SlideShare ist ein Scribd-Unternehmen logo

Layer 7 SecureSpan Solution

CA API Management
CA API Management

Security and Monitoring for Services Inside the Enterprise and out to the Cloud

Technologie
1 von 25
Downloaden Sie, um offline zu lesen
SecureSpan Solution   Security and Monitoring for Services Inside the Enterprise and out to the Cloud K. Scott Morrison CTO & Chief Architect Layer 7 Technologies
About Layer 7   Layer 7 is the leading vendor of security and governance for: Cloud SOA Customers Revenue XML 2003 2006 2009 Layer 7 Confidential 2
Why Governance? Governance is essential. Governance is needed for “ security, planned change and configuration “ management, testing, monitoring, and setting of quality-of-service requirements. Jess Thompson, Research Vice President As quoted by CyberMedia India Online Ltd (http://www.ciol.com/enterprise/biztech/news-reports/soa-evolving-beyond-traditional-roots/3409118003/0/) Layer 7 Confidential 3
Layer 7’s Approach to Governance   Security   Compliance   Reliability   Policy Agility   Deployment Flexibility   Interoperability   SLAs   Quality of Service   Message Content Layer 7 Confidential 4
Achieve Control through Policy Enforcement Enforce  Security   Ensure  Reliability     Centralized  policy  enforcement  point  deployed     Ensure  data  confiden1ality  over  the   in-­‐house  or  in  the  cloud   wire  and  at  rest     Policy-­‐driven  authen1ca1on  and  fine-­‐grained,     Ensure  services  remain  readily  available   service  level  authoriza1on     Verify  messages  to  ensure  integrity     Enforce  policies  according  to  risk   Facilitate  Compliance     Generate  log  and  audit  files  at  mul1ple  levels     Export  of  data  for  correla1on  and  forensic  analysis     Verify  messages  for  compliance  to  industry  or   government-­‐mandated  specifica1ons   Layer 7 Confidential 5
Gain Visibility by Monitoring Services Ensure  SLA  Conformance   Assure  Quality  of  Service     Monitor  and  report  on  SLAs  using  an  agent-­‐less     Monitor  and  report  on  service   management  system   performance  in  real-­‐1me     Ensure  you  are  mee1ng  your  own  SLAs       Reroute  and  throFle  services  to       Ensure  you’re  geMng  the  value  you  expect     maintain  reach-­‐ability  and  availability   from  3rd-­‐party  service  providers     Alert  or  automate  ac1ons  based  on:     Throughput,  rou1ng  failures,   u1liza1on,  availability  rates,  etc   Track  Message  Content     Iden1fy  trends,  excep1ons  or  viola1ons  at  the  message  level     Report  on  user,  client  and  system  access  to  sensi1ve  data   Layer 7 Confidential 6
React at the Pace of Business Change Gain  Policy  Agility   Gain  Deployment  Flexibility     Decouple  security,  SLA,  compliance  and  other     Deploy  in-­‐house  or  in  the  cloud   shared  code  from  services     Mul1ple  form  factors:       Modify  exis1ng  or  deploy  new  policies  on  the  fly     Hardware  appliance     Out-­‐of-­‐the-­‐box  asser1ons  facilitate  policy     SoRware  appliance   assembly  without  coding     SoRware     Custom  asser1ons  let  you  meet         Cross-­‐domain  client   specific  requirements   Facilitate  Interoperability     Out-­‐of-­‐the  box  integra1on  with  leading  SOA  solu1ons     Standards-­‐based,  open  APIs  facilitates  integra1on   Layer 7 Confidential 7
Separation of Policy Enforcement Layer Using SecureSpan Gateways Service Hosts   Consistency   Reuse   Central Control Operator SecureSpan Gateway Cluster LDAP and/or IAM Service Requester Layer 7 Confidential 8
Leverage of Existing Identity Assets ID, Access Mgmt & STS   LDAP   Sun OpenSSO   RSA Cleartrust Web Services Server   CA/Netegrity SiteMinder & TxMinder   IBM TAM, TFIM Security WS-Trust Token Service   MSAD, Infocard (on VPN client) (STS) XML LDAP(S)   Oracle Access Mgr Native   New instances are simple to add Web Services Client LDAP Access Mgmt Policy Decision Points (PDPs) Layer 7 Confidential 9
Consistency and Scalability Cluster-wide Sharing   Cluster variables (user configurable)   Replay   Policy updates Horizontal Replay attack   SLA scalability prevention across the cluster HTTP Load Balancer Transparent replication of policy across the cluster Web Services Client Single point of management across cluster Layer 7 Confidential 10
Edge-of-Network, DMZ-based Deployment Internal Applications Internal Firewall External Firewall SecureSpan Gateway Cluster SecureSpan Internet Management Console Message Internal Network DMZ Corporate Network Service May 2009 May 2009 Requester Layer 7 Confidential 11 SecureSpan™ Gateway Overview Proprietary and Confidential 11
Rich Policy Language SecureSpan Gateway Cluster … SecureSpan Management Console Layer 7 Confidential 12
Apache Message +PERL Consumers Policy Decision Point (PDP) (IAM, STS, etc) .NET J2EE Applications Message Pros   Consistent security for all systems   Centrally managed Centralized   High performance, hardware accelerated document Gateway PEP processing and cryptography Cluster Cons Message Producer   Need rudimentary last mile security  SSL typically, SAML, WS-S   Must cluster for high availability May 2009 SecureSpan™ Gateway Overview Proprietary and Confidential 13
Centralized Gateway Co-   Accelerated XML transform processor Cluster   Accelerated XML schema val   Signing services (notary pattern) Virtual Loopback   Encryption services   Filtering for compliance   Threat detection Transformed XML document Input XML Apache document +PERL .NET J2EE ESB Message Producer/Consumers Applications May 2009 SecureSpan™ Gateway Overview Proprietary and Confidential 14
WSDL WSDL + Security Web Services Changes Server Which API do you program to? Web Services Shift of burden to Client Administrative client changes to policy change API Security implemented in code is difficult to change Very programmer intensive May 2009 SecureSpan™ Gateway Overview Proprietary and Confidential 15
WS-Policy Document SecureSpan XML VPN Client SOAP message “decorated” to current policy May 2009 SecureSpan™ Gateway Overview Proprietary and Confidential 16
Gateway acts as certificate authority Web Services Server Secure CSR Secure Certificate Download Web Services Client May 2009 SecureSpan™ Gateway Overview Proprietary and Confidential 17
Trusted Certificates Web Services Server LDAP or HTTP HTTP(S) Server LDAP(S) OCSP CRLs Administrative Web Services Client Secure Message Import  PKI System Certs May 2009 SecureSpan™ Gateway Overview Proprietary and Confidential 18
  Protecting & monitoring your ? applications in the cloud   Giving your cloud apps access to on-premises data sources ?   Big picture view of the distributed application network Enterprise On- Premise IT
Hardware PEP Virtual PEP ? Identical ? Functionality Application-Layer Isolation, Monitoring, & Control NetOps
Virtual Application Instance Virtual SecureSpan Instance Separate Instances Protected Application Stack Combined Instance May 2009 SecureSpan™ Gateway Overview Proprietary and Confidential 21
Some of our Partners Virtual SecureSpan Instance Layer 7 Confidential 22
Some of our Customers Layer 7 Confidential 23
Summary   Cloud should be viewed as a deployment pattern for SOA -  This means you should leverage SOA technology in the cloud -  Virtual SOA gateways, like SecureSpan, provide you with a means to secure cloud   SOA best practices for federation can be transferred into the cloud -  Avoid key material in the cloud -  Use distributable token validation strategy -  SAML, Kerberos -  Employ authorization based on attributes, not concrete identities -  These have persistence Layer 7 Confidential 24
For further information: K. Scott Morrison Layer 7 Technologies 405 – 1100 Melville St. Vancouver, B.C. V6E 4A6 Canada (800) 681-9377 smorrison@layer7tech.com http://www.layer7tech.com

Empfohlen

NGFW RFP TEMPLATE - TEST PLAN
NGFW RFP TEMPLATE - TEST PLANNGFW RFP TEMPLATE - TEST PLAN
NGFW RFP TEMPLATE - TEST PLANMoti Sagey מוטי שגיא
 
ClearPass 6.4.0 Release Notes
ClearPass 6.4.0 Release NotesClearPass 6.4.0 Release Notes
ClearPass 6.4.0 Release NotesAruba, a Hewlett Packard Enterprise company
 
What's New in API Connect & DataPower Gateway in 1H 2018
What's New in API Connect & DataPower Gateway in 1H 2018What's New in API Connect & DataPower Gateway in 1H 2018
What's New in API Connect & DataPower Gateway in 1H 2018IBM API Connect
 
Apigee Edge Overview and Roadmap
Apigee Edge Overview and RoadmapApigee Edge Overview and Roadmap
Apigee Edge Overview and RoadmapApigee | Google Cloud
 
Build your first blockchain application with Amazon Managed Blockchain - SVC2...
Build your first blockchain application with Amazon Managed Blockchain - SVC2...Build your first blockchain application with Amazon Managed Blockchain - SVC2...
Build your first blockchain application with Amazon Managed Blockchain - SVC2...Amazon Web Services
 
ClearPass Policy Manager 6.3 User Guide
ClearPass Policy Manager 6.3 User GuideClearPass Policy Manager 6.3 User Guide
ClearPass Policy Manager 6.3 User GuideAruba, a Hewlett Packard Enterprise company
 
The TLS Upgrade
The TLS UpgradeThe TLS Upgrade
The TLS UpgradeAppViewX
 
SINGLE SIGN-ON
SINGLE SIGN-ONSINGLE SIGN-ON
SINGLE SIGN-ONShambhavi Sahay
 

Empfohlen

NGFW RFP TEMPLATE - TEST PLAN
NGFW RFP TEMPLATE - TEST PLANNGFW RFP TEMPLATE - TEST PLAN
NGFW RFP TEMPLATE - TEST PLANMoti Sagey מוטי שגיא
 
ClearPass 6.4.0 Release Notes
ClearPass 6.4.0 Release NotesClearPass 6.4.0 Release Notes
ClearPass 6.4.0 Release NotesAruba, a Hewlett Packard Enterprise company
 
What's New in API Connect & DataPower Gateway in 1H 2018
What's New in API Connect & DataPower Gateway in 1H 2018What's New in API Connect & DataPower Gateway in 1H 2018
What's New in API Connect & DataPower Gateway in 1H 2018IBM API Connect
 
