Edited transcript of SOA trends webinar recorded Nov. 15, 2006.
Listen to a podcast of the webinar here. Sponsor: Cape Clear Software, Inc.
Welcome to a special BriefingsDirect presentation, a podcast created from a recent webinar with Interarbor Solutions Principal Analyst Dana Gardner and Cape Clear Software CEO Annrai O'Toole. This sponsored webinar presents a Services Oriented Architecture (SOA) market perspective by Dana, followed by comments by Annrai, and some questions from the live webinar audience. Today’s topic is how the value provided by SOA may be the best way to demonstrate the business value of SOA investments. Now, let’s listen to the analyst’s perspective.
Dana Gardner: Hello, we’re going to work through a state-of-the-market analysis on SOA at a very important juncture in SOA's evolution. An incredibly important issue right now is whether we are going to win broad acceptance and deep penetration, or whether SOA remains somewhat marginal.
There are a number of things going on in the market that we will look over. Trends and developments in information technology (IT) such as market acceptance and tipping points -- and a sort of social-animal instinct and on how people behave -- become very important. It is no longer just about the technology; it's about what motivates people, particularly in their businesses.
So, let’s take a level-set in changing times. These are very dynamic times. There are so many things going on in addition to SOA that we can’t look at SOA alone; we have to look at it in the context of what’s going on in general with IT and business. Over the last two to four years, we have seen SOA develop as a vision, spawned off the work done with Web services, progeny of object orientation and components, bringing it into a standard environment and, hopefully, into much broader usage across IT -- not just in development but in how people conceive of IT; a transformative type of activity.
We have gone through SOA standards. We have seen companies come up with methodologies, and have had examples of successful, and not so successful, implementations of SOA in the marketplace. Most, if not all, of the large vendors are solidly behind SOA. We’ve seen them use the terminology. Some are talking more about the business results than the SOA nomenclature itself. It is clear from IBM to SAP, to Oracle and Sun, that their products and services are based on SOA principles. We expect that will then follow through into the marketplace. We are also seeing quite a bit of development from the large global systems integrators around SOA practices.
Question for SOA is when, not if
It has been my analysis for several years that this is an extremely big deal, but what has been missing is the agreement generally in the marketplace as to not if, but when, to do this. We have also had a lot of activity in the marketplace around startups merging and rearranging their businesses. If they did not start focused on SOA, they seem to be heading in that direction. And that has led to a period of consolidation. We have seen mergers and acquisitions, partnerships, and ecology developments.
We’ve seen the notion of SOA, and it includes governance, bleed over into how IT actually functions -- and not just how development and deployment strategies are defined. We are really up against the tipping point here. The crucial issue for SOA is how that tipping point manifests itself.
The real force behind SOA is a transformative activity, both for the technologists in the IT department as well as for how IT is conceived, perceived, and used by the businesses. This has been an ongoing issue for many years, if not decades. At this point we have quite a bit of buy-in around SOA from the technologists. What we see mainly, however, is SOA use behind firewalls and within fairly vertical applications, within a defined business process activity.
What's more, many services today are data-centric. My studies show about two-thirds of current in-production SOA services have been data-service layer or data-centric services, and so perhaps as few as one third are being devoted to business logic and transactional activities. This, of course, will vary from company to company, in vertical industry to vertical industry, but the trend is showing a predominance of interest in making data available as a service. That service is then consumed and used in non-SOA activities and in more traditional integration portal Web applications, and Web or thin-client presentation applications.
How will SaaS and SOA emerge together?
So, SOA remains somewhat tactical even at most mainstream enterprises. There is also an important trend line around software as a service (SaaS) providers as they build their applications to be consumed and used as services. They might have a deep impact on how SOA is consumed -- almost on an outsourced basis rather than a homegrown basis -- and we are going to be tracking that carefully.
An inhibitor to the business side of the house in enterprises adopting SOA broadly is a lack of discretionary spending in IT for SOA types of investments. There is a lot of confusion around SOA and its values, and what business terms and issues are the motivators. Therefore SOA remains difficult to define and rationalize in purely economic terms. There are a lot of reasons for that.
The market is going to work toward a better understanding of the rationale behind businesses as they seek investments in this disruptive technology. We will move from monolithic silos of development and deployment infrastructure and sort of break that apart. Then after the decomposition process we can extend and reuse and redeploy -- hopefully with a great deal more efficiency -- these resources as granular components or services.
Follow the money
Though the concept is quite strong, the benefits in terms of numbers and metrics can be rather soft. We could tell people they are going to be more agile, be able to change in the marketplace more quickly, and be able to consolidate and use more singular architectures. Yet these are not numbers you can bring in on a quarterly basis and say, “Here’s what SOA has done for us this quarter in terms of dollars and cents.” Financial rewards are part of a long-term transformative process as well; something we expect will take years, if not decades, to fully play out.
SOA is really a journey without a destination and, as such, it is harder to quantify and qualify in terms of payback. If there is no destination, when does one know one has succeeded? This also affects cross-organizational use and deployment. There is a traditional chicken-and-egg relationship on whether developers move first, or the SaaS operators, or the people who deploy them on-premises, and that’s currently being played out.
For the true payback of SOA to come about, be it in soft terms or hard terms, it does require a horizontal, holistic, and general usage. Politics are also involved here. We have people that have been quite content to remain within a small, isolated arena with their own budget to control, working for several well-known and established taskmasters.
SOA, in a sense, disrupts that. There is no central taskmaster with SOA (and that's why governance is so important). The idea is for more and more folks to have a handle on these services, and then use them in new and innovative ways -- closer to the line of business, closer to the business processes, and extending beyond the confines of the enterprise into a supply chain, for example. So there is naturally some control politics.
Also budgeting issues play a role, which often means control from the top down rather than the bottom up because it is the central command-and-control folks that effectively change budget structure and allocate funds. So that is in process now as well.
There is also the need for collaboration across these groups. Not only do we want to change how budgets might be formed, we want to encourage people to work in a simultaneous fashion rather than in a linear fashion. So the hand-off of an application project really can’t happen over a period of six months to 12 months anymore; it needs to happen simultaneously with development. The whole idea here is to go to the business side of the house and tell them we can work quickly and change the process for you, as you have to adapt to a rapidly changing marketplace.
Make the business case for SOA
Gaining market acceptance for SOA requires a compelling business and economic case, something that we haven’t seen, at least not in a cohesive matter. There isn’t a central SOA defining body; there isn’t a central mouthpiece for SOA or SOA activities. It is been happening on an ad hoc, willy-nilly basis from a number of large and small vendors, as well as integrators and professional service providers. It is happening almost as if we were in a social network, and perhaps we are. This is a global SOA social network effect that we are seeing. It is happening at a time when we can’t just focus on SOA, however.
We need to look at all of the other trends, changes, and, frankly, complexity that CIOs, decision makers, enterprises, and telecommunication carriers are facing. If we look at a laundry list of what is going on right now we are not only looking at SOA issues, but also Web 2.0 (and this new concept of Enterprise 2.0), event driven architecture, complex event processing, SaaS, grid-utility computing, application virtualization, open source software and its impact, business process management, and on and on. People are dealing with convergence issues and mobility issues cutting across different types of devices. We are talking about "fabrics" for interconnected networks.
IT trends are also in flux. These are not just technology issues, but affect how IT is consumed such as through "shared services," where IT departments function more as a business customer within an enterprise. They behave based on market forces internally and the need to fulfill service level agreements locally. A very hot area now is IT governance from regulatory impetus to general organizational business practices, where IT departments are maturing and behaving as would an accounting department or an external field organization.
We are looking at application modernization, with people rationalizing which applications should remain and which should go as part of a datacenter consolidation trend. There is infrastructure virtualization, where we can cut costs on hardware and find new benefits around platforms, and instances of runtime, where we can deploy applications in new and interesting ways.
There is also business continuity to consider. We have natural and man-made disasters and disruptions that need to be addressed and, therefore, redundancy plays an important part, and data centers that are strategically placed outside of places that are perhaps at risk. Furthermore, there are regulatory compliance and intellectual property issues involving what code can be used in which ways. This is all part of a barrage of issues that are affecting CIOs and decision makers simultaneously.
More ROI for SOA
Yet, despite the complexities, despite these numerous trends and changes in the market, aggregate spending growth for IT remains fairly confined. We see large single-digit numbers in many organizations. Even within that confined growth trend we still see 60 percent to 80 percent of the total IT cost going to just maintaining and keeping current infrastructure and applications running, which does not leave much for discretionary SOA spending.
As I mentioned earlier, not many individuals are jumping up and down and singing the SOA song in a mutual chorus. Microsoft, for example, has remained somewhat distant from using SOA as a phrase, although many of the business benefits they project for their infrastructure and applications (particularly the newer ones) do align with SOA methods and business benefits.
We need to energize folks to invest in SOA now. I have addressed this issue by looking at the many-faceted benefits of SOA, both as an opportunity and as an area of fear. There is an opportunity to beat your competition if you can embrace SOA and use some of these other large technical and organizational changes to your benefit; to make IT a weapon you can use to do better than your opponent and, therefore, get better traction in the marketplace.
There is also the fear that your competitor might do that to you. There is an opportunity to exploit new avenues for change by obtaining applications or modernizing applications including SaaS. If your opponent in the marketplace (or the person who might get to the marketplace first) is using SaaS, their costs are lower and their agility might be higher. So, there is a fear of that as well.
This is also a great opportunity to exploit these convergence issues, reach mobile workers, and better deliver data and application and logic to the end users across the organization. SOA benefits also work both internally and externally. They allow you to be an architected organization where the focus is on what you need to do in a market to gain new business and to know where the new business is expected to be in six months; to be an early mover, not a trailing-adopter.
Architecture for competitiveness and risk reduction
SOA architecture is absolutely essential to become a first-mover and to focus strategically on architecture over applications to win business. The relationship between the application and the architecture is something we must focus on.
It is not just the fear and opportunity, but general and broad risk reduction that should energize people about SOA. SOA can empower businesses to reduce their risk of losing value from past IT investments. SOA allows you to continue to reap rewards from your past IT investments; to not necessarily sunset applications, but find new value in them. You can mitigate your risk against not competing with newer companies that don't need to support a costly legacy because you can bring in greenfield and modern application architectures as well. SOA allows you to play with both legacy and new greenfield approaches.
There is also risk reduction and mitigation against the unforeseeable future; against new architectural benefits, IT benefits, or trends that might be here in two-to-three years. SOA has a risk-reduction benefit because it is defensive, it is offensive, it is inclusive, and it works across organizational boundaries.
There is also risk-reduction around data and application logic, and the use of data in applications in new formats. There is reduced risk in the ability to absorb and manage merger and acquisitions, expected or not. I’ve spoken with folks at venders like Oracle that say they probably couldn’t have done the J.D. Edwards and the PeopleSoft activities without Web services and, increasingly, without SOA. If they can do it to move fast and successfully in their markets, their customers need to think the same way.
They need visibility across an entire process chain to reduce risk in terms of actually controlling what is going on within IT. One of the things that we are discussing with IT governance and enterprise service buses (ESBs), and some of the standards and methodologies used, is an ability to gain a holistic total view into a process -- not just a set of technologies; not just a particular server farm or a particular layer within a distributed architecture but across a business process.
"How am I actually doing?" This is a very important element for businesses on a regulatory compliance basis for Sarbanes-Oxley, for example, but also for companies to be fleet. If you don’t know what you are doing or how things are going, you cannot react appropriately.
So, in summary, SOA is really a means, an ongoing journey. It has soft advantages, but I think it has great benefits in terms of risk reduction and of meeting opportunity rather than fearing opportunity. It is a defensive and offensive weapon, both inside and outside of the firewall, and it bridges the past and the future while encouraging organizational transformation -- not just IT transformation but business transformation.
SOA promotes total excellence over subset excellence and fosters change management as a core competency. It also allows for constant process refinement; things do not get locked in and then set into a monolithic and static hierarchy, they are constantly being changed and improved. The ultimate goal is to be able to attain many of these things with overall reduced cost of capital and in the cost of ongoing maintenance and support.
That is the end of my presentation on the state of SOA. It is important now to energize and find ways to make the business case for this because the managers, over time, will play out for those that are early movers. Thank you.
Cape Clear CEO comments
Annrai O'Toole: Thanks very much, Dana. I am going to pick up where Dana left off. Dana has pointed out a few of the topics here, and there are a few things that I would like to add to the mix.
Before we jump in to this, I would just like to stand back and think about SOA in a very broad sense. I have been writing a blog article about this topic as well. It is fair to compare SOA to things that we have seen in the past like client-server and the Internet because they are very similar. Those were terms that the industry applied to a big change. The Internet was very easy for people to understand, because it is very visual and people could get on to a browser and move around.
So, the Internet did not need a whole lot of selling. Client-server needed quite a bit. However, there were a lot of clear business benefits to client-server in particular because it came from a mainframe-dominated world of computing. Client-server essentially offered people a much cheaper hardware infrastructure, and a much cheaper way to get far more powerful applications onto people’s desktops. So it was pretty easy; business users could use those applications to see what it was all about and they received client-server at a high level.
SOA is very similar to client-server. SOA is essentially a set of technologies and a methodology and a philosophy about how we build enterprise applications. SOA is never going to have much meaning for the average consumer in the streets, but it does have a lot of meaning for large enterprises. We are here today to discuss what SOA means to business users and enterprises. As Dana outlined, it is a kind of struggle because we can approach a business user and say, “SOA gives you more agile applications.” They ask, “What precisely does more agile applications mean?”
The term in itself is vague and building any metrics around this is tough. The business users get the notion that they want the applications to change more easily, but it is very difficult to quantify that. If we asked business users and a focus group what they meant by "agile applications," I think we would get many different answers. If you read in the blogosphere about SOA, you read only the articles. Once people get beyond agile applications, they are into reducing integration in half and that is nice. It is definitely very quantifiable.
More meat for the business users
In particular, as Dana exemplified so well, you know there are so many things that IT is grappling with today. I am not going to repeat what Dana spoke about, but the business user and the context of reducing integration costs is important. I don’t think that there are many business users who jump out of bed in the morning and say, “How am I going to reduce IT integration costs?” So I think these are the two main planks about how we justify SOA to a business user today, and I think we are all being pretty candid here, but these are not great.
We need to do a better job on this. If you start reading all the stuff in the blogosphere about SOA, it is really techies talking to techies; it is all about how you adopt SOA and the architectural approaches to adopting SOA. At Cape Clear a lot of our content is focused on IT guys, which is correct, but we in the industry have the onus on us to do a better job of explaining this to business users.
So the bad news is that I do not have a magic answer to this, and the good news is that I have a few things to say that I think are interesting. There are a number of very powerful things that SOA is doing today, and we are involved in some of them. For instance, there is increasing use of software as a service (SaaS). A long-running problem that many business users have had is that they all want greater business applications that give them better insight into their business but they do not want to spend three or four years doing large enterprise resource planning (ERP) implementations.
So SaaS for a lot of cost reasons and efficiencies -- and in use adoption -- is doing really well. There is a new Salesforce.com-breed that has done extremely well there. Just last week we announced our partnership with Workday. They have a whole new take on ERP applications based on the hosted model. They are embedding our software, along with other companies. So there is a whole range of SaaS applications that are turning to SOA to provide the kind of back-end integrations between the SaaS and existing applications that customers already have. SOA is already playing a very important part in pairing the next generation of business applications. And I think many business users understand that.
This next line is not something that I think business users understand yet, but it is incredibly important. A lot of techies know this stuff, but as you begin and you look at what SOA is doing -- it is really blurring the line between the underlying middleware infrastructure and the sets of business applications. The clearest example of this is Oracle Fusion. Oracle is spending a ton of money in increasing the Fusion middleware line and they are not doing it because they want to find new middleware; not really.
Middleware and applications blur
Oracle Fusion is an application strategy, and the only way that Oracle is able to deliver a unified set of applications from all the things they have acquired is by integrating them together around Oracle Fusion. Oracle is very clear about this. If you read all the documentation or the messages that they are sending, Oracle Fusion is an application strategy. That is very important, because the infrastructure (the middleware stuff that we have all been involved with for years and years) is really getting more and more powerful. And so that’s really making this infrastructure into things that people can really build, can easily build applications, on top of.
Dana certainly picked up on this. I think that when you distill all this, what really stands out is that SOA is increasingly about liberating the business process because today many business processes are hard-coated in cement inside big-tent applications like SAP. We have a couple of ex-PeopleSoft people working with us at Cape Clear, and they tell a great story about how they used to do sales pitches against SAP. They went to the customer with a small cup of quick-drying cement and poured it into a mold. By the time they finished the presentation, the cement is set and it has SAP written on it.
