Blue Titan Partner Ties Web-Services Management To Security
Integrating an XML firewall from DataPower Technology increases security for the services built on its Network Director framework.
Blue Titan Software Inc. has integrated its Web-services software with an XML firewall to supply more security for the services built on its Network Director framework. The firewall is built into hardware instead of software to avoid adding any performance overhead.
Network Director can be used to set up a services-oriented architecture, where an application is available to be called by many different users over a network. Such calls and responses, when made over the Web, are accomplished via XML messaging. Network Director can route the messages, balance the loads, and line up needed resources, but it needed an addition to make sure the XML messages were safe and didn't contain hidden mischief, such as triggering an out-of-bounds inquiry at the destination computer.
By integrating Network Director's operation with DataPower Technology Inc.'s XS40 XML Security Gateway, Blue Titan can insure that the messages will be parsed in transit by the XML firewall and their contents as well as their headers inspected, says Sam Boonin, Blue Titan's VP of marketing.
DataPower's firewall "gets down into the XML message itself," says Kevin Anderson, senior marketing manager at DataPower, and can check the contents against the rules and policies that determine what the message should be permitted to do. If the message is headed for a human-resources department application, the firewall can make sure it's not going to try to launch an unauthorized SQL query against a database once it gets there.
"Obviously there's some long-term work these two products can do together, " says Tom Rhinelander, an analyst with the New Rowley Group. But the pairing requires a customer to want the firewall to be contained in a dedicated device. The XS40 XML Security Gateway in effect is a rack-mounted server requiring one slot of space in a data-center rack. Organizations that are used to configuring a general-purpose firewall in software might not warm up to a Web-services approach that requires one in a dedicated box, he notes.
Network Director has been enhanced to include management of the box as part of its framework for building networked services, Boonin says.
This approach, in fact, has already been implemented by other companies. Westbridge Technology is a Web-services management firm that approaches management issues from the security perspective. It offers a rack-mountable XML Message Server in hardware for swift parsing of XML messages.
Computer Associates also links management of networked services to security. Its Web Services Distributed Management product is linked to its eTrust security-product line, so its Web-services manager can retrieve the identity of a user and check whether access sought to a resource is permitted. "The two functions are interrelated," says Dmitri Tcherevik, director of Web services.
"A lot of companies haven't figured out how they'll roll out a services-oriented architecture," where a service created for one application can be called and used by a second or third or more applications, analyst Rhinelander says. Integrating Web-services management with an XML firewall reduces the number of decisions that have to be made to establish a services-oriented architecture, he says.
The DataPower XS40 XML Security Gateway is priced at $65,000 per appliance; Boonin says Network Director is typically priced around $250,000.
About the Author
You May Also Like