- Products
- SOA Governance
- API Management
- Cloud Integration
- Other Platforms
- Features & Benefits
- Solutions
- SOA
- API
- Cloud
- Government Solutions
- Other
- Case Studies
- Latest SOA Case Studies
- Latest API Case Studies
- Latest Cloud Case Studies
- More Case Studies
- US Intelligence Community – Secure Data Sharing
- Ogilvy & Mather – Web Services Security
- Quebec Finance Ministry – CGI Solution
- Belgium French Community (ETNIC) – Secure eGovernment Services
- British Columbia Attorney General - XML & Web Services Security
- US Army Accessions Command - Managing the Service Lifecycle
- Tutorials
- API Management
- Development
- Identity Access
- OAuth
- SecureSpan Basics
- Video Tutorials
- Library
- Free Trial
- cloudsecurityalliance
Follow Us:
Sun Microsystems - SOA Governance for Oracle
Implementing governance to create agile and secure Oracle-based SOA
Creating Agile, Secure SOA through Governance
Sun Microsystems is a Fortune 500 vendor of software, systems, services, and microelectronics that power everything from consumer electronics, to developer tools to the world's most powerful datacenters. Sun is perhaps most famous for their network servers that form the core of Internet backbones, provided the raw iron for much of the .com boom, and are used today by nearly every sector of society and industry.
Sun runs their business on Oracle, whose ERP, CRM, Financials and eBusiness suite form the IT backbone for Sun’s hardware, software and services divisions. While such an enterprise-strength system has long given Sun the edge they needed to effectively compete with the biggest names in the marketplace, Sun’s strengths have always lain in being the smaller, more agile player.
The Opportunity
Up until now, Oracle Financials, Siebel CRM, Oracle Manufacturing and Oracle eBusiness Suite were using a proprietary messaging system which, while handling more than $9B in revenue, was proving more and more difficult to change. After upgrading to Oracle 11, the functional modules which supported Sun’s online Web store were exposed as Web Services presenting Sun with an opportunity to incorporate them into a flexible, loosely coupled Service Oriented Architecture (SOA). While rivals touted their SOA initiatives, experimenting with Web Services (technology for technology’s sake) or creating catalogs of orphaned Web Services (commonly referred to as JABOWS or “Just A Bunch Of Web Services”), Sun had the foresight to realize that without an effective governance layer in place SOA’s promised business agility would likely remain just that – nothing more than a promise.
Enter Layer 7
Sun had done the initial work to identify seventeen key functions within their Oracle suite of applications that would provide the greatest degree of reuse, and had exposed them as Web services. Because the project was slated to become core infrastructure that would evolve with their SOA environment, Sun required a way to ensure these core services could be properly governed – controlled, monitored and adapted – over time. After evaluating a number of different vendors for a variety of criteria, including capabilities related to security, message validation, message enrichment, protocol translation, versioning, monitoring and interoperation with their new common services framework (based on JCAPS), Sun settled on Layer 7. They were initially drawn to Layer 7’s performance and scalability – the ability to handle high volumes of payloads, and efficiently scale as load and message size was ramped up – and then saw the value in Layer 7’s runtime governance framework, which would provide policy enforcement for security, reliability and compliance requirements, as well as visibility into performance, quality of service and SLA conformance for their SOA implementation.
The Solution
Sun’s online Web store is primarily used by certified partners, VARs and resellers to order systems and parts. Hosted at an offsite datacenter, the Web store originally connected across the Internet via a secure VPN system to Sun’s Oracle-based ERP system via a tightly coupled, network-level integration. With Sun’s move to Web services, the Sun Web store Common Web Platform could now be loosely coupled to the ERP Web services, offering a more flexible solution. Security posed a significant challenge. Sun’s corporate framework encompasses a number of semi-autonomous, geographically-dispersed business units and partner companies, in addition to the many remote consultants, contractors and distinguished engineers – all of whom may require access to the new SOA infrastructure at one point. Additionally, because the solution would span so many different users and security domains, any security solution must be reasonably easy to use and transparent to legitimate users. Layer 7's SecureSpan SOA Gateway provided the ability to govern cross-domain interactions by enforcing client authentication and fine-grained, service level authorization for third parties, as well as generating log files for all interactions within and between organizations to facilitate compliance and content reporting. Enforcing SLAs by rerouting and throttling when threshold throughput values were exceeded was key to ensuring quality of service was not impacted.
The Results
By using Layer 7 to abstract out AAA security (Authentication, Authorization and Auditing) from the Web services and instantiate them as centrally administered enforceable policy, Sun can accommodate changes in corporate requirements, industry/ government regulations, and Web services standards without needing to code, test and redeploy each individual service. The result is a dramatic decrease in maintenance costs with a corresponding improvement in business agility. Additionally, by centralizing security, Sun was able to speed deployment while improving overall security by implementing a standard security architecture. Following business acquisitions, companies typically face a difficult challenge integrating their disparate systems. But with robust SOA governance in place, both companies can reduce integration costs and realize efficiencies faster by providing the ability to control, monitor and adapt a solution to fit both party’s requirements.