Orange County 949-556-3131

San Diego 619-618-2211

Toll Free 855-203-6339

Integrating Cloud Access Control With Your IT Infrastructure

Migrating physical access control to the cloud unlocks new levels of security, flexibility, and efficiency. However, to maximize these benefits, proper integration with existing IT systems and infrastructure is essential.

Verkada Access Control is a powerful cloud-based access management platform. It provides centralized user and permission management, real-time monitoring, and intelligent features like predictive analytics across unlimited sites. Leveraging the cloud removes the complexities of maintaining on-premise controllers and servers.

While the benefits of Cloud Access Control Security Services from providers like Verkada are clear, achieving them requires more than just installing new readers and panels. Integration with other IT systems is key.

Here are some of the most important IT touchpoints to consider:

Active Directory Integration

By linking Verkada Access Control into directory services, user credentials, and access permissions can be synchronized. This avoids duplicate data entry and manual provisioning of user roles. Access rules defined in Verkada will automatically pull user attributes from AD for easy assigning of access permissions. Maintaining credentials in a centralized directory enhances security.

HR Database Integration

HR databases contain key details like employee status, office location, and job title that are useful for access control administration. Connecting Verkada Access Control to HR systems allows employee door access to be automatically granted or revoked when they are hired, transferred, terminated, or have changed roles. This ensures access rights always match current job functions.

Physical Security System Integration

Verkada Access Control can interface with intrusion detection, video surveillance, and other physical security infrastructure. This allows access control events like breaches to trigger alarms, video recordings, and alerts automatically for streamlined monitoring. All data rolls up into a unified command center for next-generation security operations.

Building Automation System Integration

By connecting a Building Automation System (BAS) with Verkada Access Control, doors can be scheduled to automatically lock/unlock based on time of day, facility usage patterns, or other pre-configured events. Remote unlocking is also enabled through the API integration. This enhances security and convenience while reducing manual tasks.

Single Sign-On (SSO)

Rather than separate credentials for access control, Single Sign-On allows staff to use one set of corporate login details. This is achieved by integrating Verkada with existing enterprise SSO providers via SAML 2.0 to enable password-less and secure authentication. This improves the user experience while increasing security.

Closing Thoughts: 

Taking full advantage of the latest Cloud Access Control Systems Companies like Verkada requires integration with key IT infrastructure. Partnering with experienced integration experts like Terapixels Systems ensures your implementation aligns access control with the rest of your IT environment.

Scaling Up Your Video Surveillance With Cloud-Based Cameras

In the rapidly evolving landscape of security technology, businesses face the challenge of scaling up their video surveillance infrastructure efficiently. Traditional systems often present limitations in flexibility and cost-effectiveness, making scalability a critical concern.

However, with the advent of cloud-based surveillance cameras, businesses now have a transformative solution to address these challenges and achieve seamless scalability. Let’s explore the advantages of scaling up your video surveillance with cloud-based cameras.

The Evolution of Video Surveillance: Embracing Cloud Technology

The evolution of video surveillance technology has brought about a paradigm shift, with cloud-based solutions emerging as a game-changer. Avigilon Alta, a leading cloud-based security company in San Diego, has been at the forefront of this evolution. Cloud-based cameras redefine scalability by leveraging the power of the cloud to provide businesses with a flexible, cost-efficient, and easily scalable video surveillance solution.

Advantages of Cloud-Based Cameras for Scaling Up

  • Flexible Deployment: Avigilon Alta’s cloud-based cameras offer businesses unparalleled flexibility in deployment. With no need for extensive hardware installations, businesses can scale their surveillance operations seamlessly, adapting to changing needs without major infrastructure overhauls.
  • Cost-Efficiency: One of the standout advantages of Avigilon Alta’s cloud-based solutions is their cost-efficiency. Businesses can significantly reduce upfront costs associated with traditional hardware, as cloud-based cameras eliminate the need for extensive on-premises infrastructure.
  • Remote Accessibility: Cloud-based cameras from Avigilon Alta empower businesses with the ability to access and manage their surveillance systems remotely. This remote accessibility not only streamlines operations but also facilitates easy scalability across multiple locations, all from a centralized management interface.

Scalability Features of Cloud-Based Cameras

  • Elastic Storage: Avigilon Alta’s cloud-based cameras provide businesses with elastic storage capabilities. This means that storage capacity can scale dynamically to accommodate the increasing volume of surveillance data, ensuring that businesses never run out of storage space as they grow.
  • Remote Configuration: Businesses can remotely configure and manage Avigilon Alta’s cloud-based cameras, simplifying the process of scaling up surveillance operations. This remote capability allows for quick adjustments, additions, or modifications to the surveillance system as needed.
  • Integration Capabilities: Avigilon Alta ensures seamless integration of its cloud-based cameras with other security and IT systems. This integration capability not only enhances overall security but also supports a holistic approach to scaling up surveillance infrastructure without compromising interoperability.

Choosing the Right Cloud-Based Camera System for Your Business

Selecting the right cloud-based camera system is crucial for successful scalability. Avigilon Alta stands out as a trusted brand, offering a range of cloud-based solutions tailored to specific business needs. When considering cloud-based cameras, businesses should assess features, scalability options, and the reputation of the provider, ensuring a solution that aligns with their unique requirements.

Wrapping Up:

The scalability of video surveillance is no longer a challenge with the advent of cloud-based cameras. By embracing the advantages of Avigilon Alta’s cloud-based cameras, businesses can future-proof their video surveillance infrastructure and navigate the evolving landscape of security technology with confidence.

For businesses seeking a scalable and innovative video surveillance solution, Avigilon Alta is the answer. Contact Terapixels Systems today to explore how our cloud-based cameras can elevate your security infrastructure, providing the flexibility and efficiency needed for seamless scalability.

IBM Cloud Pak for Security

IBM Cloud Pak for Security is an innovative solution that can run in a variety of deployment models that supports security analytics and incident response for today’s complex, hybrid and multi-cloud environments. It provides a consolidated view on security and threat information across a range of sources from IBM and other vendors. It supports federated search across that data, plus consolidated workflows for incident response spanning multiple systems. With these capabilities, it is a tool that can deliver significant benefits to the efficiency of every SOC.

Introduction

Over the past years, Cybersecurity has evolved from a technical challenge for the IT Security Division of businesses to a major concern for business leaders. Cybersecurity incidents cause massive damage to organizations from small businesses to global leaders. Understanding the current status of attacks across the entire IT landscape of businesses and being able to rapidly identify and respond immediately is essential to mitigate the potential damage they can cause.

On the other hand, the evolution of IT infrastructures from central, on premises data centers to hybrid IT environments running both on premises and in multi-cloud environments increases the complexity of gathering and processing the relevant data. DevOps environments also add a new element of volatility to the IT infrastructures. In addition, containerized environments – specifically if run in multi-cloud and hybrid scenarios – add to the complexity, where even critical business workloads are run in a very agile manner.

To add complexity, there is no one single tool for monitoring and analyzing data, or for automating the response to incidents. Most businesses have several such tools, one or more for each of the multiple environments in which applications run. There is a wide range of sources for security-relevant data in this hybrid world with few or even many tools consuming this data. Both the many sources of data for security and threat analytics, as well as the many systems consuming and processing that data and helping businesses to respond creates challenges.

It has become extremely difficult to create and staff process and to build infrastructures that support this complex environment. One such example is the SOC (Security Operations Center), which collects all relevant data from the hybrid, distributed, and volatile IT environments. In consequence, there is a risk that relevant data will be missed, incidents not identified in a timely manner leading to a failure to respond. Furthermore, with such a variety of such tools in place, it is also difficult to respond in a consolidated and efficient manner. Incident response, both from an organizational and technical perspective, becomes extremely complex.

Cybersecurity must deal with the reality and complexity of today’s IT environments. Point-to-point integrations of data sources to analytical solutions and to incident response solutions fail – too complex, too costly, too slow. There is need for visibility across all the relevant source data, so that systems can build on that data to detect, identify and respond effectively to cyber incidents.

There is, as yet, no defined category for such solutions because, until now, there were no such solutions available. While some vendors have good integration within their own technology or provide interfaces to their analytical applications, a comprehensive integration framework with a broad range of out-of- the-box integrations to relevant sources and analytical tools has been lacking until now.

IBM Cloud Pak for Security is now the first open platform that supports the integration of existing security tools for generating insights into cyber events across hybrid, multi-cloud environments. It is one component of a series of such enterprise-ready, containerized software solutions, named Cloud Paks, that IBM has started to bring to the market.

Product Description

IBM Cloud Pak for Security is a platform intended to connect security-related data sources, from different tools such as SIEMs, EDRs, data lakes, and more. It can access data from a broad variety and sources and provide homogeneous access across all these sources. Based on that, it can deliver consolidated information back to security applications on the platform. Furthermore, it can orchestrate workflows for incident response and automate manual and repetitive tasks. This helps security teams to work and respond faster and with better coordination, by working together based on all available data. IBM Cloud Pak for Security is intended to deliver the foundation for an integrated SOC and security teams, moving from uncoordinated processes using disparate solutions to a coordinated and integrated response. With a focus on fostering interoperability, IBM Cloud Pak for Security is not a replacement for existing tools as a “super tool”, it enhances the value of those existing tools as an integration platform. Rather than providing a central data store it is a data federation platform providing consolidated access across multiple tools. This preserves existing investments and enables security teams to deal with the complexity of the heterogeneous IT landscape as well as the range of heterogeneous IT security tools deployed. It enables a better coordinated approach to tackling the ever-increasing cyber-attacks.

IBM Cloud Pak for Security runs in hybrid environments – on-premise, private cloud or public cloud. It can access data from a variety of environments and source systems, and is an open environment, where multiple security tools can easily connect. It is focused on federating data investigations, as well as orchestrating processes and workflows across various security tools.

With the hybrid, multicloud approach, IBM Cloud Pak for Security aligns with other, recently published IBM Cloud Pak solutions. All these solutions are built on Red Hat OpenShift for the container platform and operational services and thus are one of the first concrete integrations that IBM has delivered since acquiring Red Hat. Based on that platform, Cloud Paks are micro-service based, containerized solutions that build on open source components whenever applicable, but extend and combine these into a comprehensive, packaged solution.

IBM Cloud Pak for Security will connect to a large number of tools. These cover many of the relevant vendors in the cybersecurity tools market, such as Splunk, Tenable, Carbon Black, Elastic, BigFix, AWS, or Microsoft Azure, to name just a few. All these 3rd party solutions can connect to IBM Cloud Pak for Security for access from the platform’s unified interface. Security data is accessed leveraging the platform’s universal data services and open source technology, and relevant findings can be further analyzed from one place.

Beyond integrating data sources, IBM Cloud Pak for Security also delivers unified access to that information, both via APIs and UIs. For API access, IBM Cloud Pak for Security provides its own SDK. Using that, businesses also can more easily build their own integrations and apps. The main focus of what IBM delivers out-of-the-box is on security workflows, orchestrating multiple existing solutions into integrated workflows, and supporting automation. These are intended to enable better and more efficient incident response, which is the key requirement for today’s businesses and their SOCs.

Another key capability of IBM Cloud Pak for Security is the federated search, which is a natural consequence of unified access to security-related information. Based on this federated search, information can easily be extracted and analyzed across multiple tools. Again, IBM Cloud Pak for Security does not move data to a central store, but federates access to information. However, investigations across the complex IT landscapes of today’s businesses are massively simplified when queries can be run across a variety of tools from different providers (and multiple instances of such tools), across all data centers and cloud services.

The broad support by other vendors from the very start of IBM Cloud Pak for Security is proof of the validity of this approach and the fact that this is a well-thought-out integration platform, not a replacement of existing investments.

IBM Cloud Pak for Security builds on open standards wherever feasible, which is in line with the Open Source foundation of the new solution. The solution can run on various platforms, including on premises environments, private clouds and public IaaS infrastructures such as AWS, Microsoft Azure, Google Cloud Platform, or for sure IBM’s own Cloud.

Strengths and Challenges

With IBM Cloud Pak for Security, IBM delivers a major innovation to the Cybersecurity market, addressing three of the major issues:

  • The increasing volatility of today’s IT environments;
  • The need to support complex, heterogeneous IT operating environments, that are hybrid and span multiple clouds;
  • The multitude of cybersecurity tools that commonly exist in today’s businesses, but lack integration of data and processes.

Based on the approach IBM has chosen, businesses can better integrate both their existing tools and data, in a way that easily builds on and extends their incident response processes. With the approach chosen by IBM, existing investments into cybersecurity solutions are preserved, while adding additional value.

We expect the network of partners supporting IBM Cloud Pak for Security to grow beyond the already impressive initial list of partners. From a competitive perspective, the biggest competition to IBM Cloud Pak for Security will come from vendors delivering incident response solutions. However, even those solutions can build on the integration and federated search capabilities provided by IBM Cloud Pak for Security.

In sum, IBM Cloud Pak for Security is a highly interesting solution for many businesses, specifically the ones running their own SOCs. It also appears to be of high interest to MSSPs (Managed Security Solution Providers) that need to integrate a range of solutions. We strongly recommend that customers evaluate IBM Cloud Pak for Security for use in their cybersecurity initiatives.

Strengths

  • Unique offering that allows for consolidated access to security and threat information across a wide range of systems;
  • Strong partner ecosystem, with support from the majority of leading security vendors;
  • No movement of data, but data federation, avoids the creation of new data siloes;
  • SDK and other options for developing additional apps and for creating flexible incident response workflows;
  • Runs in various cloud environments, supports multi-cloud and hybrid requirements;
  • Modern architecture, based on microservices and containerization.

Challenges

  • Confusion with existing incident response solutions, although built as a broader platform to work with any third-party solution
  • Successful federated search depends on availability of data sources.

Complexity In Cybersecurity Report 2019

Executive Summary

A rapidly changing threat landscape has made organizational security more crucial and challenging than ever. Organizations have responded by investing in an enormous number of disconnected point solutions. However, a combination of disjointed products that all operate independently and generate a large amount of data has culminated in a crisis of complexity. As a result, security teams are unable to get the most out of their investments and must spend even more to properly secure their environments. The need to reduce complexity has never been clearer.

IBM commissioned Forrester Consulting to evaluate the state of security complexity and the effect it is having on security efficiency and effectiveness. To explore this topic, Forrester conducted a survey with 200 global security professionals with responsibility for security strategy and/or security technology purchases. We found that nearly all respondents report concerns over complexity. However, organizations that have taken steps to simplify their security ecosystems, including consolidating solutions onto a single management platform, have seen meaningful benefits.

KEY FINDINGS

  • Security environments are increasingly complex. Security pros tend to operate in siloed teams, so it is rare — if not impossible — to get a full picture of data and processes across the entire security discipline, much less the entire company. Making matters worse, data volumes across locations, and particularly in the cloud, have skyrocketed in the past few years, and that trend is likely to continue.
  • Organizations are spending more but not necessarily wisely. Increases in security budgets and organizational pressure to avoid a damaging data breach have led organizations to adopt a plethora of disconnected point solutions. Our study found that, on average, 52% of security products and 77% of vendors have been added within the last two years. This buying frenzy has added to organizations’ security complexity, but it has not necessarily added to the overall maturity of their security programs.
  • Complexity erodes ROI. Security complexity has become a problem that organizations can no longer ignore. Our study found that 91% of organizations are concerned with complexity, and those with very complex environments are more likely to cite cost challenges and inefficiencies with technology and staff.
  • Simplification can unlock security value. Organizations that are effective at simplifying their environments make the most out of existing security investments. They are connecting data and processes and integrating solutions into consolidated management platforms. They’re also reaping several benefits, including improved ability to detect, respond to, and recover from threats.

Reactive Tactics Have Spun A Tangled Web Of Security Solutions

Highly publicized data breaches have moved security into the minds of executive teams. This has made it easier for security leaders to make the case for budget and get executive buy-in to fund security projects. In fact, security spending as a percentage of IT budgets is on the rise.1 At the same time, the industry has responded with a flood of intriguing solutions to protect against new threats.2 The result? Reactive security spending and widespread inefficiency.

Our research of 200 security decision makers who are prioritizing optimization of security assets and resources over the next year reinforces these trends: “Improving return on security investments” is one of their top priorities, behind only “improving advanced threat capabilities.” In addition, many are focused on increasing the productivity of their staff, simplifying their environments, and improving operational efficiency (see Figure 1). However, they face an uphill battle in these efforts as they now need to secure:

  • A soaring number of point solutions. Security pros, particularly those at companies that have suffered a breach, have dipped into their growing budgets to pay for new security solutions. However, many are solving for short-term needs without giving enough thought to how each addition contributes to the long-term maturity of their security programs. As a result, teams are overladen with a multitude of disparate and disconnected point solutions. Our respondents’ organizations are managing an average of 25 different security products/services from 13 vendors — and many have even more. In a sign of the buying frenzy of recent years, 52% of the security products added and 77% of the new vendors added were done so within just the last 24 months.
  • Skyrocketing data volumes. Over the past two years, data — on- premises, in endpoints, in virtual servers, and especially in the cloud — has increased substantially. In every location we tested, respondents report at least a 55% increase in data stored, on average, and many have seen data double, triple, or more in the same time period (see Figure 2). Yet unlike the increase in security products, security teams have little to no control over data increases that will likely persist in the years to come.

On average, 77% of the security vendors at respondents’ organizations were added in the last 24 months.

  • Data living across a heterogeneous environment. Increasingly, data is moving out of endpoints and on-premises servers and is proliferating across the enterprise. Given that many organizations have embraced cloud-first strategies, it’s not surprising that much of organizations’ data is moving to the cloud, and their security assets and processes have followed. In fact, respondents predict that by 2020, the percent of security assets and processes their organizations have in the cloud will increase by more than 200% over 2016 levels. Data dispersed across heterogeneous architectures threatens security teams’ visibility: They cannot protect valuable data assets they cannot see.

Despite the broad range of security defenses to which organizations have flocked, most security pros struggle to maximize the value of their investments and protect their organizations.3 In fact, fewer than a quarter say they’re completely satisfied with their security portfolios in supporting them to develop advanced threat intelligence capabilities; increase productivity of security staff; extract insight from data; and drive efficiencies. Moreover, just 50% or fewer respondents report they are using all or most of the available functionality in any of the 11 security technology categories in our study. Notably, fewer than 25% say their technologies are fully optimized in internet-of-things (IoT) security; identity and access management; security automation and orchestration; and security information and event management (SIEM).

Complexity Threatens Cyber Security Effectiveness

As today’s security leaders struggle to manage the complexity of their security environments, they are learning the tough lesson that adding more point solutions doesn’t simplify anything. The lengthy deployment cycles, difficult integrations, and user training involved with managing an influx of solutions present risks that make technology investments fail.4 Respondents recognize that this poses a very real threat: 91% express some level of concern over their organizations’ security complexity (see Figure 3). It ranks second highest among their top concerns, only slightly behind the changing and evolving nature of threats.

While nearly every respondent indicated some concern over complexity in their environment, the results from those who responded with the highest levels of concern made it clear just how complex organizations have become (see Figure 4). Predictably, the greater the concern over complexity, the more products and data organizations had. The respondents who indicated a higher concern for complexity also, on average, have 45% more security products and 36% more vendors than respondents who were less concerned. In addition, they are managing more data across locations. As a result, they’re twice as likely as other organizations to describe integrating disparate security technologies and data sources as challenging and to struggle with gaining visibility into security-related data and insights (see Figure 5). And any insight they do glean is difficult to build on: Over half of them cite collaborating with peers inside and outside of the organization on security insights as a barrier, making it more difficult for them to develop their threat intelligence capabilities and to uncover patterns of vulnerability.

  • Complexity erodes ROI. Security complexity exacerbates an already challenging issue: an inability to make the most of security resources. Those with greater complexity concern are more likely to say that the complexity of their security environment has led to high costs. They also are more likely to cite inefficiencies in the use of security technology and security staff time and to find it difficult to train staff on new security products
  • Complexity inhibits innovation. Market uncertainty stemming from government agencies, competitors, and customers requires companies to constantly change. Only those that are fast, connected, and innovative will be able to thrive in a shifting landscape. Unfortunately, those with security complexity struggle to evolve with the agility required: 50% report that their complexity has made it difficult to replace outdated security technology and 37% say that it has caused them to defer purchases in fear of adding further complexity. Making matters worse, 29% feel locked in on specific vendors. While companies with highly complex security environments could benefit greatly from a more streamlined ecosystem, they face an uphill battle in their efforts to modernize relative to organizations with less complexity.

SECURITY SIMPLIFICATION UNLOCKS INVESTMENT VALUE

Despite the challenges that stand in their way, organizations with the greatest levels of complexity concern simplification as a worthwhile effort. They associate several benefits with a more simplified environment — from an improvement in their ability to extract insight from data, to threat intelligence, to internal collaboration and user experience. Notably, 72% believe simplification would have a “moderate” or “significant” improvement in operational efficiency, security staff productivity (68%), and security investment return (58%) — addressing their highest priorities.

Organizations believe a simplified environment would allow them to improve operational efficiency, security staff productivity, and security investment return.

Simplified Cybersecurity Portfolios Are The Way Forward

Recognizing the challenges that come with security complexity and the benefits of simplification, the question becomes: What can organizations do to reduce security complexity? While all respondents report taking at least some steps to reduce complexity, fewer than half (44%) describe their efforts as effective. For the purposes of this study, we refer to these organizations as “Champions,” and all others (i.e., those who cite their efforts as “somewhat,” “slightly,” or “not at all” effective) as “Challengers”

Although Champions are more effective in their simplification efforts, their simplification journeys are not complete. In fact, many of them still cite concerns with complexity. They have, however, started to make significant inroads in streamlining their security and have lessons to teach organizations that are still struggling. In particular, Champions:

  • Prioritize simplification. While it may seem obvious, one of the most distinct differences between Champions and Challengers is the level of priority they’re placing on simplification. Not only are Champions significantly more likely to make simplification a priority, they’re also more likely to dedicate specific resources to the effort (see Figure 8). Seventy-five percent of Champions have dedicated resources relative to just 56% of Challengers. Additionally, 63% or more of Champions have employed each of the simplification tactics we tested.
  • Maximize existing investments. Chasing shiny new point solutions instead of optimizing technology that already exists can lead to multiple disconnected tools for similar needs. A more efficient approach is to look for opportunities to reinvent and reinvest in a smaller set of existing tools, maximizing their utility.5 Champions are doing just that: 63% have worked to reduce the number of point solutions or vendors in their security portfolios, relative to just 36% of Challengers. In addition, Champions are more likely to have reigned in repetitive spending (66% versus 52%). Finally, Champions squeeze more value out of existing security tools — they enjoy a much higher utilization rate across a range of security investments
  • Consolidate management to a single platform. Champions are more likely to be consolidating management software to a single platform or vendor (63% vs. 45%). By managing their security assets in a consolidated platform, they can transform disparate solutions into a cohesive and connected security suite. Consolidated offerings give security teams more visibility and control into their environments; they also reduce the operational complexity and cost of managing individual point products and lay the foundation for automation and orchestration of security defenses.

ADDRESSING COMPLEXITY MAKES ORGANIZATIONS MORE RESILIENT

A particularly fascinating finding of this research was that Champions are not only benefiting from efficiency gains, they’re also more successful at protecting their companies from cybersecurity threats.

Champions are more likely than their less effective peers to say they’re satisfied with their security portfolio’s ability to detect threats across their ecosystem — and they’re significantly more likely to be satisfied in its ability to respond to threats and recover from security incidents, with margins ranging from 33 to 35 points. Even though Champions still have more work to do to overcome complexity, their approach to the issue — prioritizing the effort, maximizing existing investments, and consolidating management to a single platform — makes them far more prepared to protect their organizations from security disruptions

SECURITY VENDORS PLAY AN IMPORTANT ROLE IN SIMPLIFICATION

For their part, many organizations have made some progress in their efforts to simplify their security ecosystems. However, the benefits they’ve seen will be short-lived if security vendors don’t make changes that support these efforts. Organizations must look past vendors that perpetuate the cycle of inefficiency. In fact, 98% of surveyed decision makers want help from their security vendors to reduce complexity. They want vendors to offer solutions that

  • Are easy to use, integrate, and buy. Forrester’s research has found that security leaders face major challenges with staff and skill deficits.7 Our research reinforces this trend: 44% percent of security leaders in our study cite a lack of staff as a concern in protecting their companies. Too many technologies that are poorly integrated only worsen the human capital problem. It also makes it more difficult for organizations to address the issue: 40% say skill shortages are a barrier in their efforts to simplify their environments. Many security vendors are developing new platforms that consider ease of use and simplified controls.8 Security professionals in our research express an appetite for these types of tools, as well as ones that are easy to integrate and buy.
  • Can optimize and connect to solutions already in place. Security decision makers want their vendors to understand their existing security landscapes. They want vendors to extend the value of existing security investments and integrate only those capabilities that contribute to long-term maturity of their cybersecurity programs. This includes being able to seamlessly integrate with products from other vendors, not only ones within that vendor’s portfolio.
  • Activate and connect data regardless of where it’s stored. With data growing and spreading to every corner of the enterprise, organizations cannot reasonably consolidate all data in a centralized location for insight and analysis — at least not without incurring significant costs. Security teams see value in vendors that can help them activate and connect data no matter where it’s stored, reducing their need for pricey, time-consuming, and complex data migration projects.

Key Recommendations

Complexity is becoming an increasingly urgent issue in today’s security landscape and will continue to grow if not addressed. Security teams that wish to avoid this pitfall should make reducing security complexity a priority and focus within their organizations. Take these three key actions to do so:

  • Consolidate capabilities to focus on business objectives. Limiting the number of individual solutions reduces the amount of management and maintenance required to keep the security ecosystem running smoothly. Finding ways to reinvest and reinvent current solutions helps organizations keep staff increases in check and helps increase ROI.
  • Decrease data silos to limit friction for security teams. Firms that fail to integrate security, information technology, and application data together will not possess the necessary information to make quick, accurate decisions about the potential ramifications of security events. The more concerned firms were with complexity, the more isolated data came up as a symptom. Tools and technology that allow security teams to receive and analyze disparate data sources will help security teams act decisively.
  • Simplify your ecosystem to enhance response and recovery. While detecting threats is reasonably improved by a simplified security portfolio, massive gains were identified in responding to, and recovering from, incidents, no matter where those events came from in the customer’s ecosystem. If the adage holds true that “it’s if, not when” for security leaders, then response and recovery must take center stage as areas of emphasis. Simplifying security is one clear way to make that happen.

Cloud Paks An open, faster, more secure way to move core business applications to any cloud

Introduction

Enterprises employ cloud technologies to deliver innovation at scale and at lower cost. New services are often built natively on cloud, but can also come with risk of “vendor lock-in” and escalating cost. Existing applications can be rewritten, but rewriting thousands (if not tens of thousands) of applications from the ground up is both cost and time prohibitive, so taking steps to modernize existing applications can be an attractive approach with faster time to value. Both strategies — building new cloud- native applications and modernizing existing applications to support cloud environments — need to be done in an open, portable manner that helps clients improve time to value while avoiding lock-in. Containers and Kubernetes enable this by providing portability and consistency in development and operations, but developers and administrators are still required to continuously connect component layers and verify interoperability. In addition, collecting,integrating and analyzing data enables data engineers and scientists to help application developers infuse AI into applications; but the trick is to do this without adding complexity and cost. And, then, once applications are built and connected to data, IT operations need them to run in an environment that is high performing, scalable and reliable. Today, around 80 percent of existing enterprise workloads have not yet moved to the cloud due to these challenges and enterprises struggle with movement, connectivity and management across clouds.

To help clients move more workloads, faster, to cloud and AI, IBM announces:

A family of Cloud Paks that give developers, data managers and administrators an open environment to quickly build new cloud-native applications, modernize/extend existing applications, and deploy middleware in a consistent manner across multiple clouds. Today, IBM introduces six new Cloud Paks: Cloud Pak for Applications, Cloud Pak for Data, Cloud Pak for Integration, Cloud Pak for Multicloud Management, Cloud Pak for Automation and Cloud Pak for Security that deliver IBM enterprise software and open source components in open and secure solutions that are easily consumable and can run anywhere.

Cloud Paks provide:

  • Containerized IBM middleware and open source components.
  • Consistent added capabilities for deployment, lifecycle management, and production quality of service – logging, monitoring, version upgrade and roll-back, vulnerability assessment and testing
  • Certification by IBM to run on Red Hat OpenShift, providing full software stack support, and regular security, compliance and version compatibility updates
  • The Cloud Pak for Applications reduces development time to market by up to 84 percent by reducing the compute required and by accelerating throughput of the continuous integration continuous delivery (CICD) pipeline, and reduces operational expenses by up to 75 percent through increasing IT admin efficiency and reducing related labor costs.

IBM is committed to delivering enterprise software from across its portfolio for modern cloud environments. Cloud Paks provide enterprise container software that is pre-integrated for cloud use cases in production-ready configurations; they can be quickly and easily deployed to Kubernetes-based container orchestration platforms. In addition, these Cloud Paks provide resiliency, scalability, and integration with core platform services, like monitoring or identity management.

Cloud Paks enable you to easily deploy modern enterprise software either on-premises, in the cloud, or with pre-integrated systems and quickly bring workloads to production by seamlessly leveraging Kubernetes as the management framework supporting production-level qualities of service and end-to-end lifecycle management. This gives clients an open, faster, more secure way to move core business applications for any cloud, as shown in Figure 2.

This paper describes Cloud Paks in more detail, highlighting the additional value that this delivery model offers, with some background details on the underlying open technologies, for those who may be unfamiliar.

Cloud Paks Simplify Enterprise-grade Deployment and Management for Software in Containers

Red Hat OpenShift Container Platform (OCP) builds on top of the open source Kubernetes orchestration technology. IBM is committed to delivering enterprise software designed for these modern container orchestration platforms and Red Hat OpenShift Container Platform.

Deploying complex software workloads in optimized and highly-available configurations can involve collecting or creating large numbers of disparate components, including the workload container images, configuration files, and assets for integrating with your chosen platforms or management tools.

Cloud Paks bring together thoroughly-tested enterprise software container images using, Helm charts with intelligent defaults for simplified configuration and management and can include additional assets, such as Operators that intelligently manage software during runtime, in a single archive from a trusted source. As a result, you can quickly load software into your catalog, walk through a simple deployment experience, guided by logical defaults and helper text and easily deploy production-ready enterprise software onto IBM’s container platforms, in the cloud or in your own data center.

Core Services

Cloud Paks utilize a common set of operational services by default, such as security and identity services, logging, monitoring, auditing. For example, workloads can be monitored out of the box using the integrated monitoring service. Similarly, logs that are generated by each workload container are collected and correlated by a platform-provided logging service that includes a collection, search and dashboarding capabilities.

Containers Revisited

Containers give you the ability to run multiple software elements, isolated from each other, within the same operating system instance. Unlike a virtual machine, a container shares the operating system kernel with its underlying host and since system calls can be made directly, a container can be run more efficiently and be instantiated faster, as shown in Figure 3.

While containers are available in many forms and implementations, the Open Container Initiative (OCI) has emerged as the leading standard in the industry, defining open specifications for container images and container runtimes.

The fact that containers are lightweight and start quickly makes them ideal for hosting microservices, which are a key element of cloud-native application architectures. Traditional, more monolithic applications can also be run inside containers, but will benefit less from this technology. As always, keep in mind that a poorly architected and designed application is still a poorly architected and designed application when run in a container.

Building production-ready images

All IBM container images provided in Cloud Paks follow a set of well-defined best practices and guidelines, ensuring support for production use cases, and consistency across the IBM software portfolio. Cloud Paks support deployment to Red Hat OpenShift Container Platform using Red Hat Certified Containers.

One element that is especially important to IBM is support for multiple hardware architectures, including Linux on IBM Power and Linux on IBM LinuxOne, and providing images for the hardware platforms the respective IBM products support.

Management of security vulnerabilities is also critically important. Cloud Paks are scanned regularly for known image vulnerabilities as part of the standard build procedures. As part of full software stack support and ongoing security, compliance and version compatibility, all Cloud Paks must have a documented process for managing newly identified vulnerabilities. Additionally, IBM follows Secure Engineering Practices for development of software and maintains a Security Vulnerability Management process (PSIRT) for commercial software supported by IBM. IBM Software delivered as a Cloud Pak inherently follows those corporate standards. Cloud Paks delivered by partners must have a documented process for addressing security image vulnerabilities.

Kubernetes – a management environment for containers

Up to this point, we have discussed the basics of building, running and maintaining container images, which can be used to run containers in a standalone fashion. But containers alone do not provide a framework for implementing production-grade qualities of service like resilience, scalability or maintenance.