Apigee Edge Overview and Roadmap
Apigee Edge Overview and RoadmapApigee Edge Overview and Roadmap
Apigee Edge Overview and RoadmapApigee | Google Cloud
 
Build your first blockchain application with Amazon Managed Blockchain - SVC2...
Build your first blockchain application with Amazon Managed Blockchain - SVC2...Build your first blockchain application with Amazon Managed Blockchain - SVC2...
Build your first blockchain application with Amazon Managed Blockchain - SVC2...Amazon Web Services
 
ClearPass Policy Manager 6.3 User Guide
ClearPass Policy Manager 6.3 User GuideClearPass Policy Manager 6.3 User Guide
ClearPass Policy Manager 6.3 User GuideAruba, a Hewlett Packard Enterprise company
 
The TLS Upgrade
The TLS UpgradeThe TLS Upgrade
The TLS UpgradeAppViewX
 
SINGLE SIGN-ON
SINGLE SIGN-ONSINGLE SIGN-ON
SINGLE SIGN-ONShambhavi Sahay
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overviewBelsoft
 
Apigee Product Roadmap Part 2
Apigee Product Roadmap Part 2Apigee Product Roadmap Part 2
Apigee Product Roadmap Part 2Apigee | Google Cloud
 
Strong Customer Authentication & Biometrics
Strong Customer Authentication & BiometricsStrong Customer Authentication & Biometrics
Strong Customer Authentication & BiometricsFIDO Alliance
 
APIConnect Security Best Practice
APIConnect Security Best PracticeAPIConnect Security Best Practice
APIConnect Security Best PracticeShiu-Fun Poon
 
Single Sign On 101
Single Sign On 101Single Sign On 101
Single Sign On 101Mike Schwartz
 
WebSphere DataPower B2B Appliance overview
WebSphere DataPower B2B Appliance overviewWebSphere DataPower B2B Appliance overview
WebSphere DataPower B2B Appliance overviewSarah Duffy
 
Cisco umbrella youtube
Cisco umbrella youtubeCisco umbrella youtube
Cisco umbrella youtubeDhruv Sharma
 
Whats new in data power
Whats new in data powerWhats new in data power
Whats new in data powersflynn073
 
KeyRock and Wilma - Openstack-based Identity Management in FIWARE
KeyRock and Wilma - Openstack-based Identity Management in FIWAREKeyRock and Wilma - Openstack-based Identity Management in FIWARE
KeyRock and Wilma - Openstack-based Identity Management in FIWAREÁlvaro Alonso González
 
Putting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallPutting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallCisco Canada
 
Workflow Automation with Logic Apps
Workflow Automation with Logic AppsWorkflow Automation with Logic Apps
Workflow Automation with Logic AppsBizTalk360
 
Network Security - Fortinet, Dublin June 2017
Network Security - Fortinet, Dublin June 2017Network Security - Fortinet, Dublin June 2017
Network Security - Fortinet, Dublin June 2017Novosco
 
Temenos- Fiorano T24 Integration
Temenos- Fiorano T24 IntegrationTemenos- Fiorano T24 Integration
Temenos- Fiorano T24 IntegrationAshraf Imran
 
Single Sign-On and User Management With Salesforce Identity
Single Sign-On and User Management With Salesforce IdentitySingle Sign-On and User Management With Salesforce Identity
Single Sign-On and User Management With Salesforce IdentitySalesforce Developers
 
API Security Best Practices and Guidelines
API Security Best Practices and GuidelinesAPI Security Best Practices and Guidelines
API Security Best Practices and GuidelinesWSO2
 
Layer 7 Technologies: What Is An Xml Firewall
Layer 7 Technologies: What Is An Xml FirewallLayer 7 Technologies: What Is An Xml Firewall
Layer 7 Technologies: What Is An Xml FirewallCA API Management
 
2015/06/12 - IBM Systems & Middleware - IBM DataPower and API Management
2015/06/12 - IBM Systems & Middleware - IBM DataPower and API Management2015/06/12 - IBM Systems & Middleware - IBM DataPower and API Management
2015/06/12 - IBM Systems & Middleware - IBM DataPower and API ManagementRui Santos
 
API Governance and GitOps in Hybrid Integration Platform (MuleSoft)
API Governance and GitOps in Hybrid Integration Platform (MuleSoft)API Governance and GitOps in Hybrid Integration Platform (MuleSoft)
API Governance and GitOps in Hybrid Integration Platform (MuleSoft)Sumanth Donthi
 
Commerce Cloud 101
Commerce Cloud 101Commerce Cloud 101
Commerce Cloud 101Gaurav Kheterpal
 
Apigee Products Overview
Apigee Products OverviewApigee Products Overview
Apigee Products OverviewApigee | Google Cloud
 
5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...
5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...
5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...CA API Management
 
Trends in Web APIs Layer 7 API Management Workshop London
Trends in Web APIs Layer 7 API Management Workshop LondonTrends in Web APIs Layer 7 API Management Workshop London
Trends in Web APIs Layer 7 API Management Workshop LondonCA API Management
 

Weitere ähnliche Inhalte

Was ist angesagt?

Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overviewBelsoft
 
Strong Customer Authentication & Biometrics
Strong Customer Authentication & BiometricsStrong Customer Authentication & Biometrics
Strong Customer Authentication & BiometricsFIDO Alliance
 
APIConnect Security Best Practice
APIConnect Security Best PracticeAPIConnect Security Best Practice
APIConnect Security Best PracticeShiu-Fun Poon
 
WebSphere DataPower B2B Appliance overview
WebSphere DataPower B2B Appliance overviewWebSphere DataPower B2B Appliance overview
WebSphere DataPower B2B Appliance overviewSarah Duffy
 
Cisco umbrella youtube
Cisco umbrella youtubeCisco umbrella youtube
Cisco umbrella youtubeDhruv Sharma
 
Whats new in data power
Whats new in data powerWhats new in data power
Whats new in data powersflynn073
 
KeyRock and Wilma - Openstack-based Identity Management in FIWARE
KeyRock and Wilma - Openstack-based Identity Management in FIWAREKeyRock and Wilma - Openstack-based Identity Management in FIWARE
KeyRock and Wilma - Openstack-based Identity Management in FIWAREÁlvaro Alonso González
 
Putting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallPutting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallCisco Canada
 
Workflow Automation with Logic Apps
Workflow Automation with Logic AppsWorkflow Automation with Logic Apps
Workflow Automation with Logic AppsBizTalk360
 
Network Security - Fortinet, Dublin June 2017
Network Security - Fortinet, Dublin June 2017Network Security - Fortinet, Dublin June 2017
Network Security - Fortinet, Dublin June 2017Novosco
 
Temenos- Fiorano T24 Integration
Temenos- Fiorano T24 IntegrationTemenos- Fiorano T24 Integration
Temenos- Fiorano T24 IntegrationAshraf Imran
 
Single Sign-On and User Management With Salesforce Identity
Single Sign-On and User Management With Salesforce IdentitySingle Sign-On and User Management With Salesforce Identity
Single Sign-On and User Management With Salesforce IdentitySalesforce Developers
 
API Security Best Practices and Guidelines
API Security Best Practices and GuidelinesAPI Security Best Practices and Guidelines
API Security Best Practices and GuidelinesWSO2
 
Layer 7 Technologies: What Is An Xml Firewall
Layer 7 Technologies: What Is An Xml FirewallLayer 7 Technologies: What Is An Xml Firewall
Layer 7 Technologies: What Is An Xml FirewallCA API Management
 
2015/06/12 - IBM Systems & Middleware - IBM DataPower and API Management
2015/06/12 - IBM Systems & Middleware - IBM DataPower and API Management2015/06/12 - IBM Systems & Middleware - IBM DataPower and API Management
2015/06/12 - IBM Systems & Middleware - IBM DataPower and API ManagementRui Santos
 
API Governance and GitOps in Hybrid Integration Platform (MuleSoft)
API Governance and GitOps in Hybrid Integration Platform (MuleSoft)API Governance and GitOps in Hybrid Integration Platform (MuleSoft)
API Governance and GitOps in Hybrid Integration Platform (MuleSoft)Sumanth Donthi
 

Was ist angesagt? (20)

Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overview
 
Apigee Product Roadmap Part 2
Apigee Product Roadmap Part 2Apigee Product Roadmap Part 2
Apigee Product Roadmap Part 2
 
Strong Customer Authentication & Biometrics
Strong Customer Authentication & BiometricsStrong Customer Authentication & Biometrics
Strong Customer Authentication & Biometrics
 
APIConnect Security Best Practice
APIConnect Security Best PracticeAPIConnect Security Best Practice
APIConnect Security Best Practice
 
Single Sign On 101
Single Sign On 101Single Sign On 101
Single Sign On 101
 
WebSphere DataPower B2B Appliance overview
WebSphere DataPower B2B Appliance overviewWebSphere DataPower B2B Appliance overview
WebSphere DataPower B2B Appliance overview
 
Cisco umbrella youtube
Cisco umbrella youtubeCisco umbrella youtube
Cisco umbrella youtube
 
Whats new in data power
Whats new in data powerWhats new in data power
Whats new in data power
 
KeyRock and Wilma - Openstack-based Identity Management in FIWARE
KeyRock and Wilma - Openstack-based Identity Management in FIWAREKeyRock and Wilma - Openstack-based Identity Management in FIWARE
KeyRock and Wilma - Openstack-based Identity Management in FIWARE
 
Putting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallPutting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation Firewall
 
Workflow Automation with Logic Apps
Workflow Automation with Logic AppsWorkflow Automation with Logic Apps
Workflow Automation with Logic Apps
 
Network Security - Fortinet, Dublin June 2017
Network Security - Fortinet, Dublin June 2017Network Security - Fortinet, Dublin June 2017
Network Security - Fortinet, Dublin June 2017
 
Temenos- Fiorano T24 Integration
Temenos- Fiorano T24 IntegrationTemenos- Fiorano T24 Integration
Temenos- Fiorano T24 Integration
 
Single Sign-On and User Management With Salesforce Identity
Single Sign-On and User Management With Salesforce IdentitySingle Sign-On and User Management With Salesforce Identity
Single Sign-On and User Management With Salesforce Identity
 
