Sarvega adding security appliances to XML lineup

Web services start-up Sarvega this week will introduce two security products that should help customers track changes within the security infrastructure, and protect against denial-of-service attacks.

Web services start-up Sarvega this week will introduce two security products that should help customers track changes within the security infrastructure, and protect against denial-of-service attacks.

The appliances - the XML Guardian Security Accelerator and the XML Guardian Security Gateway - support XML Digital Signature and XML Encryption standards, which are digital "forensic" capabilities, through Sarvega's XESOS operating system.

The Accelerator provides those features while the Gateway adds authentication, authorization, auditing services and quality-of-service features.

By combining its acceleration products, the XPE 2000 and XRE 200, and the new security appliance, Sarvega plans to provide corporations the tools to build a layer within their networks dedicated to ensuring performance and security for message-intensive XML-based traffic. The company also plans to add a routing component and is renaming its acceleration products Speedway.

Rival DataPower has been shipping a similar set of acceleration and security tools. Sarvega also will compete on the XML security side with vendors such as Forum Systems, Reactivity and Westbridge Technology.

"Chances are that we will see a convergence where performance, security and routing all happen on the same box," says Jason Bloomberg, an analyst with ZapThink. "Right now it is Sarvega and DataPower pulling out ahead." But he says traditional networking powers such as Cisco and its competitors will get into the competition at some point.

In the mean time, Sarvega is trying to establish a security expertise in the XML world. The company recently named Chris Darby its new CEO. Darby previously held the same position at security vendor and consultant @Stake.

Darby says one of the keys to the Accelerator and Gateway tools is the ability to provide digital forensics, which let users see who altered the security configuration within the appliance and when. The Xesos Gauntlet provides five layers of DoS protection for XML and Simple Object Access Protocol traffic, including IP spoofing, buffer overflows and data injection. The security appliances also can be integrated with access control software from vendors such as Netegrity and Oblix, and with management platforms from vendors including Computer Associates and IBM.

The two security appliances also include Xesos Studio for developing and maintaining security policy and configuration.

The Accelerator and the Gateway start at $35,000.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Related:
Now read: Getting grounded in IoT