SOA - Building The Compliance Infrastructure


Fri, July 15, 2005

CIO

I’ve been talking about Web services’ latest incarnation, service-oriented architecture (SOA), since 2001. So imagine my surprise when I heard that Cisco, EMC and a host of network appliance makers claim to be in the SOA business.

After all, SOA is confusing enough without throwing in the kitchen sink of infrastructure. Every day, people confuse SOA with one of its many applications: B2B integration, software as a service, enterprise workflow—you name it. To them I’ve always said, "It’s applications as services, period."

But guess what? After a couple of years of singing that refrain, I’ve finally stopped being so narrow-minded. The reason? Many (if not most) organizations lack a sufficient motive to establish an enterprisewide SOA as I’ve been defining it. Yet if you broaden SOA to include an application-aware infrastructure, the SOA value proposition becomes more compelling.

The main motives for both the business side and IT to embrace SOA are quicker, cheaper application development and low-cost integration. Instead of writing a component or an application, you can call up that component or application from the app you’re developing and avoid redundancy. In the process, you’ve probably integrated two systems with relatively little pain.

But the payback for the business side can be elusive in the short term. In fact, it actually requires more work to develop applications in a service-oriented way if an enterprisewide SOA isn’t already in place. The problem is that initiatives for the greater good of the organization don’t jibe with the usual application development process. Normally, the business side asks IT for particular app functionality and creates some sort of specification for just the features it needs. They don’t allow for all the other applications that may share the same services, which is how an SOA needs to be designed.

So SOA needs an enterprisewide motive. And what is it that has nearly every organization in a mad scramble? Regulatory compliance. The storage and retrieval requirements of the Sarbanes-Oxley Act and the security demands of the Health Insurance Portability and Accountability Act require both ironclad enterprisewide processes and special infrastructure in the form of storage and security solutions. And without question, that infrastructure will become increasingly application-aware.

The past couple of years have seen a new breed of application-layer, XML-aware security appliances—from the likes of F5, Forum Systems and DataPower—that inspect packets at a deep level and block suspicious traffic. But these companies are going beyond XML firewalling. DataPower, for example, offers a vertical tool that binds Web services security to XML financial schema. And Cisco’s Aon initiative is supposed to result in a new line of XML-aware routers this summer. With real-time inspection of XML traffic, such devices will be able to identify compliance-related content and make sure it’s routed to the correct repositories, such as EMC’s Centerra for write-once archiving. Imagine an application-aware infrastructure that makes enterprise compliance transparent and relatively low maintenance. Most enterprises would give their eye teeth for that.

As a result, the real driver for SOA may come from people who see the value of an application-aware, SOA-connected infrastructure as the best long-term compliance solution. For that to work, of course, enterprise apps need to be part of an SOA. Is this the tail wagging the dog? Maybe so. But fear often turns out to be the best motivator, and if that means compliance and its related infrastructure come first, so be it.

