Much of the excitement about service-oriented architecture has been sound and fury — it is, after all, a fairly new approach and enterprises have learned, to their cost, that the emphasis in the term “bleeding edge” is on the first word.
Service-oriented architecture, or SOA , is a lot of things, much of them complex. It’s where small modules of independent units of functionality, called services, are defined using a description language and bundled to create large business applications. It helps those applications talk to each other over a network.It also refers to an architecture in which large applications are created from smaller modules consisting of independent units of functionality.
The problem with using services is that they introduce many new variables than regular applications do, and require more-rigorous testing and management. It all adds up to complexity headaches in enterprise environments.
In a bid to reassure enterprise customers and boost interest in SOA, Hewlett-Packard (NYSE: HPQ) has announced new versions of its SOA testing products, and additional SOA management capabilities.
These will fit into its HP Business Availability Center framework, which provides services ranging from end-user monitoring to management of service level agreement.
This “ensures services are meeting their obligations from the business and operational perspectives for uptime, performance and accessibility,” said Kelly Emo, HP’s product marketing manager.
The testing products come under the umbrella HP Quality Management for SOA, and the management products under HP SOA Management.
There are two products in this area: HP Service Test Management and HP Service Test.
HP Service Test Management lets quality assurance (QA) teams plan, design and execute quality-management activities. It “works with the HP Quality Center to let you manage all the requirements and process behind testing,” Emo said.
The product integrates with HP SOA Systinet, an SOA governance and life cycle management platform, to automatically use quality-management metrics to ensure quality. When services pass the QA process, HP Service Test Management alerts managers and users that they are ready for consumption.
HP Service Test enables functional testing of SOA services to reduce the risk of application failures.
Dealing With the Complexity
Testing for SOA is complex because “You’re dealing with services as well as consumption relationships — consumers that are accessing those services — and you need to test both that and the infrastructure with which services need to communicate,” Emo said.
From the QA perspective, you have to test for both bandwidth and functionalities that the user is consuming because “consumer may only stress certain operations within a service, so we also look at functional testing based on what aspects of the service they are pushing on,” Emo said. That’s because services may behave differently when seen from each of these perspectives: reliability, functionality and load testing.
HP has also brought out two new versions of its SOA quality-management products: HP Diagnostics for SOA and the HP Business Availability Center for SOA. In addition the company has streamlined and repackaged the third, the HP SOA Policy Enforcer.
HP Diagnostics for SOA lets technical SOA teams drill down into the behavior of their shared services to identify and resolve problems before they impact customers. It “sits on the SOA-specific runtime infrastructure — a Web Services stack on the application server or the enterprise server bus — and collects runtime interactions between services, Emo said.
The HP Business Availability Center for SOA is a module of HP’s real-time business service and applications management solution that was built specifically for SOA. It manages shared services seamlessly within IT’s existing operational infrastructure and processes and enables proactive problem resolution.
Diagnostics can work alone in a small environment like a domain, where “all you’re looking to do is monitor an SOA project to ensure you’re not running into trouble,” or it can feed into the Business Availability Center for SOA for enterprise-wide operations, Emo said.
The HP SOA Policy Enforcer used to be a hybrid product, HP SOA Manager, which conducted policy enforcement for services and also did some monitoring. HP shunted off the monitoring capability to HP Diagnostics and “focused Enforcer on runtime policy enforcement and management to make it much cleaner and more effective for enterprise management,” Emo said.
Policies can be driven by compliance or business needs or other variables. So, for example, Policy Enforcer lets enterprises give users different levels of access to an application based on various needs. This enables separation of duties, one of the key concepts of internal control for IT environments.
HP SOA Policy Enforcer monitors and enforces security, performance and other operational requirements, and feeds performance-monitoring data directly into HP Diagnostics for SOA for analysis and drill-down.
Next page: The future of catch-up
Page 2 of 2
Looking to the future
Separation of duties is a must-have for compliance regulations such as the Sarbanes-Oxley Act <DEFINE:Sarbanes_oxley_act>, a federal law that establishes new or enhanced reporting standards for U.S. public company boards and their management, and for public-accounting firms.
To ensure compliance, HP’s management capabilities for SOA “will work with other kinds of network mediation and compliance solutions,” Emo said. HP works with various partners in its Governance Interoperability program.
Software as a Service (SaaS) is viewed as the next step from SOA — while SOA is based on services created within the enterprise firewalls, SaaS consists of services coming into the network from outside providers. HP is all over that.
“Our solutions resonate very well with SaaS providers because with SaaS you have to establish a contract with your customers and need to have a way to manage those contracts proactively,” Emo said.
With the announcements, HP is finally moving into the ranks of real players in SOA management, said Ann Thomas Manes, vice president and research director at The Burton Group. “HP SOA Manager wasn’t really comparable to the other management systems out there,” she explained. “It had very limited visibility capabilities, but is now getting closer to what AmberPoint and Progress Actional provide.”
The other two vendors’ products are the AmberPoint SOA Management System, and Actional for SOA Operations, respectively.
However, breaking up SOA Manager into two products still leaves it behind AmberPoint and Progress Actional, which “both provide the diagnostic and visibility component, and can define runtime, security and other policies,” Manes said.
While HP Diagnostics for SOA integrates “nicely” with HP operations-oriented products, “you may want to use somebody else’s policy management product like Actional’s SoapStation with it and that will work reasonably well,” Manes said. But Diagnostics for SOA will also “integrate nicely” with Mercury or HP OpenView, she added.