The latest entrant looking to set a foothold in the crowding content-aware XML firewall space, Quadrasis, on Monday introduced its SOAP Content Inspector, developed with Xtradyne Technologies, to secure Web services environments.
The product is designed as an entry-level system for customers to wrap authentication, authorization, alert, and auditing around bi-directional SOAP communications and XML transactions. The software-based SCI offers a proxy-based approach that is not dependent on a Web server, said Bret Hartman, CTO at Waltham, Mass.-based Quadrasis, a Hitachi Computer Products (America) Inc.-owned company.
The Quadrasis/Xtradyne SOAP Content Inspector runs on Microsoft Windows systems. Plans are to expand that reach to Linux and Solaris platforms "down the road," said Hartman.
The SOAP tool also emphasizes support of fledgling Web services authentication and security standards in play, such as WS-Security by Microsoft Corp. and IBM Corp., Microsoft Passport, and the Liberty Alliance Project consortium's use of the SAML (Secure Assertion Markup Language) standard. The new product offers SAML attribution assertions and the capability to sign and verify each defined SOAP messages, as well as offer a "bridge between Microsoft .Net server and J2EE environments," added Hartman.
Its unique form of SAML support is a key distinction the SOAP Content Inspector holds over similar competing XML firewalls flooding the market, from the likes of Vordel Ltd., Westbridge Technology Inc., and Reactivity Inc., said Jason Bloomberg, security analyst at Web services research firm ZapThink LLC, in Boston.
"What's special about the Quadrasis product is that it performs SAML attribute mapping: It maps the request authentication from requestor to recipient, thus actively participating in a single-sign-on infrastructure," said Bloomberg. "In contrast, products like Vordel's support SAML, but delegate the management of the SAML tokens to a third-party product."
According to Bloomberg, XML firewall products are resonating with end-users due to their ability to look inside the content of a message, parse the XML in the message, and make security and routing decisions based on the content of the XML message. He contends that existing packet-based firewalls are inadequate to handle XML and Web services traffic since the executable files are sent over HTTP or HTTPS, which traditional firewalls typically allow to pass through untouched.
Hartman said the SOAP Content Inspector will be offered as a standalone product or as part of Quadrasis' larger security product integration platform, the Quadrasis EASI Security Unifier software suite.
SOAP Content Inspector will be available by the end of September for a price of $35,000.