This article can also be found in the Premium Editorial Download "Information Security magazine: Security Readers' Choice Awards 2008."
Download it now to read this article plus other related content.
Web app firewalls, source code and app scanners and appliances
IBM WebSphere DataPower XML Security Gateway XS40
As more companies begin exposing Web services outside the network--to business partners, for example--they are abandoning proprietary EDIs for open formats such as XML, Ajax and mashup frameworks. Securing exchanges between applications becomes paramount, and Information Security readers acknowledge the trend with the gold medal for IBM's WebSphere DataPower XML Security Gateway XS40.
This is the second consecutive win in this category for the DataPower product; readers were high on its effectiveness in reporting and preventing known attacks, as well as the frequency of updates, and support from IBM.
The XS40 parses, filters and validates XML schema. It verifies digital signatures, and signs and encrypts XML messages, beyond acting as a security checkpoint for XML traffic and Web services messages.
Gari Singh, product manager for SOA appliances at IBM, says Big Blue has made considerable engineering investments in DataPower since acquiring it in 2005, including work on service registries and repositories.
NOTABLE Singh says IBM is refining best practices around securing Web 2.0 and REST-based services, bridging REST, SOAP and JSON protection, as well as securing RSS and Atom feeds.
BIG-IP Application Security Manager
F5 Networks' BIG-IP Application Security Manager (ASM) finished a close second to IBM in this category, with strong scores for its effectiveness in preventing known attacks and/or vulnerabilities, and vendor support and service.
ASM acts as a proxy accepting traffic before it hits users, and protects applications from the gamut of Web app threats such as cross-site scripting and forgery, SQL injections, escalation attacks and more. It does so aided by a learning feature, introduced last fall, that monitors traffic, recognizes acceptable application behavior and refines security policies in real time.
Furthermore, ASM is also available as part of F5's application delivery controller, building a security policy based on the traffic it observes.
"Customers are not necessarily looking for a security appliance, but for data center optimization or application availability," says F5 technical marketing manager Alan Murphy.
Upcoming enhancements to ASM include an antievasion engine, as well as SMTP protection and security for rich media applications.
NOTABLEASM security policies don't have to start in learning mode. F5 has created out-of-the-box policies for SharePoint 2003 and 2007, Outlook Web Access, SAP NetWeaver and Oracle.
This was first published in April 2008