November 20th, 2009

Panel: do cloud computing economic advantages break down in enterprises?

Posted by Joe McKendrick @ 8:16 am

Categories: Business ROI, Case Studies, Data managemetnt, Management, SOA Events, Vendor Watch, Web Services, cloud computing

Tags: Cloud, Cloud Computing, Virtualization, Hardware, Joe McKendrick

The purpose of information technology is “to provide compute and storage. That’s it. full stop. That compute and storage can be provided by mainframes, private data centers, distributed networks, or by the cloud.”

- Allan Leinwand, venture capitalist

At this week’s Interop conference in New York, I heard a great panel discussion, moderated by AT&T’s Joe Weinman, on the economics of cloud computing. Weinman was joined by Adam Selipsky of Amazon Web Services, Allan Leinwand of Panorama Capital (which invests in cloud vendors), Andy Rhodes of Dell, Harris Tilevitz of Skadden Arps, one of the largest law firms in the world, and William Forrest of McKinsey & Co., author of the last spring’s watershed report on “Clearing the Air on Cloud Computing.”

A public cloud provider, private cloud operator, consultant, network provider, and venture capitalist debate cloud’s business value

McKinsey’s Forrest, for one, stated that while his research “found significant amounts of workloads today could be moved to public cloud providers,” it still “wouldn’t make economic sense to move large chunks of data centers to the cloud.”

Nevertheless, he predicts, “there will be a continued move to the cloud, as there are increasingly attractive economics over people building their own data centers.” He says that these economics keep getting better because “the public cloud guys have built a better box, they buy in volume, and operate more efficiently than most enterprises.”

“The idea that you buy an individual server, that is going away. You either buy racks of servers or go to the cloud.”

Amazon’s Selipsky, needless to say, was bullish on the cloud computing paradigm. He noted that in a government CIO rountable last week, Vicek Kundra, the US CIO, “certified that 45% of all government IT could run on public clouds.”

Selipsky went on to say that cloud computing is suitable for both large and small enterprises. “For start-ups, its a total no-brainer. We also have a lot of big enterprises using our services.” He foresees many enterprises moving to a hybrid cloud environment in the coming years. And, he noted that cloud providers also bring another advantage beyond cost savings: “The biggest benefit of the cloud is that is it enables focus. You can take the intellectual capital of your staff and focus on your business — not IT.”

VC Leinwand, however, says he still sees a “huge gap” between cloud services offered and the ability to effectively manage them in an enterprise environment. “Cloud storage costs one-tenth of onsite data storage,” he points out. But what about configuration, integration, data deduplication, and monitoring? There’s a gap between what the enterprise is used to doing behind the firewall and what cloud providers can do.”  He added that he is seeking to fund companies that can help close that gap.

AT&T’s Weinman, for his part, raised doubts about the sustainability of cloud computing economics, which may break down as enterprise management requirements come into play. “I’m not sure there are any unit-cost advantages that are sustainable among large enterprises,” he said. A more likely scenario that will be seen is hybrid adoption of cloud computing in some areas, and private capabilities for others where it makes business sense.

Another option is private clouds, and Skadden’s Tilevitz reports great success at his global law firm of 2,000 partners. Originally, the initiative started after September 11, 2001, as a way to ensure business continuity by operating three regional data centers. Now, built on a Citrix environment, the virtualized environment has evolved into an internal cloud of sorts, from which the firm’s various office access online services. For example, he related, a partner may need to load five million pages of documentation into an online format overnight. “We have more than a petabyte of image data that we keep for seemingly forever that we use for litigation,” he said.

Economies of scale have also kicked in as well. “Our expenses for this private cloud have dropped over time,” Tilevitz said. “I see it as almost a reversion back to the mainframe world. Everyone is now using applications and data remotely.”  Tilevitz also said his firm is looking at becoming a “public” cloud provider of sorts as well, selling excess disk capacity online.

October 29th, 2009

Does cloud add more silos to our over-siloed enterprises?

Posted by Joe McKendrick @ 6:59 pm

Categories: Management, cloud computing

Tags: Silo, Enterprise, Enabling Architecture, Service-Oriented Architecture (SOA), Enterprise Software, Web Services, Software, Joe McKendrick

I just had the opportunity to moderate a panel with Miko Matsumura and John Favazza, in a rousing ebizQ roundtable discussion on trends on SOA governance. Miko pointed to the complexity of enterprises, noting the challenges of bringing the hopelessly fragmented parties within larger organizations into alignment. This is one of the objectives of good governance.

Miko points out that size matters when it comes to clouds as well. Especially when it comes to enterprise software. (Miko reminds us that the word “Enterprise” in the phrase “Enterprise Software” has come to mean “software that sucks.”)

Cloud gets particularly challenging when the organization grows, and is has fragmented into factions, silos, and niches. Adding cloud means more complexity, “yet another technology silo to maintain, integrate, secure and govern,” he says.  A systematic enabling architecture is required to introduce cloud across the multiple parts of an enterprise.

One of the issues with many SOA efforts to date is that many people threw Web services out across their domains, hoping they will eventually gel into service oriented architecture.  When you have different divisions or departments subscribing to their own choices of cloud services, the complexity grows.

October 26th, 2009

Survey: cloud interest grows triple-fold; cost may not be main factor

Posted by Joe McKendrick @ 3:00 am

Categories: Business ROI, Management, SOA Surveys and Research, Web 2.0-Enterprise 2.0, cloud computing

Tags: Avanade, Survey, Cloud Computing, Virtualization, Hardware, Joe McKendrick

Everyone figures that companies are buying into cloud to save money. A new survey says otherwise. But why are companies adopting cloud?

A new study (PDF link) commissioned by Avanade shows a 320% increase over the past nine months in respondents reporting that they are testing or planning to implement cloud computing. Avanade claims this is the first time a survey has documented a global embrace of cloud computing in the enterprise.

The study also found that while companies are moving toward cloud computing, there is little support for cloud-only models (just five percent of respondents utilize only cloud computing). Rather, most companies are using a combination of cloud and internally owned systems, or hybrid approach.

Okay, the survey confirms what we’ve been seeing anecdotally. That is, there’s been a huge uptick in cloud interest. And apparently, this has been taking place during an economic downturn. But here’s where it gets interesting: Only 13% said the onset of a tougher economy helped push them toward the cloud. A majority, 58%, say economic conditions had nothing to do with it.

While Avanade didn’t seem to read anything into this, another observer, Paul Miller, thought this finding was a real eye-opener, suggesting that contrary to what everyone assumes, cloud computing decisions are not being driven by cost-cutting needs:

“Also interesting was the relatively small impact of the economic situation upon Cloud adoption, with only 13% suggesting it had ‘helped’ adoption plans and 58% reporting ‘no effect.’ In my conversations with Nick Carr and others, there’s been an underlying presumption (on my part, as well as theirs) that cost-saving arguments with respect to Cloud Computing would prove persuasive and compelling.  It would appear not. This would suggest, of course, that enterprise adopters are taking to the Cloud for reasons other than the budget sheet…”

If it isn’t its low entry costs, then why is cloud computing so popular? Avanade says half of the companies surveyed that have migrated to cloud computing technologies use it to “manage and deliver business applications such as customer relationship management (CRM) and human resources (HR) services.” Forty‐six percent of respondents are also using cloud computing for data storage.

Speaking of greater flexibility and agility, the Avanade survey suggests that the service model is taking over as the prevailing IT value proposition. As Avanade puts it, the “online services model is beginning to fundamentally change how IT services are consumed and provisioned in large organizations. More than half of respondents report that they are currently using Software as a Service applications. In the United States, that number increases to more than two-thirds (68 percent).”

And many of these deployments are internal cloud. Avanade says that globally, “there is a 2:1 ratio of respondents who prefer SaaS delivered internally (or as private services) versus from third-party service providers. There is an even greater dissparity in the United States, with a 4:1 ratio in favor of internal SaaS deployments.”

October 23rd, 2009

Anne Thomas Manes: SOA can be resurrected, here's how

Posted by Joe McKendrick @ 12:55 am

Categories: Business ROI, Enterprise Architecture, Management, SOA Events, Vendor Watch, cloud computing

Tags: SOA, Service-Oriented Architecture (SOA), Web Services, Middleware, Enterprise Software, Software, Joe McKendrick

SOA may have its detractors, but done right, it lays the groundwork for a new service-oriented paradigm going forward.

I’m at this year’s International SOA Symposium in Rotterdam, and the prevailing theme is “Next-Gen” SOA, in which we see service-orientation emerge from its bout with the skeptics to take a stronger role within the enterprise.

Thomas Erl, the conference organizer and prolific author on SOA topics, launched the event, noting that we are moving into a period of Next-Generation SOA, with the foundation of principles and practices being laid within many entreprises.

Next up was Anne Thomas Manes of Burton Group, who declared in a post at the beginning of the year that “SOA” — at least as we knew it — was “dead.” However, the second part of Anne’s post was “Long Live Services,” which is the theme that she picked up on in her keynote address.

“Business wasn’t really interested in buying something called ‘SOA,” she declared, adding that in her own research, fewer than 10% of companies have seen significant business value in their efforts.

However, that is not to diminish the importance of service oriented architecture. “The average IT organization is in a mess,” she says. “The average business has 20 to 30 core capabilities. Why do they need 2,000 applications to support those 20-30 capabilities?”

“We should be service orienting everything we do,” she contends. What’s getting in the way is the feeling that an “SOA program” needs to be launched to get there, she states. “We have an opportunity at this point to resurrect SOA. We need a different approach, one based on architectural principles.”

Anne also observed that current cloud computing initiatives bear a striking resemblance to SOA efforts. “All the discussions I hear about cloud are the same discussions we had about cloud four to five years ago,” she says. “How are applications in the cloud going to talk to the applications back home without intrinsic interoperability?”

I also had the opportunity to lead a panel discussion later in the day, joined by Anne, along with Microsoft’s John Devadoss (great to finally meet you in person, John!), Stefan Tilkov, and Clemen Utschig-Utschig of Oracle.  Anne further elaborated on her thinking behind the “Dead” post, emphasizing her point that both end-user organizations and vendors are still too wrapped up in the idea of delivering some type of “SOA” package, versus delivering agility and flexibility. However, she noted, “Everything we do should be service oriented.”

Stefan Tilkov agreed with Anne on that point, but took issue on whether cloud computing represents some new phase of SOA. Cloud represents a different type of functionality and best practices, he emphasized.

I’m also part of the SOA Manifesto Working Group, which is meeting at the Symposium to draft a set of overarching principles to guide SOA efforts. We expect to announce the final document at the end of the conference — I’ll keep you posted.

October 21st, 2009

Gartner leaves SOA off 'top ten' list - again

Posted by Joe McKendrick @ 1:26 pm

Categories: Data managemetnt, SOA Surveys and Research, Web 2.0-Enterprise 2.0, cloud computing

Tags: Enterprise Mashup, Gartner Inc., SOA, Service-Oriented Architecture (SOA), Web Services, Middleware, Enterprise Software, Software, Joe McKendrick

Gartner just issued its Top 10 Technology list for the year ahead, and guess what’s missing? Once again, service oriented architecture got sacked by the sages of Stamford.

SOA proponents, however, can take cold comfort that just as was the case last year, SOA is the underpinning foundation and enabler of many of the Top 10 technologies. Cloud computing?  You need a foundation to deliver those services across firewalls. Cloud also sucks in Web oriented architecture and enterprise mashups — prime SOA territory. Advanced analytics? They won’t be so advanced if data doesn’t get pulled out of organizational and system silos. Client computing? Enterprise mashups, anyone?  And, hey, where is event processing?

October 15th, 2009

Conference alert: let's make SOA work for a living

Posted by Joe McKendrick @ 9:32 am

Categories: Business ROI, General, SOA Events, Web 2.0-Enterprise 2.0, cloud computing

Tags: SOA, Conference, Dave, Service-Oriented Architecture (SOA), Web Services, Middleware, Enterprise Software, Software, Joe McKendrick

Welcome to Service Oriented Architecture, Phase 2. It’s bigger, It’s badder, it’s all business.  None of this namby-pamby JBOWs stuff. None of these SOAPY-REST tantrums. SOA is all grown up now, and it’s time it starts earning the bacon.

I am serving as conference chair and emcee for ebizQ’s upcoming “SOA in Action” virtual conference, scheduled for October 28th and 29th, and want to share some of highlights with you.

I will be joined by a number of leading industry figures in various sessions and panel discussions, including Forrester’s Randy Heffner, Software AG’s governance guru Miko Matsumura, Web Oriented Architecture guru Dion Hinchcliffe (also a rock star here at the ZDNet community), Gartner’s Yefim Natis, captain of the cloud Dave Linthicum, and US Department of Defense CIO Dan Risacher. The conference will be capped by a joint session featuring Gartner’s Roy Schulte and CalTech’s Mani Chandy.

Some author notes: Roy Schulte and Mani Chandy have just published a new work on event processing, Event Processing: Designing IT Systems for Agile Companies. Dave Linthicum has just published his latest book, Cloud Computing and SOA Convergence in Your Enterprise: A Step-by-Step Guide.

Topics to be discussed include organizational and governance issues, “selling” SOA’s value to the business is more difficult in today’s economy, ROI, complex event processing, and cloud computing.

October 12th, 2009

'Lean IT': another buzzphrase for something we've been trying to do all along?

Posted by Joe McKendrick @ 3:00 am

Categories: Business ROI, Links, Management, Standards Watch, Vendor Watch, business process management, cloud computing

Tags: Software, Information Technology, Lean IT, Strategy, Management, Joe McKendrick

Customer in a restaurant: Waiter, bring me a steak, and make it lean.

Waiter: Okay, sir. Which way?

As reported in my last post, Sandy Kemsley has done a great job of covering Forrester’s Business Technology Forum, which focused on Lean IT.

But which way is IT supposed to lean?  Alas, it seems Forrester is helping to heap another buzzphrase on the world that seems to describe things that have already been in motion for years. (Some say this is the case with service oriented architecture as well, by the way.)

What, exactly, is ‘Lean IT’? Wikipedia’s definition of Lean IT is vague and convoluted:

“Lean IT is the extension of lean principles to the development and management of information technology (IT) products and services. Its central concern, applied in the context of IT, is the elimination of waste, where waste is work that adds no value to a product or service.”

Yeah, so? Again, haven’t organizations been battling waste in IT since day one?

I don’t know who coined the phrase “Lean IT,” but it takes a page from “Lean Manufacturing,” which tightened up that sector in the 1980s and 1990s to survive the onslaught from more efficient and quality-driven overseas competition. Noah B. Kindler, Vasantha Krishnakanthan, and Ranjit Tinaikar of McKinsey & Company discussed the concept back in May 2007, claiming that application development and maintenance (ADM)  productivity can be boosted up to 40% by eliminating waste from routine processes. “Application development and maintenance is a prime candidate for lean methods not only because it involves a great many processes with the potential to be optimized but also because large differences in productivity among organizations suggest that some are far less efficient than others,” they said. As they put it:

“Each category of waste in manufacturing has a counterpart in ADM, which can be thought of as a kind of factory that develops new applications according to business requirements. Changes to an application’s requirements are one common source of ADM waste, causing many of the classic varieties identified in lean: designers rework their specifications, coders wait for specifications to stabilize, testers overproduce as their testing environments have to be set up repeatedly, unmet requirements pile up in a large backlog. As in manufacturing, systematically eliminating these sources of waste improves the delivery time, quality, and efficiency of the ADM end product.”

So they equate IT operations with a manufacturing process. Which makes sense, and is something we’ve discussed in this blogsite before (here, here, and here). By introducing assembly-line processes and greater automation to software development, we can definitely tighten up the process.

In past posts, I quoted IBM’s Dr. Irving Wladawsky-Berger and Microsoft’s Jack Greenfield, both who said we were at the dawn of a new era of IT — “industrialization.” Wladawsky-Berger said that IT-delivered services are starting to become more componentized, standardized, and mass-consumable across the spectrum, just as manufactured goods were a century ago. Greenfield talked about the concept of the “software factory,” defined as “a development environment configured to support the rapid development of a specific type of application. While software factories are really just the logical next step in the continuing evolution of software development methods and practices… introducing patterns of industrialization.”

He said, however, that “our IT infrastructures are nowhere near ready to handle this explosive growth of information and service.  Much of IT, - including applications, data centers, systems management, and so on, - is way too ad-hoc and custom designed, sort of like manufacturing was decades ago….”

So, is Lean IT the right thing at the right time to seize upon this impending industrial revolution of IT services? The McKinsey authors identify the following areas for “waste reduction” in software assembly: flow processing to reduce overcapacity or excess inventory; release schedules to help prioritize projects; staff and supplier workload balancing; greater standardization; segmentation of projects by complexity to route projects to the proper resources; and  and by avoiding unnecessary overhead for simple tasks; and quality ownership that extends to all groups involved in software production — not just QA.

These are are well and good goals, and I’m sure every organization can benefit greatly by applying these principles to their IT operations. But is there anyone who hasn’t been already trying to move these efforts forward? What does Lean IT bring to the table? Consider everything that has been underway in recent years:

• Service oriented architecture: Formerly siloed applications are decomposed into reusable services that are made available across enterprises.
• Agile development: Developers work side by side in an iterative way with business users throughout the process.
• Virtualization: Physical IT systems and resources are abstracted into a software-based enterprise service layer.
• IT automation: Routine IT processes formerly handled manually are handled on a systematic basis by the software and machines themselves.
• Cloud computing/outsourcing: Non-critical IT tasks and applications are acquired from more specialized providers, mainly on a pay-per-use or contractual basis.
• Business process management: Business workloads are decomposed and automated.
• ITIL: Best practices and principles for IT services applied uniformly across organizations.

References I’ve been seeing to Lean IT seem quite provincial — optimizing IT processes at the ground level without bringing in the larger picture — the transformation of the business. Lean IT lacks the expansive thinking that Wladawsky-Berger and Greenfield have in mind for the coming industrial revolution in IT services.

And, again, it begs the question: what does Lean IT offer that we haven’t been trying to do already?