For example, software running inside a container may write data to a file. If the file exists within the container, deleting the container will also delete the file. If the software’s state must be maintained, that state data should be written to a volume outside of the container. If the state needs to be consistent even with the failure of a host, then that volume should exist on storage that is accessible by multiple hosts, most likely over a network. To maintain availability of the application during the failure of a host, you would also need to run multiple instances of the container on multiple hosts and load balance incoming requests across those containers. This would require a reasonable amount of effort to manage manually, especially if you want to be able to seamlessly upgrade to newer versions of an application or build a continuous integration process.

Kubernetes is an open source orchestration platform for containers that solves these administrative challenges by providing a declarative framework for deploying, scaling, and managing container-based workloads. It is a popular choice for managing clusters of containers throughout the industry; RedHat OpenShift provides a common Kubernetes- based platform for Cloud Paks on premises, on public cloud infrastructure, in pre-integrated systems, and managed service via Red Hat OpenShift on IBM Cloud.

The declarative definition of abstract resources that influence how the cluster behaves and manages workloads is a key feature of Kubernetes and will be covered briefly below. Cloud Paks are built for Kubernetes-based environments and include all the configuration artifacts you need to easily customize and deploy an enterprise-grade Kubernetes workload.

Takeaway: Kubernetes is a popular framework for running containers in a scalable, resilient, highly available fashion, supporting production use cases for enterprise applications. IBM has chosen Kubernetes as its container orchestration platform both on-premises and in the cloud, and Cloud Paks are designed specifically for deployment to the Red Hat OpenShift Container Platform

Kubernetes Resources

Kubernetes provides users with a set of defined resources including a way to describe how containers should run in the cluster, how the system reacts to events like failures, how to make containers accessible over the network and how and where to store data.

You can describe the provisioning and management of your application workload by defining the desired state of these resources using a YAML file and Kubernetes will manage the cluster environment accordingly.

Internally, Kubernetes delegates the management of the resource to its associated controller.A few of the most common Kubernetes resources are described briefly below.

  • Deployment Describes the desired state of one or more Pods, which are collections of running containers
  • StatefulSet Similar to the Deployment resource mentioned above but describes containers that maintain state.
  • Service Describes how pods that are part of a deployed workload (Deployment, StatefulSet, etc.) can be accessed from outside of the Kubernetes cluster. Gives clients a well- defined target address/port combination across multiple pods, including across restarts and recreations of these pods.
  • PersistentVolume / StorageClass Enables you to define an allocation of storage that persists across the lifetime of the pods that use it. Pods can attach to a suitable volume by using a PersistentVolumeClaim. The StorageClass resource describes different qualities of service that are available for different types of storage that may be offered.
  • ConfigMap Enables separating configuration data for a pod into a separate object.
  • Secret Similar to ConfigMaps, Secrets contain sensitive data (for example, passwords or ssh keys) and are stored separately from container that use them.

This list barely scratches the surface of the resource types available in Kubernetes, which also supports defining custom resource types. For a more detailed description of Kubernetes resources, see the official documentation.

The resource definitions mentioned above contain configuration metadata that is critical in ensuring enterprise-grade qualities of service of the workloads running in Kubernetes. For example, you can define memory and CPU allocations for individual pods, ensuring that sufficient capacity is available when creating containers, while also ensuring that individual workloads cannot use more than their allocated resources, enabling effective sharing of hardware resources. As another example of the control afforded by Kubernetes, you can define affinity and anti-affinity rules that let you control which of your worker nodes certain pods run on.

Takeaway: Individual workloads, including IBM software content that runs in Red Hat Open Shift, are described using predefined Kubernetes resources. Cloud Paks define Kubernetes resources for your workloads using intelligent defaults, and provide for easy customization during deployment.

Using Helm charts to orchestrate containerized workloads

As mentioned above, Kubernetes uses abstract resources to allow describing the desired target state of a workload, paired with controller implementations that enforce the defined target state.

Each application or service running in Kubernetes is represented by multiple resources, each of which is typically defined in its own YAML file. Each resource also carries several attributes with it, whose values may differ from deployment to deployment based on the specifics of the environment and the supported usage.

The Helm project aims to simplify the deployment and maintenance of complex workloads in Kubernetes environments. It provides a packaging format called a chart, which you can use to group together YAML templates that define related sets of Kubernetes resources. An instance of a Helm chart that has been installed into a target Kubernetes cluster is called a release. Helm not only simplifies orchestration of Kubernetes resources, it also simplifies the ongoing maintenance of your releases. This makes production-level operations like rolling upgrades more manageable and contributes to the overall availability and maintainability of your application.

Cloud Paks use pre-built configurations that describe runtime environments. These resource definitions can be easily customized during deployment, and upgrades can be easily rolled out or rolled back.

Cloud Paks are certified by both IBM and Red Hat for the OpenShift Container Platform; the container images included in Cloud Paks are required to complete Red Hat container certification, which is complementary to IBM’s certification process.

Kubernetes Operators

Operators are flexible and powerful custom Kubernetes resource definitions that can be used for deploying and managing containerized workloads in a Kubernetes environment. They can also be used for packaging applications, in a manner similar to Helm charts, or they can be used together with Helm, in a complementary manner.

By building specific knowledge and best practices about deploying and managing a software product directly into an operator, a software provider can capture domain-specific expertise about operating the product, giving end-users powerful automated runtime and lifecycle management capabilities without requiring that same level of expertise from the end user.

For example, Cloud Paks can utilize operators to deliver IBM’s expert knowledge about deploying and managing IBM enterprise software products in modern container orchestration environments as part of the software offering itself, transferring some of IBM’s expertise to the customer automatically.

Takeaway: Cloud Paks include Helm charts, which assemble all of the Kubernetes resource definitions related to a piece of IBM software, and provide for easy customization, deployment, and maintenance using Red Hat OpenShift, on premises or in the cloud, and can include Operators, which capture product-specific deployment and management expertise.

Cloud Paks

Cloud Pak for Applications

To remain competitively relevant, enterprises must consistently update their software applications to meet the demands of their customers and users. Meeting this demand requires an application platform that allows for the quick building, testing and deployment in a modern, microservice-based architecture. To satisfy this crucial need, IBM is introducing Cloud Pak for Applications.

Cloud Pak for Applications supports your enterprise’s application runtimes, and offer instrumental developer tools and modernization toolkits, DevOps, Apps/Ops Management and a self-service portal. Cloud Paks for Applications can accelerate the ability to build cloud- native apps by leveraging built-in developer tools and processes, including support for microservices functions and serverless computing. Customers can leverage this Cloud Pak to quickly build apps on any cloud, while also providing the most straightforward modernization path to the cloud for existing IBM WebSphere clients, with security, resiliency and scalability.

Cloud Pak for Automation

Companies in nearly every industry are digitizing and automating their business operations. They’re freeing employees from low-value tasks and assisting them with high-value work to drive a new wave of productivity, and customer and employee experiences. However, it can be challenging to effectively automate work at the pace of customer and internal expectations.

To address these challenges, IBM is introducing, Cloud Pak for Automation is a pre-integrated set of essential software that enables you to easily design, build and run intelligent automation applications at scale. With Cloud Pak for Automation, you deploy on your choice of clouds, anywhere Kubernetes is supported – with low- code tools for business users and real-time performance visibility for business managers. It’s one flexible package with simple, consistent licensing. No vendor lock-in. And existing customers can migrate their automation runtimes without application changes or data migration.

Cloud Pak for Data

As companies continue to harness the potential of AI, they need to use data from diverse sources, support best-in-class tools and frameworks, and run models across a variety of environments. However, 81% of business leaders do not understand the data required for AI. And even if they did, 80% of data is either inaccessible, untrusted, or unanalyzed. Simply put, there’s no AI without an information architecture.

IBM recognizes this challenge our clients are facing. As a result, IBM is introducing Cloud Pak for Data with the goal of creating a prescriptive approach to accelerate the journey to AI: the AI Ladder, developed to help a client drive digital transformation in their business, no matter where they are on their journey. Cloud Pak for Data brings together all the critical cloud, data and AI capabilities as containerized microservices to deliver the AI Ladder within one unified multicloud platform.

Cloud Pak for Integration

Traditional integration approaches cannot cope with the volume and pace of business innovation. Digital transformation enables organizations to unlock the power of data to create personalized customer experiences, utilize artificial intelligence, and innovate faster to stay ahead of the competition. In order to keep up, businesses need the ability to integrate in hybrid environments outside the data center and drive speed and efficiency in integration development while lowering costs. To facilitate these new, evolving demands, IBM is introducing Cloud Pak for Integration.

Cloud Pak for Integration is designed to support the scale, security and flexibility required to empower your digital transformation. With the Cloud Pak, enterprises can integrate across multiple clouds with a container- based platform that can be deployed across any on- premise or Kubernetes cloud environment, and easily connect applications, services, and data with the right mix of integration styles, spanning API lifecycle management, application integration, enterprise messaging, event streams, and high-speed data transfer.

Enable your business to set up the appropriate organizational models and governance practices to support a modern agile approach to integration with Cloud Pak for Integration.

Cloud Pak for Multicloud Management

As application innovation accelerates, enterprises have increasingly adopted a hybrid, multicloud architecture to build, test and deploy applications. With this new hybrid, multicloud architecture, the volume and complexity of objects and metrics to manage has skyrocketed, making monitoring and securing the enterprise IT ecosystem more difficult. To mitigate some of this complexity, IBM is introducing Cloud Pak for Multicloud Management.

Cloud Pak for Multicloud Management provides consistent visibility, automation, and governance across a range of multicloud management capabilities such as cost and asset management, infrastructure management, application management, multi-cluster management, edge management, and integration with existing tools and processes. Customers can leverage Cloud Pak for Multicloud Management to simplify their IT and application ops management, while increasing flexibility and cost savings with intelligent data analysis driven by predictive signals.

Cloud Pak for Security

As organizations move their business to the cloud, applications and data may be spread across multiple clouds and on-premises environments. Trying to secure this fragmented IT environment can be challenging. Security teams must undertake costly migration projects and complex integrations. In fact, more than half of the security team surveyed struggle to integrate data with analytics tools and to combine data across their cloud environments to spot security threats. IBM Cloud Pak for Security is a containerized software platform pre-integrated with Red Hat OpenShift. It connects to existing security data sources,enabling teams to search for indicators of compromise (IOC) across any cloud or on-premises location and uncover new threats. Once threats have been found, Cloud Pak for Security allows teams to quickly orchestrate responses and automate actions from a unified interface.

Summary

Cloud Paks provide an easy and powerful way to run high-quality, container-based enterprise software on a modern Kubernetes-based orchestration platform that enables high availability, scalability, and ongoing maintenance for enterprise applications, from a source you know and trust. They include container images that are built and tested by product teams, capturing product expertise and best practices in a form factor that is easy to consume and deploy in a location of your choice, on-premises, in the cloud, or with pre-integrated systems. Images provided by IBM are regularly scanned for known security vulnerabilities and follow a rigorous process for managing newly identified issues.

Cloud Paks also include pre-configured Helm charts that describe runtime environments for IBM software products based on established best practices and can be easily customized during the deployment process. They may also include Operators that build product- specific deployment and lifecycle management expertise into the software. These capabilities combine to provide a first-class deployment experience, integration with core platform services, and production- ready qualities of service. Certified Cloud Paks built with Red Hat Certified Containers build the combined expertise of IBM and Red Hat into trusted enterprise software solutions that combine fast, easy deployment with enterprise qualities of service and simplified, flexible pricing.

The new family of Cloud Paks—including Cloud Pak for Applications, Cloud Pak for Data, Cloud Pak for Integration, Cloud Pak for Multicloud Management, Cloud Pak for Automation and Cloud Pak for Security— give customers fully modular and easy to consume capabilities they need to bring the next 80 percent of their workloads to modern, cloud-based environments.

Ovum Decision Matrix: Selecting a Cloud Platform for Hybrid Integration Vendor

Catalyst 

Digital business is driving a proliferation of applications, services, data stores, and APIs that need to be connected to deliver critical business processes. Integration is the lifeblood of today’s digital economy, and middleware is the software layer connecting different applications, services, devices, data sources, and business entities. This Ovum Decision Matrix (ODM) is a comprehensive evaluation to help enterprise IT leaders, including chief information officers (CIOs), enterprise/integration architects, integration competency center (ICC)/integration center of excellence (CoE) directors, and digital transformation leaders select a cloud platform provider best suited to their specific hybrid integration requirements. 

Ovum view

Ovum’s ICT Enterprise Insights 2018/19 survey results indicate a strong inclination on the part of IT leaders to invest in integration infrastructure modernization, including the adoption of new integration platforms. IT continues to struggle to meet new application and data integration requirements driven by digitalization and changing customer expectations. Line-of-business (LOB) leaders are no longer willing to wait for months for the delivery of integration capabilities that are mission-critical for specific business initiatives. Furthermore, integration competency centers (ICCs) or integration centers of excellence are being pushed hard to look for alternatives that significantly reduce time to value without prolonged procurement cycles.

Against a background of changing digital business requirements, IT leaders need to focus on revamping enterprise integration strategy, which invariably will involve the adoption of cloud platforms for hybrid integration, offering deployment and operational flexibility and greater agility at a lower cost of ownership to meet multifaceted hybrid integration requirements. With this report, Ovum is changing its nomenclature for defining middleware-as-a-service (MWaaS) suites for hybrid integration and, in future, we will be using the term “cloud platforms (or PaaS products) for hybrid integration” to refer to this market.

We follow the specification of National Institute of Standards and Technology (NIST) for PaaS, according to which PaaS as a cloud service model should meet a range of characteristics, including: 

  • on-demand self-service  
  • broad network access 
  • resource pooling  
  • rapid elasticity 
  • measured service.  

Merely delivering application and/or data integration capabilities via the cloud on a subscription basis does not amount to a PaaS provision for hybrid integration. Some cloud platforms or software components of a cloud platform included in this ODM might not be termed as PaaS according to NIST’s specification, which is why we use the term “cloud platform”.

User productivity tools and deployment flexibility are key characteristics of cloud platforms for hybrid integration that help enterprises respond more quickly to evolving digital business requirements. With DevOps practices, microservices, and containerized applications gaining popularity, IT leaders should evaluate the option of deploying middleware (integration platforms) on software containers as a means to drive operational agility and deployment flexibility. 

Key findings 

  • Integration is still predominantly done by IT practitioners, but IT leaders should consider “ease of use” for both integration practitioners and less-skilled, non-technical users, such as power users, when selecting integration platforms for a range of hybrid integration use cases
  • The latest Ovum forecast reveals that integration PaaS (iPaaS) and API platform market segments are expected to grow at a compound annual growth rate (CAGR) of 59.7% and 61.7% respectively between 2018 and 2023, clearly the fastest growing middleware/PaaS market segments. 
  • The global iPaaS market is showing signs of saturation (not in terms of growth), and vendor offerings do not differ much in terms of technical capabilities. Key areas for iPaaS product development include support for deployment on containers, improvement in user experience (UX) for less-skilled, non-technical users, and machine learning (ML)-led automation of different stages of integration projects ranging from design and development to deployment and maintenance.  
  • PaaS for hybrid integration will significantly cannibalize the established on-premises middleware market, and by the end of 2019, Ovum expects at least 50% of the new spend (not including upgrades of on-premises middleware or renewal of similar licenses) on middleware to be accounted for by PaaS or cloud-based integration services. 
  • Major middleware and leading iPaaS vendors dominate this market, even though their routes to the development of a cloud platform for hybrid integration can be quite different. 
  • PaaS adoption in enterprises is for both strategic and tactical hybrid integration initiatives. IT leaders realize the significant benefits that cloud platforms for hybrid integration bring to the table in terms of greater agility in responding to business requirements and cost savings. 
  •  iPaaS vendors have invested significantly in developing lightweight PaaS-style products for B2B/electronic data interchange (EDI) integration to support key EDI messaging standards, rapid trading partner onboarding and community management, and governance of B2B processes. 

Vendor solution selection 

Inclusion criteria

Ovum has closely tracked the emerging cloud platforms for hybrid integration vendor landscape over the last four years and we have used these observations as the baseline for inclusion/exclusion in this ODM. The criteria for inclusion of a vendor in this ODM are as follows:

  • The cloud platform(s) should deliver significant capabilities across two of the three technology assessment criteria groups: “cloud integration”; “API platform”; and “B2B and mobile application/backend integration”. 
  • There is substantial evidence that the vendor is interested in pursuing a progressive product strategy that helps ascertain product viability and applicability to a range of hybrid integration use cases. 
  • Middleware products are not “cloud washed” and individual components demonstrate essential cloud services characteristics, such as multitenancy, resource sharing, and rapid scalability, as well as allowing usage tracking and metering and supporting the enforcement of service-level agreements (SLAs).
  • The cloud platform(s) should have been generally available as of March 30, 2019. The vendor must have at least 50 enterprise (paid) customers using various components as of May 31, 2019. We did not want to leave out any vendor because of limitations related to significant revenue realization.
  • It should deliver enterprise-grade developer enablement and API-led integration capabilities, and an appropriate UX for less-skilled users (non-developers). 
  • At least the core middleware product should be architecturally coherent and product/component APIs should be available to support internal integration between different components of the middleware stack.

