DataPower SOA Appliances Simplify, Help Secure & Accelerate SOA

Slides:



Advertisements
Similar presentations
XML-Aware Networking DataPower Technology, Inc. One Alewife Center Cambridge, MA Rich Salz, Chief Security.
Advertisements

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
Web Services Security Enterprise Architect Summit – 2004 Mark O’Neill CEO.
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
Secure Sockets Layer eXtended (SSLX) Next Generation Internet Security Overview Presentation April 2011.
Security that is... Ergonomic, Economical and Efficient! In every way! Stonesoft SSL VPN SSL VPN.
A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Introduction to ISA 2004 Dana Epp Microsoft Security MVP.
Barracuda Web Application Firewall
Federal Student Aid Technical Architecture Initiatives Sandy England
SOA with Progress Philipp Walther Consultant. © 2007 Progress Software Corporation2 Agenda  SOA  Enterprise Service Bus (ESB)  The Progress SOA Portfolio.
Unified Logs and Reporting for Hybrid Centralized Management
Citrix Partner Update The Citrix Delivery Centre.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Automated Policy Enforcement Adam Vincent, Layer 7 Federal Technical Director
MIGRATION FROM SCREENOS TO JUNOS based firewall
® IBM Software Group © IBM Corporation IBM Information Server Service Oriented Architecture WebSphere Information Services Director (WISD)
Barracuda Networks Steve Scheidegger Commercial Account Manager
© 2006 IBM Corporation SOA on your terms and our expertise Software Overview IBM WebSphere Message Broker Extender for TIBCO RV.
BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.
Terminal Services in Windows Server ® 2008 Infrastructure Planning and Design.
©2003–2008 Check Point Software Technologies Ltd. All rights reserved. CheckPoint new security architecture and R70 highlights.
Barracuda Load Balancer Server Availability and Scalability.
Intranet, Extranet, Firewall. Intranet and Extranet.
Ganesh Kirti Roger Sullivan Oracle Corporation “This presentation is for informational purposes only and may not be incorporated into a contract or agreement.”
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
The Citrix Delivery Center. 2 © 2008 Citrix Systems, Inc. — All rights reserved Every Day, IT Gets More Complex EMPLOYEES PARTNERS CUSTOMERS.
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
© 2009 IBM Corporation Integrating WSRR and DataPower Andrew White – Software Developer 18 March 2010.
Registration Processing for the Wireless Internet Ian Gordon Director, Market Development Entrust Technologies.
Module 7: Fundamentals of Administering Windows Server 2008.
International Telecommunication Union Geneva, 9(pm)-10 February 2009 ITU-T Security Standardization on Mobile Web Services Lee, Jae Seung Special Fellow,
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Confidential. For Channel Partners only. Do not distribute. C
IBM CEEMEA SOA SWAT team © 2007 IBM Corporation Johannesburg, Aug. 21, 2008 Service Connectivity - Enterprise Service Bus Julius PETER SOA Sales Executive,
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.
WebLogic Server 7.0 New Features Alexander Berry, Jr. WLS Sr. Systems Engineer.
® IBM Software Group © 2005 IBM Corporation IBM and DataPower Extending the SOA Foundation with simplicity, superior performance, hardened security November.
Windows Role-Based Access Control Longhorn Update
Actualog Social PIM Helps Companies to Manage and Share Product Information Using Secure, Scalable Ease of Microsoft Azure MICROSOFT AZURE ISV PROFILE:
Securely Synchronize and Share Enterprise Files across Desktops, Web, and Mobile with EasiShare on the Powerful Microsoft Azure Cloud Platform MICROSOFT.
Deconstructing API Security
Security fundamentals Topic 10 Securing the network perimeter.
Security Patterns for Web Services 02/03/05 Nelly A. Delessy.
Workforce Scheduling Release 5.0 for Windows Implementation Overview OWS Development Team.
Lesson 2a © 2005 Cisco Systems, Inc. All rights reserved. SNPA v4.0—2-1 Firewall Technologies and the Cisco Security Appliance.
Overview of SOA and the role of ESB/OSB
Introduction to Avaya’s SDN Architecture February 2015.
Improve the Performance, Scalability, and Reliability of Applications in the Cloud with jetNEXUS Load Balancer for Microsoft Azure MICROSOFT AZURE ISV.
© 2011 IBM Corporation ® Managing Decision services in WebSphere Message Broker using WebSphere ILOG JRules. Amar Shah Mallanagouda Patil December 2011.
Security fundamentals
Univa Grid Engine Makes Work Management Automatic and Efficient, Accelerates Deployment of Cloud Services with Power of Microsoft Azure MICROSOFT AZURE.
DocFusion 365 Intelligent Template Designer and Document Generation Engine on Azure Enables Your Team to Increase Productivity MICROSOFT AZURE APP BUILDER.
CIM Modeling for E&U - (Short Version)
Securing the Network Perimeter with ISA 2004
Wonderware Online Cost-Effective SaaS Solution Powered by the Microsoft Azure Cloud Platform Delivers Industrial Insights to Users and OEMs MICROSOFT AZURE.
Auth0 Is Identity Made Simple for Developers, Built by Developers and Supported by the High Availability and Performance of Microsoft Azure MICROSOFT AZURE.
IS4680 Security Auditing for Compliance
Unitrends Enterprise Backup Solution Offers Backup and Recovery of Data in the Microsoft Azure Cloud for Better Protection of Virtual and Physical Systems.
Dell Data Protection | Rapid Recovery: Simple, Quick, Configurable, and Affordable Cloud-Based Backup, Retention, and Archiving Powered by Microsoft Azure.
Media365 Portal by Ctrl365 is Powered by Azure and Enables Easy and Seamless Dissemination of Video for Enhanced B2C and B2B Communication MICROSOFT AZURE.
Single Cell’s Progenitor Powered by Microsoft Azure Improves Organisational Efficiency with Strategic Procurement, Contract Management, and Analytics MICROSOFT.
Presentation transcript:

