Attacks against Web-services applications are expected to increase, analysts warn, and network security managers may not be prepared.
Application firewall hardware maker NetContinuum Inc. is expanding its firewall to protect against attacks targeting Web services-based applications.
Most security experts agree that continued deployment of Web services will lead to attacks against those systems. "It's common for security professionals to continue to focus on fighting their most previous battles, but it's important to prepare for the next front line," says Pete Lindstrom, research director with Spire Security.
According to market research firm Yankee Group, 30% of companies are using Web-services security technology and an additional 30% are evaluating Web-services security products. Web services are one of the top three priorities in companies with more than 500 employees, Yankee Group says.
To fight Web services-based attacks, NetContinuum will release its Application Security Gateway Web Services Edition to "early access" customers in December. The new NetContinuum WSE gateway, which builds on NetContinuum's NC 1000 Application Security Gateway, will include Forum System Inc.'s XWall Web-services firewall.
The XWall protects against threats to Web services such as potential security weaknesses placed in applications by Web-services developers, attacks that tamper with Web-services transaction data, as well as transactions that could contain potentially malicious payloads, and denial-of-service attacks.
NetContinuum competes against Web application firewall vendors such as Kavado, Sanctum, and Teros. Forum Systems competes against other Web-services security providers, including DataPower Technology and WestBridge Technology.
NetContinuum isn't the first Web application firewall vendor to make the leap into Web-services security. Earlier this year, Teros incorporated Web-services security capabilities into its Secure Application Gateway.
Wes Wasson, VP of marketing and chief strategy officer for NetContinuum, says security professionals accustomed to protecting their systems with traditional network and application firewalls will feel at ease with the new Web-services capability. "The administrative interface will be familiar to them," says Wasson. "They won't have to learn all of the details of XML."
NetContinuum's NC-1000 WSE will be priced at $39,000. Existing NC-1000 customers can upgrade to WSE for $10,000.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.