Feeds

The policy is...get some

Apps upgrades will need policies, even if you don't want them

Beginner's guide to SSL certificates

Further indications that the coming upgrades of the major business applications such as SAP and Oracle could cause unsuspecting IT managers more problems than they have planned for, first noted here, have come from SOA Software.

Acknowledging that the next round of upgrades will all be enabled to run within - or even run - Service Oriented Architecture environments, the company's executive VP of product strategy, Frank Martinez, observed that IT managers now face a situation where it would no longer be a question of whether they opt for an SOA environment, as they will get it anyway. "The only questions they face now are 'when', and 'how'," he said. "And this can raise issues they have not planned for."

One of the most important issues is the fundamental change SOA can bring in the way IT is exploited in running businesses. Up until the arrival of SOA consumers have had to interact with suppliers' business systems in whatever way demanded by those business systems and the processes they run.

There has always been, therefore, an implicit direct coupling between the two, with any supplier policy automatically impacting the consumers for good or ill.

As Martinez points out, however, SOA infrastructures change this situation significantly. "It is not only possible to completely decouple the consumer and supplier sides of the business but also for the consumer side to start driving the way a company does business," he said. "That means businesses now need separate consumer-side and supplier-side policies and that they need to be decoupled from each other."

Though many users may opt to upgrade their applications suites to obtain other functionality than the SOA capabilities, the fact they are there, available for use by developers, means that business processes may be open to unintentional vulnerabilities simply because no management or process policies are in place. Such policies need to be implementable from the moment any upgraded application suite moves into the production environment.

The real trick then, according to Martinez, is having the ability to manage the necessary mediation between policies when contention occurs. For many businesses this issue will be a new one they have face, and one that cannot be avoided once they upgrade their applications. "Yes, it is a daunting prospect for many of them," he acknowledged. "But the fact that it is daunting is no longer acceptable as an argument."

Policy mediation is only one of four main areas of infrastructure management that users need to address as they drift into the SOA waters, the others being management tools, security and governance.

Martinez suggests that, taken together, this produces the need for very deep end-to-end integration across the infrastructure, deeper than the level of integration currently provided by available standards. "These may not close the loop around applications or process life cycles," he said.

But policy definition and implementation remain two of the most serious issues facing businesses as they plan for application suites upgrades, for they remain something of an unsuspected dark horse in the stable of new technologies those users will be acquiring. The key step for many will not be in implementing policies well.

As Martinez put it: "SOA has tools to manage and implement the most complex policies and mediate between them. But the users now need to understand that they do need the policies in the first place." ®

Remote control for virtualized desktops

More from The Register

next story
PEAK APPLE: iOS 8 is least popular Cupertino mobile OS in all of HUMAN HISTORY
'Nerd release' finally staggers past 50 per cent adoption
Microsoft to bake Skype into IE, without plugins
Redmond thinks the Object Real-Time Communications API for WebRTC is ready to roll
Microsoft promises Windows 10 will mean two-factor auth for all
Sneak peek at security features Redmond's baking into new OS
Mozilla: Spidermonkey ATE Apple's JavaScriptCore, THRASHED Google V8
Moz man claims the win on rivals' own benchmarks
Yes, Virginia, there IS a W3C HTML5 standard – as of now, that is
You asked for it! You begged for it! Then you gave up! And now it's HERE!
FTDI yanks chip-bricking driver from Windows Update, vows to fight on
Next driver to battle fake chips with 'non-invasive' methods
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
Ubuntu 14.10 tries pulling a Steve Ballmer on cloudy offerings
Oi, Windows, centOS and openSUSE – behave, we're all friends here
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Website security in corporate America
Find out how you rank among other IT managers testing your website's vulnerabilities.