XML Firewall,WSP and MPGW in datapower

XML Firewall:

The XML Firewall is designed to process generic XML requests and responses transmitted over HTTP or HTTPS. The XML Firewall uses a single protocol and contains one processing policy with a set of request, response, two-way, and error rules. Its configuration defines the listening IP address-port pair as well as general threat protection.Although the design of the XML Firewall is to process XML documents of all types, including SOAP-formatted messages, it can accept unprocessed (text/binary) documents. Through the processing policy, the XML Firewall can apply all of the various processing actions to the request and response message, regardless of format. Processing can include AAA, transformations, schema validation, logging, and cryptographic operations.Like all other DataPower services, the XML Firewall can be configured to proxy remote services. However, one of the commonly used features of the XML Firewall is to define the configuration as a loopback service. As a loopback service, the remote server is undefined. In this case, the service itself generates a response to the client after processing the request. This functionality is useful when developing, testing, and debugging a service when the remote server is unavailable.

Multi-Protocol Gateway:

The Multi-Protocol Gateway is a powerful and versatile service. In additional to threat protection and document processing capabilities, the Multi-Protocol Gateway can process requests between various protocols. The supported protocols are HTTP,HTTPS, WebSphere MQ, WebSphere JMS, IMS™, FTP, NFS, SFTP, and TIBCO EMS.The Multi-Protocol Gateway receives incoming requests, processes them with a processing policy, and forwards the request to the remote server. The Multi-Protocol Gateway processes the response similarly, applying the applicable response rule, if configured.The Multi-Protocol Gateway uses front-side handlers to manage client connections.A single Multi-Protocol Gateway can have multiple front-side handlers that listen or poll for requests. The ability of configuring multiple front-side handlers allows a Multi-Protocol Gateway to receive requests from different protocols. For example, a

Multi-Protocol Gateway can have one front-side handler listening for HTTP requests and another handler polling a WebSphere MQ queue for messages. Both front-side handlers forward the incoming message to the Multi-Protocol Gateway for processing and forwarding to the remote server.All of the available protocols on which the Multi-Protocol Gateway can receive incoming requests can also be used on the server-side to forward the request to its destination. The client-side protocol does not need to match the server-side

protocol.A Multi-Protocol Gateway service offers many of the same services and capabilities

as a Web Service Proxy service. Unlike a Web Service Proxy service, a Multi-Protocol Gateway service cannot use a WSDL to determine a configuration.

Web Service Proxy:

The Web Service Proxy provides security and abstraction for remote Web services.By loading a WSDL file and adding a front-side handler, a Web Service Proxy is ready to start receiving requests. Although this configuration is simplistic, it is a fully functioning, feature-rich service that provides endpoint/URI abstraction,

parser-based XML threat protection, XML well-formedness checking, SOAP schema validation, payload schema validation, hooks for monitoring, and a platform for building operation-level rules.The WSDL file provides critical information about a Web service, including endpoint locations, instruction on binding to these endpoints, and expected message schemas. With just the WSDL and a front-side handler, a Web Service

Proxy has the basic configuration. Additional configuration can be defined to meet your case requirements, such as AAA, document transformations, message encryption, and so forth.In addition to the Web Service Proxy being able to upload or fetch a WSDL file, the configuration of a Web Service Proxy can be through a subscription to a UDDI registry or WSRR server. Through subscription, the Web Service Proxy receives

automatic updates of the WSDL file or dynamically looks up the endpoints for the service.The Web Service Proxy has powerful monitoring and logging capabilities. Web services traffic that flows through a Web Service Proxy can be monitored and logged at the service level down to the WSDL operation level. Other features of a Web Service Proxy are service-level monitoring (SLM), WS-ReliableMessaging, WS-Policy, and WS-Addressing.