Archive for the ‘HP’ Category

IBM's identity management becomes user-centric: HP's identity management exit strategy

Thursday, May 22nd, 2008
Courtesy of InternetNews on Tuesday I learned that IBM has added support for OpenID, Windows CardSpace and Eclipse’s Higgins Identity Framework to its Tivoli Federated Identity Manager (FIM) offering. As one of the enterprise identity management heavyweights, IBM’s announcement is an important endorsement of user-centric identity approaches. Such approaches are still in the formative phase of the adoption curve, particularly in the enterprise, so I see this is an investment for the future for IBM. IBM’s significant installed base should help to increase awareness, particularly for organisations supporting external user communities.

IBM’s press release provides more details on the user-centric credentials (no pun intended!) of FIM. It also discusses the product’s SOA Identity Service, which is designed to address some of the challenges associated with identity lifecycle management and audit where service-oriented approaches are applied to siloed applications with siloed security. These challenges are something I highlighted back in February 2006 and are a barrier to the realisation of the value of SOA as it moves out of project-level deployments. I see the SOA Identity Service as the more important aspect of this announcement, with SOA being a more pressing IT (and hopefully business) concern than user-centric identity.

As an aside, the InternetNews article mentions that the enterprise identity management market

is becoming increasingly competitive with offerings from HP, CA and Oracle.

Can’t fault the journalist on CA and Oracle … but HP! Earlier in the year the company announced that it was no longer going to be selling its Identity Center products to new customers: hardly a competitive force. As part of this (hopefully for its customers) graceful retreat from the market, HP announced that it has established an exclusive agreement with Novell whereby the two companies will

jointly offer migration services, HP will resell Novell identity and security management solutions and Novell will license HP Identity Center technology

When HP originally announced that it was exiting the market, it stated that it would continue to support and develop Identity Center for its existing customers so I was somewhat surprised to see it offering a migration programme. I wonder whether those customers didn’t see this as an effective way forward for what is critical infrastructure. Whilst the programme was a surprise, the partner wasn’t. Where else could HP have gone? BMC, CA or IBM: hardly, given the competition in the IT service/systems management markets (and numerous others in the case of IBM). Sun: difficult given competition in the hardware space. Oracle: would have made things difficult for HP’s SAP alliance team. Microsoft: lacks the heterogeneous environment support and breadth of functionality that HP’s customers need. So, whilst I am sure the sentiments behind Ben Horowitz’s (VP and GM, Business Technology Optimization, Software, HP) statement that HP chose Novell

because of its outstanding set of technologies, recognized market leadership and tremendous commitment to working with HP customers

are real, the company didn’t have too many others to chose from!

Posted in BMC, CA, CardSpace, Eclipse, HP, Higgins, Microsoft, Novell, Oracle, ibm, identity | 4 Comments »

HP tightens up its SOA governance proposition

Tuesday, January 29th, 2008
HP yesterday announced long-awaited (at least as far as we are concerned) enhancements to its SOA software and services, which see the company beginning to realise the potential of its acquisition of Systinet (via Mercury) when it comes to SOA governance. Back in March, the other Neil highlighted that lifecycle management is one of the four key elements of an SOA functionality pyramid and is:
all about supporting development, integration and operations teams in linking their efforts to ensure that the consumer service experience is high-quality and consistent under potentially unpredictable circumstances. Typically the foundation of this capability is some kind of registry/repository, but ideally tools go further than this – firstly by helping to automate team workflows for implementing quality controls at design time; and secondly by helping to translate design intentions relating to operational SLAs into runtime policies which are tied into the infrastructure.

HP is attempting to go that bit further by more tightly integrating the registry/respository capabilities it acquired with Systinet to the policy-based management and monitoring capabilities of its SOA Manager product. Whilst HP also brings other valuable functionality to fill out the SOA pyramid, including business process monitoring (HP Process Insight), security and identity management (HP Select Access) and synthetic transaction monitoring and reporting (HP Business Availability Center) it does not – and nor would it claim to – have everything.

Enter the Governance Interoperability Framework (GIF) it inherited from Systinet. The GIF is designed to facilitate information exchange with the Systinet Registry and Repository allowing third parties to integrate relevant technologies, such as policy enforcement and service orchestration, with the SOA lifecycle management capabilities. As well as announcing 10 new GIF partners, HP is also publishing the GIF specifications.

