XML Adds Muscle to New Firewalls

Stubborn security issues have kept a great many enterprises from deploying Web services outside their firewalls. With no tried-and-true (or even agreed-upon) methods to secure XML messages and schemas, the march toward Web services has been halting and unsteady, despite the efforts of standards organizations to develop frameworks to secure Web services. Hoping to move things along, Forum Systems Inc. and Reactivity Inc. last month showcased firewall products at Demo in Scottsdale, Ariz. The Forum and Reactivity offerings are the first eWEEK Labs has seen that are specifically geared to protect Web services—and it's about time. Today's network firewalls and intrusion prevention systems cannot detect XML viruses, parser attacks and schema poisoning.

The lack of a guaranteed level of trust between enterprise Web services deployments represents a major stumbling block to widespread Web services deployment beyond the enterprise. Take one look at public-key infrastructure, which struggled for years to gain acceptance, and it should be obvious that Web services security issues must be resolved for the technology to become ubiquitous beyond enterprise borders.

Although XML-specific firewalls likely won't herald unprecedented numbers of new enterprise Web services deployments, defending the network perimeter from malicious activity is a start.

Read Full Story