SOA Governance Tools Simplified

Loraine Lawson

There's a lot of confusion over the term "SOA Governance" and its meaning.


David Linthicum recently took up the banner of defining SOA governance and explaining the difference between run-time and design-time governance. His definition is concise and understandable. You can read it here or you can hear him explain it in a podcast.


If you're confused about SOA governance solutions, you're in good company. It might help you to know you probably already have a popular SOA governance tool installed on your PC right now.


Frank Kenney, a Gartner research analyst, says the number-one registry repository tool today is probably the spreadsheet. That's right -- good old Microsoft Excel:

"It's everywhere; it's ubiquitous in terms of companies and organizations. Many development teams are passing around Excel documents and just logging, OK, this service does this, and it's located here."

Kenney recently co-authored a report on integrated SOA governance solutions, so I interviewed him about the report. I asked him to explain SOA governance tools as if they were cars: What's economy, standard and luxury? Obviously, for most it's standard.


Vendors add on extras from there. For an idea of the type of extras available, you can peruse Gartner's Magic Quadrant report on Integrated SOA Governance Technology.


So, when do you need SOA governance and how do you know what extras to add?


Answering those questions is tricky, since the advice varies.


Robert Meyer, the senior product marketing manager for Tibco, claims companies typically need governance once they've built 50 services.


Linthicum says you don't need to worry about SOA governance until you've actually built your architecture. After that, you can find a governance tool that fits.


Kenney said it's not an issue of how many services you have, but rather how mission-critical those services are.

"In other words, if you have one service that faces all of your customers, and you're relying on that service to have maximum uptime, well, that small set of services to have maximum uptime, and to be absolutely secure because you're taking credit card numbers, then you're going to want to probably bring in that Cadillac or Rolls Royce-class of governance technology, or at least security and management technology."

He added you can have a thousand services, but if they're internal and aren't critical to the business and aren't invoked daily, then a spreadsheet should be fine.


Call me crazy, but I'd start by test driving the economy model and add on.

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


Add Comment      Leave a comment on this blog post
Feb 21, 2008 2:15 PM Kelvin Meeks Kelvin Meeks  says:
I have recently conducted some preliminary testing of some open source Registry/Repository type tools for a client - that could be helpful for organizations that are looking to experiment first before paying big bucks for some vendor solution.Yelohttp://freshmeat.net/projects/yelo/"Yelo is a standalone service catalog for SOA (service-oriented architecture). A service catalog is an important part of the business process of service-oriented architecture and seems to be available today only as part of a larger package. This application is meant to foster a "marketplace" approach to services within an enterprise. "Opinion: Not bad for a simple catalog. Could be easily extended. Better than a spreadsheet being passed around. Does not appear to be an active project. .NET implementation.WS02 Registry - 1.0http://wso2.org/projects/registryWSO2 Registry enables you to store, catalog, index and manage your enterprise meta data in a simple, scalable and easy-to-use model. It is designed around community concepts such as tags, comments, ratings, users and roles.WSO2 Registry can be considered a structured Wiki designed to help manage meta-data in a simple and a business-friendly manner. In addition, the registry allows storage of unstructured data such as Word documents and Excel spreadsheets. Using this approach, you can build a catalog of enterprise information ranging from services to service descriptions.WSO2 Registry can be deployed in application servers and accessed using the Web UI or the APP interface. It can also be embedded as a Java library within Java programs that can then be used as a resource store with all community features and versioning.WSO2 Registry is released under the Apache License v2.0Storing and managing resources and collections Tagging, commenting and rating resources Managing users and roles Authentication and authorization on all resources Resource/collection versioning Tag based search Advanced search Activity log and filtering support APP based Remote Registry Media type handling support Web based user interface with Web 2.0 look and feel Opinon: Recently released (Feb. 11th 2008) - has a nice UI - but there are some bugs that the development team needs to resolve. Worth monitoring this one as it develops further.freebXML Registry - Omar 3.1 (ebXML reference implementation)http://ebxmlrr.sourceforge.net/Packed with features, thick and thin clients supported, Java implementation.Opinion: The UI is not intuitive, seems a bit cluttered....but might be worth the effort to customize the UI if a team wanted a robust, feature-rich, tool.Summary:If you want to share information for a small set of web services - a Wiki might be a better approach over a spreadsheet. I've recently adopted TikiWiki for team design collaboration for a current SOA project.http://info.tikiwiki.org/tiki-index.php Reply
Apr 4, 2008 6:28 PM Roland Roland  says:
A spread sheet! Gimme a break! Sounds like attempting to govern an auto assembly process by creating a nuts and bolts bin and calling that the governance process. And this from Gartner, well they know the state of the industry, so it gives insight on just how SOA is taking hold. It's been around for 10 years and still sounds like no one with the management power to get it done has a clue. Well I've been a part of the technical and architectural attempt of transitioning major enterprises into it (from Client/Server to EAI, to SOA) for the last 20 years. And my experience is that the old wisdom of not doing the "big bang" is failing. We need to realize SOA is a paradigm shift, where foundational thinking needs to change, and must permeate the entire life cycle (from project initiation, to requirements gathering, to architecture, to design, to construction, to etc. etc.). The ones that have the best success are the small to midlevel enterprises because they can make the appropriate shift, or start from scratch, cost effectively. The big guys are stuck. They'll never be able to replace the monstrosities they have constructed. There's too much self interest involved, no "big guy" CIO is gonna put his job at stake trying to get it done. He'll just wait till retirement and wait for the next guy to try. Who by the time he gets there will not want to put his job at stake either. He worked too hard in the old paradigm to get there, then risk it all by an attempt to implement something that he has no clue of. He too will nickel and dime it then claim they've arrived, yet the numbers won't show it. They're just gonna have to die off as the small to midlevels grow and conquer them in the market place due to attaining the capabilities promised by SOA and subsquent innovations (mashups, Web 2.0 APIs, etc, etc). Reply
Nov 4, 2009 9:48 AM James Morran James Morran  says:

We were looking for a cost effective tool for SOA runtime governance. We needed security and visibility. Ultimatley we found JaxView to be the most comprehensive and cost effective tool out there. It integrates easily with many ESB's and the multiple deployment options also helped.

Jan 19, 2010 12:50 PM Marcelo Carvalho Fernandes Marcelo Carvalho Fernandes  says:

I think the decision maker must think about the following questions:

   1) Do you know what do you need in your spreadsheet?

   2) Do your know that at the heart of any Governance initiative lies communication?

   3) Will the use of a spreadsheet make the communication harder to happen?

   4) Do you know what you loose by using a spreadsheet instead of an open source tool?

   5) Do you know what you loose by using an open source tool instead of a proprietary tool?

I'm taking into account all of them to make a well informed decision and avoid future problems.

By the way, I would like to add another open source tool to the list. It's Mule Galaxy (http://www.mulesoft.org/display/GALAXY/Home). Unfortunately I'm not able to give an opnion about it.

Apr 28, 2010 12:35 PM steve steve  says: in response to James Morran

I agree. We use JaxView also. Very reliable and comprehensive and a fraction of the cost of anything out there


Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.

Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.