|
Category
|
Intel SOA Expressway Capabilities
|
XML Firewall Threat Prevention & XML Standards
|
XML Firewall Threat Prevention
|
• XML Limit Checking, SQL Injection, XPath Injection, Malformed XML Attack, XML Bomb Attack, Schema Poisoning Attack Protection
• Adaptive Denial of Service (DOS) Protection and Throttling
• Anti-virus protection
|
XML Standards
|
• XML, XPath and XSLT (1.0, 2.0), XML Schema
|
Service Medication & Service Governance
|
Service Mediation
|
• Secure SOAP, REST, JSON, or custom service mediation within datacenter or across Internet
• Supports Open Group's X/Open XA transaction standard for long-running transactions.
• Proven integration with all major ISV middleware solutions
|
Service Governance
|
• High-performance runtime policy enforcement for security, SLA, mediation, and transformation
• Integrates with business service repositories from Software AG* CentraSite, Oracle & SAP
• Zero-downtime dynamic policy updates for routing, attack signatures, validation, and transformation
• Fine-grained service and policy monitoring
• Message throttling and ordering
• UDDI v2/v3 integration for service publishing and retrieval
|
Authentication/Authorization & Cryptographic Support
|
Authentication & Authorization
|
• X.509 certificate, CRL, username/ password, LDAP or Microsoft* Active Directory, Kerberos, SAML 1.0/1.1/2.0, Web SSO cookie and STS credential mapping, Amazon* Cloud API
• Integrates with: CA* SiteMinder, Oracle* Internet Directory, Oracle* Access Manager, IBM* Tivoli Access Manager
• Integrates with XACML policy decision points, including Axiomatics* Policy Server and Oracle* Entitlements Server
|
Cryptographic Support
|
• Supports DES, 3DES, AES, RSA v1.5, RSA-OAEP, SHA-1 and SHA-256
• Supports hardware cryptographic acceleration and FIPS 140-2 Level 3 network-based Hardware Security Module
|
Data Security & Transport Layer Security
|
Data Security
|
• OASIS WS-Security, W3C XML encryption, XML signatures, WS-I BSP, SOAP with Attachments
• Data validation, schema validation, WSDL validation, SOAP filtering
|
Transport Layer Security
|
• Support for multiple SSL identities, mutual auth, SSL v3 and TLS v1
• SSL Support for: HTTP, JMS, FTP, MLLP, Raw TCP
|
Performance Metrics
|
High Assurance Certifications
|
• FIPS 140-2 Level 3 Compliant HSM
• NIST 800-53 rev 3
• DOD STIG Ready
• DIACAP (DODI 8500.2)
• Common Criteria EAL4+
|
Performance Features
|
• Wire speed XML processing engine optimized for Intel® Multi-Core and SSE4.2 hardware instruction set
• Low sub-millisecond latency
• High-performance multi-step processing
• Large XML processing (>1GB)
|
Supported Hardware & Operating Systems
|
Supported Hardware
|
• Intel® Xeon® Multi-Core server with 4GB RAM (8GB Recommended)
• Available in hardened, tamper-resistant Hardware Appliance
• Case Lid Sensor Protection: Opening case will stop functional processing
• Disabled Video Port
• Secure Boot
• Encrypted File System
|
Operating Systems
|
• Red Hat* AS4/A5 (32 or 64-bit), SUSE Linux Enterprise 10 (32 or 64-bit), Oracle* Enterprise Linux, Solaris 10, Microsoft* Windows 2003 Server (32 or 64-bit) , VMWare ESX
|
Management & Monitoring
|
Management & Monitoring
|
• Cluster support allows a group of appliances to be managed & monitored simultaneously
• Eclipse-based Intel® service and policy designer with pre-built templates
• Management through command line, SNMP, and integrates with HP* OpenView , Microsoft* MOM
|
