DemistifyIT

End-to-End Operational Control & Application Management – Do you have it?

Categories:

So much has been written about the US Government’s Health Insurance Exchange that I’m almost afraid to mention it. For this posting, I’m going to stay out of the political fray and avoid rendering any opinion about whether we should, or should not have the Affordable Care Act, aka Obamacare. Instead, I would like to discuss the Challenge of the Health Insurance Exchange strictly from an IT perspective.

The US Government has spent approximately 400 million and counting on the current system. So far, the system has been down more often than it’s been operational. Secretary Kathleen Sebelius is on the defensive, and she’s been called before congress to testify about how she spent the money, what went wrong?, and how she plans to fix it?. On top of that, her boss, the President of the United States has been forced to acknowledge the problems with the American Public. You get the idea – the site is a train wreck. What we discovered is that the project was rushed, the supporting technology was dated, the systems are vastly more complex than originally thought and nothing works as advertised.

Hypothetically speaking, how would solve these technical problem if you were Sebelius? Bear in mind, you have to change the proverbial tires on the bus while its driving down the road. Well, I’ve actually given this some thought. Throwing the whole thing out and starting from scratch isn’t an option – it would take too long, and you have the President of the United States, Congress and US Public breathing down your neck. No, about the only thing you could do in the short-term is identify, isolate and repair the glitches. The trouble is, a single transaction spans multiple systems and technologies. What’s needed is the ability to trace a transaction end-to-end in order to ferret out and address the problems. Stabilize and fix what you can, and replace what you must. Once stabilized, you can test and upgrade fragile components. All this sounds great, but without End-to-End visibility and a single pane of glass to identify problems you wouldn’t know where to start.

I’m quite proud of the fact that I work for a software company that has actually solved this problem. In fact, my employer (Splunk) is the only machine data platform that I’m aware of that can provide this level of visibility and insight across heterogeneous environments in real-time. If you simply Splunk it, find it, and fix it, you’ll quickly get a handle on what you need to fix and your priorities.

Are you able to quickly identify and isolate technology problems across all your environments?

This post has no tag

Permanent link to this article: http://demystifyit.com/end-end-operational-control/

An Early Warning System Saves: Anxiety, Jobs, & Your Business

Categories:

Uncategorized

by Thomas

Imagine this scenario – you just discovered that your IT systems have been hacked into. Even worse, after pouring over logs and conducting exhaustive analysis you discover that the data breach had been going on for weeks. Since that time, the perpetrator or perpetrators have been systematically siphoning sensitive data from your network. Now imagine that it’s your job to report this Data Breach to the CEO. Would your heart just skip a beat? I know mine would.

This awful scenario, while hypothetical has no doubt been played out both within businesses and government agencies throughout the world. In addition to the lost trust, embarrassment, operational disruption, and the financial impact on your brand, data privacy laws and regulations further raise the stakes through imposed fines. Moreover, Wall Street definitely doesn’t take kindly to Data Breaches.

Here is a not so typical example of how a data breach can play out in the real world, but one you need to be aware of. This is an account of happened to Heartland Payment System, a Payment Process Provider (NYSE: HPY). In 2008, Heartland Payment Systems was alerted to suspicious account activity related to their customers from their partners Visa and MasterCard. Heartland conducted an all out investigation and were horrified to discover that they were unaware that a packet sniffer had been surreptitiously installed on their network.

At the time of this discovery, Heartland’s stock was trading at $25. per share, with 36.83m outstanding shares. As the full extent of the data breach came to light, Wall St. punished the stock. Over the ensuing months, the stock hit a low of just under $5 per share. That’s over and 80% drop in value or approximately $736 million. In addition to the massive drop in market cap, Heartland was forced to pay substantial fines, and spent vast sums on consultants and both software and hardware to harden their network. Overall,according to news articles, the Data Breach cost Heartland $140 million in fines and other hard dollar costs.

