BriefingsDirect SOA Insights Analysts on IBM’s SOA Strategy and Evolving Definitions of ‘Business Applications’

Edited transcript of weekly BriefingsDirect[TM] SOA Insights Edition podcast, recorded May 25, 2007.

Listen to the podcast here. If you'd like to learn more about BriefingsDirect B2B informational podcasts, or to become a sponsor of this or other B2B podcasts, contact Interarbor Solutions at 603-528-2435.

Dana Gardner: Hello, and welcome to the latest BriefingsDirect SOA Insights Edition, Vol. 19, a weekly discussion and dissection of Services Oriented Architecture (SOA) related news and events with a panel of industry analysts and guests. I’m your host and moderator, Dana Gardner, principal analyst at Interarbor Solutions.

Our panel this week consists of show regular, Joe McKendrick. Joe is a research consultant and columnist and blogger. Thanks for coming along Joe.

Joe McKendrick: Glad to be here, Dana. Thank you.

Gardner: Also with us again is Tony Baer, principal at OnStrategies and also a blogger and columnist. How are you doing, Tony?

Tony Baer: Not too bad, Dana.

Gardner: Again joining us too, Jim Kobielus, a principal analyst and blogger at Current Analysis. Welcome, Jim.

Jim Kobielus: Thanks, Dana. Hi, everybody.

Gardner: Also, on our panel this week, Dave Linthicum. He’s the CEO with the Linthicum Group and also a prolific blogger and podcaster. Welcome again, Dave.

Dave Linthicum: Thanks, Dana.

Gardner: Thanks for joining, everybody. We’re here to talk about a serious new topic that has gotten lot of additional news and events around it, and that is this whole notion of a "business application."

Now, we’ve been discussing SOA on this show for a long time. We’ve been looking at it from the position of technology, business, governance, but the elephant in the room is the idea of what a business application is going to be? We’ve had a long history of packaged business applications, mainframe applications that have been comprehensive across an entire business. Now, we’re looking at a mixture, a hybrid of highly customized enterprise application, packaged applications, and the increased compositing of services.

There were three announcements this week, the week of May 21, 2007. There was a series of announcements at the IBM Innovate Conference in Orlando, Florida, and I attended that as well as Tony. Hewlett-Packard (HP), also had sort of a coming-out party around SOA. Then, Salesforce.com also had an SOA announcement.

So, let’s look at these individually and try to come up with some analysis, some perspective, on what IBM is trying to accomplish vis-à-vis its compositing and its emphasis on business services around creating applications. It sure sounds like an applications business. And, lets look at what these other vendors are doing.

First, let’s go to Tony. You were at the IBM event. Give us a quick rundown of what you took away from the IBM announcements.

Baer: Essentially, they summarized some of the pieces that they have been putting together and became more vocal on some new pieces that they’re putting on top of that. It’s not been any secret that, for a while, IBM has been starting to verticalize SOA. I may get my order wrong with all this, but it’s a layered approach. It starts with some industry frameworks, which basically say these are things that companies in certain sectors do. It’s not quite decomposed down to process as yet, but it lays the groundwork for it.

Then, they have a component business model, which is how to model those activities in the process, but it hasn’t yet been put into anything that’s executable. Then, they have different parts, including what used to be known as Webify and what’s now known as WebSphere Business Services Fabric, putting together some content packs that include some of the actual business components, which are drawn from those models. In turn, Global Business Services (GBS), which was the old Price Waterhouse/PWC consulting arm that IBM acquired sometime back, is putting together more specific parts. I forget the exact term they used for it, but it sounded an awful lot like "applications," except, of course, they don’t really want to say the "A word."

Dana, you and I, were sitting through that presentation, where I really started to feel sorry for that GBS guy, because the whole room just laid on him. It raises a couple of questions. Number one, what’s an application anymore? Number two -- but I think more important because it’s not just a questions of semantics -- is: who is going to command the software dollars? Arguably, you could say that most companies with an ERP system -- outside of putting in version upgrades -- are not going to change the general ledger part of it, but rather the part that deals with actual B2B procurement with their business partners. That's where you start having activity at the edges. That’s where the action is. That could either happen to SAP NetWeaver, IBM’s various layered frameworks, or name the business process management vendor of your choice. That’s where the next battleground’s going to be.

Gardner: IBM, between its announcements around certification and helping to create more of a core in their labor force for SOA architecture, is saying, "We’re going to help create this workforce and we’re going to compete against the applications, but we’re going to do it in a different way. We’re going to change the game, rather than compete in the old game."

Of course, they had a few updates to the registry repository and a simulation game to help people learn about SOA. Fundamentally, I agree. This is really IBM saying, "We’re going to redefine applications and we’re going to compete with everybody." The new revenue growth is going to be at this vertical edge, where it’s a balance between customized apps that you build from scratch and packaged apps, but finding a middle ground. Jim Kobielus, you also had some takeaways from IBM this week. What did you find?

Kobielus: It’s not just IBM, but pretty much all their competitors at the high level of SOA in terms of the major platform vendors -- Oracle, Microsoft, SAP -- are just differentiating themselves in the SOA space through their abilities to provide industry business models, which, conveniently, "IBM" is the acronym for. They're able to provide deep-domain expertise that is packaged up into industry business models that they then deliver as part of an overall middleware-based solution portfolio. That’s really what applications are coming to.

They’re turning into vertical and horizontal, and in some cases diagonal, business models to address a broad variety of business processes or sector-specific requirements.

I didn't go to Innovate, but I was on the IBM Information-on-Demand Refresher Update call yesterday with the analyst community. SOA permeates the information-on-demand strategy through and through. Master Data Management (MDM) is one of my core areas at Current Analysis. I’ve written half-dozen solution assessments on MDM vendors, including IBM. What I’ve noticed is that the SOA-focused MDM vendors -- IBM, Oracle, SAS, DataFlux, TIBCO, and others -- are differentiating themselves based on the prepackaged domain models that they that they provide with their MDM solutions to target particular niches.

In their slides, IBM had a very good graphic called "MDM solutions." They’ve mapped out horizontally and vertically MDM solutions, vertically for banking, insurance, government, healthcare, etc., and then horizontally for customer care, risk and compliance, etc. Then, they had check marks to indicate their functional coverage of these various domain models.

That ties into the announcements from Innovate, which is that IBM is saying, "Here’s how we’re going to differentiate going forward. How we already differentiate is that we, with our global services, are a huge pool of deep-domain expertise that we are deploying out, providing, delivering to customers through these human beings, these professional services people. But, we are also going to package that expertise into these domain models, accelerators, frameworks, or business content templates that we deliver as part of the packaged solutions.

Oracle’s doing the same thing. A couple of weeks ago, they had a similar announcement about domain models that they’re delivering into various verticals and horizontals. SAP is doing likewise with the xApps and so forth. That’s really what it’s coming down to -- domain models and deep expertise.

Gardner: So, if it has a lot more to do with expertise, with feet on the street, with consultants and consultancies, let’s take a look at the HP announcements.

Tony, you also wanted to give us a little overview there. HP came out and said, "We’re going to be folding in more of the Mercury acquisition, the Systinet acquisition. We’re going to embrace this notion of Business Technology Optimization, BTO, as a go-to-market." They’ve also decided that they’re going to remain neutral. They want to be Switzerland. Of course, many of these vendors profess to be neutral, but I think HP has to be neutral, because it doesn’t have a lot of the SOA pieces. Isn’t that right, Tony?

Baer: Yeah, and if you and I had a penny for every time a vendor called themselves Switzerland, we probably would be too rich to be doing these calls on Friday mornings.

Gardner: We’ll have to have a Swiss bank account.

Baer: That whole neutral stance shows that HP is unique in not trying to verticalize its SOA. The announcement that made an impression on me was the Business Availability Center, which was the old Mercury piece. It will include some functionality from the OpenView side, which has been something most of the vendors in these systems and SOA runtime governance space have had a hard time dealing with up until now.

I wrote about this some time ago. It’s called the "blood-brain barrier." When you’re trying to manage a service level or a governance service level at run-time, part of it deals with what type of service. Are we giving this customer the current version, are we adhering to the policy? A key part of that is how this thing is going to rely on what happens physically in the data center, and these SOA governance pieces just have lacked that.

