Attacks against Web-services applications are expected to increase, analysts warn, and network security managers may not be prepared.
Application firewall hardware maker NetContinuum Inc. is expanding its firewall to protect against attacks targeting Web services-based applications.
Most security experts agree that continued deployment of Web services will lead to attacks against those systems. "It's common for security professionals to continue to focus on fighting their most previous battles, but it's important to prepare for the next front line," says Pete Lindstrom, research director with Spire Security.
According to market research firm Yankee Group, 30% of companies are using Web-services security technology and an additional 30% are evaluating Web-services security products. Web services are one of the top three priorities in companies with more than 500 employees, Yankee Group says.
To fight Web services-based attacks, NetContinuum will release its Application Security Gateway Web Services Edition to "early access" customers in December. The new NetContinuum WSE gateway, which builds on NetContinuum's NC 1000 Application Security Gateway, will include Forum System Inc.'s XWall Web-services firewall.
The XWall protects against threats to Web services such as potential security weaknesses placed in applications by Web-services developers, attacks that tamper with Web-services transaction data, as well as transactions that could contain potentially malicious payloads, and denial-of-service attacks.
NetContinuum competes against Web application firewall vendors such as Kavado, Sanctum, and Teros. Forum Systems competes against other Web-services security providers, including DataPower Technology and WestBridge Technology.
NetContinuum isn't the first Web application firewall vendor to make the leap into Web-services security. Earlier this year, Teros incorporated Web-services security capabilities into its Secure Application Gateway.
Wes Wasson, VP of marketing and chief strategy officer for NetContinuum, says security professionals accustomed to protecting their systems with traditional network and application firewalls will feel at ease with the new Web-services capability. "The administrative interface will be familiar to them," says Wasson. "They won't have to learn all of the details of XML."
NetContinuum's NC-1000 WSE will be priced at $39,000. Existing NC-1000 customers can upgrade to WSE for $10,000.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.