Integration is not totally reliant on GIF though. Systinet’s registry is also embedded in the SOA infrastructure offerings from the likes of BEA, Oracle and TIBCO, which makes HP an obvious potential source of broader SOA lifecycle management functionality for their customers. The company is not such an obvious choice for customers of IBM and Software AG who are building out their own capabilities.

SOA platforms do not begin and end with BEA, IBM, Oracle, Software AG and TIBCO though. There are other choices: Microsoft, Progress, Red Hat and SAP etc. Not forgetting of course that organisations will be acquiring service oriented solutions as part of business applications. What’s the story there? There are two. The first is GIF. The second is the HP SOA Registry Foundation that also formed part of yesterday’s announcement and which the company describes as

a new software product expressly designed for independent software vendors. HP SOA Registry Foundation is a powerful, standards-based way to publish, categorize and discover SOA services and artifacts. This new product can be easily embedded with packaged applications and distributed solutions.

In other words, it’s an OEM-specific version of the registry designed to allow HP to replicate the BEA, Oracle and TIBCO agreements.

Coupled with the HP’s services capabilities, these announcements should mean that HP is able to exploit its systems management heritage and installed base to position itself as a credible SOA lifecycle management provider to organisations moving beyond project-level SOA initiatives – and to the software vendors that are helping them on that journey.

Posted in HP, SOA, UDDI, governance, service | No Comments »

Not just ink

Thursday, September 20th, 2007

For many many years in analyst circles, it was almost obligatory when talking about IT vendors to say “well of course, HP makes all its profit from ink”. I remember looking, year after year, at marching rows of red figures as HP focused in on the performance of its software division in particular. It was kind of uncomfortable for everyone involved – lots of shuffling in seats was done.

I know I’m a bit late (the results were announced in mid-August), but I’ve recently had an update briefing on HP’s software business, and HP’s acquisitions are doing some good. Like IBM, HP has made a strategic move to acquire higher-margin businesses in an attempt to avoid the commodity trap. Mercury, Opsware, SPI Dynamics – they’re not all that huge, but they are all in high-growth areas (compared to network and systems management tools, where HP used to be centred, at least ;-).

The result is that in Q3 this year, HP’s software business brought the highest operating profit (as a percentage) across all of HP’s business units. It’s not just about ink any more. In this light, it’s pretty difficult to see HP as “not serious about software” (something that it’s competitors have regularly said to customers). Alongside one of the companies HP competes regularly against, BMC, the 14.6% operating profit within HP’s software business looks pretty decent (if my maths is right, BMC’s operating profit is currently running somewhere around 13% of revenues).

That said, of course, when you compare HP’s results against Microsoft’s 36%-odd operating profit, things take on a different colour…

Posted in HP, Mercury, Opsware, financials | No Comments »

Microsoft's Dynamic IT: it's a start

Thursday, June 7th, 2007
I have just returned from a couple of days in Orlando, where I attended a Microsoft Server and Tools Business analyst summit which coincided with the company’s TechEd conference. The RedMonkers James and Coté did a great job of live blogging the event (here, here, here, here, here and here) – and there was even some Twittering – but I needed the joys of a 9 hour transatlantic flight to collect my thoughts.

The big news at TechEd and the focus of the analyst summit was Microsoft’s Dynamic IT for the People-Ready Business (Dynamic IT) strategy, which the company describes as building

on the company’s Dynamic Systems Initiative and ongoing Application Platform efforts to provide customers with the key areas of technical innovation necessary to make their IT and development organizations more strategic to the business

In other words it’s a framework which builds on a number of Microsoft’s most significant, but historically largely disconnected, initiatives which is designed to help customers understand how they can be combined to increase the business value of IT. This is long overdue, for a couple of reasons.

First, whilst Microsoft has used language in the past which implies linkage between the different initiatives and associated products, such as ‘design for operations’ for DSI and .NET, it’s not always been clear how the implication becomes reality. For example, how do the System Center management tools exploit operational policy requirements defined in Visual Studio and how do those requirements map to policies defined in Windows Communication Foundation? Dynamic IT sets out to make the linkage explicit.

Second, Microsoft has lacked a cross-company vision for enterprise IT (for want of a better term) within which to frame discussions with customers and around which it can rally the troops. I’m thinking here of things like IBM’s On Demand, HP’s Business Technology, Oracle’s Fusion etc. There’s People-Ready of course but I think that’s about more than Enterprise IT. Dynamic IT provides Microsoft with a competitive alternative and one that is more reflective of current reality than future aspiration.

There are four aspects to Dynamic IT where Microsoft plans to focus innovation:

  • unified and virtualized
  • process-led, model-driven
  • service-enabled
  • user-focused

built on a federated, interoperable and secure foundation. Obviously, it’s still very early days but I do think Microsoft has a lot of work to do if it’s going to achieve what I believe it hopes to with Dynamic IT.

For example, in his keynote when Bob Muglia talked about process-led, model-driven he discussed process-led in terms of the application lifecycle, BizTalk, Windows Workflow Foundation and Office Business Applications and model-driven in terms of System Center and IT management models (based on Service Modelling Language and the Common Model Library). What he didn’t do was explain the relationship between the two. When describing service-enabled, he focussed on .NET, SOA, web services and software plus services, primarily from the bottom-up, developer perspective (consistent with Microsoft’s initial foray into SOA) but failed to tie that into the end-to-end service lifecycle – Big SOA – and thus process-led, model-driven. (As an aside, I think Microsoft is also missing a trick when it comes to information and data as a service but that’s for another day).

As well as explaining the relationships between the different aspects of Dynamic IT, Microsoft also has to be very careful that it doesn’t fall back into the trap of using it simply as a framework for categorising its products. Increasingly, the key concerns of the people it is trying to reach with Dynamic IT don’t fall into neat product categories and Microsoft has struggled in the past to articulate the joined-up propositions required to address these concerns because of its focus on product stovepipes (as I discussed here).

What I think Microsoft needs, as I explained during various meetings at the summit, are scenarios and associated case studies to bridge between the framework and the products and emphasise the linkage. This will also serve to highlight the importance of the three foundational aspects – federated, interoperable and secure – which might otherwise be lost and to tie into Core, Application Platform and Business Productivity Infrastructure Optimization roadmaps which Microsoft is using to help customers understand how they move forward from where they are today.

For Microsoft’s customers and potential customers Dynamic IT is a positive sign that company is beginning to recognise that you are more concerned with the outcomes from deploying the company’s technologies than you are about the technologies themselves or the way that Microsoft chooses to structure itself to develop and sell them. Over the coming months you should be looking to Microsoft to fill out the framework and seek explanations for how the pieces fit together today and how the company plans to enhance that integration going forward.

Posted in HP, Microsoft, Oracle, SOA, ibm | No Comments »

Policy interoperability – a step in the right direction

Thursday, May 3rd, 2007
At the end of last week a webMethods’ press release popped into my inbox highlighting a recent demonstration of interoperability between the company’s UDDI-based registry (acquired with Infravio), HP’s Systinet registry and one of Layer 7 Technologies’ SecureSpan XML appliances.  In a nutshell, the three companies showed how policies attached to services in a UDDI registry (using the Web Services Policy 1.5 Framework and Attachment candidate standard specification) can be exchanged with Layer 7’s appliance for policy enforcement.

Prasad Yendluri of the Office of the CTO at webMethods had this to say:

greatly enhance[s] the interoperability of all of the components used to achieve policy-based governance

a point which was reinforced by Toufic Boubez, CTO of Layer 7 who claimed such interoperability provides:

a powerful standards-based solution for overall SOA management and governance

Here at MWD we certainly agree that a policy-based approach is essential for effective management of the service lifecycle. Policies should capture and enforce the obligations and expectations of service providers and consumers represented in service contracts to maximise the quality of the service experience. Interoperability of policies is also essential, given the variety of service infrastructure technologies required to support any significant SOA initiative. However, as I pointed out over a year ago:

WS-Policy does not deal with semantics: it provides a framework within which those semantics can be defined. Support for WS-Policy provides no guarantee that the way one vendor defines a particular policy can be interpreted and enforced effectively by another. That will require agreement on semantics.

For these reasons, I doubt that the three participants simply installed the products, created some services and policies and then demonstrated policy enforcement: they first had to agree how the policies would be represented in WS-Policy.

Don’t get me wrong: I think this is a positive step in the right direction. However, it’s important for those involved in SOA initiatives to recognise, as I pointed out last year, that a number of significant steps still have to be taken to reach the semantic interoperability goal that’s required:

It’s not going to be easy! It will require the participation and cooperation of vendors of all shapes and sizes. Vendors, moreover, who are going to have to relinquish the control that ownership of policy definition can provide.

Posted in HP, Layer7, SOA, UDDI, governance, policy, webMethods | No Comments »

MWD FM SOA interview: HP

Saturday, April 7th, 2007

Here’s the third in our series of interviews with SOA vendors. This week it’s the turn of Roman Stanek – one of the founders of Systinet, which was bought by Mercury (which was then in turn bought by HP a few months back).

The 31′17″ interview has some great stuff in it. As we ask our usual four questions about HP and Systinet SOA offerings, we swing past:

  • scenarios where the standardisation and interoperability that SOA introduces are particularly important
  • how SOA is about outcomes, not protocols (with reference to the SOAP vs REST debate)
  • how SOA wil disappear from the IT industry’s lexicon in the coming years, because it will become a standard feature of the IT landscape
  • the effect that SOA has on the software development lifecycle, and how the loose coupling that it introduces into development organisations and processes brings requirements for strong management of service lifecycles and service quality.

You can download the audio here or you can subscribe to the feed.

Posted in HP, MWD, SOA, podcast | No Comments »

Liberty is serious about clients

Tuesday, March 20th, 2007

The Liberty Alliance today announced its Advanced Client specifications which are

designed to allow enterprise users and consumers to manage identity information on devices such as cameras, handhelds, laptops, printers and televisions

For those of you that are so inclined, you can read the specifications here but, in a nutshell, the Advanced Client relies on ID-WSF 2.0 (which I discussed here) to provide the following capabilities:

  • Trusted Module – protocols which allow a client (be it hardware, software or a combination of the two) that is sufficiently secure to be trusted by third-parties to participate in identity-based transactions e.g. to make identity assertions on behalf of an identity provider event if the client is disconnected from the identity provider
  • Provisioning – over-the-air provisioning of data and/or functionality to the client
  • Service Hosting/Proxying (SHPS) – facilities which allow an identity web service service hosted on the client, such as an individual’s e-commerce profile, to be accessed under the control of the individual (whether or not the client is connected)

These capabilities allow identity data to be provisioned to and stored on a client device, such as smart card or a mobile phone SIM and subsequently used in a variety of scenarios, including single sign-on and identity federation. In SSO scenarios, the client can either perform the role of an identity provider (self-asserted) or take responsibility for certain aspects of the SSO process, essentially acting as an extension of a third-party identity provider.

The Advanced Client is the third phase of Liberty’s four-phase roadmap for delivering client capabilities, following on from the Liberty Enabled Client/Proxy (which I discussed at some length here and here) and the Active Client, which provides client-based identity web services and SSO capabilities in an untrusted environment. The final phase is the Robust Client, which will add support for multi-factor authentication and mobility of Trusted Modules.

This is not just about dry specifications though. Earlier in the year at the RSA Conference BT, together with HP and Intel, demonstrated an Advanced Client proof of concept (you can download the presentation here – it’s a 10MB ZIP file!), with HP doing the provisioning and Intel providing the trusted client environment, based on its Identity Capable Platforms (ICP) technology. The proof-of-concept is based on a Wi-Fi provisioning scenario where an individual subscribes to Wi-Fi on the web and completes the BT-initiated provisioning process using credentials which have been pushed down to the ICP-based trusted Active Client.

As I have said before (and I was as guilty of this as anyone) the work of the Liberty Alliance can be perceived as focusing on server-to-server protocols for enterprise-centric federation. Its work on client-enablement, however, provides compelling evidence that this is not the case. With major telco players such as BT, Ericsson, NTT, Nokia, T-Com, Telefonica, Telenor and Vodafone on its membership roster its highly likely that its client specifications are going to see significant deployment. Their participation also explains the emphasis on over-the-air provisioning and active, trusted participation of the user which are essential for telecom services. With an increasingly mobile and disconnected workforce, this is not just a consumer play and organisations should be monitoring these developments closely.

Posted in BT, HP, Intel, Liberty, identity | No Comments »