Exclusion criteria

A vendor is not included in this ODM if: 

  • The core middleware component provided by the vendor is restricted to API management, and the rest of the capabilities are delivered in partnership with other vendors. For this reason, specialized API management vendors that do not offer any substantial capabilities for other hybrid integration use cases were excluded from this ODM. This means that cloud based application and data integration capabilities are critical for inclusion in this ODM. 
  • The vendor is unable to commit required time and resources for the development of research to be included in this ODM. Some vendors, which otherwise would qualify for inclusion in this ODM, opted out of the evaluation exercise and were unable to submit the required level of information in response to the evaluation criteria spreadsheet by the cutoff date. (Jitterbit is the only vendor that qualified for inclusion but opted not to participate without citing any specific reason, and we decided to exclude it from this ODM). 
  • There is not enough evidence that the vendor is interested in expanding the features and capabilities to cater for the requirements of emerging use cases and exploiting new market trends.
  • There are indications that the vendor is struggling to grow its business and has partnered with middleware vendors to defend its position in the market, or the customer base is confined to only specific regions. 
  • The vendor did not feature in any of the analyst enquiries from enterprise IT leaders and users, and there were other indicators for a lack of investment and a dedicated strategy for middleware products. 

Ovum ratings

Market leader

This category represents a leading vendor that Ovum believes is worthy of a place on most technology selection shortlists. The vendor has established a commanding market position with its cloud platform for hybrid integration, demonstrating relatively high maturity, cohesiveness, good innovation and enterprise fit, and the capability to meet the requirements of a wider range of hybrid integration use cases, as well as executing an aggressive product roadmap and commercial strategy to drive enterprise adoption and business growth. In terms of scores, to be a leader in this ODM, a vendor must score 8 out of 10 both on “technology” and “execution and market impact” assessment dimensions.

Market challenger

A cloud platform for hybrid integration vendor in this category has a good market position and offers competitive functionality and a good price/performance proposition and should be considered as part of the technology selection. The vendor has established a significant customer base, with its platform demonstrating substantial maturity, catering for the requirements of a range of hybrid integration use cases, as well as continuing to execute a progressive product and commercial strategy. Some vendors included in this category are “strong performers” in terms of technology assessment but did not achieve consistently high or good scores for the “execution and market impact” dimension, which is an essential requirement for achieving a “market leader” rating.

Market follower

A cloud platform for hybrid integration in this category is typically aimed at specific hybrid integration use cases and/or customer segment(s) and can be explored as part of the technology selection. It can deliver the requisite features and capabilities at reasonable charge for specific use cases or requirements. This ODM does not feature any vendor in this category. 

Market and solution analysis 

A major market shift has begun and will not slow down 

Hybrid integration platform

Ovum defines a hybrid integration platform as a cohesive set of integration software (middleware) products that enable users to develop, secure, and govern integration flows connecting diverse applications, systems, services, and data stores as well as enabling rapid API creation/composition and lifecycle management to meet the requirements of a range of hybrid integration use cases. A hybrid integration platform is “deployment-model-agnostic” in terms of delivering requisite integration capabilities, be it on-premises and cloud deployments or containerized middleware.

The key characteristics of a hybrid integration platform include: 

  • support for a range of application, service, and data integration use cases, with an API-led, agile approach to integration reducing development effort and costs 
  • uniformity in UX across different integration products/use cases and for a specific user persona  
  • uniformity in underlying infrastructure resources and enabling technologies 
  • flexible integration at a product/component API level 
  • self-service capabilities for enabling less-skilled/non-technical users
  • the flexibility to rapidly provision various combinations of cloud-based integration services based on specific requirements 
  • openness to federation with external, traditional on-premises middleware platforms 
  • support for embedding integration capabilities (via APIs) into a range of applications/solutions  
  • developer productivity tools, such as a “drag-and-drop” approach to integration-flow development and pre built connectors and templates, and their extension to a broader set of integration capabilities 
  • flexible deployment options such as on-premises deployment, public/private/hybrid cloud deployment, and containerization 
  • centralization of administration and governance capabilities. 

For the purpose of this ODM, we are concerned only with cloud platforms (or PaaS products) for hybrid integration. A comprehensive PaaS suite (see Figure 1) combines iPaaS, apiPaaS, mobileback-end-as-a-service (MBaaS), and other cloud-based integration services such as data-centric PaaS and cloud-based B2B integration services to offer the wide-ranging hybrid integration capabilities required to support digital business.

These individual cloud-based integration services are offered on a subscription basis, with each component having essential cloud characteristics, such as multi tenancy, resource sharing, and rapid scalability. The success of iPaaS as an agile approach to hybrid integration has played a key role in the evolution of this market. For enterprises, PaaS products for hybrid integration represent a good opportunity to shift from legacy middleware platforms that require significant upgrades and investment to remain relevant in the current operating environment. Table 1 provides iPaaS and API platforms software market forecast for the period 2018-23.

 

Deployment of middleware on software containers is in the early stages and event-driven integration is gaining ground

Cloud-native integration is a natural fit to hybrid IT environments

It is obvious that hybrid IT environments call for a cloud-native integration paradigm that readily supports DevOps practices and drives operational agility by reducing the burden associated with cluster management, scaling, and availability. In the same was as a cloud-native integration paradigm, integration runtimes run on software containers, are continuous integration and continuous delivery and deployment (CI/CD)-ready, and are significantly lightweight and responsive enough to start and stop within a few seconds. Many enterprises have made substantial progress in containerizing applications to benefit from a microservices architecture and portability across public, private, and hybrid cloud environments. Containerized applications and containerized middleware represent a good combination. In cases where an application and a runtime are packaged and deployed together, developers can benefit from container portability and the ease of use offered by the application and middleware combination. 

In other terms, it makes sense for applications and middleware to share a common architecture, because DevOps teams can then avoid the overhead and complexity associated with the proposition of running containerized applications on different hardware and following different processes than those that exist with traditional middleware. This is true even in cases that do not involve much rearchitecting of the applications, and DevOps teams can still develop and deploy faster using fewer resources.

A lot of data is generated in the form of streams of events, with publishers creating events and subscribers consuming these events in different ways via different means. Event-driven applications can deliver better customer experiences. For example, this could be in the form of adding context to ML models to obtain real-time recommendations that evolve continually to meet the requirements of a specific use case. Embedding real-time intelligence into applications and real-time reactions or responsiveness to events are key capabilities in this regard.

For distributed applications using microservices, developers can opt for asynchronous event-driven integration in addition to the use of synchronous integration and APIs. Apache Kafka, an open source stream-processing platform, is a good option for such use cases requiring high throughput and scalability. Kubernetes can be used as a scalable platform for hosting Apache Kafka applications. Because Apache Kafka reduces the need for point-to-point integration for data sharing, it can reduce latency to only a few milliseconds, enabling faster delivery of data to users. 

Ovum Decision Matrix: Cloud platforms for hybrid integration, 2019–20 

The ODM chart in Figure 2 represents the results of a comprehensive evaluation of 11 cloud platforms for hybrid integration vendors meeting the inclusion criteria. The bubble size representing vendor positioning is determined by the scores achieved for the “market impact” criteria group under the “execution and market impact assessment” dimension. Table 2 provides a list of market leaders and challengers in alphabetical order (not in terms of scores), and subsequent sections also follow this practice.

Vendor analysis

Axway Ovum SWOT assessment

Strengths:

Axway AMPLIFY platform offers a good foundation for hybrid integration use cases 

Axway has well-established credentials for API management and B2B integration use cases, as evident from the high scores for the “API platform” and “B2B and mobile app/backend integration” criteria groups under the technology assessment dimension. The acquisition and subsequent integration of Appcelerator enabled Axway to cater for mobile application development and back-end integration use cases

Axway uses an OEM partnership to extend its platforms existing API-led integration capabilities with Cloud Elements, or more specifically, “Elements” that provide access to an entire category of applications, such as messaging, customer relationship management (CRM), e-commerce, finance, marketing, and document management, via integration to a single API. Both vendors espouse an APIled approach to integration and so there is synergy here. Axway has executed a progressive product strategy and forged partnerships with several ISVs, such as Cloud Elements, Stoplight.io, Entrust, and RestLet (acquired by Talend) to drive adoption.

Transformation in product strategy came at just the right time

With the AMPLIFY platform, Axway transformed its product strategy and directed investment to offer a unified platform that enables users to develop new digital business applications/services and to subsequently integrate them with other applications/services and data stores. This enables users to rapidly connect and share data with trading partners, derive actionable insights to optimize corresponding engagements, and monetize enterprise data assets. The AMPLIFY platform marked Axway’s shift from a vendor providing a suite of integration, security, and operational intelligence and analytics products to a vendor offering a cohesive, cloud-based hybrid integration platform, which can now support key hybrid integration use cases. This shift is starting to show good results for Axway, which claims that about 24,000 active organizations are using the AMPLIFY platform, a smaller share of which are paid customers. If it was only about technology assessment, Axway would qualify as a leader. However, it narrowly missed out on scoring the required 8 out of 10 for the “execution and market impact” assessment dimension, a key criterion to be rated an overall leader in this ODM.

Weaknesses

Specific gaps exist in its iPaaS capabilities and it needs to improve brand recognition in cloud based hybrid integration platforms market

Part of Axway’s iPaaS are currently limited to Europe and US data centers, while the platform’s virtual private cloud (VPC) customers are deployed and available in all key regions (the US, EU, and AsiaPacific). Native integration to blockchains and key RPA tools in missing. ML-based automation is a work in progress, but Axway plans to offer automation for data mapping. These are important areas for improvement as far as Axway’s iPaaS is concerned, because many of Axway’s key competitors are already offering these features and capabilities. 

Axway featured in a few Ovum conversations with enterprise IT leaders over the last couple of years. Its revenue from and the customer base for the AMPLIFY platform is significantly lower (considering Axway’s overall size and the time since the general availability of the AMPLIFY platform) than several key vendors in this market. However, the company is part way through transitioning from a licensing to subscription model. This is affecting Axway’s topline revenue but is a strategy for the longer term. The vendor expects that a return to top line growth will be evident by the end of 2020.

Axway must focus on investing in marketing and effective evangelism to increase the visibility and raise the profile of its AMPLIFY platform, although the vendor says it is seeing significant growth quarter-on-quarter. It is worth noting that Axway’s Catalyst team comprising experts in digital transformation and API-led innovation areas can help enterprises realize positive outcomes from digital transformation and integration modernization initiatives. The corresponding business strategy would benefit from a keen focus on winning net new deals involving a range of hybrid integration use cases, and Axway has achieved some recent success in this regard. 

Boomi Ovum SWOT assessment

Strengths

Leading iPaaS vendor with growing hybrid integration capabilities

Boomi, a Dell Technologies Business, achieved the highest score for the “cloud integration/iPaaS” criteria group under the technology assessment dimension. It has well-established credentials in the global iPaaS market, with thousands of large and midsize enterprises as customers. Boomi has expanded the capabilities of its iPaaS to support a range of hybrid integration requirements beyond on-premises and SaaS applications and data integration. Boomi’s iPaaS caters to the requirements of two key user personas: developers/integration practitioners and less-skilled, non-technical users. Boomi recently introduced the Boomi API gateway and developer portal to enable secure and scalable interactions with external parties, enhance API discoverability, and provide driver engagement across a broader API consumer base. 

There is a faster deployment option for Boomi iPaaS for Pivotal Kubernetes and Pivotal Application Services environments (PKS/PAS) available from the Pivotal Cloud Foundry marketplace. Boomi Enterprise Innovation Services and Architectural Services provide a package of integration services, advice from architecture experts, and support and resources, with the flexibility to customize to specific customer needs. Boomi provides a cloud-managed B2B/EDI integrated service as part of its unified platform. Users can build, deploy, and manage both traditional EDI and newer web services in the cloud. To simplify the configuration of trading partner profiles and B2B processes, Boomi provides a “configuration-based” platform that eliminates the cost and complexity of writing code. It is impressive to see how Boomi’s integration platform has expanded from iPaaS and API-led integration to cover B2B/EDI integration and simple file transfer use cases.

Good feature-price performance and early mover in exploiting ML for automation 

On a comparative basis, Boomi offers a good feature-price value for enterprises of all sizes. This is evident from its joint highest score for the “scalability and enterprise fit” criteria group under execution and market impact assessment dimension.

Boomi uses ML in the form of Boomi Suggest, Boomi Resolve, and Boomi Assure . It was arguably the first mover in the iPaaS market to start delivering ML-based automation. The Boomi Suggest feature uses millions of indexed mappings to offer automatic recommendations on mappings for new integrations based on successful configurations developed by other users in the past. Boomi also uses crowdsourced contributions from its support team and user community to offer resolutions to common errors within the iPaaS UI. Boomi Suggest offers mapping suggestions with “confidence rankings”, data transformation, and error resolutions via correlations to simplify integration-flow development. 

Weaknesses

Needs to address gaps in the features of Boomi API Management 

Boomi API Management was developed as an extension of the Boomi AtomSphere Platform to cater to the needs of existing users. Since then, the product has expanded in terms of key features and capabilities, and 2018 was a year of major advances in the capabilities of Boomi API Management. However, some of Boomi’s nearest competitors in the iPaaS market have more mature and wellestablished API platform capabilities. 

Over the last couple of years, there has been a slight decoupling (from core the iPaaS product) and dedicated product roadmap and strategy for Boomi API Management. Areas from improvement include support for GraphQL and gRPC standards, greater coverage in performance monitoring reports on key metrics, automated failover for high availability and reliability, better support for the Node.js framework, and a sophisticated API deprecation and retirement processes. Boomi is capable of filling these gaps and developing this as a leading API platform, and recent announcements indicate that this a key priority for Boomi’s product and business management. 

IBM Ovum SWOT assessment 

Strengths

Well-rounded offering catering to the requirements of key hybrid integration use cases 

IBM achieved consistently high scores across the various criteria groups under the technology and execution and market impact assessment dimensions. The IBM Cloud Pak for Integration caters to a range of hybrid integration requirements, including on-premises and SaaS application and data integration, rapid API creation/composition and lifecycle management, API security and API monetization, messaging, event streaming, and high-speed transfer. With IBM Cloud Pak for Integration’s container-based architecture, users have the flexibility to deploy in any environment with Kubernetes infrastructure, as well as to use a self-service approach to integration. IBM is extending its integration platform’s API capabilities to provide support for GraphQL management, and this approach decouples GraphQL management from GraphQL server implementation. IBM Sterling B2B Integration Services and IBM Mobile Foundation cater to the requirements of B2B/EDI integration and mobile application/back-end integration respectively.

The only vendor that can function as a true strategic partner for enterprises embarking on integration modernization initiatives 

IBM’s Agile integration methodology focuses on delivering business agility as part of integration modernization initiatives. It espouses the transitioning of integration ownership from centralized integration teams to application teams, as supported by the operational consistency achieved via containerization. On the operational agility side, cloud-native infrastructure offers dynamic scalability and resilience. For large enterprises embarking on integration modernization initiatives, this methodology can cater to people, processes, and technology aspects to provide the necessary advice and guidance to help enterprises achieve faster time to value across diverse deployment environments. Ovum analyzed the competitive services offerings of all vendors in this ODM and found IBM’s agile integration methodology to be the most comprehensive and well thought out.

Weaknesses

The B2B/EDI integration offering is architecturally different, so users need a separate offering for mobile application/backend integration 

IBM Sterling B2B Integration Services for supporting B2B/EDI integration use cases are architecturally different from the products under the IBM Cloud Pak for Integration. IBM is working on filling this gap and is developing a lightweight PaaS product for B2B/EDI integration. IBM Mobile Foundation is not part of the “Connect” set of product portfolios and is an add-on product. Another area for improvement is the use of ML for automating the different stages of integration projects, ranging from design and development to deployment and maintenance, which IBM is capable of providing by using the capabilities of its Watson platform. Some of the ML-related capabilities are part of IBM’s product roadmap for this middleware portfolio.

