Security gateways started out as XML accelerator appliances, designed to take the load off systems burdened by bloated, text-heavy XML messages. They can still provide many of these functions, speeding up content-based routing and proxy-based management. However, vendors soon found that the killer app for XML appliances was security, thanks to fears that Web services messages were carrying threats straight through the corporate firewall.
Security gateways also are designed to perform other Web services security functions, including XML encryption, digital signature verification, and AAA. They compete with or augment runtime management software. Gateways can also help with lower-level security protocols such as Secure Sockets Layer, though here they're up against AFEs and ordinary firewalls.
Although they started out as hardware appliances, security gateways are increasingly being provided as software, with several vendors offering virtual appliances. The switch is also prompting some to move into Web services management and SOA governance. Hardware XML firewalls increasingly will be embedded inside the network infrastructure, supplied by AFEs that can also provide hardware acceleration of other SOA functions.