Sentinet for Windows Azure SENTINET



Similar documents
Sentinet for BizTalk Server SENTINET 3.1

Sentinet for BizTalk Server SENTINET

Cloud Deployment Models

Contents. Overview 1 SENTINET

Developing Windows Azure and Web Services

WHITEPAPER SECURITY APPROACHES AND SECURITY TECHNOLOGIES IN INTEGRATION CLOUD

MS 20487A Developing Windows Azure and Web Services

This module provides an overview of service and cloud technologies using the Microsoft.NET Framework and the Windows Azure cloud.

Outlook. Corporate Research and Technologies, Munich, Germany. 20 th May 2010

Course 10978A Introduction to Azure for Developers

MS 10978A Introduction to Azure for Developers

Security Issues in Cloud Computing

Developing Microsoft Azure Solutions

Developing Microsoft Azure Solutions 20532A; 5 days

MOC DEVELOPING WINDOWS AZURE AND WEB SERVICES

10978A: Introduction to Azure for Developers

Microsoft Introduction to Azure for Developers

Customer Cloud Architecture for Mobile

Developing Windows Azure and Web Services

An Oracle White Paper October Maximize the Benefits of Oracle SOA Suite 11g with Oracle Service Bus

SharePoint 2013 Business Connectivity Services Hybrid Overview

Introduction to Azure for Developers

Course 20532B: Developing Microsoft Azure Solutions

8/9/2012 Microsoft Corporation StockTrader 5 Technical Documentation Page 1

Windows Azure platform What is in it for you? Dominick Baier Christian Weyer

CLOUD COMPUTING & WINDOWS AZURE

Assignment # 1 (Cloud Computing Security)

Security Best Practices for Microsoft Azure Applications

Oracle Reference Architecture and Oracle Cloud

White Paper How Noah Mobile uses Microsoft Azure Core Services

NCSU SSO. Case Study

Introduction to Mobile Access Gateway Installation

Developing Microsoft Azure Solutions 20532B; 5 Days, Instructor-led

The Top 5 Federated Single Sign-On Scenarios

Microsoft SharePoint Architectural Models

Service Virtualization: Managing Change in a Service-Oriented Architecture

Web Application Hosting Cloud Architecture

Data Sheet Netrounds Control Center

An Enterprise Architect s Guide to API Integration for ESB and SOA

How To Build A Financial Messaging And Enterprise Service Bus (Esb)

Creating a Strong Security Infrastructure for Exposing JBoss Services

ENZO UNIFIED SOLVES THE CHALLENGES OF OUT-OF-BAND SQL SERVER PROCESSING

CloudCenter Full Lifecycle Management. An application-defined approach to deploying and managing applications in any datacenter or cloud environment

API Architecture. for the Data Interoperability at OSU initiative

New Features in Neuron ESB 2.6

Azure Scalability Prescriptive Architecture using the Enzo Multitenant Framework

WHITE PAPER. Migrating an existing on-premise application to Windows Azure Cloud

Implementing Microsoft Azure Infrastructure Solutions

How To Compare The Cost Of A Microsoft Private Cloud To A Vcloud With Vsphere And Vspheon

Data Security and Governance with Enterprise Enabler

IT Exam Training online / Bootcamp

Microsoft Azure Cloud on your terms. Start your cloud journey.

AquaLogic Service Bus

Course 20533: Implementing Microsoft Azure Infrastructure Solutions

API Management: Powered by SOA Software Dedicated Cloud

SERVICE ORIENTED ARCHITECTURE

REMOTE ASSISTANCE SOLUTIONS Private Server

Microsoft Cloud Services and Dynamics CRM Online

Vortex White Paper. Simplifying Real-time Information Integration in Industrial Internet of Things (IIoT) Control Systems

Part 2: The Neuron ESB

HexaCorp. White Paper. SOA with.net. Ser vice O rient ed Ar c hit ecture

Alfresco Enterprise on AWS: Reference Architecture

Bridging the Gap between On-Premise BizTalk ESB and Windows Azure platform AppFabric

Cloud Computing: What IT Professionals Need to Know

PRIVACY, SECURITY AND THE VOLLY SERVICE

day 1 2 Windows Azure Platform Overview... 2 Windows Azure Compute... 3 Windows Azure Storage... 3 day 2 5

