Data Sheets
Solution Briefs
White Papers
Archived Webinars
Podcasts

Library

Data Sheets
Solution Briefs
White Papers
Archived Webinars
Podcasts

 

Download Instructions

To download resources, check the check box corresponding to each desired item, then click the [Download Selected Items] button at the bottom of the page. If you are a first-time registrant, then a registration form will appear. Complete the registration form to gain access to the requested resource(s). If you have registered before, then enter your email address to bypass the registration form.

Data Sheets

     
SecureSpan™ Overview - XML Appliances for SOA and Web 2.0
    Presents general, benefit, and architectural information about the SecureSpan™ family of products.
     
SecureSpan™ Mainframe SOA Gateway
   
     
SecureSpan™ XML Accelerator
   
     
SecureSpan™ XML Data Screen
   
     
SecureSpan™ XML Firewall and VPN
   
     
SecureSpan™ XML Networking Gateway
   
     
SecureSpan™ XML VPN Client
   
   
 

Solution Briefs

     
Federated Web Services Solution Brief
    Illustrates how the SecureSpan Gateway and SecureSpan Bridge manage the process of trust enablement and identity bridging between client applications and Web services without coding.
     
Identity Based XML Firewalling Solution Brief
    Describes how SecureSpan Gateway provides security for SOA, by providing architects a centralized integration and enforcement point for identity based SOA security operations like client authentication, service level authorization, message privacy and transaction integrity.
     
SOA Policy Governance Solution Brief
    Discusses a complete environment for defining, enforcing and validating runtime SOA Policy Governance by using SecureSpan Gateway and UDDI.
     
XML Intrusion and Threat Prevention Solution Brief
    Illustrates how the SecureSpan Gateway can perform hardware based XML inspection, validation and transformation based on policy parameters configured by an administrator. Is is the only XML Firewalling appliance to offer full threat protection across clustered devices.
   
 

White Papers

     
National Information Exchange Model
    Understand how Layer 7 Technologies’ Hardware Accelerated NIEM Enablement gateway facilitates integration and compliance with NIEM mandates of rapid information sharing across NIEM domains and NIEM based communities of interest..
     
ZAPTHINK ZAPNOTE™
    Layer 7 Technologies Solving Portal Challenges With Cross-Domain SOA Security
     
ZAPTHINK ZAPNOTE™
    Layer 7 Technoloiges Protecting SOA, Web Services, And Web 2.0 Applications
     
SOA Governance
    This Whitepaper examines the considerations involved in implementing a SOA governance framework at both design time and runtime and the role of runtime policy definition, enforcement and validation products from Layer 7 Technologies.
     
Application Oriented Networking & the SecureSpan XML Gateway
    Discusses XML firewalls and the multiple roles they can fulfill within the context of an Application Oriented Network. (AON).
     
Sarbanes-Oxley in SOA
    Discusses how your existing identity and access investment can be leveraged to achieve Sarbanes-Oxley compliance for your SOA application environment.
     
XML Threats and Web Services Vulnerabilities: Understanding Risk and Protection
    Discusses XML and Web services-specific threats and vulnerabilities. Outlines the functions of a complete prevention, protection, and screening solution.
     
Securing XML Web Services: XML Firewalls and XML VPNs
    Discusses XML and Web services-specific security challenges and presents the limitations of an SSL or sole XML Firewall solution. Outlines the attributes of an ideal Web services security solution.
     
Web Services and PKI: The How and Why
    Discusses the role that PKI plays in securing Web services and outlines how PKI can be effectively managed in a purely machine-to-machine environment.
     
Identity Federation in Web Services
    Discusses the identity federation problem in Web services, past and current solutions, and outlines the attributes of an ideal solution.
   
