Today we’re going to look at a quick way to implement – and to interactively manage – business activity monitoring.

Last month, the Ultimus Corp. announced the Ultimus iBAM Suite, which has two pretty notable features: It enables business owners to create a BAM infrastructure in under 10 minutes – and then gives business side managers the ability to adjust key performance indicators in real-time.

“Most of our customer have already deployed Ulitmus BPM suite to gain greater process control and efficiency,” Ultimus CMO Rick Thompson said. “But they were also interested in measuring short-term snapshots and key performance indicators, and they really started asking us a couple of years ago if there was a way to provide increased short-term visibility through business activity monitoring.”

However, Thomspon noted, traditional BI and BAM systems “can cost between 200,000 and $500,000” and are complex to deploy -- and require a lot of IT resources.

But combining BAM with BPM lets an organization get started quickly at a lower cost, and Thompson noted, gives “an added degree of accountability, so not only when a threshold is achieved can an alert be sent to someone, but then because it’s linked with BPM, you actually have the ability to assure that execution has happened."

Users can used iBAM’s drag-and-drop interface to create a gauge and a dial in less than 10 minutes and begin monitoring their key business processes, while open architecture and Web Services and .Net compatibility ensures the BAM capabilities can expose any database or system that exists in the company.

Case studies and possible uses Thompson detailed include:

-- A finance department can see how many accounts are over 30 days outstanding, 60 days outstanding or 90 days outstanding.

In addition to monitoring the level of overdue accounts receivable, “You can actually trigger an email that would be sent to the account notifying them that they’re slow on their payments After 60 days, you might want to not only send a follow-up email, but you also alert your finance people to call the particular account,” Thompson said.

-- A support center might want to measure the number of support calls, the number of calls required to close a support incident, and the percentage of support calls that are successfully resolved in the first call.

“Then what you can also do is trigger an alert, for example; if a customer calls back more than three times, and the support incident is not closed, that could send an email to a support manager who can then intervene to insure that the right steps are being taken,” Thompson observed.

--Another customer is handling promotions and rebates for hundreds of products for two of the largest do-it-yourself home improvement centers in the country.

“They have rebates for discounts on hundreds of different products that they have. It’s a very complicated process that requires a lot of different approvals from the product managers and account managers, and then it has to get paid back to the customer in time,” Thompson noted. “Any product manager can go in and look in real-time see what is the status of each of those rebates, what’s the payment on it, and does any action to be taken in order to push those through.

“The same thing can happen in shipping, as each product is loaded on a shipping dock onto a truck, they can enter into their system right on the dock, and as all orders get completed, that can then be tracked by the Ultimus BPM engine,” Thompson added. “And then the Ultimus iBAM Suite provides visibility so that management and other people like the dock manager and also the business managers can see how they’ve performed that day.”

As an added bonus, “they can also build visibility through business activity monitoring into their manufacturing as well and they can see on a daily basis how production is stacking up versus targets,” Thompson said.

To discover many more ways that BAM and BPM can be made to work together, listen to the entire podcast. Download file

Posted by gtrotta in BPM | Permalink | Comments (0) | TrackBacks (0)

Gartner's Research VP for Information Security and Privacy Ray Wagner doesn’t mince words when it comes to the current state of identity and access management.

It is “an undocumented morass that doesn’t work well and is not very auditable.” It has also prompted Gartner to plan its first-ever summit on the topic. The Identity Access and Management Summit will be held from November 29 to December 1st in Las Vegas.

“Things like Sarbanes-Oxley and HIPAA and others have definitely driven an interest in doing a better job,” Wagner notes. “Today, a lot of organizations cannot easily develop a compliance report that says who has access to what in a reasonable amount of time and that’s a major problem.

“Plus identity management just isn’t efficient for a lot of organizations; if it takes a week for a user to get access to an application they need to do their job, that’s a week of lost productivity,” Wagner adds.

Wagner shared his ideas on how a company can justify IAM investments, define its ROI and minimize its cost.

“Automated password resets is one of those ways, and cutting out help desk calls for password resets, which tend to cost a fair amount of money and tend to occur on a relatively significant basis within enterprises.

But efficient IAM can also make for more efficient enterprises:

“When dealing with customers, suppliers, and contractors, you’re able to develop a better relationship often with these outsiders by knowing more about what they are in fact accessing within your enterprise,” Wagner notes. “And you can only do that by centralizing the practice of identity and access management.”