DataPower SOA Appliances Simplify, Help Secure & Accelerate SOA Raleigh Chilton DataPower Account Manager

Agenda Context: IBM’s Business Centric SOA WebSphere DataPower SOA Appliance Overview SOA Appliance Deployment Summary Why an Appliance for SOA IBM WebSphere DataPower SOA Appliance Portfolio XML Accelerator XA35 XML Security Gateway XS40 Integration Appliance XI50 Easy Configuration SOA Appliance Operations Summary

Business Centric SOA Starts with Your Most Critical Business Pain and Enables You to Build for Flexibility Enable human and process interaction with consistent levels of service Deliver trusted information in business context to enable innovation Achieve greater efficiency and effectiveness with business model innovation

And SOA Lifecycle Is The Key to Successful Projects Gather requirements Model & Simulate Design Discover Construct & Test Compose Sharing and reuse of services Establish decision rights Policies, measurement and control for SOA oversight Integrate people Integrate processes Integrate information Manage IT resources Manage services Monitor business metrics

SOA Entry Points Help Customers Get Started Both Business Centric and IT Focused 1 2 3 Reuse Connectivity 5 4

IBM’s acquisition of DataPower Software Skills & Support An SOA Appliance… Simplifies SOA with specialized devices Accelerates SOA with faster XML throughput Helps secure SOA XML implementations Creating customer value through extreme SOA performance and security Where does IBM’s recent acquisition of DataPower fit into the ESB story? First, let’s review the DataPower acquisition announcement positioning, which is a continuation of IBM’s commitment to SOA and simplicity. Moving forward, we will be addressing customer needs with innovative choices to make their SOA adoptions simpler and more cost effective using the Appliance concept. We are today addressing the XML message throughput and security needs – bringing SOA implementations closer to the core of enterprise deployments. SOA appliances redefine the boundaries of middleware by embedding message processing directly into network hardware – enables otherwise unachievable performance. This speed allows complex heavy use problems to be broken down and approached differently. The devices run as a proxy, providing integration features without core CPU impact or application modification. Hardened security is embedded in the devices. To sum up, the IBM DataPower SOA appliances Simplify, Accelerate and Help protect SOA. Today, there are– three DataPower embedded devices -- XA35, XS40, XI50 (xi50). XA35 provides XML acceleration XS40 can be thought of as a superset of XA35 and also provides security features such as firewall and encryption Xi (es-eye) 50 can be viewed a superset of XA35 and XS40 and also provides transformation (including non-XML formats), routing, and protocol interoperation. WebSphere DataPower SOA Appliances redefine the boundaries of middleware extending the SOA Foundation with specialized, consumable, dedicated SOA appliances that combine superior performance and hardened security for SOA implementations.

