Presentation is loading. Please wait.

Presentation is loading. Please wait.

Bringing Visibility and Control to Net Centric Systems Approaches for Runtime Governance of Net Centric Systems © 2007 AmberPoint, Inc. John Emerson Vice.

Published byKimberly Murray Modified over 10 years ago

Similar presentations

Presentation on theme: "Bringing Visibility and Control to Net Centric Systems Approaches for Runtime Governance of Net Centric Systems © 2007 AmberPoint, Inc. John Emerson Vice."— Presentation transcript:

1 Bringing Visibility and Control to Net Centric Systems Approaches for Runtime Governance of Net Centric Systems © 2007 AmberPoint, Inc. John Emerson Vice President, US Federal AmberPoint, Inc.

2 © 2007 AmberPoint, Inc. 2 Topics Net Centric Environments ESM across the Lifecycle Visibility Synchronizing with Other Governance Systems Policy Management Service Level Monitoring and Management Exception Management Security Validation Case Studies Q&A

3 © 2007 AmberPoint, Inc. 3 Wide Variety of Net Centric Infrastructure EJB Applications Mission Specific Services MQ-based Warehouse DBMS Enterprise Service Bus Materiel Order Service Agency Portal External Agency Service 1 External Agency Service 2

4 © 2007 AmberPoint, Inc. 4 Agency Portal EJB Applications MQ-based Warehouse DBMS External Agency Service 1 External Agency Service 2 Enterprise Service Bus Wide Variety of Vendors Mission Specific Services Materiel Order Service

5 © 2007 AmberPoint, Inc. 5 New Types of Problems Full Picture? Map and Monitor? Everything Seems to be Up & Running (Green Lights), but the users are calling the Help Desk claiming that they arent getting service Non-Responses and Corrupted Responses Debugging Distributed Systems How do you lock down Security at the Endpoint? How do you Validate new versions of Services that are Shared across dozens of applications? Application Issues, not Operations Issues

6 © 2007 AmberPoint, Inc. 6 The Role of Enterprise Service Management Traditional Management Tools and Techniques will not solve these new issues. Traditional Management is an Operations Problem. ESM (SOA Management) is an Application Problem As a Result, the Enterprise Service Management system will be Monitored by your Operations Staff but Used by your Development and Tier II/Tier III Staffs To solve problems that they would otherwise have to write complex code and dig through logs to fix.

7 © 2007 AmberPoint, Inc. 7 …Throughout the Lifecycle ESM should automate real-time visibility and control at every stage of the SOA lifecycle DevelopmentStagingProduction IDEs Process Tools Business Logic Discovery Runtime Policies Performance Availability Performance Automatically enforce governance Security Logging Diagnostics Validation Capacity Planning Service Levels Discovery Automatically discover rogue services More Policies Performance Availability SLAs Security Logging Audit

8 © 2007 AmberPoint, Inc. 8 External Agency Service 1 External Agency Service 2 Enterprise Service Management Real-time visibility, control and validation A234235 Visibility, control and validation regardless of SOA infrastructure decisions Enterprise Service Bus

9 © 2007 AmberPoint, Inc. 9 Keys to Successful ESM Visibility – Knowing Whats Out There and Whats Going On… What services, application flow, and infrastructure are installed and in use Whos using it Is it meeting expectations / obligations Control – Taking Action to Prevent or Correct Issues… Define and enforce runtime policies – make sure proper policies are active Diagnose failures / prevent them Ensuring Integrity – Ensuring Changes Dont Impact the Whole Application Environment… Automatically check for the correctness of the running system Detect and validate changes before they impact users and partners Do This across the Entire Infrastructure And Do It All as Automatically as Possible Reduces risks and costs Automation is the single most important thing that makes SOA scaleable

