AmberPoint :: Press Release

AmberPoint Announces New Release of SOA Runtime Governance Software with End-to-End Policy-based Management, Additional Security Features and Enhanced Performance

Market Share Leader Introduces Significant New Capabilities to Reduce the Complexity of SOA-based Systems

Oakland, California, December 5, 2005 -- AmberPoint announced today a major new release of its industry-leading SOA runtime governance software. AmberPoint’s latest release, AmberPoint 5.0, introduces several new capabilities that reduce the complexity of evolving services-based applications by providing greater end-to-end governance, improved management control and an enhanced user interface. AmberPoint 5.0 launches a groundbreaking policy-based management system, comprehensive new security features, bi-directional communication with registries and significant enhancements in the areas of service diagnostics and performance. The new release also extends management visibility to message flows across all tiers of the SOA stack, including client applications, application servers, web pages, web applications, middleware, legacy systems and back-end databases.

“As organizations grow and evolve their service-oriented business applications, system complexity will grow dramatically,” said Frank Kenney, Principal Research Analyst, Gartner. “A policy-based approach to governing these systems does much to reduce the management burden, yet these organizations will be hard pressed to enforce these policies at runtime throughout changes to the SOA environment. Automating the application and maintenance of governance policies during runtime can help companies deal with the complexity issues that come with growing environments.”

Advanced Policy-Based Management System
AmberPoint 5.0 introduces a revolutionary new policy system that helps organizations to achieve better end-to-end control of services-based applications by eliminating random policy definitions. It reduces costs by minimizing the time and skills required to set new policies. Additionally, AmberPoint’s policy template capability enables users to define a fixed set of fill-in-the-blank policies.

A customizable library of policies enables application- and industry-specific policy packs that reduce costs associated with creating and maintaining management policies, while preventing the creation of ad-hoc, untested polices

Automatic policy provisioning based on service profiles—users can assign policies to dynamic collections of services (using “where clause” criteria such as “all services deployed in WebLogic containers”) rather than administering policies one-at-a-time for individual services

Dynamic evaluation of conditions and automatic re-provisioning of policies when a service profile changes

Comprehensive policy viewer enables users to see which services have which policies, which policies are in use with which services and the status of each policy

Built-in roles for controlling or limiting access to sensitive data

“AmberPoint continues to strengthen its product suite to meet customer requirements,” said David Harrington, Vice President and CTO at the MedicAlert Foundation. “By delivering greater control of governance and security policies, AmberPoint is simplifying the work of managing and maintaining our evolving services network. We can now automatically apply policies to types of services, such as those that are in production, instead of hardwiring them to specific services. This represents a savings of significant time and effort.”

End-to-End Runtime Governance
AmberPoint has extended the reach of its runtime governance solutions across the entire SOA stack, from client applications to the back-end system components, and across all types of message and transport protocols. AmberPoint 5.0 includes agents that support a wide range of SOA-related components, including databases, JMS and MQ messaging systems, EJB-based applications, and ESBs. This same technology can be used by end users and partners to provide visibility into virtually any type of component, including hardware appliances, new transport protocols, and home-grown solutions. AmberPoint agents provide true end-to-end SOA visibility by delivering information on dependencies, performance, service levels, and exceptions.

New Security Capabilities
AmberPoint 5.0 features a comprehensive library of security policies, support for security standards such WS-Security and SAML and tighter integration with third-party security systems including LDAPs and Tivoli Access Manager. The new system provides a graphical interface that enables users to easily define security policies, gain deep visibility into critical security errors and quickly diagnose security problems and violations. A new authentication and attribute framework reduces the time required to integrate each third-party authentication solution.

Support for identity management systems, including LDAPs and Tivoli Access Manager

Support for Security Assertions Markup Language (SAML) 1.1 and WS-Security 1.0 (2004)

Credential mapping

Signature-based authentication

Crypto & censorship policies

These extended security policy capabilities also provide for deeper integration with long-term security partners such as Forum Systems and Reactivity.

Synchronization with Registries
AmberPoint 5.0 automatically discovers the services recorded in a standard registry as well as the policies associated with those services. It then automatically assigns and enforces those policies accordingly, thus ensuring that the policies described in the registry are enforced as intended.

Bidirectional service communication: Automatically discovers services recorded in the registry as well as adding to the registry any new, previously unlisted services discovered in the running environment

Bidirectional endpoint communication: Automatically updates the registry with changes to service endpoints made in the running environment—such as the creation of proxies, virtual services, and other intermediaries

Bidirectional policy communication: Retrieves policies referenced in registries and enforces them at runtime, as well as posting new policies and policy changes to registries

Documents discrepancies between design and development intentions and runtime realities

Supports connection to multiple registries at the same time

Bridges the gap between design time and runtime governance

Additionally, AmberPoint supports the Systinet SOA lifecycle model. AmberPoint can submit policy changes to Systinet’s approval process, which allows review of potential policy changes before promoting them into the production environment.

"Our longstanding partnership with AmberPoint provides our joint customers with a seamless and powerful solution for SOA governance," said Roman Stanek, founder, Systinet. "As a founding supporter and ongoing contributor to Systinet's Governance Interoperability Framework (GIF), AmberPoint is helping organizations to govern services from inception through runtime operation and into retirement. AmberPoint's new policy-based management is integrated even further with our market-leading solutions, achieving bi-directional communication that ensures that updates discovered at runtime are automatically stored to our business services registry and enforced across the system."

New Exception Management Capabilities
Isolating errors and unexpected conditions in SOA systems can be difficult, costly and time consuming. AmberPoint 5.0 provides additional diagnostics and root-cause analysis capabilities to ensure the operational health of the system.

Compliance-based logging that provides fine-grained control of how much data is logged and enables users to prevent the capture of sensitive data, such as credit card and social security numbers

A central web-based facility provides access to distributed service logs

Comprehensive message search capabilities based on message content, time of arrival, message type, or client credentials

Enhanced User Experience
AmberPoint 5.0 offers new features to ease the management and monitoring of even the most complex services-based systems. The AmberPoint UI provides powerful, context-sensitive navigation across management disciplines—service level management, exception management and lifecycle management. For example, while diagnosing a service level fault, a user can drill down to determine if it is the result of an underlying security violation. All common policies and management tasks are accessible through a web-based UI, eliminating the need for a fat client.

Performance Improvements
AmberPoint continues to incrementally optimize its runtime governance software to deliver higher runtime performance with each new version. AmberPoint 5.0 delivers 100% improvement in throughput for single-threaded requests and 450% improvement in throughput for multi-threaded requests.

“Our product innovations come from our close work with our many customers,” said Paul Butterworth, AmberPoint CTO. “For example, we’ve seen where tools to facilitate policy-based management will have an immediate and measurable benefit to organizations grappling with the mounting complexities of services-based systems. And from our many production deployments we understand how diverse a set of application components usually need to be governed. Our close work with industry partners enables us to unveil new capabilities through integration with identity management systems, registries and emerging industry standards.”

About AmberPoint
AmberPoint is the industry’s leading provider of SOA visibility, management and security solutions. Customers such as British Telecommunications, H&R Block, Motorola and the U.S. Department of Defense have chosen AmberPoint for its comprehensive capabilities, its non-invasive approach and its native support for Java and .NET. For more information, contact AmberPoint at 510.663.6300 or info@amberpoint.com.

Press Contacts:

Bob Dever
AmberPoint, Inc.
510.433.6553
bdever@amberpoint.com

Kim Abreu
Atomic Public Relations
415.439.4205
kim@atomicpr.com