Header Image

XML Gateway For VMware

XML Gateway for VMware

1st Certified XML Gateway for VMware

The SecureSpan XML Virtual Appliance for VMware enables organizations to rapidly deploy an XML Gateway in development, test, production and cloud environments, reducing SOA development, test and implementation costs, while improving architectural flexibility. The SecureSpan Virtual Appliance offers all the features/functionality of Layer 7’s family of XML hardware appliances at a fraction of the cost, including sophisticated runtime governance, enterprise-scale management and industry-leading XML security. Like all of Layer 7’s hardware gateways, the SecureSpan Virtual Appliance can be managed through the SecureSpan Policy Manager, Management API and Enterprise Service Manager.

 

For organizations that require visibility, trust and control over cloud-based services, the SecureSpan Virtual Appliance can be deployed on many of the industry’s most popular cloud platforms to secure, monitor and manage service interactions inside a cloud and between private / public clouds. In this way, organizations can seamlessly reuse their existing, on-premise SOA governance solution for their cloud-based initiatives.

 

XML Virtual Appliance - Layer 7 Technologies

 

The SecureSpan XML Virtual Appliance is the only VMware Ready Certified XML Gateway currently on the market.

Avoid Vendor Lock-in – Implement policies that manage requests to virtualized application services in order to provide load balancing and failover between private and/or public clouds.

Implement Cloud Governance – Control, monitor and adapt private/public/hybrid cloud-based application services, to ensure security, compliance, and quality of service.

Reduce Deployment Complexity – Once deployed in multi-tenant or virtualized environments, additional instances of the soft appliance can be replicated for handling traffic spikes or evolving transaction volumes.

Virtualized XML Gateway for VM
  • Available as 32 and 64-bit VMware/ESX-based appliances (VMware Ready certified)
  • The SecureSpan Virtual Appliance is packaged with the virtual disk converted and ready for use on VMware/ESX
  • Supports VMware Server and VMware Infrastructure
  • XML
  • SOAP
  • AJAX
  • XPath
  • XSLT
  • WSDL
  • XML Schema
  • LDAP
  • SAML
  • PKCS
  • X.509 Certificates
  • FIPS 140
  • Kerberos
  • W3C XML Signature
  • W3C XML Encryption
  • SSL/TLS
  • SNMP
  • SMTP
  • POP3
  • IMAP4
  • HTTP/HTTPS
  • IPv6
  • WCF
  • PCI-DSS
  • JSON
  • JMS
  • MQ Series
  • REST
  • Tibco EMS
  • FTP
  • OAuth
  • WS-Security
  • WS-Trust
  • WS-Federation
  • WS-Addressing
  • WSSecureConversation
  • WS-MetadataExchange
  • WS-Policy
  • WS-SecurityPolicy
  • WS-PolicyAttachment
  • WS-SecureExchange
  • WSIL
  • WS-I
  • WS-I BSP
  • UDDI
  • WSRR
  • XACML
  • MTOM

 

Cloud Governance
Virtualized gateway
  • VMware and ESX support facilitate deployment to both private & public clouds
Cloud monitoring
  • Configurable reports provide insight into cloud-based service performance health, and metrics (i.e., throughput, routing failures, utilization & availability)
Cloud security
  • Manage access from cloud-based application services to enterprise-based assets with industry-leading access control, alarms/audits, & secure routing capabilities
Cloud vendor SLA enforcement
  • Measure and track cloud service provider performance to ensure they are meeting uptime and other contractual obligations
SOA Governance
Runtime enforcement of governance policies
  • Enforce policies around security, compliance, reliability, SLAs, quality of services, and others in order to control, monitor and manage application services
Centralized SLA enforcement/Quality of Service
  • Throttling/rate limiting controls provide the ability to support service over subscription with per-service throttling of excess messages
  • Service availability features include support for strict failover between public and private cloud providers, round robin, best effort and latency-based routing
Cloud Security
Identity-based access to services and operations
  • Integration with leading identity, access, SSO and federation systems
  • Onboard identity store for administering identities and staging new services
Manage security for cross-domain and B2B relationships
  • Credential chaining, credential remapping and support for federated identity
  • Integrated STS/SAML issuer supports SAML 1.1/2.0
  • Integrated PKI CA for automated deployment and management of client-side certificates and RA ability for external CA’s including Verisign
XML Threat Protection
Filter XML content for Web 2.0 and SOA
  • Configurable validation & filtering of HTTP headers, parameters and form data
  • Detection of classified or “dirty” words or arbitrary signatures with subsequent scrubbing, rejection or redaction of messages
  • Support for XML, SOAP, POX, AJAX, REST and other XML-based services
Prevent XML attack and intrusion
  • Protect against XML parsing; XDoS and OS attacks; SQL and malicious scripting language injection attacks
  • Protection against XML content tampering and viruses in SOAP attachments
API Management
API Publication
  • Secure, manage, monitor and control access to APIs exposed to third parties
  • API usage can be throttled to ensure backend services are not overwhelmed; limited by user, time of day, location, etc; and quota managed (i.e., # of uses per user per day)
API Metrics and Reporting
  • Configurable, out-of-the-box reports provide insight into API performance: measure throughput, routing failures, utilization and availability rates, etc
  • Failed authentications and/or policy violations can be tracked to identify patterns and potential threats
API Security
  • Support for all major WS* and WS-I security protocols
  • Support for all major authentication and authorization standards, including SAML, Kerberos, digital signatures, X.509 certificates, LDAP, XACML, etc 
Enterprise-scale Management
Operations Console
  • A single, real time view of all Gateways across the enterprise and cloud showing audits, events and key metrics
Policy Migration
  • Centrally move policies between environments (development, testing, staging, production, etc), settings (enterprise, cloud, etc) or geographies, automatically resolving discrepancies such as SSG licenses, IP addresses, IT resources (i.e., LDAPs may be named differently), etc
Services Reporting
  • Configurable, out-of-the-box reports provide insight into SSG operations, service-level performance, and service user experience
Remote Patching
  • Selectively update any software installed on Gateways, including system files and operating system
Disaster Recovery
  • Centrally back up SSG config files and policies from one or more Gateways/clusters, and remotely restore, enabling full disaster recovery
Management API
  • Remote management APIs allow customers to hook their existing, third-party management tools into the SSG, simplifying asset management