Security Basics mailing list archives
RE: XML Firewall
From: "Peter, Matthew F." <matt.peter () capgemini com>
Date: Mon, 24 Mar 2008 18:40:31 -0400
To add to this, We have deployed IBM DataPower as an XML Firewall for a number of customers. Its typically deployed around the edges of a network. The documentation can give you more specifics, but its two major advantage categories are: - Offload XML Processing to firmware: All encryption, decryption, authorization, etc is done on the appliance at wirespeed rather than an application server, which can be a big performance hit in traditional deployments - Content based AAA: A variety of different security policies can be defined and incorporated into legacy systems. For a quick example, if a legacy service uses HTTP Basic, this can be transformed into a SAML or WS-Security artifact to be processed by a backend system, or authenticated against a Radius server. It can also protect against DOS attacks, XML based SQL injection, and virus scanning of encoded content, to name just a few features. http://www-306.ibm.com/software/integration/datapower/library/index.html http://www.redbooks.ibm.com/abstracts/redp4327.html ~ Matt -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Logan Douglas Sent: Monday, March 24, 2008 6:03 PM To: security-basics () securityfocus com Subject: Re: XML Firewall hi check out http://en.wikipedia.org/wiki/XML_appliance An XML appliance is a separate computer system with deliberately narrow functionality that exchanges XML messages with other computer systems. XML appliances secure, accelerate and route XML so enterprises can cost-effectively realize its full potential for messaging and service-oriented architectures (SOAs). They are designed specifically to be easy to install, configure and manage. While some XML appliances must rely on specialized hardware and software to accelerate the processing of XML messages, others accomplish the same tasks using standards-based hardware and operating systems. http://en.wikipedia.org/wiki/XML_firewall First brought to market by Forum Systems[citation needed], an XML firewall is a specialized firewall used to provide security for XML messaging such as Web services. XML firewalls are types of XML appliances that are separated from internal computer systems and frequently reside in an organization's DMZ. I hope this helps :) Regards, SSANZ *************************************** Server Systems Administration NZ Server Security | Server Systems Management ServerSystemsAdministration.COM | SSANZ.NET | ServerSecurityNZ.COM *************************************** Quoting wuggy77 () msn com:
I have been around the security block, but obviously I have not been exposed to everything because I was asked to research an XML Firewall. I have never heard of an XML Firewall and so I wanted to start by getting some input on what an XML Firewall is supposed to do. I am not opposed to doing some reading so if anyone has some good links to sites that explain these devices I will be happy to look it up. Secondly I would like to recieve some recommendation as to what would be considered good XML firewall.
This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message.
Current thread:
- XML Firewall wuggy77 (Mar 24)
- Re: XML Firewall Abe Getchell (Mar 24)
- Re: XML Firewall H. Willstrand (Mar 24)
- Re: XML Firewall Logan Douglas (Mar 24)
- RE: XML Firewall Peter, Matthew F. (Mar 25)
- Re: XML Firewall Andrea Gatta (Mar 25)
- <Possible follow-ups>
- Re: XML Firewall matthewmclartyster (Mar 28)