Service Manager - SOA Policy Management and Governance

Service Manager™ is the industry’s leading SOA management and security product. It follows the SOA Infrastructure Reference Model delivering comprehensive standards-based security, routing, mediation, monitoring, and management for SOA and Web services.  It is the industry’s most scalable and high performance SOA infrastructure product.

Service Manager is deployed together with Policy Manager™providing the industry’s broadest and deepest SOA Management and SOA Security solution.  It implements and enforces policies from Policy Manager, and generates usage, performance and policy compliance metrics that it reports to Policy Manager to enable a closed-loop process for auditing that policies are being correctly enforced.

Service Manager’s intermediaries provide the foundation for SOA management, security, and run-time policy enforcement. They cover the widest possible surface area of applications and offer the broadest and deepest functionality of any SOA intermediaries on the market.

The Agents deploy into the container to ensure last-mile security and policyenforcement for services. SOA Software offers agents for most common Java application servers, .NET, several ESB products and several business processmanagement tools. The agents are fully functional, platform-native, and non-invasive offering complete last-mile policy enforcement including on-board cryptographic operations without having to change any deployed applications or services.

The Network Director is a stand-alone smart service router that deploys into the network supporting a wide range of intermediary patterns for routing, service virtualization, high-availability/load-balancing and others. It is fully stateless, offering exceptional performance and scalability combined with unique capabilities for mediation, routing, and policy enforcement.

The Delegate is a client-side intermediary that deploys seamlessly into consumer applications to abstract the application from the location, transport, and policies required by the services it will consume. SOA Software offers delegates for Java applications and .NET, and packages the delegate in a wide range of forms with simple, non-invasive deployment options for most common service platforms and containers, including ESBs and business process management tools.

Policy and Audit

Service Manager leverages Policy Manager for policy definition, management and distribution. Together, Policy Managerand Service Manager:

  • Define and manage run-time policies that will be enforced and implemented by Service Manager’s intermediaries and other standards-based intermediaries
    • Security, routing, reliability, mediation, and other run-time policies
  • Ensure that policies are being effectively enforced with a comprehensive metrics collection model

    • Capture performance and usage metrics according to policies
    • Statistically and algorithmically capture comprehensive message data
    • Track and manage security and other policy exceptions
  • Compare and reconcile collected metrics with policies for audit purposes
  • Enforce policies managed by a centralized governance solution
  • Consistently enforce policies across all popular service containers including, Java and .NET app servers, ESBs, mainframe, and packaged applications

Mediation

Service Manager offers comprehensive SOA mediation capabilities to ensure that the broadest possible set of consumers can access published services for which they have access rights. It provides:

  • Mediation between consumer capabilities and provider security policies - e.g. it can take a request from a consumer that only supports Kerberos and generate a SAML assertion for a service that requires SAML
  • Transport mediation – e.g. allow http-only clients to consume services exposed on MQ series
  • Mediation between messaging styles – e.g. allow SOAP clients to consume Plain Old XML (POX) services, or allow a REST-based or RSS client to consume a SOAP service
  • Reliability mediation – e.g. map WS-* standards for reliable messaging over http to message-oriented-middleware reliability models
  • Standards mediation – mediate between the various different but similar standards, and the various different versions of the same standard

Management and Routing

Service Manager provides powerful service monitoring, management, and routing capabilities. It decouples the management model from the development process, allowing developers to focus on their business logic and interfaces, delegating the implementation and enforcement of security, reliability, and messaging policies to the infrastructure. It offers the most comprehensive set of management capabilities including:

  • Performance, throughput, and reliability monitoring of services provided both internally and externally
  • Comprehensive SLA monitoring and management
  • Distributed exception management and root cause analysis
  • Dynamic routing to automatically correct performance and reliability issues
  • Powerful alert management, monitoring, and distribution
  • Centralized, registry-based dashboards providing users with real-time visibility into service performance, dependencies, and alert status

Security

Service Manager provides the industry’s most comprehensive SOA security solution for trust enablement of Web services providers and consumers. It decouples the security model from the development process, allowing developers to focus on their business logic and interfaces. It offers:

  • Comprehensive end-to-end security of Web services messages
    • Authentication – supporting a wide range of different credential types and authentication providers
    • Authorization – via an internal access control system and certified integration with leading identity and access management systems
    • Privacy – encryption and decryption using the XML-Encryption standard and built-in PKI
    • Non-repudiation – signature and signature verification using the XML-DigitalSignature standard
    • Audit – comprehensive message and administrative audit logs
  • Built-in PKI - create, manage, and distribute public/private key pairs or integrate with existing PKI solutions
  • Security token exchange and mediation services – credential mapping and identity federation
  • First-mile security – the delegate discovers policy and implements security non-intrusively at the client
  • Last-mile security – the fully functional agent enforces policy on behalf of the service
  • In-transit security – the standalone intermediary ensures the security of messages on the wire and mediates between consumer capabilities and provider policies

Intermediaries

Service Manager’s intermediaries provide the foundation for SOA management, security, and run-time policy enforcement. They cover the widest possible surface area of applications and offer the broadest and deepest functionality of any SOA intermediaries on the market.

  • Consistent policy enforcement and implementation for all popular service containers including Java and .NET app servers, ESBs, mainframe, and packaged applications
  • Proven scalability and performance
  • Non-intrusive, enterprise-ready