That was actually one of the things that I’ve been waiting for after HP announced it was acquiring Mercury -- or putting it out of its misery -- whichever way you want to interpret that. I need to drill down on this more and get some details of what exactly the piece was about. I haven’t had a real detailed briefing on it yet, but that was the part that really made an impression on me.

Gardner: HP is basically coming out and saying, "Here’s where we’re strong. We’ve got OpenView. We’ve got governance. We’ve got tools and registry and repository. So, we think that that’s fundamental and important. We’ve also got professional services. Our consulting and integration group, which is global, has vertical expertise, and also works diligently at these major consolidation trends, application modernization, ITO, shared services, and some other major trends and projects that cut total costs and improve agility."

What’s interesting, though, is that we’ve seen a combination of either larger integrated suites that provide the means to achieve SOA or we’ve seen individual parts, best-of-breed approach. We've seen people jumping up and down and saying, "Hey, we can do it better than anybody else, and we’re green fields, so we can move quickly, and we can be pure in terms of a services orientation."

The big question for HP now is, "How are you going to fill the middle? Are you going to be Switzerland, are you going to partner, are you going to acquire?" There's talk about BEA being out there as a possible target for acquisition, and this is at least the fourth year of that we’re in now. Then, there’s also the open-source side. There are a number of projects and providers that could, with HP’s assistance, really make open source and SOA a much more powerful activity.

Before we go further into this analysis, let’s just look over one last announcement this week. Todd Biske, did you just join the call a few minutes ago?

Todd Biske: Yes, I’m on.

Gardner: I would like to introduce Todd Biske. He is an enterprise architect at MomentumSI, an Austin, Texas consultancy. Welcome to the show, Todd.

Biske: Thanks, I apologize for being late.

Gardner: Not a problem, because the timing is perfect. You sent out an email to us this week with some thoughts about the Salesforce.com and SOA activities. Would you tell us a little bit about what Salesforce did, and why you thought it was interesting?

Biske: Salesforce.com announced what looked like a development platform for not just using their Web services, but consuming other Web services. I thought it was particularly interesting, because from an enterprise perspective you think of going to Salesforce.com for more of an outsourcing or software as a service standpoint. I’m a consumer of those applications. To think that they’re now opening themselves up as a development environment for their solution customers, made me raise an eyebrow and say, "Well, wasn’t I trying to get away from doing development by going with this solution?"

So, it had an interesting twist to what kind of a model the enterprise is moving to. Is there still always going to be a need to integrate and build custom solutions around these products, regardless of whether it’s a hosted environment like Salesforce.com or if it’s an off-the-shelf solution and I’m installing inside the firewall? Now, are we going to have to support both internal development environments as well as external development environments in order to get our solutions done?

Gardner: I suppose it’s a slippery slope. Once you become integrated with the internal components, assets, and resources, you’re going to have to get involved with tooling. There’s no way around it.

Linthicum: Absolutely. I was quoted in that release from Salesforce, and the strategy is a bit more sophisticated than that. What they’re trying to do is provide some of the patterns that we typically see in SOAs within the enterprise, which is to create solutions out of their own processes and processes that exist within the enterprise, and also provide a development environment to bind things together.

This is a bit more holistic. They have a virtual operating system out there supporting multi-tenancy. They have a database out there. They have an application design center, a testing center, and language that they’re supporting. They’re trying to provide not only applications, but, as complete as they can, a service-oriented stack on demand. As time goes on, knowing Salesforce, they’re just going to get better at that.

Gardner: So, would you call this "infrastructure as a service?"

Linthicum: It would be a complete platform-as-a-service inclusive of an SOA. In other words, instead of you maintaining hardware and software yourself, having to get servers, application servers, governance systems, and all that stuff, they’re trying to move to where you’re going to get a lot of this stuff through a subscription-based service. This means that a lot of people will have a much more cost-effective mechanism to get into SOA, which is a rich man’s game right now.

Gardner: I suppose this also requires integration of the service. One of the things that I had CEOs chirp on, when I sent out a couple of queries on this, was they'd like the idea of keeping the data themselves, but making CRM and these other business functions commoditized through a service provider. They seem to now sense they could get it both ways.

The reason I also brought up integration-as-a-service is that it sounds like what Grand Central was talking about a few years ago, and you’re familiar with that.

Linthicum: Absolutely, and not only Grand Central, but Bridgeworks and Hubspan and a few other folks. The difference is that you have the services and the processes, which are also bound in the same platform. Another difference is that people in the market are going to be more accepting of this technology right now than they were five years ago.

Gardner: So, I think we have three different announcements here, but there’s a common thread. As Tony mentioned earlier, the common thread is that the definition of a business application is up for grabs. Is it a professional service? Is it a custom development activity? Is it taking packaged applications, exposing them as services, and then compositing them with other, perhaps off-the-wire, services, and/or internal green field services -- or all of the above. Let’s take it to Joe McKendrick. How do you see this notion of a new definition of business application shaking out?

McKendrick: Tony provided an analysis on the OnStrategies site. He made an interesting point there that IBM is still trying to sort out who SOA should be sold to? Who in the organization will be ultimately responsible for SOA? Will it be the traditional IT development folks, architects, or will it be more of a focus on the business side?

Gartner, in one of its future-looking statements, stated that a lot of the traditional IT functions, or IT as we know it, will be moving into the business. Business units will be subsuming or taking on the task traditionally performed by a dedicated IT department, which implies that, as time goes on, you’re going to see IT more tightly integrated with units across the business. Therefore, that raises the question of, who is going to be doing the hard-core development, the heavy lifting, in terms of application development? A lot of the solutions that are coming to the fore are increasingly emphasizing automating the development process.

Gardner: Your point here is well taken, Joe. If you’re going to start changing the definition of a business application, then you also have to start changing the way in which people are involved with creating, modifying, and deploying, those applications and/or services as well.

That was another big theme we saw at the IBM Innovate event, this notion of a "T Person." They have across the top, on a horizontal basis, a strong business and domain expertise, particularly within a vertical industry, if possible. They also have the stem, the vertical part of the T, which is a strong understanding of technology, as a practitioner, a developer, or an architect.

One of the recurring themes was, "Where do you find these people?" If you go out to some of the job-listing sites and search under "SOA Architect" right now, you’ll find begging to be filled dozens, probably hundreds, of jobs that combine a domain and business expertise with a technical background. That's an indicator that something is shifting in the market.

Let’s go back to Jim Kobielus. Do you think that this a transformative and highly disruptive effect, this notion of changing the definition of an application, and having to change the way in which applications are created?

Kobielus: Oh, for sure. In fact, as you were speaking, I was thinking that what these announcements this past week illustrate is the changing definition of what an application is. One way that we might define an application now is an SOA platform plus domain content. So, the differentiators are not only the maturity of your SOA platform -- be it IBM's, Oracle's, or Salesforce.com's -- but also the breadth, depth, and extent of the domain content available to plug in to that platform and address specific business requirements.

Where does the domain expertise come from? Well, it can come from your own -- you the vendor -- your own global business services or professional services team. It can come from your partner ecosystem. You might have hundreds and thousands of partners in various niches.

In the case of Salesforce.com, it can come from your marketplace of thousands upon thousands of companies that are hosting this content in your own environment. It can come from an open-source community for an open-source platform like Red Hat, and so forth.

These are all hugely disruptive. The thing is, the traditional notion of an application is a very monolithic stack, a platform-plus-content, shrink-wrapped, delivered, and boom, that’s it. It's not really fully extensible with third-party content. Now, the whole notion of third-party content comes to the fore. A platform is only as good as the breadth of the ecosystem, community, or marketplace that can deliver new fresh business content, data definitions, rules, etc.

Gardner: What’s interesting from IBM’s perspective is they have strengths in just about all these areas, and this is really their game to lose. While SOA right now might be a rich person’s game, that suits IBM just fine. They want the big accounts. What we were hearing, Tony and I, in this meeting was that the more instances where IBM can go into a vertical domain-oriented account, the more they learn from that experience that they can push back out as componentized services, which they then take to the next engagement.

