Forum XWall and Oracle Application Server 10g

Similar documents
IBM Secure Proxy. Advanced edge security for your multienterprise. Secure your network at the edge. Highlights

Using the Cisco ACE Application Control Engine Application Switches with the Cisco ACE XML Gateway

Using IBM DataPower as the ESB appliance, this provides the following benefits:

Novell Access Manager 3.1

Axway Validation Authority Suite

Addressing Security, Governance and Performance Issues with an XML Gateway as part of a Service Oriented Architecture. Vic Morris CEO Vordel

IBM Tivoli Directory Server

CISCO IT DEPARTMENT DEPLOYS INNOVATIVE CISCO APPLICATION- ORIENTED NETWORKING SOLUTION

Business White Paper IDENTITY AND SECURITY. Access Manager. Novell. Comprehensive Access Management for the Enterprise

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

Configuring SSL. SSL Overview CHAPTER

Configuring SSL CHAPTER

Smarter Business Agility with WebSphere DataPower Appliances Introduction

How Cisco IT Improves Commerce User Experience by Securely Sharing Internal Business Services with Partners

Agenda. Introduction & Drivers of Networks DLP. Requirements, Challenges of Network DLP. Addressing Network DLP with Fidelis XPS

Sentinet for BizTalk Server SENTINET

Subscriber Data Correlation

SOA S90-20A. SOA Security Lab. Download Full Version :

SteelGate Overview. Manage perimeter security and network traffic to ensure operational efficiency, and optimal Quality of Service (QoS)

Simplifying Information Sharing Across Security Boundaries. Deep-Secure Overview 12 th November 2013, Prague. Presentation to.

PingFederate 5.0. Release Notes

Introduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview

CyberP3i Course Module Series

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

Configuring SSL. SSL Overview CHAPTER

Overview SENTINET 3.1

Reviewer s guide. PureMessage for Windows/Exchange Product tour

En partenariat avec CA Technologies. Genève, Hôtel Warwick,

OpenIAM Identity and Access Manager Technical Architecture Overview

WEB-202: Building End-to-end Security for XML Web Services Applied Techniques, Patterns and Best Practices

Oracle Application Server 10 g Security. An Oracle White Paper December 2005

Security Assessment Checklist

Microsoft Architecting Microsoft Azure Solutions.

INFORMATION EXCHANGE GATEWAYS: REFERENCE ARCHITECTURE

IBM Exam IBM WebSphere DataPower SOA Appliances Firmware V5.0 Solution Implementation Version: 6.0 [ Total Questions: 75 ]

Chapter 9. Firewalls

ActiveVOS Technologies

SAML-Based SSO Solution

SERV-U MANAGED FILE TRANSFER SERVER FTP SERVER SOFTWARE FOR SECURE FILE TRANSFER & FILE SHARING

BIG-IP V11.3: PRODUCT UPDATE. David Perodin Field Systems Engineer III

ForeScout Extended Module for Carbon Black

Firewalls for Secure Unified Communications

Implementing a Ground Service- Oriented Architecture (SOA) March 28, 2006

SailPoint IdentityIQ Integration with the BeyondInsight Platform. Providing Complete Visibility and Auditing of Identities

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

SAML-Based SSO Solution

Distributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013

IBM C IBM Security Network Protection (XGS) V5.3.2 System Administration.

Policy Manager for IBM WebSphere DataPower 7.2: Configuration Guide

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

AIM Enterprise Platform Software IBM z/transaction Processing Facility Enterprise Edition 1.1.0

Securing VMware NSX MAY 2014

Configuring Virtual Servers

Jitterbit is comprised of two components: Jitterbit Integration Environment

Service Oriented Architecture

Microsoft Internet Security & Acceleration Server Overview

App Gateway Deployment Guide

The Road to a Secure, Compliant Cloud

Tivoli Federated Identity Manager. Sven-Erik Vestergaard Certified IT Specialist Security architect SWG Nordic

Siebel CRM. Siebel Security Hardening Guide Siebel Innovation Pack 2015 E

INFORMATION ASSURANCE DIRECTORATE

Liferay Security Features Overview. How Liferay Approaches Security

ACS-3921/ Computer Security And Privacy. Chapter 9 Firewalls and Intrusion Prevention Systems

Security and Compliance at Mavenlink

Enterprise SOA Experience Workshop. Module 8: Operating an enterprise SOA Landscape

Enterprise Guest Access

Identity-Enabled Web Services

WebSphere Application Server, Version 5. What s New?

Exam: : VPN/Security. Ver :

Security by Default: Enabling Transformation Through Cyber Resilience

ForeScout ControlFabric TM Architecture

Architecting the Right SOA Infrastructure

ebusiness Suite goes SOA

Exam : Title : Security Solutions for Systems Engineers(SSSE) Version : Demo

Best Practices in Securing Your Customer Data in Salesforce, Force.com & Chatter

Managing and Auditing Organizational Migration to the Cloud TELASA SECURITY

HARDWARE SECURITY MODULES DEPLOYMENT STRATEGIES FOR ENTERPRISE SECURITY

the Corba/Java Firewall

Introduction. SecureAuth Corporation Tel: SecureAuth Corporation. All Rights Reserved.

WHITE PAPER. Good Mobile Intranet Technical Overview

SoftLayer Security and Compliance:

COMPUTER NETWORK SECURITY

Create Decryption Policies to Control HTTPS Traffic

Hardening the Education. with NGFW. Narongveth Yutithammanurak Business Development Manager 23 Feb 2012

IBM Internet Security Systems Proventia Management SiteProtector

Who s Protecting Your Keys? August 2018

Awareness Technologies Systems Security. PHONE: (888)

SECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry

Ellipse Web Services Overview

2018 GLOBALSCAPE TRAINING OVERVIEW

Solutions Business Manager Web Application Security Assessment

Protecting Your Cloud

Bracing your infrastructure for XML Web Services

BIG-IP Access Policy Manager : Secure Web Gateway. Version 13.0

Implementing the Army Net Centric Data Strategy in a Service Oriented Environment

SOA Infrastructure Reference Architecture: Defining the Key Elements of a Successful SOA Infrastructure Deployment

API Security Management SENTINET

SOLUTION BRIEF CA API MANAGEMENT. Enable and Protect Your Web Applications From OWASP Top Ten With CA API Management

GoAnywhere MFT System Architecture Guide. For High Availability, Scaling, and Performance

Transcription:

Forum XWall and Oracle Application Server 10g technical white paper Forum Systems, Inc. BOSTON, MA 95 Sawyer Road, suite 110 Waltham, MA 02453 SALT LAKE CITY, UT 45 West 10000 South, suite 415 Sandy, UT 84070 TOLL FREE 1-866-333-0210 www.forumsystems.com

Table of Contents FORUM SYSTEMS AND ORACLE APPLICATION SERVER 10g................................... 3 AUDIENCE............................................................................ 3 CONTACT INFORMATION................................................................ 3 SCALABLE WEB SERVICES FULFILLMENT.................................................. 4 Oracle Application Server 10g...................................................... 4 Forum XWall Web Services Firewall.................................................. 4 Forum Sentry Web Services Security Gateway......................................... 5 ORACLE APPLICATION SERVER 10g AND FORUM SYSTEMS INTEGRATION....................... 5 Oracle HTTP Server............................................................... 5 Oracle Application Server Web Services.............................................. 5 Oracle Internet Directory.......................................................... 5 Oracle Application Server Certificate Authority........................................ 6 FORUM XWALL XML INTRUSION PREVENTION............................................ 7 Forum Complements Oracle Application Server 10g.................................... 8 FORUM XWALL EXAMPLE USE-CASES................................................... 9 Administration.................................................................. 10 Deployment Options............................................................. 10 Government Requirements Support................................................ 12 FORUM XWall AT NO CHARGE TO QUALIFIED ORACLE USERS.............................. 12 ABOUT FORUM SYSTEMS.............................................................. 13 Forum Systems Inc. Release Date: Spring 2004 2