October 9th, 2009

Gartner: You want cloud? You need SOA first

Posted by Joe McKendrick @ 8:07 am

Categories: Enterprise Architecture, Links, Management, SOA Events, SOA Surveys and Research, Web 2.0-Enterprise 2.0, cloud computing

Tags: Gartner Inc., SOA, Service-Oriented Architecture (SOA), Web Services, Middleware, Enterprise Software, Software, Joe McKendrick

In a new report, Gartner analyst Yefim Natis is quoted as saying that the success of cloud computing hinges on having good service oriented architecture underneath. “Prepare for the cloud by developing SOA skills,” Natis says. “The arrival of cloud as an option for the delivery of business applications could finally cement SOA into the IT mainstream,” he adds.

Natis urges enterprise IT shops to continue investing in service-oriented architecture skills and initiatives if they are to be able to take full advantage of the emergence of the cloud infrastructure. SOA may eventually become the standard way by which applications are accessed through a cloud service, he adds. This will also propel adoption of private clouds, contained with the firewall.

We’ve been banging the SOA-Cloud drum for years here at this blogspot (e.g., here in 2005; here, here, and here in 2007), and it’s good to see respected analysts also taking up the theme. SOA is evolving into the underlying enabler for private clouds, to the point where they almost can be considered one in the same. SOA has often been a tough sell. The good news is that the business readily grasps — and even likes — the idea of private and public clouds as a way to better organize and manage computing resources.

October 6th, 2009

How to kick-start 'depressingly low' SOA service consumption

Posted by Joe McKendrick @ 3:21 pm

Categories: Enterprise Architecture, Links, Management, Web 2.0-Enterprise 2.0, Web Services, cloud computing

Tags: SOA, WOA, Service-Oriented Architecture (SOA), Web Services, Middleware, Enterprise Software, Software, Joe McKendrick

Has the time come for a change in the way we do SOA?

Dion Hinchcliffe, ZDNet’s resident Enterprise Web guru, has posted an interesting analysis of the state of service oriented architecture, and what it will take to kick-start it into the future. SOA has a couple of issues that is keeping it from reaching its potential, Dion wrote in new post over at ebizQ.

• First, the velocity of SOA seems too slow to keep up with the rapid changes buffeting organizations:
• Second, SOA service consumption remains at “depressingly low” levels;
• Third, SOA projects tend to be over-engineered.

What’s a beleaguered SOA proponent to do?  Time to move to a new level, Dion says: Web Oriented Architecture. Dion calls WOA a “parallel track” for SOA that’s evolved in the more open Internet space, versus behind the opaque walls of corporate enterprises. Or as Dion puts it: WOA has grown “organically in the wilds of the online world to meet many of the same challenges that we have in our organizations today.”

Dion defines WOA in terms of open APIs, such as we see in cloud-based or Enterprise 2.0 services. WOA will help SOA reach its next level of performance. Ways we will see this evolve is the trend toward running SOA more like a business in itself; cheap, lightweight service delivery models; and access via REST-based interfaces and mashups.

The WOA approach makes a lot of sense, in no small part because of its relative simplicity and cost-effectiveness. SOA evolves from being an IT-centric megaproject to a series of initiatives in which business end-users can partake. Yes, there are many instances where iron-clad SOAP Web services are required. But everyone is already doing mashups, and the extended enterprise may benefit from the rise of WOA.

Dion will be talking about the SOA-WOA evolution at the SOA in Action conference I will be emceeing October 28-29.

October 2nd, 2009

Biggest cloud of all: Amazon EC2 makes about $220 million a year

Posted by Joe McKendrick @ 1:58 pm

Categories: General, Vendor Watch, Web Services, cloud computing

Tags: Amazon.com Inc., Amazon EC2, Randy Bias, Cloud Computing, Virtualization, Hardware, Joe McKendrick

Anyone wondering how the commercial cloud computing business model is working should look no further than Amazon Web Services.

Randy Bias just published estimates that AWS is pulling in about $220 million annually for its Elastic Compute Cloud (EC2) offerings. He bases his conclusions on “actual verified EC2 numbers plus some guesses and a rough model of it’s current annual usage.” He also estimates that AWS runs about 40,000 servers to support the service.  EC2 probably grew at a rate of 10% from year to year, Randy believes.

Not bad for a business model based on increments of 10 cents to 80 cents an hour for standard usage. EC2 is a Web service that provides resizable compute capacity in the cloud.

With these numbers in hand, Randy also observes that they may also tell the story about the overall size of the infrastructure cloud computing (Infrastructure as a Service) market. Randy sizes this marker at about $400 million to $600 million, and growing about 10% to 20% annually.

The EC2 revenues represent about 1% of Amazon’s revenues for the most recent fiscal year. ($19.2 billion.) Amazon has really effectively leveraged the capacity from its retail business to offer services to the rest of the market. Is this something other companies with large IT infrastructures can contemplate?

September 30th, 2009

Seven ways companies go wrong with SOA

Posted by Joe McKendrick @ 7:18 am

Categories: Business ROI, Enterprise Architecture, Management, Web 2.0-Enterprise 2.0, Web Services, business process management, cloud computing

Tags: SOA, Service-Oriented Architecture (SOA), Web Services, Middleware, Enterprise Software, Software, Joe McKendrick

Remember, SOA is a journey, not a quick overnight fix. It’s a transformative process that your organization will follow for the long run.

A few years back, I put together a list of where companies appeared to be steering in the wrong direction in terms of SOA implementations. The list bears repeating, because the issues still keep getting in the way of SOA success. Many companies run the risk of jumping into the approach without looking at where they are leaping. Here are the most common pitfalls that could tie an SOA installation into knots.

1) Viewing SOA as a global, enterprise-scale project involving the entire enterprise: An SOA need not be a galactic initiative that sucks up resources all across the enterprise. In fact, one of the beauties of SOA that it can start small and simple, deployed across a single business process. Definitions of SOA vary, but SOA can start with something as simple as some Web services that accomplish an end-to-end process, such as fulfilling a purchase order.

2) Looking to a single vendor to offer very complete SOA solutions: There’s no such thing as buying an SOA solution; there’s no such thing as SOA in a box, no matter what a vendor may tell you. SOA is not a product that a vendor can ship to you for installation over the weekend. Rather, SOA is a philosophy around developing your infrastructure using those vendor tools. If you have a J2EE or .NET Framework, you have a framework. An SOA is what you eventually do with those frameworks.

3) Assuming that SOA will automatically grow out of a primordial soup of Web services: Many companies think they have SOA when they actually have a JBOWS (Just a Bunch of Web Services) architecture. Somehow, there’s an assumption out there that a spaghetti architecture of Web services will somehow evolve into something resembling a full-functioning SOA. Actually, it’s possible (but not advisable) to build an SOA-enabled infrastructure with no Web services at all. An organization could have 1,000 Web services, but unless these services work in concert to address specific end-to-end business processes, that does not an SOA make. One additional point about JBOWS, however — there’s nothing wrong with being in the JBOWS stage of evolution, because that’s what it is, a stage of the evolution. But don’t expect the full-fledged agility of SOA at this stage — that’s where the disappointment has crept in.

4) Build it, and they will come: SOA is not an illuminated ballpark in the middle of a cornfield that can be seen from miles around. No one will take advantage of an SOA-enabled infrastructure if they don’t know where to find it, or even if it exists. There’s a rule that if developers have to spend more than 10 minutes to find what they are looking for (and don’t find it), they will create it themselves. An SOA will never be of value if it’s confined to one silo of the organization, and its components are not made available and shared across business unit. An SOA service built, managed, and used by one business unit will cost just as much as any other legacy application.

5) Assuming that businesspeople don’t, or won’t, understand SOA: Actually, most people on the business side can intuitively grasp the potential savings and opportunities an SOA can bring. And Enterprise 2.0 and the cloud dynamic really drives the points about service orientation home on the business side. The potential of reusing services across various business units, versus paying developers to rebuild a new service in each instance, is Management and Finance 101. The difficult part is building and managing such an infrastructure, applying IT governance, monitoring, and management to ensure that services are kept up and running, are scalable, and perform well.

6) Assuming that IT people don’t, or won’t understand the business: It’s time to put this misconception, which has been weaving its way through conferences, articles, and analyst reports for years, to rest. Indeed, SOA needs to be a multi-disciplinary, cooperative effort between IT and other departments. However, IT is part of the business, and IT professionals’ paychecks are signed by the business. Most IT departments understand that they play a vital role in moving the business forward. However, inevitably, specs and priorities will change during the life of a project, and that’s why projects fail. It’s incumbent on both IT and business users to keep each other informed; both have a financial stake in the business’s success.

7) Treating SOA as something far superior to a mere mortal “project:” SOA success is delivered one project at a time. If you have been to any number of SOA conferences, or tuned into the multitude of SOA Webcasts, you probably have heard the message over and over again that “SOA is more than just another project.” Yes, true. SOA does represent a new way of thinking, and will transform your IT, and ultimately, your business processes. However, SOA still needs to be treated as a project, with the same deliberate planning of timelines, establishment of baselines, and measurement of key performance indicators as other large IT projects. SOA requires executive buy-in, it requires resources, and it requires proof that it is paying off.

September 24th, 2009

Enterprise mashup proponents start organizing

Posted by Joe McKendrick @ 8:45 am

Categories: Data managemetnt, Links, Standards Watch, Vendor Watch, Web 2.0-Enterprise 2.0, Web Services, cloud computing

Tags: Enterprise Mashup, Enterprise Mashup Markup Language, Joe McKendrick

As reported a couple of days ago, the enterprise mashup market promises to be a huge one, growing to almost $2 billion in a few years. So it’s high time people involved in this space start organizing and working around some standards everyone can agree on.

Can enterprise mashup proponents avoid the mistakes made with ESBs?

A new consortium, called the Open Mashup Alliance, is the first effort to coalesce around this growing phenomenon. The group’s stated mission is to promote “the successful use of Enterprise Mashup technologies and adoption of an open language that promotes Enterprise Mashup interoperability and portability.”

One of the founding members is ZDNet’s resident Enterprise Web 2.0 guru, Dion Hinchcliffe. Additional charter members include Adobe, Bank of America, Capgemini, HP, Intel, JackBe, Kapow Technologies, ProgrammableWeb, Synteractive, and Xignite.

One of the OMA’s first endeavors is to shepherd the budding Enterprise Mashup Markup Language (EMML) specification for submission to a standards body. EMML is an XML-based, domain-specific language that was designed to address the characteristics that make mashups easier to create and reuse.

There were a bunch of supporting quotes included with the OMA’s announcement, but I think Michael Ogrinz, principal architect at Bank of America and author of the book Mashup Patterns, said it best: “For enterprise mashups to take hold, we need to remove the ‘vendor lock-in’ concerns raised by today’s proprietary toolsets. We also need to inspire the innovative minds of the open-source community to start working in this space. By establishing an open standard for mashups, the OMA and EMML addresses both of these issues.”

Perhaps the industry learned some lessons from another development that proliferated without guiding standards — the enterprise service bus. One of the fiercest criticisms of ESBs has been the way vendors took off in all different directions with their implementations before standards could be established. Perhaps we can avoid this with enterprise mashups. But the looming market size must be a huge temptation.

September 22nd, 2009

Enterprise mashup market to increase tenfold over next five years

Posted by Joe McKendrick @ 9:28 am

Categories: Links, SOA Surveys and Research, Web 2.0-Enterprise 2.0, Web Services, cloud computing

Tags: Enterprise Mashup, SOA, Service-Oriented Architecture (SOA), Web Services, Enterprise Software, Software, Joe McKendrick

A new report from Business Insights predicts that the enterprise mashup market, worth around $161 million in 2008, will expand more than tenfold to $1.74 billion by 2013.

About 33% of companies now use enterprise mashups, Business Insights says.

The catalyst for the enterprise mashup market will be SOA — Business Insights puts the SOA platform market at about $1.4 billion in 2008, which will double in size, to about $2.77 billion by 2014.

It’s interesting that the enterprise mashup market, which currently is about 11% the size of the overall SOA platform market, will soon be 63% the size, or getting close to comparable. This is huge for the front-end part of the equation, if these numbers pan out. But does it make sense?