Frequent branding, rebranding, and renaming creates confusion in the market  

IBM’s middleware portfolio has undergone various iterations of branding, rebranding, and renaming over the years and this does create confusion in the market. From the days of IBM WebSphere Cast Iron Live to IBM API Connect or even IBM WebSphere Cast Iron Cloud Integration to IBM App Connect, IBM has certainly expanded features and capabilities or significantly transformed specific parts of its middleware portfolio. However, frequent rebranding and renaming exercises can be avoided to ensure a strong, sustained enterprise mindshare, and this will help in avoiding unnecessary confusion in the market. New and potential customers for IBM Cloud Pak for Integration should ask for customer references and case studies and check that these align with their specific requirements.

MuleSoft Ovum SWOT assessment 

Strengths

Comprehensive and cohesive cloud platform catering to a range of hybrid integration use cases

MuleSoft Anypoint Platform is a cohesive PaaS-style product catering to key hybrid integration use cases, this is evident from MuleSoft’s high scores across the “cloud integration” and “API platform” criteria groups under the technology assessment dimension. MuleSoft has further simplified it UX with the API Community Manager, upgrades to Anypoint Exchange, an improved integrated development environment (IDE) for the Mule 4 runtime (Studio 7), Anypoint Visualizer, and template-driven design and note-based collaboration for non-technical users (Flow Designer). Anypoint Partner Manager, MuleSoft’s lightweight PaaS-style B2B solution, caters to the requirements of B2B/EDI use cases, including partner management reporting, partner onboarding, B2B transaction configuration, B2B transaction tracking, and audit logging. While it is not an extensive B2B/EDI integration platform, it can be used by MuleSoft’s customers for meeting less complex B2B/EDI integration needs.

MuleSoft is one of the very few vendors that can support the requirements of all use cases included in this ODM via an architecturally coherent cloud platform that qualifies as a pre-play PaaS product. Visual API designer, API modeling framework parser, API functional monitoring, and several new connectors for a range of applications and endpoints, are some of the capabilities introduced over the last year to drive developer productivity

Weaknesses

ML-based automation can be improved 

Using the application network graph, MuleSoft provides a recommendation engine for suggestions on the next best action. The first application of this engine is the ML-based automapper in flow designer, and MuleSoft has dedicated plans to introduce new capabilities to drive ML-based automation. These are steps in the right direction. However, given MuleSoft’s track record of innovation and fast response to emerging market dynamics, by now it could have exploited ML capabilities to automate different stages of integration projects, ranging from design and development to deployment and maintenance. Some of its nearest competitors already have a better set of capabilities driving MLbased automation.

Ovum SWOT assessment 

Strengths

Comprehensive and cohesive cloud platform catering to a range of hybrid integration use cases

MuleSoft Anypoint platform is a cohesive PaaS-style product catering to key hybrid integration use cases, which is evident from MuleSoft’s high scores across the “cloud integration” and “API platform” criteria groups under the technology assessment dimension. MuleSoft has further simplified its UX with API Community Manager, upgrades to Anypoint Exchange, an improved integrated development environment (IDE) for the Mule 4 runtime (Studio 7), Anypoint visualizer, and template-driven design and note-based collaboration for non-technical users. Anypoint B2B solution caters to the requirements of B2B/EDI use cases, with partner management and reporting supported via Anypoint Partner Manager. Anypoint B2B solution is a lightweight PaaS-style product supporting trading partner onboarding, B2B transaction configuration, B2B transaction tracking, and audit logging. While it is not an extensive B2B/EDI integration platform, it can be used by MuleSoft’s customers for meeting less complex B2B/EDI integration needs. 

MuleSoft is one the few vendors that can support the requirements of all use cases included in this ODM via an architecturally coherent cloud platform that qualifies as a pre-play PaaS product set. Visual API designer, API Modeling Framework parser, API functional monitoring, and several new connectors for a range of applications and endpoints are some of the capabilities introduced over the last year to drive developer productivity.

MuleSoft has seen rapid growth since its acquisition by Salesforce 

MuleSoft is an integration business of over $500m within the broader Salesforce business lines. It has grown much faster than some of its established and larger competitors. The Salesforce acquisition has helped drive broader adoption of MuleSoft Anypoint Platform, both across existing large and midsize Salesforce customers. Because of this growth, there is a key focus on providing a compelling UX to less-skilled, non-technical users. MuleSoft enjoys strong brand recognition in the iPaaS and API platform markets as well as the cloud-based middleware for hybrid integration market. Contrary to the belief of some of its competitors, MuleSoft does not face a major hindrance driven by potential concerns about the neutrality of an integration vendor. MuleSoft’s growth is driven via both direct sales and packaged integration routes.

Weaknesses

ML-based automation could be improved 

Using the application network graph, MuleSoft provides a recommendation engine for suggestions on the next best action. The first application of this engine is the ML-based automapper in flow designer and MuleSoft has dedicated plans to introduce new capabilities to drive ML-based automation. These are steps in the right direction. However, given MuleSoft’s track record of innovation and fast response to emerging market dynamics, it could have exploited ML capabilities by now to automate different stages of integration projects, ranging from design and development to deployment and maintenance. Some of its nearest competitors already have a better set of capabilities driving MLbased automation. 

Oracle Ovum SWOT assessment 

Strengths

A well-balanced, comprehensive PaaS for hybrid integration product set

Oracle has a well-rounded PaaS for hybrid integration portfolio and achieved high scores for various criteria groups under the technology assessment dimension. Oracle Integration Cloud, Oracle’s iPaaS solution has seen rapid growth in terms of revenue over the last three years and, along with other PaaS offering of the portfolio, such as Oracle API Platform, Oracle SOA Cloud Service, and Oracle Mobile Hub, forms a good option for all key hybrid integration use cases. Oracle Self-Service Integration Cloud service aimed at less skilled, non-technical users allows them to build and consume simple integration recipes without any need to code. Oracle offers a uniform UX across various products of this middleware portfolio, something which many of its competitors have struggled to offer.The Oracle API Platform offers a range of capabilities for API creation and end-to-end lifecycle management, and has evolved into a fairly competitive offering over the last three to four years. Oracle exploits ML capabilities for providing recommendations at various stages of the design, testing, and deployment cycle, including but not limited to data mapping, business object/API recommendations in context, and the best next action to provide the logical next step in the flow. Insight capability for business integration analytics is a differentiator for Oracle. 

Rapid sustained revenue growth over the last three to four years 

Oracle has seen rapid revenue growth for its PaaS for hybrid integration portfolio. This has translated into several thousands of large enterprise customers using multiple PaaS offerings to tackle hybrid integration challenges. Oracle has also had success in cross-selling and upselling PaaS products to existing customers, as well as adding a significant number of new customers and securing one of the leading market shares. Most of this success in driving adoption and revenue growth can be attributed to aggressive execution against ambitious product roadmaps, and of course, Oracle’s financial muscle to invest billions of dollars in new product development and mobilize a large global salesforce is also a key strength.

Weaknesses

Specific gaps in products need to be addressed with a focus on the usability for non-Oracle endpoints and workloads  

In terms of its API platform, Oracle should focus on providing support for GraphQL and gRPC standards and SLA compliance, as well as built-in predictive analytics and the ability to send alerts and notifications to subscribers when APIs are versioned is other areas for improvement. Containerized middleware deployment is an emerging trend and one that many of Oracle’s competitors are exploiting for revenue growth. While this is not an officially supported topology from Oracle, containerized middleware deployment is planned for the on-premises execution engine.

When it comes to non-Oracle endpoints and workloads, many enterprise IT leaders are not sure of the usability of Oracle PaaS for integration use cases. They have an understanding that Oracle middleware’s usability is limited to Oracle-to-Oracle and Oracle-to-non-Oracle endpoints. This is definitely not the case with Oracle iPaaS, and Ovum has seen various implementations involving nonOracle to non-Oracle endpoints/applications. Oracle should focus on changing this viewpoint and should deliver more specific messaging for “non-Oracle only” use cases.

Red Hat Ovum SWOT assessment

Strengths

Open source innovation and growing hybrid integration capabilities 

Red Hat’s acquisition by IBM was recently completed, and IBM has emphasized that Red Hat will continue to operate as a separate unit within IBM and will be reported as part of IBM’s Cloud and Cognitive Software division. Our analysis is based on the assumption that this setup in IBM will continue. Red Hat has a long history of open source prowess and engineering expertise that has enabled IT practitioners to experiment and deliver new functionality with its middleware products. Red Hat Fuse was an early entrant to the hybrid integration market, with a focus on cloud-native integration developers. Red Hat Fuse Online (part of Red Hat Integration), Red Hat’s iPaaS offering is different in the sense that it was developed with a key focus on providing a better UX to less technical users. The API platform component of Red Hat Integration exploits the capabilities of 3scale API management and Fuse integration, and is a functionally rich solution for API lifecycle management. Red Hat achieved a high score for the “API platform” criteria group under the technology assessment dimension. Red Hat partners with Trace Financial for EDI-based transformations. For mobile app/back-end integration, Mobile Developer Services (included with Red Hat managed integration) provide key mobile app development capabilities optimized for containers, microservice architectures, and hybrid cloud deployments. This component exploits the capabilities of Feed Henry, a mobile application platform vendor acquired by Red Hat in 2014. 

Red Hat acquired JBoss in 2006 and grew its middleware business for over a decade. Owing to its business model, it took some time for Red Hat to figure out the emerging opportunities in a market where enterprise service bus (ESB) and service-oriented architecture (SOA) infrastructure adoption was declining and iPaaS and API management market segments were growing at high double-digit rates. Then came the trend of deployment and management of middleware on software containers. Red Hat was able to develop a strategy that did not deviate much from its heritage and still deliver products that could compete with iPaaS and API-led integration platforms. This is applicable for serious buyers that are willing and have the capability to experiment and innovate with open source middleware.  

Red Hat’s PaaS portfolio for hybrid integration is a good option for developers and integration practitioners that appreciate the capabilities and flexibility of open source middleware. The cost of exit in a proprietary middleware context is quite high, and it is not easy to achieve a significant level of interoperability with application infrastructure and middleware platforms offered by other vendors. Red Hat Integration as an open source middleware product offers users the flexibility to try and experiment with small integration projects and see what works best for a particular requirement or integration scenario. In a world where a drag-and-drop approach and pre-built connectors and templates are marketed as nirvana for cloud integration, it is good to see Red Hat making integration technical again. With time, we expect Red Hat’s customer base and revenue for this middleware portfolio to grow to an extent where it is comparable to the other iPaaS vendors that provide API lifecycle management capabilities.

Portable architecture and cost-effectiveness

The ability to keep a fully supported and portable architecture intact across private, public, and managed cloud is a key differentiator for Red Hat in this market segment. Red Hat’s strategy is simple: exploit the best open source technologies in the market and communities and adopt new projects based on the market direction. This enables Red Hat middleware to offer better scalability than proprietary or “open core” competitive offerings. Red Hat Integration as a package subscription includes app integration, data integration, messaging, data streaming, and API management capabilities and is bundled with the Red Hat OpenShift container platform. The cost of a one-year subscription for Red Hat Integration is significantly lower than that provided by some of the vendors included in this ODM. Enterprises with access to developers capable of exploiting open source middleware for tackling complex integration challenges can use Red Hat Integration to reduce the costs for hybrid integration projects. If it was only about technology assessment, Red Hat would qualify as a leader. However, it didn’t achieve consistently high scores for the “execution and market impact” assessment dimension, a key criterion to be rated a leader in this ODM.

Weaknesses

Late to market with an option for less skilled users

ICCs/integration COEs are no longer in the driver’s seat and LOBs are aggressive in terms of moving ahead with the adoption of iPaaS for SaaS integration. Some of these products also provide simpler capabilities for rapid API creation and API-led integration. While Red Hat Fuse Online is quite different from Red Hat Fuse in terms of its UX, it still does not offer the type of “ease-of-use” in development of integration flows as is the norm with modern iPaaS solutions. For this reason, Red Hat does not compete head on for tactical integration projects driven by LOBs. This has more to do with Red Hat’s position in the market and its core customer base. Red Hat offers a range of technical connectors, but there are gaps in terms of the coverage of connectors to the common SaaS applications used in enterprises. This again is a basic characteristic of modern iPaaS solutions and one of the reasons why iPaaS has gained traction in the developer and integration practitioner community and less skilled, non-technical users.  

Red Hat does not really compete with point solutions, such as the use of iPaaS for SaaS integration in a LOB, or for that matter, standalone API management. It functions better as a middleware stack vendor. We do not see this as a limitation for large enterprises capable of using open source middleware to solve complex integration issues in hybrid IT environments because the rest of the user base was never a sweet spot for Red Hat.

SAP Ovum SWOT assessment

Strengths

Growing hybrid integration capabilities and a progressive product roadmap

SAP supports the various key use cases included in this ODM, including cloud integration, API lifecycle management, B2B/EDI integration, and mobile app and back-end integration. SAP Cloud Platform Integration Suite, SAP’s iPaaS offering, provides an intuitive web interface with pre-built templates. The integration adviser uses ML capabilities and crowd-sourcing to offer a proposal service for message implementation and mapping guidelines. SAP has a dedicated roadmap for the integration adviser, including complex pattern mapping, optimized integration flow templates offering partner discovery, and further improvements in the proposal service. SAP recently introduced new features and capabilities, such as a public trial version, support for Microsoft Azure in a production release, self-service subscription enablement of integration platform tenants, new connectivity options, and trading partner management. SAP Cloud Platform Integration Suite is unique in the sense that it is a vendor-managed multicloud iPaaS available on a pay-as-you-go license model (SAP Cloud Platform Enterprise Agreement). 

SAP Cloud Platform API Management is SAP’s API lifecycle management product that offers standards-based API access to REST/OData or SOAP services, API analytics on consumption and operations, enterprise-grade security, and developer-centric services to enable users to subscribe, use, and manage API consumption. SAP Cloud Platform Integration Suite supports mobile app and back-end integration requirements. SAP has gradually developed a hybrid integration platform that can be consumed as PaaS. SAP achieved a good score for the “cohesiveness and innovation” criteria group under the execution and market impact assessment dimension.

Weaknesses

Gaps in iPaaS and API lifecycle management capabilities 

SAP does not support the deployment of iPaaS and API lifecycle management solutions on software containers. SAP Cloud Platform API Management is available as a fully cloud-managed service. SAP’s hybrid roadmap for the second half 2020 includes complementing the cloud service with a containerized local gateway runtime that can run in a customer’s private cloud environment. There is  also scope for improvement in the UX for less skilled, non-technical users. Gaps in terms of features and capabilities of SAP Cloud Platform API Management include support for GraphQL and gRPC standards and built-in predictive analytics. SAP does not offer an MFT product as a cloud service, and in the B2B/EDI integration context, SAP Cloud Platform Integration Suite offers an API-based trading partner solution. An improved (next-generation) trading partner management is planned for next year. These are some of the key areas for improvement that should be addressed soon to respond to emerging market dynamics and customer requirements and to remain competitive with the leading vendors in this market.

Product marketing and execution need to improve 

SAP’s product strategy for this product portfolio is driven by the requirements of core SAP ecosystem users, and it focuses on upselling and cross-selling to existing customers using SAP applications, on premise middleware, and other software products. While this is a good option to capitalize on the low hanging market opportunity, such a strategy can slow down the long-term evolution of a leading PaaS vendor providing a hybrid integration platform. This reflects in the number of customers and revenue SAP has realized for this product portfolio, which is lower than several vendors included in this ODM. Over the last couple of years, SAP featured sparsely in Ovum’s conversations with enterprise IT leaders embarking on hybrid integration and integration modernization initiatives. It is no different when it comes to conversations on leading iPaaS vendors because SAP does not enjoy substantial brand recognition beyond its core SAP ecosystem. There is significant scope for improvement in SAP’s product marketing, which should focus on improvising the visibility and raising the profile of SAP Cloud Platform Integration Suite.

Seeburger Ovum SWOT assessment

Strengths

Seeburger BIS in the cloud offers foundational capabilities for hybrid integration use cases 

Seeburger’s cloud platform for hybrid integration uses the features and capabilities of the underlying Seeburger Business Integration Suite (BIS). Seeburger’s middleware stack is well integrated and includes only home-grown solutions. This ensures interaction between the individual modules, and increases the overall stability and availability of the integration platform. Seeburger’s BIS portal is a unified UI layer for the entire platform, regardless of the deployment model. Seeburger BIS in the cloud provides SaaS integration, B2B/EDI as-a-service, API platform, and MFT as-a-service capabilities. Seeburger BIS can be deployed across various IaaS cloud environments, and there is support for deployment on containers. 

Seeburger concentrates on delivering iPaaS as a partner to its customers, and not only operates the integration platform (iPaaS) on a technical level, but also provides them with specialist personnel on request. At the same time, Seeburger is focusing on extending iPaaS support for different IaaS providers. Seeburger’s middleware product strategy means that cross-selling and upselling to existing customers represents a low-hanging opportunity. On a comparative basis, Seeburger’s cloud platform for hybrid integration offers foundational capabilities for tackling a range of integration issues. API creation is supported by a wizard and the BPMN design tool enables the composition of platform services into a new API via a simple drag-and-drop approach. On the B2B/EDI integration side, for trading partner onboarding, Seeburger’s Community Management Application (CMA) enables the use of web forms that can be designed by users. In addition, tailored forms can be created to collect all the required information to streamline the onboarding process. Seeburger achieved a high score for the “B2B and mobile app/backend integration” criteria group under the technology assessment dimension.

Weaknesses

Gaps in iPaaS and API platform capabilities

In the context of iPaaS capabilities, Seeburger does not provide pre-built, dedicated connectors to common endpoints and applications, such as marketing tools, collaboration applications, financial applications, content management systems, analytics data warehouses, and RPA tools. This is, however, part of the 2020 product roadmap. ML-based automation across different stages of integration projects, ranging from design and development to deployment and maintenance is not provided, though it is part of the product strategy and roadmap. There is scope for improvement with a tailored UX for less skilled, non-technical users. 

In the context of API platform capabilities, areas for improvement include support for GraphQL and gRPC standards, wider coverage via dashboard for tracking key metrics and performance monitoring reports on key metrics, built-in predictive analytics capability, and better support for Node.js framework. Seeburger must focus on filling these gaps to effectively compete with its nearest competitors. 

Need to improve brand awareness in the cloud platforms for hybrid integration market 

 

While Seeburger has been in the integration software business for a long time, it is a relatively new vendor in cloud platforms (PaaS) for the hybrid integration market. Over the last few years, Seeburger has used the capabilities of its BIS in the cloud to expand coverage of hybrid integration use cases, including SaaS integration and API-led integration (B2B/EDI integration was always a strong area for Seeburger). However, in comparison to leading iPaaS and API platform vendors, Seeburger has a lower brand awareness in this market. Seeburger has featured only sparsely in Ovum’s conversations with enterprise IT leaders over the last couple of years. This is also reflected in the relatively small revenue and customer base Seeburger has for this product portfolio. This is not surprising because other vendors included in this ODM had entered this market segment well ahead of Seeburger. Seeburger must invest in marketing and evangelism to raise the visibility and profile of its cloud-based hybrid integration platform. 

SnapLogic Ovum SWOT assessment 

Strengths

Timely expansion from an iPaaS to a PaaS portfolio aimed at a range of hybrid integration use cases

SnapLogic Enterprise Integration Cloud, SnapLogic’s iPaaS in its previous form, was a good product with strong credentials across both data and application integration use cases. SnapLogic Intelligent Integration Platform is a broader PaaS-style product aimed at a wider range of use cases, and not limited to only iPaaS and API-led integration. SnapLogic achieved the joint second highest score for the “cloud integration/iPaaS” criteria group under the technology assessment dimension. The hybrid integration platform marketed as an “Intelligent Integration Platform” offers AI-enabled workflows and self-service UX to simplify and accelerate time to value for application and data integration initiatives.

Moving beyond partnerships, SnapLogic has extended its integration platform to API lifecycle management, a good move at the right time. The extended integration platform offers a visual paradigm with a low code/no code approach for iPaaS and API lifecycle management use cases. The August 2019 release of the platform introduced a new API developer portal to expose API endpoints to external consumers. SnapLogic B2B solution integrates its Intelligent Integration Platform with a cloud-based B2B gateway to offer trading partner community management, support for a range of EDI standards, EDI message translation, and transaction monitoring with an audit trail. The combined SnapLogic integration product portfolio is functionally rich and compares well with the larger vendors in this market. 

Substantial strengths across application and data integration use cases and early mover in offering ML-based automation

While we have not looked extensively at data integration use cases in this ODM, it is worth highlighting that if application and data integration are considered together, there are very few vendors that can compete with SnapLogic. Until 2017, SnapLogic’s product strategy tilted toward application and data integration use cases, but with the introduction of API lifecycle management and B2B integration capabilities, it has positioned itself as a capable cloud-based hybrid integration platform provider. 

On an overall basis, SnapLogic is one of the few vendors offering ML-based automation capabilities across the integration lifecycle. SnapLogic’s Iris AI uses AI/ML capabilities to automate highly repetitive, low-level development tasks. Its Integration Assistant provides step-level suggestions for developing an integration flow, as well as offering recommendations for pipeline optimization. Moreover, SnapLogic Data Science is offered as a self-service solution to accelerate ML development and deployment with minimal coding. 

Weaknesses

Specific gaps in terms of API platform capabilities need to be addressed without much delay 

Although SnapLogic has an ambitious product roadmap for API management as it pertains to iPaaS use cases, it still has significant ground to cover to successfully compete with some of its iPaaS competitors providing holistic rapid API creation/composition and end-to-end API management capabilities. Areas for improvement include support for GraphQL and gRPC standards, reuse of existing API definitions via Swagger representation import, better support for API deprecation and retirement processes, and support for the Node.js framework. We believe these gaps exist because this is a new capability area for SnapLogic, where the product roadmap is driven by the most important requirements for its existing customer base. We understand that SnapLogic is not focusing on developing a best-of-breed, standalone cloud-based API platform. However, in the long run, it is critical to fill these gaps if SnapLogic wants to improve and retain its competitive positioning because application and data integration disciplines are converging anyway. 

TIBCO Ovum SWOT assessment 

Strengths

Strong credentials, a robust platform, and well thought-out strategy have delivered a strong competitive positioning 

TIBCO has long enjoyed strong credentials as an integration vendor and has a well-established footprint in the large enterprise segment. TIBCO Cloud Integration (TCI) has gradually evolved as a comprehensive iPaaS product for key hybrid integration use cases. TIBCO achieved consistently high scores across the various criteria groups under the “technology” and “execution and market impact” assessment dimensions. TIBCO Cloud Integration is a functionally rich platform, while the TIBCO Cloud Integration Connect capability is for less skilled, non-technical users. The TIBCO Cloud Integration Develop and Integrate capabilities are aimed at developers and integration practitioners. The platform supports REST APIs, GraphQL, and event-driven integration, and when used as an API platform deployed on premises, it uses a cloud-native, container-based architecture. On the B2B/EDI integration side, integration with TIBCO BusinessConnect Trading Community Management enables rapid trading partner onboarding, while TIBCO Foresight BusinessConnect Insight supports B2B transaction monitoring. TIBCO has developed a compelling value proposition aimed at different user personas and across disparate deployment models, and has undertaken significant investment to drive an improved UX. As a result of a well thought-out business strategy and good execution in terms of product innovation and delivery, TIBCO has maintained a leading position in this market. This is in line with its competitive position in the pre-iPaaS middleware market.

Disciplined and focused execution is the hallmark of TIBCO’s strategy 

While TIBCO does not invest as much in marketing as do some of its nearest competitors, over the past four years it has still managed to transition from an on-premises heavy middleware vendor to a leading vendor providing PaaS for hybrid integration. Functioning under the ownership of Vista Equity Partners, TIBCO has demonstrated disciplined and focused execution when it comes to filling gaps in its existing middleware portfolio (for example, overcoming the failure of TIBCO Cloud Bus, TIBCO’s very first iPaaS offering) and driving innovation to emerge as a leading vendor in this market. TIBCO’s revenue from PaaS for hybrid integration is lower than some of its nearest competitors, but we expect this gap to shrink because TIBCO is capable of achieving above-market average growth in the near future. At its core, TIBCO remains an engineering company delivering innovation to successfully compete with vendors already in this market.

Weaknesses

Scope for improvement in ML-based automation, PaaS-style product for B2B/EDI integration required for exploiting market opportunity

TIBCO Cloud Integration provides ML-enabled capabilities, such as smart mapping, automated discovery of connection metadata, a visual model of impact analysis, the ability to fix and address issues driven by changes in configuration, and heuristics-based mapping of data elements and event payloads. There are significant gaps in this set of capabilities when it comes to exploiting ML for automating different stages of integration projects, ranging from design and development to deployment and maintenance. Some of its nearest competitors are ahead in terms of ML-based automation capabilities in production environments. However, TIBCO is working on providing recommendation services at various stages of the integration lifecycle.

TIBCO would benefit from a lightweight, PaaS-style product aimed at B2B/EDI integration use cases, and should provide a simplified UX along the lines of TIBCO Cloud Integration. This is more about a PaaS product delivering B2B/EDI integration capabilities and not an extensive set of features and capabilities as provided by traditional, dedicated B2B/EDI integration platforms hosted on the cloud. This is a low-hanging market opportunity, because many enterprises are struggling with legacy EDI platforms that are a burden and expensive to maintain. 

WSO2 Ovum SWOT assessment 

Strengths

Open source integration cloud with significant SaaS integration and API lifecycle management capabilities 

For developers and integration practitioners with the skills to exploit open source middleware, WSO2 provides substantial capabilities for SaaS integration, API-led integration, and API lifecycle management. WSO2 API Cloud is a hosted version of the open source WSO2 API Manager, and is a functionally rich offering. WSO2 API Cloud offers a developer portal, a scalable API gateway, and a powerful transformation engine with built-in security and throttling policies, reporting, and alerts. WSO2 achieved a high score for the “API platform” criteria group under the technology assessment dimension.

WSO2 API lifecycle management and integration platforms are centrally managed through a common UI that supports various concerns, such as user and tenant management. WSO2 offers a drag-and drop graphical development environment, a graphical data and type mapper, and graphical flow debugging to simplify the development of integrations. WSO2 Integration Cloud offers good feature price performance. API back-end services hosted on WSO2 Integration Cloud can be exposed to the WSO2 API Cloud. In March 2017, WSO2 also introduced “Ballerina”, a programming language with both textual and graphical syntaxes to enable users to develop integration flows by describing them as sequence diagrams. Ballerina forms the basis for WSO2’s new code-driven integration approach.  

Weaknesses

Does not cater to B2B/EDI integration requirements

WSO2 is the only vendor in this ODM that does not provide a minimal set of capabilities for B2B/EDI integration use cases. While the cloud platforms for hybrid integration market is tilted toward iPaaS and API lifecycle management capabilities, several vendors have gradually expanded to provide support for less complex B2B/EDI integration use cases. The WSO2 Integration Cloud does not provide a tailor-made UX and self-service integration capabilities for less skilled, non-technical users. This is an area in the iPaaS market in which almost all other vendors have invested to better support less skilled, non-technical users. WSO2 is, however, planning to offer low-code, graphical integration based on Ballerina integrator runtime to enable ad hoc integrators to develop integrations

less skilled, non-technical users. WSO2 is, however, planning to offer low-code, graphical integration based on Ballerina integrator runtime to enable ad hoc integrators to develop integrations. WSO2 does not offer ML-based automation across different stages of integration projects, ranging from design and development to deployment and maintenance. This is largely due to its preference to focus on capabilities that are critical for developers and integration practitioners. Other areas for improvement include support for different IaaS clouds, the availability of iPaaS via a regional data center, pre-built connectors for blockchain integration, integration with RPA tools, and centralized management via a web-based console (or other suitable means) for creating, deploying, monitoring, and managing integrations.

Significant scope for improvement in product marketing

Compared to some of its competitors, WSO2 engages in relatively few marketing activities, which hinders its improvement in terms of its brand recognition and competitive market positioning, particularly in regions where it does not have a significant direct presence. Because it mainly targets enterprise/integration architects and hands-on technologists, WSO2’s product marketing activities have a technology-centric flavor. However, it would benefit from including a business-centric approach to sales and marketing to target a wider range of users and decision-makers, such as business leaders funding a LOB-led digital business initiative involving hybrid integration. 

Appendix

Methodology

An invitation followed by the ODM evaluation criteria spreadsheet comprising questions across two evaluation dimensions were sent to all vendors meeting the inclusion criteria, with nine vendors opting to participate. Ovum had thorough briefings with the final nine vendors to discuss and validate their responses to the ODM questionnaire and understand their latest product developments, strategies, and roadmaps. 

This ODM includes observations and input from Ovum’s conversations (including those conducted based on customer references) with IT leaders, enterprise architects, digital transformation initiative leaders, and enterprise developers and integration practitioners using cloud platforms for hybrid integration. 

Technology assessment

Ovum identified the features and capabilities that would differentiate the leading cloud platforms for hybrid integration vendors. The criteria groups and associated percentage weightings are as follows. 

  • Cloud integration/iPaaS (weighting assigned = 40%) 
  • API platform (weighting assigned = 45%) 
  • B2B and mobile application/backend integration (weighting assigned = 15%) 

Execution and market impact assessment 

For this dimension, Ovum assessed the capabilities of a cloud platform for hybrid integration and the associated vendor across the following key areas: 

  • Cohesiveness and innovation (weighting assigned =40%) 
  • Scalability and enterprise fit (weighting assigned =45%) 
  • Market impact (weighting assigned =15%) 

IBM Modern Integration Field Guide

What are IBM Cloud Paks?

Beyond containers and Kubernetes, you need to orchestrate your production topology and provide management, security and governance for your applications. IBM Cloud Paks are enterprise-ready, containerized software solutions that run on Red Hat® OpenShift® on IBM Cloud™ and Red Hat Enterprise Linux. Built on a common integration layer, IBM Cloud Paks include containerized IBM middleware and common software services for development and management.

  • IBM Cloud Pak™ for Applications. Quickly build cloud-native apps by leveraging built-in developer tools and processes, including support for microservices functions and serverless computing. 
  • IBM Cloud Pak™ for Data. Simplify the collection, organization, and analysis of data. Turn data into insights through an integrated catalog of IBM, open source, and third-party microservices add-ons. 
  • IBM Cloud Pak™ for Integration. Achieve the speed, flexibility, security, and scale required for all of your integration and digital transformation initiatives, including API lifecycle, application and data integration, messaging and events, high-speed transfer, and integration security
  • IBM Cloud Pak™ for Automation. Deploy on your choice of clouds, with low-code tools for business users and real-time performance visibility for business managers. Migrate your automation runtimes without application changes or data migration. Automate at scale without vendor lock-in.
  • IBM Cloud Pak™ for Multicloud Management. Gain consistent visibility, automation, and governance across a wide range of hybrid, multicloud management capabilities including integration with existing tools and processes
  • IBM Cloud Pak™ for Security. Integrate security tools to gain insights into threats across hybrid, multicloud environments.

IBM Cloud Pak for Integration 

Building integrated solutions requires you to use more than one integration pattern at a time. Simplify the management of your integration architecture and reduce cost. Running on Red Hat OpenShift, IBM Cloud Pak for Integration gives you the agility to deploy workloads on-premises and on private and public clouds. 

  • API lifecycle management. Create, secure, manage, share, and monetize APIs across clouds while you maintain continuous availability. 
  • Application and data integration. Integrate your business data and applications quickly and easily across any cloud system
  • Enterprise messaging. Simplify, accelerate, and facilitate the reliable exchange of data with a trusted, flexible, and security-rich messaging solution. 
  • Event streaming. Use Apache Kafka to deliver messages more easily and reliably and to react to events in real time. 
  • High-speed data transfer. Reliably send, share, stream, and sync large files and data sets at maximum speed. 
  • Platform-level security, automation, and monitoring. Quickly set up and manage gateways, control access on a per resource basis, deploy your integration flows, and monitor all of your traffic.

API lifecycle management 

Bridge the gap between cloud and on-premises applications quickly and easily by abstracting your back-end implementation as APIs. One of the best ways to do this is by exposing services as APIs for external consumption and let the consuming applications compose the integration logic

  • Expand. Provide a standard API interface. Include global API discovery to access key business functions as fine-grained services. Encourage data reuse and mashups driven by innovative transformation use cases.
  • Integrate. Create a significant impact on your business goals by exposing core services through managed APIs. Enable projects to integrate with one another and discover the benefits of synergy across the enterprise.
  • Scale. Be prepared to scale dynamically based on the demands of your expanding ecosystem and other usage metrics.

Application & data integration

Integrate all your business data and applications across any cloud more quickly and easily using open standards. From the simplest SaaS application to the most complex legacy systems, this pattern alleviates the concern about mismatched sources, formats, or standards. 