API Security Best Practices and Guidelines
API Security Best Practices and GuidelinesAPI Security Best Practices and Guidelines
API Security Best Practices and Guidelines
 
Layer 7 Technologies: What Is An Xml Firewall
Layer 7 Technologies: What Is An Xml FirewallLayer 7 Technologies: What Is An Xml Firewall
Layer 7 Technologies: What Is An Xml Firewall
 
2015/06/12 - IBM Systems & Middleware - IBM DataPower and API Management
2015/06/12 - IBM Systems & Middleware - IBM DataPower and API Management2015/06/12 - IBM Systems & Middleware - IBM DataPower and API Management
2015/06/12 - IBM Systems & Middleware - IBM DataPower and API Management
 
API Governance and GitOps in Hybrid Integration Platform (MuleSoft)
API Governance and GitOps in Hybrid Integration Platform (MuleSoft)API Governance and GitOps in Hybrid Integration Platform (MuleSoft)
API Governance and GitOps in Hybrid Integration Platform (MuleSoft)
 
Commerce Cloud 101
Commerce Cloud 101Commerce Cloud 101
Commerce Cloud 101
 
Apigee Products Overview
Apigee Products OverviewApigee Products Overview
Apigee Products Overview
 

Andere mochten auch

5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...
5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...
5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...CA API Management
 
Trends in Web APIs Layer 7 API Management Workshop London
Trends in Web APIs Layer 7 API Management Workshop LondonTrends in Web APIs Layer 7 API Management Workshop London
Trends in Web APIs Layer 7 API Management Workshop LondonCA API Management
 
Layer 7: The Importance of Standards for Enterprise SOA and Cloud Security
Layer 7: The Importance of Standards for Enterprise SOA and Cloud SecurityLayer 7: The Importance of Standards for Enterprise SOA and Cloud Security
Layer 7: The Importance of Standards for Enterprise SOA and Cloud SecurityCA API Management
 
IBM Datapower Gateways - Devops with UrbanCode Deploy
IBM Datapower Gateways - Devops with UrbanCode DeployIBM Datapower Gateways - Devops with UrbanCode Deploy
IBM Datapower Gateways - Devops with UrbanCode DeployJared Putman
 
Api architectures for the modern enterprise
Api architectures for the modern enterpriseApi architectures for the modern enterprise
Api architectures for the modern enterpriseCA API Management
 
IBM DataPower Gateway - Common Use Cases
IBM DataPower Gateway - Common Use CasesIBM DataPower Gateway - Common Use Cases
IBM DataPower Gateway - Common Use CasesIBM DataPower Gateway
 

Andere mochten auch (6)

5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...
5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...
5 Reasons Why APIs Must be Part of Your Mobile Strategy - Scott Morrison, Dis...
 
Trends in Web APIs Layer 7 API Management Workshop London
Trends in Web APIs Layer 7 API Management Workshop LondonTrends in Web APIs Layer 7 API Management Workshop London
Trends in Web APIs Layer 7 API Management Workshop London
 
Layer 7: The Importance of Standards for Enterprise SOA and Cloud Security
Layer 7: The Importance of Standards for Enterprise SOA and Cloud SecurityLayer 7: The Importance of Standards for Enterprise SOA and Cloud Security
Layer 7: The Importance of Standards for Enterprise SOA and Cloud Security
 
IBM Datapower Gateways - Devops with UrbanCode Deploy
IBM Datapower Gateways - Devops with UrbanCode DeployIBM Datapower Gateways - Devops with UrbanCode Deploy
IBM Datapower Gateways - Devops with UrbanCode Deploy
 
Api architectures for the modern enterprise
Api architectures for the modern enterpriseApi architectures for the modern enterprise
Api architectures for the modern enterprise
 
IBM DataPower Gateway - Common Use Cases
IBM DataPower Gateway - Common Use CasesIBM DataPower Gateway - Common Use Cases
IBM DataPower Gateway - Common Use Cases
 

Ähnlich wie Layer 7 SecureSpan Solution

Integrating Novell Access Governance Suite with Novell Identity Manager
Integrating Novell Access Governance Suite with Novell Identity ManagerIntegrating Novell Access Governance Suite with Novell Identity Manager
Integrating Novell Access Governance Suite with Novell Identity ManagerNovell
 
Extending Enterprise Security into the Cloud
Extending Enterprise Security into the CloudExtending Enterprise Security into the Cloud
Extending Enterprise Security into the CloudCA API Management
 
How to Choose the Right API Management Solution
How to Choose the Right API Management SolutionHow to Choose the Right API Management Solution
How to Choose the Right API Management SolutionCA API Management
 
Secure Enterprise Cloud
Secure Enterprise CloudSecure Enterprise Cloud
Secure Enterprise CloudIndu Kodukula
 
Layer 7: Enterprise Service Governance with SecureSpan
Layer 7: Enterprise Service Governance with SecureSpanLayer 7: Enterprise Service Governance with SecureSpan
Layer 7: Enterprise Service Governance with SecureSpanCA API Management
 
SaaS Testing Overview - Foundation
SaaS Testing Overview - FoundationSaaS Testing Overview - Foundation
SaaS Testing Overview - FoundationRam Garg
 
Tracking SLAs In Cloud
Tracking SLAs In CloudTracking SLAs In Cloud
Tracking SLAs In CloudSatish Agrawal
 
