XML / SOA Security with the eperi XML Gateway

SOA Security and XML Firewall combined – the eperi XML Gateway

With the eperi XML Gateway you enable secure external access to your data and applications for your customers, partners and staff.

Contrary to a simple firewall, the eperi XML Gateway verifies the contents prior to permitting access to your company.

Thus you may protect yourself against attacks such as SQL injections and XXE attacks. The eperi solution contains an XML scheme validation and supports WebService security standards for message encryption and signature. The eperi XML Gateway customer benefits from an innovative platform, enabling controlled and protected access to all application interfaces.

The eperi XML Gateway is provided as a reverse proxy configuration where the connection is terminated by the Gateway component. As a link between the service user (consumer) and service provider (provider), the message content may be verified and processed as well as the traffic forwarded or blocked according to the situation.

SOA Security

The eperi XML Gateway provides SOA-Security standard methods like XML-encryption, XML-signature, WS-security and security assertion markup language (SAML). The eperi XML Gateway serves as a scalable solution for the comprehensive protection of SOA infrastructures.

XML Firewall

The XML firewall records HTTP/XML traffic and displays an overview of all inquiries and responses. In addition to real-time monitoring, the XML Gateway identifies and blocks different kinds of attacks.

secRT – the Open Source Security Runtime

Our solution is based on the Open Source security platform secRT, developed together with the German Federal Office for Information Security (BSI). Our secRT framework is very flexible and provides maximum reliability.

Simple Administration

Thanks to pre-defined XML security functions, even complex security requirements may be configured with just a few mouse clicks. Each of these functions may be administered using the web-based interface.

Installation

The simple and user-friendly installation and administration of our solution guarantees a quick and uncomplicated rollout and the protection of web services.

The eperi XML Gateway may be used as software in the following installations:

  • Providing a War file on your application server (most suitable: Apache Tomcat)
  • as virtual appliance (VM-Ware), based on a CentOS, Tomcat and a pre-configured XML Gateway
  • The eperi XML Gateway is our contribution to the German Alliance for Cyber Security.

Functionality

  • Reverse proxy
  • Lower administration effort because of workflows
  • Maximum interoperability by consistent use of standards
  • Preventing attacks on web services
  • Protected web service availability and web service confidentiality
  • WS-security standards
  • XML-encryption
  • XML-signature
  • SAML 1.1/2.0
  • XML-firewall
  • XXE-attack identification
  • SQL-injection identification
  • Scheme validation
  • Replay attack identification
  • WSDL-scan prevention

Please kindly note: This product is also available as an Open Source version: Learn more.