10 © 2007 AmberPoint, Inc. 10 Automatic End-to-End Visibility Dynamic discovery of service and supporting components in the wild Web services Consumers Dependencies Application Flow & Transactions Runtime Policies Runtime Metadata Automatically track transactions Non-invasive; no message modifications Feed impact analysis, error detection, etc. In most environments, no single source of information is always right Ensures a complete view of the SOA application environment Intended Design Running Reality Platform Repositories Service Registries Home-grown Databases Enterprise Service Bus

11 © 2007 AmberPoint, Inc. 11 Enterprise Service Bus Automatic Synchronization with Other Governance Systems Runtime Governance Service Network Services Metadata Policies policies data service contract Services (discovered,changes) Scorecard Information Policies (new, changes) Read Write Publish Changes to endpoints and policies Scorecard metrics Dependencies Discover discrepancies between intentions (design/dev) and reality (runtime) Reality Design vs. Support Federated Information Exchange ? ? ? Runtime Repository Service Levels Discovery Exceptions Policy Mgmt Platform Repositories Home-grown Databases Service Registries

12 © 2007 AmberPoint, Inc. 12 Policies that follow the WS-Policy Standard Provisioned with a where clause Automatically applies policies based on dynamic attributes and message content. All production services All services in Accounting application All services deployed in WebLogic containers User-defined attributes for services, containers & policies Assignments are reevaluated as attributes change Automatic Policy Provisioning via the WS-Policy Standard where Blue Force Security Encryption all services One-at-a-Time Approach where deployed on WebLogic app servers Logging Profile Based Approach p1 p50 100 svcs x 50 policies 5,000 policy points Load-Bal Weighted Manage system on autopilot where policies are automatically assigned as appropriate. Eliminate production mistakes by reducing manual steps. S1 S2 S3 Sn S5S3 S1S6S4 S2

13 © 2007 AmberPoint, Inc. 13 Service Level Management Service- and Mission-level Visibility Service View Alerts Historical Reporting Enforce agreements based on Mission-Specific criteria Gold users, Warfighters in Battle, First Responders, etc. Granular visibility – groups, users, services, operations Preventative and corrective actions User Summary and Objectives

14 © 2007 AmberPoint, Inc. 14 Real-time Monitoring of Mission Centric Processes Probe Applications for Inconsistencies Expected Delivery Disconnect Alert Check transaction progress and correctness Does not need to be synchronous or see every step

15 © 2007 AmberPoint, Inc. 15 Exception Management Stop Digging through Logs! Technical Faults Mission-Specific Exceptions Process Flow - Exception context - Response times Mission-specific visibility using exception content and context Ex: External Agency Services failure Alert when no order confirmation within 3 minutes after completion Visibility in operational issues – services, transactions, operations, messages SOAP faults, database errors, etc. System Mgmt Machines App Servers Network Augments System-level View Drill into Exception Content & Context Agency Portal Materiel Orders Warehouse Red Force Tracking Shipping Partner External Agency

16 © 2007 AmberPoint, Inc. 16 Firewall Security First- and Last-Mile Enforcement First-Mile Security -Client-side agent -Automatic enforcement of out-bound security Last-Mile Security -Plug-ins provide endpoint protection -No ability to circumvent Extensive Integration -Identity Management Systems -Security Appliances -App Server / ESB / OS Security John Smith <EncryptedData Type='http://www.w3.org/2001/04/xmlenc#Element' xmlns='http://www.w3.org/2001/04/xmlenc#'> A23B45C56 <Encrypted Type='http <CipherDa <Cipher </Ciphe Security Policies -Authentication -Authorization -Credential Mapping -Censorship -Crypto Shipping Partner Red Force Tracking Service Logistics and Materiel Agency Portal Blue Force Tracking Service Identity Management Systems Client Application

17 © 2007 AmberPoint, Inc. 17 Check SOA Services & Application Integrity for… CodeIs the new version backwards compatible? Policy If we institute this new governance policy (security, routing, etc.), will it break dependent applications? Usage What will happen if our usage doubles? Triples? Quadruples? Infrastructure Will an OS security patch break my system? How will introducing a load-balancer change my capacity? Type of Changes Functionality Does the service produce the same responses as last time? Quality of ServiceAcceptable performance and throughput? Impact of Change

18 © 2007 AmberPoint, Inc. 18 The SOA Validation Problem System Integrity Always at Risk Service reuse creates dependencies Impact of any changes ripple throughout the system Real impact of planned changes is hard to predict Impact of unplanned or unannounced changes can be devastating Yet, it quickly becomes impossible to setup and replicate all dependent systems for testing elsewhere 18 Agency Portal Warehouse Blue Force Tracking Red Force Tracking Shipping Partner A Change Here May Impact Everyone Need way to continuously check for integrity – both in staging and in production Materiel Orders

19 © 2007 AmberPoint, Inc. 19 SOA Validation Safe environment to validate changes before deployment Agency Portal Warehouse Blue Force Tracking Red Force Tracking USTRANSCOM Changes to: -Code -Policy -Usage -Infrastructure Captures requests/responses from all dependent consumers Message content Context – headers, distribution patterns Replays looking for differences in response Capacity planning using real- world message distributions Materiel Orders

20 Case Studies © 2007 AmberPoint, Inc. Real-World Examples

21 © 2007 AmberPoint, Inc. 21 Rapidly Becoming the SOA Runtime Governance Standard in the US Federal Government ESM Product of Choice, DISA Net-Centric Enterprise Services (NCES) Working with DISA for 3+ years to define ESM Services under NCES Program NGA GeoScout Program Intelligence Community – Multiple Installed Projects US Transportation Command – GTN Modernization Effort Engaged with Multiple Net-Centric Labs, COIs and NCES Pilot Programs JHU APL, MIT Lincoln Labs ASAP ACTD – Integrated Broadcast Service program C2 SSA COI - C2 Community Engaged with all major NCES and Related Industry Organizations AFEI and NCOIF SOA Foundation, ISR, Security Working Groups NIAP Common Criteria Security Certification Only SOA Management Vendor in the Program

22 © 2007 AmberPoint, Inc. 22 Design-timeRegistry Unapproved Svcs ProductionRegistry Approved Svcs Approval Process 3,000 Developers Different departments / divisions Different priorities and fire drills Different locations NY London Design Dev QA Stage Prod Design Dev QA Stage Prod Lehman Brothers Making enterprise-wide SOA governance pain-free After a year, only 8 registered services Too busy to update the registry No value to the developers

23 © 2007 AmberPoint, Inc. 23 Uses AmberPoints automatic discovery of running services and dependencies at each stage of their SOA lifecycle Synchronizes with home-grown Asset DB and Design-time Repository Over 100 Services Currently registered (up from 8 previously) Enterprise Architecture now viewed as Enablers vs. Enforcers Changed Culture – Teams now compete to see who can cooperate the most NY London Design Dev QA Stage Prod Design Dev QA Stage Prod RuntimeRepository Discovered Svcs PerformanceErrors/ExceptionsAssetDatabaseMachinesOwnersLocations Design-timeRegistry Unapproved Svcs ProductionRegistry Approved Svcs ApprovalProcess Using Automatic Runtime Governance to Achieve Design-time Governance

24 © 2007 AmberPoint, Inc. 24 Uses AmberPoints automatic discovery of running services and dependencies at each stage of their SOA lifecycle Synchronizes with home-grown Asset DB and Design-time Repository NY London Design Dev QA Stage Prod Design Dev QA Stage Prod RuntimeRepository Discovered Svcs PerformanceErrors/ExceptionsAssetDatabaseMachinesOwnersLocations Design-timeRegistry Unapproved Svcs ProductionRegistry Approved Svcs ApprovalProcess Using Automatic Runtime Governance to Achieve Design-time Governance

25 © 2007 AmberPoint, Inc. 25 Service Detail Screen When service was discovered How long service has been up Type of service Link to WSDL Metadata from Asset DB (42 fields) All data can be used in policy definitions Discovered Info Asset DB Info

26 © 2007 AmberPoint, Inc. 26 NY London Design Dev QA Stage Prod Design Dev QA Stage Prod Opt-in for expanded control Security, load balancing, failover, etc. Dependencies Performance Diagnostics Change Analysis Whats in it for me? A lot. Comprehensive insight without lifting a finger

27 © 2007 AmberPoint, Inc. 27 Results: Visibility and Cooperation From only 8 registered services after previous approach to 100 registered services in first couple months ROI reporting visible throughout the company Runtime results automatically feed other consoles JMX-based home grown system Internal SOA coordination site HP OpenView Transformed the environment to one where groups were vying to be the ones that could cooperate the most

28 © 2007 AmberPoint, Inc. 28 Some Other AmberPoint Customers Manufacturing/ Retail Health CareFin. Services International Government Power/Utility Telecom Other

29 Q&A © 2007 AmberPoint, Inc. John Emerson Vice President, US Federal AmberPoint, Inc. JEmerson@AmberPoint.Com

Download ppt "Bringing Visibility and Control to Net Centric Systems Approaches for Runtime Governance of Net Centric Systems © 2007 AmberPoint, Inc. John Emerson Vice."

Similar presentations

Presented by Nikita Shah 5th IT ( )

Presented by Nikita Shah 5th IT ( )
Managing Service-Oriented Architectures Jim Bole VP Professional Services Infravio, Inc. 408-861-3003 June 7,

Managing Service-Oriented Architectures Jim Bole VP Professional Services Infravio, Inc June 7,
The Public Sector and Xtremesofts AppMetrics Working Together to Maximize Application Availability for Government Servants and Citizens Web Site: www.xtremesoft.comwww.xtremesoft.com.

The Public Sector and Xtremesofts AppMetrics Working Together to Maximize Application Availability for Government Servants and Citizens Web Site:
C9: SOA Management with Actional® for Sonic™

C9: SOA Management with Actional® for Sonic™
Copyright © 2006 Data Access Technologies, Inc. Open Source eGovernment Reference Architecture Approach to Semantic Interoperability Cory Casanave, President.

Copyright © 2006 Data Access Technologies, Inc. Open Source eGovernment Reference Architecture Approach to Semantic Interoperability Cory Casanave, President.
Presented to: By: Date: Federal Aviation Administration Registry/Repository in a SOA Environment SOA Brown Bag #5 SWIM Team March 9, 2011.

Presented to: By: Date: Federal Aviation Administration Registry/Repository in a SOA Environment SOA Brown Bag #5 SWIM Team March 9, 2011.
Making the System Operational

Making the System Operational
1 The Aon approach to reform May 2007 Nigel Roberts.

1 The Aon approach to reform May 2007 Nigel Roberts.
DynaTrace Platform.

DynaTrace Platform.
Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM

Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM
Software change management

Software change management
Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.

Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.
Service Oriented Architecture for Mobile Applications Swarupsingh Baran University of North Carolina Charlotte.

Service Oriented Architecture for Mobile Applications Swarupsingh Baran University of North Carolina Charlotte.
Presentation by Priyanka Sawarkar

Presentation by Priyanka Sawarkar
Database System Concepts and Architecture

Database System Concepts and Architecture
CA's Management Database (MDB): The EITM Foundation -WO108SN.

CA's Management Database (MDB): The EITM Foundation -WO108SN.
1 Making a Seamless Move to Windows ® 7 Imagine a migration that went so well, nobody noticed.

1 Making a Seamless Move to Windows ® 7 Imagine a migration that went so well, nobody noticed.
System Center 2012 R2 Overview

System Center 2012 R2 Overview
AppMetrics Overview “Maximize the availability of your applications built on the Microsoft platform”

AppMetrics Overview “Maximize the availability of your applications built on the Microsoft platform”
AppMetrics – Monitoring for COM+ Components Scott Matsumoto Chief Technical Officer Xtremesoft, Inc.

AppMetrics – Monitoring for COM+ Components Scott Matsumoto Chief Technical Officer Xtremesoft, Inc.

Similar presentations

Ads by Google