What truly shocked everyone was the sheer magnitude of the breach – some 130 million credit card accounts were stolen. This single data breach could have put Heartland out of business. It’s taken years, but thanks to some shrewd crisis management, Heartland has regained customer trust, and thankfully, the stock is doing better than ever – trading at $44.47 per share as of this writing.

Heartland’s troubles could have been greatly minimized if they had an early warning system alerting them to network anomalies. Much like a smoke alarm alerts us to fire, monitoring inbound requests and outbound responses with Splunk would have alerted and directed management to suspicious network activity which could quickly have been rooted out quickly.

To use an analogy – A tiny fire quickly extinguished causes little damage, but if you aren’t aware, that same small fire can become a raging inferno and take down your business.

Public service announcement – Remember to check the batteries in your smoke detectors on your birthday.

This post has no tag

Permanent link to this article: http://demystifyit.com/ignorance-truly-bliss/

Beyond the SIEM

Categories:

Big Data, SIEM

by Thomas

There exists an entire classification of software used to detect security threats, insure compliance, and quickly identify data breaches. Vendors providing these types of solutions are appropriately referred to as SIEM providers. Of course, SIEM is an acronym (the software industry loves acronyms), which stands for Security Information and Event Management. Many in industry simply refer to this category as SIM (Security Information Management). To which I say: Potato, Patatoh

Why would any business need SIEM? Well, simply put, because the world is full of very creative and determined bad guys intent on doing harm to your business. Any business of scale has numerous electronic touch points with customers, partners and suppliers. Supporting these touch points requires a raft of systems and technologies – from Gateways, Application Servers, Web Servers, Databases, Protocols, Identity Attributes, etc. Any one of these systems could be a target of attack for criminals or malcontents. On the less nefarious side, event management data can be used to diagnose and troubleshoot latency or failed messages end-to-end. How? Well, SIEM software correlates information across various systems in real-time as it flows throughout your network. However, the sheer volume of data generated is much too much for any human to analyze. Therefore, SIEM software is designed to consume and correlate information using “Programmatic Rules” or “Statistical Analysis”. Since easier is better, a statistical based approach to data correlation will save you considerable time and expense.

Dashboards, Alerts and Notifications: All the data you are collecting, correlating and analyzing is meaningless without some way to visualize, report and notify you when something is wrong. Many vendors provide some form of analytics and alerting capability. However, what is often overlooked is the paramount need to quickly search and retrieve relevant information, which is a real lifesaver if you ever have to troubleshoot problems when you are under the gun.

What’s with the baseball? Well, now that you’ve got the basics of SIEM, I thought I would use the metaphor of a SEAM (play on pronunciation) as depicted on a baseball to further expand your thinking. Like the stitching seam on a baseball that is used to bring together different pieces of leather covering rubber and yarn to form a baseball, SIEM data can be stitched together data from many sources to further enrich and deliver more value to your business. Combined, all of this data contribute to BIG DATA. For the most part, BIG DATA (funny I feel the need to capitalize that) is just lots and lots of machine data that is stored and archived somewhere. The promise of BIG DATA is an enormous treasure trove of information that can be tracked and analyzed to find useful insights. However, the real value of BIG DATA isn’t in the “rear view mirror” historical analysis, but rather it comes from marrying both the “historical view” along with the “here and now” thereby enabling you to turn your Insights into Action.

Just think of the possibilities: Airlines could improve yield management from analyzing historical spend, enriched with weather, Conference Board’s Leading Economic Indicators, the stock market, and real-time social media feeds to further maximize consumer spend. E-tailers like Amazon could drastically fine-tune the accuracy of their recommendation and pricing engines. Manufactures could develop more efficient and accurate demand planning and forecasting models. All of these increased revenue and cost reductions could very well be enough to move the needle on your bottom line. Beyond the SIEM, this historical and real-time information will lead to better more informed decision making that you can take to the bank. Play Ball….

