Operational Governance controls the runtime aspects of APIs and SOA, making sure that APIs and services are behaving correctly. It typically includes monitoring, security, and management with a runtime policy system. The terminology used in the marked has evolved from Web Services Management and Web Services Security through SOA Management, Operational Governance, and now API Management..
The Operational Governance solution relies heavily on the Policy Governance solution for discovery of policies for implementation and enforcement. A well architected Operational Governance solution will fully abstract service consumers and providers from the complexity of policy implementation and enforcement, service endpoint location, transport, standards, message exchange pattern, and other impedances to interoperability. It should provide agents, delegates, and a network resident intermediary for service virtualization.
In a unified governance environment, services governed by an operational governance solution will first have progressed through Planning Governance and Development Governance processes, although in many cases organizations will have many existing services that have not been subject to governance processes and now must be managed and secured and brought under governance.
Operational Governance capabilities include:
SOA Software’s Service Manager is the industry’s leading SOA management and security product. It follows the SOA Infrastructure Reference Model delivering comprehensive standards-based security, routing, mediation, monitoring, and management for SOA and Web services. It is the industry’s most scalable and high performance SOA infrastructure product.
API Manager extends Service Manager Network Director adding API-centric security models including OAuth and App key models, along with a comprehensive set of QoS policy management capabilities.
API Manager and Service Manager are deployed together with Policy Manager™ providing the industry’s broadest and deepest API and SOA Management and Security solution. They implement and enforce policies from Policy Manager, and generate usage, performance and policy compliance metrics that they reports to Policy Manager to enable a closed-loop process for auditing that policies are being correctly enforced.