What happens is that there's a sort of race now. IBM has basically drawn a line and said, "We’re now in a race. Whoever can get to the combination of infrastructure and customization and professional services with a domain accent first, wins." In a sense, they’re competing against the IT departments, as well, because in these large enterprises, these IT departments take 12 to 16 months to put together a full set of new business processes. IBM can walk in and say, "We can reuse a king pin. We can do it in half the time." What’s the company going to do? The company is going to start favoring the IBM approach over its internal IT approach, which is what Salesforce is offering as well.

Kobielus: The game now is expertise-on-demand. Who could provide that expertise to bear down on a business problem right away? I mean, which vendor.

Gardner: And who can take advantage of past experience, breadth, and the coordination of different projects? That’s what this IBM Jazz thing is about, by the way. This Rational Development Conference announcement that’s coming out in June is a way of coordinating all of these different projects in such a way that reuse becomes possible. I think IBM is doing this largely for its own internal purposes, as well as a community basis. It’s a combination of business expertise, but also the ability to do things fast through reuse, which is what SOA is all about.

Biske: Dana, you were at the conferences. I’d love to get a sense of how many of the customers at the conference were strong IBM customers, Big Blue shops with mainframes, eSeries, iSeries?

Gardner: These were clearly dyed-in-the-blue kinds of folks, but the rate at which they’re moving and their interest in SOA is the issue.

Biske: Also, IBM has a stake in moving these customers forward. It has this installed base, very much a legacy base, and there are some arguments out there about how well services created from legacy applications can be reused. Ronan Bradley, with Lustratus Research, has argued in the past that services generated from Cobol-based applications, zSeries for example, are difficult to put forth in a SOA context for reuse.

Gardner: IBM has done some work along those lines, but they have a wide variety. As they go into these accounts on a professional-services basis, they’re not just looking for IBM applications. They’ll take anything.

Biske: A lot of this is a WebSphere story.

Gardner: Clearly, IBM is putting up the software to accomplish just about anything you want to do in an enterprise, but it’s the way in which they’re taking SOA to market and realizing SOA. Dave Linthicum, what do you think about this notion of a raised SOA, and that the people who can combine domain expertise, professional services and reuse are not only going to try to beat out other players in the field, but also the IT departments themselves?

Linthicum: That’s absolutely the strategy here. What I’ve been listening to is spot on. Everybody is trying to own, not only the domain of the technology, but the domain of the IT infrastructure within these organizations. In fact, I just got a briefing this morning for something that was embargoed for a few weeks. They’re really trying to displace traditional IT. The analogy to Salesforce.com was spot on. In other words, Salesforce.com kind of got in there through the back door, allowing people to buy their infrastructure via credit cards.

I think IBM and some of the other strategic thinkers in the space are trying to run as quickly as they can to grab land right now, because the more land they grab, the more they can hold for a long period of time. Everybody on this call knows, it’s a great business to be in -- the infrastructure game -- because once you’re in these organizations and you’re adding value there and you're core to their business processes, you’re never going to leave.

Gardner: IBM clearly sees that they want to be partners with these companies. They don’t want to displace IT, but they want to get in a way that you can’t, as you say, be removed. Todd Biske is someone who is in the consulting business. You probably want to get into accounts where they can’t get rid of you either. Is this a good business strategy for IBM?

Biske: I think it is a good business strategy for IBM, but one of the comments I was just going to make, and you actually just hit on it, is that I don’t know that IBM can come across with a strategy of replacing IT. I absolutely agree that the business side needs to work with IT as partners. We need to establish this "T," as IBM put it, where we’ve got technical depth, as well as business depth, and a team that really embodies both of them. The only way to do that is going to be through a partnership, rather than having this customer-supplier type of relationship between the business and IT.

I’ve actually blogged on this, even prior to becoming a consultant and talking about what's going to be the role? I saw this convergence of business consulting areas, whether it was Six Sigma-based or some of these other initiatives from years ago that were primarily business focused with the IT consulting services part of it. Just as IT workers in the enterprise need to become business aware, so do the consulting firms. Having a business offering, where you have focus on the domain models that have been discussed, is critical both to the consulting vendors, as well as the actual technology vendors.

So, IBM is in a great position, where they’ve got both. They’ve got the whole technology stack. They’ve got the whole consulting stack on top of that, and the business domain expertise, whether they’re doing the peer technology side of it or the business domain modeling and providing all of the business consulting. If they’re going to get into a situation, though, where IT is outsourced, now they've got this customer-supplier relationship again. To what extent can business really partner with that group, and how comfortable are they going to be putting all their eggs in the basket of an organization that may be trying to do this with too many enterprises and can't create that competitive difference?

Kobielus: What's interesting is that this platform land grab -- I like the phrase you used there, Dana – extends on top of your SOA platform. One of the linchpins of any SOA architecture or application environment is your data warehouse. On top of that you build your business intelligence. On top of that you build your corporate performance management. On top of that you build your governance risk and compliance tools, and so forth. Each of these layers requires additional business content and domain models. Each of these vendors, at least in data management, are continually migrating up the stack by layering ever more finely nuanced business content on top of this underlying SOA platform. Then, using those business content-rich applications as a platform for their professional services, teams, and partners, they go out and market these packaged solutions into ever more finely graded niche markets.

Gardner: Do you think that in five years, if we look at some of these leading-edge, large global enterprises, their IT departments are going to become operational efficiency experts? They’re going to take whatever it is that’s been decided on to keep running. And, they’re going to figure out the best way to virtualize, consolidate, unify, and modernize to keep those things running the best way they can for the least amount of money. That the new role that companies like IBM and these other SOA business services-focused companies will find to add value -- how to innovate, how to create new business processes.

So, it’s almost taking on the role of the SOA architect, recognizing that the companies themselves can’t pull this all together. They’ve got some high-performing custom development capabilities. They’ve got packaged applications. They’ve been fumbling around trying to figure out integration for five or seven years.

And, now IBM and others can walk in and say, “Well, listen, we’re going to rationalize this for you. We’re going to show you how to innovate around compositing. We’re going to reuse what we know and we’re going to be really tight with you in your vertical industry.” So, it seems like a new role, it’s like not outsourcing IT per se, but it’s outsourcing the role of innovation, and architectural innovation.

Kobielus: Exactly. I see the whole area of composite applications built on SOA, in terms of professional services teams, as the primary delivery channel for these solutions. The productization, as it were, of professional services is taking place through the concept of the center of excellence. Every vendor has multiple centers of excellence now, each of them focused on a particular horizontal or vertical space. Over time, then, as we see more of a momentum and more of the premium margins shifting to professional services, the centers of excellence are now the product groups now in an SOA vendor organization. They’re the stewards of the domain content, domain models, and expertise.

Gardner: If there is a more finally grained approach to these verticals, then they can create the ecology where they’ve got individual consultancies that are even more down in the weeds on these vertical business issues, and they just partner with them, while IBM and its ilk just associate those services in with this business compositing capability.

Biske: That may be an appropriate strategy for IBM, It would be somewhat risky for a large enterprise to take the approach of outsourcing innovation. I would think the business is going to want to outsource things that are not going to be competitive differentiators. Innovation clearly can’t be a competitive differentiator, if you’re saying “IBM, just give it to us.” Guess what? All of your competitors are going to be saying the same thing. So, how do you create a difference out there?

Innovation needs to remain inside the enterprise, looking at those vertical areas. It may not be technical innovation any more. It may be a shift back to where the driver is more business-process centric. Technology is just a supporting aspect of that. Then, maybe another 10 years from now, it will shift back with some new technological change. That’s just the way things work, but to outsource innovation would be a very risky approach for a large enterprise, because inherently it’s not a commodity.

Gardner: That’s a point well taken. Perhaps if the enterprises were smart, they would view a company like IBM coming in to teach them how to innovate, or learn how to fish, rather than have someone fish for them, and therefore take the next step, but I think the race is on. IBM is challenging people, “If you let us do this first and best, then we’re going to make the economics such that you can’t resist that.” That’s a challenge to the companies to take your advice and say, “Listen, we can’t lose track of our core competencies around innovation and we need to start thinking about SOA more seriously.”

[[[Speaker:]]] Right, and maybe they’re taking advice from the Tom Watson Playbook from many years ago. IBM, when it started in the computer business back in the 1950s, positioned themselves as a consultant to the business. They did not position themselves as a technical firm, such as Sperry might have done, or DEC in the early days.

Gardner: Well, they certainly took pains at the Innovate event to portray that they are a business-partnership company and the technology is merely a means to achieving that. Let’s take a look now at the field. How many companies can actually come up to the plate with the broad set of services to be a full SOA partner? I would say this is probably the big four. We have Microsoft, IBM, Oracle, SAP. I suppose now there’s a question mark about HP. How is HP going to rise to be the full player, and will they do it through the Switzerland, open-source approach? Will they do it though acquisition?

We also need to look at SAP as to how they are going to do this. We thought they had a strategy around more of a services approach and NetWeaver. Then, Shai Agassi left, and there was an interesting story in the Wall Street Journal where Shai said that the innovation doesn’t seem to be happening at the right pace. Any thoughts there about how we handicap the field, given this move towards the larger definition of SOA under the business services umbrella?

Speaker: [[[Todd Biske]]] You’ve captured it with really the top four, I can’t think of anybody else that comes to mind. In one of the articles talking about the HP release, Anne Thomas Manes pointed out that HP is a management company from the technology side. Unless there is a partnership with someone that can fill that middleware gap and the development environment, they don’t have the full story. It doesn’t necessarily have to be through acquisition, because there is a multitude of open-source products out there, but if you look at the Java side, everybody is pretty much using Eclipse. Who is the biggest backer of Eclipse? Well, it’s IBM. So, in trying to get an advantage there, IBM still really rules the roost and has significant influence in that direction. You nailed it, though, in terms of there really is a small set of players who can bring that much to the table.

The other space to look at would be: Who can come at it purely from the business and technology consulting side of it to build that on? Maybe it’s not strictly a technology player. Maybe it’s someone from the consulting side and someone from the consulting firms.

Gardner: There’s the rub. What will these SIs do? What about Accenture, EDS, CapGemini, and BearingPoint, and the Indian companies like Tata and Infosys -- or even another higher level consultancy like a McKinsey? Who are they going to partner with. They don’t want to lose this ability. Folks are working with how to organize the management, the actual conduct of how a company operates -- which we could probably put under governance generally. How does that relate to technology? So, the other shoe to fall here is, as these companies that are outside the pure technology space look at the technology companies moving in towards the business services space, how will that shake out? Dave Linthicum, any thoughts on that?

Linthicum: Basically, the large players are going to have to have an impact in terms of the technology sector. The service stuff is going to augment the technology, and they’re going to drive in this area. The larger consulting organizations are behind right now in how they’re defining and deploying SOAs. I’m always taken aback, as I walk around my clientele and review some of the proposals from these larger guys, by how much is missing from their strategy and the lack of understanding of how this stuff is going forward.

What may happen is that some of these large-stack players -- IBM is definitely included in that -- are going to come behind and eat their lunch. Some of the smaller consulting organizations are also going to do the same thing. They may protect themselves through acquisition and within these organizations, so they can control a lot of the political infrastructure, who makes decisions, and how you buy services from these folks.

At the end of the day, enterprises are about results. If their competitors are able to jump by leaps and bounds, using somebody’s technology or somebody’s approach, they’re going to go with that technology and approach. The big consulting organizations have a long way to go in really understanding the value, processes, and methodologies, and how you define those things within those organizations.

Gardner: Because of these three announcements, because of the influence that IBM has across the industry and across the globe, we have a little seismic shift here this week in raising the stakes to the business services level, and perhaps highlighting some of the new competitive relationships among and between these companies.

As the vendors themselves face new types of competition, enterprises also have to consider whether it makes sense to try to save a few dollars and push SOA initiatives off into the future, or that their ability to do SOA sooner than later might put them in an advantageous position, or, as someone said earlier, not to lose their ability to innovate.

So, let’s go around the panel one last time. Do we see a seismic shift, and do you really think the landscape has changed? Let’s start with Joe McKendrick.

McKendrick: I just want to add one more vendor. You mentioned the big four, but BEA Systems should also be one of the bigger SOA movers and shakers. They offer a wide range of products including the development side and the deployment side.

Gardner: Of course, they’ve also mentioned this neutrality and Switzerland approach, where they would be a preferred partner to the Accentures and the other large system integrators because there is not this "co-opetition" affair.

McKendrick: One thing I’ve seen in Microsoft statements in the past, is that they take a contrary position to what the other large infrastructure vendors say about SOA. Microsoft says SOA should not be about big science. It should not be big SOA, huge multi-million dollar deployments, affecting organizations, but rather more of organic or gradual incremental approach on a case-by-case basis.

Gardner: Their application strategy sort of follows along those lines.

McKendrick: Exactly. In fact, their history follows along those lines. They’ve always kind of seeped in at the grassroots level within organizations, and moved up the chain that way. I see them doing that with SOA as well.

Gardner: Okay, Jim Kobielus, do you sense a seismic shift here. Has the game changed in anyway for you?

Kobielus: It has, and I sort of laid out how it has changed. Deep-domain expertise is being incorporated into a new type of packaged application that to some degree competes with or complements traditional line of business applications, corporate performance management (CPM) applications. Over the last month, there has been a rash of industry announcements, acquisitions, and so forth related to CPM -- SAP acquiring OutlookSoft, Oracle with Hyperion, Business Objects, -- and Microsoft of course. I want to get back to Microsoft. They are very much a major SOA player.

What Joe just said was instructive about Microsoft. They are always ingratiating themselves. They’re always weaving their way into an organization from the ground-up, and they’re doing the same thing with CPM, with Office Performance Point Server, which is coming out in a few months.

When I was at their business intelligence (BI) conference, I spoke to Alex Payne who heads up the BI unit and I asked him point blank, “Does Microsoft, plan to develop verticalized CPM applications to run on Performance Point?” He said, “Well, we want those applications to be built and we’re gong to rely on our channel partners, on the ISVs and so forth, who have that expertise.”

So, getting back to your original point, yes, the move toward domain models and so forth, as a way of differentiating solutions, is disruptive in the sense that the traditional application is dissolving and being replaced by composite services. But, it’s not really changing the vendors themselves in the sense that each vendor has their own history, their own character that’s coming to the fore. In this case, Microsoft’s character is to be a provider of ubiquitous infrastructure at the desktop. They are not a professional services firm, and I don’t get the sense that they’re going to get beat in global services. They’re going to rely on the third parties, the Accentures of the world, for that.

Gardner: Interestingly, at the keynote event, Steve Mills, the software general manager and vice president at IBM, referenced some research. I’m not sure whether IBM sponsored the research or not, but it defined SOA-related revenues. Number two, after IBM, was Microsoft, albeit a fourth of the total number of dollars that IBM cites, but clearly Microsoft is big in this game.

Now, to you, Dave Linthicum, game changing week, how do you see this impact?

Linthicum: I don’t see this as a seismic shift. I see it as an evolution in thinking and the way people are positioning the market. The hype out there is so loud that people are just trying to figure out how to out-innovate each other in how they message to the marketplace -- this is an instance of that – and in the products and services they’re going to bring to market, and how they’re going to dominate those. It’s the point that was made earlier; it’s a land grab.

Going forward, one of the key things to remember is that we’re evolving an enterprise application to service-based distributed systems, where you can actually use composite applications to meet many of your business process needs. That’s only going to continue, especially as people outsource business processes to folks like Salesforce, who are moving from monolithic enterprises-on-demand to granular services they’re going to sell very much like Amazon is selling services today, and making a lot of money in making that happen. That’s going to be a key thing.

We always return to the domain verticalization stuff within any technology push. Remember when the integration was the hot issue back in 1998, 1999? When I wrote the AI part, everybody was almost saturated with technology in terms of hype. Everybody started moving in the vertical spaces, and verticalized integration was all the key. We’re seeing a similar pattern here. Probably we’re spending more money, and the hype is noisier than it was back then, but it’s the same thing. I think it’s a good thing, because you can meet the needs of a particular problem domain, if you verticalize and you have specialized processes and services to drive that. But, it’s nothing new. I don’t think it’s hugely disruptive -- just the evolution that I expected.