Wagner also detailed the following trends and solutions:

--The different compliance-driven IAM needs for companies in different verticals.

“Financial institutions need higher levels of authentication, while health and insurance companies need to protect privacy of communications. Relatively decentralized (and under-funded) educational institutions, on the other hand, are more open to open source technology.

--A welcome trend away from multiple IAM solutions:

“Rather than buying four or five different systems from four or five different vendors, you’d probably go to one single large infrastructure vendor who would offer you most of, or all of the functionality you’re looking for now. That’s been the big evolution over the past few years.

--Ways to leverage the network access control with IAM:

“Not only because not only do I want to check out the health of the PC that’s attaching to my enterprise network, but I might also want to see who is at the keyboard and in fact drop them into a sub-network that only has the resources they should only have access to. And I can get that information from my IAM system.”

Other trends include IAM’s and Web Services, strong authentication for identity management and personal identity frameworks – “the idea that individual consumers or individual users should have a little more control over their identity information.”

--IAM’s applicability to SOAs:

SOAs require “a representation of identity for the authorizer of the transaction … in order to order to attach this kind of identity information, you need some kind of a standard or format to do so and it turns out that identity federation standards are the best possible way to go about this process,” he notes.

--The role of user provisioning:

Within the identity and management access management framework, there are a couple of initiatives that area appealing involving user provisioning. User provisioning is a central facility within identity and access management; it’s relatively hard to do because you’re dealing with off-the-shelf applications and legacy applications which are not prepared to have a centralized identity management function and usually you have to do a lot of custom coding.

--And the role of emerging standards:

Service Provisioning Markup Language and Security Assertion Markup Language are both efforts at providing a framework for sharing of security information that will probably have significant effect in the security provisioning area in the next few years.

If this podcast has piqued your interest, you can find out more about Gartner's Identity Access and Management Summit set for November 29 to December 1st in Las Vegas by visiting http://www.gartner.com/us/iam.

For much more from Ray Wagner on identity access and management, listen to the entire 10-minute podcast. Download file

Posted by gtrotta in Security and Compliance | Permalink | Comments (0) | TrackBacks (0)

Developers looking for help maintaining performance and availability and security of complex Web applications may want to give DejaClick a look.

The program – available as a Firefox extension – was released by AlertSite on October 16.

“The marketplace in general has addressed Web site monitoring concerns by capturing instructions as they would be transmitted over the Internet; the norm in the industry until now was to provide an emulation of the browser,” AlertSite’s VP of marketing Ken Godskind explained.

“With today’s applications, that’s just not good enough,” he noted. “Test scripts don’t involve actual use of the browser and can’t maintain state, session and navigation. DejaClick records and plays back completely within the browser and handles all the technology all that the browser can handle; we call this ‘true user monitoring,’” Godskind said.

Godskind also described how DejaClick’s provides an “objective set of metrics to note if if service-levels met for specific application level availability and performance” – and its ability to help maintain security.

For complete details, listen to the podcast. Download file

Posted by gtrotta in SOA and Testing | Permalink | Comments (1) | TrackBacks (0)

Most current BI and BPM tools can only analyze 20% of current data pertaining to the enterprise. Analyzing unstructured data like chat and blog postings is becoming a popular way to provide better insights for better business decisions and processes.

“There are a lot of non-traditional data sources which customers and organizations want to use to get a complete picture of what their performance is,” said Skytide Inc. Keith Feingold. These include chat, e-mail and XML log files – data which “doesn’t fit very well into a defined format and mostly tends to be dynamically generated in real-time,” Feingold noted.

“Traditional BI tools are not designed to handle it,” he added. “They require the data to be moved and transformed into a relational format. And it’s often summarized to speed analysis, so there’s some level of information loss.”

Feingold explained how the Skytide Application Platform can operate on that data without the traditional ETL and data movement process and automatically generate models for analysis. This can be presented in Excel and other dashboards.
“We call it ‘BI without the baggage’ he noted.

Feingold went on to describe how Skytide leverages XML for SOA applications:

“Companies deploying SOA have a hybrid, meaning they have some of their data captured and representing through services through SOA, and they have some traditional data sources as well,” he said.

“What we’ve found is that they want to leverage both of these to gain visibility into all the data so they can optimize the business process and understand the root cause of any kind of concerns they have around that business process,” he said.

