XML Firewall

Detect and block content-based threats

XML is a key technology widely used in enterprise APIs and open standards such as SAML, XACML, WS-Policy, WS-Security and more. Its flexibility and extensibility have made it ubiquitous in A2A, B2B, cloud, and security integrations. However, as traffic volume, the number and variety of clients, and types of transactions increase, XML processing and security tasks (e.g. signing and encryption) can consume a substantial amount of application and database server resources inefficiently.

In addition, XML introduces many content-level threats including:

  • XML Denial of Service (XDoS)
  • Malicious SOAP attachments
  • "Clogging" attacks
  • XML parsing attacks
  • Recursive XML attacks ("XML Bomb" attacks)
  • SQL Injection

In order to deploy Web Services safely to your customers and partners, these threats must be blocked. In addition to scanning XML content, Axway's XML Firewall also provides scanning of JSON and other content for threats.

Axway API Gateway offloads CPU-intensive tasks to XML Firewall, an ultra-efficient purpose-built engine that enables application and SOA infrastructures to scale to meet rising demand. Tasks handled by XML Firewall include:

  • Threat detection of content-based attacks
  • Quarantining of malicious messages
  • XML parsing
  • XML schema validation
  • Protocol translation
  • Message transformation
  • Signing
  • Encryption and decryption
  • Hardware security module (HSM) integration
  • SSL termination and operations

Comprehensive API delivery platform for on-premise, cloud and mobile

Since Vordel (now part of Axway) invented the original XML Firewall back in 2002, it has been continuously improved and updated to keep pace with changes in technologies and IT strategies. As enterprises began adopting Service Oriented Architecture, the XML Firewall technology was expanded to provide SOA security and governance. Today, with the advances in mobile and API-driven economies and transactions, the need to provide firewalling for such protocols as REST and JSON is real, and traditional Web application firewalls (WAF) do not offer sufficient protection.

This unmatched combination of feature offerings, deployment flexibility, ease-of-use and product performance provides a unified platform with all required infrastructure services for the management, delivery and security of APIs.

  • Follow Axway on Facebook
  • Follow Axway on Twitter
  • Axway YouTube Channel
  • Axway RSS Feeds
  • Axway Blogs