They then say, “There you go, that’s the deal with SAP.” It is easy to design, but once you get your business process done, it is embedded in cement. For lots of businesses all over the world, the business process is very difficult to change because the idea is so hard to change. SOA is all about how to use that application in new and more transparent ways that are easier to change and that deliver agility.
I recently had a conversation with a Gartner analyst about how they describe the whole SOA space and the ESB space. They were saying that there were some conversations going on inside Gartner about the fact that they might change the definition for this and bolt the stuff into business processes management (BPM).
At first she recoiled against that saying, but the more you think about SOA, the more you realize that it is just about helping people understand, and making those business processes more transparent and more open to change. We here at Cape Clear see this forcefully with our customers. Just yesterday we announced a business activity monitoring (BAM) solution with the Cape Clear ESB. We are doing this because when people get an ESB installed, it gives them a perfect opportunity for the ESB to power a BAM for the dashboards, so they can understand what is going on in the business process.
We have a great story from one of our customers about repairing an online website. With the BAM solution in, we are looking at the site and we noticed there was a set of faults building up on the credit card validation side. This was tough to track down because of the very obscure problem. The BAM insight showed how the process had been written and, because of that, we were able to point out that they were losing a large number of visitors who were stopped at a certain point because the credit card validation was jamming up.
SOA as new business applications
This example validates having the ability to expose business processes and tell people what is going wrong and how to fix it. If you can show where things are going wrong and how they can increase the top line revenue, it is very easy to sell SOA. Every businessperson can relate to that. So, I just started to pull this together and join some dots here. You come to the conclusion that SOA is a new business application.
I am borrowing from those that have gone before me. The great Scott McNealy line at Sun was that the "Network is the Computer." He was saying that for years. That was a model for the longest time. When he was saying that, they were delivering things like RPC and NFS, and it made sense in those terms. When the Internet arrived it made huge sense and everybody agreed that the network is the computer.
Now, if you join the dots between a new world of easy-to-use host applications then making business processes transparent and being able to see what is going on in real-time in your business is essential. When you start to join the dots between those and other things that SOA is enabling, it starts to give real meaning to this notion that SOA is indeed the new business application. It is not about Web services and WSDL and BPEL, which is for technologists, but the business people need over time to see where they’re going to build applications, and it is around SOA.
As you start to frame it in those terms, we can come up with a language that explains what SOA is all about to business users and we absolutely need to do that. I’m writing this up in a blog article and will hopefully get it posted soon. If you want to join in the conversation and add your two-cents to what you have heard today, we certainly welcome you to do so.
So with that, I’m going to hand it back to the moderator and I am going to take some questions. Thanks very much.
Questions from the audience
Moderator: Thanks, Annrai. Okay, our first question reads, Annrai, you mentioned BAM as an example of an application-level benefit of SOA. What other business application-level benefits may be coming?
O'Toole: That is a good question. First, let me talk about just specifically in relation to how we at Cape Clear think about it, and then maybe more generically. So, one of the topics that’s gained a lot of attraction recently is this whole notion of SOA governance, whatever that means. It is a great term. If you dig into it and if you look at a lot of what the products today are offering in terms of SOA governance, it is about IT governance.
It is essentially a workflow system for IT, to make sure we’ve done the correct designs, to make sure we are going through the right development steps, to make sure we are following the right checklist in terms of deploying things and so on. So, it is a workflow to make sure that IT is doing the right thing.
That’s interesting, but it is not much use for business users. Business users, when they think about SOA governance, they want to have some notion that they can understand the set of services and what they’re doing, and just get more transparency into what IT is actually doing. To that end, we at Cape Clear, we’ve talked a bit about this notion of a SOA wiki. I mean a wiki is a fantastic way of communicating information in a semi-structured way.
A lot of the information that business users want about services is pretty semi-structured; they want to understand what services we are running today, they want to see high level pictures of them, and they want to comment on them and say, “It’ll be really great if you could do this rather than the other ...” They want an easy way to do that. They want to see nice pictures, maybe of business flow diagrams that go behind them. In fact, we see the SOA wiki in Cape Clear terms as a metaphor for how you deliver the next-generation of business tools.
The state of the art today in terms of business-level tools around IT are things like the Rational software from IBM. It is a very good set of tools, but if you look at what they do, they give you things like the Rational Unified Process, which is the UML system. That is not really of use to a business user. I’ll pay anybody handsome money if they can show me a business user that can make sense for a UML diagram.
So, I think there is a big need to take what we’ve done today in SOA and really start to build out the next generation of tools that are in the wiki mode to help business users see the set of services, and business processes, understand the set of policies that are being enforced by the IT organization, and be able to interact with those in a manageable way.
All this information flows into a repository, and can then be pulled out and IT guys can work on it then. But I see SOA going in that direction, and from that moving to the next-generation of business process modeling tools, and so on. There is a long way for the full plate of things, that both Cape Clear and the industry in general, is going to address around giving better business tools to business users.
How to get started with SOA
Moderator: Okay, thanks. I think both of you can comment on this next question. Dana, you can comment first and then Annrai. How does a company with a significant number of legacy applications get started with SOA?
Gardner: Well, the gist or the crux of the issue is where to start on this process. We have seen a preponderance of services around data and I think it is important for people to look at the data within those legacy applications and to liberate it so that it can be applied more broadly to processes, to offer visibility, and give metrics and knowledge about the business -- but outside of the strict confines of the applications and legacy applications.
So one of the first and perhaps best business pay-off activities you can do is to look at the data -- elevate it, cleanse it, and make it available as a service. This is probably something people have been doing within a fairly rigid set of database technologies. A good place to start is to take that data and abstract it to a services level or a layer where the metadata is more important in a process or holistic sense rather than the formats and originating repository.
Once you have liberated the data, you can start looking at liberating logic, exposing more of the applications as components or services, or at least integrating them beyond just a point-to-point basis; liberating them to integrate at a higher abstraction. So, you look at the data, you look at the logic, and it is also a great opportunity to start rationalizing which of those legacy applications are worth maintaining.
You might want to sunset some applications once you have the data out, or once you have taken out some of the logic in the COBOL or whatever code is there. You probably don’t have much documentation and the people who wrote it are long gone. It might make economic sense to retire some of it. If you’re not going to retire it, you might think about what platform makes more sense over a period of time. For example, should I move it to a Linux on Intel or x86 architecture? Should I think about decomposing them into either Web applications or client-server application services? So, look at the topology and what makes sense.
I would have the legacy rationalization process include movement toward SOA along with your movement of what to sunset, what to modernize, what to consolidate, and unify under the newer architectures. By doing that, you are protecting yourself against the risk of spending money needlessly on outdated things that are not contributing to your bottom or top lines -- and at the same time reducing your overall IT cost.
O'Toole: I do not have much to add to that other than our usual dictum which is to start small; define something that is definitely doable, and do it. There is a lot of learning that folks have to do if they get into this world, and they need to just get going somewhere.
How do SOA and Web 2.0 intersect?
Moderator: Okay, thanks. The next question is, How do you see Web 2.0 and SOA coming together? Is that what people mean by Enterprise 2.0? Dana, I think you were talking about this in your presentation.
Gardner: Yes, we’ve seen a lot of activity around social networks that allow collaboration on an ad hoc basis, using things like wikis, podcasts, blogging, transparency and openness -- where the technology is really above and beyond (and totally separate from) traditional applications and platforms.
These things could actually be services that you would take off of the Internet as a Web service from Google or Yahoo or some open source or proprietary company that you might pay for on a subscription basis. We have some of these new tools, and some of the younger folks that are coming into IT that are used to doing this in their high school yearbook or equivalent. So we are looking for these ways of communicating and collaborating, where you blend some of these Web 2.0 capabilities into an SOA opportunity, where you’re looking at automation.
You’re providing more graphical interfaces for people to start reacting to IT as a business user, where the automation of the services is beneath the covers and people are increasingly finding an intercept. How will they do that? Will people think about intercepting with business processes and an automated layer of highly abstracted IT through a traditional tree diagram, or will they think about it more like a discussion and how can I get other people who have an impact on this business process, either inside or outside of my company? How can I bring them into the process? How can we communicate and collaborate?
So, I think that there is a great deal of opportunity for Web 2.0 principles, ideas, and approaches to be applied to SOA, just as SOA is bubbling up. I see this liberating and freeing data and logic into services that can be arranged and re-arranged. Some people are worried that SOA becomes less relevant under Web 2.0; some will just use ad hoc and loosely coupled and some of the client interfaces as the equivalent of SOA. But you still want to have impact on your legacy systems, down into the distributed computing environment, while also taking advantage of these high-abstraction social interaction benefits.
O'Toole: Web 2.0 is fundamentally a consumer Internet technology and Dana’s point is well-made. If you look over the last four or five years, there is been very little change in the enterprise computing landscape. In fact, what we have seen is massive consolidation at the enterprise computing level ... this massive consolidation of big old giants, and I think there are lots of things people mean by Enterprise 2.0.
But one thing everybody would agree on is there is a big change coming at the enterprise computing landscape. The days of very cumbersome, hard-to-use monolithic expensive technology is coming to an end. As Dana mentioned earlier, we are at a tipping point where the whole existing enterprise and software world comes crashing down. It is going to be a big bang.
Moderator: Okay, thanks. The next question is for you, Annrai. What lessons did you take away from your dealings with Workday that speak to the advancements of SOA?
O'Toole: There are a few tactical ones in making SOA work in that 24x7 host environment. This is no walk in the park. It is a very demanding environment, and your stuff needs to be up to the job. The traditional interoperability stuff does not work. A lot of the people using the Workday service are using .NET clients. Everything we have spoken about in terms of adding SOA into operability and out-of-the-box integration all needs to work in production.
Workday is offering two elements: One is hosted applications, initially human resources functionality; and secondly hosted integration. They need to be able to host integrations on behalf of their customers, to talk to ADP and other payroll processes and so on. This whole multi-talented, hosted integration thing is a really interesting idea. And I think that’s come out as how we help a lot of existing enterprises move forward into this new world of SOA.
Key messages for ROI
Moderator: This will be our last question. What have been the key messages specifically around ROI that an IT professional or CIO could take to our CEO about why we should invest in SOA? Dana, maybe you could respond that?
Gardner: Sure, I think CIOs need to stress to their leadership the need to get behind transformation, and that all the complaints about IT will not back away by themselves. A proactive approach to transformation is essential. Once you have decided you want to change the mindset around IT from being a cost-center and an inhibitor and a place for excuses or to develop as quickly as code, then you will make the shift toward being a differentiator -- a place where IT are accountable.
If they can make change happen and become more accountable with both developers and operators working hand-in-hand on a common methodology or understanding -- that's architecture. They also need to take into account the networks and communications folks. It is not just cutting across developers and the operators. We need to bring in all those folks that used to exist down the hall alone with their PBX and their communications protocols and their own set of goobly-gook and acronyms, and allow for those communications to be exposed to services as well.
Then all those services need to be embedded within business process. It is not just about what you do with your PC. It is what you do with your phone, your mobile device, and multi-modality communications -- anything that touches IT. It all blends together.
So the mindset to take to your CEO is transformation. If they were invigorated by business process re-engineering 15 years ago, they should be reinvigorated by SOA and see it not through the lens of yet another technology shift, but really through a larger lens in order to be adaptable and changeable in the marketplace.
Moderator: Great, thank you. That’s all the time we have today. If your question was not answered online, we will be happy to follow up with you after the event.
If you would like to learn more about Cape Clear, please visit our website at www.capeclear.com. You can also register for one of our upcoming SOA forums. Thank you very much, Dana and Annrai, for your time today and thank you all for attending.
You’ve been listening to a sponsored BriefingsDirect Podcast with your host Dana Gardner, principal analyst at Interarbor Solutions. Remember that full transcripts of these podcasts are available at www.briefingsdirect.com. If you would like information on how to sponsor a podcast or to repurpose a webinar into a podcast, contact Interarbor Solutions at 603-528-2435 and at www.interarbor-solutions.com.
Listen to the podcast here.
Sponsor: Cape Clear Software.
Transcript of Dana Gardner’s BriefingsDirect podcast on the state of SOA. Copyright Interarbor Solutions, LLC, 2005-2007. All rights reserved.
Thursday, January 04, 2007
Tuesday, December 19, 2006
Transcript of BriefingsDirect SOA Insights Edition Vol. 6 Podcast: Year in Review, Predictions for 2007
Edited transcript of weekly BriefingsDirect[TM] SOA Insights Edition, recorded Dec. 1, 2006.
Listen to the podcast here. If you'd like to learn more about BriefingsDirect B2B informational podcasts, or to become a sponsor of this or other B2B podcasts, contact Dana Gardner at 603-528-2435.
Dana Gardner: Hello, and welcome to the latest BriefingsDirect SOA Insights Edition, Volume 6. This is a weekly discussion and dissection of Services Oriented Architecture (SOA) related news and events with a panel of independent IT industry analysts. I’m your host and moderator, Dana Gardner, principal analyst at Interarbor Solutions.
Joining us this week, our panel of independent IT analysts includes show regular Steve Garone. Steve is an independent analyst, a former program vice president at IDC, and the founder of the AlignIT Group. Welcome Steve.
Steve Garone: Hi Dana. It’s great to be here today.
Gardner: Also joining us is Joe McKendrick. He’s an independent research consultant and columnist at Database Trends, as well as a blogger for ZDNet and ebizQ. Welcome, Joe.
Joe McKendrick: Hello, Dana.
Gardner: Also, a return visit from Jon Collins. He’s the principal analyst at Macehiter Ward-Dutton in the UK. Welcome back, Jon.
Jon Collins: Hi there, everyone.
Gardner: Making his debut on the show this week is Tony Baer, principal at onStrategies.
Tony Baer: Hey, Dana.
Gardner: Thanks, Tony, for coming along. This week, the week of Nov. 25, 2006, we’re coming up to the end of the year, and so we thought it would make sense to take some stock of the year in review around SOA issues. We’ve seen an awful lot this year, and 2006 is probably the most prominent year for SOA.
We’ve had a bevy of consolidation events, mergers, and acquisitions. We’ve seen some large vendors further and more deeply embrace SOA. We’ve seen startups realign themselves around the SOA message and value, and we’ve seen SOA extend, perhaps a little bit high in the stack, around application and services, and the application-as-services in more than the infrastructure.
To help us weed through some of this, our panel will be coming up with some of their own insights, as well as a round-robin approach to SOA. Let me start off. From my perspective, the biggest story of the year is consolidation: A lot of purchasing, mergers, and acquisitions. Perhaps the most impactful of these included the Red Hat acquisition of JBoss, as well as the HP acquisition of Mercury, which came on the heels of Mercury’s acquisition of Systinet.
We’ve seen many others. There was Progress and Actional/Sonic, BEA-Flashline, webMethods-Infravio, we’ve seen FileNet go to IBM, and IBM with a slew of other smaller companies. But I want to go around the table and see if there’s some concurrence around this notion that the Red Hat JBoss and the HP Mercury had perhaps the most impact in the field? Why don’t we start with our new analyst this week, Tony?
Baer: Well, I probably wouldn’t disagree too heavily with that. A problem is that it’s becoming increasingly difficult to distinguish software from services, at least in terms of vendor products. So, you almost cast almost any major product introduction or acquisition with an SOA angle or SOA spin to it.
A really great example was Mercury, which prior to the Systinet acquisition, surprisingly didn’t have that big a play in services per se. They were more heavily invested obviously in testing and IT governance. The obvious question is when was this going to extend to SOA governance.
They acquired Systinet, but my sense with Mercury is that they were obviously a bit distracted this year and did not get around to absorbing Systinet as fast as they otherwise could have. Now that it’s under HP’s watch -- and without the distractions of SEC-related inquiries -- hopefully this will go along a little bit faster, and they’ll start to coalesce their SOA strategy.
Gardner: Perhaps we shouldn’t think of these as SOA mergers and acquisitions. It’s just software and services. Maybe the SOA moniker isn’t as important and has become more or less like oxygen. Do you agree with that Steve Garone?
Garone: Kind of. What drives the acquisitions -- and this is not unique to this market -- is that as people begin to adopt a technology or paradigm in terms of development, deployment, maintenance, and management, the comprehensive nature of the solution becomes more and more important.
Vendors who naturally don’t have all the pieces will try to acquire other companies that do -- to will fill in the blanks, so to speak. That’s really what’s going on here and it’s nothing new.
In terms of impact, given the two examples you cited, I think you’re on the money in terms of the ones that were the most impactful, but I think it’s also important to ask the question: impactful to whom? Let me just use the Red Hat/JBoss example to illustrate what I mean. There’s probably very little in the combined solution offered by that acquisition and merger that an end user could not get from another large vendor who provides SOA-related solutions.
