largest companies including Bank of America, Verizon, and Pfizer use SOA Softwaresolutions to transform their business. For more information, please visit

http://www.soa.com.

SOA Software, Policy Manager, Portfolio Manager, Repository Manager, Service Manager,

and SOLA are trademarks of SOA Software, Inc. All other product and company namesherein may be trademarks and/or registered trademarks of their registered owners.

SOA Software, Inc.

12100 Wilshire Blvd, Suite 1800

Los Angeles, CA 90025

866-SOA-9876

www.soa.com

[email protected]

Copyright 2009 by SOA Software, Inc.

Disclaimer: The information provided in this document is provided "AS IS" WITHOUT ANY WARRANTIES OF ANY KIND INCLUDING WARRANTIES OF

MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT OF INTELLECTUAL PROPERTY. SOA Software may make

changes to this document at any time without notice. All comparisons, functionalities and measures as related to similar products and servicesoffered by other vendors are based on SOA Software's internal assessment and/or publicly available information of SOA Software and other vendor

product features, unless otherwise specifically stated. Reliance by you on these assessments / comparative assessments are to be made solely on

your own discretion and at your own risk. The content of this document may be out of date, and SOA Software makes no commitment to update

this content. This document may refer to products, programs or services that are not available in your country. Consult your local SOA Software

business contact for information regarding the products, programs and services that may be available to you. Applicable law may not allow theexclusion of implied warranties, so the above exclusion may not apply to you

Uni SOA Governance for SAP

Documents

Transcript of Uni SOA Governance for SAP