White Papers »
Accelerate time to application value
For your IT organization to keep pace with the business, you need a new, faster approach to infrastructure deployment-an approach that increases agility and accelerates time to application value. That's HP Converged Systems. Built on Converged Infrastructure, these systems deliver the industry's first portfolio of pre-integrated, tested, and optimized infrastructure solutions for applications running in virtual, cloud, dedicated, or hybrid environments.
Top 10 Myths About Virtualizing Business-Critical Applications
Even though virtualization has brought positive change to enterprise IT over the last decade, some skepticism remains about how valuable virtualization can be in the way companies deliver and run business applications. Uncover the truth about how you can run your business critical applications with confi dence without sacrifi cing
availability or service quality-and at lower costs.
The Hidden Truth About Virtualizing Business-Critical Applications
This IDG whitepaper highlights key findings based on the Quickpoll Survey conducted with more than 300 Enterprise and Commercial IT decision makers worldwide about the state of their virtualization of business critical applications. This paper answers such questions as: What drivers are pushing companies to extend virtualization beyond servers? and What value are they realizing? Central to the paper are key results that expose risks of the past (fears of limited ISV support, performance impact) no longer are a factor for companies moving to 80+% virtualized.
Enterprise Java Applications on VMware: Unix to Linux Migration Guide
This guide focuses on key considerations for IT Architects who are in the process of migrating Java applications from UNIX to Linux as part of their VMware server consolidation project.
Virtualizing Tier 1 Applications: A Critical Step on the Journey Toward the Private Cloud  
This IDC white paper explains how much of the Enterprise IT community is at a crossroads in extending their journey to the private cloud: Companies must virtualize their business critical applications in order to reap the benefits of cloud computing. The paper also includes two case studies and a sidebar highlighting the experiences of three enterprises with virtualizing their business-critical applications, which include Oracle and Microsoft SQL databases, SAP and enterprise Java, and a Microsoft Exchange email system.
Best Practices Guide: Microsoft Exchange 2010 on VMware
This guide provides best practice guidelines for deploying Exchange Server 2010 on vSphere.
Webcasts »
Apps QuickStart Series Part 2: Designing and Deploying SQL Server on VMware vSphere
Download this webcast to learn about the design considerations for virtualizing SQL workloads, performance and scalability information and high-availability options, as well as support considerations
Apps QuickStart Series Part 1: Designing and Deploying Exchange 2010 on VMware vSphere
Download this webcast to learn the virtual hardware design considerations for Exchange 2010, deployment using the building block approach, options for high-availability and disaster recovery and support considerations.
Virtualize Business-Critical Applications with Confidence
Virtualizing business-critical applications has become a key focus for organizations as they move along their virtualization journey. With the launch of VMware vSphere® 5, VMware is helping customers accelerate the deployment of business-critical applications, including Exchange, SQL, SAP and Oracle.
Discover the Benefits of Virtualization for Federal Applications
Want to say goodbye to missed SLAs? VMware can help you virtualize mission-critical applications such as Oracle, MS Exchange and SharePoint to achieve dramatic improvements in uptime, performance and responsiveness. In this webcast, we'll discuss the key benefits of virtualizing your agency's most critical applications and Oracle databases as a necessary first step in fulfilling OMB's mandate to move IT services to the cloud. With VMware, you'll be on the way to quick, effective and full compliance.
When Java EE Is Overkill: Lightweight Application Server Benefits
The complexity, cost and technological bloat of traditional Java EE application servers are often barriers to running a lean and efficient IT organization. Increased need for scalability and rapid application delivery are driving businesses to reconsider the platform they use for application deployment. By combining the portability and agility of the Spring framework with a lightweight application server, your organization can meet business demands while staying within budget constraints. VMware vFabric™ tc Server is a modern, lightweight Java application server based on Apache Tomcat. It improves developer productivity, control and manageability-and is the most flexible platform for virtualizing Java applications and workloads for the cloud. View this webcast to learn about real-world examples of companies that have adopted VMware vFabric tc Server and how to plan for future cloud deployments.
Introduction to VMware vCenter Site Recovery Manager 5
Traditional disaster recovery solutions are often too expensive, complex and unreliable to meet business requirements. As a result, IT departments are hesitant to expand disaster protection beyond their most critical applications, largely because they are uncertain whether the quality of the protection is really worth its cost. VMware vCenter™ Site Recovery Manager 5 is the market-leading disaster recovery product that addresses this situation for organizations of all kinds. It complements VMware vSphere to ensure the simplest and most reliable disaster protection for all virtualized applications.
Newsletter Sign-Up »

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  11. View all Newsletters | Privacy Policy
White Papers » All White Papers

Accelerate time to application value

Top 10 Myths About Virtualizing Business-Critical Applications

The Hidden Truth About Virtualizing Business-Critical Applications

Enterprise Java Applications on VMware: Unix to Linux Migration Guide

Virtualizing Tier 1 Applications: A Critical Step on the Journey Toward the Private Cloud  

Best Practices Guide: Microsoft Exchange 2010 on VMware

Google: Security for Google Apps Messaging & Collaboration

Forrester: Economic Impact of Switching to Google Apps

ESG Analyst White Paper - VMware's vSphere Storage Appliance: High Availability for Small IT Operations

Lightweight Application Development Systems Ride the Cloud: IDG Report

Modernizing Application Platforms for Cost-Effective Cloud Readiness

VMware View Optimization Guide for Windows 7

VMware View Optimization Guide for Windows 7

A Guide for Enterprise VMware ThinApp Deployments

NetApp, VMware, Cisco, Wyse, Fujitsu 50,000 Seat VMware View deployment

Licensing for SaaS Applications: ISVs Take to the Cloud

CRM Thought Leadership Booklet

Virtualization reduces costs and complexity for mid-sized businesses

Consolidating SAP Applications to Linux on Power by IDC

The "ABCs" of DaaS
Resource Center
buy a link »
Ads by TechWords