Alcatel-Lucent 8550 Network Card User Manual


 
3Alcatel-Lucent 8550 Web Services Gateway
Threat protection
&
XML firewall
Protects from
deliberate attacks and
malicious XML messages
XML message validation Ensures all messages are well formed
XML message control
SQL Injection, Recursive Payload, Oversized Payload, Buffer Overflow,
External Entity Attacks, Oversize Attachments, Cross Site Scripting
Denial of service (DoS)
protection
Prevents DoS attacks focused at web services, replay attacks
Management
Easily managed appliance
integrating with existing
management
platforms
Fault management SNMP reporting to enterprise network management platforms
Configuration management Provides Web-based GUI interface with role based management control
Change management
Enforces policy and configuration privileges by role and provides audit of all
policy and configuration changes
Secure hardware
accelerated
appliance
Hardened appliance to
comply with
security standards
High availability Provides automatic stateful failover for paired nodes
Open standards compliant
Compliance with Web services standards W3C, SOAP, UDDI, WS-Policy,
WS-Trust, WS-Security, WS-Reliable Messaging, WS-Addressing
Secured appliance
No direct operating system access - encrypted hard drive - no internal
devices allow for alternate re-boot of system - all ports disabled -
configuration files digitally locked.
Dedicated Web services
infrastructure
Hardware accelerated XML parsing & encryption with digital signing & SSL
& HTTPS
F
eature group
B
enefit
F
eature
F
eature description
Security
&
governance
Ensures compliance
with corporate
governance policy and
government legislation
A
pplication sessions
S
tateful model for Web service run-time policy
Stateful run-time policy enforce-
m
ent
Run-time policy enforced across multiple transactions per credentialed user
User-centric audit trail
Consolidated audit trail capturing each information record viewed or modified
p
er credentialed user, encrypted and signed to survive legal audit
Application access control Stateful policy enforcement on access to individual Web services
Information access control Stateful policy enforcement on access to individual information records
Secure online
B2B
Enhanced security
through single point of
control to enable secure
automated workflow
among business partners
Partner authentication
Strong authentication for partner institutions (X509, XKMS, RSA, 3DES, DES,
A
ES, SHA, PKCS, CRLs, OCSP)
Service virtualization Map external URL used by partners to private internal URL
Secured proxy point
S
tateful policy enforcement with cross-referenced audit on all partner activi-
ty
D
ata protection
D
ata encryption and digital signing to survive legal audit
U
ser mobility
E
nables end users to seamlessly connect to web services at any partner site
Multiple partner groups Allows web services to be offered to distinct partner groups
Identity
mapping
&
federation
Consistent enterprise-
wide enforcement
of policy per
credentialed user
Single identity
Dynamic identity translation allowing access to multiple IT
systems with single credential for corporate-wide consistent policy enforce-
ment
Identity interoperability
Enables acceptance of user validations from partners while meeting all
traceability and user privacy requirements (SAML, WS-Trust)
Integration with existing identity
i
nfrastructure
Integrates with existing identity management infrastructure (LDAP, SAML,
W
S-Trust)
Corporate
agility
Enables scaleable and
reliable re-use
of existing IT systems
Application interoperability
Provides mediation through message and content translations for applica-
t
ions (XSLT)
Web service load balancing
Provides round robin load balancing with session stickiness and automatic
f
ailover
Reliable messaging Provides policy-controlled, guaranteed delivery of web service messages