September 21st, 2009

Cloud offers SOA apps a 'venue to stretch their legs'

Posted by Joe McKendrick @ 9:00 am

Categories: Business ROI, Links, Management, Web 2.0-Enterprise 2.0, cloud computing

Tags: SOA, Service-Oriented Architecture (SOA), Web Services, Middleware, Enterprise Software, Software, Joe McKendrick

“Cloud computing is already beginning to unleash the potential of SOA and much more is on the way.”

Cloud is the target platform SOA has been lacking until now

That’s the view of Gray Hall, a veteran of the IT hosting industry, in a recent post on the growing role of SOA in cloud formations. Gray states that SOA is an architectural pattern and cloud is a target platform for that pattern. The significance of cloud, he adds, is that SOA has languished since its inception, and the reason is because it has lacked a “target platform.” As he puts it:

“[It] is correct to call SOA an architectural pattern.  [It] is correct to call cloud computing a ‘target platform.’  But the real news in this story is that a target platform is exactly what SOA has been lacking all these years.  All applications must run somewhere; applications need infrastructure. SOA is an application architecture; cloud computing is an infrastructure architecture.  It’s that simple.  This marriage is long overdue.”

Gray says that cloud processing (dynamic allocation of CPU resources) and cloud storage (Web services API access to storage resources) infrastructure “is the most natural target platform for SOA apps because cloud infrastructure is designed to scale in the way implied by the SOA approach to application architecture.”

Cloud infrastructure services such as Amazon Web Services and Rackspace have made SOA real to many companies, he says. “Until recently, where could a SOA app find a venue to stretch its legs?”

Gray has hit upon something here. SOA’s value is not seen within services built for a single silo, or even those shared between two or more silos. SOA begins to pay off as the result of a network effect — services built and consumed across a growing Web of providers and consumers. Cloud-based services are broadening organizations’ vistas as to when and where they can access services.

(Thanks to reader csarkar for the pointer to Gray’s post.)

September 18th, 2009

Is cloud computing possible without SOA?

Posted by Joe McKendrick @ 8:29 am

Categories: Business ROI, Links, Management, SOA Events, cloud computing

Tags: Cloud Computing, SOA, Service-Oriented Architecture (SOA), Web Services, Middleware, Enterprise Software, Software, Joe McKendrick

Is cloud computing possible without SOA?

Yes, but don’t expect things to move very smoothly.

Is SOA possible without cloud computing?

Of course. But don’t expect any impetus toward the loose coupling model you’re trying to promote.

I just listened to a podcast with Mike Kavis, CTO of M-Dot, who sat down with my colleague at ebizQ, Peter Schooff, to talk about SOA and the cloud and the advantages and difficulties enterprises face moving from SOA to the cloud.

Practicing SOA gives many companies a leg up when they start looking at cloud formations, Mike observes. First, he says, there’s the loosely coupled aspect of SOA — very important. “Companies who aren’t practicing service oriented architecture will be tightly coupled to their databases, will be tightly coupled to their infrastructure. So it’s very hard for them to move, or shift, or change things around,” he says. “Whereas companies with a service oriented architecture can look at their entire offering and say, ‘hey, these pieces make sense to move the cloud, these other pieces don’t,’ and they can make those moves. Without a service oriented architecture, it almost becomes an all or nothing proposition and that’s not a recipe for success.”

Mike establishes, then, that SOA is a big enabler for cloud computing. But at the same time, cloud computing is a big enabler for SOA. As Mike put it in the interview: “We all know that SOA has had its troubles catching on, and I think the movement to the cloud is one of the best things that could happen to SOA. Because what you’ll find is its very hard to move to the cloud when you’re tightly coupled to your architecture. And then I also see a lot more requirements for businesses to integrate with partners, to leverage mashups, to do those types of things, connect into other Software-as-a-Service providers.”

Mike did a great job of exploring the technical justification for SOA and cloud working together. Let me add there’s an enormous business justification for the SOA-cloud alliance as well. For years, IT has been fighting the tides trying to get business to understand what SOA is about, why it should be funded, and what the results will be. But business quickly gets cloud computing. The best way to sell SOA to the business is as an internal cloud program. Cloud finally makes SOA tangible to the business.

September 8th, 2009

Cloud may complicate SOA load balancing act

Posted by Joe McKendrick @ 1:47 pm

Categories: Enterprise Architecture, General, Links, Management, Vendor Watch, Web Services, cloud computing

Tags: Joe McKendrick

One of the major selling points of SOA and cloud computing is that service consumers don’t have to worry about the platform and hardware that the service is hosted on, be it somewhere else within the enterprise or maintained by an outside third party.

SOA’s greatest risk? Too much success, catching planners unprepared

Providers of services (and users), however, need to assure the availability of the service, and how much stress the underlying infrastructure can take as the service is repeatedly accessed. Lori MacVittie just posted a detailed analysis of the load balancing challenge associated with SOA-based deployments.

Lori cites a post by Stephan Koser, who provides a vivid scenario of what can go wrong with unbalanced SOA.

To function effectively, Lori observes, any load-balancing algorithm put into to place to assure availability and scalability of the service-delivery network be able to take into consideration the current load being handled by the particular server handling the request:

“This requires that the load balancer, the application delivery controller, be aware of the application, its environment, as collaboration well as the network and the user. It must be able to make a decision, in real-time, about where to direct any given request based on all the variables available. That includes CPU resources, what the request is, and even who the user/application is.”

However, when the cloud paradigm is introduced, this ability to see and monitor the systems providing services is, well, clouded over. If anything, Lori warns, cloud computing leads to poor visibility and renders load-balancing strategies useless. “The belief that the infrastructure should be ‘hidden’ from the user (that’s you) means that configuration options – like the load balancing algorithm – aren’t available to you as a user/deployer of cloud-based applications. Even though load balancing is going to be used to scale your application, you have no clue or control over how that’s going to occur.”

Lori very aptly points out that despite all the emphasis on virtualization, “applications are not islands,” and the ability to deliver and manage applications ” requires collaboration between a growing number of components in the data center.” Load balancing is a good start.

There’s plenty of talk about SOA failure, but, ironically, the greatest risk may come from too much SOA success. Organizations deploy shareable services, only to have them pounded into the ground by a growing number of requesting applications. Here’s a case where SOA costs may be driven up by the need to quickly put in or provision additional hardware. Cloud adds a new dimension to the challenge.

