Dev Pulse

Sounding the pulse of the developer and development manager

January, 2011

  • Dev Pulse

    Getting to know Windows Azure AppFabric



    As you know, the Windows Azure platform has many moving parts – one of which is AppFabric. In a nutshell, AppFabric is a middleware platform for developing, deploying, and managing applications on the Windows Azure platform. It breaks down into these key areas:

    • Middleware Services: Access Control, Service Bus, Caching, and soon to be Integration, and Composite Application
    • Composite Application Environment (planned for future releases): Composition Model, Visual Design Tools managed as a Service
    • Scale-Out Application Infrastructure (planned for future releases): Composition Runtime, Sandboxing and Multi-tenancy, State Management, Scale-Out and High Availability, Dynamic Address Resolution and Routing

    Itai Raz, Product Manager for Windows Azure AppFabric, just started a new blog post series that will explore key concepts and principles of Windows Azure AppFabric.  Before going into all of the technical details, Part 1 of the series (What is Windows Azure AppFabric trying to solve?) gives a great introduction and describes the challenges that Windows Azure AppFabric is meant to address. I love that he explains what AppFabric is trying to achieve - I believe that knowing why something was created before getting into its nitty-gritty ensures that it’s used in the way that it was intended to be used. Follow the series to learn more about the capabilities of AppFabric and how each of them will help address the challenges Itai talks about in Part 1.

    You should also visit the Windows Azure App Fabric Developer Center on MSDN to help you get started learning Windows Azure AppFabric.  If you scroll towards the bottom of the page, you’ll find “How Do I?” videos and a couple of AppFabric samples you can download to get you going.

    Here are a few additional places where you can learn about Windows Azure AppFabric:

    On February 7, 2011, tune in to watch Windows Azure Boot Camp: Connecting with AppFabric, a 200 level webcast that will look at how to secure a REST Service, what you can do to connect services together, and how to work with firewalls and NATs.

    And if the above wasn’t enough, you can also check out the Windows Azure AppFabric Team’s Blog and follow them on Twitter and Facebook.

    This post also appears on Canadian Developer Connection

  • Dev Pulse

    Is security and privacy in the Cloud just a little cloudy?


    When you consider developing new applications for the Cloud - or consider migrating existing apps to the Cloud - you’re probably starting to think about the security of your application's data. There are many “myths” around this particular topic and many skeptics that use them as a safety blanket to stay away from putting applications in the Cloud.

    IT In Canada’s Mary Allen just posted a great interview with John WeigeIt, Microsoft Canada’s cloud policy expert and national technology officer, entitled Patriots and PIPEDA – locating security and privacy in the cloud. In this article, they discuss the various aspects of data security and privacy that are people’s minds. I highly recommend reading the article even though there’s no code; take some notes so that you’re armed and ready with information when someone asks you what you think about security and privacy in the Cloud. Here are some key points to take away from the interview:

    • The location of the data is not what’s important. it is where control of that data resides that is important. (Page 5)
    • The focus of the security and privacy discussions should be around safeguarding your information and what you’re doing to secure it regardless of where it is hosted. As WeigeIt says: What you need to consider is the security of that environment. There are local tools that you can use, such as encryption, but you should consider what information you have, which tools should be applied, and based on the sensitivity of the data, whether or not this should be hosted outside the organization. (Page 8)
    • Cloud solutions are not black and white. Cloud solutions are not "all in" or "not in at all" (I have heard this one from some architects and IT professionals). Your applications can be a mix of Cloud and on-premise. WeigeIt believes that “you can divide up your particular services and use cloud in an innovative way that allows you take advantage of cloud scalability while protecting privacy.”  (Page 8)
    • The “Cloud” is not necessarily a public cloud. The same principles that make up the public cloud can be applied to create a private cloud: The last piece is that people can bring cloud philosophies into their own data centres. And by making their own operations more efficient, they can have better control, better line-of-sight visibility into their data and their own operations. They can harness some of those efficiencies that we are able to scale out on the cloud side – and we can provide guidance on how to do that as well. (Page 12)
    • For those who are concerned with who controls the data and who has access to it – even though it’s in the Cloud, it’s still your data and it’s kept safe: You do maintain tight control over your data, we are able to provide you with information about your data, and access to it is automatically audited by third party systems, so there is tight control over the data that you ask us to safeguard on your behalf. The SLAs that small businesses enter into with us would describe specifically what their permissions and their controls are. (Page 9)
    • Some feel that if data is local, it’s safer. Applications and data are specifically put online to remove geographic boundaries, so if the data is accessible from an online application, is the data still local? WeigeIt puts it nicely: Another misperception in this view of cloud risks is the notion that if I have my machine, my computer server local in my environment, then it is safer than if I have it remotely in the closet (or elsewhere). If you have your server connect to the Internet, then it is local to whoever is trying to use it. (Page 11)

