Malicious, message-based XML, REST, AJAX and other Web 2.0 attacks cannot be thwarted by traditional means. Existing security measures like network firewalls can’t protect against message-borne threats since they lack the ability to inspect XML-based messages, validate XML structures or detect anomalous XML content. The SecureSpan XML Data Screen is specifically designed to protect XML, Web services and Web 2.0 applications from damage, downtime or improper information. Whether deployed in the enterprise or in the cloud, the Data Screen can cleanse XML data streams of threats, vulnerabilities and unauthorized content for all common XML message formats, including POX (Plain Old XML), SOAP, REST and AJAX. - Policy-based Protection – Minimize maintenance costs by enforcing common data screening requirements for all application services in policy instead of code.
- Secure Services According to Risk – Reduce overhead by screening all incoming data and processing, rejecting or passing through messages appropriately, according to the risk they present.
- Prevent XML Attack and Intrusion – Infrastructural protection against XML parsing, XDoS and OS attacks; application protection against XML content tampering and viruses in SOAP attachments.
Features/Functionality
| XML Threat Protection | | Filter XML content for SOA, Web 2.0 and Cloud | - Configurable validation & filtering of HTTP headers, parameters and form data
- Detection of classified or “dirty” words or arbitrary signatures with subsequent scrubbing, rejection or redaction of messages
- Support for XML, SOAP, POX, AJAX, REST and other XML-based services
| | Transactional Integrity Protection | - Protect against identity spoofing and session hijacking cluster-wide
- Assure integrity of communication end-to-end
| | Prevent XML attack and intrusion | - Protect against XML parsing; XDoS and OS attacks; SQL and malicious scripting language injection attacks; external entity attacks
- Protection against XML content tampering and viruses in SOAP attachments
| | Secure REST and AJAX | - Support for XML, SOAP, POX, AJAX, REST and other XML-based services
- Configurable scrubbing or rejection of AJAX or other messages with embedded scripts or privileged commands
| | Validate data structures | - Content detection within XML data structure or across entire message
| | Set traffic limits | - Allow/reject messages based on time of day, day of week and IP address
| | API Management | API Publication
| - Secure, manage, monitor and control access to APIs exposed to third parties
- API usage can be throttled to ensure backend services are not overwhelmed; limited by user, time of day, location, etc; and quota managed (i.e., # of uses per user per day)
| | API Metrics and Reporting | - Configurable, out-of-the-box reports provide insight into API performance: measure throughput, routing failures, utilization and availability rates, etc
- Failed authentications and/or policy violations can be tracked to identify patterns and potential threats
| | API Security | - Support for all major WS* and WS-I security protocols
- Support for all major authentication and authorization standards, including SAML, Kerberos, digital signatures, X.509 certificates, LDAP, XACML, etc
| | Enterprise-scale Management | | Operations Console | - A single, real time view of all Gateways across the enterprise and cloud showing audits, events and key metrics
| | Policy Migration | - Centrally move policies between environments (development, testing, staging, production, etc), settings (enterprise, cloud, etc) or geographies, automatically resolving discrepancies such as SSG licenses, IP addresses, IT resources (i.e., LDAPs may be named differently), etc
| | Services Reporting | - Configurable, out-of-the-box reports provide insight into SSG operations, service-level performance, and service user experience
| | Remote Patching | - Selectively update any software installed on Gateways, including system files and operating system
| | Disaster Recovery | - Centrally back up SSG config files and policies from one or more Gateways/clusters, and remotely restore, enabling full disaster recovery
| | Management API | - Remote management APIs allow customers to hook their existing, third-party management tools into the SSG, simplifying asset management
| | Supported Standards | | XML 1.0, SOAP 1.2, REST, AJAX, XPath 1.0, XSLT 1.0, WSDL 1.1, XML Schema, LDAP 3.0, SAML 1.1/2.0, PKCS #10, X.509 v3 Certificates, FIPS 140-2, Kerberos, W3C XML Signature 1.0, W3C XML Encryption 1.0, SSL/TLS 3.0/1.1, SNMP, SMTP, POP3, IMAP4, HTTP/HTTPS, JMS 1.0, MQ Series, Tibco EMS, FTP, WS-Security 1.1, WS-Trust 1.0, WS-Federation, WS-Addressing, WSSecureConversation, WS-MetadataExchange, WS-Policy, WS-SecurityPolicy, WS-PolicyAttachment, WS-SecureExchange, WSIL, WS-I, WS-I BSP, UDDI 3.0, XACML 2.0, MTOM | Share: | More | | 
or
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
Resources Datasheet:
XML Data Screen Download PDF | 196Kb Solution Brief:
XML Intrusion and Threat Prevention Download PDF | 208Kb ZAPNOTE:
Protecting SOA, Web Services, And Web 2.0 Apps Download PDF | 130Kb White Paper:
XML Threats and Web Services Vulnerabilities
Download PDF | 220Kb Webinar:
Securing Web 2.0, What You Need to Know Download PDF | View Webinar |