 

Archived Webinars

     
Joint Webinar with Layer 7 and Sun: Identity Driven SOA Governance - Best Practices - Webcast Featuring The Burton Group
    Digital Identity is at the heart of the modern business ecosystem. However, governing SOA interactions - particularly across a distributed or federated environment - creates complexity not found in typical user-machine exchanges. Separating policy creation and enforcement from service implementation can simplify SOA governance without compromising scalability, flexibility and auditability - accommodating even the most elaborate, heterogeneous IT landscapes. This Webinar will review best practices for building and operating a policy-centered, identity-driven SOA. What You Will Learn:
  • The connection between identity management and SOA governance
  • The importance of separating policy and entitlements from service implementation
  • The challenges of managing and validating identity in SOA interactions
  • Options for managing and enforcing identity-driven SOA policies
  • How to implement identity-based governance in real-world SOA
     
A Practical Guide to Policy Authoring for SOA Governance*
    This Webcast, presented by Layer 7 CTO and WS-Policy co-editor, Dr. Toufic Boubez, will cover how to declaratively *define SOA Policy for SOA Governance applications.* Consistent, standards based policy definition is the first step in implementing an SOA Governance framework. However, few tools exist for managing the policy authoring process and integrating it into the full policy lifecycle process including repository, approval workflow, enforcement, monitoring and change. Since successful policy definition lies at the heart of SOA security and SLA implementation it is essential in practice. In this Webcast you will learn:
  • why declarative Policy is critical for implementing "SOA Security, Quality of Service and Governance"
  • industry standards for "defining SOA Policy" in an interoperable way
  • "tools and IDEs" for authoring SOA Policy
  • "demonstration of policy authoring" in SOA
  • putting it all together: showing how policy authoring fits into a broader "SOA Policy Lifecycle Process"
     
Joint Webinar with Layer 7 and Parasoft: From Testing to Deployment-How to Build Secure, Reliable & Compliant Web 2.0 Applications
April 2007
    Web 2.0 and rich internet applications are becoming more pervasive both behind and across the enterprise firewall. But successfully deploying Web 2.0 introduces new challenges that are not addressed with traditional Web-based tools and methodologies. The dynamic and hybrid nature of Web 2.0 technologies like AJAX, RSS and XML requires a new way of approaching both testing and security. In this joint presentation, Parasoft and Layer 7 Technologies will compare and contrast traditional Web and Web 2.0 deployment models, discuss the implications on testing and securing these applications and outline pragmatic approaches for implementing effective testing and security strategies for Web 2.0 applications.
     
Extending SOA across Organizational Boundaries
February 2007
    To find out how you can meet the identity, security, and governance challenges of sharing and consuming services across organizational boundaries, join webMethods and Layer 7 for this groundbreaking webinar.

Realize the full promise of SOA by learning how to:

  • Expose service functionality safely and consistently across business silos
  • Deliver cross-boundary and multi-enterprise SOA securely within the parameters of a broader governance framework
  • Gain the quickest ROI and a strong position for funding additional SOA projects by going towards a multi-enterprise SOA model
  • Short-circuit traditional inter-departmental infighting and politics by inheriting significant negotiation and contract metadata from the pre-existing relationship between the organizations
  • Leverage project visibility to win support including visibility with partners, internal departments, the press and your boss.
  • Evangelize, promote, obtain funding for and succeed with SOA by going directly to the multi-enterprise endgame
     
Securing Web 2.0, What You Need to Know
January 2007
    Next generation Web 2.0 applications leveraging programmatic access to back-end applications, rich client interfaces and service oriented composability are transforming how the Web gets built and integrated. However, the new power and versatility afforded by Web 2.0 applications create new security, performance and governance issues stemming from the use of XML technologies like REST, RSS and AJAX. In this talk given by Layer 7 Chief Architect Scott Morrison you will learn about common challenges associated with securing and deploying Web 2.0 applications and the role of specialized XML Appliances in addressing these exigencies.
     
Using XML Appliances to Secure, Simplify, and Scale Service-Oriented Architectures (SOAs)
August 2006
    SOA is becoming the dominant framework for integrating applications together. However, implementing SOA using XML based Web services introduces complexity, security, performance and availability challenges. These can be remedied by implementing purpose-built XML Appliances for offloading complex XML operations from endpoint Web services and for centrally enforcing message and service level policy preferences. In this talk given by Layer 7 Technologies VP Architecture Scott Morrison, you will learn how XML Appliances are being implementing today in real-world SOA to help simplify, secure and scale Web services implementations.
     
Joint Webinar with Layer 7 and Systinet! "Managing and Enforcing SOA Security and Policies in Real-time"
July 2006
    Managing SOA security and policy in distributed, sometimes federated SOA environments is complicated. It requires a mechanism to unambiguously define service policy, centrally control policy change, manage the policy lifecycle, and flow policies in real-time to an enforcement layer that can consistently implement policies on both services and client applications. In this Webinar presented by Layer 7 Product Manager, Phil Walston and Systinet’s Director of Product Marketing Sean Kline, you will learn how the SecureSpan XML Gateway and VPN can be deployed alongside Systinet 2 to deliver real-time SOA policy governance from definition through to implementation in complex SOA environments.
     
Joint Webinar with Layer 7 and Safenet! "How SOA and Web Services Security Drive the Need for a Robust Signing and Key Management Infrastructure"
June 2006
    Join Layer 7 Technologies Senior Product Manager, Phil Walston and SafeNet’s Director of Business Development, Dave Madden as they discuss security in a Service Oriented Architecture (SOA), and how to achieve high assurance security for SOA implementations.
     
Real World SOA Governance with Layer 7 and Infravio
May 2006
    Join experts from Layer 7 Technologies and Infravio as they discuss how existing products, including XML gateways and registries, can be deployed in the field to address service-level security, governance and lifecycle management for SOA deployments.
     
Building Secure and Federated SOA with Oracle and Layer 7
April 2006
    SOA represents a new way to build and compose applications into business processes. Oracle's SOA platform provides a set of market leading products for integrating and orchestrating business services into business processes easily and reliably. In this Webcast you will learn how Layer 7's family of XML security products can be deployed alongside Oracle's SOA products to build secure and auitable business process both inside a company and across organizational boundaries.
     
Layer 7 and Parasoft Webcast on Running a Successful Security POC
February 2006
    Proof of Concepts (POCs) are often used to prove-in security in Web services implementations. But POCs or pilots often precede the deployment of working applications requiring the costly and lengthy development of test harnesses. In this webcast, Parasoft and Layer 7 staff will explain how to use their products to accelerate Web services POCs will still ensuring rigorous compliance to security requirements.
     
Accelerating Business Services Compliance and Security with a Closed-loop SOA Policy Management Infrastructure
November 2005
    Achieving compliance and governance at the business level in a SOA is is a critical success factor for your architecture and requires a means to define, manage and enforce policy. Policy is a driver of agility in a SOA because it supports a declarative, loosely coupled architecture. The Governance Interoperability Framework (GIF) provides the means to associate policies with services and subsequent flow for enforcement and feedback. Join executives from Layer 7 and Systinet as they present the critical components and use case scenarios for achieving a closed loop SOA policy management infrastructure.
     
Bridging the Web with Web Services
October 2005
    Portal initiatives are becoming key consumers of SOA technologies. By providing a single framework for delivering information and functionality consistently across Web and Web services, SOA promises significant IT benefits including flexibility and reuse. However, managing security, policy and transactional preferences consistently between the Web and Web services remains problematic. There are issues of credentialing, federation, session, compliance and so on. In this talk given by Layer 7 Senior Product Manager Phil Walson, he will examine some of these issues and their solutions using specific customer examples in the insurance and banking sector.
     
Policy Driven SOA
September 2005
    Architecting and implementing secure and flexible Service Oriented Architectures (SOA) requires an ability to mediate interactions between services based on a declarative and remediable policy language. Coding interaction policies between services results in brittle SOA infrastructures that can't accommodate changing security and business needs. In this talk given by Layer 7 CTO Dr. Toufic Boubez, you will hear how a Policy control infrastructure for SOA can be used to engineer loosely-coupled SOA architectures that can span security domains.
     
SLA for SOA
June 2005
    Service Oriented Architectures require software functionality to be available to trusted clients and intermediaries, on-demand. However implementing practical on-demand infrastructures requires an ability to define and enforce service level agreements (SLAs) so that service functionality or data can be predictably and contractually delivered to specific clients based on their identity or transaction context. In this Webinar given by Layer 7's Senior Product Manager, Phil Walston, you will learn about the various SLA policy considerations SOA architects need to contend with and how to implement solutions in real-world architectures.
     
Scaling XML In The Data Center
May 2005
    XML is becoming pervasive inside the enterprise. Driven by data and application integration needs, rising XML transaction volumes require new Data Center solutions that can address performance, scalability and security in a remotely manageable form factor. In this call Layer 7 Director of Architecture, Scott Morrison will look at Data Center considerations for XML and Web services and look at solution options combining best of breed XML Firewalls, ASICs and BladeCenter solution.
     
Understanding the Implication of Sarbanes-Oxley to SOA
April 2005
    In this talk given by Layer 7's Senior Product Manager Philip Walston, you will learn how your existing identity and access investment can be leveraged to achieve Sarbanes-Oxley compliance for your SOA application environment.
     
Layer 7 and IBM Tivoli: The Why and How of Federated Web Services
April 2005
    In this talk given by IBM Security Products Manager, Venkat Raghavan and Layer 7 Director of Architecture, Scott Morrison you will learn about the challenges for federating Web services and how SOAP/XML security solutions from Layer 7 Technologies and identity federation products from IBM Tivoli can be combined to realize federated portal, interdepartmental integration and B2B initiatives.
     
Protecting Against XML Threats and Web Services Vulnerabilities
March 2005
    In this talk given by Layer 7's Scott Morrison - Director of Architecture, you will learn about the kind of threats and vulnerabilities that can be introduced via XML messages, attachments and APIs. You will also learn how these same vulnerabilities can be mitigated leveraging purpose built XML and Web services security gateways. Host: Scott Morrison, Director, Architecture and Security.
     
Compliance and Policy Conformance in Web Services
February 2005
    Using real world examples from the financial services sector, Toufic Boubez, CTO of Layer 7 Technologies will describe how an organization can architect and implement a distributed, service-centric compliance and policy conformance solution. Host: Dr. Toufic Boubez, CTO.
     
The Role of identity in SOA and Web Services at Web Servcies on Wall Street
February 2005
    Venkat Raghavan, Security Products Manager, Tivoli & Scott Morrison, Director of Architecture, Layer 7 Technologies present.
     
Understanding XML and Web Services Performance
January 2005
    For enterprises migrating toward XML and Web services, performance and scalability are of central concern. This Webinar, given by Layer 7 Director of Architecture Scott Morrison, reviews the issues and solutions for scaling Web services. Host: Scott Morrison, Director, Architecture and Security.
     
WS-Interoperability BSP: What I Need to Know
November 2004
    K. Scott Morrison, Director of Architecture, Layer 7 and co-Editor of the WS-I Basic Security Profile (SP) talks to the use cases and best practices for implementing WS-I compliant Web services security. Host: Scott Morrison, Director, Architecture and Security.
     
SOA Governance
October 2004
    Download this presentation to learn more about SOA Governance from one of Web services' thought leaders, Dr. Toufic Boubez. Dr. Boubez discusses how XML and Web services are transforming how applications get integrated together. Managing interactions between distributed systems shared as Web services requires a new approach to security, it requires SOA Governance. Host: Dr. Toufic Boubez, CTO.
     
Identity Federation and Web Services
September 2004
    Discusses the challenges of bridging identity silos in Web services, why solutions used in the Web world will not work, and the important role automated trust relationships will play in identity federation for Web services. Host: Scott Morrison, Director, Architecture and Security.
     
PKI and Web Services: The How and Why
August 2004
    Discusses the role that PKI plays in securing Web services and outlines how PKI can be effectively managed in a purely machine-to-machine environment. Host: Dr. Toufic Boubez, CTO.
     
XML Security Considerations Inside the Firewall
July 2004
    Examines why new security measures need to be taken for XML Web Services residing entirely inside the firewall. Host: Scott Morrison, Director, Architecture and Security.
     
The Agile Enterprise: Moving from Application to Business Integration
June 2004
    Discusses business integration in the agile enterprise. Hosts: Dr. Toufic Boubez, CTO and Daryl C. Plummer, Gartner Vice President and Chief Gartner Fellow, Gartner Group.
   
 

Podcasts

     
Joint Webinar with Layer 7 and Sun: Identity Driven SOA Governance - Best Practices - Webcast Featuring The Burton Group
    Digital Identity is at the heart of the modern business ecosystem. However, governing SOA interactions - particularly across a distributed or federated environment - creates complexity not found in typical user-machine exchanges. Separating policy creation and enforcement from service implementation can simplify SOA governance without compromising scalability, flexibility and auditability - accommodating even the most elaborate, heterogeneous IT landscapes. This Webinar will review best practices for building and operating a policy-centered, identity-driven SOA. What You Will Learn:
  • The connection between identity management and SOA governance
  • The importance of separating policy and entitlements from service implementation
  • The challenges of managing and validating identity in SOA interactions
  • Options for managing and enforcing identity-driven SOA policies
  • How to implement identity-based governance in real-world SOA
     
A Practical Guide to Policy Authoring for SOA Governance*
    This Webcast, presented by Layer 7 CTO and WS-Policy co-editor, Dr. Toufic Boubez, will cover how to declaratively *define SOA Policy for SOA Governance applications.* Consistent, standards based policy definition is the first step in implementing an SOA Governance framework. However, few tools exist for managing the policy authoring process and integrating it into the full policy lifecycle process including repository, approval workflow, enforcement, monitoring and change. Since successful policy definition lies at the heart of SOA security and SLA implementation it is essential in practice. In this Webcast you will learn:
  • why declarative Policy is critical for implementing "SOA Security, Quality of Service and Governance"
  • industry standards for "defining SOA Policy" in an interoperable way
  • "tools and IDEs" for authoring SOA Policy
  • "demonstration of policy authoring" in SOA
  • putting it all together: showing how policy authoring fits into a broader "SOA Policy Lifecycle Process"
     
Policy-Driven SOA - the New Contract for Architecture
    The promise of SOA is in delivering flexible, loosely-coupled systems. In order to achieve this, contracts, requirement and capabilities need to be defined and automated through a declarative and manageable mechanism. This required level of abstraction for SOA sits at the Policy level. This talk will introduce the concept of Policy Driven SOA and discuss Policy and the WS-Policy specification as the new contract abstraction for SOA.
     
ZapForum Podcast: Understanding Identity & SOA
    Listen to this Podcast and you will:
  • Learn what identity is and how it fits into SOA
  • Understand the relationships between identity and governance and between identity and policy
  • Grasp the nature of federated identity, and the standards that support it
     
Joint Webinar with Layer 7 and Parasoft: From Testing to Deployment-How to Build Secure, Reliable & Compliant Web 2.0 Applications
    Web 2.0 and rich internet applications are becoming more pervasive both behind and across the enterprise firewall. But successfully deploying Web 2.0 introduces new challenges that are not addressed with traditional Web-based tools and methodologies. The dynamic and hybrid nature of Web 2.0 technologies like AJAX, RSS and XML requires a new way of approaching both testing and security. In this joint presentation, Parasoft and Layer 7 Technologies will compare and contrast traditional Web and Web 2.0 deployment models, discuss the implications on testing and securing these applications and outline pragmatic approaches for implementing effective testing and security strategies for Web 2.0 applications.
     
Joint webinar with Layer 7 and webMethods: Extending SOA across Organizational Boundaries
    To find out how you can meet the identity, security, and governance challenges of sharing and consuming services across organizational boundaries, join webMethods and Layer 7 for this groundbreaking webinar.
     
Securing Web 2.0, What You Need to Know
    Next generation Web 2.0 applications leveraging programmatic access to back-end applications, rich client interfaces and service oriented composability are transforming how the Web gets built and integrated. However, the new power and versatility afforded by Web 2.0 applications create new security, performance and governance issues stemming from the use of XML technologies like REST, RSS and AJAX. In this talk given by Layer 7 Chief Architect Scott Morrison you will learn about common challenges associated with securing and deploying Web 2.0 applications and the role of specialized XML Appliances in addressing these exigencies.
     
Joint Webinar with Layer 7 and Systinet: "Managing and Enforcing SOA Security and Policies in Real-time"
    Managing SOA security and policy in distributed, sometimes federated SOA environments is complicated. It requires a mechanism to unambiguously define service policy, centrally control policy change, manage the policy lifecycle, and flow policies in real-time to an enforcement layer that can consistently implement policies on both services and client applications. In this Webinar presented by Layer 7 Product Manager, Phil Walston and Systinet’s Director of Product Marketing Sean Kline, you will learn how the SecureSpan XML Gateway and VPN can be deployed alongside Systinet 2 to deliver real-time SOA policy governance from definition through to implementation in complex SOA environments.
     
PKI and Web Services: The How and Why
    Discusses the role that PKI plays in securing Web services and outlines how PKI can be effectively managed in a purely machine-to-machine environment. Host: Dr. Toufic Boubez, CTO.
     
Bridging the Web with Web Services
    Portal initiatives are becoming key consumers of SOA technologies. By providing a single framework for delivering information and functionality consistently across Web and Web services, SOA promises significant IT benefits including flexibility and reuse. However, managing security, policy and transactional preferences consistently between the Web and Web services remains problematic. There are issues of credentialing, federation, session, compliance and so on. In this talk given by Layer 7 Senior Product Manager Phil Walson, he will examine some of these issues and their solutions using specific customer examples in the insurance and banking sector.
     
Scaling XML In The Data Center
    XML is becoming pervasive inside the enterprise. Driven by data and application integration needs, rising XML transaction volumes require new Data Center solutions that can address performance, scalability and security in a remotely manageable form factor. In this call Layer 7 Director of Architecture, Scott Morrison will look at Data Center considerations for XML and Web services and look at solution options combining best of breed XML Firewalls, ASICs and BladeCenter solution.
     
Accelerating Business Services Compliance and Security with a Closed-loop SOA Policy Management Infrastructure
    Achieving compliance and governance at the business level in a SOA is is a critical success factor for your architecture and requires a means to define, manage and enforce policy. Policy is a driver of agility in a SOA because it supports a declarative, loosely coupled architecture. The Governance Interoperability Framework (GIF) provides the means to associate policies with services and subsequent flow for enforcement and feedback. Join executives from Layer 7 and Systinet as they present the critical components and use case scenarios for achieving a closed loop SOA policy management infrastructure.
     
XML Security Considerations Inside the Firewall
    Examines why new security measures need to be taken for XML Web Services residing entirely inside the firewall. Host: Scott Morrison, Director, Architecture and Security.
     
Identity Federation and Web Services
    Discusses the challenges of bridging identity silos in Web services, why solutions used in the Web world will not work, and the important role automated trust relationships will play in identity federation for Web services. Host: Scott Morrison, Director, Architecture and Security.
     
Policy Driven SOA
    Architecting and implementing secure and flexible Service Oriented Architectures (SOA) requires an ability to mediate interactions between services based on a declarative and remediable policy language. Coding interaction policies between services results in brittle SOA infrastructures that can't accommodate changing security and business needs. In this talk given by Layer 7 CTO Dr. Toufic Boubez, you will hear how a Policy control infrastructure for SOA can be used to engineer loosely-coupled SOA architectures that can span security domains.
     
SLA for SOA
    Service Oriented Architectures require software functionality to be available to trusted clients and intermediaries, on-demand. However implementing practical on-demand infrastructures requires an ability to define and enforce service level agreements (SLAs) so that service functionality or data can be predictably and contractually delivered to specific clients based on their identity or transaction context. In this Webinar given by Layer 7's Senior Product Manager, Phil Walston, you will learn about the various SLA policy considerations SOA architects need to contend with and how to implement solutions in real-world architectures.
   
 

 

 

 

 

 

  © 2007 Layer 7 Technologies Inc. All rights reserved.