Aug 03, 2012

What's the difference between an XML firewall and a "normal" firewall?

Like pretty much any business that has a computer we have a firewall. Someone asked me whether we had thought about an XML firewall. The answer is no, because I don't know what an XML firewall does that isn't already in place. What's different about an XML firewall and is it necessary for a small business?

Here's an article that gives you a basic idea, along with links for more info:

XML firewall

"An XML firewall is a specialized device used to protect applications exposed through XML based interfaces like WSDL and REST and scan XML traffic coming in and out of an organization. Typically deployed in a DMZ environment an XML Firewall is often used to validate XML traffic, control access to XML based resources, filter XML content and rate limit requests to back-end applications exposed through XML based interfaces.

XML Firewalls are commonly deployed as hardware but can also be found as software and virtual appliance for VMWare, Xen or Amazon EC2. A number of brands of XML Firewall exist and they often differ based on parameters like performance (with or without hardware acceleration, 32 Vs 64 bit), scalability (how do they cluster and perform under load), security certification (common criteria, FIPS being the most common), identity support (for SAML, OAuth, enterprise SSO solutions) and extensibility (they can support different transport protocols like IBM MQ, Tibco EMS, etc.).

XML Firewalling functionality is typically embedded inside XML Appliances and SOA Gateways."
Answer this