Businesses today are exploiting XML and Web Services to enable rapid application integration internally across the enterprise and externally with trading partners, suppliers and end-customers. Regardless of what stage an enterprise is along the path of XML adoption, be it for tactical point-to-point XML-based integration projects through to the full-blown roll out of Services Oriented Architecture (SOA), Vordel's products address the requirements of this wave of integration.
Vordel 5 is a set of enterprise XML network infrastructure products that address the key requirements of XML-based integration and SOA.
They deliver:-
- Performance - removal of XML processing bottlenecks
- Identity Management - application of identity controls to SOA
- Policy Control - centralized policy management throughout the SOA
- XML Application Networking - XML data transformation, routing and acceleration
- Security - full protection against all threats
- Monitoring - full visibility of Web Services usage
The products are:-
XML offload with data transformation, routing and acceleration
Threat protection for XML applications from malicious attack and unauthorized access
Centralized policy creation and management for networks of XML firewalls and gateways
Full visibility reporting on Web Service usage
Web Services test tool
Application Level Networking
The Vordel XML Gateway is a dedicated network device for offloading processor-intensive tasks from applications running in general purpose application servers. The Vordel XML Gateway performs application networking by routing traffic based on content, based on sender, and performing XML content screening. XML data is converted on the fly between formats.
Threat protection for XML Applications
Vordel XML Firewall protects XML applications from malicious attack and unauthorized access. By blocking a wide range of attacks on XML applications, it shields XML applications and allows them to be deployed in safety and confidence.
The XML Firewall forms an integral component of any enterprise\'s SOA security infrastructure and can be deployed as part of a strategic architecture of XML firewalls, gateways and run time governance products. Vordel XML Firewall complements other application security and network security products by providing the XML data screening which other products do not provide
XML Firewall and XML Gateway Overview
The Vordel XML Gateway and Firewall products are delivered on the carrier grade VX deployment platform for customers with the most demanding XML processing requirements. The VX consists of Vordel's patented XML acceleration and parallelization technology, VXA, combined on a hardened pre-integrated platform.
Vordel XML Gateway also incorporates the patented high performance core VXA (Vordel XML Acceleration) engine, coupled with acceleration hardware ensures wirespeed network performance. Vordel XML Gateway also incorporates all of the threat prevention functionality available in Vordel XML Firewall.
For a more detailed functionality overview please see the table below.
| Feature |
XML Firewall  |
XML Gateway |
 Web Services Protocols |
| Networking |
| Service Virtualization |
 |
|
| Content-based routing |
|
|
| Source-based routing |
|
|
| Identity-based routing |
|
|
| Protocol Conversion [HTTP/JMS/MQ] |
|
|
| XML Data Enrichment |
|
|
| Policy Control |
| Drag-and-drop policy creation |
|
|
| Conditional branching within policies |
|
|
| Import/Export of policies |
|
|
| Policy chaining |
|
|
| Policy Migration |
|
|
| Wildcard values within policies |
|
|
| Identity Management Integration |
| LDAP (incl. Sun, Novell, Siemens, etc) |
|
|
| Microsoft Active Directory |
|
|
| CA SiteMinder |
|
|
| CA SOA Security Manager |
|
|
| RSA Access Manager (ClearTrust) |
|
|
| Entrust GetAccess |
|
|
| IBM Tivoli Access Manager |
|
|
| Oracle Access Manager |
|
|
| XACML |
|
|
| Security and Identity Mediation |
| Built-in Security Token Service (STS) |
|
|
| SAML Token Issuance and "injection" |
|
|
| WS-Trust |
|
|
| Credential Mapping |
|
|
| Token mapping (X.509 to SAML, etc) |
|
|
| Encryption and Signing |
| SSL |
|
|
| XML Encryption |
|
|
| XML Signature |
|
|
| WS-Security SOAP Message Security |
|
|
| Threat Detection |
| Block malformed XML |
|
|
| Block WSDL Scanning |
|
|
| Block SQL Injection |
|
|
| Block XPath Injection |
|
|
| Block XXE Attacks |
|
|
| Block XML Bomb Attacks |
|
|
| Block rogue SOAP Attachments |
|
|
| Detect viruses in SOAP Attachments |
|
|
| Schema Validation |
|
|
| XML Clogging Detection |
|
|
| SOAP Operation Filtering |
|
|
| IP Address Filtering |
|
|
| Traffic Throttling |
|
|
| HTTP Header Analysis |
|
|
| HTTP Query String Analysis |
|
|
| Malicious content signature library |
|
|
| Authentication |
| HTTP Authentication (Basic/Digest) |
|
|
| SSL Mutual Authentication |
|
|
| WS-Security UsernameToken |
|
|
| WS-Security X.509 Certificate Token |
|
|
| Other token types |
|
|
| Authorization |
| Role-based access control |
|
|
| Authorization based on database query |
|
|
| Content-based authorization |
|
|
| Delegation to third-party AuthZ systems |
|
|
| Audit |
| Traffic Logging |
|
|
| Log Signing |
|
|
| Alerting |
| Email |
|
|
| SNMP |
|
|
| Syslog |
|
|
| Windows Event Log |
|
|
| CheckPoint OPSEC |
|
|
| System Monitoring and Management |
| SNMP for HP OpenView, CA UniCenter, etc |
|
|
| Real-time Monitoring Console |
|
|
| Syslog |
|
|
| Windows Event Log |
|
|
| CheckPoint OPSEC |
|
|
| Role-based access to policies |
|
|
| Extensibility |
| JavaScript API for custom filters |
|
|
| Java API for custom filters |
|
|
| Conversion |
| XSLT |
|
|
| Custom Java Message Conversion |
|
|
| Service Quality |
| Service outage detection |
|
|
| Service Level Agreement (SLA) |
|
|
| Certificate Management |
| X.509 Certificate Issuance |
|
|
| Certificate Revocation List (CRL) support |
|
|
| OCSP support |
|
|
| XKMS support |
|
|