Gardner: Tony Baer, do you see this as IBM defining the world as best suits IBM or more of a larger shift in the market?

Baer: I’m going to be a classic straddler here -- it’s really both. IBM is obviously playing up to its strength, which is that it’s the glue that puts pieces together.

It’s very much a challenge to what was the established order for about the last 15 years of the primacy of the monolithic apps vendors. There are a couple of things I was just jotting down during the discussion. If SOA and composite apps are to succeed, they’re not going to succeed by being consultant ware, the type of stuff that can only be put together on a custom piece basis. The whole idea behind SOA is this is stuff that you can put together very rapidly.

So, obviously, there will be a role for professional services here, but they need to be enablers so that my team internally -- whether they be business architect or whichever role that evolves -- can readily combine and configure different composite services to deal with a particular challenge or as I introduce a new product. I’m talking about a product in the classic, manufacturing sense. I’m not talking about an IT product. So, the fact is, if SOA is to succeed, it will not succeed as being consultant ware.

Gardner: I agree with that. What we might need to see in order to hedge or balance the power of the consultancies is the equivalent of open-source composited services. One of the things I asked IBM, after the discussion about business services was, “What do you guys do about IP, Intellectual Property?” They said, “Oh, that’s one of the first things we talk about, and we bring lawyers in every time we’re getting engaged with a client. We have to decide if they want the IP, and, if so, there is a certain cost associated with that. If we get to keep the IP, that is, we can create services that will be then reused elsewhere, then the cost comes down.”

So, what might need to happen is a third way, where when people get engaged with companies like IBM, and they’re going to do compositing of business services. Perhaps they say, “We want to put this intellectual property under an open-source license, and we’re going to use it in a commoditized sense. Then, we’re going to highly customize and we’re going to take that and make it our own intellectual property.”

Perhaps the way to make this whole SOA business-services thing work is licensing around those composite services, so that it’s not just a competitive hedge or some sort of a balancing act. I’m just blue skying at this point, but it seems like a licensing of the property around these services is going to become important.

Let’s go to Todd Biske for the last word, seismic shift or just more IBM market positioning?

Biske: I tend to agree with Dave on this one. This is just an evolutionary approach, and IBM’s marketing is making some significant rumblings that are making people more aware of what’s going on. I’ve been thinking about this at least for the last couple of years. I’m seeing it coming, and no, I’m not the only one who is thinking along these lines. This is just part of a natural progression that we’ll see with this. Whenever any of those big four or big five vendors have a major sales or user conference, we’re going to see announcements like this as they try to position themselves better in the marketplace.

So, I do think that it’s evolutionary. I think it’s good and it’s the direction that things need to go in, but the hype will die down after a little while, and most people will still keep trudging along. I would still like to see more case studies out there, showing concrete success, where the adoption of SOA has really created a true change in the organization. A lot of the case studies we see today come from companies that were already well positioned to be successful, and they have just extended their model in an evolutionary manner.

Gardner: Obviously, we’re still very early on. Maybe we went from the first inning to the second inning in this, so a minor transition. But, I think the takeaway is that IBM has made some moves that then force people to think a little bit different, which, of course, gets us a little closer to making some of this happen in the enterprise. I want to thank our panel for joining us. We’ve had Joe McKendrick, thanks Joe.

McKendrick: Thank you Dana.

Gardner: Jim Kobielus, thanks for joining.

Kobielus: Thank you, it was a pleasure like always.

Gardner: Dave Linthicum, thank you for coming.

Linthicum: Thank you, you guys, have a great three day weekend.

Gardner: Tony Baer, thanks for your input.

Baer: Well, thanks again Dana.

Gardner: Also, Todd Biske, thank you.

Biske: Thank you.

Gardner: This is Dana Gardner, principal analyst at InterArbor Solutions. You’ve been listening to BriefingsDirect SOA Insights Edition, Volume 19. Come back next week. Thanks, everyone.

Listen to the podcast here.

Produced as a courtesy of Interarbor Solutions: analysis, consulting and rich new-media content production. If any of our listeners are interested in learning more about BriefingsDirect B2B informational podcasts or to become a sponsor of this or other B2B podcasts, please fill free to contact Interarbor Solutions at 603-528-2435.

Transcript of Dana Gardner’s BriefingsDirect SOA Insights Edition, Vol. 19. Copyright Interarbor Solutions, LLC, 2005-2007. All rights reserved.

BriefingsDirect SOA Insights Analysts on SOA Suites Vs. Best-of-Breed SOA, and Master Data Management

Edited transcript of weekly BriefingsDirect[TM] SOA Insights Edition, recorded Jan. 26, 2007.

Listen to the podcast here. If you'd like to learn more about BriefingsDirect B2B informational podcasts, or to become a sponsor of this or other B2B podcasts, contact Dana Gardner at 603-528-2435.

Gardner: Hello, and welcome to the latest BriefingsDirect, SOA Insights Edition, Volume 10. This is a weekly discussion and dissection of Service-Oriented Architecture (SOA)-related news and events with a panel of industry analysts and guests. I’m your host and moderator Dana Gardner, principal analyst at Interarbor Solutions, ZDNet software strategies blogger, and Redmond Developer News magazine SOA columnist.

Our panel this week consists of show regular Steve Garone. Steve is a former IDC Group vice president, founder of the AlignIT Group, and an independent industry analyst. Welcome again, Steve.

Steve Garone: Hi, Dana, great to be back.

Gardner: Also joining us again Joe McKendrick, research consultant, columnist at Database Trends, and a blogger at ZDNet and ebizQ. Thanks for coming, Joe.

Joe McKendrick: Thanks, Dana, glad to be here.

Gardner: Also Tony Baer is making another appearance. He is principal at onStrategies. Thank for coming, Tony.

Tony Baer: Hey, Dana, good to be here.

Gardner: We’re also talking with Neil Macehiter. He is a research director at Macehiter Ward-Dutton in the U.K. Thanks for coming, Neil.

Neil Macehiter: No problem, Dana.

Gardner: And last on our list -- we have a large group today -- Jim Kobielus. Jim is a principal analyst at Current Analysis. Thanks for coming along, Jim.

Jim Kobielus: Thanks a lot, Dana. Hi, everybody.

Gardner: For our first topic this week -- and this is the week of Jan. 22, 2007 -- we’ll begin with the notion of SOA suites, a merging and definable market segment. We’re going to be looking at how mature such suites are. I suppose we should also look at the distinction between the best-of-breed-approach, where one could pick and choose various components within their SOA arsenal, or a more complete suite, a holistic full-feature set with the benefits, trade-offs, and detriments of each of these approaches.

Jim, you’re the one who was interested in this topic. Why don't you give us a little set-up as to what you think the state of the market is?

Kobielus: Thanks a lot. Over time, we’ve all been seeing this notion of a SOA suite take root in the industry’s productization of their various features, functions, and applications. Now, the big guys -- SAP, Oracle, Microsoft, webMethods, for that matter lots of software vendors -- are saying, “Hey, we provide a bigger, 'badder' SOA suite than the next guy.” That raises an alarm bell in my mind, or it’s an anomaly or oxymoron, because when you think of SOA, you think of loose coupling and virtualization of application functionality across a heterogeneous environment. Isn’t this notion of a SOA suite from a single vendor getting us back into the monolithic days of yore?

This thought came to me when I was reading a Wall Street Journal article earlier in the week about SAP, “SAP Trails Nimble Start-Ups As Software Market Matures.” There was one paragraph in there that just jumped out at me. They said, “Some argue that SAP's slump highlights a broader shift under way in business software, in which startup companies wield an advantage over established titans. Under this traditional business model companies buy large, costly packages of software from SAP and Oracle to help them run their back-office functions and so forth, but as the business software industry matures, many companies already have the big software pieces they need, and feel little urgency to replace them.”

