New software features from XML (Extensible Markup Language) network hardware maker DataPower Technology allow customers using its XS40 XML Security Gateway to create virtual XML gateways on a single device and make it easier to set up Web-service security policies, the company said.
DataPower released firmware version 3.1 for the XS40 on Monday. The new software will make it easier for companies to manage more than one Web-service deployment from a single XS40 gateway, said Eugene Kuznetsov, chairman and chief technology officer (CTO) at DataPower.
DataPower's products are designed to process network-traffic information rendered using XML, a standard used to display, transmit and interpret data that is passed to and from Web pages. The Cambridge, Massachusetts, company's XS40 gateway appliance is designed to filter and validate XML traffic, spotting potential attacks hidden in the XML traffic, encrypting and decrypting XML messages or data elements and validating XML documents.
The new device virtualisation feature allows administrators to create many, virtual XS40s to protect Web services deployments on a single corporate intranet or extranet. For example, different business units in a large bank that each had Web services deployed could share a single xs40 device, Kuznetsov said. Each virtual XS40 can have its own security polices and rules, as well as access policies, he said.
The company added the virtualisation feature at the request of customers, who need to be able to make a change to an XML gateway configuration for one Web-service deployment, without it affecting those of other deployments, he said.
The virtualisation features build on capabilities in the DataPower XG3 engine and make it possible to use a single device to protect one or more production Web services, and to continue testing in trial deployments. Changes to any virtual XS40 do not affect other virtual XS40 configurations, Kuznestsov said.
The automatic policy generation feature simplifies configuration of security policies for Web services, which can be complicated. The feature introduces Microsoft Windows-style "wizards" that step the user through complicated tasks such as access-control policy configuration, Web Services Security (WS-Security)-standard encryption and signing, and importing Web Services Description Language (WSDL) definitions, DataPower said.
Other features of the new software include support for the Kerberos secure authentication standard and for Online Certificate Status Protocol (OCSP), which allows administrators to monitor and manage network-device security. The new software also improves logging and reporting features on the XS40, DataPower said.
The DataPower XS40 appliance sells for US$65,000. Version 3.1 for the XS40 is available immediately and at no additional cost for customers with current maintenance and support agreements, Kuznetsov said.