Tags: Big Data, SIEM

Permanent link to this article: http://demystifyit.com/siem/

Plug-in to the power of Big Data through API’s

Categories:

Big Data

by Thomas

A customer of mine has been doing some stunning leading edge things including: (1) leveraging their back-end SOA services, (2) exposing API’s to their Partners, and (3) integrating seamlessly with various social media sites. These initiatives are delivering real-world value to their customers, and in the process, they are capturing Data – Lots of Data. When I asked them what they intended to do with the data, they replied, “well, we aren’t really sure just yet, we’re thinking that we’ll just “Big Data It Later”.

While seemingly indifferent and haphazard, it’s actually an intelligent strategy. Creating a “Big Data Lake” to be dissected and analyzed later to find value and relevancy is a brilliant move, and often requires the skills and in-depth analysis from an experienced Data Scientist/Analyst. Turn these Analysts loose, and let them swim in the lake with snorkel and fins to find the sunken treasure of relevant insights. However, once those relevant insights are discovered – then what? Sure, it’s possible to slice and dice data through Visualization Tools to make more informed decisions about their business. But even greater value can be unlocked from binding those findings/insights into data/system streams through API’s. By so doing, it then becomes possible to leverage and analyze tons of data to act upon emerging trends well before they become apparent (if ever) to the average user. An example of this phenomenon include: factoring in the temperature, time of day, click stream analysis, client device (Mobile, Mac/Windows), Account Balance, and Social Media References, to present their customer with the best offer/up-sell opportunity. Think Amazon’s Recommendation Engine on Steroids!

Of course, exposing this extrapolated and synthesized data through API’s opens up a world of options regarding how you harness, expose and leverage information. API’s open up Mobile, along with “The Internet of Things” through expanded access (either as a contributing data source, or application access). More examples of integration points for competitive advantage may include: rank ordering outbound call lists for inside sales, incorporating relationships within marketing campaigns to boost effectiveness, improving policy risk analysis, improving portfolio investment and hedging strategies, and multi-dimensional demand planning for manufacturing to name just a few. I’m sure that once you embark on the journey of asking “what if” you too will soon discover a treasure trove of endless possibilities to inject all sorts’ insights gleaned from Big Data through APi’s into your business.

Tags: API's, Big Data

Permanent link to this article: http://demystifyit.com/making-big-data-count/

5 Things You Should Know About OAuth

Categories:

Uncategorized

by Thomas

What is OAuth?

OAuth is an an emerging protocol for sharing information between applications without sharing passwords. Chances are good that you’ve already used Oauth but may not have been aware of it. (Palmolive – Madge, you’re soaking in it). OAuth is favored by social media sites such as Facebook, Twitter and LinkedIn and the broad ecosystem of applications that enhance those experiences. If you have ever allowed an application to access your Facebook data, OAuth is the protocol being leveraged behind the scenes to make that happen.

1. Should you even be concerned about OAuth?

The answer to this question is (drum roll please) it depends. If your business wants to cash in on or interoperate with social media in a meaningful way, then you you should definitely read on. If not, then thanks for reading this far, and take some time reading other articles on my site before departing.

2. How is OAuth different from Basic authorization standards?

In a word, passwords! Basic authentication requires applications to store and transmit username and passwords to work. For many use cases, this is just fine. However, if your application interacts with other external web API’s then Basic Authentication is not advised for two reasons: 1. managing user name and passwords to access services is difficult and clumsy to manage and 2. the potential for security breaches. On the other hand, OAuth only requires that a user merely grants access rights to your data without passing username and password information. In this way, if you change your password, all your linked applications will continue to work.

3. Is OAuth Safe?

It depends, OAuth can be just as safe as other authentication protocols, but you really need to know the spec, enforce and control access, and secure the communication channel. The best and most secure method for utilizing OAuth is to use an API Server.

