Enterprise Service Bus
Suva Uses WSO2 ESB to Manage 100-Plus Web Services Internally and Across Customers, Government Agencies, and Other Third Parties As Switzerland s leading provider of federal insurance for companies and their employees, Suva manages about 120,000 companies with more than 1.9 million insured. Each year, the company handles some 466,000 cases of illness or accident, covering costs for each person s medical care, as well as any compensation for time out of work. Efficiently managing these cases requires Suva to integrate processes and information with the broad range of disparate systems used internally and by the federal agencies and companies the insurer supports. Today, Suva relies on WSO2 Enterprise Service Bus (WSO2 ESB) to serve as the central integration platform for enabling Web services across the various platforms involved in providing holistic care for policyholders. Proprietary Approach Leads to Integration Complexity For years, Suva has used several different technologies for building applications to manage its processes, including the Oracle WebLogic Java application server, Oracle Tuxedo middleware, SAP ERP systems, and the Microsoft.NET framework. At first, it was relatively easy to interconnect one to three systems with one or two Web services. However, by 2010, Web services started to be used frequently for interconnecting platforms. The lack of a homogenous integration platform made it impossible to know what kind of Web service integrations existed. Moreover, each application had to struggle with proprietary authentication mechanisms. It was time consuming to manage the integrations, and the complexity was growing, recalled Igor Berchtold, senior IT architect at Suva. The systems would call each other, and no one would know because we didn t have the visibility. We realized we needed a solution that would enable business functionality integration across heterogeneous platforms including commercial software and our own home-grown applications. http://wso2.com 2
Evaluating SOA Alternatives Suva recognized that there were two key factors in streamlining its systems integration. First was adopting a service-oriented architecture (SOA), which would decouple Web services from the service providers and consumers, supporting protocols, security, and data mapping. The second was finding an integration product to serve as the backbone for this SOA. The company had looked at major players, such as SAP, Oracle, IBM and JBoss, along with traditional integration products that had been rebranded as being SOA-enabled. Suva also evaluated newer products designed specifically to support Web services, including WSO2. It was a short evaluation. We didn t want to use one of the rebranded solutions, Mr. Berchtold said. When we looked at WSO2, we saw that it would just fit our needs. The technology was quite mature, extensible to fit to our needs, and really looked good, and even before we became customers, we got very good answers from the WSO2 support team. WSO2 Quick Start Helps Speed Deployment Prior to committing to an implementation around WSO2 ESB, Suva first engaged WSO2 for a QuickStart consulting program. WSO2 sent three engineers to work onsite at Suva for one week. In just five days, the engineers had designed the architecture and helped Suva to build prototypes of the use cases. Following the onsite engagement, the QuickStart program also included 20 hours of support as Suva continued working with the prototypes and testing them. The technology was quite mature, extensible to fit to our needs, and really looked good, and even before we became customers, we got very good answers from the WSO2 support team. WSO2 had a solution for each of our requirements, and after one week, we got a very good impression of the product and the people, Mr. Berchtold noted. When we started to use the support, it was very quick, very responsive. The support team knew what type of solutions we needed, and we ve been very happy with their work. Having completed the prototypes, Suva started deploying WSO2 ESB in June 2011. By early October 2011, the company had the first five Web services in production handling 200,000 calls per month. In early 2013, Suva had more than 100 services in production managing some 2.2 million calls per month. http://wso2.com 3
Even as we have scaled, WSO2 has proven to be a very stable platform, Mr. Berchtold says. We cannot afford to experience a failure in supporting our customers, and WSO2 meets this demand. Several aspects of the highly configurable, modular and 100% open source WSO2 ESB architecture have helped to facilitate the implementation process. WSO2 ESB is much lighter and quicker than other ESB products, Mr. Berchtold observes. It s very easy to install and set up. It s also open, and a lot of the integrations can simply be configured with WSO2 ESB, which reduces the need for programming. In addition to the technology, WSO2 support also has played an important role in enabling this quick scaling of the deployment. Whenever we have questions about the functionality or when there are bugs or problems, we get a very quick response and the support we need, Mr. Berchtold explains. It s really incredible. No other company in the IT arena that I have worked with is able to catch up with WSO2 in the area of support. WSO2 ESB Provides Central Integration Hub Today, WSO2 ESB is used as a central proxy into which all the platforms call. They know where the implementation of the service is, routing it from one system to another. The service consumer does not have to know what software is running in the background. No other company in the IT arena that I have worked with is able to catch up with WSO2 in the area of support. WSO2 ESB provides a layer of abstraction in the middle, so we can hide some of the complexity and platform-specific things, Mr. Berchtold explains. If things change on one platform, we can tweak the ESB, so the consumer is not affected by that change. Significantly, this centralized approach now provides Suva the visibility to understand what is happening with each of the 100-plus Web services it has implemented, http://wso2.com 4
