Enterprises making security investments for Web services can consider an all-in-one appliance like an XML security gateway for high priority projects, but need to keep a cautious eye on the still immature market.
XML security gateways are network appliances that secure XML and Web services transactions. Most go beyond a traditional XML firewall and include XML encryption, digital signatures, schema validation, access control and Secure Sockets Layer (SSL) capabilities.
A recent research report from Forrester Research Inc., of Cambridge, Mass., advises that enterprises take a tactical approach and buy XML security gateways as a standalone option for now, and eventually integrate them into their security architectures as the market matures and eventually consolidates.
Report author Randy Heffner, a vice president in Forrester's application development and infrastructure research group, said XML security gateways enable enterprises to give their Web services projects a quick start.
"The point is you don't have to worry about a lot of integration. Everything is in a nice neat package and you're off to the races," Heffner said.
XML security gateways, which cost between $30,000 and $55,000, protect Web services transactions from malicious code attacks, enable authentication and authorization and ease the load of processing cryptography for an application server.
Heffner recommends a standalone XML gateway because a churn in the market over the next two to three years will see some vendors disappear or merge with bigger players, like Cisco Systems, who wish to expand their market footprint, Heffner said.
Heffner said that enterprises, with the right planning and product selection, will have the flexibility to adjust should their current vendor be acquired or change in a way that does not reflect their strategy.
Heffner's report evaluated seven "major players" in the market on the strength of their current offering, future strategy and market presence. Forum Systems Inc., of Sandy, Utah, and Data Power Technology Inc., of Cambridge, Mass., were singled out primarily because they had secured more than 15 customers each.
Forum also benefited from having the best product packaging strategy, Heffner said, as it offered a third form factor, PCI card, in addition to its separately packaged XML firewall and XML security gateway products, XWall and Sentry, respectively.
While Forum received some of the limelight, Heffner pointed out that each of the seven vendors are worth a look. Westbridge Technology Inc., of Mountain View, Calif.; Vordel Ltd., of Dublin, Ireland; Sarvega Inc., of Burr Ridge, Ill.; Layer 7 Technologies Inc., of Vancouver, Canada; and Reactivity Inc., of Belmont, Calif., were also evaluated.
"XML security gateway vendors are showing their creativity in the breadth of features and functions that they are implementing," Heffner said. "This gives you the opportunity to find a product that closely matches the specific requirements of your environment. The market will be evolving rapidly in the next two to three years, there is a large risk that any purchase will soon be obsolete."
Heffner said the vendors are going in number of directions, but the bigger picture is centered on the idea of integrated versions standing alone. He described it as quick and easy, but not providing deep security.