XML Security Appliances

There are a variety of hardware-based (appliance) solutions for offloading some XML processing from the server to a specialized piece of hardware.

Are any of you (or your customers) using XML Firewalls or devices to offload processing of WS-Security headers, XML encryption or XML digital signatures? If so, how beneficial would you say that has been to your overall performance and development productivity?



Yemi Bedu

Some of the vendors active in this XML infrastructure appliance / XML accelerator / XML security appliance space are:

It will be interesting to compare the functionality and price point of these appliances with the webMethods ServiceNet 6.5 software product when it is released “real soon now”.


Updated 1/27 to add Forum Systems to the list.

It is interesting. I know you have been exposed to a lot of IT shops. How do you think the convergence of network devices and application space things like this will go? My experience has been the network folks and the app folks are from two different worlds. They really only speak when forced.

I think it comes down to total cost including the cost of these “appliances” compared to the cost of upgrading (or waiting to upgrade) to versions of vendor products that support the needed security capabilties (WS-Security, SAML, encryption, signature, etc.).

If you are faced with an alternative involving lots of custom development in order to meet security requirements vs. overcoming some potential organizational issues to plug in and configure an appliance, it may be worth the brain damage.

Besides, we have to work with network support folks already to configure firewalls, proxy servers and load balancers. This is just one more piece of hardware although it does overlap with the software space more than those other examples.

I once used (OK, was forced to use) an “integration appliance”. It was a rack mounted device and you developed integration logic using a web-based application.

It lacked many capabilities of webMethods IS and never really caught on, but it was a much lower cost item and might have been well-suited for simple, departmental integration challenges.


From EE Times