Technical detail
IBM® WebSphere® DataPower XML Security Gateway XS40 is a 1U (1.75" thick) rack-mountable network device that:
Simplifies, accelerates, and helps secure Service Oriented Architecture (SOA).
Is powered by XML processing technology and built from the ground up with security in mind to be a security-enforcement point for XML and Web services transactions.
Helps provide comprehensive XML security and the wirespeed performance needed for real-world applications.
Provides more than just an XML firewall: An XML proxy with carrier-grade features that can parse, filter, validate schema, decrypt, verify signatures, access-control, transform, sign, and encrypt XML message flows.
Provides a security-enforcement point for XML and Web services transactions, including encryption, firewall filtering, digital signatures, schema validation, WS-Security, WS-Policy, XML access control, and XPath.
Offers robust service level management, policy management, and Web services management support, as well as detailed logging and auditing.
Helps enable high-performance XML Web services security. Because XS40 policies are entirely XML-based, enterprises have fine-grained control of security without being locked into a proprietary framework. This inherent agility ensures that the XS40 easily adapts to changing standards, policies, and partners for any number of applications.
Provides an innovative AAA framework that offers a broad variety of methods for extracting user passwords, security tokens, and other identity information from incoming requests.
Incorporates authentication and authorization steps that are fully modular and can be based on either on-board or off-board repositories.
Features a AAA framework that is fully extensible, allowing XS40 customers to integrate proprietary, in-house Single Sign On (SSO) systems with their Web services security architecture.
Features an award-winning Web GUI and intuitive interfaces, making it easy to implement sophisticated access control policies and security architecture.
Delivers advanced Web services access control without complex configuration or custom code, prompting Network Computing to write, "Configuration via the Web-based administration console was simple in other respects, and included a drag-and-drop method of populating the pipeline with filters and transforms to manipulate incoming and outgoing messages."
Offers comprehensive Web services standard (WS-*) support, including full support for Security Assertion Markup Language (SAML), the standards-based solution for federated identity management and Web services access control.
Allows the security context, the credentials, and the subsequent audit information to be bound to the transaction request.
Consumes SAML assertions, produces SAML assertions, and makes SAML queries to SAML servers.
Was the first Web services security appliance to successfully participate in both the SAML Interoperability Lab at the 2004 RSA Conference and SAML 2.0 Interoperability Lab at the 2005 RSA Conference.
Includes the wirespeed XML parsing, XML Schema validation, XPath routing, Extensible Stylesheet Language Transformations (XSLT), XML compression, and other essential XML processing of WebSphere DataPower XML Accelerator XA35.
