SOA Governance and Vendors

We have seen a bit more consolidation in the SOA components arena again, with Iona and BEA getting swallowed up. I didn't use the term "products" because as we all know, it's not possible to go out and buy a SOA, in spite of all the vendors would have you believe and many corporations and agencies hope for so they can spend year-end cash.

Of course, the same goes for SOA governance, which can't be bought, which Michael Stamback reminds us of. Well, he reminds us of that in his first tip. As for the other 4, let's just see ...

Tip #2: Look for a vendor that can explain how their technology is applied

Ah, and I had such high hopes. At least he could have waited until the 4th or 5th tip to steamroll his own advice. He must be pretty new at this schtick.

Tip #3: Beware of the kitchen sink!

This is great advice from a vendor who just loves to sell the kitchen sink. They re-sell Systinet's (wait, Mercury's .. wait, HP's) product last time I looked. You will probably be better off talking to HP directly and get the story from the horse's mouth. Then again, in terms of SOA components, they now have 2 kitchen sinks to sell, though the home-grown one really never worked and BEA never had any SOA components related to governance.

Tip #4: Start small and expand

Can't argue with that one. Governance tools beyond a whiteboard, post-its and a spreadsheet aren't necessary until you have about a dozen services and at least one is composite. Until then, there's really no SOA; barely a collection of services, really. Then again, who's to argue with someone willing to throw money away?

Tip #5: Look for an integrated solution

Ah, I just love this one. Even back when I participated in an evaluation of all the various governance "solutions" out there, only 2 vendors had an integrated stack (Amberpoint and SOA Software) and only one had a comprehensive run-time offering (SOA Software). I don't see how the landscape has changed, at all. The others may claim to have an "integrated" offering. Well, if a colloid is considered integrated, that's fine.

Of course, none of these folks go down deeper into the stack and deal with how to create, manage and enforce governance policies for the rest of the SOA stack outside of the service, like the service container itself! Then again, that's a really hard problem to solve and of course, you can't sell what you don't have a solution for, right?