SOA Runtime

Managing SOA Runtime: Required Capabilities

Sooner or later, a SOA runtime environment, or an array of Web services, will need strong and deep SOA and Web services management. The most obvious, core areas for management are SOA operations, specifically, ensuring reliable operations and meeting service-level agreements (SLAs), and SOA security. Here's a closer look at both the basic and more advanced capabilities available in these areas.

Ensuring Reliable SOA Runtime Operations

The core of SOA and Web services management and runtime governance is monitoring and managing technical service performance and availability. Because an SOA process or a series of Web services often execute on diverse platforms with different protocols, traditional IT management that monitor a single stack can't do the job.

For basic SOA runtime management, companies need to start by setting service performance and availability goals of what's acceptable over a given period. Then they need capabilities that enable them to monitor how services are performing against those targets and provide alerts when something goes wrong, so the appropriate IT group can take action or, in some solutions, a preconfigured automatic response will trigger, to alleviate the problem.

However, deeper SOA management can do more—and becomes necessary once there are multiple SLAs for different users and penalties for missing targets. In this case, companies need visibility into the entire SOA, end-to-end across all heterogeneous, distributed systems and well as two other capabilities: deep services diagnostics and active management of SOA performance and availability.

• Service diagnostics: Advanced SOA management solutions use agents or points of visibility installed on key SOA systems for visibility into what's going on beneath the service interface level—in the implementation. This enables faster problem analysis and isolation.
• Active management: Advanced SOA management solutions can also take responsibility for failover and load balancing to meet SLAs. The most flexible are policy-based solutions that separate the policy from the application design (for flexible configuration) and enable central policy definition and management for the entire SOA environment. These solutions enable you to configure multiple load balancing and failover scenarios for automated enforcement—for example, to execute special routing for gold customers to standby systems at peak load time.

Progress® Actional® products can snapshot individual runtime SOA transactions for deep diagnosis.

Safeguarding SOA Runtime Security

Another core management capability is SOA security. A basic SOA management solution will take responsibility for examining incoming user credentials and perform authentication and authorization based on its own store of users and entitlements. While this functionality can reside in other places, SOA management provides a consolidated place to put policies for management and security across the SOA.

However, because of the importance of compliance with Sarbanes-Oxley and various privacy regulations to the business, often a deeper level of security is needed than just having some low-level security decisions embedded in application code. SOA management solutions can go deeper—by several levels:

• SOA identity management: Some SOA management security solutions integrate with various identity management and entitlement management infrastructure, allowing other systems (for example, with different users sets) to determine whether a particular request is authenticated and authorized.
• SOA federation: Other solutions can also deal with different credentials that come in from different security domains, validate those credentials, and convert them to credentials the downstream service will understand.
• SOA platform integration: Some solutions can also use agents to populate native credentials within the underlying platforms on which services are built—for a single security session across multiple platforms.

Progress Actional for Advanced SOA Runtime Management

Progress® Actional® products provide advanced capabilities for SOA and Web services management. They provide end-to-end and in-depth visibility into the SOA, generating flow maps of SOA processes running on the underlying infrastructure. They also snapshot individual SOA transactions for deep diagnostics—ensuring reliable operations and fast troubleshooting.

Actional also provides central definition and management of security, business (e.g., SLAs), and other policies and distributed enforcement on the SOA network via agents residing on key systems executing the services.

For example, to meet SLAs and ensure reliable operations Actional can enforce policies controlling failover and load balancing. For advanced, robust SOA security, Progress® Actional® for Active Policy Enforcement provides:

• Standards-based support for authentication and authorization
• Integration with a broad range of identity management and single sign-on (SSO) products
• Full support for WS-Security including the ability to generate and validate SAML assertions and provide encryption and digital signatures
• Mediation among disparate security requirements and standards.

Learn More about Advanced SOA Runtime Management

Hear Forrester's Randy Heffner and Actional's Dan Foody discuss additional key SOA management capabilities including business-level, lifecycle, policy, and versioning management. Download the Webinar "SOA and Web Services Management: Why Planning Now Is Vital for Success."