Traditional firewalls only protect traffic at the IP level. Web services effectively tunnel through
the IP firewall layer via standard HTTP or HTTPS and expose the organization’s applications
to completely new threats. We must ensure that only valid requests for valid services from
genuine clients penetrate the enterprise boundary. That is, an XML firewall is needed.
DataPower will give the threat protection and security using below points.
the IP firewall layer via standard HTTP or HTTPS and expose the organization’s applications
to completely new threats. We must ensure that only valid requests for valid services from
genuine clients penetrate the enterprise boundary. That is, an XML firewall is needed.
DataPower will give the threat protection and security using below points.
- To truly harden a system by using Web services, several important security steps (recommended by Gartner and others) are required.
- Systems hosting Web services, particularly public Internet-facing services, should
- consider the case for hardened gateway devices to act as XML firewalls to protect systems from XML threats.
- XML/SOAP firewall, filtering based on message content, headers, or other network variables.
- Incoming/outgoing data validation
- Data schema validation (XML and binary)
- XML threat protection
- Single message XDoS protection
- Multiple message XDoS protection
- Message tampering protection
- Protocol threat protection
- XML virus protection
- Dictionary attack protection
- SQL injection protection
No comments:
Post a Comment