It was very important from a competitive standpoint for those two companies to get together, so that they could respond in a way where they could say, “We’ve got a comprehensive answer to the SOA problem that other vendors have.” The impact from that perspective was mostly in terms of the two vendors getting together and being able to compete effectively.
There’s a secondary impact from that particular one, focused on giving more credibility and more visibility to the open-source model, which is playing, as we know, an ever increasing role in the SOA space, as well as other areas. So, yes, they were very impactful, but in that particular case I think it’s important to look at just who it’s impacting and why.
Gardner: I suppose another aspect of this is that those investors who put up money several years ago in the smaller companies that got gobbled up did okay. There was a period of time, not that long ago, when the notion of investing in a software company that was going to be focusing its business on enterprise was a no-win situation. Selling to the enterprise as a startup was difficult. Coming up with a direct sales force was going to be very hard.
SOA, in some ways, reversed that mentality. It has allowed for investment to be made in startups and smaller companies, and has also encouraged companies that may have been infrastructure-focused to adjust their focus, or at least their messaging, toward SOA.
Joe, do you think that the SOA ecology is alive and well in 2006? Do these mergers and acquisitions help that, or do you think that, conversely, when this consolidation phase is over that this investment will dry up?
McKendrick: SOA is something that is not really tangible. SOA is a methodology, a philosophy, and the vendors have a real challenge. Essentially, they’re selling a concept, not a specific product. Maybe ESBs could be example of a tangible product that’s out there, but other than that it’s really difficult to package and market a concept to the market.
With the HP acquisition of Mercury, which had earlier acquired Systinet, I wonder what's going to happen with Systinet going forward. If you look at HP, they’re still compact, but there’s a reminiscence of DEC in there, and Tandem. I could see HP perhaps building Systinet registry solutions into some of its own products, but I fear for this vendor. I think Systinet may just kind of disappear into the large organization, and we may never hear from it again.
Gardner: Systinet had a pretty good run in terms of being a perceived best-of-breed player, even after these acquisitions, so the jury remains out on that.
Let’s go to Jon Collins. Jon, on this consolidation issue, is this a flash-in-the-pan, so to speak, with consolidation? Is it going to just go through its paces and then we'll be back to half-a-dozen large vendors? Or do you think that there is a vibrant ongoing ecological development around those companies that support SOA, either as component services or approaching more of a complete solution?
Collins: Excellent question. I was just reminded, while someone else was talking, a PR person a couple of years ago said to me, “We’re going to have to look at a new name other than SOA, because it’s been around too long. We’re going to have to create a new bandwagon or something, because people are going to get bored with it.” And, here we are two years later. I think we’re only at the beginning of it.
What’s happened this year is that SOA has become mainstream, if one can say that, in the IT industry. Maybe it hasn’t in enterprise companies, but it certainly is in the IT industry. A lot of companies have acquired a smaller or larger companies in order to build their portfolio.
The one thing that’s been lacking so far -- and I’ve talked to a number of vendors about this -- is integration, which is to me the ultimate irony, because its exactly what SOA is about as a concept. It’s about helping bring together the disparate pieces.
One of the things I’ve talked to a few vendors about is the fact that they’re actually having to become service-oriented in terms of how they put together their products, deliver solutions to their own customers, and how they build more specific suites of capability that suits the needs of specific customers. We’re at the beginning of something that is all about how we move away from just having a consolidated set of resources. The point about Red Hat JBoss was well made. Everyone needs all the pieces, and now it’s a case of how they compete in terms of how they deliver the integrated solutions to the market.
Gardner: Okay, let’s go back to Tony. What would be your next pick for a top SOA story or a vendor issue for 2006?
Baer: I’m having a hard time with that, but I think if I were to pick one, it would be governance. That’s a loaded term for obvious reasons, but if you look at the whole notion of SOA, it’s supposed to make exposing your assets, and your data enterprise process assets, easier. If you think about, that kind of goes against the objectives of a lot of the regulations of enterprises.
As we open these assets up, we expose them as services. As we start to ramp up beyond pilot stage, we need control and we need to document what assets are being exposed to services, under what circumstances, to whom, and when. We have to start getting into versioning issues. What’s interesting is that until now SOA has been primarily a skunkworks operation, with few exceptions, maybe for someone like the Verizons of the world.
Mostly we’re focused on runtime governance, which is what services can we expose to which requester at run time, but that was largely in a fairly controlled environment. You’re starting to see more attention to the rest of the lifecycle. As part of that, we’re seeing not just UDDI, Systinet or Systinet cell registries.
We’re also starting to see the emergence of repositories. Something I would not have predicted a year ago is the converging of the two. It would have seemed totally illogical to me before this. At runtime you don’t want a repository with a lot of overhead. Yet I see vendors seeming to building brute-force solutions, just like years ago they brute-forced relational databases, so that their performance was not all that bad compared to legacy databases. So, I guess that in answer to your question, the one thing I would say would be governance.
Gardner: I guess I agree with that. I wondered earlier in the year why this emphasis on governance. It seemed that the value here was that, you’re going to be headed toward some sort of a train wreck if you ramp up SOA, so we have to put governance into play.
Yet as you pointed out, these things remain predominantly as pilots, isolated -- not horizontal, not yet at the scale where the system is breaking down under load, pressure and volume. Yet, there is this big drive to governance. I thought a little bit about that, and I recognized that governance is a way of extending SOA into a larger role of transformation, taking over where policy and even directory left off.
It’s sort of a land grab by these vendors into this larger domain of how to actually manage your business, not just your IT. And it portends the possibility of joining IT governance with corporate governance at some level. So, that’s a big enchilada, a big opportunity. Do you agree with that, Steve? Do you think that this is a land grab, this governance thing, or are they really reacting to what’s a scaling issue?
Garone: I think there’s some of that, although typically what happens in that particular cycle is that a vendor will understand and raise the issue and make it prominent, because they’ve got a solution. Then other vendors will jump in and start creating and talking about nuance that the original vendor can’t deal with -- and what results after that is some level of confusion and lack of understanding on the part of the end user as to how to approach solving that problem. Eventually it all shakes out, of course, but that’s usually the cycle that’s takes place.
If I were going to talk about some of the major highlights of SOA in 2006, that brings me to one point that I think stands out. There’s been a lot of talk about enablers to SOA -- governance, ESBs, which I think is another very important one. Because of the way vendors approach providing solutions, sometimes the enablers become a point of confusion to the point where it actually slows down adoption.
I think some of that is taking place with SOA. I think some confusion around standards is also playing a role in that. I forget who it was earlier who said that they feel we’re right at the beginning of SOA adoption, I agree with that, and when we talk in a little while about trends in 2007, I think that’s going to come out more clearly.
So, yes, I think that vendors are trying to do a land grab, but in the process they may be introducing a level of confusion that may actually be slowing down adoption in a big way.
Gardner: How About you, Jon? Do you think that this movement toward governance and the alignment, if not mashing up, of repository and register, is this just a reaction to the potential scale issues of SOA or is this really trying to broaden the purview of SOA into a higher business set of issues?
Collins: I think it’s broadening its horizons. SOA, certainly from my experience, came out of the developer world, in terms of evolving out of component-based development and out of the Web-service based application space. It’s really a post-deployment characteristic of enterprise architecture, and if that’s the case, then it needs to built in. There’s operational management. There’s deployment management. How do we cope with this stuff once we’ve got it? The idea of a registry, the idea of a repository of assets, all of these things start to kick in.
It’s broadened out from it’s original space and it’s gone into a place where governance is much more necessary, but equally it’s a symptom of maturity. A lot of IT starts in terms of innovation, where people are pretty much left to work out how. Networking started with people saying, “Hey look, we can join this to this,” and then suddenly everyone’s joining everything to everything. After that, people are saying, “Shouldn’t we start to work out whether or not we should be joining things together?” And there’s a level of maturity that I think we’re hitting with SOA, which means that governance becomes far more important.
Gardner: I suppose that if eventually you have to get the sign-off from a CEO or a very high-level executive on investing in SOA activities or continuing to invest in integration at any level, it might be nice to walk into that leaders office and say, “Hey, not only are you going to get some more efficiency and some agility and faster time-to-market for your applications, but we’re going to give you a dashboard where you can actually go in and see what’s going on, vis-Ã -vis IT into your business processes. We might even give you a couple of dials and knobs where you can start turning up and down or prioritizing.”
Over to you Joe, can we use this governance thing as a way of bringing to the chief executives of these major corporations more controlled visibility into IT -- and therefore into their businesses?
McKendrick: Absolutely, Dana. In fact, look at most enterprises. They’re not going to take any projects seriously unless there’s some aspect of governance. By governance I think we’re talking about two levels here. There’s the nitty-gritty deployment, management, registry, repository, versioning aspect of what’s being done with the artifacts, and with the services that are being put out there. Then there’s the governance we speak of, which involves bringing in the business and asking the business what they need out of IT, what they need out of the technology.
Be it a committee or an evangelist within the enterprise, you need some type of board, body, committee, or team that represents a cross-section of the business that can look at what they need and interact with the IT department to bring about the solutions that are required for the business. IT can’t operate in a vacuum and doesn’t. It’s not IT’s fault, but they can’t have the sense of what a business needs, or what the business units need from week to week or month to month. You need that business input and that the high-level definition of governance. That’s the only way SOA can be sold into the organization.
Collins: I totally agree, and furthermore this is a fundamental re-alignment. We’re actually seeing the business itself take more and more of an active role in these issues, and talking about things like IT risk with relation to the overall business risk landscapes. IT is actually seen as a valid part of the businesses, rather than seeing IT -- as often it’s seen – as a little place with a bunch of geeks developing stuff. So, yes, absolutely, and it’s being driven by both sides.
Gardner: All right, let's move on to our next big issue from 2006. To you, Steve Garone. You mentioned ESBs, and you mentioned the possible negative impact of over-emphasizing -- not the main course, but some of the side dishes for SOA. So my question to you is, is ESB your next big story of the year? If so, do you think that we’ve watered this one down, that people don't have a firm idea of what ESB’s are? What’s the story around ESB’s this year?
Garone: It’s fair to say that ESBs were at least one of the top stories in 2006 in relation to SOA. That makes sense, because as people started to adopt a SOA approach, whatever that meant to them, they were searching around for the right infrastructure elements that they needed, in order to make that architecture work for them. The notion of an ESB is right at the core of that. In fact, when I was thinking about what we were going to talk about today, the two issues on my list that stood out the most were governance and ESBs.
Some of the confusion around ESBs has stemmed from the fact that they’re pretty big items in terms of what they’re capable of doing. The reality is that a lot of organizations may not need a full ESB, as many vendors are defining it, to make their environments work. They may already have some of the integration capabilities. They may have some of the event-handling capabilities in place, and they really may just need some mediation and governance elements added in, in order to make their environments work. That’s introduced a bit of confusion that has caused some grief amongst end users, at least the ones that I talked to.
There’s a tendency also to look in the other direction in terms of sort of creating an “Uber ESB,” if you will, one instantiation of that being in the form of a JBI implementation that will allow people, regardless of how they’ve chosen to implement the functionality, to bring that all together and integrate that into a complete environment. What you then get into is, “How do I navigate the world of standards to make sure that I’m adopting this and implementing it in the right way.”
So, ESBs have been very prominent. There’s been a lot of noise, news, and discussion about ESBs, a lot of product announcements in 2006. I think you’re going to see that continue in 2007, hopefully in a way that clarifies and brings together the activities to something that’s coherent and therefore makes organizations feel comfortable that they can move forward.
Gardner: We saw, just recently, announcements -- roll outs, I suppose, more appropriately -- from IBM and JBoss around ESB. There’s been some open-source activity. We’ve got a couple of Apache Foundation projects that are ESB-related that IONA’s active with. The question to the rest of the group is, do you see ESBs remaining standalone? Does this become something you take as a component, as a best of breed, or is this something that should be baked into a larger solution, approach or a technological approach to SOA?
Baer: I would vote for the fact that it becomes part of your general platform, your general infrastructure. I don’t see ESB as being an end. It’s a means to an end, and as Steve was saying, there are many different functions that an ESB can or should perform, and that’s going to depend on what your existing IT infrastructure is. It’s going just like governance. It’s going to become an extension of whatever your service platform is.
What’s very interesting is that in the past year IBM finally admitted that ESBs are not just an architectural pattern, it’s actually the real product. There’s been a lot of confusion, fear, uncertainty, and doubt out there as to what ESBs actually are. What I would love to see -- and of course this would probably never happen -- is some industry consensus, “Here’s a Lego blocks model. Here are different things that an ESB can do.”
But, guess what? In some cases, if you already have TIBCO in your environment, or something like that, you may not need, for example, the capabilities that a lot of ESBs have. So, I would love a building-block approach.
Gardner: We can probably loosely define ESBs as EAI, but with more hooks and on-ramps and off-ramps.
Garone: Hooks and standards.
Gardner: Hooks and standards, there you go.
McKendrick: To Microsoft the ESB probably meant enterprise service buses or those vehicles that employees ride around on at the Redmond campus. It seems that Microsoft has gotten on board with the ESB concept lately as well, which surprised a lot of observers, because Microsoft usually likes to take its own route with things and not buy into the acronym of the moment.
Gardner: That would be more hooks than standards then, wouldn’t it?
McKendrick: Probably, yes, highly integrated within .NET Framework and the Windows Communication Foundation.
Gardner: Moving on to standards, Joe, you had an interesting blog the other day about the WS.* standards. And I wonder if you thought that that was perhaps an issue by omission. It seems to me that there was a certain atrophy in 2006 around SOA standards. We did have BPEL come out with a 2.0 major release, upgrade, improvement -- but what’s the status of specifications and standards for SOA? Was this sort of a lull in the action this year?
McKendrick: Well, Dana, most of the standards focus on web services, and there are folks out there that would say SOA isn’t just about web services. It’s probably 90 percent of what SOA is about, but most of the activity is been around web services. Some of the standards are highly adopted everywhere you look, of course XML being the prime example of that.
You have SOAP and then WSDL, which are ubiquitous everywhere you go. The WS-splat or WS-* standards have been another story. There’s been a lot of controversy, a lot of confusion. In surveys I’ve done, I’ve seen some very low levels of knowledge -- let alone adoption -- of the WS-splat array, with the exception of WS-Security, which has been taking off fairly nicely and proving itself in many situations. You’re right Dana, it has been a build year/build season for the standards bodies this year.
Gardner: Jon, do you concur with that, that the standards had evolved and it was time for the implementations to catch up? And, should we read anything more into that?
Collins: That’s probably a good way of putting it. The other standard I’d bring into it is the management side of things. While there may not have been many great advances in the standards themselves, it’s more of an aligning of vendors behind the various standards or an agreement that there’s going to be a interoperability between them.
If you’ve got, let’s say WS-Security or WS-Policy, because of the nature of SOA and how it actually needs everything to be ready before any parts of it can work, that’s a very broad statement. But if you’re trying to manageably deliver multi-vendor, multi-application, multi-system environments in an enterprise context, a lot of these things are there already.
While some standards that were actually quite advanced to be able to roll out full fact SOA, a lot of other standards are still in catch-up. We’ve got standards that are saying, “Come on guys, let’s get out there and do the job.” Meanwhile, things like management are saying, “Hey, we’re coming. We’re on our way. We’re a bit behind. We’re still try to work out of what a CMDB is and how to talk to each other, but we’re on our way and will be there shortly.”
Gardner: All right, before we move into the prediction’s phase, I wonder if anyone else out there had a major issue from 2006 they wanted to raise as one of significant importance.
Collins: I’ll just say one word about Microsoft. Maybe the fact they even mentioned SOA was a pretty good incidence, if not a major happening.
Baer: Actually, I’ll add one thing to that which is that Microsoft has even felt compelled to publish a web page listing which standards they will support. When would you ever have thought that Microsoft would’ve ever published such a page in the past.
Gardner: Probably the same time they came out and supported Linux.
Collins: It was within a month, wasn’t it?
Gardner: Well, as a matter of fact Jon, we did a recent BriefingsDirect SOA Insights Edition on the SOA-Microsoft question. So, moving into 2007, next year, we’ve talked about some levels of maturation. We’ve talked about some technology developments, some vendor activity, but the question still remains is when do we move SOA -- and I do emphasis "when" and not "if" -- from the pilot and skunkworks-type of approach to, “This is how we’re going to do more of our IT, more of our development, more of our process in modeling. We are going to build this out?”
So let’s go around. Is 2007 the year for the SOA build-out, or are we being a little bit too optimistic? How about you, Steve?
Garone: It will be the beginnings of what you’re terming as a SOA build-out, but I’d like to deal with less of a product- or a vendor-related issue now and talk a little bit more about end-user organizations themselves. I’m still amazed, somewhat amazed at how much I’m hearing organizations talk about two issues.
One is that we hear about IT, business analysts, and business people working together to come up with requirements and actually having tools where they can work together to build business processes and then implement them and support them with services. But, little of that is actually going on and being effective within organizations. I hear a lot of folks on both sides of that pointing fingers and claming that the other one doesn’t get it, and that’s sort of manifesting itself in several ways.
It’s partially responsible for the pilot-nature of implementations that you see today in most of our organization that have tried SOA. I think it’s also responsible for the overall slowness with which you see this moving through some organizations. Over 2007, I think you’re going to see some shake-out and some advancement in terms of building that bridge between the two organizations within corporations that want to do SOA and therefore forming the foundation for moving on, but I don’t quite think we’re there yet.
Gardner: So, for 2007, if we could put some sort of a metric on adoption, with 1 being no further movement from 2006, and 10 being a total SOA in place, architecturally across the board, where do you think the dial, the meter, the needle, will go to in 2007?
Garone: There are two elements to that. Organizations that have not done it yet are going to, for the most part, remain down at the 3 or 4 level, if 3 or 4 level is defined as doing small-pilot implementations. Some percentage, say 25 percent to 30 percent of those organizations that have gotten to that first stage, will move on in a big way. I still believe that there are some impediments, having in some part to do with organizational issues and the relationships between IT and business, that are going hold that up a bit.
Gardner: Just to poke a little fun at our own industry, the IT research business, we can safely say from reports that have come out in 2006 that somewhere between 10% and 90% of enterprises will be doing SOA.
Garone: Well, yes, that’s true.
Gardner: What are your other predictions for 2007?
Garone: Getting back to one of the issues that we talked about earlier, the whole ESB issue and its place in an overall infrastructure that supports SOA will get pretty much resolved and be much clearer to end users as we get toward the end of 2007. I also think that there’s going to be a lot of work around registry, repository, and standards, mostly because as organizations start really using SOA to support real business processes with services, there’s going to have to be a lot in the way of semantic-level information and defining relationships that are going to be have to be incorporated in a real robust repository. So, I think from the product standpoint, those are two areas where we’re going to see a lot of advancement.
Gardner: Okay, how about you Tony? What are your predictions for SOA in 2007?
Baer: A couple of things. First, a more general trend, which is not SOA specific. We're no longer in the era of big-bang implementations. So, in terms of the pace of SOA adoption, it’s going to be a pretty boring answer: It’s just going to continue to be incremental.
You’ll see several hot-spots in organizations that are dealing with certain consequences of M&A, for instance, where they need to link to general ledger systems or something like that. You’ll see some opportunistic SOA there. Otherwise, it will be that the leaders will continue, those that have been leaders in 2006. Like the Verizons of the world. I hate to keep harping on that. I saw them working outside my house yesterday. So, I figure that they have some ambitious initiatives on the table there. But, I think the mainstream will incrementally get to the first things beyond the skunkworks stage.
Gardner: How about on a scale of 1 to 10, with 1 being no further movement from 2006 and 10 being full metaphysical SOA implementations?
Baer: I was going to say about a 3 or 4, just averaging things out. The Verizons of the world may be at about a 5. Whereas say the mainstream was probably at a 2 or a 3, but that still is progress.
Gardner: Okay, Jon Collins, what are your predictions for 2007?
Collins: Predictions for 2007: The thing that we’re going to see the most of is what we’ve talked about already as industry acceptance of SOA in 2006. In 2007, we’re going to see an enterprise acceptance of SOA. In terms of adoption levels, people aren’t going to suddenly sort of rip out everything that they’ve got and say, “Let’s paint the whole town SOA.” But there will be more of an understanding of where it can benefit the organization.
When there are projects that are appropriate, they will be done in a way that encourages and helps develop more service orientation inside the organization. That fits in with the need for and the delivery of improved governance of better relationships between IT and business, a better understanding of business issues on the technology side. So, it’s everything, all moving forward at once, and without that you can’t really do SOA.
The other thing is that it does go all the way down the stacks. We could talk to SAP. I’m talking to clients at the moment who are doing SAP rationalization projects. We could talk to HP about how they’re providing a platform to support applications, and talk to Cisco about Service Oriented Network Architecture (SONA). If you’ve got something that can be understood as a service delivery, then they’re putting in place the network facilities to support that. Then, you can even talk to the service providers, the British Telecoms, who are putting in place some service delivery networks.
It goes all the way down the stack, and I think we’re going to see that integration, top to bottom, become more of a reality in all those companies that I’ve just talked about there. They’re doing it for themselves right now, and they’re going to start doing it with each other, which will be a change.
Gardner: So the good news is that SOA affects everything and the bad news is that SOA affects everything.
Collins: Absolutely.
Gardner: On your scale of 1 to 10 next year?
Collins: I put it down as the difference between acceptance and implementations. I’ll still put it down as between 2 and 3. It’s low, but it’s a good low.
Gardner: It's 20 percent, it’s double digits.
Gardner: Joe McKendrick, 2007?
McKendrick: SOA is a very amorphous concept. It’s not a tangible concept, and SOA as a term has crested, as we’ve discussed in this conversation. It wouldn’t surprise me if we started seeing more vendors move toward some other terminology or other focus in their marketing efforts at the vendor level. Maybe we’re going to be hearing more about EDA, Event Driven Architecture. It has more of an action sound to it. It’s something new, and it has that real-time aspect that ties into business intelligence, and can be integrated well within business intelligence solutions.
So, I wouldn’t be surprised if we saw vendors moving away from SOA terminology and toward things such as EDA, maybe software as a service. Maybe we’ll be hearing more about that. At the enterprise level, the end users in the trenches, where the real work takes place, there’s going to be slow, steady progress toward the SOA model. It’s not going to be a revolutionary thing happening in 2007. It’s going to be evolutionary. There are going to be more pilot projects moving into the enterprise production space. What may mitigate this, and what would be interesting to watch over the coming year, is the availability of staff, availability of the right skills.
The economy has been going well. I don’t know what 2007 will bring, but by all indications, IT budgets are holding up and there’s been already shortages of the right types of skills. For enterprises that need to keep their day-to-day operations going, it maybe difficult to allocate the human resources to really move SOA projects forward.
Gardner: On a scale of 1 to 10, increase in SOA adoption in 2007?
McKendrick: Two, a solid 2.
Gardner: We’re going down, we’re going down. I’ve got a few predictions myself that I'd like to throw out. I think we can also look to 2007 as being the year of modeling. I think we’re going to see a lot more product and specification and methodology around the modeling of services that can leverage and exploit some of the activity from 2006 around this governance and the registry and repository. I’m expecting some much improved tools, graphical tools, and some innovative approaches to how to choreograph -- and that plays into your event-driven stuff, too.
I’m also predicting that this notion that Web 3.0, which is better characterized as the "Semantic Web," will offer on one hand competition against the SOA messaging and value, but more importantly offer a tag-team approach. We’ve discussed this a little bit before around Web 2.0.
If we do start getting some specifications, and as IP Version 6 becomes more widely deployed around the world, we’ll get much richer in approaching this level of a semantic Web capability on the network. If you can combine that with what you’re doing internally, that that’s one of the big tipping points for the further adoption of SOA.
I’ll use that as my opportunity to say I see about a 4 in terms of actual SOA adoption increase, so 40 percent, which is pretty big. I’m going to go on the top side of this trend for our group.
I’m also going to go out on a limb and say that I’m going to expect some big SOA-related acquisitions again in 2007, and I’m going to look to SAP and Oracle as likely candidates for acquiring other companies. The net-net on that is the application guys are going to start to flex their muscles on SOA. If you have both the infrastructure and the applications, and then you produce the SOA benefits, that’s a very advantageous place to be.
That’s it from me. Anyone else want to chime in on 2007?
Garone: Yeah, I want to respond to a couple of things. Let me start with what you just said around the enterprise apps vendors. That was one 2007 prediction that I had on my list, driven by something a lit bit different than what you said, though. One of the empirical pieces of feedback that I get often from end users is that they’re waiting and pining for the day when they’re not wrapping their legacy apps anymore in Web services standards and, all this stuff will be essentially done for them by the people who provide the applications.
Gardner: SOA-native-as-services.
Garone: Native as services, exactly right. I think you’re going to start seeing the SAP’s and the Oracle’s and everyone else that services that market, stepping up in a big way to help solve that problem, so I completely concur with you on that.
One of the proof points that I didn’t mention earlier -- I’d mentioned it in a previous podcast -- is the lack of synergy, integration, and operability between the business side and the IT side in real life. Most of the end users I talk to, when I see them present, when I talk to them in detail about their SOA activities, they really just cite cost savings. They mention raw cost savings in terms of development and operations as really the primary, and in some cases only, benefit of doing an SOA implementation.
We all know, as analysts and people who have talked a lot about SOA and how they can benefit organizations, that that’s a very narrow view. What that tells me is that the business case, the true comprehensive business case, still hasn’t been met in a lot of cases, and hasn’t been articulated very clearly. I think that’s going to start turning around in 2007.
Gardner: When you emphasize the modeling and the applications, you start getting closer to that business-level benefit?
Garone: I agree. The other thing I would just say very quickly is that -- and I’ve mentioned this before – it’s going to be harder and harder to divorce the services approach to building solutions from the virtualization area that a lot of companies are looking at, because they’re looking to do them at around the same time, and they’re very closely related.
So, we’re going to see more of a comprehensive view of that, not only in terms of how organizations want to implement it, but from vendors as a response. I also think you’ve defined a good podcast topic for the future in Web 3.0.
Gardner: We’ll be there. All right, gentlemen, thank you very much. Let’s quickly go around the table for purposes of disclosure. If there are any vendors that were mentioned or implicated today that you do business with, it would be a nice time for you to mention that, so that we all have a sense of where we’re coming from. Why don’t you go first, Steve?
Garone: At this point I would just list IBM.
McKendrick: IBM, and I’ve also done work with Systinet.
Collins: Mercury, so HP I guess.
Baer: Mercury, ditto.
Gardner: I’m going to disclose that I’ve worked with Borland, Cape Clear, Eclipse Foundation, Hewlett-Packard, IONA, and I think that’s probably it.
All right. Thanks very much. Also, if any of our listeners are interested in learning more about BriefingsDirect B2B informational podcasts or to become a sponsor of this or other B2B podcasts, please fill free to contact me, Dana Gardner at 603-528-2435. That’s it for this week’s, and I suppose this year’s, SOA Insights Edition. I’m your moderator and host, Dana Gardner. Thanks for joining.
Listen to the podcast here.
Transcript of Dana Gardner’s BriefingsDirect SOA Insights Edition, Vol. 6. Copyright Interarbor Solutions, LLC, 2005-2006. All rights reserved.
Listen to the podcast here. If you'd like to learn more about BriefingsDirect B2B informational podcasts, or to become a sponsor of this or other B2B podcasts, contact Dana Gardner at 603-528-2435.
Dana Gardner: Hello, and welcome to the latest BriefingsDirect SOA Insights Edition, Volume 6. This is a weekly discussion and dissection of Services Oriented Architecture (SOA) related news and events with a panel of independent IT industry analysts. I’m your host and moderator, Dana Gardner, principal analyst at Interarbor Solutions.
Joining us this week, our panel of independent IT analysts includes show regular Steve Garone. Steve is an independent analyst, a former program vice president at IDC, and the founder of the AlignIT Group. Welcome Steve.
Steve Garone: Hi Dana. It’s great to be here today.
Gardner: Also joining us is Joe McKendrick. He’s an independent research consultant and columnist at Database Trends, as well as a blogger for ZDNet and ebizQ. Welcome, Joe.
Joe McKendrick: Hello, Dana.
Gardner: Also, a return visit from Jon Collins. He’s the principal analyst at Macehiter Ward-Dutton in the UK. Welcome back, Jon.
Jon Collins: Hi there, everyone.
Gardner: Making his debut on the show this week is Tony Baer, principal at onStrategies.
Tony Baer: Hey, Dana.
Gardner: Thanks, Tony, for coming along. This week, the week of Nov. 25, 2006, we’re coming up to the end of the year, and so we thought it would make sense to take some stock of the year in review around SOA issues. We’ve seen an awful lot this year, and 2006 is probably the most prominent year for SOA.
We’ve had a bevy of consolidation events, mergers, and acquisitions. We’ve seen some large vendors further and more deeply embrace SOA. We’ve seen startups realign themselves around the SOA message and value, and we’ve seen SOA extend, perhaps a little bit high in the stack, around application and services, and the application-as-services in more than the infrastructure.
To help us weed through some of this, our panel will be coming up with some of their own insights, as well as a round-robin approach to SOA. Let me start off. From my perspective, the biggest story of the year is consolidation: A lot of purchasing, mergers, and acquisitions. Perhaps the most impactful of these included the Red Hat acquisition of JBoss, as well as the HP acquisition of Mercury, which came on the heels of Mercury’s acquisition of Systinet.
We’ve seen many others. There was Progress and Actional/Sonic, BEA-Flashline, webMethods-Infravio, we’ve seen FileNet go to IBM, and IBM with a slew of other smaller companies. But I want to go around the table and see if there’s some concurrence around this notion that the Red Hat JBoss and the HP Mercury had perhaps the most impact in the field? Why don’t we start with our new analyst this week, Tony?
Baer: Well, I probably wouldn’t disagree too heavily with that. A problem is that it’s becoming increasingly difficult to distinguish software from services, at least in terms of vendor products. So, you almost cast almost any major product introduction or acquisition with an SOA angle or SOA spin to it.
A really great example was Mercury, which prior to the Systinet acquisition, surprisingly didn’t have that big a play in services per se. They were more heavily invested obviously in testing and IT governance. The obvious question is when was this going to extend to SOA governance.
They acquired Systinet, but my sense with Mercury is that they were obviously a bit distracted this year and did not get around to absorbing Systinet as fast as they otherwise could have. Now that it’s under HP’s watch -- and without the distractions of SEC-related inquiries -- hopefully this will go along a little bit faster, and they’ll start to coalesce their SOA strategy.
Gardner: Perhaps we shouldn’t think of these as SOA mergers and acquisitions. It’s just software and services. Maybe the SOA moniker isn’t as important and has become more or less like oxygen. Do you agree with that Steve Garone?
Garone: Kind of. What drives the acquisitions -- and this is not unique to this market -- is that as people begin to adopt a technology or paradigm in terms of development, deployment, maintenance, and management, the comprehensive nature of the solution becomes more and more important.
Vendors who naturally don’t have all the pieces will try to acquire other companies that do -- to will fill in the blanks, so to speak. That’s really what’s going on here and it’s nothing new.
In terms of impact, given the two examples you cited, I think you’re on the money in terms of the ones that were the most impactful, but I think it’s also important to ask the question: impactful to whom? Let me just use the Red Hat/JBoss example to illustrate what I mean. There’s probably very little in the combined solution offered by that acquisition and merger that an end user could not get from another large vendor who provides SOA-related solutions.
It was very important from a competitive standpoint for those two companies to get together, so that they could respond in a way where they could say, “We’ve got a comprehensive answer to the SOA problem that other vendors have.” The impact from that perspective was mostly in terms of the two vendors getting together and being able to compete effectively.
There’s a secondary impact from that particular one, focused on giving more credibility and more visibility to the open-source model, which is playing, as we know, an ever increasing role in the SOA space, as well as other areas. So, yes, they were very impactful, but in that particular case I think it’s important to look at just who it’s impacting and why.
Gardner: I suppose another aspect of this is that those investors who put up money several years ago in the smaller companies that got gobbled up did okay. There was a period of time, not that long ago, when the notion of investing in a software company that was going to be focusing its business on enterprise was a no-win situation. Selling to the enterprise as a startup was difficult. Coming up with a direct sales force was going to be very hard.
SOA, in some ways, reversed that mentality. It has allowed for investment to be made in startups and smaller companies, and has also encouraged companies that may have been infrastructure-focused to adjust their focus, or at least their messaging, toward SOA.
Joe, do you think that the SOA ecology is alive and well in 2006? Do these mergers and acquisitions help that, or do you think that, conversely, when this consolidation phase is over that this investment will dry up?
McKendrick: SOA is something that is not really tangible. SOA is a methodology, a philosophy, and the vendors have a real challenge. Essentially, they’re selling a concept, not a specific product. Maybe ESBs could be example of a tangible product that’s out there, but other than that it’s really difficult to package and market a concept to the market.
With the HP acquisition of Mercury, which had earlier acquired Systinet, I wonder what's going to happen with Systinet going forward. If you look at HP, they’re still compact, but there’s a reminiscence of DEC in there, and Tandem. I could see HP perhaps building Systinet registry solutions into some of its own products, but I fear for this vendor. I think Systinet may just kind of disappear into the large organization, and we may never hear from it again.
Gardner: Systinet had a pretty good run in terms of being a perceived best-of-breed player, even after these acquisitions, so the jury remains out on that.
Let’s go to Jon Collins. Jon, on this consolidation issue, is this a flash-in-the-pan, so to speak, with consolidation? Is it going to just go through its paces and then we'll be back to half-a-dozen large vendors? Or do you think that there is a vibrant ongoing ecological development around those companies that support SOA, either as component services or approaching more of a complete solution?
Collins: Excellent question. I was just reminded, while someone else was talking, a PR person a couple of years ago said to me, “We’re going to have to look at a new name other than SOA, because it’s been around too long. We’re going to have to create a new bandwagon or something, because people are going to get bored with it.” And, here we are two years later. I think we’re only at the beginning of it.
What’s happened this year is that SOA has become mainstream, if one can say that, in the IT industry. Maybe it hasn’t in enterprise companies, but it certainly is in the IT industry. A lot of companies have acquired a smaller or larger companies in order to build their portfolio.
The one thing that’s been lacking so far -- and I’ve talked to a number of vendors about this -- is integration, which is to me the ultimate irony, because its exactly what SOA is about as a concept. It’s about helping bring together the disparate pieces.
One of the things I’ve talked to a few vendors about is the fact that they’re actually having to become service-oriented in terms of how they put together their products, deliver solutions to their own customers, and how they build more specific suites of capability that suits the needs of specific customers. We’re at the beginning of something that is all about how we move away from just having a consolidated set of resources. The point about Red Hat JBoss was well made. Everyone needs all the pieces, and now it’s a case of how they compete in terms of how they deliver the integrated solutions to the market.
Gardner: Okay, let’s go back to Tony. What would be your next pick for a top SOA story or a vendor issue for 2006?
Baer: I’m having a hard time with that, but I think if I were to pick one, it would be governance. That’s a loaded term for obvious reasons, but if you look at the whole notion of SOA, it’s supposed to make exposing your assets, and your data enterprise process assets, easier. If you think about, that kind of goes against the objectives of a lot of the regulations of enterprises.
As we open these assets up, we expose them as services. As we start to ramp up beyond pilot stage, we need control and we need to document what assets are being exposed to services, under what circumstances, to whom, and when. We have to start getting into versioning issues. What’s interesting is that until now SOA has been primarily a skunkworks operation, with few exceptions, maybe for someone like the Verizons of the world.
Mostly we’re focused on runtime governance, which is what services can we expose to which requester at run time, but that was largely in a fairly controlled environment. You’re starting to see more attention to the rest of the lifecycle. As part of that, we’re seeing not just UDDI, Systinet or Systinet cell registries.
We’re also starting to see the emergence of repositories. Something I would not have predicted a year ago is the converging of the two. It would have seemed totally illogical to me before this. At runtime you don’t want a repository with a lot of overhead. Yet I see vendors seeming to building brute-force solutions, just like years ago they brute-forced relational databases, so that their performance was not all that bad compared to legacy databases. So, I guess that in answer to your question, the one thing I would say would be governance.
Gardner: I guess I agree with that. I wondered earlier in the year why this emphasis on governance. It seemed that the value here was that, you’re going to be headed toward some sort of a train wreck if you ramp up SOA, so we have to put governance into play.
Yet as you pointed out, these things remain predominantly as pilots, isolated -- not horizontal, not yet at the scale where the system is breaking down under load, pressure and volume. Yet, there is this big drive to governance. I thought a little bit about that, and I recognized that governance is a way of extending SOA into a larger role of transformation, taking over where policy and even directory left off.
It’s sort of a land grab by these vendors into this larger domain of how to actually manage your business, not just your IT. And it portends the possibility of joining IT governance with corporate governance at some level. So, that’s a big enchilada, a big opportunity. Do you agree with that, Steve? Do you think that this is a land grab, this governance thing, or are they really reacting to what’s a scaling issue?
Garone: I think there’s some of that, although typically what happens in that particular cycle is that a vendor will understand and raise the issue and make it prominent, because they’ve got a solution. Then other vendors will jump in and start creating and talking about nuance that the original vendor can’t deal with -- and what results after that is some level of confusion and lack of understanding on the part of the end user as to how to approach solving that problem. Eventually it all shakes out, of course, but that’s usually the cycle that’s takes place.
If I were going to talk about some of the major highlights of SOA in 2006, that brings me to one point that I think stands out. There’s been a lot of talk about enablers to SOA -- governance, ESBs, which I think is another very important one. Because of the way vendors approach providing solutions, sometimes the enablers become a point of confusion to the point where it actually slows down adoption.
I think some of that is taking place with SOA. I think some confusion around standards is also playing a role in that. I forget who it was earlier who said that they feel we’re right at the beginning of SOA adoption, I agree with that, and when we talk in a little while about trends in 2007, I think that’s going to come out more clearly.
So, yes, I think that vendors are trying to do a land grab, but in the process they may be introducing a level of confusion that may actually be slowing down adoption in a big way.
Gardner: How About you, Jon? Do you think that this movement toward governance and the alignment, if not mashing up, of repository and register, is this just a reaction to the potential scale issues of SOA or is this really trying to broaden the purview of SOA into a higher business set of issues?
Collins: I think it’s broadening its horizons. SOA, certainly from my experience, came out of the developer world, in terms of evolving out of component-based development and out of the Web-service based application space. It’s really a post-deployment characteristic of enterprise architecture, and if that’s the case, then it needs to built in. There’s operational management. There’s deployment management. How do we cope with this stuff once we’ve got it? The idea of a registry, the idea of a repository of assets, all of these things start to kick in.
It’s broadened out from it’s original space and it’s gone into a place where governance is much more necessary, but equally it’s a symptom of maturity. A lot of IT starts in terms of innovation, where people are pretty much left to work out how. Networking started with people saying, “Hey look, we can join this to this,” and then suddenly everyone’s joining everything to everything. After that, people are saying, “Shouldn’t we start to work out whether or not we should be joining things together?” And there’s a level of maturity that I think we’re hitting with SOA, which means that governance becomes far more important.
Gardner: I suppose that if eventually you have to get the sign-off from a CEO or a very high-level executive on investing in SOA activities or continuing to invest in integration at any level, it might be nice to walk into that leaders office and say, “Hey, not only are you going to get some more efficiency and some agility and faster time-to-market for your applications, but we’re going to give you a dashboard where you can actually go in and see what’s going on, vis-Ã -vis IT into your business processes. We might even give you a couple of dials and knobs where you can start turning up and down or prioritizing.”
Over to you Joe, can we use this governance thing as a way of bringing to the chief executives of these major corporations more controlled visibility into IT -- and therefore into their businesses?
McKendrick: Absolutely, Dana. In fact, look at most enterprises. They’re not going to take any projects seriously unless there’s some aspect of governance. By governance I think we’re talking about two levels here. There’s the nitty-gritty deployment, management, registry, repository, versioning aspect of what’s being done with the artifacts, and with the services that are being put out there. Then there’s the governance we speak of, which involves bringing in the business and asking the business what they need out of IT, what they need out of the technology.
Be it a committee or an evangelist within the enterprise, you need some type of board, body, committee, or team that represents a cross-section of the business that can look at what they need and interact with the IT department to bring about the solutions that are required for the business. IT can’t operate in a vacuum and doesn’t. It’s not IT’s fault, but they can’t have the sense of what a business needs, or what the business units need from week to week or month to month. You need that business input and that the high-level definition of governance. That’s the only way SOA can be sold into the organization.
Collins: I totally agree, and furthermore this is a fundamental re-alignment. We’re actually seeing the business itself take more and more of an active role in these issues, and talking about things like IT risk with relation to the overall business risk landscapes. IT is actually seen as a valid part of the businesses, rather than seeing IT -- as often it’s seen – as a little place with a bunch of geeks developing stuff. So, yes, absolutely, and it’s being driven by both sides.
Gardner: All right, let's move on to our next big issue from 2006. To you, Steve Garone. You mentioned ESBs, and you mentioned the possible negative impact of over-emphasizing -- not the main course, but some of the side dishes for SOA. So my question to you is, is ESB your next big story of the year? If so, do you think that we’ve watered this one down, that people don't have a firm idea of what ESB’s are? What’s the story around ESB’s this year?
Garone: It’s fair to say that ESBs were at least one of the top stories in 2006 in relation to SOA. That makes sense, because as people started to adopt a SOA approach, whatever that meant to them, they were searching around for the right infrastructure elements that they needed, in order to make that architecture work for them. The notion of an ESB is right at the core of that. In fact, when I was thinking about what we were going to talk about today, the two issues on my list that stood out the most were governance and ESBs.
Some of the confusion around ESBs has stemmed from the fact that they’re pretty big items in terms of what they’re capable of doing. The reality is that a lot of organizations may not need a full ESB, as many vendors are defining it, to make their environments work. They may already have some of the integration capabilities. They may have some of the event-handling capabilities in place, and they really may just need some mediation and governance elements added in, in order to make their environments work. That’s introduced a bit of confusion that has caused some grief amongst end users, at least the ones that I talked to.
There’s a tendency also to look in the other direction in terms of sort of creating an “Uber ESB,” if you will, one instantiation of that being in the form of a JBI implementation that will allow people, regardless of how they’ve chosen to implement the functionality, to bring that all together and integrate that into a complete environment. What you then get into is, “How do I navigate the world of standards to make sure that I’m adopting this and implementing it in the right way.”
So, ESBs have been very prominent. There’s been a lot of noise, news, and discussion about ESBs, a lot of product announcements in 2006. I think you’re going to see that continue in 2007, hopefully in a way that clarifies and brings together the activities to something that’s coherent and therefore makes organizations feel comfortable that they can move forward.
Gardner: We saw, just recently, announcements -- roll outs, I suppose, more appropriately -- from IBM and JBoss around ESB. There’s been some open-source activity. We’ve got a couple of Apache Foundation projects that are ESB-related that IONA’s active with. The question to the rest of the group is, do you see ESBs remaining standalone? Does this become something you take as a component, as a best of breed, or is this something that should be baked into a larger solution, approach or a technological approach to SOA?
Baer: I would vote for the fact that it becomes part of your general platform, your general infrastructure. I don’t see ESB as being an end. It’s a means to an end, and as Steve was saying, there are many different functions that an ESB can or should perform, and that’s going to depend on what your existing IT infrastructure is. It’s going just like governance. It’s going to become an extension of whatever your service platform is.
What’s very interesting is that in the past year IBM finally admitted that ESBs are not just an architectural pattern, it’s actually the real product. There’s been a lot of confusion, fear, uncertainty, and doubt out there as to what ESBs actually are. What I would love to see -- and of course this would probably never happen -- is some industry consensus, “Here’s a Lego blocks model. Here are different things that an ESB can do.”
But, guess what? In some cases, if you already have TIBCO in your environment, or something like that, you may not need, for example, the capabilities that a lot of ESBs have. So, I would love a building-block approach.
Gardner: We can probably loosely define ESBs as EAI, but with more hooks and on-ramps and off-ramps.
Garone: Hooks and standards.
Gardner: Hooks and standards, there you go.
McKendrick: To Microsoft the ESB probably meant enterprise service buses or those vehicles that employees ride around on at the Redmond campus. It seems that Microsoft has gotten on board with the ESB concept lately as well, which surprised a lot of observers, because Microsoft usually likes to take its own route with things and not buy into the acronym of the moment.
Gardner: That would be more hooks than standards then, wouldn’t it?
McKendrick: Probably, yes, highly integrated within .NET Framework and the Windows Communication Foundation.
Gardner: Moving on to standards, Joe, you had an interesting blog the other day about the WS.* standards. And I wonder if you thought that that was perhaps an issue by omission. It seems to me that there was a certain atrophy in 2006 around SOA standards. We did have BPEL come out with a 2.0 major release, upgrade, improvement -- but what’s the status of specifications and standards for SOA? Was this sort of a lull in the action this year?
McKendrick: Well, Dana, most of the standards focus on web services, and there are folks out there that would say SOA isn’t just about web services. It’s probably 90 percent of what SOA is about, but most of the activity is been around web services. Some of the standards are highly adopted everywhere you look, of course XML being the prime example of that.
You have SOAP and then WSDL, which are ubiquitous everywhere you go. The WS-splat or WS-* standards have been another story. There’s been a lot of controversy, a lot of confusion. In surveys I’ve done, I’ve seen some very low levels of knowledge -- let alone adoption -- of the WS-splat array, with the exception of WS-Security, which has been taking off fairly nicely and proving itself in many situations. You’re right Dana, it has been a build year/build season for the standards bodies this year.
Gardner: Jon, do you concur with that, that the standards had evolved and it was time for the implementations to catch up? And, should we read anything more into that?
Collins: That’s probably a good way of putting it. The other standard I’d bring into it is the management side of things. While there may not have been many great advances in the standards themselves, it’s more of an aligning of vendors behind the various standards or an agreement that there’s going to be a interoperability between them.
If you’ve got, let’s say WS-Security or WS-Policy, because of the nature of SOA and how it actually needs everything to be ready before any parts of it can work, that’s a very broad statement. But if you’re trying to manageably deliver multi-vendor, multi-application, multi-system environments in an enterprise context, a lot of these things are there already.
While some standards that were actually quite advanced to be able to roll out full fact SOA, a lot of other standards are still in catch-up. We’ve got standards that are saying, “Come on guys, let’s get out there and do the job.” Meanwhile, things like management are saying, “Hey, we’re coming. We’re on our way. We’re a bit behind. We’re still try to work out of what a CMDB is and how to talk to each other, but we’re on our way and will be there shortly.”
Gardner: All right, before we move into the prediction’s phase, I wonder if anyone else out there had a major issue from 2006 they wanted to raise as one of significant importance.
Collins: I’ll just say one word about Microsoft. Maybe the fact they even mentioned SOA was a pretty good incidence, if not a major happening.
Baer: Actually, I’ll add one thing to that which is that Microsoft has even felt compelled to publish a web page listing which standards they will support. When would you ever have thought that Microsoft would’ve ever published such a page in the past.
Gardner: Probably the same time they came out and supported Linux.
Collins: It was within a month, wasn’t it?
Gardner: Well, as a matter of fact Jon, we did a recent BriefingsDirect SOA Insights Edition on the SOA-Microsoft question. So, moving into 2007, next year, we’ve talked about some levels of maturation. We’ve talked about some technology developments, some vendor activity, but the question still remains is when do we move SOA -- and I do emphasis "when" and not "if" -- from the pilot and skunkworks-type of approach to, “This is how we’re going to do more of our IT, more of our development, more of our process in modeling. We are going to build this out?”
So let’s go around. Is 2007 the year for the SOA build-out, or are we being a little bit too optimistic? How about you, Steve?
Garone: It will be the beginnings of what you’re terming as a SOA build-out, but I’d like to deal with less of a product- or a vendor-related issue now and talk a little bit more about end-user organizations themselves. I’m still amazed, somewhat amazed at how much I’m hearing organizations talk about two issues.
One is that we hear about IT, business analysts, and business people working together to come up with requirements and actually having tools where they can work together to build business processes and then implement them and support them with services. But, little of that is actually going on and being effective within organizations. I hear a lot of folks on both sides of that pointing fingers and claming that the other one doesn’t get it, and that’s sort of manifesting itself in several ways.
It’s partially responsible for the pilot-nature of implementations that you see today in most of our organization that have tried SOA. I think it’s also responsible for the overall slowness with which you see this moving through some organizations. Over 2007, I think you’re going to see some shake-out and some advancement in terms of building that bridge between the two organizations within corporations that want to do SOA and therefore forming the foundation for moving on, but I don’t quite think we’re there yet.
Gardner: So, for 2007, if we could put some sort of a metric on adoption, with 1 being no further movement from 2006, and 10 being a total SOA in place, architecturally across the board, where do you think the dial, the meter, the needle, will go to in 2007?
Garone: There are two elements to that. Organizations that have not done it yet are going to, for the most part, remain down at the 3 or 4 level, if 3 or 4 level is defined as doing small-pilot implementations. Some percentage, say 25 percent to 30 percent of those organizations that have gotten to that first stage, will move on in a big way. I still believe that there are some impediments, having in some part to do with organizational issues and the relationships between IT and business, that are going hold that up a bit.
Gardner: Just to poke a little fun at our own industry, the IT research business, we can safely say from reports that have come out in 2006 that somewhere between 10% and 90% of enterprises will be doing SOA.
Garone: Well, yes, that’s true.
Gardner: What are your other predictions for 2007?
Garone: Getting back to one of the issues that we talked about earlier, the whole ESB issue and its place in an overall infrastructure that supports SOA will get pretty much resolved and be much clearer to end users as we get toward the end of 2007. I also think that there’s going to be a lot of work around registry, repository, and standards, mostly because as organizations start really using SOA to support real business processes with services, there’s going to have to be a lot in the way of semantic-level information and defining relationships that are going to be have to be incorporated in a real robust repository. So, I think from the product standpoint, those are two areas where we’re going to see a lot of advancement.
Gardner: Okay, how about you Tony? What are your predictions for SOA in 2007?
Baer: A couple of things. First, a more general trend, which is not SOA specific. We're no longer in the era of big-bang implementations. So, in terms of the pace of SOA adoption, it’s going to be a pretty boring answer: It’s just going to continue to be incremental.
You’ll see several hot-spots in organizations that are dealing with certain consequences of M&A, for instance, where they need to link to general ledger systems or something like that. You’ll see some opportunistic SOA there. Otherwise, it will be that the leaders will continue, those that have been leaders in 2006. Like the Verizons of the world. I hate to keep harping on that. I saw them working outside my house yesterday. So, I figure that they have some ambitious initiatives on the table there. But, I think the mainstream will incrementally get to the first things beyond the skunkworks stage.
Gardner: How about on a scale of 1 to 10, with 1 being no further movement from 2006 and 10 being full metaphysical SOA implementations?
Baer: I was going to say about a 3 or 4, just averaging things out. The Verizons of the world may be at about a 5. Whereas say the mainstream was probably at a 2 or a 3, but that still is progress.
Gardner: Okay, Jon Collins, what are your predictions for 2007?
Collins: Predictions for 2007: The thing that we’re going to see the most of is what we’ve talked about already as industry acceptance of SOA in 2006. In 2007, we’re going to see an enterprise acceptance of SOA. In terms of adoption levels, people aren’t going to suddenly sort of rip out everything that they’ve got and say, “Let’s paint the whole town SOA.” But there will be more of an understanding of where it can benefit the organization.
When there are projects that are appropriate, they will be done in a way that encourages and helps develop more service orientation inside the organization. That fits in with the need for and the delivery of improved governance of better relationships between IT and business, a better understanding of business issues on the technology side. So, it’s everything, all moving forward at once, and without that you can’t really do SOA.
The other thing is that it does go all the way down the stacks. We could talk to SAP. I’m talking to clients at the moment who are doing SAP rationalization projects. We could talk to HP about how they’re providing a platform to support applications, and talk to Cisco about Service Oriented Network Architecture (SONA). If you’ve got something that can be understood as a service delivery, then they’re putting in place the network facilities to support that. Then, you can even talk to the service providers, the British Telecoms, who are putting in place some service delivery networks.
It goes all the way down the stack, and I think we’re going to see that integration, top to bottom, become more of a reality in all those companies that I’ve just talked about there. They’re doing it for themselves right now, and they’re going to start doing it with each other, which will be a change.
Gardner: So the good news is that SOA affects everything and the bad news is that SOA affects everything.
Collins: Absolutely.
Gardner: On your scale of 1 to 10 next year?
Collins: I put it down as the difference between acceptance and implementations. I’ll still put it down as between 2 and 3. It’s low, but it’s a good low.
Gardner: It's 20 percent, it’s double digits.
Gardner: Joe McKendrick, 2007?
McKendrick: SOA is a very amorphous concept. It’s not a tangible concept, and SOA as a term has crested, as we’ve discussed in this conversation. It wouldn’t surprise me if we started seeing more vendors move toward some other terminology or other focus in their marketing efforts at the vendor level. Maybe we’re going to be hearing more about EDA, Event Driven Architecture. It has more of an action sound to it. It’s something new, and it has that real-time aspect that ties into business intelligence, and can be integrated well within business intelligence solutions.
So, I wouldn’t be surprised if we saw vendors moving away from SOA terminology and toward things such as EDA, maybe software as a service. Maybe we’ll be hearing more about that. At the enterprise level, the end users in the trenches, where the real work takes place, there’s going to be slow, steady progress toward the SOA model. It’s not going to be a revolutionary thing happening in 2007. It’s going to be evolutionary. There are going to be more pilot projects moving into the enterprise production space. What may mitigate this, and what would be interesting to watch over the coming year, is the availability of staff, availability of the right skills.
The economy has been going well. I don’t know what 2007 will bring, but by all indications, IT budgets are holding up and there’s been already shortages of the right types of skills. For enterprises that need to keep their day-to-day operations going, it maybe difficult to allocate the human resources to really move SOA projects forward.
Gardner: On a scale of 1 to 10, increase in SOA adoption in 2007?
McKendrick: Two, a solid 2.
Gardner: We’re going down, we’re going down. I’ve got a few predictions myself that I'd like to throw out. I think we can also look to 2007 as being the year of modeling. I think we’re going to see a lot more product and specification and methodology around the modeling of services that can leverage and exploit some of the activity from 2006 around this governance and the registry and repository. I’m expecting some much improved tools, graphical tools, and some innovative approaches to how to choreograph -- and that plays into your event-driven stuff, too.
I’m also predicting that this notion that Web 3.0, which is better characterized as the "Semantic Web," will offer on one hand competition against the SOA messaging and value, but more importantly offer a tag-team approach. We’ve discussed this a little bit before around Web 2.0.
If we do start getting some specifications, and as IP Version 6 becomes more widely deployed around the world, we’ll get much richer in approaching this level of a semantic Web capability on the network. If you can combine that with what you’re doing internally, that that’s one of the big tipping points for the further adoption of SOA.
I’ll use that as my opportunity to say I see about a 4 in terms of actual SOA adoption increase, so 40 percent, which is pretty big. I’m going to go on the top side of this trend for our group.
I’m also going to go out on a limb and say that I’m going to expect some big SOA-related acquisitions again in 2007, and I’m going to look to SAP and Oracle as likely candidates for acquiring other companies. The net-net on that is the application guys are going to start to flex their muscles on SOA. If you have both the infrastructure and the applications, and then you produce the SOA benefits, that’s a very advantageous place to be.
That’s it from me. Anyone else want to chime in on 2007?
Garone: Yeah, I want to respond to a couple of things. Let me start with what you just said around the enterprise apps vendors. That was one 2007 prediction that I had on my list, driven by something a lit bit different than what you said, though. One of the empirical pieces of feedback that I get often from end users is that they’re waiting and pining for the day when they’re not wrapping their legacy apps anymore in Web services standards and, all this stuff will be essentially done for them by the people who provide the applications.
Gardner: SOA-native-as-services.
Garone: Native as services, exactly right. I think you’re going to start seeing the SAP’s and the Oracle’s and everyone else that services that market, stepping up in a big way to help solve that problem, so I completely concur with you on that.
One of the proof points that I didn’t mention earlier -- I’d mentioned it in a previous podcast -- is the lack of synergy, integration, and operability between the business side and the IT side in real life. Most of the end users I talk to, when I see them present, when I talk to them in detail about their SOA activities, they really just cite cost savings. They mention raw cost savings in terms of development and operations as really the primary, and in some cases only, benefit of doing an SOA implementation.
We all know, as analysts and people who have talked a lot about SOA and how they can benefit organizations, that that’s a very narrow view. What that tells me is that the business case, the true comprehensive business case, still hasn’t been met in a lot of cases, and hasn’t been articulated very clearly. I think that’s going to start turning around in 2007.
Gardner: When you emphasize the modeling and the applications, you start getting closer to that business-level benefit?
Garone: I agree. The other thing I would just say very quickly is that -- and I’ve mentioned this before – it’s going to be harder and harder to divorce the services approach to building solutions from the virtualization area that a lot of companies are looking at, because they’re looking to do them at around the same time, and they’re very closely related.
So, we’re going to see more of a comprehensive view of that, not only in terms of how organizations want to implement it, but from vendors as a response. I also think you’ve defined a good podcast topic for the future in Web 3.0.
Gardner: We’ll be there. All right, gentlemen, thank you very much. Let’s quickly go around the table for purposes of disclosure. If there are any vendors that were mentioned or implicated today that you do business with, it would be a nice time for you to mention that, so that we all have a sense of where we’re coming from. Why don’t you go first, Steve?
Garone: At this point I would just list IBM.
McKendrick: IBM, and I’ve also done work with Systinet.
Collins: Mercury, so HP I guess.
Baer: Mercury, ditto.
Gardner: I’m going to disclose that I’ve worked with Borland, Cape Clear, Eclipse Foundation, Hewlett-Packard, IONA, and I think that’s probably it.
All right. Thanks very much. Also, if any of our listeners are interested in learning more about BriefingsDirect B2B informational podcasts or to become a sponsor of this or other B2B podcasts, please fill free to contact me, Dana Gardner at 603-528-2435. That’s it for this week’s, and I suppose this year’s, SOA Insights Edition. I’m your moderator and host, Dana Gardner. Thanks for joining.
Listen to the podcast here.
Transcript of Dana Gardner’s BriefingsDirect SOA Insights Edition, Vol. 6. Copyright Interarbor Solutions, LLC, 2005-2006. All rights reserved.
Wednesday, December 13, 2006
Transcript of BriefingsDirect Podcast on IT Consolidation Trends and Methods
Edited transcript of BriefingsDirect[TM] podcast on IT consolidation with host Dana Gardner, recorded Oct. 31, 2006. Podcast sponsor: Hewlett-Packard.
Listen to the podcast here.
Dana Gardner: Hi, this is Dana Gardner, principal analyst at Interarbor Solutions, and you’re listening to a sponsored BriefingsDirect podcast. Today, a discussion about IT Consolidation, taking a distributed, geographically dispersed set of datacenters or application infrastructures and bringing them into a more rational approach -- to get more for less, in less places, with less labor and less total cost. The goal is to eventually take this consolidation effort to a strategic level and move to a full-service infrastructure and allocate IT resources efficiently and with more flexibility.
We are joined today by two executives from Hewlett-Packard’s Consulting and Integration Group: Ewald Comhaire, director of the global practice for Infrastructure Services, as well as Peg Ofstead, worldwide solution lead for HP IT Shared Services and IT Consolidation Services. Welcome to the show, Ewald and Peg.
Ewald Comhaire: Thank you.
Gardner: Let’s address the rationales for IT Consolidation. Does this vary from site to site, from enterprise to enterprise? Is this a highly individualized approach? How do we implement IT Consolidation? Are there some uber trends driving this? Let’s start with you, Peg.
Peg Ofstead: The desire to consolidate differs from company to company. Our best practice is to first clearly discuss the objectives of the organization. Cost has been a driver for many years. There are other issues that drive people to consolidation. For example, some people run out of space in their datacenters; others have issues with power or cooling that cause them to replace their technologies.
For others, it’s a case of simplifying; they just have too many data centers, too many different kinds of technologies, too many redundant applications. They want to simplify their environment. Ewald, do you have some other thoughts?
Comhaire: Yes, there is definitely the cost element, and doing more with less is important to every customer. We have been doing this for 10 years. We see customers with more balance between these cost elements as well as improving the quality of the services they deliver and how fast can they turn around the request from the business.
Reducing risk by reducing issues with security, or improving business continuity and availability of the solution is a large objective we see across the industry. Each customer is unique, but we see these drivers most of the time.
Gardner: Obviously economics and cost issues are big drivers for this, but it wouldn’t be possible without a certain level of technology innovation and capability. You need to be able to consolidate by managing the complexity of the hardware and the networks. Can you give us some history of IT Consolidation and explain what it is technically that is allowing this to be accomplished now?
Comhaire: I’ll be happy to start. When we look back 10 years ago, most of it was driven by the capabilities of the infrastructure. As you consolidate you need better processes, you need to manage consolidated infrastructure, and that adds complexity. Do your tools, your systems, your software, your operating system have the capability to really consolidate on a technological level?
Fewer customers are worried about whether the technology can do it. Other factors are now driving the need for consolidation. Customers are looking at a functional level, consolidating not around the technology, but around functions being offered to the business, using that as a central element, with the technology following the service.
We have seen an evolution of what customers take as a primary centerpiece for consolidation. It has moved off technology and more to a functional type of consolidation. Peg, anything you would like to add?
Ofstead: Also, people are consolidating datacenters because telecommunications is so much cheaper and better now. In the past, they couldn’t because of latency and other issues. On the technology side, especially in the Microsoft Windows environment, the virtualization technology now allows people to be more aggressive in that space.
Gardner: The network is now able to support this consolidated effort. This also has to do with the shift that the Web has brought in terms of centralized applications and browser-based interfaces. Over the last 10 years there has been a significant shift to Web-type applications. Portal applications with browser interfaces have also been an accelerant to this move to IT Consolidation. Do you agree with that?
Comhaire: Absolutely. Where it has really helped is with datacenter consolidation. Because of the lightweight graphical user interface (GUI) that these Web-based applications provide, you no longer need to have all the servers -- or at least part of your application architecture -- located close to the end users.
With the latencies and improvement in networking, you can now do what HP, for example, is doing with its own datacenters: co-locate them in one location of the world and still have good response time for all their users. It would be much more difficult if you have a complex client/server architecture, and the need to move a large amount of data to different parts of the application. It would be very tough to do, and this definitely helps.
We also have "lights-out" management where management capabilities are done remotely, 24x7, in different parts of the world. There are countries in Eastern Europe, the Middle East, China, and India where you have some capable resources that can do remote management, but you would not typically put your datacenters in those physical locations. Datacenter consolidation enables you to utilize the capabilities in remote management areas when your datacenter could be in a place like the HP datacenter in Houston, Texas. Consolidation has helped with this management significantly.
Gardner: Your expertise, your people, can be in one location -- but the physical plant can be in another. You can look for a lower cost of real estate, energy, and safety, when the plant is away from high-risk areas. These all play into the IT decision making about IT consolidation?
Comhaire: Absolutely.
Ofstead: That is exactly what we’re seeing.
Gardner: Now that we have discussed how the Web has changed the nature of applications, and the technology from the network perspective has given us the freedom to decide location -- do we see anything on the horizon that will change this even more? Are there other factors that make the decision-process around consolidation change again? Are there convergence or virtualization issues?
Ofstead: We can assume technology will continue to improve. Look at the cost of storage today, for example. People forget it’s not just about technology.
One of the key factors to keep in mind when you’re consolidating is the human factor. We discussed being very clear in your objectives. It is important that your stake-holders buy-in on your objectives, and that includes your line-of-business partners. There could be issues like the line-of-business may own the datacenters, or may own the servers that you’re trying to consolidate. Their buy-in is crucial to your ability to successfully consolidate.
There is also a buy-in of your IT staff, many of whom can be impacted during consolidation. If you are eliminating legacy technologies, it may mean they need to be re-skilled, or if you are closing datacenters, it may mean a larger impact to their jobs. It is very important to consider the human factors and the governance issues related to consolidation that go beyond technology.
Gardner: Obviously this is not a trivial, fly-by-the-seat-of-your-pants decision process. We have issues around ownership and a culture of control and the cost of real estate in terms of applications, and around how to rationalize data itself within a data structure. How do companies begin to approach this "hairball" of interrelated dependencies and complexities once they have begun to take IT Consolidation seriously?
Ofstead: Ten years ago, we were seeing the consolidation of UNIX servers. The largest companies we worked with were telcos, and they often had hundreds or thousands of UNIX servers and were consolidating those. Companies in all industries have been basically doing server consolidation and storage consolidation for many years now.
In the past few years, they have tackled the harder things. Rationalizing the application and information portfolios is much harder work. We saw very little of that five years ago, but it is more prevalent today. We are seeing more datacenter consolidation and relocation of datacenters as people consider issues like Sarbanes-Oxley, which especially impacts the financial institutions.
Gardner: We have also seen waves of consolidation at higher business levels between mergers and acquisitions, particularly in telecom and a number of other industries. I think that would also bring into play massive infrastructure redundancy that needs to be addressed.
Ofstead: Absolutely. Companies that have already gone through a consolidation acquire a firm and suddenly they have twice as many datacenters as they need. They have an overlapping application portfolio, so this is an ongoing process for many firms.
Gardner: Ewald, can you give us a rundown of the methodological decision process? Large enterprises, regardless of their situation, are facing this complex proposition. What needs to be considered? How do you approach this from a professional services perspective?
Comhaire: The first thing we do is start with the strategy and analysis phase. In this phase, we conduct a workshop to clearly define the business goals with the customer. We bring in our 10 years of consolidation experience. We help customers to think broadly, not just in terms of servers, but about the number of workplaces they have, whether we can do workplace or remote office consolidations, their networks, and their higher-end services like data warehouses.
We provide a pretty broad view. We help to pin down the customer on key matrices around the success of the project. What is in scope, what is not in scope, and how this IT consolidation aligns with the business. We work with the IT parts as well as making a link with the business, and use it as a starting point for the project.
We then do a rapid opportunity analysis for the domains that are good candidates. We are looking for a good return on investment (ROI) for the customer on a high level without doing a detailed analysis.
We then do an inventory and discovery. Many customers have an idea of what they have, but not enough to do a real ROI or total cost of ownership (TCO) calculation. We provide some agentless discovery tools that show the workloads as well as the assets there -- how well the equipment is utilized, what workloads are compatible or can be consolidated with other workloads, and how many databases are there -- so we understand by function what is used today and what are some of the possible economies of scale. This is typically done in the first phase.
Gardner: It sounds like you need to step back and look at what you actually have, and then what you want to have, functionally, going forward, and then to try to reconcile the two.
Comhaire: Yes, that is important because these projects typically take quite some time, and a consolidation project is never done. We are always looking at the next thing we can improve on. At some point you need to have closure on a certain part of the project.
Phase two is the architect and validate phase. Then you can think about a high-level architecture for the desired date. We now know the objective of the customer, we know the “as is” state through the discovery, and we can now do a high-level design for the desired state.
At the same time we are validating the ROI model. If there are cost-reduction objectives, and the customer wants to have those in hard numbers, we can do a full ROI analysis and be confident that we can get the ROI that the customer was expecting. That’s pretty much our second phase in the consolidation methodology.
Gardner: I have to assume that we’re starting to tinker with some mission-critical applications and there is some concern about the continuity and risk of disruption. On one hand the company would ask, "Are we going to have downtime? Are we going to have interruptions? Will this be seamless to our end users, both inside our organization and our customers outside?" How do you address the issue of confidence? How do you guarantee this is not going to be a disruptive activity?
Comhaire: Great question. Our third phase is the detail design and planning phase. Here we do the real planning of the implementation and all these things are addressed in the detailed level design. For example, if we have a datacenter relocation, what methodology are we using to move to data consolidation?
These design criteria have an impact on the downtime for the business, and this is where all the expertise comes in around migration of data and applications. We also make sure that the target environment -- as it’s being designed to handle multiple coherence and co-located workloads -- is bringing the availability up and not down, which is an inherent risk of consolidation.
We have to write a business continuity design so that the desired state has much more tolerance against disasters than the existing state. We know in phase number three that there is a positive business case. We are then allowed to go to a level of detail that is very much implementation-oriented.
In the second phase, we typically want to do the minimal design to guarantee that the project will have a good ROI, so we don’t go down to this level of detail. But in the third phase we do to make sure we get the trust and the minimum interruption for the business through the right choice of design methodology.
Gardner: Peg, on this notion of risk reduction, do you feel confident enough in doing this many times that you can almost, and perhaps actually, guarantee continuity? Do you go in and say, “As part of our contract we have our own agreement of certain levels of service,” and do you go to the bank with that and say, “We’re going to make sure your businesses continue?”
Ofstead: Absolutely. That is part of what we do with consolidations because we are working with mission-critical workloads. In every region, we’ve worked with clients that have been in those situations.
Comhaire: We also have a very strong mission-critical support that’s been highly rated by Gartner year after year. That is really a true differentiator for us in those large consolidation projects because we can give the customer the assurance that we can manage their consolidated workloads at the levels of availability required.
Gardner: This is an issue where failure is not an option.
Comhaire: Exactly.
Gardner: Also on this notion of business continuity, companies are dealing with a separate area of risk: Where to locate for disaster scenarios -- whether they’re weather-related, disruptions from energy problems, or perhaps even war and terrorism issues. It seems that companies need to take that into consideration as well now.
When they think about IT Consolidation, are they also thinking about the ability to maintain business continuity, regardless of external threats?
Ofstead: Absolutely.
Comhaire: Absolutely. Yes, Peg.
Ofstead: When we do datacenter consolidation, even if the company had a wonderful business continuity plan and could execute it well, you essentially break that when you change the datacenter. You have to start over and state the business continuity plan. That is very important. We’re seeing some institutions, especially financial ones, moving the datacenters to safer locations because of Sarbanes-Oxley implications.
Comhaire: It sometimes does trigger some finer discussions with the customer, because most would expect that with a consolidation, including cost reduction, that they can also get the whole business continuity and disaster recoverability free of charge as part of the consolidation project.
Sometimes we have to stress that this is really an added functionality. While the pure consolidation project will return a significant amount of savings, there may have to be some investments kicked in as well to address the business continuity element.
Gardner: Perhaps when you embark on this journey -- to kill two birds with one stone -- you look at your ROI/TCO issues from a consolidation perspective, but also look very carefully to your business continuity issues in terms of safety, reliability, and disaster-prevention or -recoveries?
Comhaire: Yes, if you look at eight out of 10 of our success stories, and you look at the advantages that the customers cited after HP helped them implement the consolidation project, almost everywhere you will find better performance, better availability, and better disaster recovery -- meaning that in eight out of 10 projects it is addressed effectively with the customers.
Gardner: We’ve mentioned regulatory issues a few times, particularly Sarbanes-Oxley in the United States. Help me understand the implications here. How does a regulatory imperative affect the decision making, and even perhaps spur on these IT consolidation activities?
Ofstead: Sarbanes-Oxley has some regulations that specify the availability requirements for financial institutions, and how quickly they must recover certain transactions. That happens when they are audited. That is why the financial institutions are looking for more secure datacenters and more robust disaster-recovery capabilities. Europe is in a similar situation with the Basel II regulations.
Gardner: Anything to add to that, Ewald?
Comhaire: We have software that helps customers meet regulations like compliance with standards, specifically on the IT side. We have tools in the HP OpenView portfolio with respect to software distribution. We can control exactly what needs to be running on servers and desktops.
There are some interesting offerings that we have on that phase, but they are second to the main objectives of a consolidation project. We have not seen many projects that are driven by regulations. It is typically an element of a consolidation project, rather than the main driver for it.
Gardner: We have looked at the business case and rationale for doing this, and at the history of why the technologies and network resources allow this to happen. We’ve looked at some of the tangential implications around people, process, and business recovery regulation.
Let’s talk about the payoffs. We have seen some publicized information around HP’s own multi-year approach to consolidation and significant reduction of total costs. Do you have any metrics or case studies or anecdotes that will give people a sense of the magnitude of the shift to benefits here?
Ofstead: Obviously the payoff is going to depend on how diverse your IT environment is to start with. If you had multiple acquisitions, as HP has, there are more payoffs because there is more to clean up. Large companies that have not yet consolidated their servers can probably get a 25 percent to 40 percent TCO savings around those server farms and their storage.
You get real savings in the applications phase. Far beyond TCO savings, you get business benefits. For example, HP is going to a single data warehouse, consolidating over 700 data marts. The business benefit of having a single source of data and consistent information about our customers and our orders is that we have huge ramifications that go way beyond just IT savings for a corporation.
Comhaire: Also, the cost model that we use is a simple one. It can be well understood by the customers as well as HP.
We use four primary dimensions. One is cost and what we can do on cost saving and cost avoidance. Avoidance is an increasingly important element. The second is the quality of service. Did we improve the quality of the services that were delivered to the business? That has some business value as well. The third, are we able to do things faster, turn around the request of the business in a faster way, deploy things faster, put changes into place faster.
The final one is have we reduced, in general, the risk position of the customer, whether it’s against security, or intrusion at the level of compliancy, or at the level of continuous operation and disaster recoverability. We’re putting value on whether we reduced the risk with the customer.
There are some great anecdotes. We have had some large-scale consolidations where, obviously, we go application-by-application and then find that these applications need to be recompiled, that the customer has lost the source code. This was a risk that the customer did not realize before they did the consolidation project.
Now we realize there are some applications where we are at risk because we no longer have the source code, and we were able to reverse and re-engineer that, and get back to a solid code base so they can move forward. We now better understand the risk, we measured it, and we are also able to handle some of the implications of that so that is no longer an issue. It’s an anecdote, but it happens more than you would think.
A customer has said they had 500 servers when they did the whole analysis. It turns out they had close to 1000, and they were surprised there was such a big difference between what they believed they had and what they really had. So the whole ROI model was actually changed overnight based on that discovery.
Gardner: I suppose that this process does unearth these various cans of worms, but in doing so, you’ve got a much more coordinated, managed, professional inventoried approach to your code and your assets. You can move forward with a strategic approach to IT rather than a piecemeal or ad hoc approach.
Comhaire: That is often underestimated as a benefit. It is difficult to say in a customer discussion that as part of the consolidation exercise we will clean up some of these legacy things that you may not realize have built up over the years. It is difficult to say up front, but often when customers look back, that is a major achievement in the project.
The nice benefit of it is they now have a good handle on their assets, the workload they have, the issues that were uncovered and are now clearly on the table and have been resolved. They have a much better foundation to build on for the future.
Gardner: Perhaps this is a difficult and cathartic process, but with recurring dividends over time. I suppose that IT Consolidation will now impact such trends as virtualization and service oriented architecture (SOA), where it will make tremendous economic sense to have a full-service infrastructure approach.
If you’re going to consolidate, you’re going to want this infrastructure to support legacy, distributed Web, and a variety of different types of application sets, depending on your vertical industry. Is it too much of a pie-in-the-sky notion that we can have a single -- or at least a significantly reduced -- number of infrastructure approaches to support a variety of business processes, business activities, and applications?
These days with the impact of virtualization, with increased use of open standards, with increased use of open source, are we finally at a point where we won’t have monolithic approaches to a variety of applications, but perhaps more of a horizontal, rationalized infrastructure to support more and more types of business activities?
Ofstead: Certainly consolidation is the opportunity for folks to move to a real strategic platform view. While they’re cutting costs, they have the opportunity to really move to new technologies and virtualization. For example, we’re seeing a lot of people using Linux. One of the great things about that is not only are you able to clean up your environment, but you are actually able to move it forward to new strategies. Ewald?
Comhaire: Absolutely, Peg. The simplification of the environment is one of our key objectives, and typically we do that by standardizing on less different types of equipment. We also do that by bringing virtualization, which allows us to better share the same equipment between multiple workloads so we don’t need as many assets, which again is a simplification element -- but also significant to cost reduction.
We also simplify things like the IT management processes and tools, and we have a significant set of services around IT optimization and IT service management that can help simplify the environment. All these technologies like virtualization, automation, and optimized service deployment are significant enablers for consolidation.
Gardner: So we’re not just talking about consolidation in terms of physical consolidation, a location, and numbers of services -- we’re talking about a consolidated datacenter approach that functionally consolidates IT?
Comhaire: Absolutely. That’s how we’ve evolved the thinking on consolidation, and it is also why today we call it "IT" consolidation, not just "server" consolidation. We have evolved over time to a more holistic approach of people, process, and technology. As Peg was saying before, we are significantly looking at the roles of the people.
We’re looking at the processes that are being executed to see if they can be simplified, streamlined, and organized according to industry standards or best practices. Finally, we do the technology part of consolidation exercise, we look at standardization and virtualization of the infrastructure components, and make those work together with less things like configurations of applications. All of these are standardized and provide the value back to the business.
Gardner: This strikes me as not just a high economic impact, but as absolutely necessary ingredients as companies move toward total IT transformation. Because the payoff is a 25 percent to 40 percent reduction in total cost, you set yourself up for an agile multipurpose platform, and are reactive both to your legacy as well as to new types of application approaches, such as SOA.
This is really not an option. If your competitors are going about this and you are not, you will be at a significant disadvantage.
Ofstead: Absolutely. That is why so many companies are moving aggressively toward consolidation. Certainly after emerging acquisitions such as the one HP has had. The more we can do to clean up our applications and make ourselves more cost competitive, the better we will do.
Gardner: Great. Well, thanks very much. I think we’ll need to wrap it up now.
We have been talking about IT Consolidation, its strategic, economic, and future-proofing imperatives. Joining us for this sponsored BriefingsDirect podcast has been Ewald Comhaire, the director of the Global Practice for Infrastructure Services at HP, and Peg Ofstead, worldwide solution lead for HP’s IT Shared Services and IT Consolidation Services.
Thanks very much for joining us today. I think this has been an eye-opening discussion for me, and I hope for our listeners, too.
Ofstead: Thanks, Dana.
Comhaire: Thanks.
Gardner: Thanks for joining us. I would also like to point out to our listeners that if you’d like to learn more about BriefingsDirect B2B informational podcasts or to become a sponsor of this or other B2B podcasts, feel free to contact me, Dana Gardner, at 603-528-2435. This is Dana Gardner, principal analyst at Interarbor Solutions, and you’ve been listening to BriefingsDirect. Come back and listen next time.
Listen to the podcast here.
Podcast sponsor: Hewlett-Packard.
Transcript of Dana Gardner’s BriefingsDirect podcast on IT Consolidation. Copyright Interarbor Solutions, LLC, 2005-2006. All rights reserved.
Listen to the podcast here.
Dana Gardner: Hi, this is Dana Gardner, principal analyst at Interarbor Solutions, and you’re listening to a sponsored BriefingsDirect podcast. Today, a discussion about IT Consolidation, taking a distributed, geographically dispersed set of datacenters or application infrastructures and bringing them into a more rational approach -- to get more for less, in less places, with less labor and less total cost. The goal is to eventually take this consolidation effort to a strategic level and move to a full-service infrastructure and allocate IT resources efficiently and with more flexibility.
We are joined today by two executives from Hewlett-Packard’s Consulting and Integration Group: Ewald Comhaire, director of the global practice for Infrastructure Services, as well as Peg Ofstead, worldwide solution lead for HP IT Shared Services and IT Consolidation Services. Welcome to the show, Ewald and Peg.
Ewald Comhaire: Thank you.
Gardner: Let’s address the rationales for IT Consolidation. Does this vary from site to site, from enterprise to enterprise? Is this a highly individualized approach? How do we implement IT Consolidation? Are there some uber trends driving this? Let’s start with you, Peg.
Peg Ofstead: The desire to consolidate differs from company to company. Our best practice is to first clearly discuss the objectives of the organization. Cost has been a driver for many years. There are other issues that drive people to consolidation. For example, some people run out of space in their datacenters; others have issues with power or cooling that cause them to replace their technologies.
For others, it’s a case of simplifying; they just have too many data centers, too many different kinds of technologies, too many redundant applications. They want to simplify their environment. Ewald, do you have some other thoughts?
Comhaire: Yes, there is definitely the cost element, and doing more with less is important to every customer. We have been doing this for 10 years. We see customers with more balance between these cost elements as well as improving the quality of the services they deliver and how fast can they turn around the request from the business.
Reducing risk by reducing issues with security, or improving business continuity and availability of the solution is a large objective we see across the industry. Each customer is unique, but we see these drivers most of the time.
Gardner: Obviously economics and cost issues are big drivers for this, but it wouldn’t be possible without a certain level of technology innovation and capability. You need to be able to consolidate by managing the complexity of the hardware and the networks. Can you give us some history of IT Consolidation and explain what it is technically that is allowing this to be accomplished now?
Comhaire: I’ll be happy to start. When we look back 10 years ago, most of it was driven by the capabilities of the infrastructure. As you consolidate you need better processes, you need to manage consolidated infrastructure, and that adds complexity. Do your tools, your systems, your software, your operating system have the capability to really consolidate on a technological level?
Fewer customers are worried about whether the technology can do it. Other factors are now driving the need for consolidation. Customers are looking at a functional level, consolidating not around the technology, but around functions being offered to the business, using that as a central element, with the technology following the service.
We have seen an evolution of what customers take as a primary centerpiece for consolidation. It has moved off technology and more to a functional type of consolidation. Peg, anything you would like to add?
Ofstead: Also, people are consolidating datacenters because telecommunications is so much cheaper and better now. In the past, they couldn’t because of latency and other issues. On the technology side, especially in the Microsoft Windows environment, the virtualization technology now allows people to be more aggressive in that space.
Gardner: The network is now able to support this consolidated effort. This also has to do with the shift that the Web has brought in terms of centralized applications and browser-based interfaces. Over the last 10 years there has been a significant shift to Web-type applications. Portal applications with browser interfaces have also been an accelerant to this move to IT Consolidation. Do you agree with that?
Comhaire: Absolutely. Where it has really helped is with datacenter consolidation. Because of the lightweight graphical user interface (GUI) that these Web-based applications provide, you no longer need to have all the servers -- or at least part of your application architecture -- located close to the end users.
With the latencies and improvement in networking, you can now do what HP, for example, is doing with its own datacenters: co-locate them in one location of the world and still have good response time for all their users. It would be much more difficult if you have a complex client/server architecture, and the need to move a large amount of data to different parts of the application. It would be very tough to do, and this definitely helps.
We also have "lights-out" management where management capabilities are done remotely, 24x7, in different parts of the world. There are countries in Eastern Europe, the Middle East, China, and India where you have some capable resources that can do remote management, but you would not typically put your datacenters in those physical locations. Datacenter consolidation enables you to utilize the capabilities in remote management areas when your datacenter could be in a place like the HP datacenter in Houston, Texas. Consolidation has helped with this management significantly.
Gardner: Your expertise, your people, can be in one location -- but the physical plant can be in another. You can look for a lower cost of real estate, energy, and safety, when the plant is away from high-risk areas. These all play into the IT decision making about IT consolidation?
Comhaire: Absolutely.
Ofstead: That is exactly what we’re seeing.
Gardner: Now that we have discussed how the Web has changed the nature of applications, and the technology from the network perspective has given us the freedom to decide location -- do we see anything on the horizon that will change this even more? Are there other factors that make the decision-process around consolidation change again? Are there convergence or virtualization issues?
Ofstead: We can assume technology will continue to improve. Look at the cost of storage today, for example. People forget it’s not just about technology.
One of the key factors to keep in mind when you’re consolidating is the human factor. We discussed being very clear in your objectives. It is important that your stake-holders buy-in on your objectives, and that includes your line-of-business partners. There could be issues like the line-of-business may own the datacenters, or may own the servers that you’re trying to consolidate. Their buy-in is crucial to your ability to successfully consolidate.
There is also a buy-in of your IT staff, many of whom can be impacted during consolidation. If you are eliminating legacy technologies, it may mean they need to be re-skilled, or if you are closing datacenters, it may mean a larger impact to their jobs. It is very important to consider the human factors and the governance issues related to consolidation that go beyond technology.
Gardner: Obviously this is not a trivial, fly-by-the-seat-of-your-pants decision process. We have issues around ownership and a culture of control and the cost of real estate in terms of applications, and around how to rationalize data itself within a data structure. How do companies begin to approach this "hairball" of interrelated dependencies and complexities once they have begun to take IT Consolidation seriously?
Ofstead: Ten years ago, we were seeing the consolidation of UNIX servers. The largest companies we worked with were telcos, and they often had hundreds or thousands of UNIX servers and were consolidating those. Companies in all industries have been basically doing server consolidation and storage consolidation for many years now.
In the past few years, they have tackled the harder things. Rationalizing the application and information portfolios is much harder work. We saw very little of that five years ago, but it is more prevalent today. We are seeing more datacenter consolidation and relocation of datacenters as people consider issues like Sarbanes-Oxley, which especially impacts the financial institutions.
Gardner: We have also seen waves of consolidation at higher business levels between mergers and acquisitions, particularly in telecom and a number of other industries. I think that would also bring into play massive infrastructure redundancy that needs to be addressed.
Ofstead: Absolutely. Companies that have already gone through a consolidation acquire a firm and suddenly they have twice as many datacenters as they need. They have an overlapping application portfolio, so this is an ongoing process for many firms.
Gardner: Ewald, can you give us a rundown of the methodological decision process? Large enterprises, regardless of their situation, are facing this complex proposition. What needs to be considered? How do you approach this from a professional services perspective?
Comhaire: The first thing we do is start with the strategy and analysis phase. In this phase, we conduct a workshop to clearly define the business goals with the customer. We bring in our 10 years of consolidation experience. We help customers to think broadly, not just in terms of servers, but about the number of workplaces they have, whether we can do workplace or remote office consolidations, their networks, and their higher-end services like data warehouses.
We provide a pretty broad view. We help to pin down the customer on key matrices around the success of the project. What is in scope, what is not in scope, and how this IT consolidation aligns with the business. We work with the IT parts as well as making a link with the business, and use it as a starting point for the project.
We then do a rapid opportunity analysis for the domains that are good candidates. We are looking for a good return on investment (ROI) for the customer on a high level without doing a detailed analysis.
We then do an inventory and discovery. Many customers have an idea of what they have, but not enough to do a real ROI or total cost of ownership (TCO) calculation. We provide some agentless discovery tools that show the workloads as well as the assets there -- how well the equipment is utilized, what workloads are compatible or can be consolidated with other workloads, and how many databases are there -- so we understand by function what is used today and what are some of the possible economies of scale. This is typically done in the first phase.
Gardner: It sounds like you need to step back and look at what you actually have, and then what you want to have, functionally, going forward, and then to try to reconcile the two.
Comhaire: Yes, that is important because these projects typically take quite some time, and a consolidation project is never done. We are always looking at the next thing we can improve on. At some point you need to have closure on a certain part of the project.
Phase two is the architect and validate phase. Then you can think about a high-level architecture for the desired date. We now know the objective of the customer, we know the “as is” state through the discovery, and we can now do a high-level design for the desired state.
At the same time we are validating the ROI model. If there are cost-reduction objectives, and the customer wants to have those in hard numbers, we can do a full ROI analysis and be confident that we can get the ROI that the customer was expecting. That’s pretty much our second phase in the consolidation methodology.
Gardner: I have to assume that we’re starting to tinker with some mission-critical applications and there is some concern about the continuity and risk of disruption. On one hand the company would ask, "Are we going to have downtime? Are we going to have interruptions? Will this be seamless to our end users, both inside our organization and our customers outside?" How do you address the issue of confidence? How do you guarantee this is not going to be a disruptive activity?
Comhaire: Great question. Our third phase is the detail design and planning phase. Here we do the real planning of the implementation and all these things are addressed in the detailed level design. For example, if we have a datacenter relocation, what methodology are we using to move to data consolidation?
These design criteria have an impact on the downtime for the business, and this is where all the expertise comes in around migration of data and applications. We also make sure that the target environment -- as it’s being designed to handle multiple coherence and co-located workloads -- is bringing the availability up and not down, which is an inherent risk of consolidation.
We have to write a business continuity design so that the desired state has much more tolerance against disasters than the existing state. We know in phase number three that there is a positive business case. We are then allowed to go to a level of detail that is very much implementation-oriented.
In the second phase, we typically want to do the minimal design to guarantee that the project will have a good ROI, so we don’t go down to this level of detail. But in the third phase we do to make sure we get the trust and the minimum interruption for the business through the right choice of design methodology.
Gardner: Peg, on this notion of risk reduction, do you feel confident enough in doing this many times that you can almost, and perhaps actually, guarantee continuity? Do you go in and say, “As part of our contract we have our own agreement of certain levels of service,” and do you go to the bank with that and say, “We’re going to make sure your businesses continue?”
Ofstead: Absolutely. That is part of what we do with consolidations because we are working with mission-critical workloads. In every region, we’ve worked with clients that have been in those situations.
Comhaire: We also have a very strong mission-critical support that’s been highly rated by Gartner year after year. That is really a true differentiator for us in those large consolidation projects because we can give the customer the assurance that we can manage their consolidated workloads at the levels of availability required.
Gardner: This is an issue where failure is not an option.
Comhaire: Exactly.
Gardner: Also on this notion of business continuity, companies are dealing with a separate area of risk: Where to locate for disaster scenarios -- whether they’re weather-related, disruptions from energy problems, or perhaps even war and terrorism issues. It seems that companies need to take that into consideration as well now.
When they think about IT Consolidation, are they also thinking about the ability to maintain business continuity, regardless of external threats?
Ofstead: Absolutely.
Comhaire: Absolutely. Yes, Peg.
Ofstead: When we do datacenter consolidation, even if the company had a wonderful business continuity plan and could execute it well, you essentially break that when you change the datacenter. You have to start over and state the business continuity plan. That is very important. We’re seeing some institutions, especially financial ones, moving the datacenters to safer locations because of Sarbanes-Oxley implications.
Comhaire: It sometimes does trigger some finer discussions with the customer, because most would expect that with a consolidation, including cost reduction, that they can also get the whole business continuity and disaster recoverability free of charge as part of the consolidation project.
Sometimes we have to stress that this is really an added functionality. While the pure consolidation project will return a significant amount of savings, there may have to be some investments kicked in as well to address the business continuity element.
Gardner: Perhaps when you embark on this journey -- to kill two birds with one stone -- you look at your ROI/TCO issues from a consolidation perspective, but also look very carefully to your business continuity issues in terms of safety, reliability, and disaster-prevention or -recoveries?
Comhaire: Yes, if you look at eight out of 10 of our success stories, and you look at the advantages that the customers cited after HP helped them implement the consolidation project, almost everywhere you will find better performance, better availability, and better disaster recovery -- meaning that in eight out of 10 projects it is addressed effectively with the customers.
Gardner: We’ve mentioned regulatory issues a few times, particularly Sarbanes-Oxley in the United States. Help me understand the implications here. How does a regulatory imperative affect the decision making, and even perhaps spur on these IT consolidation activities?
Ofstead: Sarbanes-Oxley has some regulations that specify the availability requirements for financial institutions, and how quickly they must recover certain transactions. That happens when they are audited. That is why the financial institutions are looking for more secure datacenters and more robust disaster-recovery capabilities. Europe is in a similar situation with the Basel II regulations.
Gardner: Anything to add to that, Ewald?
Comhaire: We have software that helps customers meet regulations like compliance with standards, specifically on the IT side. We have tools in the HP OpenView portfolio with respect to software distribution. We can control exactly what needs to be running on servers and desktops.
There are some interesting offerings that we have on that phase, but they are second to the main objectives of a consolidation project. We have not seen many projects that are driven by regulations. It is typically an element of a consolidation project, rather than the main driver for it.
Gardner: We have looked at the business case and rationale for doing this, and at the history of why the technologies and network resources allow this to happen. We’ve looked at some of the tangential implications around people, process, and business recovery regulation.
Let’s talk about the payoffs. We have seen some publicized information around HP’s own multi-year approach to consolidation and significant reduction of total costs. Do you have any metrics or case studies or anecdotes that will give people a sense of the magnitude of the shift to benefits here?
Ofstead: Obviously the payoff is going to depend on how diverse your IT environment is to start with. If you had multiple acquisitions, as HP has, there are more payoffs because there is more to clean up. Large companies that have not yet consolidated their servers can probably get a 25 percent to 40 percent TCO savings around those server farms and their storage.
You get real savings in the applications phase. Far beyond TCO savings, you get business benefits. For example, HP is going to a single data warehouse, consolidating over 700 data marts. The business benefit of having a single source of data and consistent information about our customers and our orders is that we have huge ramifications that go way beyond just IT savings for a corporation.
Comhaire: Also, the cost model that we use is a simple one. It can be well understood by the customers as well as HP.
We use four primary dimensions. One is cost and what we can do on cost saving and cost avoidance. Avoidance is an increasingly important element. The second is the quality of service. Did we improve the quality of the services that were delivered to the business? That has some business value as well. The third, are we able to do things faster, turn around the request of the business in a faster way, deploy things faster, put changes into place faster.
The final one is have we reduced, in general, the risk position of the customer, whether it’s against security, or intrusion at the level of compliancy, or at the level of continuous operation and disaster recoverability. We’re putting value on whether we reduced the risk with the customer.
There are some great anecdotes. We have had some large-scale consolidations where, obviously, we go application-by-application and then find that these applications need to be recompiled, that the customer has lost the source code. This was a risk that the customer did not realize before they did the consolidation project.
Now we realize there are some applications where we are at risk because we no longer have the source code, and we were able to reverse and re-engineer that, and get back to a solid code base so they can move forward. We now better understand the risk, we measured it, and we are also able to handle some of the implications of that so that is no longer an issue. It’s an anecdote, but it happens more than you would think.
A customer has said they had 500 servers when they did the whole analysis. It turns out they had close to 1000, and they were surprised there was such a big difference between what they believed they had and what they really had. So the whole ROI model was actually changed overnight based on that discovery.
Gardner: I suppose that this process does unearth these various cans of worms, but in doing so, you’ve got a much more coordinated, managed, professional inventoried approach to your code and your assets. You can move forward with a strategic approach to IT rather than a piecemeal or ad hoc approach.
Comhaire: That is often underestimated as a benefit. It is difficult to say in a customer discussion that as part of the consolidation exercise we will clean up some of these legacy things that you may not realize have built up over the years. It is difficult to say up front, but often when customers look back, that is a major achievement in the project.
The nice benefit of it is they now have a good handle on their assets, the workload they have, the issues that were uncovered and are now clearly on the table and have been resolved. They have a much better foundation to build on for the future.
Gardner: Perhaps this is a difficult and cathartic process, but with recurring dividends over time. I suppose that IT Consolidation will now impact such trends as virtualization and service oriented architecture (SOA), where it will make tremendous economic sense to have a full-service infrastructure approach.
If you’re going to consolidate, you’re going to want this infrastructure to support legacy, distributed Web, and a variety of different types of application sets, depending on your vertical industry. Is it too much of a pie-in-the-sky notion that we can have a single -- or at least a significantly reduced -- number of infrastructure approaches to support a variety of business processes, business activities, and applications?
These days with the impact of virtualization, with increased use of open standards, with increased use of open source, are we finally at a point where we won’t have monolithic approaches to a variety of applications, but perhaps more of a horizontal, rationalized infrastructure to support more and more types of business activities?
Ofstead: Certainly consolidation is the opportunity for folks to move to a real strategic platform view. While they’re cutting costs, they have the opportunity to really move to new technologies and virtualization. For example, we’re seeing a lot of people using Linux. One of the great things about that is not only are you able to clean up your environment, but you are actually able to move it forward to new strategies. Ewald?
Comhaire: Absolutely, Peg. The simplification of the environment is one of our key objectives, and typically we do that by standardizing on less different types of equipment. We also do that by bringing virtualization, which allows us to better share the same equipment between multiple workloads so we don’t need as many assets, which again is a simplification element -- but also significant to cost reduction.
We also simplify things like the IT management processes and tools, and we have a significant set of services around IT optimization and IT service management that can help simplify the environment. All these technologies like virtualization, automation, and optimized service deployment are significant enablers for consolidation.
Gardner: So we’re not just talking about consolidation in terms of physical consolidation, a location, and numbers of services -- we’re talking about a consolidated datacenter approach that functionally consolidates IT?
Comhaire: Absolutely. That’s how we’ve evolved the thinking on consolidation, and it is also why today we call it "IT" consolidation, not just "server" consolidation. We have evolved over time to a more holistic approach of people, process, and technology. As Peg was saying before, we are significantly looking at the roles of the people.
We’re looking at the processes that are being executed to see if they can be simplified, streamlined, and organized according to industry standards or best practices. Finally, we do the technology part of consolidation exercise, we look at standardization and virtualization of the infrastructure components, and make those work together with less things like configurations of applications. All of these are standardized and provide the value back to the business.
Gardner: This strikes me as not just a high economic impact, but as absolutely necessary ingredients as companies move toward total IT transformation. Because the payoff is a 25 percent to 40 percent reduction in total cost, you set yourself up for an agile multipurpose platform, and are reactive both to your legacy as well as to new types of application approaches, such as SOA.
This is really not an option. If your competitors are going about this and you are not, you will be at a significant disadvantage.
Ofstead: Absolutely. That is why so many companies are moving aggressively toward consolidation. Certainly after emerging acquisitions such as the one HP has had. The more we can do to clean up our applications and make ourselves more cost competitive, the better we will do.
Gardner: Great. Well, thanks very much. I think we’ll need to wrap it up now.
We have been talking about IT Consolidation, its strategic, economic, and future-proofing imperatives. Joining us for this sponsored BriefingsDirect podcast has been Ewald Comhaire, the director of the Global Practice for Infrastructure Services at HP, and Peg Ofstead, worldwide solution lead for HP’s IT Shared Services and IT Consolidation Services.
Thanks very much for joining us today. I think this has been an eye-opening discussion for me, and I hope for our listeners, too.
Ofstead: Thanks, Dana.
Comhaire: Thanks.
Gardner: Thanks for joining us. I would also like to point out to our listeners that if you’d like to learn more about BriefingsDirect B2B informational podcasts or to become a sponsor of this or other B2B podcasts, feel free to contact me, Dana Gardner, at 603-528-2435. This is Dana Gardner, principal analyst at Interarbor Solutions, and you’ve been listening to BriefingsDirect. Come back and listen next time.
Listen to the podcast here.
Podcast sponsor: Hewlett-Packard.
Transcript of Dana Gardner’s BriefingsDirect podcast on IT Consolidation. Copyright Interarbor Solutions, LLC, 2005-2006. All rights reserved.
Subscribe to:
Posts (Atom)