Securing Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security ServiceSecuring Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security ServiceNovell
 
Mms201 Optimize Your Server Infrastructure
Mms201 Optimize Your Server InfrastructureMms201 Optimize Your Server Infrastructure
Mms201 Optimize Your Server Infrastructureguestd9aa5
 
Cloud Computing in Practice: Fast Application Development and Delivery on For...
Cloud Computing in Practice: Fast Application Development and Delivery on For...Cloud Computing in Practice: Fast Application Development and Delivery on For...
Cloud Computing in Practice: Fast Application Development and Delivery on For...catherinewall
 
SaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsSaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsKannan Subbiah
 
Building a database security program
Building a database security programBuilding a database security program
Building a database security programmatt_presson
 
Accelerating SOA Security and Gov
Accelerating SOA Security and GovAccelerating SOA Security and Gov
Accelerating SOA Security and GovCA API Management
 
Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1OracleIDM
 
Managing a public cloud
Managing a public cloudManaging a public cloud
Managing a public cloudInterop
 
2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity RoadmapRaleigh ISSA
 
Cloud Security: Perception VS Reality
Cloud Security: Perception VS RealityCloud Security: Perception VS Reality
Cloud Security: Perception VS RealityKVH Co. Ltd.
 

Ähnlich wie Layer 7 SecureSpan Solution (20)

Integrating Novell Access Governance Suite with Novell Identity Manager
Integrating Novell Access Governance Suite with Novell Identity ManagerIntegrating Novell Access Governance Suite with Novell Identity Manager
Integrating Novell Access Governance Suite with Novell Identity Manager
 
Extending Enterprise Security into the Cloud
Extending Enterprise Security into the CloudExtending Enterprise Security into the Cloud
Extending Enterprise Security into the Cloud
 
Sqa material
Sqa materialSqa material
Sqa material
 
How to Choose the Right API Management Solution
How to Choose the Right API Management SolutionHow to Choose the Right API Management Solution
How to Choose the Right API Management Solution
 
Secure Enterprise Cloud
Secure Enterprise CloudSecure Enterprise Cloud
Secure Enterprise Cloud
 
Layer 7: Enterprise Service Governance with SecureSpan
Layer 7: Enterprise Service Governance with SecureSpanLayer 7: Enterprise Service Governance with SecureSpan
Layer 7: Enterprise Service Governance with SecureSpan
 
SaaS Testing Overview - Foundation
SaaS Testing Overview - FoundationSaaS Testing Overview - Foundation
SaaS Testing Overview - Foundation
 
Tracking SLAs In Cloud
Tracking SLAs In CloudTracking SLAs In Cloud
Tracking SLAs In Cloud
 
Securing Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security ServiceSecuring Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security Service
 
Mms201 Optimize Your Server Infrastructure
Mms201 Optimize Your Server InfrastructureMms201 Optimize Your Server Infrastructure
Mms201 Optimize Your Server Infrastructure
 
Cloud Computing in Practice: Fast Application Development and Delivery on For...
Cloud Computing in Practice: Fast Application Development and Delivery on For...Cloud Computing in Practice: Fast Application Development and Delivery on For...
Cloud Computing in Practice: Fast Application Development and Delivery on For...
 
SaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsSaaS Challenges & Security Concerns
SaaS Challenges & Security Concerns
 
Building a database security program
Building a database security programBuilding a database security program
Building a database security program
 
Accelerating SOA Security and Gov
Accelerating SOA Security and GovAccelerating SOA Security and Gov
Accelerating SOA Security and Gov
 
TDSi Open Day
TDSi Open DayTDSi Open Day
TDSi Open Day
 
Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1
 
Managing a public cloud
Managing a public cloudManaging a public cloud
Managing a public cloud
 
2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap
 
Cloud Security: Perception VS Reality
Cloud Security: Perception VS RealityCloud Security: Perception VS Reality
Cloud Security: Perception VS Reality
 
Cloud, agile
Cloud, agileCloud, agile
Cloud, agile
 

Mehr von CA API Management

Mastering Digital Channels with APIs
Mastering Digital Channels with APIsMastering Digital Channels with APIs
Mastering Digital Channels with APIsCA API Management
 
Takeaways from API Security Breaches Webinar
Takeaways from API Security Breaches WebinarTakeaways from API Security Breaches Webinar
Takeaways from API Security Breaches WebinarCA API Management
 
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...CA API Management
 
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...CA API Management
 
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...CA API Management
 
API Monetization: Unlock the Value of Your Data
API Monetization: Unlock the Value of Your DataAPI Monetization: Unlock the Value of Your Data
API Monetization: Unlock the Value of Your DataCA API Management
 
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...CA API Management
 
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...CA API Management
 
Enabling the Multi-Device Universe
Enabling the Multi-Device UniverseEnabling the Multi-Device Universe
Enabling the Multi-Device UniverseCA API Management
 
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...CA API Management
 
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...CA API Management
 
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...CA API Management
 
Adapting to Digital Change: Use APIs to Delight Customers & Win
Adapting to Digital Change: Use APIs to Delight Customers & WinAdapting to Digital Change: Use APIs to Delight Customers & Win
Adapting to Digital Change: Use APIs to Delight Customers & WinCA API Management
 