  • Integrate applications. Connect applications and data sources on-premises or across multiple clouds to coordinate the exchange of business information as a coarse-grained service so that core data and transactions maintain their integrity. In contrast to the API management pattern, this pattern is best suited for coarse-grained services. 
  • Integrate data. In near real time, synchronize data across multiple endpoints in the integration landscape to achieve a cohesive view of data, gathered from legacy back ends to SaaS applications, to DBaaS repositories, to analytics cloud services.
  • Incorporate agile integration. Unify cross-enterprise capabilities. Enforce the use of core enterprise services and business processes. Include cognitive augmentation within your integration logic. Set up agile organizational models and governance practices.

Enterprise messaging

Simplify, accelerate, and facilitate the reliable exchange of data with a flexible and enhance security-rich IT services messaging solution. Extend traditional messaging capabilities in modern applications to communicate with new technologies from AI, IoT devices, and other digital channels. 

  • Ensure secure and reliable messaging. Preserve message integrity throughout the network, protect data, and ensure regulatory compliance with security-rich functions. Provide reliable delivery without message loss, duplication, or complex recovery.
  • Unify your enterprise. More easily integrate heterogeneous application platforms using industry-standard JMS messaging protocols, scalable publish-subscribe, and a choice of APIs
  • Expect high performance and scalable message transfer. Your apps can rely on a highly available solution with fully automated failover, dynamically distributed messaging workloads, high throughput, and a low-latency solution.
  • Simplify management and control. Use a dashboard to gain insights with visibility to message and file tracking. Audit data movement and transaction completion.

Event streaming

Take advantage of event streams to build adaptive solutions with engaging, more personalized user experiences by responding to events before the moment passes. By design, events occur in a continuous stream from a multitude of sources in a low-latency, high-velocity manner. 

  • Decrease system complexity. Loose coupling allows event producers to emit events without any knowledge about who is going to consume those events. Likewise, event consumers don’t need to be aware of the event emitters. 
  • Simplify the interface. One event producer can reach multiple endpoints with a single call.
  • React to events as they happen. Enable the following scenarios: IoT device, streaming analytics, real-time back-end transactions, geolocation tracking, and auditing
  • Facilitate machine learning. Improve predictive analytics by moving to real-time event streaming from batch processing

High-speed file transfer

Enterprises need a reliable, fast, secure data transfer and synchronized system that is hybrid and multi-cloud IT services. An integration platform makes it possible to securely transfer data across geographies faster than traditional tools, between any kind of storage, whether it’s on-premises, in the cloud, or across diverse cloud vendors.

  • Integrate application data. Coordinate the exchange of business information so that data is available when and where it is needed.
  • Transform data for analytics. Access, cleanse, and prepare data to create a consistent view of your business within a data warehouse or data lake.
  • Enrich enterprise data. Augment DBaaS content with data from enterprise back-end systems for a 360-degree view of the user. Allow partner and in-house data sources to sync and complement each other’s updates
  • Transfer data. Move huge amounts of data between on-premises and cloud or from cloud to cloud rapidly and predictably with enhanced levels of IT service security. Speed the adoption of cloud platforms when data is very large and needs to be exchanged across long distances. 

IBM Garage: Accelerate your journey

Modernization comes in many flavors, and rewriting your entire estate is not feasible. Big bang modernization efforts are risky, so it is best to break large initiatives into smaller projects with measurable impact. Your goal is to accelerate value, deliver frequently, and reduce risk. IBM Garage experts can help.

  • Co-create. Identify a business modernization opportunity. Define and build the MVP with your squad, get feedback, and co-create a solution.
  • Co-execute. Manage risk by choosing the right approach to modernize your current estate. Accelerate your journey through automation and technology
  • Co-operate. Harden for production, standardize operations, and improve DevOps efficiency across your application estate. 

Agile Integration: Container-based and microservices-aligned lightweight integration runtimes

Integration Has Changed

IDC estimates that spending on digital transformation initiatives will represent a $20 trillion market opportunity over the next 5 years. What’s behind this staggering explosion of spending? The ever-present, ever-growing need to build new customer experiences through connected experiences across a network of applications that leverage data of all types

That’s no easy task – bringing together processes and information sources at the right time and in the right context is difficult at best, particularly when you consider the aggressive adoption of SaaS business applications. New data sources need to be injected into business processes to create competitive differentiation

The Value of Application Integration for Digital Transformation

When you consider your agenda for building new customer experiences and focus on how data is accessed and made available for the services and APIs that power these initiatives, you can see several significant benefits that application integration brings to the table:

  • Effectively addressing disparity – Access data from any system in any format and build homogeneity from it, no matter how diverse your multicloud landscape grows
  • Expertise of the endpoints – Modern integration includes smarts around complex protocols and data formats, but it also incorporates intelligence about the actual objects, business and functions within the end systems
  • Innovation through data – Applications owe much of their innovation to their opportunity to combine data beyond their boundaries and create meaning from it, a trait particularly visible in microservices architecture
  • Enterprise-grade artifacts – Integration flows inherit a tremendous amount of value from the runtime, which includes enterprise-grade features for error recovery, fault tolerance, log capture, performance analysis, and much more.

The integration landscape is changing to keep up with enterprise and marketplace computing demands, but how did we get from SOA and ESBs to a modern, containerized, agile approach to integration?

The Journey So Far – SOA and the ESB pattern

Before we can look forward to the future of agile integration, we need to understand what came before. SOA (service oriented architecture) patterns emerged at the start of the millennium, and at first the wide acceptance of the standards SOA was built upon heralded a bright future where every system could discover and talk to any other system via synchronous exposure patterns.

This was typically implemented in the form of the ESB (enterprise service bus) – an architectural pattern that was aimed at providing synchronous connectivity to backend systems typically over web or on-site embedded services. While many enterprises successfully implemented the ESB pattern, it became something of a victim of its own success.

  • ESB patterns often formed a single infrastructure for the whole enterprise, with tens or hundreds of integrations installed on a production server cluster. Although heavy centralization isn’t required by the ESB pattern, the implemented topologies almost always fell prey to it. 
  • Centralized ESB patterns often failed to deliver the significant savings companies were hoping for. Few interfaces could be re-used from one project to another, yet the creation and maintenance of interfaces was prohibitively expensive for any one project to take on. 
  • SOA was more complex than just the implementation of an ESB, particularly around who would fund an enterprise-wide program. Cross Enterprise initiatives like SOA and its underlying ESB struggled to find funding, and often that funding only applied to services that would be reusable enough to cover their creation cost.

The result was that creation of services by this specialist SOA team sometimes became a bottleneck for projects rather than the enabler that it was intended to be. This typically gave the centralized ESB pattern a bad name by association.

All that said, the centralized ESB pattern does bring some benefits, especially if they have a highly skilled integration team with a low attrition rate, and who receive a predictable and manageable number of new integration requirements. A single, centralized ESB certainly simplifies consistency and governance of implementation. However, many organizations have more fluid and dynamic requirements to manage, and are also under pressure to implement integration using similar cloud native technologies and agile methods as are being used in other parts of the organization. A case in point is the move to microservices architecture typically found in the application development space. 

Service oriented architecture (SOA) vs microservice architecture

SOA and microservices architecture share many words in common, but they are in fact completely separate concepts.

Service-oriented architecture and the associated ESB pattern is an enterprise-wide initiative to make the data and functions in systems of record readily available to new applications. We create re-usable, synchronous interfaces such as web services and RESTful APIs to expose the systems of record, such that new innovative applications can be created more quickly by incorporating data from multiple systems in real time

Microservices architecture, on the other hand, is a way of writing an individual application as a set of smaller (microservice) components in a way that makes that application more agile, scalable, and resilient. So in summary, service oriented architecture is about real-time integration between applications, whereas microservices architecture is about how we build the internals of applications themselves. 

The Case for Agile Integration

Why have microservices concepts become so popular in the application space? They represent an alternative approach to structuring applications. Rather than an application being a large silo of code running on the same server, the application is designed as a collection of smaller, completely independently-running components.

Microservices architecture enables three critical benefits:

  • Greater agility – Microservices are small enough to be understood completely in isolation and changed independently. 
  • Elastic scalability – Their resource usage can be fully tied into the business model.
  • Discrete resilience – With suitable decoupling, changes to one microservice do not affect others at runtime.

With those benefits in mind, what would it look like if we re-imagined integration, which is typically deployed in centralized silos, with a new perspective based on microservices architecture? That’s what we call an “Agile Integration.”

There are three related, but separate aspects to agile integration:

Aspect 1: Fine-grained integration deployment. What might we gain by breaking out the integrations in the siloed ESB into separate runtimes that could be maintained and scaled independently? What is the simplest way that these discrete integrations be made

Aspect 2: Decentralized integration ownership. How should we adjust the organizational structure to better leverage a more autonomous approach, giving application teams more control over the creation and exposure of their own integrations?

Aspect 3: Cloud native integration infrastructure. How can we best leverage the container-based infrastructure that underpins cloud native applications, to provides productivity, operational consistency, and portability for both applications and integrations across a hybrid and multi-cloud landscape

 

Aspect 1: Fine-grained Integration Deployment

Traditional integration is characterized by the heavily centralized deployment of integrations in the ESB pattern. Here, all integrations are deployed to a single heavily nurtured (HA) pair of integration servers has been shown to introduce a bottleneck for projects. Any deployment to the shared servers runs the risk of destabilizing existing critical interfaces. No individual project can choose to upgrade the version of the integration middleware to gain access to new features. 

Using the same concepts as microservice architecture, we could break up the enterprise-wide ESB into smaller, more manageable and dedicated pieces. Perhaps in some cases we can even get down to one runtime for each interface we expose. These “fine-grained integration deployment” patterns provide specialized, right-sized containers, offering improved agility, scalability and resilience, and look very different to the centralized ESB patterns of the past. Figure 1 demonstrates in simple terms how a centralized ESB differs from fine-grained integration deployment.

Fine-grained integration deployment draws on the benefits of a microservices architecture. Let’s revisit what we listed as microservices benefits in light of fine-grained integration deployment:

  • Agility: Different teams can work on integrations independently without deferring to a centralized group or infrastructure that can quickly become a bottleneck. Individual integration flows can be changed, rebuilt, and deployed independently of other flows, enabling safer application of changes and maximizing speed to production.
  • Scalability: Individual flows can be scaled on their own, allowing you to take advantage of efficient elastic scaling of cloud infrastructures.
  • Resilience: Isolated integration flows that are deployed in separate containers cannot affect one another by stealing shared resources, such as memory, connections, or CPU.

Aspect 2: Decentralized integration ownership

A significant challenge faced by service-oriented architecture was the way that it tended to force the creation of centralized integration teams and infrastructure to implement the service layer. 

This created ongoing friction in the pace at which projects could run since they always had the central integration team as a dependency. The central team knew their integration technology well, but often didn’t understand the applications they were integrating, so translating requirements could be slow and error prone. 

Many organizations would have preferred the application teams own the creation of their own services, but the technology and infrastructure of the time didn’t enable that. 

The move to fine-grained integration deployment opens a door such that ownership of the creation and maintenance of integrations can also be distributed out to the application teams. It’s not unreasonable for business application teams to take on integration work, streamlining the implementation of new integrations. 

Furthermore, API management has matured to the point where application teams can easily manage the exposure of their own APIs, again without resorting to a separate centralized integration team. 

Microservices design patterns often prefer to increase decoupling by receiving event streams of data and building localized data representations rather than always going via API calls to retrieve data in real time. Agile integration also considers how best to enable teams to publish and consume event streams both within and beyond application boundaries.

Aspect 3: Cloud-native integration infrastructure

Integration runtimes have changed dramatically in recent years. So much so that these lightweight runtimes can be used in truly cloud-native ways. By this we are referring to their ability to hand off the burden of many of their previously proprietary mechanisms for cluster management, scaling, availability and to the cloud platform in which they are running.

This entails a lot more than just running them in a containerized environment. It means they have to be able to function as “cattle not pets,” making best use of the orchestration capabilities such as Kubernetes and many other common cloud standard frameworks. 

Clearly, Agile Integration requires that the integration topology be deployed very differently. A key aspect of that is a modern integration runtime that can be run in a container-based environment and is well suited to cloudnative deployment techniques. Modern integration runtimes are almost unrecognizable from their historical peers. Let’s have a look at some of those differences:

  • Fast lightweight runtime: They run in containers such as Docker and are sufficiently lightweight that they can be started and stopped in seconds and can be easily administered by orchestration frameworks such as Kubernetes.
  • Dependency free: They no longer require databases or message queues, although obviously, they are very adept at connecting to them if they need to. 
  • File system based installation: They can be installed simply by laying their binaries out on a file system and starting them up—ideal for the layered file systems of Docker images. 
  • DevOps tooling support: The runtime should be continuous integration and deployment-ready. Script and property file-based install, build, deploy, and configuration to enable “infrastructure as code” practices. Template scripts for standard build and deploy tools should be provided to accelerate inclusion into DevOps pipelines.
  • API-first: The primary communication protocol should be RESTful APIs. Exposing integrations as RESTful APIs should be trivial and based upon common conventions such as the Open API specification. Calling downstream RESTful APIs should be equally trivial, including discovery via definition files.
  • Digital connectivity: In addition to the rich enterprise connectivity that has always been provided by integration runtimes, they must also connect to modern resources. For example, NoSQL databases (MongoDb and Cloudant etc.), and messaging services such as Kafka. Furthermore, they need access to a rich catalogue of application intelligent connectors for SaaS (software as a service) applications such as Salesforce
  • Continuous delivery: Continuous delivery is enabled by command line interfaces and template scripts that mesh into standard DevOps pipeline tools. This further reduces the knowledge required to implement interfaces and increases the pace of delivery
  • Enhanced tooling: Enhanced tooling for integration means most interfaces can be built by configuration alone, often by individuals with no integration background. With the addition of templates for common integration patterns, integration best practices are burned into the tooling, further simplifying the tasks. Deep integration specialists are less often required, and some integration can potentially be taken on by application teams as we will see in the next section on decentralized integration. 

Modern integration runtimes are well suited to the three aspects of an agile integration methodology: fine-grained deployment, decentralized ownership, and true cloud-native infrastructure. 

Along with integration runtimes becoming more lightweight and container friendly, we also see API management and messaging/eventing infrastructure moving to container-based deployment. This is generally in order to benefit from the operational constancy provided by orchestration platforms such as Kubernetes that provides auto scaling, load-balancing, deployment, internal routing, reinstatement and more in a standardized way, significantly simplifying the administration of the platform.

Agile Integration for the Integration Platform

Throughout this paper, we have been focused on the application integration features as deployed in an agile integration architecture. However, many enterprise solutions can only be solved by applying several critical integration capabilities. An integration platform (or what some analysts refer to as a “hybrid integration platform”) brings together these capabilities so that organizations can build business solutions in a more efficient and consistent way. 

Many industry specialists agree on the value of this integration platform. Gartner notes:

The hybrid integration platform (HIP) is a framework of on-premises and cloud-based integration and governance capabilities that enables differently skilled personas (integration specialists and non-specialists) to support a wide range of integration use cases.… Application leaders responsible for integration should leverage the HIP capabilities framework to modernize their integration strategies and infrastructure, so they can address the emerging use cases for digital business. 

One of the key things that Gartner notes is that the integration platform allows multiple people from across the organization to work in user experiences that best fits their needs. This means that business users can be productive in a simpler experience that guides them through solving straightforward problems, while TeraPixels Systems IT specialists in San Diego have expert levels of control to deal with the more complex enterprise scenarios. These users can then work together through reuse of the assets that have been shared; while preserving governance across the whole.

Satisfying the emerging use cases of the digital transformation is as important as supporting the various user communities. The bulk of this paper will explore these emerging use cases, but first we should further elaborate on the key capabilities that must be part of the integration platform.

IBM Cloud Pak for Integration

IBM Cloud Integration brings together the key set of integration capabilities into a coherent platform that is simple, fast and trusted. It allows you to easily build powerful integrations and APIs in minutes, provides leading performance and scalability, and offers unmatched end-to-end capabilities with enterprise-grade security. IBM Cloud Pak for Integration is built on the open source Kubernetes platform for container orchestration. 

IBM Cloud Pak for Integration is the most complete hybrid integration platform in the industry including all of the key integration capabilities your team needs:

Application and Data Integration Connects applications and data sources on-premises or in the cloud, in order to coordinate exchange business information so that data is available when and where needed.

API Lifecycle Exposes and manages business services as reusable APIs for select developer communities both internal and external to your organization. Organizations adopt an API strategy to accelerate how effectively they can share their unique data and services assets to then fuel new applications and new business opportunities.

Enterprise Messaging Ensures real-time information is available from anywhere at anytime by providing reliable message delivery without message loss, duplication or complex recovery in the event of a system or network issue. 

