Many of the discussion of Web services is surrounded by it adding security risks. According to Gartner, CIOs must adjust security policies and incorporate them into the application-level firewall. The so-called web service is to integrate various applications into intervals that are protected by security facilities such as firewalls.
But this new firewall must coexist with traditional network firewalls, rather than replacing it, Infoworld has reported competition between traditional firewall users and XML application firewall providers.
Not everyone pays attention to this war. In fact, some people think that some new things are often short-lived. I have talked about the industry experts and asked some things: CIOs need to understand what is about the application level, providing the manufacturer of XML firewall and how to choose a manufacturer.
What is an XML application firewall Gartner pointed out that the term XML application firewall is confused because this type is obviously different from the existing IP layer network firewall. However, this term is very appropriate because, like a network firewall, these XML application firewalls are concerned about monitoring and guaranteeing the security of the network.
Unlike traditional firewalls, XML application firewall works in the application layer, Gartner analyst John Pescatore, Matthew Easley and Richard Stiennon in a report called "The Security Platform will change the network security this big stage" in this report: "Using Web services, service requester and message content more deeply, is the application level of the XML web service standard for applying the application level firewall to be implemented."
The presence of the Web service will put new security focus on the threat of the application level system attack. Traditional network firewalls will continue to be safely centered, without concern to new conditions and needs for networks. According to the XML Web Service Security Forum (XWSS), these new conditions and needs are:
Most safety violations come from the inside of the firewall. Initialization of key tasks often needs to access licenses and integration through firewall. A well-known port used for special agreements is now utilized to achieve different purposes. The design of the XML Web Services Simple Object Access Protocol (SOAP) is easy to use to penetrate the firewall, which is carried like HTTP, SMTP, etc. Transfer protocol, frequently through open firewall ports. The code written by the latest tool (for example, .NET, current J2EE application servers, etc.) will occupy a few parts in an XML web service data network. Most nodes are some traditional package applications, which will be equipped with security and diversification. It is usually difficult to verify and manage the security operations they provide.
