Two products Microsoft should set free into Cloud

By Subraya Mallya - June 2010 | Topics - Cloud Computing

As with all monolithic technology companies Microsoft has had its challenges embracing Cloud and making big strides there. While they have got their feet wet by releasing the Microsoft Azure Platform as both a Platform-as-a-Service(PaaS)  and Infrastructure-as-a-Service(IaaS) offering, they still resonate more with the Private Cloud believers. (I firmly vouch my support a fully public cloud just like the energy grid).

Amongst all the hundreds of products Microsoft has, no two products fit in so well with the Cloud as Microsoft BizTalk and Microsoft Identity & Access Management (most widely known as Microsoft Active Directory). Both BizTalk and Active Directory have been unquestionable leaders in their respective space in solving the complex problem of Data Integration and Identity Management respectively. With the world of software becoming more of a niche solution SaaS/ Cloud Services market, if anything, those very  problems of Data Integration and Identity Management has exacerbated. While other products Microsoft is trying to adapt to the world of Cloud are rapidly transitioning, these two, I feel, can really put Microsoft right in the thick of the Cloud movement and make them a critical cloud player.

Microsoft BizTalk started in the early days of B2B data interchange movement  in the late 90s when XML was becoming the de-facto standard for sharing data. BizTalk became the torchbearer for SOAP (Simple Object Access Protocol) and helped companies with complex data integration involving ERP, Manufacturing, Warehouse Management and Financials. The offering evolved over time to include a robust process orchestration framework and support for a large set of standards like EDI, SWIFT, Rosettanet. It could do all those over HTTP/HTTPS without needing expensive proprietary networks and do so across heterogeneous technologies. Look at the SaaS/Cloud landscape now. Almost every solution adoption essentially includes data integration to other SaaS/Cloud applications or on-premise solutions. With Microsoft not extending its  pre-Cloud leadership into cloud small vendors like Boomi, Cast Iron Systems have been able to get some traction in the large data integration market. The IBM acquisition of Cast Iron further illustrates the critical nature data integration has assumed in the new Cloud-based scheme of things.

Microsoft Active Directory on the other hand has been synonymous with the whole Identity Management/Directory Services space – much like Band-Aid has been for adhesive bandages. Regulatory Mandates like SOX, PCI-DSS, Segregation of Duties have made Identity Management an imperative. Majority of the Global 5000 companies have Active Directory deployed to govern their Access and Identity Management across their global enterprise. With the ability to define Sites, Trees (cluster of sites) and Forests (cluster of trees) to model large hierarchical organizations into domains, sub-domains and assign and manage access policies. Although they started with Windows based networks, they eventually expanded to support Unix based platforms as well. Active Directory has prominently figured as a prime candidate in any/all Identity Management technology RFPs. In most cases, it has not been a question of if it was a good fit, it was more a question of if it affordable? Incidentally, that is one of the fundamental premise of most Cloud based offerings – taking solutions that were until now only affordable by large companies and making them available to small and medium businesses by leveraging economies of scale. With increasing number of Cloud based vendors supporting SAML/SPML based authentication/provisioning and allowing companies to centralize their authentication, extending their corporate Identity Management solution to incorporate Cloud based offerings. Without Microsoft eager to step in has allowed smaller companies like Symplified, Ping Identity, Conformity to position themselves as the leaders in this critical market.

So Microsoft – here is a market that is begging to be served and yours to lose. While you still have work to do to make your to Azure Platform, Business Applications, Office Suite widely adopted in Cloud, BizTalk and Active Directory are the need of the hour and are ready to go. So waste no more time – let them free and watch them soar in Cloud.

  • Pingback: Subraya Mallya()

  • Pingback: techno@solidsoft()

  • Joe Weiner

    I agree with your assessment. This represents a great opportunity for Microsoft. I think they already sell these two products to help companies manage cloud based applications but coming out and announcing that the said product will be made available as a Cloud based Service and make a marketing push around it.

  • mani

    Good post.

  • Hi Subraya, interesting thoughts. 🙂 One point of feedback – Active Directory and BizTalk not being part of the Microsoft cloud platform today (either in SaaS or PaaS model) doesn’t mean Microsoft doesn’t want to “set them free into cloud”. In fact, our long-term roadmap has been to make all of our software products and platforms available in the cloud in some form.

    So then why haven’t we? Shouldn’t it be pretty simple to deploy instances of Active Directory and BizTalk in Microsoft data centers and let customers use them, a-la-SaaS-style? The answer lies in the fundamental question – is cloud computing simply server hosting in other people’s data centers, or is it a new paradigm we can leverage to do things differently?

    Microsoft’s approach to cloud computing is exactly that – provide the right solutions for cloud computing to effectively support the new paradigm. For example, as today you can see that in Microsoft’s SaaS offerings, there are both single-tenant and multi-tenant versions of Exchange, SharePoint, Office Communications Online suites; and in the PaaS offerings, SQL Azure is a fully multi-tenant relational database service and not simply hosted SQL Server, and Windows Azure’s native roles are provided via a higher abstraction, container-like model, and not simply hosted Windows Server.

    So then the question is, what’s the right cloud model for Active Directory? That is still under consideration, but my personal opinion is that we still need to carefully evaluate a couple of factors:

    • Do customers really want to outsource their identity management solution? Is there really a lot of demand for hosted enterprise identity management services?
    • What are the true benefits of hosting the identity management solution elsewhere? Just some cost savings from managing your own servers? That might be the case for smaller companies but larger organizations prefer the private cloud approach
    • For example, the identity management solution is essential in managing access control across an IT architecture. Wouldn’t it work better if it’s maintained closer, in terms of proximity, to the assets it’s intended to manage? Keep in mind that most “pure cloud” vendors who advocate otherwise, use their own identity management infrastructure hosted in their own data centers
    • And from an external, hybrid cloud, and B2B integration perspective, identity federation works pretty well to enable single sign-on across resources deployed in separate data centers and security domains
    • Lastly, what’s the right model for cloud-based identity management solution? Is it making the online identity metasystem more “enterprise-like”, such as adding some of the fine-grained management capabilities to the Live ID infrastructure, or developing a multi-tenant version of Active Directory that can better address some of the consumer identity scenarios?

    Similarly for BizTalk, many of the above points apply as well for its cloud aspirations, plus a few specific ones:
    • Process and data integration between organizations (such as traditional B2B scenarios) and different cloud-based services operated by separate organizations, is a lot different from traditional enterprise integration scenarios where enterprise service bus type of solutions fit in today. It has a lot more to do with service management, tracking, and orchestration in an increasingly more service-oriented manner; as opposed to having system and application-specific adapters to enable communication
    • Also, EAI and ESB type of integration places the center of gravity in terms of context and entity definition within one enterprise. Cloud-based integration, such as outsourced process management, multi-enterprise integration, etc.; shifts the center of gravity into the cloud and in a much more shared/federated manner
    • Question then is, what is the right type of integration-as-a-service solution that would work well for cloud-based integration scenarios? We have many integration hub service offerings today, many grew from their EDI/VAN, managed FTP, B2B, supply chain management, e-commerce, and RosettaNet, ebXML, HL7 roots. The landscape for external integration is vastly more diverse and generic (in each vertical) than any one organization’s way of managing processes
    • Some initial direction can be observed in Windows Azure AppFabric today, with the Service Bus offering. It works as an Internet service bus to help facilitate communication regardless of network topologies. It advocates a federated application model in a distributed environment, where processes and data are integrated in a service-oriented manner. It’s a much more dynamic environment (changes are more frequent and preferred) than a more static environment in an on-premise systems integration scenario
    • Thus is it correct to simply have BizTalk hosted and sell it as a cloud-based integration solution? Will an on-premise systems integration approach effectively handle integration scenarios in a more dynamic environment?
    Pure cloud pundits often ask “why not cloud?” But I think it’s also fair to counter that question with “why?” Not all IT functions and workloads are ideally suited for external deployment. A prudent architect should carefully consider what are the right things to move into the cloud, and what are the right things to still keep on-premise, instead of doing external cloud deployment just for the sake of doing so. There’s a big difference between “can” and “should”.

    One way of looking at finding the right balance between what should move into the cloud, is where the users are. Applications that are consumed by users on the Web, are excellent candidates to move into public clouds. Internal business applications that support a back-office operation, often are still better maintained on-premise; closer to an organization’s workforce. It’s also a nice general approach of balancing trade-offs between security and control, scalability and availability.

    Thus eventually Microsoft will have some form of enterprise-level identity management solution, and multi-enterprise integration solution, available as cloud-based services. But these don’t necessarily have to be hosted Active Directory and BizTalk Server as we know them today.

    Just my thoughts. Best regards, -David Chou (Microsoft)

    • David – did you check the recent announcements by MSFT – they did release Active Directory into Cloud 🙂

  • Pingback: Active Directory and BizTalk in the Cloud? « Circuitous windings in thought()

  • Pingback: Active Directory and BizTalk in the Cloud? « Circuitous windings in thought()

  • Pingback: eagle29()

Back to Top