4. What makes OAuth so unique?

In nutshell, User Managed Access. Basically, OAuth gives the application end-user the power to control whether to accept, or reject authorizations to share information or integrate to 3rd party systems, without passing user passwords.

5. Where can you learn more about OAuth?

I suggest that you start at the source: http://www.oauth.net I have to add one caveat, with the case of this specification it’s important to note that newer or the latest spec doesn’t always mean better. Since the spec is constantly evolving, new release could actually introduce unfavorable changes that you’ll need to stay on top of. Another source is Vordel, we are helping many enterprise customers safely move to the API universe.

Tags: Facebook Integration, Identity Management, LinkedIn Integration, OAuth, OAuth2.0, Social Media, Twitter Integration, What is OAuth?

Permanent link to this article: http://demystifyit.com/5-things-you-should-know-about-oauth/

Can you trust you know who you are dealing with?

Categories:

Uncategorized

by Thomas

Like everything in life, knowing whom you are dealing with is essential. I seriously doubt that I’m going out on a limb to say that no one likes dealing with a phony. If you think about it, in the physical world, almost everything we do is based upon trust and relationships: friends, significant others and professional relationships. Is your Doctor qualified? Is your fiancée already married? Regardless of the relationship, it’s important for an individual to know whom they are dealing with. The same is also true in business – does this company have the means to pay for the product we are shipping them? Should we trust this importer? Therefore, I believe that knowing the identity of whom you are interacting with in the digital world is just as important. In fact, it may be even more important given the potential for rapid massive financial theft and sabotage.

To be clear, I’m defining a digital relationship as any electronic system that communicates information about you, your customers, your patients, your partners, including the ability to change, share or alter information on your behalf. Nowadays, with the advent of social media these “digital relationships” are everywhere – Facebook, Linked-In, Twitter as well as other social applications. The trend is to give these applications permission to share information amongst and between these new age applications, along with other more traditional applications such as e-mail accounts, contact lists, and more. For example, grant Linked in access to your address book or e-mail account and they will search for new business contacts to link to. The power of what I’ll refer to as “Cross Communication Applications” is unmistakable; they save time, and provide tremendous benefit to the end-user.

Even businesses are getting into the act, as they are now actively sharing enterprise information from cloud based applications such as Salesforce and Concur, with their on-premise back-office applications such as E-Business Suite, SAP, or other home-grown applications. With all this sharing going on, it’s vitally important that everyone is certain of the identities exchanging information. If a malevolent person or program were successful in impersonating your digital identity, the resulting damage from such a breach could be quite significant. Therefore, knowing that you are only sharing information with a trusted identity is critical.

Consumer-based cross communication likely poses less of a financial threat than do enterprise information or sharing – but ultimately, only you can be the judge of that. Therefore, the more important the information to you, the more security measures you should take – defense in depth is truly your single best defense against malicious threats.

A Gateway is one of the most powerful tools available to stop would be posers from accessing your digital assets. Since a Gateway reads and monitors all application traffic flowing into and out of Cross Communication Applications you can instruct the gateway to do a number of things, such as:

* Verifying that the incoming IP address matches the “white list” of trusted IP addresses
* Verifying that the IP traffic hasn’t been spoofed
* Insuring that incoming traffic does not contain Trojans or Known cyber attacks….and much more.

In summary, if securing your information matters, you should do a little research to determine whether or not a Gateway would be right for you. Remember, we all really need to know who we are dealing with.

This post has no tag

Permanent link to this article: http://demystifyit.com/can-you-trust-you-know-whom-you-are-dealing-with/

What is a Gateway, and what can it do for you?

Categories:

Uncategorized

by Thomas

Since I sell Gateways every day, I thought I would tackle this question. I’ll begin by stating that a Gateway is perhaps one of the most misunderstood and yet most powerful technology component available in a technologist’s arsenal. If you think of a Gateway only as an instrument to secure Web Services, a Gateway is considerably more versatile and is also extremely adept at handily solving a broad array of complex technical challenges. To use an analogy, don’t just think of a car, think Chitty, Chitty, Bang, Bang.

