Quadrasis offers SAML support through XML firewall

Enterprise security specialist Quadrasis has launched Soap Content Inspector, a firewall product developed in conjunction with...

Enterprise security specialist Quadrasis has launched Soap Content Inspector, a firewall product developed in conjunction with Xtradyne Technologies that is designed to secure Web services environments.

Hitachi-owned Quadrasis is one of the latest companies looking to find a foothold in the crowded content-aware XML firewall space. Content Inspector is designed as an entry-level system for customers to wrap authentication, authorisation, alert, and auditing around bi-directional Soap communications and XML transactions. The software offers a proxy-based approach that is not dependent on a Web server, Bret Hartman, chief technical officer at Quadrasis, said.

The Quadrasis/Xtradyne Soap Content Inspector currently runs on Microsoft Windows systems but will be ported to Linux and Solaris platforms, according to Hartman. The tool also emphasises support for fledgling Web services authentication and security standards, such as WS-Security., Microsoft Passport, and the Liberty Alliance Project consortium's use of the Secure Assertion Markup Language (SAML) standard. The new product offers SAML attribution assertions and the capability to sign and verify each defined Soap message, as well as offer a "bridge between Microsoft .net server and J2EE environments," added Hartman.

Content Inspector's SAML support gives it an edge over competing XML firewalls on the market from Vordel, Westbridge Technology and Reactivity, said Jason Bloomberg, security analyst at Web services research firm ZapThink.

"What's special about the Quadrasis product is that it performs SAML attribute mapping: It maps the request authentication from requestor to recipient, thus actively participating in a single-sign-on infrastructure," said Bloomberg. "In contrast, products like Vordel's support SAML but delegate the management of the SAML tokens to a third-party product."

According to Bloomberg, XML firewall products are resonating with end-users due to their ability to look inside the content of a message, parse the XML in the message, and make security and routing decisions based on the content of the XML message. Bloomberg contends that existing packet-based firewalls are inadequate to handle XML and Web services traffic since the executable files are sent over HTTP or HTTPS, which traditional firewalls typically allow to pass through untouched.

Hartman said Soap Content Inspector will be offered as a standalone product or as part of Quadrasis' larger security product integration platform, the Quadrasis EASI Security Unifier software suite.

Soap Content Inspector will be available by the end of September for $35,000 (£22,912).

Read more on IT for small and medium-sized enterprises (SME)