Service Manager - SOA Policy Management and Governance

By: Society Of Composers, Authors & Music Publishers Of Canada  09-12-2011
Keywords: business process, Policy Enforcement, Network Director

Service Manager’s intermediaries provide the foundation for SOA management, security, and run-time policy enforcement. They cover the widest possible surface area of applications and offer the broadest and deepest functionality of any SOA intermediaries on the market.

The Agents deploy into the container to ensure last-mile security and policyenforcement for services. SOA Software offers agents for most common Java application servers, .NET, several ESB products and several business processmanagement tools. The agents are fully functional, platform-native, and non-invasive offering complete last-mile policy enforcement including on-board cryptographic operations without having to change any deployed applications or services.

The Network Director is a stand-alone smart service router that deploys into the network supporting a wide range of intermediary patterns for routing, service virtualization, high-availability/load-balancing and others. It is fully stateless, offering exceptional performance and scalability combined with unique capabilities for mediation, routing, and policy enforcement.

The Delegate is a client-side intermediary that deploys seamlessly into consumer applications to abstract the application from the location, transport, and policies required by the services it will consume. SOA Software offers delegates for Java applications and .NET, and packages the delegate in a wide range of forms with simple, non-invasive deployment options for most common service platforms and containers, including ESBs and business process management tools.

Policy and Audit
Service Manager leverages Policy Manager for policy definition, management and distribution. Together, Policy Managerand Service Manager:

  • Define and manage run-time policies that will be enforced and implemented by Service Manager’s and other standards-based intermediaries
    • Security, routing, reliability, mediation, and other run-time policies
  • Ensure that policies are being effectively enforced with a comprehensive metrics collection model

    • Capture performance and usage metrics according to policies
    • Statistically and algorithmically capture comprehensive message data
    • Track and manage security and other policy exceptions
  • Compare and reconcile collected metrics with policies for audit purposes
  • Enforce policies managed by a centralized governance solution
  • Consistently enforce policies across all popular service containers including, Java and .NET app servers, ESBs, mainframe, and packaged applications

Service Manager offers comprehensive SOA mediation capabilities to ensure that the broadest possible set of consumers can access published services for which they have access rights. It provides:

  • Mediation between consumer capabilities and provider security policies - e.g. it can take a request from a consumer that only supports Kerberos and generate a SAML assertion for a service that requires SAML
  • Transport mediation – e.g. allow http-only clients to consume services exposed on MQ series
  • Mediation between messaging styles – e.g. allow SOAP clients to consume Plain Old XML (POX) services, or allow a REST-based or RSS client to consume a SOAP service
  • Reliability mediation – e.g. map WS-* standards for reliable messaging over http to message-oriented-middleware reliability models
  • Standards mediation – mediate between the various different but similar standards, and the various different versions of the same standard

Management and Routing
Service Manager provides powerful service monitoring, management, and routing capabilities. It decouples the management model from the development process, allowing developers to focus on their business logic and interfaces, delegating the implementation and enforcement of security, reliability, and messaging policies to the infrastructure. It offers the most comprehensive set of management capabilities including:

  • Performance, throughput, and reliability monitoring of services provided both internally and externally
  • Comprehensive SLA monitoring and management
  • Distributed exception management and root cause analysis
  • Dynamic routing to automatically correct performance and reliability issues
  • Powerful alert management, monitoring, and distribution
  • Centralized, registry-based dashboards providing users with real-time visibility into service performance, dependencies, and alert status

Service Manager provides the industry’s most comprehensive SOA security solution for trust enablement of Web services providers and consumers. It decouples the security model from the development process, allowing developers to focus on their business logic and interfaces. It offers:

  • Comprehensive end-to-end security of Web services messages
    • Authentication – supporting a wide range of different credential types and authentication providers
    • Authorization – via an internal access control system and certified integration with leading identity and access management systems
    • Privacy – encryption and decryption using the XML-Encryption standard and built-in PKI
    • Non-repudiation – signature and signature verification using the XML-DigitalSignature standard
    • Audit – comprehensive message and administrative audit logs
  • Built-in PKI - create, manage, and distribute public/private key pairs or integrate with existing PKI solutions
  • Security token exchange and mediation services – credential mapping and identity federation
  • First-mile security – the delegate discovers policy and implements security non-intrusively at the client
  • Last-mile security – the fully functional agent enforces policy on behalf of the service
  • In-transit security – the standalone intermediary ensures the security of messages on the wire and mediates between consumer capabilities and provider policies
  • Consistent policy enforcement and implementation for all popular service containers including Java and .NET app servers, ESBs, mainframe, and packaged applications
  • Proven scalability and performance
  • Non-intrusive, enterprise-ready

Keywords: business process, Network Director, Policy Enforcement,

Contact Society Of Composers, Authors & Music Publishers Of Canada


Print this page

Other products and services from Society Of Composers, Authors & Music Publishers Of Canada


Repository Manager - SDA Mapping and Discovery

With Smart Controls™,organizations can easily control the service production and consumption process from requirement definition to development.Service consumption processes can be defined to control access to sensitive artifacts until approval is granted, minimizing developer access to rogue, and untraceable services.


Standards Support - SOA Software

Configuration of the WS-RM capabilities is done via WS-RM policy assertions specifying the behavior of the exchange.Supported Namespaces. Both XSLT 1.0 and 1.1 style sheets are supported by the Service Manager XSLT engine. Non SOAP messages (aka XML-over-HTTP or plain-old XML ) can also be routed.


Portfolio Manager – Industry’s first SOA Portfolio Management product

Unplanned SOA Programs will fail because project-specific services will not be flexible enough to support generalized reuse, and without early success, application development teams won’t see the potential value in working to move to SOA and the organizational culture will not evolve as needed to support a successful SOA program.


Product Overview - Comprehensive SOA Infrastructure

Portfolio Manager, Repository Manager, Policy Manager, and Service Manager together deliver an Integrated SOA Governance automation solution that ensures that companies build the right services, build services right, and run services right. SOA Software’s,,, and combine to form a comprehensive Integrated SOA Governance Automation solution, with providing a governable Mainframe SOA platform.


SOA Governance - SOA Software

Using this solution architects, developers, security administrators, and operations managers can define and govern policies that are applied to services throughout the appropriate stages of their lifecycle. Governance Automation - lifecycle management workflow to implement building permit process, integrated provisioning and lifecycle management, and inter-departmental contract management and negotiation.


Policy Manager - comprehensive closed-loop SOA Governance

These contracts are created through a negotiation process, supported by ad-hoc collaboration between vested constituents and can be enforced by a standards-based SOA run-time security and management solution like Service Manager. Policy Manager™ is a comprehensive SOA Policy Governance Automation solution offering unique governance processand collaboration capabilities to instill consistency and accountability and encourage desired behavior.


SOLA Mainframe - SOA Software

On top of this, SOLA’s built in monitoring, logging and auditing capabilities, as well as its standards based architecture combine to make SOLA fully governable by external governance products like SOA Software's Policy Manager. SOLA provides customers with a fast and easy process to expose mainframe applications as secure Web Services, and allows mainframe applications to consume Web Services.