NetContinuum is unveiling upgrades to its NC-1000 Application Security Gateway lineup with Web Services Edition that let users filter Web services messages based on the Simple Object Access Protocol.

Web Services Edition is designed to provide users with the ability to authenticate data, validate schema and check for malicious content that might be carried in Web services messages.

NetContinuum is expanding the range of its ASIC-based firewall appliance and casting it as a multifunction application-layer security device. The idea is to provide users with one device to tackle a majority of their application security needs.

In December, the company added a stateful-inspection firewall into the gateway with the idea that companies would not need a separate network firewall to run in front of their Web application firewall.

The same concept is behind the Web Services Edition, company officials say.

NetContinuum, which competes with KaVaDo, Sanctum and Teros, has licensed the XWall firewall from Forum Systems and is integrating it into the Web Security Gateway. Management and auditing functions also have been integrated into a single user interface.

"NetContinuum has been tracking the XML firewall gateway market," says Earl Perkins, an analyst with Meta Group. "They found Forum had the most compatible technology, and it looks like both the architecture and the engineering groups from both companies are compatible. It's another matter, however, to execute."

Perkins says corporations are warming up to Web services because they are satisfied with the development of standard security specifications, such as WS-Security and its family of protocols, and now are seeing those delivered in actual products.

With the addition of the Web services support, NetContinuum will add to its list of rivals companies such as DataPower, Reactivity and Westbridge Technology.

The gateway's Web service security features include masking the location of Web services on the network, XML schema validation, inspection and validation of SOAP envelopes, headers and message content, and data theft protection.

The gateway does its processing in an ASIC-based system on a proprietary operating system, while the management features execute on an x86 platform running a modified version of Linux in the same box.

The NC-1000 Application Security Gateway Web Services Edition is due in December and costs $39,000.