"We already benefit from the enterprise security infrastructure Vordel provides for all our internal and external XML-based communications. We welcome their inclusion in the Software AG CentraSite as such a repository allows for all policies and Web Services descriptions to be stored in a centralized fashion which produces efficiencies of scale for large organizations such as Badenia."
Harald Wagner,
Deutsche Bausparkasse Badenia AG
Distributed control and protection for Web Services
What does it mean to say that a Web Service is "Secure"? Vordel answers this question by providing market-leading products to tightly control Web Services usage.
Whether they are used internally or across the firewall, Web Services must have the appropriate policy control and protection framework implemented. This is achieved by central management of effective security policies which are deployed across the network.
The challenges encountered in a distributed network of Web Services include:-
Access Control in policies, not in code.
Can you control who accesses your Web Services? Access control policies based on identity management infrastructure, such as Active Directory and CA SiteMinder, need to be enforced. These policies should be configurable with no coding required.
Protection from attack
Web Services are vulnerable to a range of content-based attack avenues which must be blocked. Strong threat analysis involves scanning XML to discover whether it contains any malicious content. Examples of malicious XML content include XML Denial of Service (XDoS) attacks, unwanted or virus-laden SOAP attachments, malformed XML and SQL injection.
Distributed policy enforcement
Wherever Web Services are used in a network, it is vital to be able to enforce and update security policies in a distributed fashion. These policies will need to be migrated from testing, through staging, to production, with no re-coding required.
Centralized control
Whilst policy enforcement is distributed, the actual creation and management of policies needs to be centralized with Operational staff to guarantee efficiencies of scale where multiple there are multiple enforcement endpoints.
Vordel Solution for securing Web Services
Distributed Policy Enforcement at intermediary XML firewalls and gateways
Vordel Policy Director manages a distributed set of XML firewalls and gateways across an enterprise. These enforcement points may be XML Gateway appliances, software or hardware based XML Firewalls. Vordel Policy Director includes a centralized configuration server which offers a sophisticated range of features to enforce control policies across the network, not only at the perimeter.
Centralized Policy Management
Included with Vordel Policy Director is the industry's most advanced policy management tool to control and manage all policies across an SOA. The Policy Studio allows for the design of policies covering critical areas such as compliance, performance and security. This allows policies to be created for authentication, authorization, and XML threat analysis without any requirement for coding.
This site, and all contents and graphics, copyright © 1999 - 2008 Vordel Limited | Legal notices | Privacy policy