To understand what makes a Gateway such a powerful tool and to shed some light as to just how it works, it’s first helpful to know where it is most often installed within your technical architecture. A Gateway is typically installed at the edge of your network inside what techies call the DMZ, which is an acronym that stands for Demilitarized Zone. Techies use that term because it’s the frontline defense for all Internet traffic flowing into and out of your enterprise. As such, the Gateway operates as a High Performance Input/Output device that can apply operations to traffic in near real-time passing into and out of your network. One of the most important functions a Gateway is its ability to stop bad traffic (schema bombss, SQL injections, etc.) from ever making its way into your enterprise.

Since application traffic flows through the Gateway on it’s way to your enterprise systems, the Gateway gets first crack at doing something meaningful with this information. You can define a whole series of operations or policies that the Gateway can apply to this traffic. How you define your policies and the conditional instructions you define can completely alter your perception of just what a Gateway is and does. To use an analogy, if you saw the car from Chitty Chitty Bang Bang flying, you would think it was only an airplane, but if you instead saw the automobile racing across the water, you would think boat, and if you only saw the car on the road you would think of just as an automobile. Now, if you were to combine all three perspectives, you would likely scratch your head and say to yourself, that’s one hell of a machine, whatever it is. Well, unlike the movies, a Gateway is the very real equivalent of the Chitty Chitty Bang Bang automobile. Only, the Gateway can perform ten or more tasks extremely well instead of only three.

The operations a Gateway can perform are things such as:

Inspect	Verify
Transform	Redact
Enrich	Encrypt
Block	Route
Throttle	Analyze
Log	Report

Each operation, when performed stand alone or combined with other operations can quite literally change your perception of the technology. A Gateway can:

Prevent unauthorized application access into your network
Thwart Denial of Service Attacks
Integrate On-Premise with cloud based applications across your entire enterprise
Operate as a Cloud Service Broker
Serve as a unified policy enforcement point – enforce IdM entitlements
Provide federated access
Re-purpose web services by redacting responses
Provide real-time insight as to how all your composite applications are performing
Transform application data from one language to another, and back again (SOAP to REST) – Go Mobile Quickly, without added time or expense
Throttle certain network traffic to meet SLA requirements
Serve as a simple Enterprise Service Bus (ESB) or front-end an existing ESB to improve its performance by as much as 8X
Send alerts to management and much, more…

In short, a Gateway is a very powerful tool that can solve numerous complex technical challenges and should be a core component of your infrastructure. And of coure, the most powerful, flexible, and easy to use Gateway on the market is hands down Vordel.

Tags: Active Directory, Active Directory Federation Services, AD, ADFS, Application, Convert, Gateway, Identity Management, Kerberos, Microsoft SharePoint, Mobile, OAM, Redaction, Repurpose, REST, Service Oriented Architecture, SharePoint, Single Sign-On, SiteMinder, SOA, SOAP, Software Tools, Transform, Web Services

Permanent link to this article: http://demystifyit.com/what-is-a-gateway-and-what-can-it-do-for-you/

Taming the SharePoint Beast

Categories:

Uncategorized

by Thomas

SharePoint is one of the most pervasively used technologies to come along since Microsoft Office. Once installed, SharePoint has the tendency to spread like a weed, often popping up in uncontrolled ways throughout the enterprise. Users simply love the freedom and autonomy of the tool, which is why CIO’s and CSO’s simply pull their hair out over the difficulty of managing and securing information contained therein.