FORUM SYSTEMS AND ORACLE APPLICATION SERVER 10g Enterprises of all sizes are getting committed to Service Oriented Architectures (SOAs) and Web services. Web services will become the standard deployment model for internal-to-external, internal-tointernal and external-to-dmz strategic and tactical applications. Regardless of the specific application, enterprises must quickly identify the best-of-breed infrastructure that will enable the secure and scalable fulfillment of Web services to customers, partners, employees and service providers. The right choice in development tools, architecture frameworks, business processes, application servers and security networking infrastructures will be critical in the success of enterprise Web services. To ensure that deployed Web services do not pose business risk, deliver their return on investment and complement existing IT infrastructures, Forum Systems and Oracle have partnered to deliver a best-of-breed solution for Web services fulfillment. This includes the tools, technology and processes for the development through deployment life-cycle of enterprise Web services. Without doubt, the most significant impediment to Web services deployments is the consistent, managed and reliable implementation of Web services security. The Forum Systems suite of Web services security products builds upon the Oracle Application Server 10g to effectively secure Web services. AUDIENCE This paper is geared toward the developer, application architect, information security manager or network administrator that takes part in the development and deployment life-cycle of secure Web services applications. It introduces the Forum Systems suite of products as a complement to Oracle Application Server 10g delivering secure Web services. CONTACT INFORMATION For more information please contact: Walid Negm Vice President, Product Marketing Forum Systems, Inc. wnegm@forumsys.com WP-ASF-SE-00092 3

SCALABLE WEB SERVICES FULFILLMENT Oracle Application Server 10g Oracle Application Server 10g is an application server that provides a comprehensive set of features built on the Java 2 Platform Enterprise Edition foundation. It includes extended scalability, systems management, Web services support, application integration and specific grid computing features. Forum Systems Forum Systems, Inc. is the leader in Web services security with a comprehensive suite of trust management and threat protection solutions for the Automated Web. Forum Systems flexible hardware, software and embedded products actively protect Web services from the network edge to the application server. Forum XWall Web Services Firewall Forum XWall is the industry s first Web Services Firewall equipped with XML intrusion prevention capabilities to protect enterprises against a new breed of networked threats including XML viruses, data-level invasions and denial of Web service attacks. Forum XWall ensures critical applications are appropriately accessible and continuously available by allowing network administrators to enforce perimeter policies that check the integrity of data and control access to exposed enterprise Web services. The following table illustrates the differences between Forum XWall and traditional firewalls: traditional firewalls web services firewall Objects Controlled Objective Firewall Objective Access Control Object Encryption Attack Protection IP addresses and ports, transport protocols (e.g. HTTP, FTP) and network packet flows Once filtered and authorized network packets can flow into the network Allow or deny packets across the network using rules such as source IP address and port Access control rules are defined using IP addresses, ports, protocols, and where the traffic is originating and destined Encryption is applied on the protocol stream such as SSL Recognize attacks on transport protocols Application URL s, Web services (e.g. operations and messages) and XML/SOAP message flows Once filtered and authorized Web services can flow into the network Allow or deny XML/SOAP messages across the network using rules such as access privileges to specific Web service operations Access control rules are defined using service requester identity and read/write/execute privileges on Web service operations Encryption is applied on entire messages or message elements Recognize attacks on Web service operations and message content 4

Forum Sentry Web Services Security Gateway Forum Sentry is a comprehensive Web Services Security Gateway that functions as a trusted intermediary for exchanging secure Web services between an enterprise and its business partners. Sentry enables enterprises to achieve a higher ROI through secure e-business process integration. Forum Sentry supports WS-Security with Digital Signatures, XML-Encryption, WS-Security Header and SAML. Forum Sentry also includes protocol gateway support for FTP, HTTP(S), Tibco Rendezvous and IBM WebSphere Message Queues. ORACLE APPLICATION SERVER 10g AND FORUM SYSTEMS INTEGRATION Oracle HTTP Server The Forum XWall Web Services Firewall provides proxy capability to intercept HTTP messages between a client and a back end web server. Security policies can be built to interpret the HTTP payloads and perform operations on the data stream between client and server (request), and between server and client (response). The Oracle HTTP Server s full support for HTTP(S), Basic Authentication and SOAP / XML messaging interoperates with Forum XWall s proxy mode deployment including HTTP with and without basic authentication and HTTPs with and with and without basic authentication. HTTPs interoperability includes SSL initiation and X.509 certificate path validation on the Oracle HTTP Server X.509 certificate. Oracle Application Server Web Services Oracle Application Server Web Services can be deployed and accessed through the Forum XWall Web Services Firewall using the Oracle Application Server generated client. Additionally, the Oracle Application Server WS client can be used to access Oracle Application Server Web Service through Forum XWall. Web Services and SOAP messages can be processed through XWall against the WS-I Basic Profile 1.0, SOAP validation, Archiving, XSLT Transformation, WS-Signature, WS-Encryption, WSDL Policy, and WSDL Access Control. The Forum XWall Web Services Firewall has full WSDL support to build security policies for the defined services, ports and operations of a published Web Service. The defined security policies can be applied to intercepted request and response messages in the Web Service SOAP message stream. Oracle Internet Directory The Oracle Internet Directory can be configured for users and groups that are subsequently imported into the Forum XWall for policy configuration. XWall uses LDAP for user and group management, X.509 certificate import, and Certificate Revocation List (CRL) retrieval. 5

Oracle Application Server Certificate Authority X.509 Certificates can be generated using the Oracle Application Server CA with PKCS#10 CSR requests which are generated by Forum XWall. The certificates are published to the Oracle Internet Directory and subsequently imported onto Forum XWall using the LDAP protocol. Security policies are built using Oracle CA X.509 certificates including SSL Authentication. All X.509 certificate revocation checking is performed using CRLs published to the Oracle Internet Directory from the Oracle CA. The following diagram illustrates the network architecture with the above components: high level invocation path 1. Forum intercepts in-bound request 2. Forum proxies request to Oracle Application Server 10g 3. Oracle Application Server 10g executes web service operation 4. Forum intercepts out-bound response 5. Forum proxies response to consumer 6

The following table lists the benefits of Forum XWall as an in-line policy enforcement server for Web services security: A. SSL Concentration Point Terminate (as well initiate) SSL with acceleration Mutual client and server authentication Hardened key storage and certificate management B. Bi-Directional XML Proxy Trusted and centralized policy enforcement Parse, inspect and validate messages XML Schema Validation SOAP attachments, WSDL, WS-I Basic Profile and SOAP filtering C. XML Intrusion Prevention WSDL-based protection to control accessibility to Web services Protect against XML-parser vulnerabilities Guard against XML-related attacks D. Transactional Authorization Fine-grained message-level access control Privileges to read/write/execute Web services operations FORUM XWALL XML INTRUSION PREVENTION An administrator would rely on Forum XWall to apply security checks on, for example, purchase order data flows that exceed a specific total amount. The administrator can configure granular rules that are more or less restrictive. For example, SOAP Header elements can be sanity checked as SOAP 1.1/1.2 documents. Constraint-based filtering applied to attributes of SOAP Body elements trap (allow/deny or quarantine) targeted document instances. Purchase order messages could also be blocked if they contain unrecognized, unapproved or forbidden data within the transport protocol (e.g. HTTP). If a breach is detected, such as message traffic rates have increased beyond a specific threshold, XML anomaly detection rules alert an administrator, quarantine requests and prevent further similar requests from entering the network. The administrator could also configure a policy to automatically trigger more restrictive rules processing such as XML Schema validation as a precautionary measure if, for example, risk levels are elevated. Forum XWall makes it simple for IT to manage and maximize the flow of Web services according to system resources and business priorities. 7

Forum Complements Oracle Application Server 10g Oracle Application Server 10g application developers and IT deployment can rely on Forum XWall and Forum Sentry to provide threat-side and trust-side Web services security including: DATA LEVEL NETWORKING Protocol Gateway HTTP (S) FTP Tibco/Rv IBM WebSphere MQ Routing/Quality of Service Message Transformation Transport Level Security SSL Encryption SSL X.509 Authentication HTTP Authentication Session Access Control Application Level Protection URI Virtualization URI Filtering URI Access Control WEB SERVICES SECURITY Threat Protection Web Service Cloaking Message Filtering Message Validation Service Access Control XML Intrusion Prevention Rules Trust Services WS-Security Authentication WS-Security Identity Mgmt / Access Control WS-Security Federation/Trust WS-Security Encryption Message Archiving Compliance FIPS 140-2 Level III HSM JITC DoD PKI Certification WS-I Basic Profile Enforcement MANAGEMENT & ADMINISTRATION Policy Management Roles based access control WSDL Authoring Model Policy Variability Control Rules-driven policies Deployment In-Line Policy Enforcement Shared Service Global Device Management Software, Appliance, PCI-Blade Enterprise Security Infrastructure Integration Hardened Security Hardware Acceleration FIPS 140-2 Level III HSM DoD PKI Certification Secure Operating Environment 8

FORUM XWall EXAMPLE USE-CASES The Forum XWall administrator has the flexibility to configure any number of content security processing rules as well as associated action rules. Together, these rules make up a comprehensive Web services security policy within Forum XWall. Processing rules identify and control access to specific web services requests and responses, and include deep content filtering, web services access management and XML intrusion prevention rules. A. DEEP CONTENT FILTERING Inspect and Validate Content This phase allows the administrator to rapidly sanitize data flows for unwanted or forbidden messages, or to target specific messages for further content security processing: i. Auto-validation, compliance and conformance (WS-I Basic Profile, XML 1.0, SOAP 1.1/1.2, SOAP w/attachments, WSDL Types) ii. XML Schema Validation iii. Regular Expression Matching iv. XPath Query B. WEB SERVICES ACCESS MANAGEMENT Provision and Authorize Messages This phase allows the administrator to control which requesters have appropriate read/write/execute permissions on exposed Web services. This phase allows the administrator to go beyond session access control to set fine-grained, message-level access control privileges: i. SSL X.509 Authentication ii. HTTP Basic Authentication iii. Service provisioning (deploy, activate, deactivate) iv. Session, service-, operation- and message-level access control C. XML INTRUSION PREVENTION Prevent against XML-related Threats This phase allows the administrator to trap malicious or hazardous content and requests from reaching the application. This phase also allows the administrator to prevent specific attack possibilities and protect against well-known Web services threats: i. Pre-defined detection settings ii. Preventative countermeasure settings Action rules control the passage of message instances in and out of the network and include the following self-descriptive rules that apply to identified or targeted message instances: Log and continue data flow Log and halt data flow Allow message Deny message Deny by default data flow Block message Stealth Block message Quarantine message Email Alert Notification Throttle data flow 9

Administration All Forum products share an enterprise-class management interface that offers advanced, easeof-use capabilities that simplify the complexities of configuring, monitoring and deploying security policies for XML encryption, authentication, access control, schema validation and XML Intrusion Prevention. The management scheme is based on distributed policy management architecture with a policy creation console, policy storage/server, policy decision point and policy enforcement point. These components operate as one integrated proxy server at the edge of the network. However, there will be instances when policies may be stored within a third-party s systems management environment. Forum XWall supports this type of model which leverages existing infrastructure investment. Forum Systems products can be configured using three interfaces: Command Line Interface Web-based Administration SOAP Web Services The administration is based on roles and responsibilities and can be performed on a single product/ multiple product instance(s) for global management. The global management capability enables a policy profile to be replicated (with or without customization) across a distributed cluster of product instances. The administration can be delegated to third party products such as Web services management, Identify Management and Access Control or traditional Systems Management products using third-party agent software resident on the product instances and a SOAP Web services API. Deployment Options All Forum products are available in three form factors: software, PCI card and hardware appliance. Forum XWall is a Web services firewall proxy that provides inbound and outbound processing of Web services traffic deployed in front of or behind the network firewall as a proxy or in-line gateway. Forum Sentry is a Web services security gateway that provides inbound and outbound processing of Web services traffic deployed in front or behind the network firewall as a proxy, inline gateway or an adjunct network service. The Sentry application transport protocol support includes HTTP(S), FTP, Tibco Rendezvous and IBM WebSphere MQ. The in-line network configuration is a physical bridge between two networks to create a single entry and exit point for all traffic. The shared-service mode allows Sentry to respond as a co-processor where the calling application can request (in-process) the Forum product to perform a specific operation, such as Digitally Sign a SOAP message. The API is HTTP-based with centralized policies controlling the action to be performed. 10