PI Cloud Connect Overview

CoIP (Cloud over IP): The Future of Hybrid Networking

OpenText Secure MFT Network and Firewall Requirements

Vblock Systems hybrid-cloud with Cisco Intercloud Fabric

SharePoint 2013 on Windows Azure Infrastructure David Aiken & Dan Wesley Version 1.0

VMware vrealize Automation

Windows HPC Server 2008 R2 Service Pack 3 (V3 SP3)

Identity & Access Management in the Cloud: Fewer passwords, more productivity

SERENA SOFTWARE Authors: Bill Weingarz, Pete Dohner, Kartik Raghavan, Amitav Chakravartty

NEXT-GENERATION, CLOUD-BASED SERVER MONITORING AND SYSTEMS MANAGEMENT

The Essential Security Checklist. for Enterprise Endpoint Backup

The bridge to delivering digital applications across cloud, mobile and partner channels

Making a Smooth Transition to a Hybrid Cloud with Microsoft Cloud OS

The increasing popularity of mobile devices is rapidly changing how and where we

Creative Shorts: Twelve lifecycle management principles for world-class cloud development

White Paper. Cloud Native Advantage: Multi-Tenant, Shared Container PaaS. Version 1.1 (June 19, 2012)

Extend and Enhance AD FS

PI Cloud Connect. Frequently Asked Questions

WHITEPAPER. 13 Questions You Must Ask When Integrating Office 365 With Active Directory

Implementing Microsoft Azure Infrastructure Solutions 20533B; 5 Days, Instructor-led

Managing trust relationships with multiple business identity providers (basics) 55091A; 3 Days

RED HAT CLOUDFORMS ENTERPRISE- GRADE MANAGEMENT FOR AMAZON WEB SERVICES

Cisco Intercloud Fabric for Business

Course 20533B: Implementing Microsoft Azure Infrastructure Solutions

Taking control of the virtual image lifecycle process

A Step-by-Step Guide to Defining Your Cloud Services Catalog

Datacenter Management and Virtualization. Microsoft Corporation

Transcription:

Sentinet for Windows Azure SENTINET

Sentinet for Windows Azure 1 Contents Introduction... 2 Customer Benefits... 2 Deployment Topologies... 3 Isolated Deployment Model... 3 Collocated Deployment Model... 5 Hybrid Deployment Model... 5 Integration with Windows Azure Access Control Service... 6 Integration with Windows Azure Asynchronous Messaging... 10

Sentinet for Windows Azure 2 Introduction Microsoft Windows Azure is an open and flexible cloud platform that enables organizations to quickly build, deploy and manage applications across a global network of Microsoft-managed datacenters. Nevatech Sentinet platform, a comprehensive SOA Management Infrastructure and services virtualization middleware software solution, helps organizations to govern and manage their SOA and API cloud-based solutions during their entire life-cycle. Sentinet is a unique SOA and API Management Infrastructure because it provides a unified approach for governing and managing organizations APIs for on-premises, cloud and hybrid environments. Sentinet provides particular benefits, native integration, deployment options and extensibility features, for the Microsoft Windows Azure cloud platform. Sentinet is certified with Powered by Windows Azure, Certified for Windows Server 2012 and Works for Windows 2008 R2 Server. All enterprise service applications face the same common infrastructural challenges services availability and accessibility, discovery, description, security, monitoring, auditing, service agreements and service level objectives management, alerting, and many others. These common infrastructural challenges are particularly important for organizations that deploy their APIs in the cloud where organizations might have limited control over operational environments compared with on-premises deployments. Common infrastructural challenges are typically not part of an organization s core business and can be addressed by middleware infrastructure products. These products will save time and resources, and provide organizations with the confidence of their APIs accessibility, security, visibility and control. Development teams are enabled with faster time-to-market delivery of their cloudbased solutions, while operations teams are equipped with tools and procedures to manage and maintain cloud-based production systems in a consistent and predictable environment. Sentinet is particularly beneficial for cloud-based services and applications that can be easily placed under comprehensive management using Sentinet non-invasive services virtualization capabilities. Customer Benefits Sentinet provides array of benefits and management capabilities to customers cloud SOA services and APIs. These are the same benefits that are described in the Sentinet Overview whitepaper with the additional benefits that are specific to the cloud environments in general, and to the Windows Azure cloud platform specifically, such as: Integration with Windows Azure security infrastructure and technology stacks. Integration with Windows Azure-specific communication transports and protocols. Mediation between interoperable and Windows Azure-specific protocols and security models. APIs and services enablement with Windows Azure communication protocols and security models. Native integration with and extensibility of the Windows Azure Access Control Service capabilities.

