XML Gateway Leads The SOA Specialist Charge

Vordel's updated network appliance takes the heavy lifting off application servers.
This appliance really packs a punch. The XML Gateway moves processor-intensive XML tasks from application servers to the network itself. While other vendors rely solely on hardware acceleration cards, like the Tarari XML Accelerator, Vordel leverages its own XML Acceleration Engine (VXA) for XML processing. This approach enables Vordel to offer XML acceleration in both software- and hardware-based appliances.

The hardware-based XML Gateway appliance runs on Vordel's VX Platform, a pre-hardened deployment environment. Essentially, the VX Platform sits atop the Dell PowerEdge line of servers and is available in two form factors, depending on processing requirements. The VX platform offers cryptographic acceleration via an nCipher nShield Hardware Security Module (HSM), which applies SSL acceleration to transport-level security. Using redundant power supplies, network interfaces, and RAID-configured disks, the VX Platform eliminates single points of failure and offers high availability out of the box.

Vordel surrounds XML Gateway with a diverse and well-featured toolset. The Vordel Policy Director offers centralized policy creation and management, Vordel Reporter provides visibility and reporting on Web service metrics, and SOAPbox is a testing suite for XML applications. Each of these tools was easy to work with once set up and configured.

Racked, Ready, Go

During our test drive, we found the rack-mountable hardware appliance relatively painless to install and set up. Once the appliance was racked and powered up, a Web-based administration interface enabled us to configure the host name and IP address of the appliance; the default gateway, DNS server, and SSH server for it to use; the system time; system users; and other tools that can assist administrators in managing the appliance.

Next, we installed the Vordel Policy Director, which allows Vordel to centralize policy management across XML Gateway appliances and XML firewalls. This time, installation and configuration were a bit more involved, because the Policy Director comprises three components: Policy Director Server, Policy Director Consol, and Policy Studio.

The Policy Director Server is the central Policy Director component, and Vordel recommends running this on a dedicated host. The Policy Director Server maintains historical versions of policies that can be deployed to multiple XML firewalls and/or XML Gateway instances that are running throughout the network. Multiple versions of policies can be loaded from the Policy Director Server and pushed out to processes using the Policy Director Console.

The final piece of the setup is Policy Director Studio, the tool that developers, network administrator, and operations personnel will use. Policy Director Studio acts as the user interface to configure and manage policies enforced on the appliance. Setup of Studio was very straightforward.

What's The Privacy Policy?

Policies define rules for how an XML Gateway-protected service can be consumed. The Vordel XML Gateway enforces a vast number of policies. Once we defined the policies using Policy Studio, we could limit users' service access by HTTP basic authentication, XPath credentials, and service availability.

Policy Studio is a powerful mechanism for policy creation and maintenance, and role-based access to policies is a nice feature. The Policy Director architecture eliminates the need to manage a group of isolated policies across individual XML Gateways.

With XML Gateway, Vordel targets the enterprise, and the product's benefits are most fully realized when running multiple XML Gateways within the network. Implementing Vordel's architecture does take some planning, but overall, Vordel provides a well-thought-out system that centralizes policy management and performs ably under load. And, we found pricing competitive: $59,000 for the XML Gateway appliance hardware, or $35,000 for the XML Gateway software appliance.

Erik Pieczkowski is an enterprise architect and partner with Synegen. His experience ranges from the design and development of high performing, message-driven systems to building and deploying scalable SOAs. Write to him at [email protected]