Introduction to Policy Management

• Overview
• Policy Management Features

Overview

The ever escalating increase in XML traffic results in multiple instances of Enterprise Gateways across the network. For example, Enterprise Gateways can be deployed inside the DMZ, at the data center for acceleration and application offload to relieve key processing bottlenecks, and in front of key applications to identify service usage and behavior. To overcome potential operational control issues, you need policy management tools for centralized control.

Policy Studio and Policy Center address the need for centralized policy management across a distributed network of Enterprise Gateways. These tools enable enterprises to control a distributed network of Enterprise Gateways from a single location. By creating modular reusable policies using Policy Studio, organizations can cluster, version, reuse, and migrate policies to meet high-level security, offloading, and monitoring requirements across their entire SOA. Using a Policy Center server, you can then deploy modified configuration to any Process managed by Policy Studio.

Policy Management Features

This section provides a high-level overview of the policy management features available in Policy Studio and Policy Center:

Avoid the Island Mentality
Policy Studio ensures that Oracle customers do not have to manage a group of isolated policy islands, each in an individual Enterprise Gateway. Instead, when connected to a Policy Center server, you can use Policy Studio's policy management features to centrally manage policies deployed on different Enterprise Gateways.

Centralized SOA Policy Creation
Policies contain specific assertions about operational attributes such as authentication and authorization, encryption and signatures, routing, transformations, and versioning. Policy Studio enables policies to be created, and versioned. When connected to a Policy Center server, you can then push out this configuration to Enterprise Gateways that have been deployed throughout the organization.

Lifecycle Policy Management
Policies managed by Policy Studio are readily transferable across multiple Enterprise Gateways. This enables policies to be developed in a testing environment, and then be proofed in a staging environment designed to replicate production systems, prior to going into production. Using a Policy Center server, policies can be easily migrated between testing Enterprise Gateways, staging machines, and production Enterprise Gateways.

Policy Rollback
Using Policy Studio, policies can be rolled back to revert to previous policy versions. This is a safeguard for policy updates. It also enables systems to be restored to policy versions that were in place at a certain date for testing or auditing purposes.

Role-based Policy Control
Policy Studio administrators are assigned preferential access to policies, including read, write, and update permissions.

Centralized Logging
Metrics on Web Services usage across multiple Enterprise Gateways are centrally stored by Policy Center. This centralized logging allows reports to be generated by Service Monitor. This enables all application networking activity to be viewed together in centralized Web-based reports.

Fast Provisioning of XML Networking Infrastructure
Policy Studio policy management features enable new instances of Enterprise Gateways to be created and deployed quickly. This is particularly relevant for VMWare-based deployments of software-based Enterprise Gateways.