High Speed Data Transfer: Move huge amounts of data between on-premises and cloud or cloud-to cloud rapidly and predictably with enhanced levels of security. Facilitates how quickly organizations can adopt cloud platforms when data is very large

Secure Gateway Extend Connectivity and Integration beyond the enterprise with DMZ-ready edge capabilities that protect APIs, the data they move, and the systems behind them

Hybrid Integration Platforms: Digital Business Calls for Integration Modernization and Greater Agility

Integration is the lifeblood of today’s digital economy. Hybrid integration is a key business imperative for most enterprises, as digitalization has led to a proliferation of applications, services, APIs, and data stores that need to be connected to realize end-to-end functionality and, in many cases, an entirely new digital business proposition. A hybrid integration platform caters to a range of integration needs, including on-premises app integration, cloud application integration, messaging, event streaming, rapid API creation and lifecycle management, B2B/EDI integration, mobile application/back-end integration, and file transfer. User productivity tools and deployment flexibility are key characteristics of a hybrid integration platform that helps enterprises respond faster to evolving digital business requirements. 

Ovum view

Ovum ICT Enterprise Insights 2018 survey results indicate a strong inclination on the part of IT leaders to invest in integration infrastructure modernization, including the adoption of new integration platforms. IT services professionals in Orange County and other areas continue to struggle to meet new application and data integration requirements driven by digitalization and changing customer expectations. Line-of-business (LoB) leaders are no longer willing to wait for months for the delivery of integration capabilities that are mission-critical for specific business initiatives. Furthermore, integration competency centers (ICCs) or integration centers of excellence (COEs) are being pushed hard to look for alternatives that significantly reduce time to value without prolonged procurement cycles.

Digital business calls for flexible integration capabilities that connect diverse applications, services, APIs, and data stores; hybrid integration continues to be a complex IT issue. The current enterprise IT agenda gives top priority to connecting an ever-increasing number of endpoints and mitigating islands of IT infrastructure and information silos that make the vision of a “connected enterprise” difficult to achieve. Hybrid integration, which involves disparate applications, data formats, deployment models, and transactions, is a multifaceted problem for which there is no simple solution. For example, while an enterprise service bus (ESB) can be appropriate for data/protocol transformation and on-premises application integration, integration PaaS (iPaaS) is clearly a popular solution for SaaS-to-on-premises and SaaS-to-SaaS integration.

The center-of-gravity hypothesis applies to integration architecture. There is a greater inclination to deploy integration platforms closer to applications and data sources. APIs continue to gain prominence as flexible interfaces to digital business services and enablers for enterprises looking to innovate and participate in the wider digital economy. The unrelenting drive toward SaaS is leading to a rapid shift of integration processes to the cloud. A combination of these trends is driving the emergence of a new agile hybrid integration paradigm, with cloud-based integration platforms used for cloud, mobile application/back-end, B2B/EDI, and data integration. This integration paradigm or pattern is gaining popularity as enterprises do not have the luxury of executing dedicated, cost intensive and time-consuming integration projects to meet digitalization-led, hybrid integration requirements. Enterprise IT leaders realize that existing legacy integration infrastructure offers less flexibility and is difficult to maintain, so they are now more open to new integration approaches or platforms that improve developer productivity and allow them to “do more with less.” Moreover, traditional, heavyweight middleware is a barrier for enterprises looking to achieve agile hybrid integration to meet critical digital business requirements.

Agile hybrid integration calls for modular solutions that integrate well with each other and offer a uniform user experience (UX) and developer productivity tools to reduce time to integration and cost of ownership. For example, enterprises need to achieve integration within a few days of subscribing to a new set of SaaS applications, and frequently need to expose SaaS applications via representational state transfer (REST) APIs for consumption by mobile applications. They may also need to design and manage a new set of APIs for externalization of the enterprise or monetization of new applications and enterprise data assets. A hybrid integration platform can meet all these requirements, with modular integration solutions deployed on-premises, in the cloud, or on software containers according to the requirements of specific use cases. 

In the background of changing digital business requirements, IT leaders need to focus on revamping their enterprise integration strategy, which invariably will involve adoption of a hybrid integration platform that offers deployment and operational flexibility and greater agility at a lower cost of ownership to meet multifaceted hybrid integration requirements. Integration modernization initiatives aim to use new integration patterns, development and cultural practices, and flexible deployment options to drive business agility and reduce costs. It is important to identify a strategic partner (and not just a software vendor with systems integration capabilities) that can provide essential advice and best practices based on years of practical experience to ensure that integration modernization initiatives stay on track and deliver desired outcomes. 

Recommendations

  • Enterprise IT leaders should focus on developing a forward-looking strategy for hybrid integration using the best of existing on-premises middleware and specific cloud-based integration services (i.e., PaaS products for hybrid integration). For all practical purposes, and in most cases, it would make sense to opt for a hybrid integration platform. This does not imply a complete “rip and replace” strategy for deciding the future of existing on-premises middleware. With DevOps practices, microservices, and containerized applications gaining popularity, IT leaders should evaluate the option of deploying middleware (integration platforms) on software containers as a means to driving operational agility and deployment flexibility
  • With several middleware vendors focusing on developing a substantial proposition for hybrid integration, it would be better to exploit a more cohesive set of integration capabilities provided by the same vendor. A “do it yourself” approach to integration or federation between middleware products offered by different vendors is rarely easy, and it is of course easier to train users on a hybrid integration platform offering a uniform UX
  • Integration is still predominantly carried out by IT service practitioners; however, IT leaders should consider “ease of use” for both integration practitioners and less skilled, non-technical users (e.g., power users) when selecting integration platforms for a range of hybrid integration use 

Integration modernization is a recurring theme driven by digitalization and the need for greater agility 

Hybrid integration complexity continues to drive integration modernization

Over the last couple of years, “integration modernization” has regularly featured in Ovum’s conversations with enterprise IT leaders. Digitalization has led to an almost unrelenting need for expose and consume APIs and exploiting digital assets to cater for ever-changing customer requirements and drive growth via new digital business models. Digital business initiatives call for more open, agile, and API-led integration capabilities, reducing time to integration. Enterprises need to develop customer-centric and more flexible business processes that can easily be extended via APIs to a range of access channels. The business side is asking some tough questions, including how fast and at what cost IT can deliver the desired integration capabilities. Ovum ICT Enterprise Insights 2018 survey results show that over 60% of respondent enterprises are planning substantial investment (including strategic investment in new iPaaS solutions) in iPaaS solutions over the next 18-month period. The survey results indicate that about 58% of respondent enterprises are planning substantial investment in API platforms over the same period. These figures clearly indicate enterprise interest in investing in new integration platforms to tackle hybrid integration challenges

Hybrid integration platform

Hybrid integration involves a mix of on-premises, cloud, B2B/EDI, mobile application/back-end integration, rapid API creation and lifecycle management, messaging, events, and file transfer use case scenarios of varying complexity (see Figure 1). Owing to specific business-IT requirements, enterprises may not have the flexibility to use “on-premises only” middleware or only cloud-based integration platforms. In certain cases, even the same integration capabilities (e.g., API management) need to be used both as on-premises middleware and as a cloud service (i.e., PaaS).  

An important aspect of hybrid integration requirements driven by digitalization is the need to support a range of user personas, including application developers, integration practitioners, enterprise/solution architects, and less skilled business users (i.e., non-technical users). Given the persistent time and budget constraints, enterprises often do not have the luxury of deploying only technical resources for hybrid integration initiatives and ICCs/integration COEs are not always in the driver’s seat. Simplified and uniform UX, self-service integration capabilities, and developer productivity tools are therefore critical in meeting hybrid integration requirements.

Ovum defines a hybrid integration platform as a cohesive set of integration software (middleware) products that enable users to develop, secure, and govern integration flows, connecting diverse applications, systems, services, and data stores, as well as enabling rapid API creation/composition and lifecycle management to meet the requirements of a range of hybrid integration use cases. A hybrid integration platform is “deployment model agnostic” in terms of delivering requisite integration capabilities, be it on-premises and cloud deployments or containerized middleware.

The key characteristics of a hybrid integration platform include:

  • support for a range of application, service, and data integration use cases, with an API-led, agile approach to integration, reducing development effort and costs 
  • uniformity in UX across different integration products or use cases and for a specific user persona 
  • uniformity in underlying infrastructure resources and enabling technologies 
  • flexible integration at a product or component API level 
  • self-service capabilities for enabling less skilled, non-technical users 
  • the flexibility to rapidly provision various combinations of cloud-based integration services based on specific requirements 
  • openness to federation with external, traditional on-premises middleware platforms 
  • support for embedding integration capabilities (via APIs) into a range of applications or solutions
  • developer productivity tools (e.g., a “drag-and-drop” approach to integration flow development and pre-built connectors and templates) and their extension to a broader set of integration capabilities 
  • flexible deployment options: on-premises deployment, public, private, and hybrid cloud deployment, and containerization 
  • centralization of administration and governance capabilities.

Specific features and capabilities of hybrid integration platforms vary from vendor to vendor, and certain hybrid integration platforms may not offer some of the above-specified capabilities. It is noteworthy that the evolution from traditional middleware and PaaS for specific integration use cases (e.g., iPaaS for SaaS integration) to a hybrid integration platform is a work in progress for a majority of middleware vendors. 

iPaaS is now a default option for SaaS integration, and the iPaaS model for delivery of cloud integration capabilities is no longer about only offering dozens or hundreds of connectors and pre-built integration templates. It is important for iPaaS vendors to target new user personas and a broader set of integration use cases. In this context, we see two key developments: self-service integration capabilities for less skilled, non-technical user enablement, and artificial intelligence (AI)/machine learning (ML) capabilities simplifying development of integration flows

Terapixels offers IT services in San Diego that has a hybrid of on site and remote monitoring. In addition, this hybrid environments call for a cloud-native integration paradigm that readily supports DevOps practices and drives operational agility by reducing the burden associated with cluster management, scaling, and availability. As per such a cloud-native integration paradigm, integration runtimes run on software containers, are continuous integration and continuous delivery and deployment (CI/CD) ready, and are significantly lightweight and responsive enough to start and stop within a few seconds. Many enterprises have made substantial progress in containerizing applications to benefit from a microservices architecture and portability across public, private, and hybrid cloud

microservices architecture and portability across public, private, and hybrid cloud environments. Containerized applications and middleware represent a good combination; in cases where an application and a runtime are packaged and deployed together, developers can benefit from container portability and ease of use offered by the application and middleware combination. 

It also makes sense for applications and middleware to share a common architecture, as DevOps teams can then avoid the overhead and complexity associated with the proposition of running containerized applications on different hardware and following different processes to the existing ones with traditional middleware. This is true even in cases that do not involve much re-architecting of the applications; DevOps teams can still develop and deploy faster using fewer resources

Developers are increasingly building APIs that support new applications that use loosely coupled microservices. Each microservice has a particular function that can be independently scaled or maintained without impacting other loosely coupled services. A microservices architecture can involve both internal and external APIs, with internal APIs invoked for inter-service communication and external API calls initiated by API consumers. IT leaders must realize that microservices management is different in scope from API management and focus on effectively meeting both requirements

Good API design and operations principles (i.e., API- and design-first principles) are gaining ground in enterprises that have previous experience of experimenting with enterprise API initiatives linked to new digital business services. Consequently, API platforms are gaining traction. Multicloud API management and deployment on software containers are areas of significant interest to large enterprises. An API platform enables users to develop, run, manage, and secure APIs and microservices, and offers a superset of capabilities in comparison to those provided by API lifecycle management solutions. As the graphical approach to integration flows provided by application integration capabilities can now be deployed as microservices, these technologies jointly provide a holistic approach to the rapid creation/composition of APIs and the subsequent management of their lifecycle and operations. A key benefit of an API platform is the ability to create, test, and implement an API rapidly and reiterate the cycle to create a new version of it based on user feedback (i.e., the application of DevOps-style techniques to API lifecycle and operations).  

Internet of Things (IoT) integration use cases call for message-oriented middleware (MoM) that offer standards-based message queue (MQ) middleware to ease integration with enterprise applications and data stores. It is particularly suitable for heterogeneous environments, as any type of data can be transported as messages; MQ middleware is frequently used in mainframe, cloud, mobile, and IoT integration use case scenarios. A hybrid integration platform should support integration requirements of such use cases.

A lot of data is generated in the form of streams of events, with publishers creating events and subscribers consuming these events in different ways or via different means. Event-driven applications can deliver better customer experiences. For example, this could be in the form of adding context to ML models to obtain real-time recommendations that evolve continually as per the requirements of a specific use case. Embedding real-time intelligence into applications and real-time reaction or responsiveness to events are key capabilities in this regard.

For distributed applications using microservices, developers can opt for asynchronous event-driven integration, in addition to the use of synchronous integration and APIs. Apache Kafka, an open source stream-processing platform, is a good option for such use cases that require high throughput and scalability. Kubernetes can be used as a scalable platform for hosting Apache Kafka applications. As Apache Kafka reduces the need for point-to-point integration for data sharing, it can reduce latency to just a few milliseconds, thereby enabling faster delivery of data to the users. A hybrid integration platform should cater to the integration requirements of event-driven applications.

A hybrid integration platform with simplified UX, scalable architecture, and flexible deployment options

Key attributes at architectural and operational levels simplify hybrid integration and drive developer productivity and cost savings

The IBM Cloud Pak for Integration (shown in Figure 2) solves a range of hybrid integration requirements, including on-premises and SaaS application and data integration, rapid API creation/composition and lifecycle management, API security and API monetization, messaging, event streaming, and high-speed transfer. IBM offers a holistic integration platform exploiting a container based portable architecture for a range of hybrid integration use cases, as well as providing essential advice and support to help enterprises succeed with their integration modernization initiatives.

IBM Cloud Pak for Integration was built for deployment on containers and provides a modern architecture that includes the management of containerized applications and Kubernetes, an open source container orchestration system. An interesting trend is the adoption of DevOps culture, microservices, and PaaS for responsiveness to changes driven by digital business requirements. With IBM Cloud Pak for Integration’s container-based architecture, users have the flexibility to deploy on any environment that has Kubernetes infrastructure, as well as exploit a self-service approach to integration. IBM Cloud Pak for Integration enables simplified creation and reuse of integrations, their deployment close to the source, and self-service integration to deliver faster time to integration at lower cost. It offers the benefit of a unified UX for developing and sharing integrations, which promotes integration asset reuse to improve developer productivity.

With IBM Cloud Pak for Integration, users can deploy integration capabilities easily onto a Kubernetes environment. This provision helps achieve faster time to value for integration modernization initiatives by integrating the monitoring, logging, and IT security systems of a private cloud environment to ensure uniformity across a cloud integration platform deployment. Containerization fosters the flexibility of cloud private architecture, thereby helping users meet performance and scalability requirements as specified in the service-level agreements (SLAs) of their business applications. Another benefit is common administration and governance enabled via a single point of accessibility. This mitigates the need for logging in to multiple tools and better supports access management across different teams. In terms of deployment flexibility, IBM supports deployment on any cloud or on-premises deployment.

IBM espouses an approach that differentiates API management from microservices management but also combines the two to offer more than the sum of the parts. Istio running on Kubernetes allows users to manage the interactions between microservices running in containers. Integration between Security Gateway and Istio service mesh (involving security, application resiliency, and dynamic routing between microservices) can offer a good solution to end-to-end routing. IBM has optimized the gateway for cloud-native workloads. An interesting trend is the growth in the number of API providers offering additional endpoints to adapt to emerging architectural styles, such as GraphQL. GraphQL APIs have the ability to use a single query to fetch required data from multiple resources. IBM is extending its integration platform’s API capabilities to provide support for GraphQL management, and this approach decouples GraphQL management from GraphQL server implementation. 

IBM’s Agile Integration methodology

Agile integration focuses on delivering business agility as part of an integration modernization initiative. It espouses the transition of integration ownership from centralized integration teams to application teams, as supported by the operational consistency achieved via containerization. On the operational agility side, cloud-native infrastructure offers dynamic scalability and resilience. 

A good case in point is a fine-grained integration deployment pattern involving specialized, right-sized containers that deliver improved agility, scalability, and resilience. This is quite different from traditional, centralized ESB patterns, which is why IBM redesigned each of these capabilities, including the application integration features, to be deployed in a microservices-aligned manner. With a fine-grained deployment pattern, enterprises can improve build independence and production speed to drive deployment agility. In a nutshell, as part of integration modernization initiatives, “agile integration” caters to people, processes, and technology aspects to provide necessary advice and guidance to help enterprises achieve faster time to value across diverse deployment environments.