 |
|
DAILY NEWS AND INFORMATION
FOR THE GLOBAL GRID COMMUNITY / AUGUST 25, 2003; VOL. 2 NO. 34
|
Breaking News -
Networking:
DataPower 2.3 Delivers Enhanced
XML Web Service Security
DataPower Technology Inc, a leading provider of intelligent XML-Aware
Networking (XAN), announced Release version 2.3 of firmware for the DataPower
XS40 XML Security Gateway and the DataPower XA30 XML Accelerator that includes
the first WebSphere MQ series protocol support in a network device, the first
SOAP-based management interface for an XML-aware network device, as well as
enhanced security features for non-repudiation and XML denial of service
(XDoS) protection. In addition, Release 2.3 includes enhanced XML forensics,
message velocity checking, and invalid message capture. DataPower's firmware
Release 2.3 advances the XS40's and XA35's positions as the best of a new
class of network devices that are fully aware of the XML, SOAP and Web
Services messages and efficiently apply intelligent acceleration, security and
management services across the network.
"Web Services and XML applications bring a new set of connectivity risks
and
performance issues into today's enterprise networks," says Eugene Kuznetsov,
chairman and CTO at DataPower Technology Inc. "The advanced, field-tested
features in our Release 2.3 extend DataPower's leadership in providing the
most intelligent XML-Aware Network infrastructure for the elimination of
security risks and significantly reduced the performance 'costs' associated
with XML Web Services by 10X or more."
Further differentiating DataPower's XAN devices from other XML firewalls
and/or appliances, Release 2.3 supports critical enterprise features
including:
- First XML Web Services Management Interface -- programmatically
provisioning, configuration, or monitoring of XAN devices is now easy via
SOAP-based API which conforms to the WS-I Basic Profile 1.0 specification.
This interface makes it possible to dynamically respond to security events,
automate management and integrate with existing management systems. (See
"DataPower Provides First WS-I Compliant SOAP-Based Interface for Managing
XML-Aware Networking Devices," August 12, 2003."
- First integration with WebSphere MQ series extends beyond HTTP to deliver
reliable wirespeed Web Services security and intelligent acceleration for XML
and SOAP messages traveling on top of IBM's MQ protocol. Among other benefits,
this enables customers the ability to deploy a unified XML security solution
across stable back-end systems and external Web Services. The integration is
available immediately as part of Release 2.3.
- "XML Forensics" Control & Enhanced Non-repudiation -- all transactions can
be logged and all logs are digitally signed and optionally encrypted. The
messages themselves can be protected by XML digital signature, secure
timestamps and XML encryption. This ensures a legally binding audit trail that
can be used as evidence in prosecuting attackers or for business disputes
arising from electronic transactions.
- Message Velocity Checking & Monitoring -- the velocity of messages from
individual sources can be automatically controlled and limited to help ensure
appropriate levels of service and to protect against XML denial of service
(XDoS) attacks. Based on source location, destination, "time to process" or
other defined parameter, a stream of XML/SOAP/Web Service messages can be
monitored to detect changes in service or abnormalities at which point message
rates can then be limited or halted for advanced application server
protection.
- Invalid Message Capture -- XML/SOAP messages that are not valid or well
formed are captured, logged, and alerted to assigned personnel. Like the
serious PC virus control problems seen today as exemplified by the recent
Blaster Worm, malicious Web Service and XML RPC exploits will similarly
increase along with accidental increases in invalid SOAP messages on the
network. Advancing DataPower's strong security features for schema validation
and message reporting, Invalid Message Capture enables the entire invalid
messages to be captured and stored for manual intervention and analysis.
DataPower's XML-Aware Networking Products
- XS40 Security Gateway: Powered XG3, the fastest XML processing
technology in the world, the XS40 is a diskless networking device built to
provide complete XML Web Services security with the wirespeed performance
necessary for robust applications. The XS40 is designed with broadest message-
level security intelligence and functionality including XML/SOAP firewall,
routing, filtering, XDoS protection, access control, schema validation,
digital signatures, and encryption of field-level XML content for all XML Web
Service message flows. Supported standards include WS-Security, SAML, XACML,
XKMS, LDAP, SSL and RADIUS, serving as the foundation for advanced benefits
such as service virtualization and centralized policy management.
- XA35 XML Accelerator: Using the same award-winning XG3 technology, the
XA35
is a diskless networking device designed to offload burdensome XML processing
from resource-constrained servers. Important XML offload features include
high-speed XSLT acceleration, XML compression, XML parsing and XML Schema
validation. The purpose-built XML Accelerator delivers order-of-magnitude
performance and scalability improvements to XML-based applications. Based on
standards and seamlessly integrates into existing networks within hours
without the need to augment existing application code.
|