The governance gap in SOA

By Colleen Frye, News Writer 06 Feb 2006 | SearchWebServices.com

News on SOA, EAI, Web services Digg This!     StumbleUpon     Del.icio.us

No question that "governance" is becoming a hot-button issue for IT organizations and vendors of all ilks are trying to get a piece of the action by positioning products under a governance umbrella. But what exactly governance encompasses and how it is implemented can vary widely among product offerings.

The industry is beginning to acknowledge that there are different parts of governance that need to be understood and runtime is as important as design time. Mike Gilpin Vice President, Forrester Research

"SOA governance is hot, but it's a vague category," said Mike Gilpin, a vice president at Forrester Research, Cambridge, Mass. "A lot of vendors say they have SOA governance, but does that happen at design time, runtime, etc.? That confusion continues to exist."

For WebLayers, governance means automating the creation, deployment, enforcement and verification of policies throughout the entire IT lifecycle. "To do governance properly you need to do it across the lifecycle," said Irwin Wallach, CEO of WebLayers Inc. in Cambridge, Mass. "To do it at any one point in time, you're just kidding yourself."

The company's new WebLayers Center platform, announced today, goes beyond its SOA roots to automate policy-based governance for outsourcing and enterprise systems integration, from inception through design, deployment and operations.

Policy-based governance addresses the gap between the strategic goals of the business and IT projects, said Gregg Bjork, senior vice president of field operations at WebLayers. "The CIO and IT leadership have strategic goals driven by business," he said. "But the challenge at the project level is they're trying to deliver systems on time and on budget and they may be cutting corners to achieve those goals. So they believe that at the project level they're succeeding, but policies aren't guiding them. So strategically they're failing. That's the gap policy-based governance is trying to address."

Organizations that don't understand this gap spend millions of dollars on one-off projects, but can't leverage their work, Bjork said. Organizations that do understand the gap, he said, invest considerable time and resources in manual governance committees that review all distributed IT efforts. "But at the end of day, the project teams go off and do what they want to do anyway," he said.

The solution, he said, is to address this issue at three levels: Provide the capability to define, configure and manage policies automatically across the entire lifecycle; seamlessly enforce policies as a natural extension of what's happening across the project team; and provide visibility at the field level as to exactly what the project is doing.

WebLayers Center comprises three products—WebLayers Center for SOA, WebLayers Center for Outsourcing and WebLayers Center for Enterprise Systems Integration—as well as integrated tools, dashboards and policy libraries. The platform also includes Governors that can be deployed to various IT entities for monitoring and controlling policy compliance. WebLayers Center has a federated architecture and a Dynamic Association Engine for automatically building relationships among objects and the infrastructure and connecting policies throughout the lifecycle.

"The industry is beginning to acknowledge that there are different parts of governance that need to be understood and runtime is as important as design time," Gilpin said. "You want to catch things at design time if you can, but there are other policies have to be enforced by data flowing through system rather than the nature of program code and that's a worthy goal."

"The two salient characteristics of WebLayers Center are its enterprise scalability and its broad-based governance," said Jason Bloomberg, senior analyst at Waltham, Mass.-based ZapThink LLC. "WebLayers Center isn't just an SOA governance tool, but rather leverages SOA for governance in distributed enterprise environments that may not have made the move to SOA. We feel that this is the future of SOA governance and WebLayers is there now."

For more information A "Blizzard" hits SOA governance landscape Learn how SOA players are targeting policy, governance

Forrester's Gilpin said the governance market is still murky and there is no clear leader.

"Companies like Cisco are promoting idea that the ability to manage these policies can be done in the network efficiently," Gilpin said. "Other companies are saying that's true, but the network doesn't know what all the policies are and there are natural places from which policies emerge, whether that's the development tools, etc. They're both right."

He continued, "There's an opportunity for multiple players to come together to allow those policies to be expressed in a standards-based way. WS-Policy helps for certain kinds of policies, but it's a starting point for a broader conversation. Based on collaboration across the industry, I could see governance being handled across multiple vendor stacks rather than just one vendor. It touches a lot of technology in different ways. There's probably no any one vendor that can solve this by themselves."

Tags: Service-oriented architecture (SOA) education,  SOA implementations,  Enterprise Services Bus (ESB),  Runtime governance,  SOA and IT governance,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT SOA strategy Three tips for success in SOA New Microsoft language for SOA? Trends 2008: Outsourcing, agile development Is SAP the SOA leader? SAP new SOA strategy debated Goldman sees hard times for software SAP offers two paths to SOA Fusion SOA touted by Larry Ellison Oracle Fusion goes Enterprise 2.0 Analysts ponder Microsoft-oriented architecture SOA strategy Research Service-oriented architecture (SOA) education SOA skills, slings and arrows Playbook for the SOA Red Zone Win SOA Design Patterns book Take part in SearchSOA.com survey. Help define the state of SOA. New year – same old SOA tempests? The annals of SOA Talk Software architects navigate transitions Ten ways to identify services Analysts, users find roadblocks along the SOA highway BPM key to unlocking business SOA? Service-oriented architecture (SOA) education Research SOA implementations On the road to SOA – Part 1, Boubez on early insights Sparx releases new SoaML profile for Enterprise Architect 7.5 SOA implementation: It's the increments, stupid 'SOA is working' for Edinburgh financial company SOA Source Book delivers step-by-step implementation guidelines With economy in crisis, IBM SOA strategist Carter sees business processes under scrutiny TSSJS 2009: Kern promotes ''just enough'' software architecture Gartner AADI Summit: NationalCity bank uses SOA to renew application portfolio Gartner AADI Summit: SOA going into 2009 CA adds federated security to fight growing threats to SOA SOA implementations Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary software  (SearchSOA.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary