Defining Network XML Threat Perspectives. Traditional protection systems lack the efficiencies to provide a cost-effective and scalable XML threat-protection solution. This white paper describes the security challenges XML Web Services present to traditional network-protection solutions. It then discusses how the new XML Web Services Network IPS can help you address key XML Web Services threat and security requirements.

---

Building on the global adoption of Transmission Control Protocol/Internet Protocol (TCP/IP) and Hypertext Transfer Protocol (HTTP), a new class of mission critical applications, called Web Services, are emerging in enterprises and governments world wide. Web Services are based on the eXtensible Markup Language (XML). They rely on existing web protocols such as HTTP and portable XML messages (called Simple Object Access Protocol) to enable application-to-application communication for a wide range of mission critical enterprise applications.

However, security has become a main concern of enterprises looking to reap the integration benefits of XML. This is due in part to the open nature of Web Services as well as to their use of port 80 in current network infrastructures. New security technologies have surfaced at the application and network layers to address XML Web Services security requirements. Among them are network based security systems such as Firewalls, NIDS (Intrusion Detection System), and recently NIPS (Intrusion Prevention System). Enterprises are deploying these solutions to protect against XML threats, both known and unknown, and to improve network uptime. Specific application protection technologies such as Web Application Proxy Firewalls have emerged in a network appliance form factor. Increasingly, other network devices such as switches and routers are including security as an integral component as part of layered defense against attacks and vulnerabilities.

Yet these traditional network protection systems fail to provide comprehensive coverage for the new Web Services based threats as indicated in figure 1.1 Unlike the earlier Web enabled applications, which use HTTP on top of IP as the primary source of communication, Web Services use an additional application layer of XML. This additional XML application layer, with its corresponding standards such as Simple Object Access Protocol (SOAP) and Web Services Description Language (WSDL), allows application logic from proprietary applications to easily communicate in a standard fashion. Web services traffic can be used readily by business systems running critical applications, making this problem especially acute for an enterprise, regardless of the traffic volume.

To read more, click link below to subscribe to Intel® Software Dispatch and begin receiving Intel® Software Insight, a quarterly e-zine focused on the topics software-industry leaders care about. Once you subscribe, you will be able to download the pdf continue reading Defining Network XML Threat Protection: Next-Generation XML Network Intrusion Protection System. To read complete article, click download below.