So, clearly SAP is then sort of a driver in the SOA suite arena for few years with NetWeaver. Is the notion of SOA suite an oxymoron? Are there are best-of-breed-suites? There are also best-of-breed SOA components, and I’m not sure that the notion of a suite, an integrated suite is really what companies are looking for from SOA. They want best-of-breed components with the assurance, of course, that those components are implementing the full range of SOA standards for heterogeneous interoperability. So, I’m taking issue with this notion of a "best-of-breed" suite. Anybody else have any thoughts on that?

Macehiter: I’ll give you a couple of perspectives on this. We have to recognize that organizations increasingly are looking to rationalize their supply strategy. So, they’re increasingly looking to deal with a smaller number of vendors and suppliers, which is, in part, driving the move toward larger vendors attempting to offer a suite or portfolio of product capabilities that can help organizations manage the lifecycle of an SOA initiative.

That’s one factor that’s driving it. The second issue is the use of the term "suite," and what that really entails, versus what the market is currently delivering. Companies are putting together a bunch of products under a common brand, whether it’s Oracle Fusion, SAP NetWeaver, or under the IBM WebSphere brand. That's one thing. Actually making sure the products are well integrated and that they have a common management environment, common configuration environment, and common policy definition environment is the second thing. That’s one element of it.

The second issue is what actually constitutes a suite to support service-oriented initiatives. There is a tendency, certainly among the larger vendors, to focus on SOA from a development and integration proposition, rather than thinking more broadly about the capabilities you need to support service-oriented initiatives throughout the lifecycle. That extends beyond development and integration into things like security and identity, which have to be incorporated into an overall SOA offering.

Management and monitoring, usage management, audit logging are in the broad range of capabilities that you need. There’s a question as to whether it’s feasible for one vendor to offer all of those capabilities that you need to support an SOA initiative versus a set of core capabilities. Then the hooks in the interoperability allow you to exploit existing security and management infrastructure. There are a number of factors that we need to consider, and a lot of the SOA suite propositions are very much focused around development and integration, rather than management and monitoring, and really dealing with the lifecycle of services.

Gardner: I guess that explains and is consistent with the past. If you can have a cohesive approach to the development side, then the deployment tends to follow, and that’s where you monetize. Steve Garone, what do you think of this breakdown between best-of-breed and a suite?

Garone: All of us on this podcast today know that the debate over best-of-breed versus integrated-stack approach has been going for many years in a variety of scenarios and contexts, and it hasn’t stopped. I don’t really like the word "suite." It reeks more of marketing than functionality. I think what you really have to look at in terms of SOA is how people are actually approaching getting into building SOA-based environments.

What we’ve seen so far -- and we’ve talked about this on other podcasts -- is that up to this point people have tended to do pilot projects that are much lower in scale than what they will eventually do if they have success with the immediate projects. One tends to think that what they’re going to do at that point is pick and choose the individual products and functions that they need to make that happen in the short term.

I think that’s what we’re seeing, but I also sense that, despite the fact that everybody wants an open environment where they can pick and choose and not be tied to one vendor, what overrides all this is a desire to get things done quickly, efficiently. They want a way in which they don’t have to be concerned about integrating a lot of products and what that entails, and having potentially an unreliable environment. What that points to is working toward one vendor. End users will do that even in the short term by choosing someone that they know they can grow with in the future.

Gardner: Pragmatically, these vendors are also looking at their future and they’re saying, “We have an installed base. We have certain shops where we’re predominant. We want to be able to give them a clear path as to how to attain SOA values from their investment in our legacy. Therefore, we need to follow through with add-ons that smack of a integrated-stack approach.” So, it is almost incumbent on vendors to try to produce this "whole greater than the sum of the parts" -- if not to build out more SOA business, then just to hold on to their previous business.

Garone: That up brings up another interesting point, which is vendors, especially the platform vendors. The larger vendors, like IBM, Sun, and so on, tend to try to walk the line between being able to offer a fully integrated stack of software to accomplish whatever the goal it is -- in this case SOA implementations -- and also being what might be called “integratable.” This means you can bring in another product, because we adhere to standards, we’ll be able to help you do that.

They try to walk that line; where that really makes a difference is not so much what you are going to do in the future, but rather what you have done in the past. If you've got an existing registry that you used for identity management with your current applications, if you have existing app servers -- which is probably more common -- whomever you choose is going to have to be able to allow you to continue to work with those as part of a legacy environment. It sounds funny calling application servers legacy, but at this point you can do that, and that’s really where the "integratability" aspects of a fully integrated stack come into play.

Gardner: So how about you, Joe McKendrick? Do you see that the drive for simplicity and working from your installed base creates a compelling case for an integrated SOA approach? Or is the trade-off such that this is really not going to happen anymore? Is that the old way -- and is SOA fundamentally different, and therefore one should look for a different strategy?

McKendrick: Perhaps a little of both, Dana. Basically the industry still operates under the traditional mode where a lot of enterprises rely on one vendor -- we'll call it a master vendor -- that supplies most of its solutions. We see that in the IBM and in the Oracle markets. I agree with Jim that the notion of a SOA suite is very much an oxymoron. The idea of a SOA is to have "hot-swappable" software components that you could install and take out as needed in a loosely coupled architecture.

Dana, you hit upon the point that the vendors themselves have to demonstrate that they have some type of path to their installed base. They need some type of path to show that, "Yes, we are on top of the technology." In fact, if you speak with vendors out there about this strategy, even if the products or the path that they're offering are something customers aren’t adopting at the moment, it’s something they want to see with the vendor. If Oracle, hypothetically, wasn’t talking about SOA at all, there would be a lot of consternation, a lot of concern, among their installed base as to where the vendor is going.

Gardner: SAP would walk in, and their sales people would beat them up in these accounts, right?

McKendrick: Exactly. Now, Oracle is an interesting case. When I think of suites, I think Oracle demonstrates the best tendency in this area. In fact, they called their offering "The SOA Suite," and they include a number of components. I have spoken with some companies that have Oracle installations. Now, it should be noted that typically the customers for these suites are the installed base. The people who will be buying into the components of the Oracle SOA suite are companies that either have the Oracle applications, the E-Business suite or the Oracle database underneath. And, in most cases, they are buying into components of the suite.

I've heard a lot of positive things said about the BPEL Process Manager, for example. And, they are buying into pieces of the solutions, and as Steve pointed out -- it’s still in the pilot-project stage. We’re not seeing widespread enterprise implementations, but they are beginning to buy into pieces of these solutions such as the BPEL Process Manager.

Gardner: Hey, Tony Baer, how about you? Do you think that we are mature enough in SOA that we should be looking for homogeneity when it comes to tools and even deployment side? Or, is heterogeneity the issue that we are trying to manage?

Baer: As Steve was saying before, we can’t decompose it down to the age-old argument of best-of-breed versus integrated-stack. There is always going to be a tension between homogeneity and heterogeneity. For the customer, it’s going to be dictated obviously by what is already in place, basically as Joe pointed out. If 60 percent of my functionality, or even say 30 or 40 percent of my functionality, is SAP, I’m likely to listen when SAP tells me about a NetWeaver Solution.

On the other hand, if I’m in a sector that does not lend itself to package solutions, I will more than likely tend to take a best-of-breed approach -- especially if I do a lot of homegrown development, because my business is so unique. There will always be that creative tension there. That being said, the fact is that at the infrastructural level, there is a desire to have consistency. I don’t want to have five security engines. I don’t want to have three different authentications, if possible. Obviously, we’re never going to get that one, centralized identity repository in the sky, but I want to at least have my management framework be as consistent as possible and to manage what will inevitably be, in most large organizations, a federation of different installed bases of different technologies.

The other side of this is that for vendors -- and Oracle is probably the best poster child for this -- the reality in the enterprise software industry has been one of merger, acquisition, and consolidation. This means that vendors who started as organic developers now have four or five different product lines and each has had a separate lineage. The only way to put some rationality there is something like an Oracle Fusion SOA framework. Oracle has to develop this, if only out of the necessity to keep its own product offerings consistent.

Gardner: Now, back to Jim Kobielus’s point about this integrated approach being an oxymoron for SOA. Shouldn’t the vision of SOA allow us to have it both ways? If you have a culture and mindset in an organization, maybe it’s because of your legacy. Maybe it’s because of how you operate and the value you’ve perceived in past IT investments. Thus, you might want to remain with more of a single-vendor or an integrated-stack approach, but there might be other vendors without a legacy to drag along. The enterprise may want to take advantage of any innovation they can to be functionally heterogeneous and to explore and test open-source componentry as that becomes available. Shouldn’t SOA allow both of these approaches -- and pretty much equally?

