Monday, July 25, 2005

Catalyst overview

Catalyst, on the whole, was a very good experience. I learned a lot. I ended up staying in the Application track the whole time, although I wish I'd jumped to the ID Management track for parts of the first day. There was too much emphasis on what Burton likes to call "application superplatforms" the first day, but day 2's SOA reality check was really excellent. The application security "cross-cutting concerns on day 3 didn't really live up to its promise. The presentations just weren't integrated and collaborative enough -- each clearly came from one research practice's domain.

I do have a couple of suggestions for any Burton Group folks that might be reading this. Nowhere during registration do they make it clear that track jumping is allowed. It would be nice if they said "please pick a primary track, but you are welcome to attend others as needed." That way, I wouldn't have wasted time deciding between tracks. Also, Burton seems eager to eliminate the printed presentation option. This is a bad idea. It is so much easier to take notes on a printed copy, even if it is not completely up to date, because you don't have to supply context in your notes. You can simply circle or star a key point. You can easily refer back to previous pages. Annotations can be briefer. I'd say that The Myth of the Paperless Office should be mandatory Burton reading.

Here's what I got out of Catalyst. This isn't a rehash of what I heard, but my views on areas of discussion.
  • Even though we spent a lot of time talking about tools and technologies, the most important message is that SOA is a cultural shift which doesn't just impact IT, but the business units IT supports. Governance, funding, cost recovery, BU expectations and more all have to change. For instance, true functionalization cuts across BUs, but BUs control and fund projects. We've had a taste of this with component reuse, but this is orders of magnitude different. You have to move your organization from a project based model to a utility based model.
  • Collaboration tools are no longer side items on the menu, but part of the main course. The Social Life of Information speaks of practice and process. To be successful in the future, collaborative tools (which enhance practice) must be seamlessly meshed into the process (applications). You have to enable people to collaborate in context of the process.
  • Increasingly, vendors are trying to provide ever expanding "complete solutions" that include more and more functionality. Burton refers to these as superplatforms. When you marry the SOA vision with the legacy reality, it becomes clear that most enterprises are going to have pieces of multiple superplatforms -- a primary or desired platform certainly, and then bits and pieces of others. Vendors that give interoperability short shrift will find themselves on the losing end, eventually.
  • A services oriented application architecture benefits from a services oriented physical infrastructure. This should accelerate the virtualization of processor, disk, storage, etc.
  • All of this SOA goodness won't help you much if you don't fix your fundamental data quality and management issues. Data stewardship across the enterprise is critical -- data can't reside in BU silos.
  • If Microsoft actually delivers what Ari Bixhorn promised for Indigo, it will go a long way towards alleviating "WS-Vertigo," as Anne Thomas Manes likes to call it. While REST is clearly not appropriate for many corporate applications, I think there are some places where it is sufficient. Sometimes good enough is good enough.
  • There's still too much emphasis on network layer security, although Dan Blum of Burton disagrees with me. Seriously, there is no perimeter. Get over it, and start fixing the real problem of application layer security.
  • Nobody has really addressed the issue of trust and its related risk. WS-Trust isn't going to do it, either.

0 Comments:

Post a Comment

<< Home