DataPower Pre-IBM Overview Extensive Experience in XML Processing Optimization Seven Years in a Six Year Old Field Advantages: First to Market, Great Team, Deep Standards Involvement, Invented and Owns Core XML Technology, Comprehensive product portfolio DGXT Optimal Software Interpreter XG3 Optimized Hardware Acceleration XS40 First Wirespeed XML Security Gateway Unprecedented Growth New IBM Hardware XG4 Available XI50 Integration Appliance Vertical Solutions 1999 2000 2001 2002 2003 2004 2005 2006 FEB APR JUN AUG OCT DEC XSLJIT Optimized Software Compiler XA35 World’s First XML Accelerator XG4 Gigabit/Sec OEM HW Solution Acquired by IBM Global Expansion 3.5.1 IT CAM for SOA 3rd Party JMS WSDL Compiler, NFS 3.6 Post-Acquisition Innovation Continues 150% Staff increase / Core DataPower Leadership team Intact / Global reach and expansion New improved hardware platform –IBM hardware combined with DataPower technology innovations New capabilities – WS-*, 3rd party JMS, NFS, XG4, WSDL compiler, XACML, more… Continued IBM Technology Integration – ITCAM for SOA, WebSphere JMS, WebSphere XD,etc

IBM SOA Appliance Deployment Summary XML XSL Internet XA35 Client or Server XS40 Tivoli Access Manager ------------ Federated Identity Manager  HTTP XML REQ HTTP XML RESPONSE  Web Services Client  LEGACY REQ LEGACY RESP  REPLY Q XI50 IP Firewall Web Tier Security Integration & Management Tiers Application Server Application Server Web Server ITCAM for SOA XML HTML WML

Deployment Scenarios federated extranet Internet intranet legacy enterprise application Demilitarized Zone Demilitarized Zone internal user Internet user XI50 5. Legacy transformation XS40 Packet Filter Packet Filter Packet Filter Packet Filter 3. Internal security SOA platform XS40 XS40 Internet SOAP enabled enterprise application XI50 1. Helps protect against incoming attacks; Incoming access control 4. Web services management 2. Outgoing access control, SAML injection, role mappings

Why an Appliance for SOA Hardened, specialized hardware for helping to integrate, secure & accelerate SOA Many functions integrated into a single device Higher levels of security assurance certifications require hardware Example: government FIPS Level 3 HSM, Common Criteria Higher performance with hardware acceleration Impact: ability to perform more security checks without slow downs Addresses the divergent needs of different groups Example: enterprise architects, network operations, security operations, identity management, web services developers Simplified deployment and ongoing management Impact: Reduces need for in-house SOA skills & accelerates time to SOA benefits

SOA Appliances Centralize and Simplify Key Functions Route, transform, and help secure multiple applications without code changes Lower cost and complexity Enable new business with unmatched performance Before SOA Appliances After SOA Appliances Access control update Change purchase order schema Transformation New XML standard Routing Security Processing Update application servers individually Secure, route, transform all applications instantly No changes to applications

IBM SOA Appliance Product Line XML Accelerator XA35 Offload XML processing No more hand-optimizing XML Integration Appliance XI50 “Any-to-Any” Conversion at Wirespeed Groundbreaking DOP architecture Integrated message-level security XML Security Gateway XS40 Enhanced Security Capabilities Agility – helps future-proof Easy Deployment

Centralized XSLT Management Offload XML Processing XML Accelerator XA35 Centralized XSLT Management Offload XML Processing Wirespeed XML/XSLT/XPath processing – Accelerates XML processing, increasing throughput and decreasing latency for XML-based applications by offloading transformation and other resource-intensive functions Schema Validation - Performs XML Schema validation to ensure incoming/outgoing XML documents are legitimate and properly structured XML Compression, XML Caching – Reduces impact of increased XML traffic Innovative XML Processing Capabilities -- XML Pipeline processing, deployable in Proxy or co-processor mode, dynamic content generation, data and forms processing, support for popular XSLT extensions SSL Termination/Acceleration – Accelerates SSL with industry-leading hardware further lessening server workload Easy Configuration & Administration - Support CLI and WebGUI as well as fully integrated with industry standard IDEs such as Altova XML Spy and Eclipse allowing developers to design, debug and deploy against one single XML and XSLT processor, saving valuable cycles in the progression from pilot to production

XML Security Gateway XS40 Easy to Use Appliance Purpose-Built for SOA Security XML/SOAP Firewall - Filter on any content, metadata or network variables Data Validation - Approve incoming/outgoing XML and SOAP at wirespeed Field Level Security- WS-Security, encrypt & sign individual fields, non-repudiation XML Web Services Access Control/AAA - SAML, LDAP, RADIUS, etc. MultiStep - Sophisticated multi-stage pipeline Web Services Management - Service Level Management, Service Virtualization, Policy Management Transport Layer Flexibility - HTTP, HTTPS, SSL Easy Configuration & Management - WebGUI, CLI, IDE and Eclipse Configuration to address broad organizational needs (Architects, Developers, Network Operations, Security)

XML Integration Appliance XI50 Middleware Appliance Purpose-Built for Application Integration DataGlue “Any-to-Any” Transformation Engine Content-based Message Routing Message Enrichment Protocol Bridging (HTTP, MQ, JMS, FTP, etc) Request-response and sync-async matching XML/SOAP Firewall - Filter on any content, metadata or network variables Data Validation - Approve incoming/outgoing XML and SOAP at wirespeed Field Level Security- WS-Security, encrypt & sign individual fields, non-repudiation XML Web Services Access Control/AAA - SAML, LDAP, RADIUS, etc. MultiStep - Sophisticated multi-stage pipeline Web Services Management – Centralized Service Level Management, Service Virtualization, Policy Management Easy Configuration & Management - WebGUI, CLI, IDE and Eclipse Configuration to address broad organizational needs (Architects, Developers, Network Operations, Security)

Content-based Routing Features Route based on IP information SSL parameters HTTP headers XPath against any data content e.g., XML/SOAP envelope Load balancing Round-robin Least requests SLA/Traffic shaping Throttle requests Routing Policy Supports arbitrary xslt; have functions like dp:set-target('...url...")and call it within the transform. Xpath works against any protocol or part thereof e.g., – HTTP headers, SSL client certs -- SOAP env, copybook IBM SOA Appliance Unclassified Requests Service Providers

AAA Framework Diagram Authenticate, Authorize, Audit Enforcement

Web Services Management: Service Level Management Configure and install in minutes Hierarchical Service Level at WSDL, service, port, operation level Flexible actions when reaching a threshold: notify/alert, shape, throttle Threshold for both overall requests and failures Graphical display

Award-Winning WebGUI: Ease of Use WSDL-based policy creation Hierarchical policies applied at WSDL, service, port, operation level Drag & drop policy creation screen allows flexible chaining of operations Configure and install in minutes Ease of Use Example – Graphical User Interface providing drag and drop services, in order desired, for XML filtering, signing, verification, schema validation, encryption, decryption, transformation, routing, access control, service level monitoring, and advanced operations

Simple Appliance Configuration for Complex Functionality Fits into your existing environment Address broad organizational needs (Architects, Developers, Network Operations, Security) Complete Configuration from GUI or CLI interface IT CAM SE – Multi-box management IDE integration/Eclipse plug-in XPath / XML config files SNMP SOAP management interface

SOA Appliances Operations Logging Role-based Management Managing configs & policy – Deploying, backing up, Diff/Undo, App domains: many virtual devices Separate, locked audit log Troubleshooting aids Security – Device security, Key and Certificate management, HSM option, Security Audit, Single Image Firmware Upgrade

Integration Across IBM XI50 Ships with WebSphere MQ Support Auto-configure XML firewall by importing WebSphere service descriptors Tivoli Ready Fine-grained access control with Tivoli Access Manager (TAM) - Certified Tivoli Federated Identity Manager (FIM) Certified (SAML, WS-Trust) - Certified Monitoring of XML traffic flows with NetView End-to-end SOA Management with IT CAM for SOA IBM Autonomic integration - Certified WSAD/Eclipse integration Rich console allows creation and monitoring of policies from within IDE Futures Integrated SOA tooling across the portfolio Continued investment in 3rd party (competitive middleware) integration & interop

Summary – IBM SOA Appliances Hardened, specialized product for helping integrate, secure & accelerate SOA Many functions integrated into a single device Broad integration with both non-IBM and IBM software Higher levels of security assurance certifications require hardware Higher performance with hardware acceleration Simplified deployment and ongoing management http://www.ibm.com/software/integration/datapower/ SOA Appliances: Creating customer value through extreme SOA performance and security Simplifies SOA with specialized devices Accelerates SOA with faster XML throughput Helps secure SOA XML implementations

Thank You

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.