For the record, I’m a big fan of autonomy – but then again, who isn’t? The trouble or threat really starts when someone stores sensitive information within SharePoint – which let’s face it, is going to happen often. That’s where the fun and games stop, and the need for enterprise class security begins. After all, proprietary information such as R&D, Financial Information, Strategy Documents, Market Analysis, Engineering Blueprints, etc. needs to be safeguarded, and as such, should adhere to the same security controls applied to other corporate information systems. So, if your company standardized on Oracle Access Manager, CA Siteminder, RSA Access Manager or IBM Tivoli Access Manager, etc. then you will most definitely want to leverage those systems with SharePoint. The trouble is, Microsoft’s approach to IdM is akin to Ford’s approach to Model T colors (you can have any car color you want as long as it’s black) – you can use SharePoint with IdM as long as you use Microsoft’s Identity Management products. Given the limited capabilities of Microsoft’s Identity Management Offering, this is neither a practical nor viable solution. So what should you do?

Fortunately, there is a seamless and elegant way to quickly and easily leverage your existing IdM infrastructure with SharePoint. By introducing a Gateway into your infrastructure you can close the door to potential threats and leverage your existing infrastructure. But here’s some other really great news. First, you don’t have to install software everywhere. Second, you will gain insights about SharePoint (uptime, latency, & performance) that you can’t possibly have today. And third, SharePoint application performance will greatly improve.

So, if you’ve been struggling to solve this problem for a while, I bet everything I just stated will sound like magic. But once you understand the mechanic’s of what the Gateway is actually doing – the behind the scenes Gateway operations that makes it all happen – it will make perfect sense to you. A word of caution though, not all Gateway’s are created equal, and a number of Gateway vendor’s engines simply aren’t equipped to tackle this problem as efficiently as that of Vordel. I’m not saying that it can’t be done, but to use an analogy, the difference between the level of effort required is likely to be the same as the difference between planting a flower and planting a 50 foot grown tree. Both CAN be done, but it definitely will take much longer and you’ll have to commit a lot more resources to plant the tree.

I hope you enjoyed this article, and look forward to your feedback.

Tags: Active Directory, Active Directory Federation Services, AD, ADFS, Gateway, Identity Management, IdM, Kerberos, Microsoft SharePoint, OAM, SharePoint, Single Sign-On, SiteMinder, Tivoli

Permanent link to this article: http://demystifyit.com/taming-the-sharepoint-beast/

Energize Web Services with Redaction Action

Categories:

Uncategorized

by Thomas

Web Services, those discreet re-usable pieces of code we find everywhere nowadays, are becoming even more ubiquitous within Information Technology Departments for a very good reason, Because they work. Also, in theory, they go a long way towards reducing application development costs. The challenge that Web Services has is that they aren’t very intelligent. Let me provide you with a quick example that will illustrate the problem.

Let’s say that you’re an information service provider and your customers access information through a Web Service that you’ve built. It’s a pretty straightforward process: build the web service, make it available, (validate identities and access – I won’t get into that right now) and let the good times roll. The challenge begins when you want to add intelligence to your Web service. For example, if the customer is a Platinum Subscriber then make all of this information available. However, if they are buying a single report without an Annual Subscription, then you want to only make section 1 & 3 available. Without intelligence, you quickly realize that every possible permutation will lead to the need for a new/modified web service. The inevitable proliferation of web services will become a challenge to keep track of and a nightmare to manage the difficulty of applying code revisions or updates to each web service.

Wouldn’t it be more efficient if you could just build a single web service and simply apply rules that would remove or redact information that fell outside of the rules. Come to think of it, that almost sounds like the kind of capability you would find in some government conspiracy spy novel. Well, as is usually the case, the truth is stranger than fiction; if you place a Gateway in front of a Web Service you can do exactly that. A Gateway is really a high performance Input/Output device that gives you ability to apply rules to network traffic going into and out of the Gateway. Given its capabilities, you can apply everything from simple to sophisticated rules to redact information based upon whatever criteria you define. It’s a very simple and elegant way to solve a vexing problem, and a Gateway will energize your web services without a whole lot of effort.

Tags: Gateway, Redaction, Repurpose, Service Oriented Architecture, SOA, Web Services

Permanent link to this article: http://demystifyit.com/energize-web-services-with-redaction-action/

REST your SOAP, and don’t worry, be happy

Categories:

Uncategorized

by Thomas

Bridging the gap between old and new is a challenge we all have been grappling with forever. It’s inevitable that the “IT” thing of today, will be replaced by a new innovation down the road. The caveman started with the rock, which was later replaced by the club, which later gave way to the spear. New advancements did not replace the previous technology entirely; rather it simply redefined more appropriate uses. For example, stones are ideal to craft spear points, and clubs when laced with leather and curved stones proved invaluable for digging. Thankfully, this innovation continues to propel society forwards, but it often leads to confusion for “traditionalists” who find themselves unwilling to adopt or change. So, what does all this have to do with technology? Plenty, read more to find out why.

The early days of computing consisted of centralized information on a mainframe that was accessed through dumb terminals. The invention and widespread adoption of the PC gave rise to Client Server computing. The Internet ushered in another era of computing, which ultimately led businesses to adopt Service Oriented architecture to enable discrete program artifacts to be developed once, and reused time and again within the enterprise. Companies quickly realized that if they could get discrete propram artifacts called Web Services to communicate with a customers’ or partners’ Web Service, they could further streamline operations. All that was a needed was a common way to define information, securely transport this information, and provide instructions for the receiver about what to do with that information. Enter SOAP to the rescue; You know you’re soaking in it? (I couldn’t resist) No, not that kind of SOAP! SOAP once stood for Simple Object Access Protocol, but now it’s no longer an acronym, it’s now just plain old SOAP, but the protocol is just what was needed to help solve the challenge.

SOAP consists of three parts, (1) The envelope – think of this as a message wrapper (2) Encoding Rules – contains application defined data-types, and (3) Procedure calls and responses. SOAP messages are formatted in XML or Extensible Markup Language and typically rely upon HTTP or SMTP for message transmission. SOAP has been around since 1998, and as such, it’s a mature and battle tested protocol used for exchanging structured information though Web Services. The trouble is, SOAP as a protocol is very verbose – meaning, the quantity of information sent and received utilizing SOAP is fairly extensive. This limitation wasn’t so much of a problem within the enterprise, but once companies moved to a mobile platform where users are “in the wild” the challenges of spotty and limited bandwidth become the norm, SOAP just doesn’t deliver. The solution: Representational State Transfer Protocol or REST protocol to the rescue.

Unlike SOAP, REST is an abstraction protocol that links an end-user or client to another resource that holds information; these “other” resources can be either dynamic or static. This fact that the information conveyed is simply an abstraction makes REST very lightweight, which is ideal for mobile users. However, the REST protocol lacks maturity, and totally misses the boat on security. As a result, businesses that have built an extensive service layer built upon SOAP, now find themselves faced with some difficult decisions:

1. Deliver services that they know will be slow based upon SOAP

2. Migrate or re-write existing services to REST and worry about security.

3. Ignore the fastest growing segment of computing – mobile users

You don’t have to be Einstein to realize that each of the three options is unworkable, but fortunately, there is a 4th option. Enter the Vordel Gateway. A Gateway is really a high performance Input/Output device that is most often used to monitor all communications traffic coming into and out of an enterprise. The brilliant thing about the Vordel Gateway is that not only does it monitor traffic, but it can also invoke operations against that traffic in near real time. And, one of those operations is, you guessed it: Transformation. You can think of it as an interpreter, like in the UN when an ambassador listens to a foreigner speak by donning one of those silly headsets so that he/she can hear what’s being said. Only, the Vordel Gateway is capable of transforming information to and from different protocols at breakneck speeds, and – this is the best part, the Vordel Gateway can also make-up for SOAP’s limitations by implementing it’s own security policies (No headset required:). Therefore, by simply introducing Vordel Gateway – Voila, everyone is happy. You don’t have to re-write code that took months or years to develop, your information is safeguarded, and you are able to quickly bring to market new mobile services in record time – thereby saving time, resources, and money. So, get some REST and find out what Vordel can do for you.

