In the quest to offer their customers a complete SOA management solution, where should vendors draw the line?

	express delivery
	• print  • comment
	SOA management vendors are extending their product offerings with strategic acquisitions and partnerships: Actional's merger with Westbridge is the latest consolidation move Meanwhile, AmberPoint and Oblix each struck new partnerships Acquisition gives a vendor more control of product strategy Partnering is best for non-core functionality The challenge is knowing customers want in the core product
	Glossary terms: services management, firewall, XML, digital identity, lookup tool Sponsored links: your text link here

Previously, SOA specialists filled potential gaps in their product lines by striking partnerships with other vendors. But recent acquisitions have raised the stakes, leaving customers wondering how much technology they should insist on vendors owning rather than relying on partners to provide.

Last week (October 18th), SOA management specialist Actional became the latest vendor to succumb to the acquisitions trend, announcing its merger with XML firewall vendor Westbridge Technology. Actional is widely acknowledged as one of the leaders in a market where the amount of noise created by the industry seems to be inversely proportional to the number of people actually using any product. Over the last fifteen months, the sector has been bombarded by wave after wave of new entrants, beginning with the traditional systems management vendors in the shape of Computer Associates and HP. They were followed by the identity and access management brigade, led by Oblix through its acquisition of Confluent Software in February, and subsequently by application infrastructure and EAI players such as BEA and Tibco. The M&A pace became more frantic last month with Digital Evolution's purchase of Flamenco Networks.

But for every takeover, there's a host of partnerships being struck, including the recent 'Starter Pack' bundling agreement between AmberPoint, another leader in the specialist SOA management space, and registry vendor Systinet. And on the same day that Actional announced its merger news, identity and SOA management vendor Oblix announced a partnership with web services firewall vendor Forum Systems that mirrored the Actional-Westbridge tie-up. Although the Oblix-Forum alliance struggled for visibility in the aftermath of Actional's news, the two moves exemplify contrasting approaches to the same problem — getting comprehensive coverage of the SOA management landscape.

Advantages of ownership

For those vendors with sufficient reserves of cash and equity, there are several clear advantages in opting for ownership rather than partnership. To begin with, it provides stability. The problem with partnering is that your other half can just up and off if something more interesting turns up — something that Digital Evolution is no doubt mulling over after one of its key identity management partners, Netegrity, sold out this month to CA.

Provided the integration proves feasible, acquisition allows different product development strategies to be controlled and unified. Actional has already mapped out a short-term integration plan, albeit at a high level, for combining its SoapStation broker and Looking Glass management platform with Westbridge's XML Message Server, a firewall and web services broker. It will begin by developing a single point of control for operational policy and single sign-on for both products. Further down the line — in the first half of 2005 — its plans are more ambitious. As well as integrating the user interface, Actional promises to provide integrated policy management. This, according to CTO Dan Foody, will allow organizations to set security at a high level and apply it across the whole fabric of the network. In effect, a two-tier strategy will evolve — control of the underlying 'fabric' through brokers, agents and gateways, and an upper-tier 'Command and Control' capability through the Looking Glass Server and Console.

Oblix, on the other hand, has been a little slower off the blocks in integrating the product set it acquired in January this year from Confluent, now rebranded COREsv. Its first release of the newly-labelled product this summer allows web services management customers to reuse access policies from its COREid Access system, but tighter integration in the form of a single records database and common policy-building tools is mooted further down the line.

Interestingly, Oblix seems to be making swifter progress in its integration of Forum's XWall web services firewall, which it plans to bring into its suite by the end of the year. According to Rick Caccia, senior director of product management, the companies it talks to about web services management typically want to start with one of two things — either basic policy management and monitoring, or perimeter security. The Forum deal means that it now has both covered, he says.

Drawing the lines

The flipside of the acquisition strategy is that each of these emerging vendors has finite resource, leaving them in the ambiguous position of staking a claim to a comprehensive SOA product strategy, yet having to partner to fill the gaps in their own portfolio. Every software vendor in the world is in the same position, of course — what matters is whether they can draw the line in a credible place. While it's a safe bet that the SOA players will leave the messaging, enterprise management and application infrastructure to those with slightly deeper pockets, other lines are still being drawn and redrawn in areas such as registries and identity.

Actional, for example, has no registry product in its suite and sees no burning need to get one — as Foody points out, there's a wide variety of products out there and its architecture is designed to be agnostic. But Amberpoint's tie-up with Systinet, however limited in scope, suggests that at some point it may be helpful for Actional to similarly temper its agnosticism with a little favoritism. Meanwhile, how long can Actional ignore Oblix's argument about the link between the first wave of identity management (identifying people to machines, its core business), and the second wave, identifying application to application? This second tier of identity management is an area that Digital Evolution, for example, counts as one of its strengths, and was an important factor in its acquisition last month of Flamenco Networks' service provisioning technology.

For its part, Oblix has decided to draw the line at owning the definition and management of policy, leaving enforcement to partners. That is the rationale behind the partnership deal with Forum for web services, as well as an earlier deal that saw Juniper integrate its SSL VPN with Oblix's COREid access control product.

Whether that demarcation will suit its customers is something that it will now have to test in the market. Recent acquisition activity suggests that vendors believe customers want them to include more rather than less in their SOA management suites. Extending the boundaries far enough is going to be crucial in winning customer confidence, especially when competing against the broader infrastructure offerings of established vendors like IBM, HP and CA. But it's equally important that vendors don't over-reach themselves or sacrifice flexibility in their eagerness to add extra functionality. In the coming months, vendors deciding whether to buy, build or partner will have to make fine judgments about where exactly they draw the line around their product strategies.

More on this topic