As enterprises extend their IT reach into the cloud and across mobile devices, the need for controlling who gets access to what information becomes more complex. As application data and functionality gets exposed over the Internet enterprises are going to face greater compliance scrutiny, new challenges in identity verification, increased emphasis in SLA conformance, monitoring challenges that span cloud applications and application, policy and interface lifecycle needs that extend to mobile devices and SaaS integrations. This Webinar given by Layer 7 Technologies and HP Software will look at new approaches and best practices for handling Governance across SOA, Mobile and Cloud. Visit www.layer7tech.com to learn more.

1. Service Governance 2.0
Governance in the age of cloud, mobile
Peter Gibbels Francois Lascelles
HP Software Product Management ALM/SOA Layer 7 Director of Solutions Engineering

2. Housekeeping
 Questions
- Chat any questions you have and we’ll answer them at the end of this call
 Twitter
- Today’s event hashtag:
- #l7hpwebinar
- Follow us on Twitter as well:
- @flascelles
- @layer7
- @HPSoftwareALM

3. Today’s enterprise SOA landscape
 IT assets distributed in various zones
 Increasing demand for cloud/partner/customer integration
 Security first partner
distributed enterprise SOA
IAAS/PAAS SAAS partner
enterprise boundary
• Sensitive data, apps
• Mission critical
• ID authority
• Legacy
mobile

4. Integrated governance requirements
 Centralized governance for services distributed across various zones
 Automated provisioning of runtime contract enforcement
 Cross-domain security enablement and identity federation
 Decoupling of security and application logic
 QoS monitoring across service zones
 SLA enforcement

5. Design vs. runtime governance
• Solve gap between operation and design
• Losing information from design – centralized repository including history
• Lots of operation information are defined during design but missing during
operation
Design time governance Runtime governance
• Policy enforcement
• Policy definition
• SLA/SLO Monitoring
• Design time enforcement HP Systinet 4.0
• Rogue artifacts discovery
• SLO planning

6. Governance across service zones
 Central control of PEPs across service zones
 Centralized design time governance authority
defines access control rules, contracts
 Policies programmatically pushed to relevant
service zone PEP
 Layer 7 Gateway PEP deployed on public
cloud, private cloud, on-premise
 Cross-domain trust handled at perimeter

7. HP SOA Systinet
Achieve the promise of SOA with Governance
Facilitates distributed collaboration
Enterprise SOA requires and communication between
governance to see cost savings : application development teams
using shared services
• Ease of use with new Interface
• Visual Lifecycle Designer tool Allows organizations to lower costs
• Flexible modeling of services & by agreeing on policies for service
their dependencies development in advance and
building re-usable services and
• Partitioned Domains components
• Collaboration and distributed Enables organizations to isolate
development support sensitive information in partitioned
domains, alleviating security
concerns of a shared repository
Supporting key stakeholders from across IT & the business
VP Apps Business
Enterprise
Architects Analysts

8. Layer 7 Gateway
 Runtime policy enforcement
 ATHN/ATHZ capabilities
- X.509, SAML, OAuth
 SLA enforcement & reporting
 QoS monitoring, alerting
 Classification, threat protection
 Caching, acceleration
Policy Enforcement Point (PEP)  Hardware appliance or virtual appliance
Gateway Appliance

9. HP Business Service Management with BAC
End-to-End Performance Monitoring
? ? on-premise BAC Deployment
?
? ? CICS MQ
TIBCO Sonic
Internet/ and Backend
Web Servers App Servers Middleware
Firewall Data
HP BAC
Anywhere Business Infrastructure
Real Users Diagnostics
Transactions Monitoring
Proactive end-user
over-the-firewall Deep diagnostics of applications Align performance mgmt
monitoring and business requirements
Universal
CMDB
360-degree Dashboard

10. Layer 7 – Systinet Integration
 Policies created in Layer 7 Policy Manager
 Policies stored and referenced in Systinet
 Layer 7 PEP Gateway enforces policies, reports Service
endpoint
on compliance
Compliance
Feedback
Layer 7
Gateway
Systinet
Repository /
Registry (GIF)
Service
client
Layer 7
Policy Manager
HP BTO BSM
(BAC+)

11. Systinet 4.0 Functional Components and integration with
Layer 7 PEP
Systinet Platform Components
Lifecycle Policy Visual Contracts
Registry Catalog
Management Framework Navigator & SLO’s
GIF based integration
IDE Plug-ins
Metadata STM BAC
Workbench Repository

12. HP SOA Systinet 4 Lifecycle Management (1)

13. HP SOA Systinet 4 Lifecycle Management (2)

14. Visualizing applications

15. Example Layer 7 alerting to BAC using SNMP
Alerts showing up in SideScope monitor

16. Example Layer 7 to BAC performance metrics
SiteScope Sript monitor

17. Cross domain identity federation with Layer 7
STS issues token on behalf of in-
zone requester
Incoming tokens are validated
against federated trust policies

18. HP + Layer 7 : comprehensive governance solution

19. for more information
http://www.layer7tech.com
http://www.hp.com/go/soa