Tags: Application, Convert, Gateway, Mobile, REST, Service Oriented Architecture, SOA, SOAP, Software Tools, Tivoli, Transform, Web Services

Permanent link to this article: http://demystifyit.com/hello-world/

Recent Tweets

Great example of how leveraging machine data can help you save huge $. lnkd.in/di2jVgQ

Yesterday from Thomas MacIsaac's Twitter via LinkedIn

Use this Splunk App to find Heartbleed vulnerabilities: lnkd.in/daYf6iq

About 6 days ago from Thomas MacIsaac's Twitter via LinkedIn

This is really wild stuff to be Splunking. I'm now waiting for Jetpacks to go mainstream. lnkd.in/dnx3crJ

Last week from Thomas MacIsaac's Twitter via LinkedIn

More great news lnkd.in/dvHKqBi

About 3 weeks ago from Thomas MacIsaac's Twitter via LinkedIn

Using Big Data to Audit Access to Patient Data and Beyond lnkd.in/djcX4UP

About a month ago from Thomas MacIsaac's Twitter via LinkedIn

CNET News

Prime, Kindle users are big spenders on Amazon
Prime subscribers spend twice as much as non-Prime members, while Kindle owners spend 30 percent more than non-Kindle owners, says Consumer Intelligence Research Partners.
HBO signs up for Amazon Prime, Fire TV
In a deal that's sure to sting Netflix, Amazon licenses tons of HBO programs for its Prime Instant Video service exclusively -- but no "Game of Thrones" -- and the HBO Go app will soon be on its media-streaming box, Fire TV.
Huawei set to spend $300M on global marketing in '14
The company's focus will be improving the image of its brand so it can appeal to those looking for higher-end handsets.
Google Play Music comes to AirPlay devices via hack
Google Play Music doesn't support AirPlay or products like the Apple TV out of the box, but a company called DoubleTwist has found a way around that obstacle.
Worries subside as chip designer ARM predicts boost in smartphone sales
Although ARM sales were disappointing at the end of last year, the chip designer expects smartphone sales to be boosted in the second half of 2014.
Samsung's Galaxy Tab 4 family set for May 1 debut
The Wi-Fi Galaxy tablets, which range between 7 and 10 inches, hit the U.S. across a variety of retailers. Multiple carriers are also expected to carry 4G LTE versions this summer.
Sprint aims to make all its devices unlockable by February
The carrier doesn't yet have the capability to unlock all phones but says it's working to make that happen by early next year.
AOL imposes stricter email rules to stem spoofing attack
AOL instructs mailbox providers to reject any email allegedly associated with an AOL domain that didn't originate from an AOL server.
As Microsoft’s Q3 awaits, it’s all Satya, all the time
CEO Satya Nadella, on the job since February, is suddenly everywhere, taking on the role of brainy technology visionary once held by Bill Gates as he seeks to steer Microsoft in a different direction.
Big-screened iPhone 6 envisioned in new artist renderings
New renderings from French website Nowhereelse.fr imagine an iPhone 6S and 6C in all their large-screen glory complete with a thinner, rounder design.

Helping Executives Make Sense of Technology

End-to-End Operational Control & Application Management – Do you have it?

An Early Warning System Saves: Anxiety, Jobs, & Your Business

Beyond the SIEM

Plug-in to the power of Big Data through API’s

Can you trust you know who you are dealing with?

What is a Gateway, and what can it do for you?

Taming the SharePoint Beast

Energize Web Services with Redaction Action

REST your SOAP, and don’t worry, be happy

Recent Posts

Recent Tweets

Recommended Sites

CNET News

Copyright