SOA Software Homepage
 

Service Manager - SOA Management and Security

Click here to view a print-ready version of this page

Service Manager™ is the industry’s leading SOA management and security product. It follows the SOA Infrastructure Reference Model delivering comprehensive standards-based security, routing, mediation, monitoring, and management for SOA and Web services with the most comprehensive set of intermediaries available today.  It is the industry’s most scalable and performant SOA Infrastructure product.

Service Manager can be deployed stand-alone with its own built-in policy management capabilities providing the industry’s broadest and deepest SOA Management and SOA Security solution, or it can be deployed together with Workbench™ (forming the SOA Software Infrastructure Suite™) or any other standards-based SOA governance solution to deliver a comprehensive closed-loop SOA infrastructure solution. 

Service Manager is standards-based and delivers the run-time components of the infrastructure reference model including:

  • Management Application – A service that monitors the performance, throughput, and usage of services and applications, and consolidates this information to provide valuable services such as SLA reporting, performance charting and trend analysis, and alert and exception management.
  • Security services – To ensure the end-to-end security of Web services messages Service Manager includes: A security token server for issuing, authenticating, and exchanging credentials. An authorization server for making and delegating authorization decisions; the authorization server includes certified integrations with most common identity and access management systems. A PKI for generating and distributing public and private key pairs and certificates.
  • Policy and metadata management – Service Manager includes central policy and metadata management capabilities for run-time policy management. It can also integrate with Workbench to form a comprehensive closed-loop SOA infrastructure.
  • Registry and meta-registry – Service Manager includes UDDIv3 registry support and can integrate seamlessly with existing registry deployments.

Policy and Audit
Service Manager shares common policy and audit service with Workbench, when Service Manager is deployed stand-alone it implements these capabilities directly. It can:

  • Define and manage run-time policies that will be enforced and implemented by Service Manager’s intermediaries and other standards-based intermediaries
    • Security, routing, reliability, mediation, and other runtime policies
  • Ensure that policies are being effectively enforced with a comprehensive metric collection model
    • Capture performance and usage metrics according to policies
    • Statistically and algorithmically capture comprehensive message data
    • Track and manage security and other policy exceptions
  • Compare and reconcile collected metrics with policies for audit purposes
  • Enforce policies managed by a centralized governance solution
  • Consistently enforce policies across all popular service containers including, Java and .NET app servers, ESBs, Mainframe, and packaged applications

Mediation
Service Manager offers comprehensive SOA mediation capabilities to ensure that the broadest possible set of consumers can access published services for which they have access rights. It provides:

  • Mediation between consumer capabilities and provider security policies - e.g. it can take a request from a consumer that only supports Kerberos and generate a SAML assertion for a service that requires SAML
  • Transport mediation – e.g. allow http-only clients to consume services exposed on MQ series
  • Mediation between messaging styles – e.g. allow SOAP clients to consume Plain Old XML (POX) services, or allow a REST-based or RSS client to consume a SOAP service
  • Reliability mediation – e.g. map WS-* standards for reliable messaging over http to message-oriented-middleware reliability models
  • Standards mediation – mediate between the various different but similar standards, and the various different versions of the same standard

Management and Routing
Service Manager provides powerful service monitoring, management, and routing capabilities. It decouples the management model from the development process, allowing developers to focus on their business logic and interfaces, delegating the implementation and enforcement of security, reliability, and messaging policies to the infrastructure. It offers the most comprehensive set of management capabilities including:

  • Performance, throughput, and reliability monitoring of services provided both internally and to external customers
  • Comprehensive SLA monitoring and management
  • Distributed exception management and root cause analysis
  • Dynamic routing to automatically correct performance and reliability issues
  • Powerful alert management, monitoring, and distribution
  • Centralized, registry-based dashboards providing users with real-time visibility into service performance, dependencies, and alert status

Security
Service Manager provides the industry’s most comprehensive SOA security solution for trust enablement of Web services providers and consumers. It decouples the security model from the development process, allowing developers to focus on their business logic and interfaces. It offers:

  • Comprehensive end-to-end security of Web services messages
    • Authentication – supporting a wide range of different credential types and authentication providers
    • Authorization – via an internal access control system and certified integration with leading identity and access management systems
    • Privacy – encryption and decryption using the XML-Encryption standard and built-in PKI
    • Non-repudiation – signature and signature verification using the XML-DigitalSignature standard
    • Audit – comprehensive message and administrative audit logs
  • Built-in PKI - Create, manage, and distribute public/private key pairs or integrate with existing PKI solutions
  • Security token exchange and mediation services – credential mapping and identity federation
  • First-mile security – the delegate discovers policy and implements security non-intrusively at the client
  • Last-mile security – the fully functional agent enforces policy on behalf of the service
  • In-transit security – the standalone intermediary ensures the security of messages on the wire and mediates between consumer capabilities and provider policies

Intermediaries
Service Manager’s intermediaries provide the foundation for SOA management, security, and run-time policy enforcement. They cover the widest possible surface area of applications and offer the broadest and deepest functionality of any SOA intermediaries on the market.

  • Consistent policy enforcement and implementation for all popular service containers including Java and .NET app servers, ESBs, Mainframe, and packaged applications
  • Proven scalability and performance
  • Non-intrusive, enterprise-ready