Open Source Software

Update cycle process

  • For the Open Source encryption solutions the eperi GmbH regularly publishes updated snapshots.
  • For the commercial encryption solutions the eperi GmbH publishes officially updated packages and undertakes bug fixing as well as optimization at set times.

eperi XML Gateway

SOA Security and XML Firewall combined

With the eperi XML Gateway you ensure secure external access to your data and applications for your customers, partners and staff.

In contrast to a mere firewall, the eperi XML Gateway verifies the contents prior to permitting access to your company.

Thus you may be protected against attacks such as SQL injections and XXE attacks. The eperi solution contains an XML scheme validation and supports WebService security standards for message encryption and signature. The eperi XML Gateway customer benefits from an innovative platform, enabling controlled and protected access to all application interfaces.

The eperi XML Gateway is provided in a reverse proxy configuration where the connection is terminated by the Gateway component. As a link between the service user (consumer) and service provider (provider), the message content may be verified and processed as well as the traffic forwarded or blocked according to the situation.

The eperi XML Gateway by comparison

The following comparison chart shows the fundamental differences between the XML Gateway versions „Open Source/Community” and ”Commercial”.

eperi XML Gateway: Open Source and Commercial Version

Functionality

  • SOA Security: The eperi XML Gateway provides SOA-Security standard methods like XML-encryption, XML-signature, WS-security and security assertion markup language (SAML). The eperi XML Gateway serves as a scalable solution for the comprehensive protection of SOA infrastructures.
  • XML Firewall: The XML firewall records HTTP/XML traffic and displays an overview of all inquiries and responses. In addition to real-time monitoring, the XML Gateway identifies and blocks different kinds of attacks.
  • Easy Administration: Pre-defined XML security functions enables the configuration of complex security requirements with just a few mouse clicks. All this features are available within just one web based admin console.Reverse proxy
  • Lower administration effort because of workflows
  • Maximum interoperability by consistent use of standards
  • Preventing attacks on web services
  • Protected web service availability and web service confidentiality
  • WS-security standards
  • XML-encryption
  • XML-signature
  • SAML 1.1/2.0
  • XML-firewall
  • XXE-attack identification
  • SQL-injection identification
  • Scheme validation
  • Replay attack identification
  • WSDL-scan prevention

Downloadvariants

eperi XML Gateway 1.2 – Demonstrator

Pre-configured system with demo data for Windows: Recommended for persons wanting to test the latest stable version of the Gateway in a demo environment. Unpack the ZIP archive and follow the Demonstrator Tutorial instructions.

eperi XML Gateway 1.2 – Virtual Appliance

Virtual Machine (Open Virtualization Format Archive, usable in VMWare, VirtualBox etc.): Recommended for persons wanting to use the Gateway as Virtual Appliance. A ZIP archive, including a pre-configured environment (CentOS, Tomcat). Unpack the ZIP archive and follow the VM Tutorial instructions.

eperi XML Gateway 1.2 – WAR

Multi-platform Java Webapp for Java Servlet Container:  Recommended for advanced users wanting to productively use the eperi XML Gateway. Requires an existing Java-Servlet-Container like e.g. Apache Tomcat. Deploy the WAR file and follow the instructions in the installation brief instruction.

eperi XML Gateway 1.2 – Quellcode + User Guide

The source code, pre-defined for Eclipse use and the User Guide for the eperi XML Gateway.

Note: By requesting the trial, you allow us to contact you via email or telephone, in order to inform you about our products.

eperi secRT Framework

secRT – the Java™ Open-Source-Security-Platform

The secRT is an Open-Source security platform jointly developed by eperi and the German Federal Office for Information Security (BSI). It provides a development framework, containing a range of security functions.

The secRT Workflow Engine enables programming security processes with minimum effort. All administrative functions are also available via WSDL-API, so that own security projects may easily be integrated. With the extremely powerful and flexible combination of the secRT techniques you will quickly and easily optimize your company’s Java™- security development.

Functionality

  • Key management – an entire PKI infrastructure for keys and certificates
  • Cryptographic functions – just select the appropriate algorithm
  • Workflow Engine – for automated security processes
  • Platform independent runtime environment for security software
  • API functionality for partner products

Downloadvariants

eperi secRT 3.1 – WAR

Multi platform Java Webapp for Java Servlet Container:  Recommended for advanced users wanting to actively use the secRT framework. Requires an existing Java Servlet Container like Apache Tomcat. Deploy the WAR file and follow the instructions in the installation’s brief instruction.

eperi secRT 3.1 – Source Code

Contains the Source Code pre-configured for Eclipse use.

eperi secRT 3.1 – User Guide

The User Guide for eperi secRT.

eperi secRT 3.1 – Workspace Guide

The instruction describes the workspace structure and the component buildup. Set up your workspace to start with the eperi secRT development.

eperi secRT 3.1 – Development Tutorial

The Development Tutorial explains creating a bundle and a „Hello World“ function

Note: By requesting the trial, you allow us to contact you via email or telephone, in order to inform you about our products.