Governance with Systinet 4.0

Technical white paper

Table of contents

Executive summary ............................................................................................................................... 2

Systinet 4.0: Address governance pitfalls and roadblocks......................................................................... 2 Visibility, collaboration, and authoring ............................................................................................... 3

Governance enablers .................................................................................................................... 3 Role-based user interface ............................................................................................................... 3 Improved catalog navigation ......................................................................................................... 5 Simplify UI layout with tabs............................................................................................................ 5 Repository access for developers: IDEs, WebDAV, and ATOM .......................................................... 6 Visualization: Graphical navigator ................................................................................................. 7 Analytics, reporting, and power search ........................................................................................... 9 Collaboration............................................................................................................................. 10 Authoring .................................................................................................................................. 10

Lifecycle management made simple .................................................................................................. 11 Graphical Process Designer ......................................................................................................... 11 Lifecycle management UI ............................................................................................................. 12 Automation: What you cannot automate, you cannot govern. .......................................................... 13 Design processes that work.......................................................................................................... 13

Administrative domains: Scale to large organizations ......................................................................... 14 Repository partitioning ................................................................................................................ 14 Domains, visibility, and security ................................................................................................... 15 Roles ......................................................................................................................................... 15 Default ACLs: Coarse-grained security management ....................................................................... 16 Lifecycle process templates: Reuse and unified governance ............................................................. 16 Federation: Including air-gap environments.................................................................................... 17

Flexible customization: From model to WYSIWUG UI customization .................................................... 18 Extending basic abstractions and automations ............................................................................... 18 WYSIWYG customization ........................................................................................................... 18

Integrations: HP portfolio and third-party products .............................................................................. 20 HP uCMDB discovery: Repository bootstrap and ongoing discovery ................................................. 20 HP STM integration: Help development and QA to cooperate .......................................................... 21 Integrate with process modeling and development tools .................................................................. 21 UDDI integration and Governance Interoperability Framework ......................................................... 22 SAP integration .......................................................................................................................... 22

2

Executive summary Governance helps align IT with business needs and makes IT more productive. However, without the right tools, the adoption of new governance principles and processes will be low. There are many roadblocks and obstacles that can completely derail your governance initiative if not addressed properly. HP Systinet 4.0, the fourth generation of the HP governance platform, addresses these problems and delivers fully automated governance with unrivalled usability, flexible customization, and end-to-end visibility on the enterprise scale. It can motivate users in your organization to become supporters and integral parts of your governance initiative.

Systinet 4.0: Address governance pitfalls and roadblocks Typically, corporations across industries introduce governance programs because they want to increase effectiveness of their IT programs—align them with business, reduce cost, shorten time to market, and increase agility. They install several governance tools, but soon they discover limitations that may jeopardize the success of the whole governance initiative. The most serious problems are:

• Low usability: Poor usability, often overlooked, can become a major hindrance in the process of applying governance. If your governance tools put an extra burden on users, your governance repository—the central point of your governance ecosystem—can quickly turn into useless paperwork not reflecting the real state of your application portfolio.

• Lack of visibility: If you don’t know exactly what is in your portfolio and what the status of your projects and applications is, you will not be able to align your application portfolio with business needs. Your governance solution must give you answers to questions such as: What are the types of applications, processes and services being currently developed? What are the technologies they use and depend on? Which capabilities/areas of the business are automated by processes and services and which are not?

• Low support for collaboration: Nowadays, knowledge and expertise are spread among multiple teams and experts. This creates a demand for tools that will bolster knowledge sharing and cooperation across the enterprise. Insufficient support of collaboration results in lower agility and reuse, and as a result diminishes effectiveness. Systinet 4.0 ties social-networking features into governance tools to encourage stakeholder collaboration.

• Lack of automation: What you cannot automate, you cannot govern! A lot of our customers have learned that before they automated enforcement of best practices and policies, real compliance with corporate guidelines was only 40 percent.

• Inability to scale: Many governance projects and initiatives that work for a couple of departments fail when promoted to enterprise scale. One of the challenges is achieving the right balance between centrally driven governance and autonomy. If every single line of business can arbitrarily decide what rules and best practices to follow, you effectively have no governance. On the other hand, if your governance processes are fully controlled by a single central group, you may not be able to react to changes, and can lose business opportunities. A tool that forces you to choose one of these two extremes is undesirable.

• Poor customization: Typically, you need to go beyond built-in functionality of governance tools. Therefore, you should ask how difficult it is to adjust and customize them. Without sufficient flexibility, the effectiveness of the whole governance solution can be negatively influenced.

• Lack of openness and standards support: Using proprietary products puts you in danger of vendor lock-in. Despite the completeness of a product’s features, you need to integrate it with a broad range of other systems. Systinet 4.0 provides a vendor-neutral governance solution that, in addition to integrations with products from the HP Software portfolio, offers several standard integration points and support for a large number of specifications.

3

Systinet 4.0 tackles all of the above mentioned issues. The following sections describe more specifically the problems outlined above and how they are addressed by Systinet 4.0.

Visibility, collaboration, and authoring Governance enablers Systinet 4.0 offers advanced and complex features such as lifecycle management and administrative domains. However, basic features related to visibility, collaboration, and authoring, used by regular user day by day, have a key influence on the successful adoption of your governance program. Consider what will happen if your governance tools put an extra burden on your business experts, architects, and developers. What if regular users cannot focus on their everyday work and get lost in the tool’s tedious user interface (UI)? Your governance repository, the central point of your governance ecosystem, could quickly lead to useless busy work, the results of which will not reflect the real state of your application portfolio.

To avoid this, we focus on the usability and efficiency of basic governance enablers. We introduce tools that users can use because they help them to complete their everyday work and not because they are forced to do so. We use modern Web 2.0 technologies to implement a visually appealing and simple interface that allows users to perform routine tasks easily and quickly, and at the same time accomplish even complex assignments.

Role-based user interface The Systinet 4.0 UI is role based. What the UI looks like and which functionality is available depends on each user’s functions. Out of the box, we provide UI for following roles:

• Business partner • Business analyst • Provider • Administrator

A completely different UI is available for power users and administrators. This helps to improve the users’ experience because when they work in the UI, they can see only controls that make sense for their role.

Moreover, if the predefined roles do not suit your needs, you can simply customize them or introduce completely new ones. This can be done using a new WYSIWYG customization tool that makes it easy to tailor the UI exactly to your needs—without any coding! More details about customizations can be found in Flexible customization: From model to WYSIWUG UI customization.

4

Figure 1: Role-based user interface

5

Improved catalog navigation We’ve made it simple for users to organize and search for artifacts. They can:

• Use multiple pre-defined categorization systems • Tag artifacts with key words and use tag-clouds to locate artifacts • Browse and filter artifacts by their type and properties • Compose complex searches and re-use stored searches

Figure 2: Easy navigation using Multiple Categorizations or Keyword Clouds

So, for example, managers can easily find out what is in the portfolio, what are the types of applications, processes, and services being currently developed, what technologies they use and depend on, and which capabilities or areas of the business are automated by processes and services and which are not.

Simplify UI layout with tabs Systinet 4.0 provides a new layout for artifact detail pages such as the application detail page. The detail pages are split into multiple sub-pages called tabs, which show only data and actions related to a particular area. Users can quickly find relevant information without scrolling long pages, and actions relevant to the area are collocated with the data.

Predefined tabs include:

• Overview, with basics like who provides the services, what process and services the artifact contains, and most recent events

• Lifecycle status, including history • Discussion, where comments can be added and reviewed

6

Figure 3: UI layout with tabs

Repository access for developers: IDEs, WebDAV, and ATOM Apart from a powerful Web user interface (WUI), Systinet 4.0 offers alternative means to access the repository. Developers, architects, and analysts can interact with the repository directly from their IDE tools. There are plug-ins for Eclipse-based tools and other popular environments:

• Eclipse IDE • Microsoft® Visual Studio • TIBCO Business Studio • ARIS • SAP NetWeaver Developer Studio

So, directly from their favorite tools, users can access the governed information in the repository, validate their artifacts with centrally managed corporate policies, and load and update assets in the repository. For details, see Integrating with process modeling and development tools.

The repository also exposes a standard RESTful interface that supports Atom Syndication Format and Atom Publishing Protocol standards. This API integrates with third-party products and allows users to watch repository content directly from any RSS reader such as a browser or even Microsoft Outlook. If managers need to monitor changes happening on a particular set of applications—for example, those used in a particular project or implementing particular technologies—they can add the ATOM feed provided by the repository directly to Outlook or to their favorite Web browser.

Lastly, resources stored in the repository can be accessed via Web-based Distributed Authoring and Versioning (WebDAV). This makes it possible to work with the repository as you would with a local file system by mounting the repository as a Web folder in Microsoft Windows®.

7

Visualization: Graphical navigator New technologies, development paradigms, and sourcing models help IT to quickly react to business needs. However, one of the results is the fact that the complexity of IT systems is growing. To preserve high efficiency and agility, it is necessary to use tools that help IT understand these systems in order to maintain and fine-tune them.

The graphical navigator provides an alternative role-based view of the repository. Instead of focusing on the details of single artifacts, it helps users understand the structure, dependencies, and architecture of applications, services, and processes modeled in the governance repository. As its name suggests, it is not only an alternative view, but also a navigator that enables users to explore, browse, and traverse repository content graphically.

Figure 4: Graphical navigator

8

The navigator offers a number of different ways to view catalog data, enabling users to visualize data in the way that best suits their needs.

Concentric radial

The default graph layout places the current artifact in the center of the graph and the related artifacts radiate outwards in all directions. This layout enables you to explore the immediate neighborhood of an artifact.

Hierarchical layout

This layout organizes the graph into a vertical artifact hierarchy according to the artifact relationships and any defined artifact aggregation structures.

Layered layouts

Layered layouts organize the hierarchy of artifacts into identified layers, enabling you to focus on important abstractions and analyze dependencies between layers.

9

Analytics, reporting, and power search Systinet 4.0 provides various tools that help analyze, measure, and report on the content of the repository. The reports can be divided into four categories: overview reports, artifact reports, policy reports, and custom reports.

Overview reports

Overview reports summarize activity in key areas like lifecycle and contract management.

Artifact reports

Artifact reports are tabular reports that can be used to present results to complex queries such as “show me processes with JMS implementations deployed in staging environment.”

Policy reports

Policy reports show compliance of artifacts against policies—automated checks of corporate guidelines and best practices.

Systinet 4.0 also provides integration with BIRT open-source reporting framework, and users can add new reports developed with BIRT. These reports can even combine multiple data sources. For example, it is possible to mix data from the repository with data from an external database.

10

Collaboration Today, applications and services are not developed or maintained by a single individual or even a single team. The knowledge and expertise are spread among multiple teams and experts. Through the lifecycle, many teams work together on the same application. This creates a need for tools that can bolster knowledge sharing and cooperation across the enterprise.

In current environments where agility is essential and reuse is a must, users need to be able to answer questions like: Can I reuse a process/service? Can I trust it? Beyond what is claimed, what is the experience of other users? Who else is using it? What are other applications/services I am using from that provider? What is the history of SLA fulfillment?

In Systinet 4.0, users can share the experience they have with applications by rating and commenting on them. So when users look for applications, they can focus on applications with good ratings and reviews. Users can comment on quality of the service, performance, security. They can share their knowledge, ask for help, or point out problems.

Users can also effectively communicate by using notifications. A manager can notify maintainers of an application when the delivery date changes, and providers can notify consumers about a planned shutdown. Finally, thanks to events maintained and organized by the system, users can track most recent activity in the repository and promptly react to actions performed by other users. For instance, a developer can quickly review a design document attached to the application by an architect.

Authoring Authoring is the process of adding data and metadata to the repository, where it is governed. The Web UI and its collaboration and governance features lead users through the authoring processes. From the initial phases in the lifecycle users are acquainted with information about what data is required and what related information should be added. For example, business analysts are advised to add business requirements when creating definitions of new applications. Policies and tasks provide additional guidance on next actions.

Systinet 4.0 also allows bulk upload and update of repository content, which makes management of non-trivial information sets effective. The repository intelligently analyzes manipulated data and automatically creates or updates related artifacts. For example, when a user uploads a BPEL file to the repository, its content is processed and the business process described in the file is created in the repository, together with its implementation and references to the Web services orchestrated by the process. This makes it simple to work with technical assets described by standards like BPEL, XPDL, SCA, WSDL, XSD, XSLT, and DTD.

Of course, it is possible to develop custom extensions that add support for additional document formats. The repository can also be populated via integrations with other information sources such as the HP Universal CMDB software (for detail, see HP uCMDB discovery: Repository bootstrap and ongoing discovery).

Although the authoring process is simple from the user’s perspective, the repository performs a lot of complex tasks automatically to support advanced functionality like lifecycle governance and versioning.

The repository not only stores the current state of the artifacts, but also keeps track of complete revision histories of artifacts. At any time, it is possible to review the last change to an artifact, who performed it, and when. If needed, changes can be reverted and a previous state of an artifact restored. This forms a base for versioning—the ability to evolve applications in a controlled way.

Systinet 4.0 includes extended support for versioning. This support includes features such as automatic version resolution during file uploading and easy version creation based on selected versioning strategies. Moreover, Systinet 4.0 comes with versioning best practices and built-in versioning strategies. So it is possible to resolve one of the most difficult challenges of governance: definition, execution, and enforcement of versioning strategies.

11

Lifecycle management made simple Lifecycle management is the cornerstone of any governance solution, but it is not an easy goal to accomplish. Different organizations have different governance needs. They require different levels of detail and abstraction, depending on their business policies.

Systinet 4.0 addresses this through a generic extensible lifecycle framework that automates enforcement of enterprise governance rules and by presenting lifecycle management to users in an easy and understandable way.

Artifacts managed in the repository can evolve in various ways depending on their type and properties. Systinet 4.0 allows users to describe their evolution in the form of lifecycle processes. Users can define different lifecycle processes for different groups of artifacts. Processes define rules and policies specific to particular artifact type (application, process, service) and lifecycle stage.

Graphical Process Designer With the new Systinet 4.0 Graphical Process Designer, administrators can easily define and manage lifecycle processes. Systinet employs a few simple abstractions that make it possible to view lifecycle processes as simple, oriented graphs. The process (or workflow) is defined by a set of stages and transitions between them. For each stage, sets of approvers, tasks, policies, and automatic actions can be defined.

New processes can be created almost in minutes, and users can immediately see how the process takes shape.

Figure 5: Graphical Process Designer

12

Lifecycle management UI Systinet uses the same UI approach for regular users. They need to be able to quickly find answer to questions like: • What is the current lifecycle status of an application? • What are the next tasks and policies that the application must fulfill in order to be promoted from

development to testing stage? • How did we get to the current state? • Who worked on the application in the previous stage? • Who initiated the approval? • Which path in the process should we follow in the future if we need to get the application to

production as fast as possible?

An intuitive GUI allows users to review and control the lifecycle of governed artifacts. For example, in the lifecycle tab of an applications’ detail page, users see a visual representation of the lifecycle process, with all the important events that happened in the past, the current status, and possible future process paths.

Figure 6: Lifecycle management UI

13

Automation: What you cannot automate, you cannot govern. Most of the features of our lifecycle framework focus on automation because we believe that the statement “what you cannot automate, you cannot govern” is absolutely correct. For many of our customers, compliance with corporate guidelines was around 40 percent before they automated enforcement of best practices and policies.

Systinet 4.0 can automate enforcement of rules and guidelines by using policies and automatic actions, and users benefit from predefined policies by simply referencing them from lifecycle process definitions. For example, you can easily configure a lifecycle process so that applications must have attached business requirements before closing the initial lifecycle stage, or so that service interfaces must be specified by WS-I compliant WSDL files.

In addition, you can create custom policies that will enforce your corporation-specific rules. The policies comply with WS-Policy standard, and various technologies can be used as their implementation: XPath (to implement simple checks on XML documents), XQuery, and Java.

Automatic actions can be used to automate execution of routine tasks and are a great tool for implementing best practices. For example, if you would like to encourage usage of the most recent versions of your applications, you can just plug in the built-in automatic notification to your lifecycle processes and configure it so that consumers of previous versions of an application are notified when the new version reaches production.

Design processes that work Another important feature of the lifecycle process is the ability to support quick advancement of governed artifacts though the process. Lifecycle process designers can configure processes so that automatic transition to the next stage is initiated when certain conditions are met. Passive approval can be configured to happen when approvers do not provide review within a specified interval. The process designer can also define addressed tasks that can guide users through the processes. As artifacts move through the lifecycle, tasks are assigned to the right users (users in a specific role), and due dates are set and whether the right deliverables were produced by the task is automatically validated.

Lastly, the lifecycle framework is well integrated with administrative domains (for details, see Administrative domains: Scale to large organizations) and allows administrators to define lifecycle process templates that help to manage lifecycles efficiently on the large scale—encouraging reuse and unified governance across the enterprise.

14

Administrative domains: Scale to large organizations Large enterprises soon realize that the size of the corporation matters when building and maintaining a governance repository. Many projects and initiatives that used to work for a couple of departments failed when promoted to enterprise scale.

One of the problems is getting the right balance between centrally driven governance and autonomy. For large organizations, it is extremely hard to decide what is prescribed centrally and what can be decided and driven autonomously by individual departments. For example, when the governance is centralized and all the policies, lifecycle processes, responsibilities, and other key governance attributes are defined by a single group, it will lead to insufficient flexibility. What will happen if a lifecycle process needs to be updated because of a new business opportunity? Before the central board can approve and process the change request, it may be too late, and the competitive advantage completely lost.

On the other hand, if every single line of business can arbitrarily decide on what the rules and best practices to follow, it will lead to the state of no governance. It will be completely impossible to define strategies or integrate products into product suites.

For this purpose, Systinet 4.0 uses the concept of administrative domains.

Repository partitioning Administrative domains allow users to partition the governance repository into domains. This partitioning can reflect organizational structure, security needs, or geographical segmentation.

Domains represent autonomous working areas and execution context that can be administered independently—of course only within the boundaries of the parent domain. In the top-level domain, users can specify the governance framing for the whole repository: lifecycle processes, role definitions, integrations, and more. This makes it possible to prescribe governance patterns such as process templates for all domains.

On the other hand, management and administration of applications, processes, and services, as well as management of users and their assigned roles, can be done independently by the domain administrators in each domain.

Figure 7: Repository partitioning

Repository

OperationsTransportation & logisticsResearch & development

15

Domains, visibility, and security The domain concept influences almost every functionality of the repository. For example, search and browse capabilities allow users to narrow search scope to particular domains. Users typically know which domains the applications they need to locate belong to, so that they can limit scope of their searches to particular domains.

Domains can also be used to control visibility of artifacts. Users can create private domains whose services will be visible only to designated users. Moreover, the control of the visibility can be automated and governed by the lifecycle process. So it is easy to specify that artifacts not be discoverable from other domains unless they reach a certain lifecycle stage such as staging or production.

Roles Without a doubt, the functionality most influenced by domains is the security model. It is based on the concept of roles, default ACLs, and lifecycle process templates.

Roles provide a level of indirection between users, LDAP groups, and others, and access rights or product functionality. Roles can be used to control access to artifacts.

For example, instead of granting access to a service to particular users, administrators can define a role for architects that will have read and write access. Instead of directly manipulating access rights on services, the access can be controlled by assigning users to the role of architect.

So Ann, for example, can be assigned a role in the finance domain. If Ann leaves the department and George, a new architect, comes on board, all the administrator needs to do is to assign George the role of architect. This means that George will have access to the services in his department without the necessity to manipulate access rights on services.

Roles are also used to define the user interface (UI). Administrators can specify which parts of the application’s UI (tabs) are available for different roles. Roles also influence the UI indirectly. Any functionality in the product requires certain privileges, which are based on roles. So depending on the roles assigned to users, some controls may not be rendered in the UI. This contributes to simplicity of the UI. Only functionality required and permitted by user roles is accessible in UI.

Partner Architect

16

Default ACLs: Coarse-grained security management Another great tool that helps effectively manage security is default ACLs. They allow users to set default security for groups of artifacts. Administrators have great flexibility in defining the groups because the can define a specific security for business processes in a card line of business with high failure impact.

Lifecycle process templates: Reuse and unified governance Finally, lifecycle process templates are the concept that makes it possible to automate governance of enterprise-wide rules and best practices while preserving flexibility and agility on the domain level.

Thanks to the ability to use roles in lifecycle process templates to define approvers, responsibilities, and ownership, a single process definition can be used across multiple domains. When the process is used in a particular domain, assignment of users to roles in that domain will determine approvers and responsibilities.

Figure 8: Role assignment in domains

17

Federation: Including air-gap environments Whether because of regulations such as ISO 17799-based Separation of Environments and Duties, organizational factors, or political reasons, it may be necessary to deploy multiple physically separated repositories instead of a single centrally managed repository. In such environments, the synchronization and maintenance of data can turn into a nightmare if the repository does not address these problems directly.

Systinet 4.0 introduces new features that help federate physically separated repositories in a controlled fashion. First, it allows users to control which data will be federated. They can select a domain, project, or even particular applications that will be subject to migration between repositories. Second, they can control whether lifecycle metadata, security, or settings will be migrated along with the data or adopted from the target repository. Finally, they can select from various supported topologies such as department repositories federated in a central enterprise repository or air-gap situations in which there is no direct connectivity between the repositories.

Staging repository Production repository

Air

-Gap

Data

Research & development repository

Transportation & logistics repository

Operations

Enterprise repository

18

Flexible customization: From model to WYSIWUG UI customization Systinet 4.0 is delivered with rich predefined content—model, categorizations, lifecycle processes, security settings, policies, sample projects, and applications. However, it would be naïve to assume that the default model, policies, and other settings will exactly match the requirements and expectation of all customers across industries. That’s why, Systinet 4.0 provides a range of tools that allow simple customization of the product.

Extending basic abstractions and automations The basic functionality of the repository can be extended by customizing:

• Data model: We provide tools that allow easy customization of the built-in model (containing more than 60 entities and almost 300 relationships). Customers requiring support for new abstractions or addition of a few properties or relationships can extend the repository model easily.

• Categories: Categorization systems play an important role in organizing the repository content. There are many industry-specific classifications that can be added to the repository, and built-in classifications can be extended with new custom categories.

• Policies, assertions, and automatic action: Validation of corporate policies and guidelines can be automated by adding custom policies, assertions, and automatic actions to the repository. Thanks to a sophisticated policy framework, it is possible to validate even external resources that are not stored in the repository. This pattern is used in integration with HP Service Test Management (STM). This makes it possible, for example, to automatically enforce a policy specifying that before promoting services to production, all critical defects must be fixed.

• Lifecycle processes and security: As described in Lifecycle management made simple and Administrative domains: Scale to large organizations, administrators have powerful tools to configure the security model and lifecycle processes.

WYSIWYG customization The repository can be easily customized to support additional features. In addition, we allow administrators to work directly in the WUI to define how the UI will be structured for different roles, and also which of the new functions will be available.

The following examples demonstrate common UI customizations:

• UI tabs: Configuration of UI tabs allows you to control which functional areas, such as reports or administrative functions, of the application a particular role can see.

Figure 9: UI tabs

19

• Catalog and its content: For the catalog, it is possible to define which artifact types, such as policies and operations, should be available for a particular role, what browse and detail pages should look like, and what the key properties for different types are. For example, for applications, you can specify which categorization systems make sense for different roles.

• Reports: Working directly in the UI, you can create reports for custom entities or new custom reports

such as a report to show the relationships between BPEL processes with high failure impact, their providers, and the services they orchestrate.

The customization process is very straight forward. Administrators proceed through the UI the same way users do when using the functionality, but they are in a special customization mode that allows them to modify UI controls. Systinet 4.0 provides full control over visibility of UI customizations. Before changes are released, they are not visible to other users. It is possible to revoke unwanted changes, and users can export and import already-defined customization packages.

20

Integrations: HP portfolio and third-party products Systinet 4.0 integrates with other HP software products and provides standard interfaces and integration with third-party products in order to deliver a complete governance solution across the whole lifecycle, regardless of used technologies and frameworks. With Systinet 4.0, you get a vendor-agnostic enterprise-grade governance solution.

HP uCMDB discovery: Repository bootstrap and ongoing discovery Systinet 4.0 can be integrated with HP Universal Configuration Management Database (uCMDB) or HP Business Availability Center (BAC), which includes the uCMDB. This integration allows to bootstrap Systinet 4.0 repository with metadata already maintained in uCMDB. This can significantly speed up the governance initiatives in companies that have already invested in uCMDB.

No additional resources are required to reregister information about production systems into the governance repository. The metadata is migrated automatically and without errors. Moreover, it is possible to set up regular, ongoing synchronization between the repository and uCMDB to provide that there is no discrepancies between the desired and real state of IT.

The HP software portfolio also includes HP Discovery and Dependency Mapping Inventory, which automatically populates uCMDB with information about installed and used hardware and software. This means that, thanks to the integration with uCMDB, Systinet 4.0 repository generally contains up-to-date and accurate information about your IT portfolio.

