One of the key requirements in development of cloud based applications is to be able to leverage existing on-premise assets by exposing them as web services. However, since most of the organizations are firewall protected, the on-premise web services are typically not accessible to external clients running outside the organization’s firewall, unless these web services are explicitly hosted in DMZ. More often than not, hosting services in the DMZ is a cumbersome process. Azure AppFabric Service Bus provides the capability to extend the reach of on-premise web services to external clients (without having to host them in the DMZ) in a secure way. This blog describes how BizTalk Server 2010 and Azure AppFabric can come together to help enterprises build hybrid cloud based applications.
- Feature Overview
The new ‘BizTalk Server 2010 AppFabric Connect for Services’ feature brings together the capabilities of BizTalk Server and Windows Azure AppFabric thereby enabling enterprises to extend the reach of their on-premise Line of Business (LOB) systems and BizTalk applications to cloud. This is a new BizTalk Server 2010 feature and can be downloaded from http://www.microsoft.com/downloads/en/details.aspx?FamilyID=f7735a19-cdb3-4f52-8e7b-c58f04c5c86a
- Business scenario
With the advent of cloud platforms and people building cloud based applications, it is still true that a lot of data for these applications resides in on-premise LOB systems. More often than not, these applications would also want to leverage existing on-premise applications. To build such hybrid applications with components residing on-premise as well as on cloud, a secure mechanism to connect an enterprise’s on-premise assets with those on cloud is the need of the hour. While this is true for any applications, it is even more true for integration applications. The following fictional scenario illustrates this better:
Woodgrove bank wants to build an online banking portal where its customers can view their bank or stock related information, and trade their stocks. The data needed for this portal resides in on-premise LOB systems. The stock trading functionality is implemented using a BizTalk Server Orchestration. The bank has also designed an ASP.Net based web portal and hosted it in Windows Azure. To enable communication between the cloud based web portal and the on-premise assets, the bank exposes the on- premise LOB data and the BizTalk solution as WCF services with endpoints in Azure AppFabric Service Bus.
Security considerations when exposing on-premise assets on cloud:
Security is an important requirement when exposing on-premise assets on cloud. Azure AppFabric Service Bus endpoints can be secured using Azure AppFabric ACS. A more detailed description of how to secure Service Bus endpoints is here. On top of this, the regular WCF security features such as transport level and message level security can be used to secure end-to-end communication between the client and the service.
How to use this feature:
This section provides a quick walkthrough of how to expose your on-premise BizTalk Orchestrations and LOB data as a WCF Service on cloud. A more detailed tutorial can be accessed from here.
As you saw from the above scenario, AppFabric Connect feature provides tooling enhancements, which help you connect your on-premise artifacts with those on the Cloud using the AppFabric Service Bus. This will help in accelerating and building your applications on Windows Azure platform. This feature is available for download from download center (http://go.microsoft.com/fwlink/?LinkID=204701) for BizTalk Server 2010 customers. For any feedback or queries, leave a post on this blog or mail at: firstname.lastname@example.org.
Program Manager, BizTalk Server Team