IBM DataPower XS40 Security Gateway Appliance
The appliance that delivers full security for XML Web Services at the speed of the network.
The IBM DataPower XS40 network device handles message filtering, encryption and digital signatures (XML, web services, SOA).
The IBM WebSphere DataPower XML Security Gateway XS40 is a specialized network device that ensures complete security for XML web services. In contrast to distributed software solutions, it provides protection with no deterioration in performance, It offers all the features of the XA35, combined with total security for XML flows and web services. The XS40's unrivalled performance and advanced functions centralize XML security, allowing important information to be shared quickly and efficiently.
Most companies are showing great enthusiasm for the huge potential offered by XML web services. With the right security, XML technologies can open up whole new horizons for companies in terms of development opportunities. Teams charged with security have more reservations, and with good reason: XML passes through existing protocols and access paths without being detected, bringing new threats in terms of security, reliability and performance. A completely different approach is required to support these new business processes without reinventing security infrastructures.
Complete XML Security
The XML Security Gateway XS40 offers a complete range of security services. This specialist device has been designed to meet the specific requirements of XML processing, with filtering, encryption, digital signatures and data validation at message level (for XML SOAP or raw XML) or at the level of the XML field. The XS40 meets the needs of IT operating teams and business application managers with a simple graphic interface where rapid and secure deployment, definition of complex rules via an advanced interface and support for industry standards are required.
Uncompromised performance
The Security Gateway XS40 eliminates the trade-off between performance and security. Fitted with DataPower's proven XG3 (XML Generation Three) technology, the XS40 is the only device capable of carrying out wirespeed XML parsing, filtering, validation, encryption and conversion â no other network device on the market can match this performance. Its powerful processing is economized to meet increasing security requirements.
Flexibility with regard to standards
Since the processing engine in the XS40 was designed from the very start to process XML, the security functions are not hard-coded. The XS40's ability to dynamically incorporate new schemas allows companies to easily adapt to changes in industry standards, their own internal security rules, partners' specifications and customer requirements. Enterprises can use it to implement all current XML web service security standards and easily incorporate new standards as and when they appear.
Integration of infrastructures
Taking account of the existing security infrastructure, the XS40 cooperates transparently with security components, firewalls and load balancing applications. Compatible with single sign-on systems, public key infrastructures (PKIs) and enterprise management tools, it can easily be integrated into your current operation while ensuring protection for next-generation applications.
Characteristics |
Functionalities |
Benefits |
| Service virtualization |
Hides background resources in order to conceal internal structures, similar to a NAT (Network Address Translation) but for XAN (XML Aware Network)
|
Ensures easier access to applications without creating any vulnerabilities or version conflicts
|
| XML/SOAP firewall |
The XML firewall offers wirespeed filtering based on the content and size of the data used or other metadata
|
Ensures easier usage, with intelligent protection for XML vulnerabilities without adding code or compromising performance
|
| Field-level XML security |
XML encryption and digital signature at message or element level inter-operated with WS-Security |
Information sharing either selectively or according to legislation, even in the case of multi-party transactions and a semi-confidential environment
|
| Controlled access to web services |
Controlled access to web services
|
Security; complete XML without any code change. Centralized access control and improved security
|
| Data validation |
XML schemas offer wirespeed validation of XML documents and protection against XDoS attacks (XML denial of service)
|
Enhances availability and performance while ensuring that valid requests can access critical application servers
|
| XML routing, SOAP routing |
Routing based on content, network parameters or other metadata |
Based on separating problems to reduce complexity; improves performance and availability through more efficient usage
|
| 
Contact
