Seven months after acquiring DataPower Technologies Inc., IBM today has released its first iteration of the SOA/XML
hardware appliance line, focusing on identity and security management.
The new brand will be known as WebSphere DataPower SOA Appliances.
"The IBM logo is on the front, so these are full-on IBM products," said Eugene Kuznetsov, DataPower founder and former chief technology officer, who is now director of product management for the IBM SOA Appliances.
While the WebSphere name has been added, he said customers and others familiar with the DataPower appliances will recognize the products.
"There's still the three main products," Kuznetsov said, "the XML accelerator, the XML security gateway and the integration appliance."
The three have been re-christened the WebSphere DataPower XML Accelerator XA35, WebSphere DataPower XML Security Gateway XS40 and WebSphere DataPower Integration Appliance XI50.
Kuznetsov said that in the past six months since the acquisition, he has worked with the IBM hardware and technology teams as well as the IBM Tivoli Software group to enhance the three appliances. Some of that work has been as straightforward as adding dual power supplies and swappable fans to meet Big Blue's standards for hardware reliability.
The work with IBM's Tivoli management line, which had interoperability with the original DataPower products, is aimed at the larger strategy of providing security and management for SOA implementations.
"Identity management and security management are a key part of the overall SOA security architecture that IBM sees out there," Kuznetsov explained. "That's where integration with Tivoli Access Manager is being enhanced further to do authentication and authorization of Web services requests."
DataPower's original integration with Tivoli Federated Identity Manager, which supports WS-Trust and SAML, has been enhanced since the products came into the IBM fold, he said.
"We see this as a key part of the SOA architecture," he said. "You need to be able to identify and authenticate who is making the request and then have a centralized way of managing the authorization."
The WebSphere version of the DataPower products also integrate with Tivoli's new IT CAM for SOA product, which Kuzentsov said provides Web services management and service-level management and monitoring for the hardware appliances.
Jason Bloomberg, senior analyst with ZapThink LLC., said the integration between Tivoli and the DataPower products may not be totally seamless.
"IBM is saying that the XS40 Security Gateway can be integrated with Tivoli, but they're not saying that it integrates with Tivoli out of the box," the analyst cautioned. "I'm sure it requires some integration effort. But that being said, the DataPower boxes have long supported common management standards, so that integration shouldn't be very difficult."
While the DataPower products are coming under the WebSphere umbrella and integrating with Tivoli, Kuzentsov sought to assure once and future customers that interoperability with IBM competitors will continue.
"One of the things that I've been very pleased about personally, coming in from a neutral startup environment and coming into IBM, there's a great deal of good sense and maturity at IBM about supporting our customers," he said. "We understand that customers have a heterogeneous environment. When it comes to SOA one of the primary business drivers for it is reuse, which means that whatever components they've got in the infrastructure today from any [IBM] competitors, they expect IBM solutions to integrate with them seamlessly. We're going to continue to do that."
As for where the DataPower appliances fit into the larger picture of SOA, Kuzentsov acknowledged that hardware accelerators are not the first thing that comes up when the architectural model is being discussed but he sees that changing. Noting that IBM would not have bought his company if it didn't think it could sell the products, he said customers are beginning to ask where appliances fit into SOA and now its up to him to help educate them to their value.
"I think it's fairly easy for people to understand how acceleration can help SOA performance," he said. "Everybody grabs onto that and says that's what appliances are good for, we'll offload XML processing. But that's just an enabling technology. Once you can do it quickly, once you can do it at wire-speed, what are the other interesting things you can do? Simplification is where the business value is."
Kuzentsov said much of the complexity of managing SOA can be handled by the basic black box solution the WebSphere DataPower products offer.
"If you look at providing security capability, you have to do XML threat protection against all kinds of Internet attacks -- schema validation, WSDL validation, content based routing, certificate management, WS-Trust, WS-Security, access control, fine grain authorization," he said, noting this is part of what the boxes can provide.
ZapThink's Bloomberg, who is not a fan of defining SOA in terms of software, let alone hardware products, still said the IBM DataPower combination does have a place in the architecture, especially where security is concerned.
"As for what the appliances can add to an SOA implementation," Bloomberg said, "the core of any SOA implementation are the services that abstract underlying data and application functionality. For those services to be loosely coupled, it's important for them to be fully secure and managed, and to meet the service-level agreements set out for them. The DataPower boxes offer both security and performance benefits that can help services meet these SLAs."