Forum Systems Outlines Infrastructure Decision Criteria for State-of-the-Art Service-Oriented Architecture Data Centers; Guidelines Offered to Ensure Successful Long-Term Strategy to Support Scaleable Internal and External Web Services.SALT LAKE CITY -- Forum Systems, the leader in Web services and SOA security infrastructure for XML XML in full Extensible Markup Language. Markup language developed to be a simplified and more structural version of SGML. It incorporates features of HTML (e.g., hypertext linking), but is designed to overcome some of HTML's limitations. acceleration, threat protection and trust management, today announced a list of the top five infrastructure decision criteria that have the greatest impact on the long-term success of enterprise data center strategies for companies planning for or implementing Service-Oriented Architecture (SOA (1) (Start Of Authority) The first record in a DNS zone file. See DNS records. (2) (Service Oriented Architecture) The modularization of business functions for greater flexibility and reusability. ). SOAs are transforming the enterprise by optimizing the re-use of IT assets, delivering innovative Web-based services and significantly lowering application integration costs. Business and IT applications as a set of "software services" allow companies to be more responsive and better adapt to changes in business conditions resulting from shifts in regulations, changing market requirements and competitive pressures. In a recent report, Gartner stated, "By 2007, SOA will be the mainstream software engineering practice, ending the 40-year domination of monolithic architectures." However to take advantage of SOAs and loosely coupled software services the enterprise data centers will have to be retrofitted with capabilities to address an evolving Web services security and threat profile, opportunities for better management of applications and systems and the need to support application developers designing configurable, meta-data driven Web services. "One of the side effects Side effects Effects of a proposed project on other parts of the firm. of the movement to SOA is the formerly separate worlds of network administration and application development which are becoming increasingly intertwined," said Ron Schmelzer, senior analyst at ZapThink. "A datacenter built for SOA must define how hardware assets as well as software services are secured, controlled and accessed. Companies like Forum Systems have been entrenched en·trench also in·trench v. en·trenched, en·trench·ing, en·trench·es v.tr. 1. To provide with a trench, especially for the purpose of fortifying or defending. 2. with SOA implementations and their field experience is of value to organizations looking to make intelligent datacenter decisions." "Its time to look at the long-term infrastructure requirements through well-articulated base-line requirements that can be interpreted by business units, IT managers and application developers," said Wes Swenson, CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. for Forum Systems. "SOA is a paradigm shift A dramatic change in methodology or practice. It often refers to a major change in thinking and planning, which ultimately changes the way projects are implemented. For example, accessing applications and data from the Web instead of from local servers is a paradigm shift. See paradigm. that mandates a serious look at technology and implementation decisions that will ensure a successful transformation." To underscore the significance of a well thought out plan for SOA-based applications, Forum Systems recommends that organizations introduce datacenter infrastructure components such as middleware, networking, security and management that meet these guidelines:
1. Components adhere to Web services and XML (eXtensible Markup
Language) open standards and then secondly to additional
vendor specifications
2. Components demonstrate interoperability and/or integration with
SOA principles of design, development, testing, operations and
maintenance -- i.e. can be fit within a governance and
enforcement framework
3. Components can scale across heterogeneous IT assets, composite
applications and business processes that span corporate
boundaries
4. Components should be capable of intelligent instrumentation for
capture and measurements of various metrics associated with
orchestrated services, messages and transactions
5. Components must fit within a security architecture that
addresses Simple Object Access Protocol (SOAP), Web Services
Description Language (WSDL) and XML data trust enablement,
threat protection and information assurance
Customers can benefit from this generalized set of criteria to judge how far along a vendor product is to being "SOA-ready." These five criteria are a reflection of what Forum Systems has gathered from the last six years of proposals, prototypes and, more importantly, production SOA implementations and deployments. The guidelines should be considered a litmus test for decision makers to determine whether an infrastructure component is extensible enough to fit within SOA datacenters. Forum System's award-winning Web services and SOA security infrastructure is being used by datacenters for the IRS An abbreviation for the Internal Revenue Service, a federal agency charged with the responsibility of administering and enforcing internal revenue laws. , Amazon.com, Providian, T-Mobile, Citigroup and Motorola and over 150 other government and commercial organizations. For more information on state-of-the art datacenters for SOAs please visit www.forumsys.com or contact bherron@forumsys.com. About Forum Systems Trustworthy, ubiquitous and robust Web services can only be achieved by combining security controls that are proactive, always on and systematic. Forum Seamless Security Solutions Architecture (Forum S3A(TM)) is an adaptive approach to building security-minded service-oriented applications and data-level networks using life-cycle solutions, including vulnerability management, testing systems, firewalls and gateways. Forum products are available as software, PCI-card and appliance options and comply with government requirements, including CheckPoint OPSEC (OPerations SECurity) The U.S. military term for concealing critical information as part of a counterintelligence plan. A form of "security by obscurity," OPSEC determines what information adversaries can obtain or piece together from observation and to provide measures for Certification, FIPS (Federal Information Processing Standards) A series of publications issed by the U.S. National Institute of Standards and Technology (NIST) that specifies information security guidelines for federal government departments and agencies. Certification, Common Criteria EAL EAL English as an Additional Language EAL Evaluation Assurance Level EAL Eastern Airlines EAL Emergency Action Level EAL Environmental Analysis Laboratory EAL Evidence Analysis Library (American Dietetic Association) 4+ (in process) and JITC JITC Joint Interoperability Test Command (formerly Joint Interoperability Test Center) JITC Joint Interoperability Test Center (obsolete; now Joint Interoperability Test Command) DoD PKI (Public Key Infrastructure) A framework for creating a secure method for exchanging information based on public key cryptography. The foundation of a PKI is the certificate authority (CA), which issues digital certificates that authenticate the identity of Certification. Forum Systems is an active a member of OASIS and WS-I (Web Services Interoperability Organization, www.ws-i.org) A consortium founded by Microsoft, IBM, BEA Systems and Intel that is dedicated to the development of Web services. Its goals are to provide guidance and education, to promote interoperability and to ensure that Web services , helping mature standards such as WS-I Basic Profiles, SAML (Security Assertion Markup Language) An XML-based format from OASIS for exchanging security information for single sign-on. The "assertions" are statements from a SAML authority that authenticate a user, confirm some attribute about the individual and grant or and WS-Security. Customers can benefit from Forum technology that is bundled with market-leading products: Microsoft ISA Server 2004, NetContinuum NC-1000 WSE WSE Web Services Enhancements (Microsoft) WSE Warsaw Stock Exchange (Warsaw, Poland) WSE Symposium on Web Site Evolution (IEEE International Symposum) , Crossbeam Systems, Breach Security and Network Engines NS6300X. For more information on adaptive solutions for Web services security visit http://www.forumsys.com. Forum Systems, Inc. is the Leader in Web Services and SOA Security(TM) infrastructure with a comprehensive suite of XML acceleration, trust management and threat protection solutions for the automated Web. Forum Systems' flexible hardware, software and embedded products make vibrant business communications possible by actively protecting XML data and Web services across networks and business boundaries. Forum's products have been chosen by over 150 Fortune 1000 industry leaders and are winners of Network Computing Magazine's Well-Connected 2004 Award and Product of the Year 2004 Award, Network Computing Magazine's Editor's Choice 2003 Award, Network Magazine's Product of the Year 2003 Award and DEMO 2004 Invitation. Forum XWall Web Services Firewall is the industry's only XML Firewall selected by InfoWorld LEADERBOARD lead·er·board n. A board that displays the leaders in a competition. leaderboard Noun a board displaying the current scores of the leading competitors, esp in a golf tournament 2004. Visit Forum at http://www.forumsys.com/. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion