[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [announce]DATAPOWER TECHNOLOGY DELIVERS WORLD'S FASTEST XML WEB SERVICES SECURITY GATEWAY
DATAPOWER TECHNOLOGY DELIVERS WORLD’S FASTEST XML WEB SERVICES SECURITY GATEWAY Second Entry in XML-Aware Networking Product Line, the XS40 XML Security Gateway Solves Real-World XML Web Services Problems Today with Comprehensive Security and Unmatched Agility CAMBRIDGE, Mass.—January, 13, 2003 – DataPower Technology, Inc., the leading provider of intelligent XML-aware network infrastructure, today followed up on the success of its DataPower XA35 XML Accelerator™ and announced the immediate availability of the DataPower XS40 XML Security Gateway™, a first-of-its-kind network device purpose-built to secure XML-based applications at wirespeed across the entire enterprise with ease. The XS40 is the only device to combine wirespeed performance, comprehensive security and future-proof agility to allow enterprises to overcome the largest barrier to adopting XML Web Services both internally and externally. While there is tremendous business value in XML Web services, Gartner reports that security continues to be the largest obstacle to getting them into production. Enterprises require a new pragmatic approach to XML Web services security, one that simultaneously recognizes the emergence of new standards, the value of existing infrastructure investments, the organizational challenges and the performance impact of XML security. Because corporations are struggling to deal with resource constraints, diverging business goals and the requirement to assimilate new technology, the XS40 is an easy-to-install and maintain network appliance that satisfies both application and network groups and supports current and pending security standards out-of-the-box. Some of the recently announced XML Web Services security specifications include WS-Security, SAML, and XML Encryption. All XML Web services security functions, such as schema validation, XML/SOAP encryption, XML Signature, and others, require extensive XML processing. This has been forcing businesses to choose between performance and protection, because fully securing XML requires processing power not available until now. With XG3 – DataPower’s patent-pending, third-generation XML processing technology – the XS40 is the only available solution able to parse, validate schema, decrypt, verify signatures, transform, sign and encrypt XML message flows with the wirespeed performance necessary for real-world applications. “Server-to-server connectivity erodes the traditional enterprise perimeter and brings with it both new threats and new opportunities,” says Eugene Kuznetsov, founder, president & CTO of DataPower Technology, Inc., ”DataPower’s innovative XS40 product comes both from our original vision of a horizontal XML-aware network infrastructure and from our customers’ need for a practical solution. A single XS40 securely enables multiple applications without changing their code, and easily reconfigures to support future versions of XML security standards, to protect against yet-unknown threats or to enforce new corporate policies. And our announcement today of the first discloseable XS40 customer demonstrates the great success of our approach in real-world deployments.” (See “DataPower and RouteOne Pave the Way for Secure Web Services…”, January 13, 2003) The XS40 Security Gateway delivers a comprehensive set of security functions that are easy to implement across enterprise applications and seamlessly integrate with existing security systems. With a choice of familiar interfaces, the XS40 enables a full range of security policies to be implemented as needed, without requiring application code changes or XML-trained network managers. The XS40 is the only device to integrate XML/SOAP filtering, encryption, digital signatures, and data validation at the message level or at the XML field level. With a straightforward GUI for rapid, secure deployment and an advanced standards-based interface for sophisticated policy definition, the XS40 satisfies the needs of both IT operations and business applications. The XS40 XML Security Gateway is a complete product built from the ground up with full XML security in mind. To further ensure that the XS40 is ready for real-world deployments, DataPower brought in @stake, Inc., the leading digital security consulting firm, to assess the functionality of the XS40 XML Security Gateway and to conduct vulnerability testing. “With the XS40, DataPower addresses critical requirements for providing XML Web Services security,” said Christopher Darby, Chairman and Chief Executive Officer of @stake. "Web services have the potential to touch every area of the enterprise infrastructure and enterprises should begin strategic planning, including security, in this area," said Ray Wagner, Research Director at Gartner. "Securing both web services and the web services enabled enterprise will require tools such as web services security gateways, SSL concentrators and accelerators, and wire-speed SOAP/XML inspection hardware." Because robust XML-layer security requires a strong foundation of transport-layer security, DataPower leverages Broadcom's high-performance security processing technology in their industry leading XS40. Through its CryptoNetXÔ security accelerators, BroadcomÒ delivers one of the highest performing, integrated SSL products on the market. “The integration of Broadcom’s leading-edge security technology within network devices like the XS40 XML Security Gateway enables full transport layer and XML-layer security without any performance compromise,” said Ford Tamer, vice president and general manager of Broadcom's Switch and Security Business Unit. “When our field-proven transport layer security is teamed with DataPower's XG3 XML processing engine, enterprises will embrace XML Web Services with the assurance that their transactions are executed quickly and securely.” XS40 Features and Benefits • XML/SOAP Firewall - The XS40 filters traffic at production speed, with criteria based on information from layers 2 through 7 of the protocol stack; from SOAP envelope, payload size or field-level message content to IP address, hostname and port. Filters can be predefined and automatically uploaded to change security policies based on time of day or other triggers. • Field Level XML Security – The XS40 performs encryption/decryption and signing/verification of entire messages or of individual XML fields. Conditional security policies are based on a range of data including content, IP address, hostname or other user-defined environment variables. • Data Validation – With its unique ability to perform XML Schema validation as well as message validation at wirespeed, the XS40 ensures that incoming XML documents are legitimate and outgoing documents are properly structured to protect against threats such as XML Denial of Service (XDoS) attacks, buffer overflows, or crashes from deliberately or inadvertently malformed XML documents. • XML Web Services Access Control – The XS40 supports a variety of access control mechanisms, from XACML (eXtensible Access Control Markup Language) to RADIUS to simple client/URL maps. The XS40 can control access rights by rejecting unsigned messages and verifying signatures within SAML assertions. • SSL Acceleration - The XS40 scales transport layer security by accelerating SSL transactions in hardware. The XS40 can be configured with multiple SSL identities functioning as client or server, with SSL policies based on message content or metadata such as port number, HTTP header, etc. • Service Virtualization – The XS40 enables companies to link users to application resources without leaking information about their location or configuration. With the combined power of URL rewriting, high-performance XSL transforms and XML/SOAP routing, the XS40 can transparently map a rich set of services to protected back-end resources with the appropriate Quality of Service (QoS). • Centralized Policy Management – While a straightforward web-based GUI for simple rule creation allows the XS40 to be deployed securely in minutes, the XS40 uses the power of XSLT to create rules as simple or complex as required. Rules may be used to define common policies for firewalls, routing, access control, data transformation, and transport layer security across an array of applications and application servers without sacrificing performance. Manageable locally or remotely, the XS40 supports SNMP, script-based configuration and remote logging to integrate smoothly with your chosen management software. Availability Powered by mature XG3 technology, the DataPower XS40 XML Security Gateway is shipping in volume to customers today. About DataPower Technology DataPower Technology provides enterprises with intelligent XML-Aware network infrastructure to ensure unparalleled performance, security and manageability of next-generation applications and XML Web Services. DataPower’s patent-pending XML Generation Three (XG3™) technology powers the industry’s first wire-speed XML-aware networking devices that provide immediate return on technology investments while streamlining application deployments. Founded in 1999, DataPower is privately held and based in Cambridge, MA. Investors include Seed Capital Partners, Venrock Associates and Mobius Venture Capital. For more information about DataPower Technology, please contact 617-864-0455 or visit www.datapower.com. ### For more information please contact: Kevin Anderson DataPower Technology, Inc. 617-864-0455 x360 kevina@datapower.com BroadcomÒ ((Nasdaq: BRCM) and CryptoNetXÔ are trademarks of Broadcom Corporation and/or affiliates in the United States and certain other countries.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC