The emergence of organized cyber crime, coupled with the necessity for organizations to comply with myriad government regulations that ensure security and privacy of client data, has made securing IT infrastructures through industry standard technologies critical for organizations of all sizes, and in all industries, according to IBM. As a response, the company
is announcing new IBM WebSphere DataPower SOA appliances and SOA security consulting services, resulting from the company's DataPower acquisition last year.

The new IBM WebSphere DataPower SOA appliances are less than two inches tall and 19 inches wide and can be installed and configured in minutes, the company says. These specialty devices are inserted into a client's existing network to secure, manage and authenticate the validity of messages from various sources including Web transactions, RFID and other wireless devices up to 10 times faster than general purpose systems. When combined with SOA security management software from IBM Tivoli, which securely controls user access to applications and data, the appliances help to ensure that the right people have access to the right data, at the right time.

An IT infrastructure that includes the new IBM WebSphere DataPower SOA appliances and is based on IBM SOA security services can help businesses implement a flexible and dynamic architecture that can securely comply with government regulations including HIPAA, Sarbanes-Oxley and many others. Understanding and reconciling various standards, and ensuring they are properly implemented, is rapidly becoming one of the most complex challenges facing enterprises of all sizes.

"In a rapidly evolving security landscape, businesses face a formidable yet critical challenge to comply with security regulations," said Mike Bilger, partner, Security and Privacy Services, IBM Global Services, IBM. "As more clients begin to realize significant business value from an SOA, including reduced costs and increased revenue, implementing IT security will enable clients to grow the use of SOA across the enterprise so they can stay ahead of fast-changing market conditions."

The new IBM WebSphere DataPower XML Security Gateway XS40 validates, encrypts, signs, and authenticates industry standards including XML and WS-Security to provide a secure web services-based foundation. It also offers firewall functionality to fend off additional threats including denial of service attacks and provides access controls that help assure that the right individuals -- and no one else -- have access to information.

The new XS40 is part of a complete range of SOA appliances offered by IBM including the IBM WebSphere DataPower Integration Appliance XI50 for application integration and the IBM WebSphere DataPower XML Accelerator XA35 which off loads the processing of industry standard to provide more processing power for better application performance. All three SOA appliances are new today.

The WebSphere DataPower XML Security Gateway XS40 can also be integrated with IBM Tivoli security and management software to help enterprises reduce IT administration costs and address compliance needs. The WebSphere DataPower XML Security Gateway XS40 can be integrated with Tivoli Identity Manager and Tivoli Access Manager to efficiently manage user identities and control access to a company's applications. Tivoli Federated Identity Manager is used with the XS40 to provide policy-based integrated security management for federated Web services in an SOA environment. The WebSphere DataPower XML Security Gateway XS40 and the WebSphere DataPower Integration Appliance XI50 can also be integrated with IBM Tivoli Composite Application Manager for SOA to provide a comprehensive solution for monitoring, problem determination and centralized management of services.

Business consulting capabilities include a set of SOA Security services -- based on IBM's experience in helping clients with SOA and IBM's rich heritage in addressing client security -- designed to quickly begin to address security concerns. They include a comprehensive review of a company's SOA and enterprise security requirements, an examination of security controls that need to be in effect to help ensure a safe operating environment, a review of application security and a review of potential vulnerabilities to reduce or eliminate security exposures; and security implementation capabilities that combine security best practices with IBM software products including WebSphere and Tivoli as well as the new IBM WebSphere DataPower SOA appliances to meet a client's specific security needs or preferences.