SOA GovernanceMuch of governance is about people and processes, but technology can play a critical role as an enablement tool | |
The Problem: Policy ManagementBy enabling business processes to be assembled just-in-time from loosely-coupled application components, Service Oriented Architecture (SOA) is transforming how IT supports and adapts to business need. However, governing policy adherence across distributed, loosely-coupled services that span security and identity domains requires a new sort of policy definition, deployment and enforcement infrastructure. It requires an ability to control and audit how Web services interact with their consuming applications even when the consumers and services lie in different departments, business units and partners. Without the ability to control and audit how policy gets deployed and enforced across security boundaries, there is no way to assure conformance with corporate business rules or compliance with regulatory requirements. Solution: SOA Governance Framework Governing a SOA requires a policy control and audit framework that can span security and identity domains. It requires an ability to centrally define policy for how Web services are to be accessed, an ability to provision and enforce policy on each Web service and an ability to communicate policy expectations to the client applications needing to access the Web services. A SOA Governance framework therefore requires some means of consistently defining policy, managing its lifecycle and provisioning from a centrally accessible policy registry, enforcing its execution across distributed Web services and an ability to both communicate and apply those policy preferences on the client applications accessing the Web services. Layer 7 Value: Runtime GovernanceThe Layer 7 SecureSpan family of infrastructure products is designed to enforce and apply SOA policy at runtime to Web services and their client applications. Layer 7 has designed its XML appliances, VPN and policy configuration products to be standards based and interoperable with leading SOA management and registry products. The Layer 7 SecureSpan XML Networking Gateway provides enterprises a policy optimized appliance or software gateway for enforcing SOA policies on or on behalf of distributed Web services. The SecureSpan XML VPN Client extends the SOA Governance model to client applications by establishing a code-free mechanism to communicate and apply policy definitions on client applications. The SecureSpan Manager provides organizations a WS-Policy compliant (Layer 7 is a co-editor of the specification) graphical tool for composing policies, publishing them to a registry and / or delegating policy decisions to external management and security products. The combination of Layer 7 products and third party SOA integrations provide organizations the most complete runtime policy definition, enforcement and application environment available in the market.
Share: | More | ResourcesDatasheet: Download PDF | 196Kb
Solution Brief: Download PDF | 208Kb
White Paper: Download PDF | 225 Kb
White Paper: Download PDF | 223 Kb
Webinar:
Podcast:
Podcast: |
