News Stay informed about the latest enterprise technology news and product updates.

Burton Group sizes up the SOA registry landscape

On the heels of last year's SOA registry/repository feeding frenzy, Burton Group's Anne Thomas Manes sizes up the current market, noting that UDDI v3 compliance is necessary, but far from sufficient.

In "The Registry and SOA Governance Market Landscape," the second of two reports published in the past two weeks, Anne Thomas Manes, research director at Burton Group Inc., noted that the once placid world of registry/repository exploded in the past year. In a feeding frenzy Mercury Interactive Inc. acquired Systinet Inc., only to then be acquired by Hewlett-Packard Corp., which overnight became king of the hill for registry/repository technology. Then in a smaller, but not insignificant deal, webMethods Inc. acquired Infravio Inc. for its registry/repository product. So where does the market stand now? And when should organizations look for the registry/repository component of their SOA infrastructure? Manes answers those and other questions in this interview.

What does the registry/repository vendor landscape look like now?
It's been kind of a volatile place over the last year. It started out with Mercury acquiring Systinet, the leading registry player. That was shortly after Systinet released its first registry/repository product, which was a significantly different product from just the registry they had before. Then HP acquired Mercury. Meanwhile, webMethods acquired Infravio. And then IBM comes out with their registry/repository. Software AG came out with CenterSite. BEA had already licensed Systinet's registry as a reseller. Then Oracle also licensed Systinet and so did Tibco. In fact, Tibco sells this product called Matrix, which is the Systinet registry plus the AmberPoint Web services management product. Progress also partners with Systinet and HP. So a lot of vendors are beholding to HP for their registry/repository technology?
They certainly are, but that's an indication of the fact that so many of the platform vendors have decided that they have to have a registry as part of their solution. And that's an indication that the customers are demanding it. Why didn't more of the vendors develop their own registry technology?
Actually, every single one of these platform vendors had a registry back in 2002. But most of the vendors jettisoned them, threw them away, because what they had was garbage. They were worthless. They were just raw implementations of UDDI and that doesn't give you the governance that you really need. So basically after 2002, Systinet had the entire market to themselves. Then Infravio comes into the market in 2004. For the longest time it was Systinet and Infravio. Infravio had six or seven customers, and Systinet had around 250. So Systinet was the market with Infravio as this little mosquito over on the side. A mosquito with Miko Matsumura?
Once Miko joined Infravio, it became more than just a little mosquito. It became a dragonfly. He's done a huge amount to increase awareness of Infravio. It's been a good thing for Infravio. Is there anything available in open source in the registry/repository area?
I don't know of any repository out there. There is one breathing open source project out there, which is called jUDDI, which is an Apache project. It's implemented in Java, but it's not just for Java. The UDDI registry is a service. It runs as a standalone and exposes protocols for other things to communicate with it. So jUDDI is a bare bones implementation of UDDI. That's equivalent to what all the platform vendors had in 2002 that nobody was interested in using because that's really not a valuable thing. You need a lot more for a registry than just a bare bones implementation of the UDDI protocol. And the jUDDI implementation is implementing UDDI version 2. There's so much more to UDDI version 3, which is really designed to support the requirements of an enterprise registry. So jUDDI is, as I said, breathing. There was another open source initiative that Novell initiated that was built on a directory as opposed to a database, which was a big mistake. Novell didn't understand that registries are not the same as directories. That implementation has definitely died. The jUDDI project has had one or two people who periodically do some work on it, but there's no active community supporting it. There is one guy who says he's going to rejuvenate it. He says he's going to upgrade it to UDDI version 3. We'll see. Is implementing UDDI version 3 the key?
A bare bones implantation of UDDI version 3 is still not the same as the Systinet registry. I'm not talking about the repository. I'm talking about the Systinet registry. That's the premium registry in the market, which is now being distributed by HP, Oracle, BEA and Tibco. And it does much more than just be a bare bones implementation of UDDI. It has substantial governance capabilities. It has ways of managing staging of services from development to test to production. It's got a whole bunch of management stuff built into it, which is really important. A registry is the management component of your infrastructure. It's also got a whole bunch of data model representations that enable it to communicate with AmberPoint, Actional, SOA Software, Infravio, Reactivity, Layer 7, DataPower, the BEA ESB, Oracle's ESB, the Sonic ESB and other systems. That's because Systinet went off and created this thing they call the governance interoperability framework. That's actually built into the registry and all these other systems know how to communicate management information using this framework. That's what differentiates the Systinet registry from all other registries. So does that leave webMethods with Infravio as a distant second?
It's not even on the roadmap. webMethods is going to be reasonably successful selling the Infravio registry to its customer base. My guess is they are not going to be very successful selling it to someone who is not a current webMethods customer. They may. I think they are trying to use Infravio as a means of expanding their customer base, but I don't have a great deal of confidence that they'll be successful. And what I'm really afraid of is they're going to turn this into a platform play. They're going to integrate it into (webMethods) Fabric to try to convince more people to buy Fabric. And once it becomes a platform play, it's not very interesting anymore. Would you see that leading to vendor lock-in?
Exactly. So how does this all shake out?
HP is king of the hill right now. Then there's IBM, which has this non-standard WebSphere Registry and Repository based on their own API, but IBM has enough power in the industry to actually muscle people into adopting their proprietary solution.
For more information
HP buys Mercury, positions itself for SOA management

IBM looks to govern SOA
Are we leaving any vendors out?
SOA Software also has a registry/repository. They've produced a new product called Workbench. That's a UDDI 3.0-based registry and repository. I haven't looked into their implementation, so I'm not really sure what its core capabilities are, but it does have governance capabilities above and beyond just the registry. Looking forward this year, is there anything we should look for in the vendor landscape?
Microsoft doesn't really have a registry today. Well, actually they do. They provide one free of charge as part of the Windows server, but it's what gave UDDI a bad name. It's a bare bones implementation of UDDI version 2 and nobody in their right mind should ever consider using it as a real registry. To date, Microsoft hasn't been unwilling to give me any information about future plans they might have in terms of registry/repository components, but my guess is at some point they're going to do something.

Then SAP hasn't really come out with a cohesive registry/repository. Actually, let me say this, they've got way too many registry/repositories, but they haven't come out with a good, understandable strategy regarding SOA governance. They do have a governance/risk management solution. They call it GRC, governance, risk management, compliance. But that's not SOA governance.

So we still don't know what SAP is going to do. And we still don't know what Microsoft's going to do.

Dig Deeper on Topics Archive

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.