XML Security Appliances

wMusers.Com1 · December 21, 2005, 7:42pm

There are a variety of hardware-based (appliance) solutions for offloading some XML processing from the server to a specialized piece of hardware.

Are any of you (or your customers) using XML Firewalls or devices to offload processing of WS-Security headers, XML encryption or XML digital signatures? If so, how beneficial would you say that has been to your overall performance and development productivity?

Mark

Yemi_Bedu · January 12, 2006, 4:52am

Hello,

Yemi Bedu

wMusers.Com1 · January 21, 2006, 5:33am

Some of the vendors active in this XML infrastructure appliance / XML accelerator / XML security appliance space are:

It will be interesting to compare the functionality and price point of these appliances with the webMethods ServiceNet 6.5 software product when it is released “real soon now”.

Mark

Updated 1/27 to add Forum Systems to the list.

system · January 21, 2006, 5:47am

It is interesting. I know you have been exposed to a lot of IT shops. How do you think the convergence of network devices and application space things like this will go? My experience has been the network folks and the app folks are from two different worlds. They really only speak when forced.

wMusers.Com1 · January 23, 2006, 10:09pm

I think it comes down to total cost including the cost of these “appliances” compared to the cost of upgrading (or waiting to upgrade) to versions of vendor products that support the needed security capabilties (WS-Security, SAML, encryption, signature, etc.).

If you are faced with an alternative involving lots of custom development in order to meet security requirements vs. overcoming some potential organizational issues to plug in and configure an appliance, it may be worth the brain damage.

Besides, we have to work with network support folks already to configure firewalls, proxy servers and load balancers. This is just one more piece of hardware although it does overlap with the software space more than those other examples.

I once used (OK, was forced to use) an “integration appliance”. It was a rack mounted device and you developed integration logic using a web-based application.

It lacked many capabilities of webMethods IS and never really caught on, but it was a much lower cost item and might have been well-suited for simple, departmental integration challenges.

Mark

wMusers.Com1 · February 15, 2006, 9:28pm

From EE Times

LONDON — Intel Corp. has confirmed that it has acquired XML processing startup Conformative Systems Inc. and has said that it is planning to combine Conformative’s XML processing technology with Intel computing platforms.

No financial details were given by Intel (Santa Clara, Calif.) although EE Times understands from a source that Intel paid about $3 million or $4 million for Conformative. “Intel Corporation has acquired Conformative Systems, a key provider of hardware-based XML acceleration technologies. The acquisition combines Intel’s proven platform capabilities with Conformative Systems’s substantial hardware-based XML acceleration IP and engineering expertise. The acquisition support’s Intel’s strategy to deliver added value to computing platforms through products that help our customers implement end-to-end web services solutions,” Intel said in statement sent to EE Times on Wednesday (Feb. 8).

wMusers.Com1 · March 28, 2006, 5:41am

February 3, 2006
Forum Systems Fills Security Hole
By Clint Boulton

Forum Systems, which makes appliances to protect Web services transactions across firewalls, added some vulnerability-assessment and policy-compliance software to the mix when it acquired Kenai Systems this week.

Rocklin, Calif.-based Kenai is a privately held maker of eXamine, a suite of security software tools tailored for Web services and service-oriented architectures (SOAs).

Forum, which competes against IBM, Cisco Systems and some smaller players in the market for securing Web services, said it will integrate Kenai’s security assessment tools within its Seamless Security Solutions Architecture (Forum S3A).

“We look to develop or acquire technologies that will reduce risk when implementing SOAs,” said Forum CEO and President Wes Swenson in a statement.

“Kenai’s eXamine tool allows our customers to gain much needed visibility into security and compliance exposures. Combine this with our XML Firewall and Gateway solutions and you get the most comprehensive SOA security solution on the market.”

Specifically, Kenai’s eXamineXT lets developers test Web services for exposure to security vulnerabilities. EXamineSOA is a policy-based security and compliance tool that helps define policies and best practices to generate and run test cases.

EXamineSOA Enterprise adds a multi-user shared library to eXamineSOA, enabling enterprises to share policies, test suites, cases and results.
The deal makes sense on a number of levels, said ZapThink Research analyst Jason Bloomberg.

“Kenai’s policy definition is like peanut butter to Forum’s policy enforcement chocolate,” Bloomberg said. “Also, they shared investors, so the synergies made sense to them as a single company.”

Forum and Kenai also share a common interest in growing their respective businesses in a market that consolidates with each passing month. ZapThink predicted 2006 would be a year of mass consolidation in the burgeoning market for distributed computing systems such as SOAs.

The market has done little to dispel that notion.

In January, Mercury acquired registry and policy governance specialist Systinet for $105 million.

Fewer than two weeks later, Progress Software landed on SOA management vendor Actional for $32 million in cash and stock.