Application Level Networking

The Vordel XML Gateway is a dedicated network device for offloading processor-intensive tasks from applications running in general purpose application servers. The Vordel XML Gateway performs application networking by routing traffic based on content, based on sender, and performing XML content screening. XML data is converted on the fly between formats.

Use Vordel to offload the heavy-lifting of XML from application servers and onto the network. This frees up resources on application servers and allows applications to run faster. The patented high performance core VXA (Vordel XML Acceleration) engine, coupled with acceleration hardware ensures wirespeed network performance. The Vordel XML Gateway also incorporates all of the threat prevention functionality available from the Vordel XML Firewall.

Ease of Deployment
As an appliance, the gateway is pre-hardened and requires no installation. It can be managed in a "headless" manner. A Web-based interface is also provided. All policies can be imported and exported as XML files, which minimizes the time taken to replicate policies across multiple devices, or to move from a staging system to production usage.

The gateway includes many features which speed up deployment. For example, certificates and private keys, necessary for many XML security functions, may be issued on-board. The device has a "Deny by Default" defense posture, in order to detect and block any unauthorized deployments of Web Services. Policies can be re-applied across multiple application endpoints using simple drop-down menus.

Powerful rules engine with easy to use policy management console
An intuitive policy management console enables administrators to add security and management policies to the gateway device. Policies across multiple gateway devices may be managed together using Vordel's Policy Director enterprise policy management product. This allows enterprise policy management to be brought under centralized control, rather than being managed on a device-by-device basis.

Processing Offload for Application Acceleration
Offload the heavy-lifting of XML from application servers and onto the network. XML operations such as XML Schema validation and XSLT are notoriously slow. The gateway uses patented, wirespeed, hardware acceleration to speed these tasks. This frees up resources on application servers and allows applications to run faster.

Application-Level Networking
The gateway routes data based on sender identity, content, and content type. This allows XML messages to be sent to the appropriate application. It also allows for "service virtualization" to be performed, whereby Web Services are exposed to clients with "virtualized" addresses, which mask their actual addresses for security and application-delivery reasons.

XML Data Enrichment
Automatically populate content in XML documents from sources such as databases. By putting this functionality onto XML Networking infrastructure, the information is automatically populated into the XML messages before they reach the consuming Web Services. This simplifies and accelerates applications in ESBs or Application Servers.

Identity Management
Vordel XML Gateway supports Identity Management infrastructure to perform authentication and authorization of XML traffic. Integration is provided with LDAP, Microsoft Active Directory, CA SiteMinder, Entrust GetAccess, IBM Tivoli Access Manager, Oracle COREId and RSA Access Manager and other IM products. The gateway also interoperates with leading XML products and platforms, including Microsoft .NET, BEA WebLogic, IBM WebSphere, and SAP NetWeaver.

Identity Mediation
Through support for a wide range of security standards, Vordel XML Gateway allows for identity mediation between different identity schemes. For example, the gateway can authenticate external Web Services clients using passwords but then issue SAML tokens that are used for identity propagation to application servers.

Service Virtualization
Vordel XML Gateway serves as an important control point for XML traffic on the network. By shielding end point Web Services from direct access, the gateway allows for the virtualization of these services, and clients access the XML Gateway as if it was the Web Service itself. This allows different "views" of Web Services to be presented to different clients.

Traffic throttling
The Vordel XML Gateway protects Web Services from unanticipated traffic spikes, by smoothing out the traffic. It also limits clients to agreed Web Service consumption levels in accordance with service usage agreements. This allows Vordel's customers to charge their clients for different levels of Web Services usage.

Audit Capability/Compliance
Satisfy audit requirements by allowing Web Services transactions to be archived in a tamper-proof store, for later audit. Vordel also facilitates privacy compliance support by allowing de-identification: that is, allowing sensitive information, such as customer names, to be encrypted or stripped out of XML traffic.

Policy migration from Staging to Production
Since the Vordel product range also includes the VordelSecure software-based XML Gateway, staging can be performed in software and before using Vordel XML Gateway for production deployment.

Pluggable message-handling pipeline
Vordel XML Gateway's internal message-handling pipeline is extensible, allowing extra access control and content-filtering rules to be added with ease. Customers do not have to wait for a full product release before receiving updates of support for emerging standards and for additional adapters.

Performance Optimized VX Deployment Platform
Integrated into the gateway is Vordel's patented core VXA (XML security acceleration) engine. This processing engine accelerates the essential XML security primitives. The VX deployment platform includes cryptographic acceleration hardware embedded in the device and Gigabit Ethernet cards provide wirespeed network performance.

Vordel XML Gateway datasheet