Assaf Meiry

1
case study Secure Manage your services
Assaf Meiry Product Manager Ness Technologies
2
Company

• 4,000,000 members worldwide
• Best known for medical information bracelets
• Other services to protect clients
• 24-Hour Emergency Response Center
• Member Services Contact Center

"they speak when you can not."
http//www.medicalert.com
3
Business Challenge

• Provide MedicAlert customers with a A private
  and B secure way to C update their medical
  history and D carry it with them.

4
Web service application
Synchronizes critical health information between
USB keychain and customer accessed repository.

• Technical Challenges
• Security
• Availability

Synchronize medical data using Web services
E-Health Key
Medical Record Repository
5
SOA Platform

• AmberPoint
• Microsoft BizTalk Server 2006 business process
  integration
• Perimeter security via XML firewall

E-Health KEY
6
SOA grid with clean separation of
responsibilities
Microsoft BizTalk
Managed Endpoints
Virtual Service Provider

• Orchestration
• Protocol Mediation
• Message Routing
• Content Transformation

Controls Service-to-Service Interactions

• Management
• Discovery / Registration
• End-to-end Visibility
• Measurement
• Message Distribution/Utilization
• Availability
• Access Control

Controls Service-to-Endpoint Interactions
7
Resource Management

• AmberPoint allows us to focus on solving the
  business problem leaving the management issues to
  the experts.
• Jorge Mercado

8
Project Implementation

• As a result of bringing in AmberPoint, we were
  able to take the system into production 75
  faster .
• Jorge Mercado

9
Why ltAmberPointgt?

• AmberPoint Met Key Requirements

• Ensure last-mile security for sensitive
  private data
• Ensure high QoS requirements for partners access
  to MedicAlert
• Native support for .NET

??
?
AmberPoints native support for .NET was a
must-have. No other vendor offered that Jorge
Mercado
?

• Interoperability with first line of defense
  (Forum Xwall)
• Interoperability with integration server (
  Biztalk )

AmberPoint, while a smaller vendor, has an
impressive ecosystem of partners, resellers,
referrals and OEMs. Gartner (march 2009)
10
Keys to successful Runtime Governance
Visibility Knowing Whats Out There and Whats
Going On Control Putting Policies into Action
11
Architecture

• Management server
• Distributed agents architecture
• Non invasive
• Technology agnostic
• Runtime Governance
• Service Monitoring (visibility)
• Service Management (control)
• Service Security
• Automatic policy Provisioning

12
Service Monitoring
Performance

• Auto discovery
• Dependencies map
• Service structure view
• Performance metric
• Consumer mapping
• Logging
• Root cause analysis
• Dashboards Reports
• Alerts
• Business Transaction Monitoring

Root Cause Analisys
Transaction Log
13
Service Management

• Load balance
• Smart routing
• Transformations
• Versioning
• Service Level Agreements
• Fail over
• Throttling
• Segregation
• And more

14
Service Security

• Authorization
• Authentication
• Crypt Sign
• Credential Mapping
• Censorship
• White List Access
• And more...

15
Automatic Policy Provisioning
16
Governance Benefits

• Performance metrics
• Monitor system traffic in real time for key
  performance
• Visualization
• perform root-cause analysis, see service
  interdependencies
• Flags and alerts
• Detect, diagnose and address system errors
  (service level violations, faulted decryptions,
  etc.)
• Virtualization
• Aggregate internal services into a single,
  unified composite for use by external parties
  (partners, customers, etc.)
• Last-mile security

17
QA.
Assaf Meiry Product Manager Ness Technologies