I recently had a great, freewheeling discussion with Daniel Raskin, Sun’s
Chief Identity Strategist. Daniel runs the Identity Buzz podcasts. We talked
about issues in identity and entitlement enforcement in SOA, compliance, and
the problems you run into as you move into new environments like the cloud.
Daniel’s post about our podcast is on his blog. You can download the
podcast directly right here.
Mention VMware to anyone in IT and their immediate thought is virtualization.
So dominant is the company in this space that the very word VM has a sense of
ambiguity about it: does it refer specifically to a vmdk, or another
hypervisor image like Xen? As with Kool-Aid and Band-Aid, there is nothing
better for a company than to contribute a word to the English lexicon, and
while VMware may not completely own virtual machine, they command enough
association to get passed the doorman of that enviable club.
Strong associations, however, may not translate directly into revenue. From
We have worked with many APIs here at Layer 7. And over time we’ve seen it
all, ranging from the good to the bad. We even see the downright ugly. Now a
good API is a beautiful thing; it encourages innovation, abstracts
appropriately, and is designed with enough forethought that nobody needs to
change it down the road. Resiliency is a good quality in an API. APIs are a
little like cockroaches in that they will likely outlive the human race.
But what about the other ones? The ugly and bad ones? This is where
developers could use some guidance.
Truth is, good API design isn’t really... (more)
SOA in the Cloud Expo
I’ll be delivering a Webinar next week about Layer 7’s Enterprise Service
Manager (ESM) product. ESM offers the global view of clusters of SecureSpan
Gateways and the services under their management.
It’s functions fall into three main areas:
Centrally manage and monitor all Gateways and associated services across the
extended enterprise and into the cloud
Automated Policy Migration
Centrally approve and then push policy to any Gateway across the enterprise,
automatically resolving environmental discrepancies
Security at Cloud Expo
Last week, the Cloud Security Alliance (CSA) released its Security Guidance
for Critical Areas of Focus in Cloud Computing V2.1.
This is a follow-on to first guidance document released only last April,
which, gives you a sense of the speed at which cloud technology and
techniques are moving. I was one of the contributors to this project.
The guidance explores the issues in cloud security from the perspective of 13
Domain 1: Cloud Computing Architectural Framework
Governing in the Cloud
Domain 2: Governance and Enterpri... (more)