 |
|
DAILY NEWS AND INFORMATION
FOR THE GLOBAL GRID COMMUNITY / OCTOBER 6, 2003: VOL. 2 NO. 40
|
Breaking News -
Platforms:
Layer 7 Enforces Policy With
Securespan Bundle
By Rachel Chalmers For the451.com
Layer 7 Technologies has released SecureSpan, a bundle of hardware and
software that handles routine XML processing chores while also negotiating and
enforcing security and integration policies. With SecureSpan, Layer 7 hopes to
simplify Web service policy implementation so as to enable what it calls
"just-in-time" integration.
Impact Assessment
The Message
By centralizing Web services policy enforcement, this Canadian startup
intends
to outdo its rivals in XML hardware processing.
Competitive Landscape
On the hardware side, Layer 7 overlaps with Cast Iron Systems, Conformative
Systems, DataPower, Forum Systems, Reactivity, Sarvega, Tarari and WestBridge.
It also duplicates certain policy enforcement features of Web services
management systems from the likes of AmberPoint and Confluent.
The451 Assessment
Layer 7's ambitions may be grand, but they are also well reasoned. The
executive team has respectable credentials and the competitors, though
numerous, are not impossibly far ahead.
Context
Layer 7 Technologies was founded in May 2002 and is based in Vancouver,
Canada. In March 2003, the company raised $3 million from two large Canadian
funds. Layer 7 now employs 20 people, and is ready to pull the wraps off its
flagship product, SecureSpan. CEO Lonny McLean is a veteran of CRM vendor Onyx
Software, while CRO Toufic Boubez was chief Web services architect for IBM and
is coauthor of a book on building Web services in Java.
The basic idea behind Layer 7 is to provide Web services for what the
company
calls just-in-time integration. This means automatically enforcing policy for
everything that is variable. Executives explain that the promise of Web
services –- loosely coupled software components that can be reused and ported
across platforms –- faces the reality of brittle interconnections with
security and usage policies laboriously hard-coded at each end-point.
SecureSpan offers to coordinate integration policy between shared services and
client applications.
Strategy
With its emphasis on Web services and its hardware product, Layer 7 fits
into
an emerging group of companies that are offering specialized devices to handle
XML. Programmers originally adopted XML as the flexible and open file format
of choice for thin-client, n-tier Web applications. The increasing popularity
of Web services as a way to distribute application logic (as well as just
data) has given XML use a further spur. One nice thing about XML is that it's
human-readable, more or less. The nasty thing about it is that this very
quality makes it heavyweight and thus fairly costly to process.
Advocates for XML hardware argue that transformation, acceleration,
security,
routing and content filtering are much more appropriately handled on a cheap,
dedicated machine than on the expensive Web application server. Some estimates
say that handing off these chores could free up as much as half of the
back-end server infrastructure for handling end-user transactions instead.
This argument isn't completely new: the same case was made for routers, SSL
accelerators, load balancers, proxy caches and content delivery networks.
Products
SecureSpan Gateway is a rack-mountable network appliance designed to live
between the application server and the demilitarized zone. It enforces
policies for security and integration. SecureSpan Agent talks to the
client-side application and negotiates policy-compliant security, routing and
transaction preferences with the gateway. Right now these negotiations are
static; dynamic negotiation is on the drawing board.
Finally, SecureSpan Manager is the GUI-based console that allows staff to
define, monitor and audit security and integration policies. It's designed to
take policy control away from the server and application business logic. The
overall goal -- and it is a worthy one –- is to turn Web services policy
administration from a hard programming challenge to an easy administrative
task.
Competition
There are quite a few vendors at work mining this opportunity -- most
notably
DataPower, Forum Systems, Reactivity, Sarvega and WestBridge, although Cast
Iron Systems, Conformative Systems and Tarari would also like a piece of the
market. These players are a little ahead of where Layer 7 is now, but not so
far ahead that the Canadian company would find it impossible to catch up. Most
have about $10 million in funding, 40 or so employees and three or four
reference accounts.
What these vendors don't have that Layer 7 claims to provide is the
emphasis
on client-side policy enforcement. Layer 7 executives call rivals XML
firewalls, which is something of a pejorative nickname since the rivals do
much more. Layer 7's point, though, is that these machines inspect incoming
SOAP messages, whereas the Layer 7 product, SecureSpan, asks where the SOAP
requests are coming from, then coordinates with the originator on what kind of
security should be implemented between the two end points.
Courtest http://www.the451.com
|