7.5 Managing it all

The disciplines and technologies required to incisively manage Web services “based application scenarios fall under the umbrella of what system vendors and system integrators have referred to since the start of the 1990s as total enterprise management, or system management. Total enterprise management goes way beyond just network management to encompass hardware platforms, operating systems, applications, operational procedures, and even business issues (e.g., making sure maintenance contacts were paid in time and kept current). IBM, an early proponent of this strategic field, neatly captured what it was all about by branding it SystemView ”to contrast it from NetView, at one point the gold standard for network management in Fortune 1000 companies.

Though many corporations have yet to get around to exploiting the true potential of total enterprise management, the requisite enabling technology is well established and readily available from a wide number of bluechip names . Thus, proven total enterprise management solutions, which also encompass the needs of managing Web services, are available from the likes of IBM/Tivoli, Computer Associates (CA), H-P (under the well-known OpenView marquee), and Sun (i.e., Sun Management Center). Consequently, one does not have to be concerned that managing Web services “ related software scenarios is going to be hampered by a paucity of appropriate management tools.

The key features of Sun s Management Center, according to Sun, are shown in Figure 7.12, and one should note the management disciplines of particular interest to Web services, such as change management and service availability management. At this juncture it is also useful to see what CA, an acknowledged leader in enterprise management with its Unicenter family of products, has to say about system management of distributed, multivendor environments of the type that will be used in Web-services scenarios. CA s perspective, shown in Figure 7.13, clearly captures what is indeed possible with today s system management tools.

Figure 7.12: Key features of Sun s Management Center 3.5, which includes Change Manager and Service Availability Manager.

Figure 7.13: A composite of material from Computer Associates Web site showing its perspective on system management. Keep in mind that CA has a long and respected track record in the management arena.

In addition to the holistic total enterprise management solutions that treat Web services as just another software deployment configuration, there are also specific Web-services management offerings from the likes of AmberPoint (www.amberpoint.com). Figure 7.14 shows an overview of AmberPoint s solution, which demonstrates that it recognizes the need to bring management, monitoring, and security capabilities to Web-services systems so that they can be transformed into trustworthy, enterprise-class business assets. Also note that per the repeated themes in this chapter, the AmberPoint offering also targets change management (i.e., enabling online upgrades and versioning), service-level monitoring, and multiplatform management. Yet again the message here is that, as with security measures (e.g., digital certificates, SSL), the necessary knowledge and technology for managing Web services are already in place.

Figure 7.14: AmberPoint s overview of its Web services “specific management solution.

The Web services “related entities that need to be managed with the new application model (Figure 7.15) include:

The calling application
The platform hosting the calling application
The (remote) Web services
The platforms on which the various Web services are running
Web services gateways (e.g., XML application firewall)
Network connection

Figure 7.15: The magnifying glass icons in this diagram signify the Web services “related entities that need to be monitored and managed with the new application model.

The need to monitor and manage distant resources owned by third parties, as will be the case with remotely invoked Web services, will be seen by some as adding a whole new dimension of complexity to the overall management challenge. This is not necessarily so. Today s IP-based, Internet-oriented management methodology, by and large, is location and distance independent. Entities are identified and managed per their IP addresses. Thus, the exact location of an entity is immaterial to the management software. As long as the underlying network can locate the required entity (e.g., be able to ping it), the management software will be able to access it irrespective of whether it is located on the same system or halfway around the world. In this context it is also worth remembering that enterprises now have considerable experience managing remotely hosted Web servers. Remotely hosted Web services are but an extension of this model.

Being able to monitor and manage third-party-owned Web services on remotely located platforms should, however, only be possible with the explicit blessing of the Web-service owner ”as well as the operator of the remote platform, if the service is being hosted by another. One obviously would want to steer well clear of Web services that supposedly offer an open , unrestricted management interface, given the potential security vulnerabilities of such an unregulated service. Thus, being able to monitor and manage a remote Web service should be contingent on preestablished and validated authentication, access control, and data privacy (e.g., encryption) mechanisms. The management interface should not be a possible point of vulnerability (i.e., the weakest link) in the overall security architecture, since a determined hacker will most likely begin with probing this interface when looking for a way to break into the system.

What is possible and permitted when it comes to the remote monitoring and management of a Web service should be something that is explicitly discussed during the evaluation phase and agreed upon, contractually, prior to production use. It is not something that you would want to tackle on an ad hoc basis after you have already started to use a service. It is also important to remember that this remote management capability, though technically possible and philosophically pleasing, may not always be necessary or practical.

In some instances, depending on the nature of the service or the stature of the provider, one may not want to manage the remote service. Managing software, despite the assistance of the management tools, is a specialized function and should be undertaken only by knowledgeable, trained, and responsible system administrators. Thus, there is a tangible cost component associated with instituting and operating a remote software monitoring capability, especially if it is to be on a 24/7 basis. Consequently, in some instances it may be more practical to leave all the monitoring and management responsibilities with the service provider. A real-time collaborative scheme, based on e-mail, instant messaging, or cell phones, could then be used if any critical issues need to be communicated between the service provider and the service user . There will also be cases where the service provider is unwilling to provide direct monitoring and management capabilities and instead will be willing to offer only a notification mechanism. Proven and incisive technology to facilitate remote management of Web services is readily available, and management is not an impediment when it comes to Web-services exploitation.

The key total enterprise management disciplines that are pertinent when it comes to Web services include:

Problem management: This obviously applies to all entities, end to end, including the network, and one may want to augment this with filtering and consolidating capabilities to prevent one underlying problem from being reported multiple times, with different flavors, from each of the managed entities.
Performance management, including workload management and capacity management
Application management, which embraces resource usage monitoring, user administration, and usage accounting
Change management, particularly as it applies to the remote Web services
Security management, which includes intrusion detection notification
Usage monitoring
Operations management, which with today s technology can include both automated operations (e.g., backups ) and operator tracking (e.g., time taken to respond to an intervention request)

Management portals, where the information streams from multiple management disciplines, can be filtered, correlated, and structured better to aid comprehension , are also now becoming the focal point for total enterprise management. CA s Unicenter Management Portal, as shown in Figure 7.16, is a quintessential example of such consolidated management portals. Another emerging trend, which will in time play a role in Web-services management, is that of self-managing software, as epitomized by IBM s ambitious autonomic computing program (ne Project eLiza) and Microsoft s new Dynamic Systems Initiative (DSI). The bottom line is that managing Web services “based application environments, though not a simple undertaking, is not going to be hampered by a lack of the necessary tools and expertise.

Figure 7.16: The concept of a management portal, as exemplified by CA s Unicenter Management Portal.