September 1st, 2009

Another view: cloud not ready to take on SOA heavy lifting

Posted by Joe McKendrick @ 8:29 am

Categories: General, Links, SOA Surveys and Research, cloud computing

Tags: Cloud Computing, SOA, Service-Oriented Architecture (SOA), Web Services, Middleware, Enterprise Software, Software, Joe McKendrick

Anne Thomas Manes penned a thoughtful response to my recent post on “Cloud: the SOA we always wanted, but never had?” Anne agrees with my premise that cloud computing will boost the viability of SOA in business contexts, but takes issue with points I made about cloud finally delivering some long-sought SOA promises — including being understood by the business, being technology agnostic, necessitating provider-consumer contracts, or building trust between service providers and consumers. It’s too soon to make these assertions, she states:

As far as I can tell, cloud computing is none of these things. It should be. But cloud is too nascent for such assertions. Besides, in order to achieve these characteristics in cloud-based systems, organizations have to 1- design them that way, and 2- develop the contracts and trust described. You won’t achieve these characteristics automagically just by deploying a system to EC2, Force.com, or some other cloud provider.

I agree with Anne that we’re in the early stages of this paradigm, and the current cloud model for external-provided services (such as EC2) doesn’t address deep integration issues. However, with SOA as the foundation of private cloud implementations, we are more likely to see many of the above-mentioned promises of SOA finally being realized.

My colleague Phil Wainewright also provides some interesting thoughts on private clouds in his latest post. For enterprises, the future may lie in virtual private clouds, or “computing that operates within a public cloud but which uses virtual private networking to give individual enterprises the ability to mask off a portion of the public cloud under their own delegated control and management…  so that enterprises can begin to harness the benefits of cloud computing without having to expose their entire existing infrastructure to the public cloud in one fell swoop.”

Clearly the future of SOA as well. Stay tuned.

August 27th, 2009

Cloud: the SOA we always wanted, but never had?

Posted by Joe McKendrick @ 1:19 pm

Categories: Business ROI, Links, Management, SOA Events, SOA Surveys and Research, Vendor Watch, Web 2.0-Enterprise 2.0, business process management, cloud computing

Tags: SOA, IT Costs Cloud, Service-Oriented Architecture (SOA), Web Services, Middleware, Enterprise Software, Software, Joe McKendrick

Is cloud computing — in which services are produced and consumed across entities — paving the way for a massive wave of service oriented architecture adoption across businesses?

‘Cloud is SOA done right’

I recently had the opportunity to join a lively panel discussion led by Phil Wainewright to ruminate over this question, and we came to a general conclusion that cloud, indeed, is making SOA an easier sell to businesses. The consensus seemed to be that cloud is helping to boost the advantages promised by service orientation to a firmer business footing.

Phil and I were joined by David Bressler, principal architect with Progress Software, and Ed Horst, vice president of product strategy for AmberPoint. (Listen to the 45-minute interactive panel discussion here, read the full transcript here.)

I know many of you will correctly point out that cloud and SOA are different entities, with SOA focusing on the architecture and cloud on delivery of services. But consider the ways cloud is turbo-charging SOA. In some cases, SOA proponents have been struggling for years to get things moving in the right direction, and cloud is providing some new oomph and vitality to the effort:

• Cloud (as SOA should be) is well understand, and often demanded, by the business
• Cloud (as SOA should be) is platform, language, and technology agnostic
• Cloud (as SOA should) provides greater visibility and transparency to actual IT costs
• Cloud (as SOA should) necessitates binding contracts between service providers and consumers
• Cloud (as SOA should be) is based on trust between service providers and consumers
• Cloud (as SOA should) originates from business requirements

As Phil — who has been tracking developments in this space since launching LooselyCoupled.com almost a decade ago — put it, “Cloud is SOA done right.”

The panel kicked off with a discussion of the advantages cloud brings to the table, including service functionality across firewalls, more rapid delivery of information technology, and greater opportunities for integration. However, Phil pondered whether these are all the benefits that SOA was supposed to deliver.

Dave observed that cloud enables these advantages “through a way that allows you to use external providers to jump start that. “By doing that, it becomes much more component driven.”  Plus, actual costs of business and IT services are more visible. Often, he added, a lot of infrastructure inside the enterprise “is discounted because there’s no clear or immediate benefit.”

Both SOA and cloud “have the same benefits because they both are essentially — fundamentally, architecturally, the same thing,” Dave continued.  “But that’s where SOA leaves it — as an architecture. Cloud is about external providers providing services and wrapping those things — including the contract, the SLA — and then delivering that to different constituents.”

I pointed out that the ramp-up to SOA provided some foundation for the cloud experience, since “one of the big issues that many companies had to come to terms with in SOA is the establishing service level agreements, because they necessarily didn’t know where the service was originating — from another part of the enterprise, or crossing the firewall.” reliability and scalability also needed to be guaranteed.

Ed noted, however, that whether its SOA or cloud, enterprise service consumers do typically have a handle on who is providing the service. “In a lot of the customer examples that we have — telco, healthcare, those kinds of things — they’re still interacting with a well-known group of users,” he pointed out. “It’s not random, you-don’t-know-who-you’re-interacting-with kind of situation.”

There are also lessons to be drawn from the SOA experience that can be applied to cloud computing as well, Ed said. For one, “start with a specific project that has some kind of reasonable boundaries to it, that’s going to have daily business impact when it’s done.  You want something that has regular use.” Also, Ed advised, “avoid the “boil-the-ocean architecture approach where we’re going to get everything to be cloud before we really do anything in cloud — we’ve seen that in SOA.” He recounted how one company developed a 72-page book of specifications,  looking at every possible policy consideration, before they even started working with an SOA methodology. “Those boil-the-ocean approaches probably fail more often than they succeed,” he said.

The best approach for SOA — and now for cloud — is more of a hybrid strategy that focuses on specific projects, but employs a broad-brush architectural approach. “One of the more successful strategies I’ve seen is kind of a hybrid of kind of broad strokes as to where the overall architecture is going, where we really want to end up in two, or three, or four, or five years even — but with some real practical realities around that initial project.” Also, another lesson from SOA: “Govern early and often. You don’t usually regret having done that early on — but you oftentimes regret not having done it if you don’t.”

I added this thought to the conversation: if one was to be attending a conference ten years from now, “you will see that cloud did change the way we look at SOA and for a couple of reasons.” First, through cloud computing, the business gained a better understanding of service orientation. “If you want to sell SOA to the  business, pitch it as cloud.”

Dave also raised the issue of cost structure, and how cloud — for better or worse — provides greater visibility into hidden costs that SOA does not address.

He illustrated the point this way:

“You and I are working in the same company.  You have a service, I’m using that, we shake hands. ‘Phil, throw an extra server in there because I’m going to add some capacity. How much capacity?  I don’t know yet. Okay, let’s go play golf.’  But now, I’m paying you to do the same thing as a cloud provider and I’m going to look at the bill. ‘Ooh, how come there are two servers on the bill?’  You might then go to your team say, ‘find another service somewhere and put it in.’”

The cloud providers will  provide their services at a specific cost, that’s the actual cost plus whatever the margin may be. Whereas, internal IT has always been kind of subsidized.  If you need a  project, you get internal IT to put it together for you, and delivered for you, and a lot of those costs  either were hidden, and were dispersed across the enterprise. Cloud is forcing organizations to look at the actual cost of service delivery and perhaps the alignment more with what the market will  be.

August 20th, 2009

Debate: Is SOA still too immature to secure?

Posted by Joe McKendrick @ 3:19 pm

Categories: Data managemetnt, General, Links, Management, SOA Surveys and Research, Standards Watch, cloud computing

Tags: SOA, Service-Oriented Architecture (SOA), Web Services, Middleware, Enterprise Software, Software, Joe McKendrick

Two recent posts by leading SOA thinkers have different takes on the state of SOA security. Is it a monstrosity that is almost impossible to secure end to end, or is it something that can be started relatively simply and grown with proper attention and management?

Will SOA outgrow its insecurity?

Forrester’s Randy Heffner says we have reached a point where SOA is secure enough for prime time. However, he cautions, while WS-Security has helped standard Web services using SOAP, some careful navigation is required for full-blown SOA. But it’s doable. “Advanced SOA security - involving federation among partners, nonrepudiation, and propagation of user identities across multiple layers of service implementations - is in its early days,” Randy points out. Still, the need for robust SOA security will be inevitable. “Many user organizations will find that advanced SOA security becomes mandatory - especially with increasing data privacy and other regulations.”

JP Morgenthal takes a dimmer view on SOA security, pointing out the world really hasn’t agreed on a consistent definition of SOA, and, therefore, there may be issues with attempting to provide security. As he points out: “If you can’t define it, you cannot secure it!”

JP adds that while there is plenty of research and literature on the topic of cybersecurity, there’s very little that connects SOA and cybersecurity. The problem is that SOA touches so many parts of the technology stack, and each has its own security solutions and protocols.

“If you’re tasked with focusing on cybersecurity for your SOA, you could focus on locking down access to your Web services, stopping SQL injection attacks, addressing DDoS attacks against the service, etc. Each of these areas requires considerable knowledge of the entire computing stack from telecom through the hardware through the operating system and into the application. Holy rotten fish Batman! That’s a tall order for even the most adept team, but it’s made even more difficult by the fact that there aren’t that many cybersecurity experts available that understands this entire domain.”

Still, Randy Heffner takes a stab at designing SOA security, starting with virtual private networks and two-way Secure Sockets Layer (SSL) at the simplest level. “Hackers cannot even connect to an SOA-based service unless they steal a certificate and key from a service consumer,” he says. Move up a step or two, and the next option is to leverage “existing SOA security features in Java or .NET application platforms and concentrating SOA security within an SOA specialty product such as an enterprise service bus, SOA and Web services management solution, SOA security server, or SOA appliance,” Randy says.

Ultimately, even when starting with a simple SOA security such as VPNs or SSL, SOA proponents need to recognize that the process will develop into something more intricate. The key is “to anticipate the need for and leave paths open to build additional, deeper security functionality as business requirements demand and SOA security maturity allows,” Randy says.  We’ll grow and learn as we go along, he believes:

“Typically not all applications need all of your security requirements; initial applications may be able to do with a lighter-weight pass on building your SOA security solution, while later applications require you to fill in your solution with additional features….  Each time you make a pass through, you will learn more about how to build the most effective SOA security solution with the pieces that you have.”

Still, JP says the current crop of tools and protocols are too immature for top-to-bottom SOA. Things will only get more complicated as SOA-enabled services become part of cloud offerings. “What I have experience in with regard to the WS-* security mechanisms, security tools and technologies for securing Web-based and non-Web-based applications, still do not begin to address the real hard issues regarding cybersecurity in an SOA; especially as we expand the notion of service.”

SOA raises issues that never arose in the days of siloed applications and point-to-point Web services. Both Randy and JP recognize that securing a complex network that touches many parts of the stack is going to take work. Where they disagree is whether current approaches are at least a place to get started. JP adds that SOA is too much of an amorphous, changing entity on which to base solid security decisions.

August 14th, 2009

Gartner: SOA out of 'trough of disillusionment,' cloud on hype peak

Posted by Joe McKendrick @ 7:38 am

Categories: General, SOA Surveys and Research, Web 2.0-Enterprise 2.0, cloud computing

Tags: Trough, Gartner Inc., SOA, Service-Oriented Architecture (SOA), Web 2.0, Web Services, Middleware, Enterprise Software, Software, Internet

Gartner recently released its latest “hype cycle” diagram for 2009, which shows service-oriented architecture to be well past the “trough of disillusionment” and climbing the vaunted “slope of enlightenment.”

Cloud computing, however, is now at the pinnacle of hype (no surprise there, right?), and ready to plunge into the trough. Interestingly, Web 2.0 now seems to be emerging from the disillusionment trough.

Being on the slope of enlightenment is typically the stage where vendors, analysts, and pundits are no longer gushing about how wonderful and world-shattering the technology/methodology is. Nor are they ranting on about what a flop the thing is. Instead, it’s the roll-up-your-sleeves stage, when companies and their technology professionals are getting down and making the stuff actually work.

Next stop: The “plateau of productivity!”

Source: Gartner (August 2009)