Sentinet for Windows Azure 3 Native integration with, and extensibility of, the Windows Azure Service Bus relaying capabilities. Native integration with, and extensibility of, the Windows Azure Service Bus Queues, Topics, Subscriptions and asynchronous messaging capabilities. Native Windows Azure deployment models and topologies. Native packaging option for Sentinet management infrastructure components with customer s SOA services and APIs. Deployment Topologies Sentinet natively supports all Windows Azure deployment topologies and execution models. Sentinet s distributed architecture allows any, or all of its components to be deployed in the cloud, on-premises, or to be spread through multiple diverse network environments. At the same time, customers APIs and services managed by the Sentinet Nodes can also be located all in the cloud or spread through cloud and private networks. In general, Sentinet deployment topologies can be categorized by the Sentinet Nodes locations relative to managed cloud or on-premises services. These topologies are described as Isolated, Collocated and Hybrid deployment models. Isolated Deployment Model In this deployment model, Sentinet software infrastructure is hosted as native Windows Azure applications, isolated (from deployment perspective) from the customer s business services and applications. Windows Azure Windows Azure Virtual Machine Windows Azure Virtual Machine Cusomer Services Windows Azure Loadbalancer Sentinet Node Windows Azure Loadbalancer Business Services and APIs Sentinet Nodes Elastic Instances Business Services Elastic Instances Sentinet Nodes can be deployed as native Windows Azure Cloud Services Web Roles or Virtual Machines, http://www.windowsazure.com/en-us/develop/net/fundamentals/intro-to-windowsazure/#models. Sentinet Management Services application can also be deployed in the Windows Azure cloud along with the Sentinet Repository SQL Database, so that the entire business solution and its management infrastructure are cloud-based.

Sentinet for Windows Azure 4 Another deployment option is when Sentinet Management Services application and Sentinet Repository SQL Database are deployed inside the corporate network while Sentinet Nodes and business services remain cloud-based.

Sentinet for Windows Azure 5 Collocated Deployment Model In this deployment model, Sentinet Nodes are deployed as applications packaged (or collocated) with the business service applications, effectively running on the same Windows Azure virtual machines. Sentinet Node applications can now communicate with business services using local machine, highperformance, and inherently secure communication protocols such as net.pipe protocol. By using collocated deployment model business services and customers APIs are guaranteed to be secure (services cannot be accessed from other computers, unless they are accessed through a Sentinet Node), and there are no additional network latencies because net.pipe transport is the most effective local cross-process communication. Sentinet administrators remotely configure Sentinet Node s dynamic endpoints and provide business services with required accessibility, security, monitoring, access control, SLAs management, and other automated design-time and run-time management capabilities. Hybrid Deployment Model In this deployment model, Sentinet Nodes are spread through the cloud and on-premises environments while being managed and controlled centrally by the Sentinet administrators through the same SOA Repository application. The hybrid deployment model targets SOA architectures where business services are also spread through multiple environments, or when Sentinet Nodes are meant to mediate communication between consumer and service applications providing full transparency of the underlying Windows Azure transport and security protocols.

Sentinet for Windows Azure 6 Integration with Windows Azure Access Control Service Modern security models and cloud platforms promote Federated Security and Single-Sign-On architectures. Windows Azure cloud platform is no exception. Not only does Windows Azure facilitate Federated Security, it also requires it in many cases and scenarios. Sentinet platform fully supports Windows Azure Federated Security architectures and extends their capabilities by enhanced integration with Windows Azure Access Control Service (ACS). Business services and APIs deployed in the cloud can be remotely configured with Federated Security and integration with Windows Azure ACS through Sentinet Node s dynamic virtual endpoints. By leveraging Sentinet, business services can be non-invasively enabled to understand and process SAML claims issued by Windows Azure ACS. Moreover, Sentinet Node can act as an active ACS claims processor by enforcing dynamic authorization rules that Sentinet administrators create and apply remotely to their virtual services.

Sentinet for Windows Azure 7 Consumer Authentication and Authorization is moved out from the service implementation, and delegated to the virtual service Consumer or Consumer SAML token 2 Request for SAML token 1 Sentinet Node Trust Cloud Business Service Additionally, Sentinet can help consumer applications to integrate with Windows Azure ACS by mediating traditional security and ACS-integrated security. Imagine an application that runs on a mobile device that cannot be enabled with complex SAML-based security and is using traditional https protocol with username/password credentials. Sentinet Node can accept messages sent by a mobile application and exchange provided credentials for SAML tokens issued by Windows Azure ACS on behalf of a mobile application. Administrators will have to configure credentials mapping only with Windows Azure ACS (just as if it had to be configured without Sentinet Node).

Sentinet for Windows Azure 8 Mobile HTTPS, Username/ Password Sentinet Node SAML token 2 Request 1 SAML token Cloud Business Service Integration with Windows Azure Service Bus Relay Sentinet provides on-premises SOA services and APIs with easy interactions to external parties with whom integration is desired, without needing complex firewall and security infrastructure. Sentinet Nodes are designed to natively integrate with Windows Azure Service Bus and Windows Azure Access Control Service. Sentinet Nodes can be dynamically and remotely configured with Azure Service Bus endpoints encapsulating Service Bus non-interoperable protocols and Windows Azure ACS security identities. In order to join Windows Azure Service Bus infrastructure, on-premises business services have to be reconfigured to use special WCF bindings, and configured with Windows Azure subscription s security keys, which is neither a scalable deployment model nor secure enough (all business services have to be given knowledge of subscription security keys). For example, as stated by Microsoft Customer Advisory team (http://windowsazurecat.com/2010/08/leveraging-wcf-extensibility-to-simplify-secure-integration-ofbiztalk-server-with-windows-azure-service-bus/), the challenge is that in a complex composite application that involves both a BizTalk and a Cloud element of the solution architecture, the number of friction points that define how these solution elements interoperate with each other can be substantial. For example, there may well be a large number of Receive Ports configured in the BizTalk environment, each servicing different needs and exposing distinct service contracts. In addition, the on-premise BizTalk solution may be communicating through the Service Bus with a number of services each

Sentinet for Windows Azure 9 requiring a dedicated Send Port configured with WCF-Custom adapter and appropriate Service Bus WCF binding. By using Sentinet software platform, any service (even a non-microsoft service), can be on-boarded onto Windows Azure Service Bus infrastructure without any reconfigurations, redeployments or potential security keys compromises. Sentinet administrators can remotely configure Sentinet Nodes to dynamically open and manage Windows Azure Service Bus endpoints and authenticate virtual services with the Windows Azure ACS service. Service Bus security keys are stored in the central Sentinet SOA Repository and securely delivered to the Sentinet Nodes when they have to open Windows Azure Service Bus endpoints. Moreover, Sentinet Nodes can be configured side-by-side with Service Bus endpoints and additional internal endpoints, for testing and staging. Sentinet Administrators get full visibility and control over endpoints exposed via Windows Azure Service Bus, and can remotely and dynamically take Service Bus endpoints offline or reconfigure them with new or additional security, access rules, monitoring and SLAs. Windows Azure Service Bus Corporate Firewall Relay Service Windows Azure Transport, and Security Binding Sentinet Node On-premises Business Services Internal External Consumer Internal Consumer Sentinet Nodes can also be deployed in the hybrid deployment scenarious, where some Nodes are deployed on-premises while others are in the cloud. Both consumer and service applications can be fully decoupled (encapsulated) from Windows Azure Service Bus specific APIs and security configurations.

Sentinet for Windows Azure 10 Corporate Firewall Windows Azure Service Bus Relay Service Sentinet Node Windows Azure Transport, and Security Binding Sentinet Node On-premises Business Services External Consumer Windows Azure encapsulation boundary Integration with Windows Azure Asynchronous Messaging Sentinet provides SOA services and APIs with asynchronous messaging with automatic load-leveling by tightly integrating with Windows Azure Queues, Topics and Subscriptions. Consumer applications and service applications can be completely decoupled from the knowledge and mechanics of Windows Azure queuing while staying enabled to handle load-leveling with asynchronous messages delivery. Windows Azure Service Bus Corporate Firewall Sentinet Node Sentinet Node NET.TCP Binary Encoder On-premises Business Services HTTP Text Encoder Queues/Subscriptions/Topics External Consumer

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information