Forum XWall should be on a different host than the Application Server for effective XML threat mitigation. XML Intrusions prevention consumes CPU cycles as the system processes malicious messages. Forum XWall on a separate host such as an appliance or on a PCI card maintains Application Server performance. The following diagram illustrates three physical deployment options: The following diagram illustrates a high availability deployment scenario: front end destination virtual IP 1:443 cisco CS 1150 series layer 4.7 content switch back end destination: virtual IP 2:80 soa 1 firewall ids 1 VIP 1 F1:443 F2:443 F3:443 3 VIP 2 SOA1:80 SOA2:80 SOA3:80 l2 switch 4 soa 2 soa 3 Recommended Deployment Architecture with a Load Balancer Single Load balancer for in-bound and outbound traffic Forum Systems terminates and initiates SSL Architecture scales horizontally ssl F1 initiation / termination ssl F2 initiation / termination 2 ssl F3 initiation / termination Example Traffic Flow Scenario: 1. SSL connection arrives at VIP 1 2. VIP 1 request gets redirected to the least loaded Forum Appliance e.g. F2 3. Forum Appliance F2 terminates SSL, performs content security processing and forwards the request to VIP 2 which sends request to least loaded Application Server e.g. SOA 3 4. SOA 3 responds back to the Forum Appliance requested session. 11

Government Requirements Support Forum Systems supports the following key government requirements: DoD PKI Certification - The Forum Sentry 1504G appliance has met 100% of the requirements of the Department of Defense Class 3 Public Key Infrastructure Public Key-Enabled Application Requirements, version 1.0 13 July 2000 in the following areas: Retrieving Certificates, Importing Keys and Certificates, Storing Trust Points, Verifying Communication Protocols, Checking Certificate Status, Path Development and Processing, Application Configuration and Application Documentation. Integrated FIPS Compliance - The Forum Systems Appliance contains an integrated Hardware Security Module (HSM) that is FIPS 140-2 Level III validated. The HSM provides all sensitive cryptographic operations and hardware key storage for both SSL operations and WS-Security operations. Digital Signatures - Digital Signatures are digital codes that can be attached to an electronic transmission or document that uniquely identifies the sender. Forum Systems enables Digital Signatures that are essential to secure transmission of content over intranets or the Internet. Public Key Infrastructure (PKI) Enablement - PKI employs a two-step approach to protect the security of communications and business transactions on the Internet. A PKI enabled application must be able to support and work within a Public Key Infrastructure. Federal Enterprise Architecture (FEA) - The FEA is an initiative of the federal government whose framework is designed to improve communication flow and efficiency via integration of disparate systems. It will also enhance cost savings through reuse of technology and components. Transaction Archive - A Transaction Archive is a repository for recording the history of XML and non-xml transactions and storing them in an external database. Government agencies must continuously record and audit their mission-critical electronic business transactions to support regular security reviews of all programs and systems. By archiving XML transactions and other content, it is possible to analyze security breaches, maximize operational performance and maintain regulatory compliance. FORUM XWALL SOFTWARE DOWNLOAD Thank you for your interest in Forum XWall Web Services Firewall. To obtain your FREE TRIAL software please complete the request form located at: http://www.forumsys.com/software_download_oracle.htm 12

ABOUT FORUM SYSTEMS, INC. Forum Systems, Inc. is the leader in Web services security with a comprehensive suite of trust management and threat protection solutions for the automated web. Forum Systems hardware, software and embedded products actively protect Web services from the networks edge to the application server. Forum Systems products are winners of Network Computing Magazine s Editor s Choice Award for 2003, Network Magazine s Product of the Year 2003 Award, DEMO 2004 Innovation and finalist for Network Computing Magazine s 2003 and 2004 Well-Connected Awards. Products: Forum Sentry is a comprehensive Web Services Security Gateway that functions as a trusted intermediary for exchanging secure Web services between an enterprise and its business partners. Sentry enables enterprises to achieve a higher ROI through secure e-business process integration. Forum Presidio is a comprehensive secure content exchange platform that allows enterprises to immediately comply with Government privacy regulations using a low cost and easy to manage centralized solution. Presidio can be used as a legacy-to-xml security bridge for a smooth migration to XML Web Services. Forum XWall is the industry s first Web Services Firewall equipped with XML intrusion prevention capabilities to protect enterprises against a new breed of networked threats including XML viruses, data-level invasions and denial of Web service attacks. XWall ensures critical applications are appropriately accessible and continuously available by allowing network administrators to enforce perimeter policies that check the integrity of data and control access to exposed enterprise Web services. Forum FIA (Federal Information Assurance Gateway) actively guard s information as it moves between and within federal agencies for secure information sharing. Forum FIA meets 100% of the DoD s PKI interoperability testing including FIPS 140-2 Level III Validation. 2004 Forum Systems, Inc. All right reserved. 13

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback