A Holistic Prescription For SOA Management

Service-oriented architectures demand tools for everything from development and testing to monitoring components. Make sure your suite offers the complete regimen.

Size Up Web Services Management Tools

The list of capabilities required in a Web services management platform is long, given the distributed nature of such systems. A number of startups developed tools, and now, through a wave of mergers and partnerships, large system software vendors are getting into the game.

Among the acquisitions, Oracle has purchased Oblix and Confluent; Computer Associates bought Adjoin; and Hewlett-Packard acquired Talking Blocks. Among the Web services management vendors that remain independent are Actional, Amberpoint, Infravio, SOA Software (formerly Digital Evolution) and Systinet. Actional, which began life with the acquisition of Canadian software company VisualEdge, has since merged with security vendor Westbridge, and it continues to sign important customers such as Starwood Hotels. Systinet offers a leading UDDI registry, for which it recently landed an OEM partnership with Oracle. Amberpoint will integrate its toolset with Visual Studio. SOA Software has forged deals with IBM Global Services and JetBlue. Whether these and other independents can resist the giants remains to be seen.

A complete review of the products offered by any one of these vendors is beyond the scope of this article, but it's worth examining one suite in detail. I chose Amberpoint for no reason other than its integration deal with Microsoft, which may spark adoption by developers. Like the other pure-play vendors, Amberpoint designed its product to do Web services management from the ground up.

Naturally, Amberpoint's suite is built on agents. The agents sit on developer workstations, on application servers, in network operating centers, and on policy and directory servers. These agents provide much of the system's low-level functionality by interceding between clients and services to apply policies, collect data, monitor version conflicts and generate alerts, among other functions. On top of the agent network, Amberpoint layers four architectural components that provide the rest of the system's functionality. These are the Management Foundation, Service Level Manager, Exception Manager and Amberpoint Express.

The Management Foundation provides basic policy management and enforcement, service brokering, version control, security, schema management, service discovery, dependency analysis and data collection that the rest of the architecture depends on. Like all the Amberpoint components, it's implemented in both J2EE- and .Net-compatible versions, so it will fit into most IT environments. Service Level Manager is the system's IT business information and analysis component, providing tools for defining service-level agreements at different architectural layers and monitoring compliance. Amberpoint's agents generate data on message traffic, error conditions and response times and provide many other metrics. The system stores all this data in any standard relational DBMS, so it's fully accessible for custom analysis and reporting.

Amberpoint Exception Manager handles system, application and business-level exceptions. This component provides local exception trapping, event and message logging, alerting, root-cause analysis, impact analysis and a number of other features that monitor what's happening across a widely deployed SOA. Lastly, Amberpoint Express provides the system's developer workstation component, letting programmers use a native Windows or Java GUI to debug, profile, tune and migrate their locally developed components. Amberpoint Express will be integrated into the Microsoft Visual Studio environment and is available as a free download from the Amberpoint Web site.

IT managers investigating this market will find that the Actional and SOA Software solutions follow similar architectural patterns and are as complete.

Beyond the Pure-Play Vendors

Large vendors such as IBM have built their Web services management tools, largely through acquisition. Thus, these offerings may be less complete than those of the independents, but expect this state of affairs to change rapidly as the heavyweights infuse dollars into research and development. There are also likely to be open-source alternatives in the future. Synapse has submitted a proposal for an SOA architecture to the Apache standards body, but this proposal is moving forward slowly. In the meantime, organizations such as Verizon have developed their own architectures from available commercial and open-source offerings. Verizon's internally developed "IT Workbench" provides all the functionality discussed here and more and is brokering millions of service requests daily for the telecommunications giant.

While most in the industry now agree on what "Web services management" means (and the folks at Apache believe they can standardize the definition), we'll continue to see a variety of approaches over the next five years. In such a rapidly evolving marketplace, IT managers might just wait for the dust to settle. However, in an environment in which audit controls and system manageability are receiving more attention than ever before, the number of SOA deployments is increasing. You can either buy a complete suite from an independent vendor, or you can opt for a slightly choppier toolset from a large player, knowing the vendor will be in the business for years to come. A third option is to follow Verizon's lead and integrate your own solution from available components and custom-built tools. Given the opportunities and inherent challenges in SOA deployment, doing nothing is probably the only wrong choice.

Mark Betz is Vice President of Applications and Architecture at PDI Inc. in Saddle River, NJ. Write to him at [email protected].