XML appliances acting as security gateways have protected the fringes of SOA applications for a number of years. They have been most apparent in defense and homeland security settings. A deal between Layer 7 Technologies and Oracle brings such technology deeper into commercial settings.
With all the messages that flow from an
Earlier this month Layer 7 released an integrated appliance for the Oracle Service Bus component of Fusion Middleware. The company said that the OSB Appliance combines XML security and a stripped-down deployment of Layer 7's SecureSpan XML Gateway.
The appliance is now sold alongside OSB through Layer 7 and Oracle and runs on Sun x64 servers.
"The idea came from a customer of ours who had a lot of back-end data behind the firewall," said Scott Morrison, VP of engineering and chief architect at Layer 7. "They wanted to make it accessible but with security."
A major benefit of a product like this is not having to set up and configure a custom gateway to live along side an ESB, suggested Scott Morrison, VP of engineering and chief architect at Layer 7. As an integrated appliance, it is designed to drop a security perimeter right into the network.
Morrison said major interest to date has been from government agencies with high security requirements, such as the Department of Defense and Homeland Security. He said the government seems to be making a more aggressive move towards adopting SOA standards.
"The commercial sector is more about integrating with existing identity management right now," Morrison said. "The government tends to be very aware of standards coming out. And they have to. After 9/11, the government really started taking the direction where information needs to be shared between departments."
For some commercial operations, a review of ESB and security touchpoints may be in order, said an industry expert.
"Enterprises must consider that while there may be specific security handling capabilities within the domains of their ESBs and other various engines, they must also holistically address the many interfaces and touchpoints between and across the network," said Sandra Rogers, independent industry analyst.