Application Level Networking
The Vordel XML Gateway is a dedicated network device for offloading processor-intensive tasks from applications running in general purpose application servers. The Vordel XML Gateway performs application networking by routing traffic based on content, based on sender, and performing XML content screening. XML data is converted on the fly between formats.
Threat protection for XML Applications
Vordel XML Firewall protects XML applications from malicious attack and unauthorized access. By blocking a wide range of attacks on XML applications, it shields XML applications and allows them to be deployed in safety and confidence.
The XML Firewall forms an integral component of any enterprise's SOA security infrastructure and can be deployed as part of a strategic architecture of XML firewalls, gateways and run time governance products. Vordel XML Firewall complements other application security and network security products by providing the XML data screening which other products do not provide
XML Firewall and XML Gateway Overview
The Vordel XML Gateway and Firewall products are delivered on the carrier grade VX deployment platform for customers with the most demanding XML processing requirements. The VX consists of Vordel's patented XML acceleration and parallelization technology, VXA, combined on a hardened pre-integrated platform.
Vordel XML Gateway is used to offload the heavy lifting of XML from application servers and onto the network, thereby freeing up resources on application servers and allowing applications to run faster. Vordel XML Gateway also incorporates all of the threat prevention functionality available in Vordel XML Firewall.
For a more detailed functionality overview please see the table below.
| Feature |
XML Firewall  |
XML Gateway |
 Web Services Protocols |
| Networking |
| Service Virtualization |
 |
|
| Content-based routing |
|
|
| Source-based routing |
|
|
| Identity-based routing |
|
|
| Protocol Conversion [HTTP/JMS/MQ] |
|
|
| XML Data Enrichment |
|
|
| Policy Control |
| Drag-and-drop policy creation |
|
|
| Conditional branching within policies |
|
|
| Import/Export of policies |
|
|
| Policy chaining |
|
|
| Policy Migration |
|
|
| Wildcard values within policies |
|
|
| Identity Management Integration |
| LDAP (incl. Sun, vell, Siemens, etc) |
|
|
| Microsoft Active Directory |
|
|
| CA SiteMinder |
|
|
| CA SOA Security Manager |
|
|
| RSA Access Manager (ClearTrust) |
|
|
| Entrust GetAccess |
|
|
| IBM Tivoli Access Manager |
|
|
| Oracle Access Manager |
|
|
| XACML |
|
|
| Security and Identity Mediation |
| Built-in Security Token Service (STS) |
|
|
| SAML Token Issuance and "injection" |
|
|
| WS-Trust |
|
|
| Credential Mapping |
|
|
| Token mapping (X.509 to SAML, etc) |
|
|
| Encryption and Signing |
| SSL |
|
|
| XML Encryption |
|
|
| XML Signature |
|
|
| WS-Security SOAP Message Security |
|
|
| Threat Detection |
| Block malformed XML |
|
|
| Block WSDL Scanning |
|
|
| Block SQL Injection |
|
|
| Block XPath Injection |
|
|
| Block XXE Attacks |
|
|
| Block XML Bomb Attacks |
|
|
| Block rogue SOAP Attachments |
|
|
| Detect viruses in SOAP Attachments |
|
|
| Schema Validation |
|
|
| XML Clogging Detection |
|
|
| SOAP Operation Filtering |
|
|
| IP Address Filtering |
|
|
| Traffic Throttling |
|
|
| HTTP Header Analysis |
|
|
| HTTP Query String Analysis |
|
|
| Malicious content signature library |
|
|
| Authentication |
| HTTP Authentication (Basic/Digest) |
|
|
| SSL Mutual Authentication |
|
|
| WS-Security UsernameToken |
|
|
| WS-Security X.509 Certificate Token |
|
|
| Other token types |
|
|
| Authorization |
| Role-based access control |
|
|
| Authorization based on database query |
|
|
| Content-based authorization |
|
|
| Delegation to third-party AuthZ systems |
|
|
| Audit |
| Traffic Logging |
|
|
| Log Signing |
|
|
| Alerting |
| Email |
|
|
| SNMP |
|
|
| Syslog |
|
|
| Windows Event Log |
|
|
| CheckPoint OPSEC |
|
|
| System Monitoring and Management |
| SNMP for HP OpenView, CA UniCenter, etc |
|
|
| Real-time Monitoring Console |
|
|
| Syslog |
|
|
| Windows Event Log |
|
|
| CheckPoint OPSEC |
|
|
| Role-based access to policies |
|
|
| Extensibility |
| JavaScript API for custom filters |
|
|
| Java API for custom filters |
|
|
| Conversion |
| XSLT |
|
|
| Custom Java Message Conversion |
|
|
| Service Quality |
| Service outage detection |
|
|
| Service Level Agreement (SLA) |
|
|
| Certificate Management |
| X.509 Certificate Issuance |
|
|
| Certificate Revocation List (CRL) support |
|
|
| OCSP support |
|
|
| XKMS support |
|
|
product datasheet 