“These multiple and complex data sources just aren’t a strong suit of tradition of BI, but it is a sweet spot and does seem to be a reason why customers are deploying our technology," he added.

Feingold also went on to describe:
-- A case study where Skytide freed a credit-card company from having to create new ETL and custom data models each time data changed.
-- Why analyzing email and chat has become a growing field.

For complete details, listen to the podcast. Download file

Posted by gtrotta in Business Intelligence | Permalink | Comments (0) | TrackBacks (0)

TIBCO on October 16th released Collaborative Information Manager (CIM) 6.0, a central Master Data Management (MDM) repository that aligns data so that business services and composite applications within an SOA have accurate, consistent and timely information.

“The challenge in master data management stems from keeping the data current making it stay current throughout the life of the data changes,” said Neeraj Gokhale, General Manager of TIBCO’s CIM Business Unit.

Gokhale described how CIM’s an event-based architecture automatically updates data changes with central depositories "from data conception to data consumption."

"When data does gets changed based business rules… we provide the governance and policy management to publish those changes selectively to the downstream systems that need to know about these changes,” he said.

“What you can do is create a complete alignment in master data from point of change to point of consumption of the data where the transaction systems, such as perhaps a an ERP or CRM system can be informed of the changes,” he said.

Gokhale also detailed a variety of case studies, including a Fortune 500 pharmaceutical company that integrated a wide range of enterprise software in the wake of numerous acquisitions.

Another benefit is the ability to both structured and unstructured data.

“Retailers are inclined to use a variety of rich product information so they can power their Web sites through multiple new channels,” Gokhale said. “Similarly financial services are maintaining for a variety of compliance data behind the securities that they trade.”

He cited the example of a consumer manufacturing company’s need to provide up-to-date product information sheets.

“CIM not only stores the rich elements like pictures and bar codes in synch, but creates that .pdf as an output at the end of new product introduction process,” Gokhale noted.

“We can assimilate all the up-to-date and accurate product information that is made into the form with a scannable bar code and picture of the product that can be e-mailed as part of a business process to all the executives in charge of that product, so when they need to provide that information to their customers they have an accurate data representation in paper format,” he explained.

For complete details, listen to the podcast. Download file

Posted by gtrotta in SOA | Permalink | Comments (0) | TrackBacks (0)

Here's some news for companies building an SOA – there’s a new approach to coordinating business and IT groups and ensuring a higher level of quality, change, and build management to deliver services.

Dave Schwartz, General Manager of Mergere, joined us to explain. His company’s new 1.1 version of its Maestro product allows enterprises to keep a well-organized repository of what services they are using and a transparent view into how they are being used.

“The service-based IT infrastructure and good build tools are driven by three key concepts,” Schwartz said. They are, in his words:

1. Broad manageability of interdependent components across an asynchronous, heterogenous environment.

2. Good separation of concerns by using modularity and granularity in the development process.

3. Standardization of interfaces and dependencies.

Of the three, “broad manageability is definitely the key thing that everyone’s focused on right now,” Schwartz said. “And that begins with the active use of an articfact repository that contains artifacts you’re going to need during build time and run time and also metadata about these types of information.

“Organizations that maintain this information early in the development process are guaranteed that they’re going to be able to have manageability once they deploy the service in the long run,” Schwartz said. “This type of information can automate the actual building of the service and make development of services much simpler for SOA developers.”

On reuse, “you need to know a component exists and you also need to know how to get that component,” Schwartz said. Having an artifact repository available and being able to do continuous integration testing against these types of systems ensures you can have reuse within your organization.

If you don’t have ability to test the service by deploying the service automatically in an integration-type environment, you’re not going to know if your interfaces are clean and will build the way you’re going to need them to at run time," he added.

Schwartz concluded by explaining how Maestro tracks actual cross-dependencies between the different applications in metadata. “When you know this from the beginning there’s no additional info you’re going to need to acquire to provide the governance,” he noted. “You can use our repository to see all the different applications that are making use of our service and let people proactively know about the changes.”

For complete details, listen to the podcast. Download file

Posted by gtrotta in SOA | Permalink | Comments (0) | TrackBacks (0)

Analysts estimate that over 80 percent of system unavailability is caused by incorrectly applied changes that don’t conform to IT service management process and policies.

This “change control gap” can have unfortunate effects. Solidcore Systems’ VP of Marketing Bob Vieraitis shared one story of a hotel reservation system that let developers make changes to live systems, bringing down the network and leaving numerous guests out in the cold.

“Change is a constant in any evolving business and IT staffs area constantly firefighting to ensure that IT services reamin available,” Vieraitis said. “Mature organizations are putting together processes like ITIL and ITSM to manage change. The problem is that those processes rely heavily on people following policy and the use of manual methods.

”As a result, changes occur to the IT infrastructure that don’t conform to the policy and process. What you have is a big difference between what IT expects and the changes that actually occurs in the infrastructure,” he added.

Vieraitis then described Solidcore’s three-part approach of linking processes and infrastructure control to close the gap. They include:

1. Real-time tracking of what changes are made, who makes them and what time they were made. “This tracking in real time replaces the older scan based technology – it’s like the difference between comparing two photos and trying to figure out what happened and watching a movie to see what actually happened,” Vieraitis said.

2. Automated change reconciliation that entails documenting deviations from a ticketing system -- which Vieraitis stressed was especially important for compliance solutions.

3. Automated change policy enforcement that enforces change proactively at the endpoint – “if the change is not made at as the appropriate time, comes from an appropriate source, or not tied to an approved change ticket, we can prevent it from happening,” he noted.

In real world, Vieraitis went on to cite examples how change control had benefited companies as diverse as GM, WebEx and retailer Restoration Hardware.

For complete details, listen to the podcast. Download file

Posted by gtrotta in SOA | Permalink | Comments (0) | TrackBacks (0)

Here's some news for companies seeking a model-based approach for better visibility into their SOA management and portal performance.

The Ascera Corporation has just changed its name to ClearApp Inc. -- and in keeping with the new name, it has released a new version of its flagship application performance management solutions -- ClearApp QuickVision 6.0.

The new name, President and CEO Jason Donahue says, reflects their “instant and ongoing visibility into SOA environments.

“We provide unique visibility into SOA environments,” Donahue maintained. “SOA is very different from traditional application development environments, in that the whole sort of premise of SOA is that you build an underlying set of infrastructure for your application that is hopefully fairly static, and then you have the ability on top off that infrastructure to add services on the fly."

Traditional application management gained performance visibility largely via manual bicode instrumentation platforms or resource management platforms, Donahue noted. “And that worked very well in J2EE application worlds where application environments were pretty static, but in SOA, things change,” he observed.

“What happens -- and we’ve seen this time and time again in prospects and customers,” Donahue notes. “Is that people buy these bicode instrument applications, and they have good visibility the first week, but then as the application changes they lose their visibility and they have to reinstrument the application or turn monitoring off.

Usually what they do is the latter, because they can’ get access to the particular engineer or expertise needed,” he added.

“QuickVision, because it is model based, has a hierarchical service based representation of the application and how business logic flows across the application," Donahue added. “We basically have closed loop application to track any change to the application; we automatically reflect those changes so we constantly have on our consoles or our partner’s consoles and up-to-date view of what’s going on in a SOA environment,” he said.

To hear more about how this approach can benefit your business, click on the link below.

For complete details, listen to the podcast. Download file

Posted by gtrotta in SOA | Permalink | Comments (0) | TrackBacks (0)

TIBCO today rolled out General Interface version 3.2 beta release, which features open source licensing, support for Firefox 1.5 -- and a very interesting ability to combine AJAX Rich Internet Applications into SOAs.

TIBCO's director of product marketing -- and noted AJAX pioneer -- Kevin Hakman cited Google Maps’ integration with home sale listings from Craigslist as one example of an RIA that could point the way towards easier SOAs.

“That information is assembled and presented at the point of the browser, and you are no longer generating HTML pages, but you are actually generating true software through a browser,” he noted.

“It adds the ability to create RIAs with AJAX that run on the browser that deliver the best of both worlds – the ease of deployment of Web pages but all the richness and functionality of desktop clients, Hakman said.

This will allow companies to “take existing and new systems and expose them in ways that individual business services can be reused,” Hakman said. “The key tenet is that you expose it once and it can be used by any number of client or server systems.”

“This concept of service orientation works at a very simple level that people can get started with today, then move through a mid-scale and enterprise-scale distribution with the added provision of products like enterprise service buses,” he added.

For much more on the topic, listen to the entire eight-minute podcast.

For complete details, listen to the podcast. Download file

Posted by gtrotta in SOA | Permalink | Comments (0) | TrackBacks (0)