We all know the cliché: the result is greater than the sum of its parts. Quite often that's how Enterprise Mashups are described, 'combining things to produce something more,' a 'better version of the truth,' a more complete view, or simply 'connecting the dots.' But these are ways of seeing what you have in a better way. There is another, often overlooked, function of mashups as well: Enterprise Mashups as a way to create something new and different. And I think it is this aspect of mashups that truly separates them apart from some of their software brethren. But before I explain, let me digress.
With music mashups you mash two or more songs together. Listening to each song separately, you may have a good idea as to how the mashed song will sound. Here's a simple example: DJ Dangermouse mashes the Beatles White Album (circa 1968) with JayZ's Black Album (circa 2003) to create the Grey Album (circa 2004). But sometimes the song mashup has a completely new sound. The result isn't greater than the sum of the parts...it's something new entirely. My favorite example here is 'Bounce That' from Gregg Michael Gillis (AKA Girl Talk). You get major mash points if you can name all 11 songs in this one.
Similarly, Enterprise Mashups can provide completely new enterprise data insights. We're not talking about looking at existing data in a new chart or with another drilldown, like what BI technologies might help you do. And here's the real reason behind this phenomenon: we're talking about gaining completely new insights by connecting new data with new data in ways never done before. I often hear users say "I've never seen that data." Now, they're not saying that they've never seen the individual data sources before. But rather, they're saying they've never seen the results from those sources connected in a meaningful way.
Here is an example of NEW. Datacenter Support engineers have to make support decisions based on data from many different systems throughout the datacenter. This might include application log files, SNMP traps, fault management systems like NetCool, trouble ticket systems like Remedy and topology services. Now put it all together with a geospatial overlay of attack origin locations for a 'Cyber Defense' Mashup. Attacks stemming from a specific location or over a limited time period can be now (easily!) correlated with other attacks based on similar characteristics. Previously unrelated attacks could be shown to be part of a distributed denial of service attack. That is NEW.
I guess this isn't much of a surprise when you think about what Enterprise Mashups do best, i.e. combine and remix disparate and un-connected data (with emphasis on 'disparate' and 'un-connected'). Enterprise Mashups connect what might have been technically impossible or time-/cost-prohibitive in the past. That is the sweet spot that hasn't been addressed by other technologies.
Connecting siloed-and-sometimes-never-been-connected-before un-connected data sources can bring an analyst or executive out of their chairs. In one recent demo I mashed a little BI data with some other internal and external data sources in just a few minutes and could have sworn the BI IT team was near tears. It wasn't simply more, it was new.
And I think there can be even more to the story. So far we've talked about mashing real-time data and this provides a sort of 'virtual snapshot.' I say virtual because if I run the mashup again, I'll get the latest (and newest) data. The refresh button on that mashup may actually show you a new result every time you press it. This is great unless you also want to compare these results to those from 5 minutes ago.
Luckily, Enterprise Mashup vendors (like me, I admit) are beginning to understand that it can be very useful when an analyst can "freeze" a mashup and share the point-in-time mashup via Widgets and Dashboards with others. And we should then be able to mash these 'snapshots' into trends (we call it 'real-time trending') and then mash those trends with other disparate data to add yet another temporal dimension to the mix. Analyzing historical trends has always been the job of the BI OLAP and ETL vendors, but snapshots and trending will soon became a competency of the more sophisticated enterprise mashup platforms as well.
So, the next time you see a mashup, consider whether it is simply better than the static report or spreadsheet it replaced or if it is entirely new.
Awesome stuff Crupi/JackBe team. Still leading the industry in Enterprise Mashups I see.
-Mike
John - absolutely agree that mashups (and everything required to enable mashups) can create wholly knew apps/view/etc than existed before, and we should definitely talk, as I don't have near the knowledge of JackBe that I would prefer for my coverage of Enterprise 2.0 topics.
I will however take issue with your example of the data center and security attacks. Mashups of all the sources you mentioned have definitely already been created, and have been called various names, such as Security Event Management (SEM), Security Information Management (SIM), and the like. These solutions take the sensors of various types and aggregate them (using various taxonomies to translate terminology across vendors/products into a single "actionable language") into a portal or other visualization and dashboard oriented view, and can kick off various response mechanisms.
That was state of the art around 2001-2003 - an area I was very active in, both as a security practitioner, and an industry analyst.
See Paper on Security Event/Information Management: http://is.gd/47RU - which I'd written in 2003 as part of my own SANS GSEC certification.
What HAS changed, is that there is less of a need for explicitly purpose-built solutions like this (vertical or horizontally domain specific), and combine with a rise in the use of open standards, web services, et al, it is more possible that mashups can be done, although in my experience, most organizations lack the modern infrastructure required (from a security/access standpoint at the least) to do mashups at all, let alone do them with any degree of sophistication.
Mashups are one of the least well understand and adopted areas of Enterprise 2.0, alongside Prediction Markets. The rest is far more cut and dried, and "deployable" into most organizations, from a raw technology standpoint.
In any case, we should talk, as I'd like to make sure I haven't accidentally put blinders on myself - and of course your business IS mashups, so your experience will be different than mine, focused on a broader but related set of issues.
Dan, you are absolutely right about : Security Event Management (SEM), Security Information Management (SIM). They do security eventing and capture well. The point is that we need to make decisions on the data that is in the SEM/SIM and many other places. Enterprise Mashups help you bridge the silos to get actional information.
However, I would disagree with the example of your data center and security attacks. Mashup of all the sources you mentioned certainly been created and has been called various names, such as Security Event Management (SEM), Security Information Management (SIM), etc.. These solutions are sensors of various types and aggregates (using taxonomies to reflect the terminology in suppliers / products in a single "action language") to a portal or a point of view and display the second table oriented boundary, and can kick a variety of reaction mechanisms.
I personally like this blog and appreciates your efforts. Thanks for sharing this. Great job!
This is absolutely a commendable post, you share splendid piece of information here.
Thanks for the article. :)
Enterprise Mashups are very interesting.