DataPower Release 2.3 Delivers Enhanced XML Web Service Security, Manageability and Integration.Business Editors/High-Tech Writers CAMBRIDGE, Mass.--(BUSINESS WIRE)--Aug. 19, 2003 Wirespeed XML-Aware Networking Devices Deliver More XML XML in full Extensible Markup Language. Markup language developed to be a simplified and more structural version of SGML. It incorporates features of HTML (e.g., hypertext linking), but is designed to overcome some of HTML's limitations. Intelligence, Enhancing Key Customer Requirements Including WebSphere MQ Series Support, Non-Repudiation and XML Denial of Service A condition in which a system can no longer respond to normal requests. See denial of service attack. Protection DataPower Technology, Inc., the leading provider of intelligent XML-Aware Networking (XAN XAN Xanthine XAN Any Access Network XAN Xml Aware Network XAN Extreme Area Network XAN Extended Area Network ), announced Release version 2.3 of firmware for the DataPower XS40 XML Security Gateway(TM) and the DataPower XA30 XML Accelerator(TM) that includes the first WebSphere MQ series protocol support in a network device, the first SOAP-based management interface for an XML-aware network device, as well as enhanced security features for non-repudiation and XML denial of service (XDoS) protection. In addition, Release 2.3 includes enhanced XML forensics See computer forensics. , message velocity checking, and invalid message capture. DataPower's firmware Release 2.3 advances the XS40's and XA35's positions as the best of a new class of network devices that are fully aware of the XML, SOAP and Web Services messages and efficiently apply intelligent acceleration, security and management services across the network. "Web Services and XML applications bring a new set of connectivity risks and performance issues into today's enterprise networks," says Eugene Kuznetsov, chairman and CTO (Chief Technical Officer) The executive responsible for the technical direction of an organization. See CIO and salary survey. at DataPower Technology, Inc. "The advanced, field-tested features in our Release 2.3 extend DataPower's leadership in providing the most intelligent XML-Aware Network infrastructure for the elimination of security risks and significantly reduced the performance 'costs' associated with XML Web Services by 10X or more." Further differentiating DataPower's XAN devices from other XML firewalls and/or appliances, Release 2.3 supports critical enterprise features including: First XML Web Services Management Interface - programmatically provisioning, configuration, or monitoring of XAN devices is now easy via SOAP-based API which conforms to the WS-I Basic Profile The WS-I Basic Profile (official abbreviation is BP), a specification from the Web Services Interoperability industry consortium (WS-I), provides interoperability guidance for core Web Services specifications such as SOAP, WSDL, and UDDI. 1.0 specification. This interface makes it possible to dynamically respond to security events, automate management and integrate with existing management systems. (See "DataPower Provides First WS-I (Web Services Interoperability Organization, www.ws-i.org) A consortium founded by Microsoft, IBM, BEA Systems and Intel that is dedicated to the development of Web services. Its goals are to provide guidance and education, to promote interoperability and to ensure that Web services Compliant SOAP-Based Interface for Managing XML-Aware Networking Devices," August 12, 2003." First integration with WebSphere MQ series extends beyond HTTP HTTP in full HyperText Transfer Protocol Standard application-level protocol used for exchanging files on the World Wide Web. HTTP runs on top of the TCP/IP protocol. to deliver reliable wirespeed Web Services security and intelligent acceleration for XML and SOAP messages traveling on top of IBM's MQ protocol. Among other benefits, this enables customers the ability to deploy a unified XML security solution across stable back-end systems and external Web Services. The integration is available immediately as part of Release 2.3. "XML Forensics" Control & Enhanced Non-repudiation- all transactions can be logged and all logs are digitally signed and optionally encrypted. The messages themselves can be protected by XML digital signature, secure timestamps and XML encryption. This ensures a legally binding audit trail that can be used as evidence in prosecuting attackers or for business disputes arising from electronic transactions. Message Velocity Checking & Monitoring- the velocity of messages from individual sources can be automatically controlled and limited to help ensure appropriate levels of service and to protect against XML denial of service (XDoS) attacks. Based on source location, destination, "time to process" or other defined parameter, a stream of XML/SOAP/Web Service messages can be monitored to detect changes in service or abnormalities at which point message rates can then be limited or halted for advanced application server protection. Invalid Message Capture - XML/SOAP messages that are not valid or well formed are captured, logged, and alerted to assigned personnel. Like the serious PC virus control problems seen today as exemplified by the recent Blaster Worm, malicious Web Service and XML RPC (Remote Procedure Call) A programming interface that allows one program to use the services of another program in a remote machine. The calling program sends a message and data to the remote program, which is executed, and results are passed back to the calling exploits will similarly increase along with accidental increases in invalid SOAP messages on the network. Advancing DataPower's strong security features for schema validation and message reporting, Invalid Message Capture enables the entire invalid messages to be captured and stored for manual intervention and analysis. DataPower's XML-Aware Networking Products -- XS40 Security Gateway: Powered XG3(TM), the fastest XML processing technology in the world, the XS40 is a diskless networking device built to provide complete XML Web Services security with the wirespeed performance necessary for robust applications. The XS40 is designed with broadest message-level security intelligence and functionality including XML/SOAP firewall, routing, filtering, XDoS protection, access control, schema validation, digital signatures, and encryption of field-level XML content for all XML Web Service message flows. Supported standards include WS-Security, SAML (Security Assertion Markup Language) An XML-based format from OASIS for exchanging security information for single sign-on. The "assertions" are statements from a SAML authority that authenticate a user, confirm some attribute about the individual and grant or , XACML (EXtensible Access Control Markup Language) An OASIS standard for managing access control policy. Released in 2003 and based on XML, the Sun-developed XACML was designed to become a universal standard for describing who has access to which resources. , XKMS XKMS XML Key Management Specification (W3C) , LDAP (Lightweight Directory Access Protocol) A protocol used to access a directory listing. LDAP support is implemented in Web browsers and e-mail programs, which can query an LDAP-compliant directory. , SSL (Secure Sockets Layer) The leading security protocol on the Internet. Developed by Netscape, SSL is widely used to do two things: to validate the identity of a Web site and to create an encrypted connection for sending credit card and other personal data. and RADIUS, serving as the foundation for advanced benefits such as service virtualization An umbrella term for enhancing a computer's ability to do work. Following are the ways virtualization is used. Hardware Virtualization Partitioning the computer's memory into separate and isolated "virtual machines" simulates multiple machines within one physical computer. and centralized policy management. -- XA35 XML Accelerator: Using the same award-winning XG3 technology, the XA35 is a diskless networking device designed to offload burdensome XML processing from resource-constrained servers. Important XML offload features include high-speed XSLT (eXtensible Stylesheet Language Transformation) Software that converts an XML document into another format such as HTML, PDF or text. It may also be used to convert one XML document to another XML document with a different set of XML tags (different schema). acceleration, XML compression, XML parsing and XML Schema validation. The purpose-built XML Accelerator delivers order-of-magnitude performance and scalability improvements to XML-based applications. Based on standards and seamlessly integrates into existing networks within hours without the need to augment existing application code. About DataPower Technology DataPower Technology provides enterprises with intelligent XML-Aware network infrastructure to ensure unparalleled performance, security and manageability of next-generation applications and XML Web Services. DataPower's patent-pending XML Generation Three (XG3(TM)) technology powers the industry's first wire-speed XML-aware networking devices that provide immediate return on technology investments while streamlining application deployments. Founded in 1999, DataPower is privately held and based in Cambridge, MA. Investors include Seed Capital Partners, Venrock Associates and Mobius Venture Capital. For more information about DataPower Technology, please contact 617-864-0455 or visit www.datapower.com. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion