Press Release

XML Web Services Firewall Supports Checking for Viruses in SOAP Attachments

15 April 2004

BERLIN - Xtradyne Technologies, the leading vendor for application security gateways, today announced the general availability of version 1.5 of its Web Services Domain Boundary Controller (WS-DBC) product, a comprehensive XML Web Services security solution. The WS-DBC lets enterprises securely expose Web Services to the Internet without compromising security for either applications or enterprise firewalls.

The WS-DBC is a platform and vendor-neutral XML/SOAP security gateway that implements Web Services standards including SOAP, WSDL, WS-Security, SAML, XACML, XML Encryption, and XML Digital Signature. The WS-DBC can be easily integrated into existing Web Services infrastructures without any need to modify applications, and it provides full WS-Security and unified security management across diverse platforms, such as Microsoft .NET, IBM WebSphere, BEA WebLogic, Oracle, Sun Java WSDK, and Systinet WASP.

This Web Services security gateway is an indispensable building block for a successful Web Services strategy in the enterprise. Sebastian Staamann, Co-CEO at Xtradyne, stresses the suitability of the product for large organizations: "With the new WS-DBC release, Xtradyne adds advanced functionality particularly important for our Global 2000 customers such as SOAP attachment filtering and XACML support to this already feature-rich security product". Phil Leatham, Director Sales & Marketing, adds: "The extremely high performance, combined with superior scalability and availability features, the flexible deployment options, and its advanced management support make this the product of choice for any serious, enterprise-grade application scenario. Moreover, Xtradyne offers very flexible license conditions and pricing models that are especially attractive for large infrastructures."

As a pure software solution, the WS-DBC offers full deployment flexibility while matching the XML processing speed of hardware-based appliances. The software is supported on the Solaris 8 and 9 platforms, and on Linux.

• Fully productized SOAP security without any programming
• Convenient service exposure using WSDL
• Security integration of various service platforms
• Unified security management, and simple administration with powerful, remote graphical administration console
• Expressive policy models fine-grained, role-based access control (RBAC)
• Differentiated administrator roles
• Support for XACML
• Maximum enterprise integration and B2B support through federated trust, using SAML and credentials mappings
• Rich set of authentication mechanisms for users, servers, and intermediaries
• Message validation
• Message content inspection using XML schema and XPath
• Message integrity and confidentiality using XML Digital Signature and XML encryption
• Flexible virus scanning of SOAP attachments
• Transport security using SSL/TLS
• Powerful Policy Server for enterprise-level security management of arbitrarily many, even different, security gateways
• Versioning of security policies & rollback functions
• OCSP support for certificate revocation checks
• Support for SSL accelerator cards
• Enterprise integration with LDAP support
• Auditing, monitoring, and secure logging with SNMP, syslog, etc.
• Scalability and High Availability through cluster support
• xtremely high performance and throughput

The Xtradyne WS-DBC 1.5 is generally available since 15th April 2004. A free evaluation copy can be ordered at Xtradyne's Web site. Please visit www.xtradyne.com or contact sales@xtradyne.com for more details.

About Xtradyne

Xtradyne's particular field since its foundation in 1999 has been turn-key security solutions for applications relying on standard middleware, such as Web Services, J2EE, EJB, and CORBA. Using Xtradyne's cost-effective, high-performance runtime components, enterprises, mainly Global 2000 companies active in Finance, Telecommunications, Air Travel, and Automotive as well as government agencies can securely run business applications across corporate firewalls and also make them available via the Internet without security risks.