We can go to the central ESB to look at what types of services are being consumed and how often, Mr. Berchtold notes. We measure the time it takes for a service, and we can see if there is an error, so that we can quickly address any issues. To implement the various integrations, Suva developers use the WSO2 Developer Studio integrated development environment (IDE) in combination with WSO2 ESB and the Apache Maven build manager to create ESB artifacts, such as proxy mediation sequences. These artifacts are packaged as WSO2 Carbon Application archive (CAR) files, which are then deployed to different ESB instances, which are always synchronous so that each instance has the same deployment at each stage. Suva s internally developed Carbonara tool completes the deployment by then taking a CAR file or set of CAR files, and allowing developers to say which stage they want to deploy, what the configuration is, and what kind of services are available at each stage. Carbonara then checks to ensure that all of these details are included in the deployment node. ESB PRO INT CA TES DEV Transport ESB Artifacts with Carbonara Figure 01 http://wso2.com 5
Implementing Security Mediation with WSO2 ESB Because Suva handles highly confidential information about policyholders, the company uses WSO2 ESB to support the different layers of security it has in place. Notably, the WSO2 ESB used for Suva s intranet is complemented by a second WSO2 ESB that connects to other companies and government agencies via the Internet. These third-payty organizations use an entry server that goes into the WSO2 ESB implemented within the demilitarized zone (DMZ), which then connects to the WSO2 ESB on Suva s intranet residing behind the firewall. The separation of our intranet and extranet using the WSO2 ESB servers helps enforce our security and supports scalability, Mr. Berchtold says. It works very well. WSO2 ESB also provides security mediation through the Security Assertion Markup Language (SAML). When a service consumer uses SAML to talk to Suva s back-end system, and it doesn t understand the company s homemade SOA token, WSO2 ESB transforms SAML into a token that enables secure communications to proceed. Other security technologies Suva employs are the open WS-Security protocols and SAML Sender Voucher Assertion for SAP. SAP HTTPS HTTPS HTTPS HTTPS J2EE Web Entry Server LB DMZ ESB ESB.Net DMZZ DMZ XYZ Intranet System Architecture Diagram: Integration of external and internal systems using WSO2 ESB Figure 02 http://wso2.com 6
Enhancing the Customer Experience Responsiveness is an important aspect of the customer service that Suva provides its policyholders and their employers. Today, even as Suva handles some 200 business functions, managed through 65-plus Web service proxies, across a multitude of platforms, WSO2 ESB ensures with its small footprint an excellent average response time roughly half a second. Additionally, Suva customers big companies with their own IT systems want to interact directly with the insurer s systems. Meeting these requests has been straightforward using WSO2 ESB. Our customers connect to WSO2 ESB through Web services, Mr. Berchtold explains. The complexity we have is hidden behind the ESB, which makes it a lot easier for customers to work with us. Flexibility to Meet Future Demands Not only does Suva connect with customers, the company also integrates with laboratories via WSO2 ESB. As the insurer continues to expand its systems, the company expects that the total number of Web service calls will double to roughly 4 million per month by the end of 2013. The fact that all WSO2 middleware products run on the WSO2 Carbon Framework means each product looks like the other and is easily integrated, Suva also is upgrading from WSO2 ESB 4.0.3 to the latest release in order to take advantage of the message queuing and clustering features. Additionally, while the company is only using WSO2 ESB and WSO2 Developer Studio today, the development team is looking at how to take advantage of other products in the WSO2 Carbon enterprise middleware platform. The fact that all WSO2 middleware products run on the WSO2 Carbon Framework means each product looks like the other and is easily integrated, Mr. Berchtold says. This makes the WSO2 Carbon platform very attractive to us as we think about adding new capabilities. Mr. Berchtold adds, The engineers have created such a great product with WSO2 ESB. It is playing a key role in our success and we expect for many years to come. http://wso2.com 7
Webservice Operations/Month 2500000 2000000 1500000 1000000 500000 0 Jan 12F eb 12 Mrz 12 Apr 12M ai 12J un 12 Jul 12A ug12 Sep 12 Okt 12N ov 12 Dez 12 Jan 13 Feb 13 Mrz 13A pr 13 ESB Performance Figure 03 81 Web service proxies 250 Web service operations 450 ms average call time http://wso2.com 8