    To summarize, in order to make the right decision whether “To Cloud or Not To Cloud?”, it’s important to go past the myth and preconceptions and dig deeper to discover what is relevant to your specific application.  You will then be in a position to make a fact-based decision.

    Stay tuned for more myth busting interviews, information, and resources that will help your “To Cloud or Not To Cloud?” discussions and decisions.

  • Dev Pulse

    Microsoft “Positive” in Gartner’s ALM MarketScope


    The long anticipated Gartner Application Lifecycle Management (ALM) MarketScope report has been published.  Gartner rated Microsoft as “Positive”, the second highest rating in the MarketScope report, citing “substantially improving” administration and “filling in the gaps” around testing, lab management, and modeling with release of Visual Studio 2010.

    Here is excerpt from the report by Jim Duggan and Thomas E. Murphy specifically around Visual Studio and ALM:

    Visual Studio 2010 gives Microsoft's ALM offering a new, more-cohesive look, and addresses pricing and administration obstacles that have limited the use and adoption of the ALM offering. Microsoft's strategy is to build from the significant base in the construction IDE core (Visual Studio); from the broad enterprise use of Office and SharePoint for requirements, tasks and workflow; and with its aggressive pricing model. It continues to enhance workflow and metadata handling, as well as expand the tools from which you can use the ALM features.
    With Visual Studio 2010, Microsoft reduced the prices of both the VS client and the Team Foundation Server (TFS) component. Microsoft also incorporated interfaces to leverage its project and PPM offerings, as well as its agile methodology positions, to build awareness and commitments in larger clients. Although gaps remain in some management and execution tool areas, the technical approach is well-suited to support multiple instances of tools from multiple vendors. Because Visual Studio has such broad industry support, many of the gaps are "filled," and clients have the ability to exploit existing investments in products like HP Quality Center. Microsoft's recent contributions to filling in the gaps include testing, lab management and modeling in the Visual Studio 2010 release.

    Visual Studio Team System (VSTS) and TFS had demonstrated scalability, but install setup was complicated and there had been administrative challenges for organizations with large numbers of projects. Substantial improvements to administrative facilities have been delivered in Visual Studio 2010. Another area of improvement is the ability to customize workflows, adding flexibility in supporting both agile and more-formal development processes, as well as enabling support from third parties. Additionally, there are more reporting and analytic capabilities. Microsoft's offering is well-architected for provisioning as a service, and for support of agile and other emerging styles of application delivery. Microsoft's commitment to the development tools market, and its depth of resources, should result in continued broadening of the solution.
    Microsoft improved support for Eclipse and for other non-Microsoft environments with Visual Studio Team Explorer Everywhere 2010. This permits users to store artifacts in TFS. Cross-platform support in other parts of the solution are limited, so a separate Java tool stack is likely needed.

    Another plus for Microsoft is the strength of its Microsoft Developer Network (MSDN) franchise. Relatively low cost and ease of acquisition make MSDN a realistic channel to sell ALM into many accounts.

    Microsoft has a strong reach in the market, and moderate pricing for a large, stable provider. It has a proven, scalable architecture. A large community of supporting vendors helps fill gaps in the tool portfolio.

    Rating: Positive

    To top the great news about the rating, Gartner announced that it will graduate the ALM MarketScope report to Magic Quadrant status effective immediately.

    More information on Visual Studio, Team Foundation Server, and ALM:

  • Dev Pulse

    Essential Resources for Application Lifecycle Management



    Case Studies



Page 1 of 1 (4 items)