Processing XML on the Network
The dramatic increase of Web Services and other XML traffic on today’s enterprise networks presents serious security, management, and performance considerations for the IT manager. At the root of the problem: existing network devices such as routers, firewalls, and load balancers operate at the packet level, rather than at the data or content level. As a result, existing network infrastructures are entirely unable to provide the data-level security that enterprises need. To meet this need, vendors are offering a variety of solutions with a confusing array of features. These products fall into two broad, overlapping categories: network appliances and XML gateways.[hide -1]Download File[/hide][hide +0]Register to Access this Document[/hide]…

Read More

The XML and Web Services Processing Challenge
Performing XML-aware content inspection is a difficult task. Network devices and application servers are already overloaded handling the basic TCP/IP and HTTP based functions that they were built for. Processing and inspecting XML on the network is a compute-intensive, multistep task. Each step consumes processing power and time, resulting in a challenging environment, especially if the business requires a solution that introduces no additional latency. Clearly, companies require a new class of solution in order to meet the increasing demand to understand, process, and manage XML and Web Services traffic on the network. XML proxies and related technologies offer an evolutionary advancement from current IP-based network processing techniques by providing the ability to inspect network traffic at the content-level. Increasingly, network administrators will be expected to provide capabilities for securing, routing, managing, and transforming XML content with high throughput and low latency. Doing so, however, requires a new set of…

Read More

ZapNote: nCipher
Due to XML’s human readable nature, XML and Web Services are particularly vulnerable to security compromises. As a result, any XML message, including SOAP messages, must be enhanced with security features including encryption, digital signatures, authentication mechanisms, and privacy controls. However, organizations face many performance and efficiency issues to properly implement SSL and PKI, which are critical elements to XML and Web Services security nCipher provides hardware security modules (HSMs) that deliver high performance cryptographic offload and secure key management used for SSL, PKI and custom software applications. nCipher’s FIPS 140 Level 3 certified products provide robust security and acceleration, while also delivering a highly scalable key management solution.[hide -1]Download File[/hide][hide +0]Register to Access this Document[/hide]…

Read More

Web Services: Still Just Software
ZapThink was speaking with a Web Services development tools vendor a few weeks ago, and we pointed out that Web Services were, after all, just software. The vendor was impressed with our perspective, pointing out that they had been talking with one of our fellow analyst firms, who didn’t get this very basic point. “In the future, you won’t need Java or C#,” said this unnamed analyst, “because all you’ll need is Web Services.” In response, ZapThink would like to put this issue to rest. Web Services may be the sizzle, but the steak is all software. In fact, that analyst’s misunderstanding is relatively common, and makes up part of the hype that confuses the real issues surrounding Web Services. We believe the true value of Web Services is in presenting coarse-grained, location and connection independent business Services to Web Service consumers both inside and outside organizations. For…

Read More

Breaking XML to Optimize Performance
As XML becomes ubiquitous throughout the enterprise, it increasingly taxes the systems that must deal with it. Even though there are a wide range of hardware and software solutions coming to market that aim to alleviate XML’s performance bottlenecks (See ZapThink’s XML Proxies Report), many developers are nevertheless resorting to a variety of tactics to improve the performance of XML processing and transmission that are… well… creative. Many of these creative approaches simplify certain aspects of XML in order to squeeze document size, improve parser performance, and speed the mapping of XML document components to application objects. Why must developers jump through so many hoops to improve the performance of XML? Simply put, XML is not a particularly efficient format for representing information. It is a text-based, human-readable, and metadata-encoded markup language that operates on the principle that the metadata that describes a message’s meaning and…

Read More

Overcoming XML’s Hidden Processing Costs
XML is pervasive. In a matter of years, it will fuel every application, device, and document found in enterprise networks. However, as XML proliferates, it will stress existing systems and enterprise budgets to their breaking points. This is because existing n-tier software architectures and legacy infrastructures were not designed to process this verbose new data type efficiently. What enterprises need is a new way to process XML in the network, rather than in software at the database, application server, or presentation tiers. Yet today’s existing network infrastructure is limited to switching lower layer protocols and is unable to detect XML – much less parse and process it. An emerging class of hardware-based XML-aware network devices addresses the performance, security and management issues that come with XML’s use in enterprise applications. These purpose-built network devices enable enterprises to process high volumes of XML in a way that offers high performance, optimal…

Read More

XML Proxies: Why Current Network Protocol-based Firewalls and Routers Can’t Handle XML
Look in the network closet in any good-sized company today and you’ll find a wide assortment of network gear: firewalls, switches, gateways, routers, hubs, bridges, the list goes on and on. Each of these devices essentially either directs or secures the packets that form the automobiles on the streets and freeways of today’s networks. All data networks — including the mother of all data networks, the Internet — are built from these packet-directing and packet-securing devices. All this equipment works pretty well, as long as they don’t care what is actually inside the packets. And there’s the rub. The amount of traffic going over the network that is XML formatted — in particular, Web Services messages — is set to explode, and all that equipment in the closet is completely unprepared to direct or secure that XML traffic. To understand why XML traffic is different from other network traffic, it…

Read More

XML Proxies
As the use and proliferation of XML and Web Services spreads throughout the corporate IT environment, so too will the demands on optimizing the performance of the XML data and applying enterprise-wide XML policies. Increasingly organizations are seeking to find solutions that can transparently monitor XML traffic on the network and apply business rules or corporate IT policies such as security, routing, performance, management, transformation, or end-point connection provisioning. Enterprises will implement XML Proxies, which can be either hardware Network Appliances,software Proxies, or software Firewalls, as a transparent layer over current LAN and WAN traffic, monitoring and acting on XML data as dictated by pre-configured rules.

Read More