Figure 10: Integration with HP BAC/uCMDB

21

HP STM integration: Help development and QA to cooperate Without any doubt, there are two groups that need to strongly cooperate during the development of any type of applications: development and QA. Systinet 4.0 provides a tight integration with STM that incorporates information about requirements, their coverage, tests, and their results and defects directly into the Systinet 4.0 UI. Moreover, built-in STM policies make it possible to automate governance of QA processes along the lifecycle and control information exchange between QA and development groups. This makes it easy to enable that: • Test requirements are specified in early stages of development • QA engineers are notified about lifecycle transitions • Services will not be promoted without QA manager’s approval • All major defects will be resolved before deployment to production

Figure 11: Integration with HP STM

Integrate with process modeling and development tools During analytical and design lifecycle stages, analysts, architects, and developers need to supply technical details about applications and their architecture into the governance repository. Typically, they use specific tools such as IDEs to design business processes, service interfaces, and so forth. Systinet 4.0 allows them to interact with the repository without leaving the environment in which they are most productive.

For example, when business analysts and solution architects design business processes in TIBCO Business Studio, at any time, they can upload their definitions (XPDL, BPEL, WSDL, and XSD files) to the Systinet 4.0 repository. When they need to search the repository for services or processes that will be reused in the new solution, they can use the Search plug-in to query the repository and review results directly in their IDE. The plug-ins are available also for Microsoft Visual Studio, where architects and developers can also review and update application interfaces directly.

Similarly, Systinet 4.0 has plug-ins for the ARIS Platform. So process managers and IT development planners can populate ARIS models with assets from Systinet 4.0, and upload services and processes back to Systinet 4.0 directly in ARIS.

22

UDDI integration and Governance Interoperability Framework Systinet 4.0 provides strong integration with HP SOA Registry Foundation, a leading business service registry with full support for version 3 of the Universal Description, Discovery, and Integration (UDDI) standard. Via SOA Registry Foundation, users can access and update Systinet 4.0 repository content by using the UDDI standard. Although the UDDI standard focuses mainly on services, its model is flexible and allows users to model virtually anything (for example, NASA used the registry to model earth science metadata).

HP collects common extensions to UDDI and standardizes them as Governance Interoperability Framework (GIF) specification. The specification is followed by more than 18 organizations as members of the GIF program. It supports information exchange related to service management, policies (constraints, configuration, and capabilities), dependency relationships, consumers and providers, property information, and management metrics.

SAP integration Although SAP itself provides various governance tools, it is definitely not an easy task to govern complex SAP landscapes. It is even more difficult if there are multiple SAP ecosystems or landscapes using different platforms like TIBCO that need to be integrated together. Systinet 4.0 provides a simple solution for governing both SAP and non-SAP systems.

The integration uses UDDI registry integration and Eclipse tools for SAP NetWeaver Developer studio. It enables that non-SAP users (analysts, architect, and managers) have complete visibility of SAP enterprise services and can control their lifecycles and reuse them in new solutions. At the same time, SAP users gain a holistic view into the whole enterprise, including non-SAP systems, and easy access to governance tools without leaving their SAP environment.

Figure 12: Integration with SAP

Deliver automated IT governance with enhanced usability, visibility, and collaboration. For more information, visit: www.hp.com/go/soa and www.hp.com/go/swcommunity.

© Copyright 2011 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.

Java is a registered trademark of Oracle and/or its affiliates. Microsoft and Windows are U.S. registered trademarks of Microsoft Corporation.

4AA3-3908ENW, Created May 2011

http://www.hp.com/go/soa�http://www.hp.com/go/swcommunity�http://www.hp.com/go/getconnected�

Executive summarySystinet 4.0: Address governance pitfalls and roadblocksVisibility, collaboration, and authoringGovernance enablersRole-based user interfaceImproved catalog navigationSimplify UI layout with tabsRepository access for developers: IDEs, WebDAV, and ATOMVisualization: Graphical navigatorAnalytics, reporting, and power searchCollaborationAuthoring

Lifecycle management made simpleGraphical Process DesignerLifecycle management UIAutomation: What you cannot automate, you cannot govern.Design processes that work

Administrative domains: Scale to large organizationsRepository partitioningDomains, visibility, and securityRolesDefault ACLs: Coarse-grained security managementLifecycle process templates: Reuse and unified governanceFederation: Including air-gap environments

Flexible customization: From model to WYSIWUG UI customizationExtending basic abstractions and automationsWYSIWYG customization

Integrations: HP portfolio and third-party productsHP uCMDB discovery: Repository bootstrap and ongoing discoveryHP STM integration: Help development and QA to cooperateIntegrate with process modeling and development toolsUDDI integration and Governance Interoperability FrameworkSAP integration

/ColorConversionStrategy /sRGB /ColorImageAutoFilterStrategy /JPEG /ColorImageDepth -1 /ColorImageDict > /ColorImageDownsampleThreshold 1.50000 /ColorImageDownsampleType /Bicubic /ColorImageFilter /DCTEncode /ColorImageMinDownsampleDepth 1 /ColorImageMinResolution 100 /ColorImageMinResolutionPolicy /OK /ColorImageResolution 150 /ColorSettingsFile () /CompatibilityLevel 1.5 /CompressObjects /Tags /CompressPages true /ConvertImagesToIndexed true /CreateJDFFile false /CreateJobTicket false /CropColorImages false /CropGrayImages false /CropMonoImages false /DSCReportingLevel 0 /DefaultRenderingIntent /Default /Description > /DetectBlends true /DetectCurves 0.10000 /DoThumbnails false /DownsampleColorImages true /DownsampleGrayImages true /DownsampleMonoImages true /EmbedAllFonts true /EmbedJobOptions true /EmbedOpenType false /EmitDSCWarnings false /EncodeColorImages true /EncodeGrayImages true /EncodeMonoImages true /EndPage -1 /GrayACSImageDict > /GrayImageAutoFilterStrategy /JPEG /GrayImageDepth -1 /GrayImageDict > /GrayImageDownsampleThreshold 1.50000 /GrayImageDownsampleType /Bicubic /GrayImageFilter /DCTEncode /GrayImageMinDownsampleDepth 2 /GrayImageMinResolution 150 /GrayImageMinResolutionPolicy /OK /GrayImageResolution 150 /ImageMemory 1048576 /JPEG2000ColorACSImageDict > /JPEG2000ColorImageDict > /JPEG2000GrayACSImageDict > /JPEG2000GrayImageDict > /LockDistillerParams false /MaxSubsetPct 100 /MonoImageDepth -1 /MonoImageDict > /MonoImageDownsampleThreshold 1.50000 /MonoImageDownsampleType /Bicubic /MonoImageFilter /CCITTFaxEncode /MonoImageMinResolution 300 /MonoImageMinResolutionPolicy /OK /MonoImageResolution 300 /Namespace [ (Adobe) (Common) (1.0) ] /NeverEmbed [ true ] /OPM 1 /Optimize true /OtherNamespaces [ > /FormElements false /GenerateStructure false /IncludeBookmarks true /IncludeHyperlinks true /IncludeInteractive true /IncludeLayers false /IncludeProfiles true /MarksOffset 6 /MarksWeight 0.25000 /MultimediaHandling /LinkAll /Namespace [ (Adobe) (CreativeSuite) (2.0) ] /PDFXOutputIntentProfileSelector /NA /PageMarksFile /RomanDefault /PreserveEditing false /UntaggedCMYKHandling /UseDocumentProfile /UntaggedRGBHandling /UseDocumentProfile /UseDocumentBleed false >> > ] /PDFX1aCheck false /PDFX3Check false /PDFXBleedBoxToTrimBoxOffset [ 0 0 0 0 ] /PDFXCompliantPDFOnly false /PDFXNoTrimBoxError true /PDFXOutputCondition () /PDFXOutputConditionIdentifier () /PDFXOutputIntentProfile () /PDFXRegistryName () /PDFXSetBleedBoxToMediaBox true /PDFXTrapped /False /PDFXTrimBoxToMediaBoxOffset [ 0 0 0 0 ] /ParseDSCComments true /ParseDSCCommentsForDocInfo false /ParseICCProfilesInComments true /PassThroughJPEGImages false /PreserveCopyPage true /PreserveDICMYKValues true /PreserveEPSInfo false /PreserveFlatness false /PreserveHalftoneInfo false /PreserveOPIComments false /PreserveOverprintSettings true /StartPage 1 /SubsetFonts true /TransferFunctionInfo /Apply /UCRandBGInfo /Remove /UsePrologue false /sRGBProfile (sRGB IEC61966-2.1)>> setdistillerparams> setpagedevice