Macehiter: In principle it should. We have to be careful to distinguish between the infrastructure that you require to enable SOA initiatives and what you’re trying to enable with that service-oriented initiative. Just because you want to have a loosely coupled component that you can combine in multiple ways to deliver business outcomes, doesn’t mean that the infrastructure that underpins that has to be similarly loosely coupled and based on the heterogeneous offerings from different vendors. So, there is a separation there.

We also we have to bear in mind the challenges around going for best-of-breed approach, which are well understood. It’s not so much whether the individual components can actually talk to one another but more about things like the management environment and how you manage the configuration and how do you deal with policy definition?

We’ve done some detailed assessments of service infrastructure offerings from SAP, BEA, IBM, Oracle, Sun, and webMethods. If you actually dig under the covers, you will see that each of the components has its own policy definition approach. So, the way you configure policy within the orchestration engine is inconsistent with the way you do it within the security and identity management capabilities, and that challenge occurs within suites. That’s going to be compounded as you look across different components. That introduces risk into the deployment. It reduces the visibility of the end-to-end deployment. It's those factors that are going to be important, as well as whether a communication and brokerage capability can integrate with the registry and repository. There are a number of factors that you have to bear in mind there.

Kobielus: I agree -- I think that the notion of a best-of-breed SOA suite makes more sense from an enterprise customer’s point of view. Most enterprises want to standardize on a single vendor and a single stack for the SOA plumbing -- the registries and repositories and also the development tools. They want the flexibility to plug in the different application layer components from Oracle and SAP and others, that are SOA-enabled and that can work with that single-core-plumbing-stack from a single vendor.

Gardner: Perhaps the tension here is between what aspects of SOA should be centralized, repeatable, simplified, and consolidated, and which ones should not. It’s not really a matter of SOA homogeneous or SOA heterogeneous. In moving toward SOA, should you say, "Listen, this is going to be common throughout. Let’s reuse this. Let’s manage our policy as centrally as possible.

"We might say the same for other federated and directory services. We might say the same for our tooling, so that we don’t have myriad tools and approaches from our developers. On the other hand, we want to have great flexibility and loosely coupled benefits, when it comes to which services, be they internal or external, be they traditional nature or more of a ‘software as a service’ nature that we can easily incorporate and then manage those as process."

So, is the dividing line here, Steve Garone, between what architecturally makes sense as centralized and not?

Garone: Actually I’ve just sort of been chomping on the bit here a little, because I’ve been listening to the conversation. This a really important point, mostly because there is a lot of stuff -- a lot of analyst opinion, a lot of blogging -- floating around that I’ve read, and I know you guys have probably read, on this very subject, the sort of philosophical dichotomy between what SOA is supposed to be and the notion of an SOA suite or a SOA integrated stack.

Frankly, from the end-user perspective, the message ought to be that the whole notion of SOA, as it relates to loose coupling, is really focused on the services and the applications that you’re going to deliver. That doesn't imply or even suggest that your infrastructure cannot be based on an integrated stack or software that’s designed to work well together. It allows you to work with a single vendor, and to be very efficient about how you both develop, deploy, and maintain and manage your environment.

Gardner: We also have to remember that this evolution of SOA is not happening in a vacuum. There are other major IT trends and business trends of worth. Many of them are focused on trying to reduce the cost of ongoing maintenance and support somewhere between 60 and 80 percent of total IT costs, and maybe more, to free up discretionary spending and to reduce the total spending for IT in many organizations. The trends often involved include data center consolidation, moving toward a more standardized approach for underlying hardware, embracing virtualization/grid/utility principles, and so on. Perhaps we have to recognize that even as SOA moves on its own sort of trajectory, organizations are going to be consolidating and looking for commonality of services, and improved support and maintenance types of features throughout their infrastructure.

Garone: Just to make one more small point. The one area that may diverge from the philosophy that we’ve been talking about is in the area of open source. I think that people who go out and try to implement SOA-based solutions on a variety of levels using open source technology may tend to take a more best-of-breed, individual-component approach than those who would run to their local IBM sales rep and say, “What do I do with SOA?” Even that’s going to change over time, and we’re starting to see SOA suites develop around open-source technology as well. So, that’s going to move in that direction as time goes on.

Gardner: That's another trend that is in tandem with SOA and needs to be woven together with it. It’s obviously a large undertaking. I‘m also reminded, after an interesting briefing I took this week with Informatica, and Ash Kulkarni. We had a really long, interesting discussion about the role of data, master data, and metadata when it comes to moving toward SOA. We really shouldn’t lose track of the fact that as you move to applications as services, and you go loosely coupled, and you adopt more reuse across development with common frameworks, and use rich internet application interfaces -- what about the data?

The data has to be managed as well. Increasingly, companies that have had mergers and acquisitions, or have just gotten myriad applications with varying views of something as specific as a customer identity -- there might be 10 or 15 different views of a customer, as defined by a variety of different applications. How do you manage that? And when you think about the progression of the data, it seems to me that if not in actuality, in a virtual sense, you want to become centralized with your data so that data can be used in a clean and impactful or productive way across all of your services.

Does anyone out there have some thoughts about what considerations to have when it comes to data in this decision about best-of-breed or integrated approach?

Macehiter: I was just going to say, the issue is that data has always been treated as a second-class citizen, and that it has been the product of applications which have then been subsequently analyzed. More organizations are recognizing this need to treat data as a peer, and deliver access to information, whether it’s structured or unstructured, as a service, which can be incorporated as needed into business process.

IBM was quick to identify this when they sold the information as a service strategy. And Oracle, surprisingly, given where they have come from, has actually not really enunciated data services, vision and platform. Although I did notice something on the Oracle Technology Network a couple of weeks ago, where they are just starting to talk about Oracle Data Integrator, based on an acquisition they made of a company called Sunopsis.

So, increasingly that's going to become part of the broader suite proposition. And, this is not just in the area of data but -- more broadly as customer adoption matures -- what constitutes an SOA suite. We’ve seen this around registry and repository, which historically was a best-of-breed proposition from the likes of Systinet and Infravio. Where are they now? They're part of a broader suite proposition from HP and webMethods, respectively. We’ll see this again.

Through acquisition what constitutes a suite will broaden as organizations become more mature in their approach to SOA. "Information as a service" is exactly one of those areas. Initially, that will probably be served by best-of-breed components, and then through a combination of acquisitions or very close partnership relationships will gradually be subsumed into what organizations believe is a SOA suite.

Gardner: Any other thoughts on the data services level and how that relates to this discussion?

Kobielus: I cover SOA for Current Analysis, primarily with reference to data management; and SOA in the data management realm is really consistent with master data management (MDM) as a discipline. Basically, master data management revolves around how you share, reuse, and enable maximum interoperability of your core master reference data, your single version-of-truth information, which is maintained in data warehouses and various operational data stores, and so forth.

Informatica is one of many vendors -- you mentioned Informatica earlier -- that has a strong MDM strategy. But there are are a lot of enterprise information integration (EII) vendors out there. EII revolves around really federated MDM, where you keep the data in its source repository, and then provide a virtualized access layer. This allows your business intelligence and other applications to access that data through a common object or model and a common set of access schemas -- wherever that data might reside -- but facilitated through a virtualized access layer. That’s very much EII as implemented by Business Objects, BEA, and many other vendors, and is very much the approach for federated MDM.

Gardner: Let me pause you there for a minute, Jim. If a virtualized centralization works for information, why wouldn’t it work for other aspects of SOA?

Kobielus: Oh, it does. Virtualization, of course, is one of the big themes in SOA.

Gardner: You can enjoy the benefits of a homogeneous approach, but, in fact, have great heterogeneity beneath the covers. Isn't that the whole idea of SOA -- to provide homogeneity in terms of productivity control management, and yet with flexibility and agility?

Kobielus: SOA, first and foremost, is a virtualization approach -- virtualization defined as an approach for abstracting the external call interface from the internal implementation of a resource, be it data or application functionality.

Gardner: So SOA is best-of-breed -- and it’s integrated. And you can pick and choose how to proceed, based perhaps on your legacy and your skill sets.

Macehiter: We just have to be clear to distinguish between the assets or resources that you’re virtualizing through SOA, which is typically going to be functional assets versus whether you need to virtualize the infrastructure and apply SOA to the underlying infrastructure. That’s the key distinguishing point. And that gets the point that was being raised earlier about virtualized access to information.

The infrastructure could be common, but the information assets that you’re accessing will be in heterogeneous repositories accessed in a number of different ways. This is exactly what IBM is doing with its offerings around information-as-a-service, and BEA as well. It's having the equivalent of application adapters by applying them to information assets and then exposing those through a service interface, so it’s virtualized and transparent: where the information is, how it’s stored and what format it’s in.

Kobielus: You mentioned Oracle’s acquisition of Sunopsis, which is interesting, because Sunopsis is an ETL vendor and the transform side of it is critically important. When you are extracting data from source repositories, you’re transforming it in various ways. Traditionally, Sunopsis’s tools have been used primarily to support transformation of data, which will then be loaded into centralized data warehouses.

But transformation functionality is important, whether you’re doing it in an ETL data warehousing environment -- in other words, the traditional bus for MDM -- or whether you’re doing the transformation in an EII environment. There, in fact, you are not ultimately loading the transform data into a central store, but rather simply transforming the data, keeping it in it’s original schema, but transforming it so it can be rationalized, harmonized, or aligned with a virtualized data access model provided by that EII environment.

Macehiter: Exactly. The transformation should occur behind the service interface, and this is why you need the idea of common information models and common schema models.

Gardner: Before we get down too much in the weeds on EII -- we can address that perhaps in a whole show in the future with a guest who is very much involved with that industry. Let’s move on to our second topic today, given the amount of time we have.

There are a burgeoning number of critical skill sets that need to be applied to SOA. We’ve talked about data, whether it’s cleansing, transforming, virtualizing and approaching some sort of a MDM capability. We have talked about development and process, BPEL. We talked about infrastructure. There is the management, the architectural overview, and what’s our philosophy.

It seems like we’re going to need a lot of very skilled people who are both generalists, as well as highly specific and technical. Because for SOA to work, a bunch of people who are highly specific -- but don’t share the same vision or have a general sense of the strategy -- probably won’t fare too well. This issue comes to us from Joe McKendrick. Joe, give us a little setup and overview of where you think things are headed in terms of the necessary skill sets companies are going to need in order to accomplish the promise of SOA.

McKendrick: Thanks, Dana. It’s interesting. Actually, the impetus for my thinking on this came from a report Ron Schmelzer posted and I reported on my blog this week.

Gardner: Ron being with ZapThink.

McKendrick: That’s correct. He is sounding the alarm bells that the folks that we need to drive SOA forward in the enterprise is this class of enterprise architects and enlightened architects, if you will. There are a lot of SOA projects everybody is interested in. Everybody’s kind of ginned up about SOA now, and we’ve been hearing about it. Enterprises really want to begin to either pilot or move SOA past the pilot stage, and 2007 should be a big year.

Ron Schmelzer feels there may not be enough architects who can take this high-level view and drive this process forward. Now, it’s interesting, but when I posted this on my blog, I got lot of feedback that perhaps architects are not the only ones who can really lead this effort. There are plenty of developers out there, high-level developers, who can also contribute to the process and interact with the business. The key behind this argument is that you need folks who know what’s going on technically, but can interact with the business. It can be a rare skill to have both.

Gardner: Yeah, this is going to be demanding. You can get Oracle-certified, you can get Microsoft-certified, IBM-certified. Where do you go to become SOA architect-certified?

McKendrick: Where do you go in terms of higher education institutes to get trained on architectural planning and network design? I’ve talked to lots of people who say, “Yeah, we look at the computer science graduates coming up, but how many of these people really, fully have had any training or courses whatsoever on broad architectural subjects like SOA?" Very few.

Kobielus: That’s true. Not to get reminiscent or anything, but 10 years ago, when we started seeing Java ramp up, we saw a lag there as well. A lot of organizations were really hungry for Java developers, and the universities came through with more focus on it, but later than probably most organizations wanted. What will happen here is that while this ramp-up goes on, we might see a lot of new business and new interest in service organizations that can provide the professional services required to get people through it.

Macehiter: Yeah, that’s true. That’s going to be an important -- absolutely an important source. Also, there’s some work under way. I don’t know whether any of you are familiar with the the International Association of Software Architects (IASA), which is really trying to foster a community that does try and share best practice around software architecture, including SOA.

You hit the nail on the head in terms of the key skills that are required around being able to interface with the business. One of the skills and attributes that you also need as a SOA architect is really this ability to balance supporting short-term business outcomes but keeping an eye on the longer-term objectives in terms of gaining high quality and maximizing IT value. That’s an equally difficult skill because too often architecture historically has been focused on quite discrete initiatives or infrastructure. I’m thinking about server architecture or network architecture rather than this broader perspective. There are skills occurring from such things as Oasis and what they are trying to do around things like SOA blueprints. It will be useful to get someone from Oasis in a future podcast to discuss this, because this is where the education is coming from.

Gardner: I think that if everyone goes about SOA methodically on his or her own track, and based on their own experience, and we are going to come up with a real mish-mash, then it’s going to be a problem. There needs to be some standardization around methodology.

Coincidentally, in April we’re expecting to see version 3 of the Information Technology Infrastructure Library (ITIL). This is focused on the lifecycle of services. It’s really more at the IT service-management level than pure technology, but it does offer blueprints and books and standardized approaches on how to setup an IT department and manage some of these organizational things. It strikes me that that might be another influence on bringing some kind of a cohesive approach to SOA, rather than be totally scatter-shot.

Macehiter: ITIL came out of the U.K. government. What was interesting about it is that it was driven very much from the experience of people who were grappling with these very challenges. That’s where it’s going to come from in SOA. It’s going to come from things like the IASA and others practitioners defining the best practice, rather than a more theoretical, academic approach to defining the ideal methodology.

Gardner: It's my understanding that the global systems integrators are very interested in this coming version of ITIL, and some of these other standardization-for-methodological-benefit approaches. As I’ve said before, SOA is the gift that keeps giving, if you’re a systems integrator in a professional services organization. It will be really interesting to see how successful they are at bringing a standardized set of approaches to the SOA architect role and whether that’s actually in their best interests over time.

McKendrick: And when it washes up on these shores, we’ll call it American ITIL.

Gardner: Actually the number of ITIL users is highest in the private sector and in North America, as I understand it, although it’s hard to see to what degree people actually use it. I think people use it in dribs and drabs and not in entirety.

McKendrick: It’s going to be interesting. There’s a lot of emphasis on compliance now, and data management is a big part of it as well. ITIL is really going to come into play, and should be coming into play, because processes are outsourced. Because processes are being managed by third-party firms, you need to have across-the-board standards to ensure that the data is being managed properly and in accordance with some type of universal standard. And, the regulators are going to want to see that as well.

Gardner: Well, I think we’ve come up with two separate shows we'll need to do -- one on enterprise information integration (EII) and dig in to that topic specifically; and then, perhaps, we should do an ITIL show, get someone who is familiar with some of the authoring there, and dig into its implications for SOA.

Well I think that wraps it up for today. We’ve covered quite a bit of ground in a short amount of time. I want to thank all of our guests. We’ve had Steve Garone, Joe McKendrick, Neil Macehiter, Tony Baer and Jim Kobielus. This is Dana Gardner, your host and moderator for this week’s BriefingsDirect SOA Insights Edition. Please come back and join us next week. Thank you.

If any of our listeners are interested in learning more about BriefingsDirect B2B informational podcasts or to become a sponsor of this or other B2B podcasts, please fill free to contact me, Dana Gardner at 603-528-2435.

Listen to the podcast here.

Transcript of Dana Gardner’s BriefingsDirect SOA Insights Edition, Vol. 10. Copyright Interarbor Solutions, LLC, 2005-2007. All rights reserved.