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...CA API Management
 
5 steps end to end security consumer apps
5 steps end to end security consumer apps5 steps end to end security consumer apps
5 steps end to end security consumer appsCA API Management
 
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...CA API Management
 
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...CA API Management
 
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...CA API Management
 
Using APIs to Create an Omni-Channel Retail Experience
Using APIs to Create an Omni-Channel Retail ExperienceUsing APIs to Create an Omni-Channel Retail Experience
Using APIs to Create an Omni-Channel Retail ExperienceCA API Management
 
Panel Session: Security & Privacy for Connected Cars w/ Scott Morrison, SVP ...
Panel Session: Security & Privacy for Connected Cars w/ Scott Morrison, SVP ... Panel Session: Security & Privacy for Connected Cars w/ Scott Morrison, SVP ...
Panel Session: Security & Privacy for Connected Cars w/ Scott Morrison, SVP ...CA API Management
 

Mehr von CA API Management (20)

Mastering Digital Channels with APIs
Mastering Digital Channels with APIsMastering Digital Channels with APIs
Mastering Digital Channels with APIs
 
Takeaways from API Security Breaches Webinar
Takeaways from API Security Breaches WebinarTakeaways from API Security Breaches Webinar
Takeaways from API Security Breaches Webinar
 
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
 
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
 
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
 
API Monetization: Unlock the Value of Your Data
API Monetization: Unlock the Value of Your DataAPI Monetization: Unlock the Value of Your Data
API Monetization: Unlock the Value of Your Data
 
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
 
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
 
Enabling the Multi-Device Universe
Enabling the Multi-Device UniverseEnabling the Multi-Device Universe
Enabling the Multi-Device Universe
 
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...
 
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...
 
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
 
Adapting to Digital Change: Use APIs to Delight Customers & Win
Adapting to Digital Change: Use APIs to Delight Customers & WinAdapting to Digital Change: Use APIs to Delight Customers & Win
Adapting to Digital Change: Use APIs to Delight Customers & Win
 
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
 
5 steps end to end security consumer apps
5 steps end to end security consumer apps5 steps end to end security consumer apps
5 steps end to end security consumer apps
 
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
 
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
 
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...
 
Using APIs to Create an Omni-Channel Retail Experience
Using APIs to Create an Omni-Channel Retail ExperienceUsing APIs to Create an Omni-Channel Retail Experience
Using APIs to Create an Omni-Channel Retail Experience
 
Panel Session: Security & Privacy for Connected Cars w/ Scott Morrison, SVP ...
Panel Session: Security & Privacy for Connected Cars w/ Scott Morrison, SVP ... Panel Session: Security & Privacy for Connected Cars w/ Scott Morrison, SVP ...
Panel Session: Security & Privacy for Connected Cars w/ Scott Morrison, SVP ...
 

Kürzlich hochgeladen

Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 

Kürzlich hochgeladen (20)

Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 

Layer 7 SecureSpan Solution

  • 1. SecureSpan Solution   Security and Monitoring for Services Inside the Enterprise and out to the Cloud K. Scott Morrison CTO & Chief Architect Layer 7 Technologies
  • 2. About Layer 7   Layer 7 is the leading vendor of security and governance for: Cloud SOA Customers Revenue XML 2003 2006 2009 Layer 7 Confidential 2
  • 3. Why Governance? Governance is essential. Governance is needed for “ security, planned change and configuration “ management, testing, monitoring, and setting of quality-of-service requirements. Jess Thompson, Research Vice President As quoted by CyberMedia India Online Ltd (http://www.ciol.com/enterprise/biztech/news-reports/soa-evolving-beyond-traditional-roots/3409118003/0/) Layer 7 Confidential 3
  • 4. Layer 7’s Approach to Governance   Security   Compliance   Reliability   Policy Agility   Deployment Flexibility   Interoperability   SLAs   Quality of Service   Message Content Layer 7 Confidential 4
  • 5. Achieve Control through Policy Enforcement Enforce  Security   Ensure  Reliability     Centralized  policy  enforcement  point  deployed     Ensure  data  confiden1ality  over  the   in-­‐house  or  in  the  cloud   wire  and  at  rest     Policy-­‐driven  authen1ca1on  and  fine-­‐grained,     Ensure  services  remain  readily  available   service  level  authoriza1on     Verify  messages  to  ensure  integrity     Enforce  policies  according  to  risk   Facilitate  Compliance     Generate  log  and  audit  files  at  mul1ple  levels     Export  of  data  for  correla1on  and  forensic  analysis     Verify  messages  for  compliance  to  industry  or   government-­‐mandated  specifica1ons   Layer 7 Confidential 5
  • 6. Gain Visibility by Monitoring Services Ensure  SLA  Conformance   Assure  Quality  of  Service     Monitor  and  report  on  SLAs  using  an  agent-­‐less     Monitor  and  report  on  service   management  system   performance  in  real-­‐1me     Ensure  you  are  mee1ng  your  own  SLAs       Reroute  and  throFle  services  to       Ensure  you’re  geMng  the  value  you  expect     maintain  reach-­‐ability  and  availability   from  3rd-­‐party  service  providers     Alert  or  automate  ac1ons  based  on:     Throughput,  rou1ng  failures,   u1liza1on,  availability  rates,  etc   Track  Message  Content     Iden1fy  trends,  excep1ons  or  viola1ons  at  the  message  level     Report  on  user,  client  and  system  access  to  sensi1ve  data   Layer 7 Confidential 6
  • 7. React at the Pace of Business Change Gain  Policy  Agility   Gain  Deployment  Flexibility     Decouple  security,  SLA,  compliance  and  other     Deploy  in-­‐house  or  in  the  cloud   shared  code  from  services     Mul1ple  form  factors:       Modify  exis1ng  or  deploy  new  policies  on  the  fly     Hardware  appliance     Out-­‐of-­‐the-­‐box  asser1ons  facilitate  policy     SoRware  appliance   assembly  without  coding     SoRware     Custom  asser1ons  let  you  meet         Cross-­‐domain  client   specific  requirements   Facilitate  Interoperability     Out-­‐of-­‐the  box  integra1on  with  leading  SOA  solu1ons     Standards-­‐based,  open  APIs  facilitates  integra1on   Layer 7 Confidential 7
  • 8. Separation of Policy Enforcement Layer Using SecureSpan Gateways Service Hosts   Consistency   Reuse   Central Control Operator SecureSpan Gateway Cluster LDAP and/or IAM Service Requester Layer 7 Confidential 8
  • 9. Leverage of Existing Identity Assets ID, Access Mgmt & STS   LDAP   Sun OpenSSO   RSA Cleartrust Web Services Server   CA/Netegrity SiteMinder & TxMinder   IBM TAM, TFIM Security WS-Trust Token Service   MSAD, Infocard (on VPN client) (STS) XML LDAP(S)   Oracle Access Mgr Native   New instances are simple to add Web Services Client LDAP Access Mgmt Policy Decision Points (PDPs) Layer 7 Confidential 9
  • 10. Consistency and Scalability Cluster-wide Sharing   Cluster variables (user configurable)   Replay   Policy updates Horizontal Replay attack   SLA scalability prevention across the cluster HTTP Load Balancer Transparent replication of policy across the cluster Web Services Client Single point of management across cluster Layer 7 Confidential 10
  • 11. Edge-of-Network, DMZ-based Deployment Internal Applications Internal Firewall External Firewall SecureSpan Gateway Cluster SecureSpan Internet Management Console Message Internal Network DMZ Corporate Network Service May 2009 May 2009 Requester Layer 7 Confidential 11 SecureSpan™ Gateway Overview Proprietary and Confidential 11
  • 12. Rich Policy Language SecureSpan Gateway Cluster … SecureSpan Management Console Layer 7 Confidential 12
  • 13. Apache Message +PERL Consumers Policy Decision Point (PDP) (IAM, STS, etc) .NET J2EE Applications Message Pros   Consistent security for all systems   Centrally managed Centralized   High performance, hardware accelerated document Gateway PEP processing and cryptography Cluster Cons Message Producer   Need rudimentary last mile security  SSL typically, SAML, WS-S   Must cluster for high availability May 2009 SecureSpan™ Gateway Overview Proprietary and Confidential 13
  • 14. Centralized Gateway Co-   Accelerated XML transform processor Cluster   Accelerated XML schema val   Signing services (notary pattern) Virtual Loopback   Encryption services   Filtering for compliance   Threat detection Transformed XML document Input XML Apache document +PERL .NET J2EE ESB Message Producer/Consumers Applications May 2009 SecureSpan™ Gateway Overview Proprietary and Confidential 14
  • 15. WSDL WSDL + Security Web Services Changes Server Which API do you program to? Web Services Shift of burden to Client Administrative client changes to policy change API Security implemented in code is difficult to change Very programmer intensive May 2009 SecureSpan™ Gateway Overview Proprietary and Confidential 15
  • 16. WS-Policy Document SecureSpan XML VPN Client SOAP message “decorated” to current policy May 2009 SecureSpan™ Gateway Overview Proprietary and Confidential 16
  • 17. Gateway acts as certificate authority Web Services Server Secure CSR Secure Certificate Download Web Services Client May 2009 SecureSpan™ Gateway Overview Proprietary and Confidential 17
  • 18. Trusted Certificates Web Services Server LDAP or HTTP HTTP(S) Server LDAP(S) OCSP CRLs Administrative Web Services Client Secure Message Import  PKI System Certs May 2009 SecureSpan™ Gateway Overview Proprietary and Confidential 18
  • 19.   Protecting & monitoring your ? applications in the cloud   Giving your cloud apps access to on-premises data sources ?   Big picture view of the distributed application network Enterprise On- Premise IT
  • 20. Hardware PEP Virtual PEP ? Identical ? Functionality Application-Layer Isolation, Monitoring, & Control NetOps
  • 21. Virtual Application Instance Virtual SecureSpan Instance Separate Instances Protected Application Stack Combined Instance May 2009 SecureSpan™ Gateway Overview Proprietary and Confidential 21
  • 22. Some of our Partners Virtual SecureSpan Instance Layer 7 Confidential 22
  • 23. Some of our Customers Layer 7 Confidential 23
  • 24. Summary   Cloud should be viewed as a deployment pattern for SOA -  This means you should leverage SOA technology in the cloud -  Virtual SOA gateways, like SecureSpan, provide you with a means to secure cloud   SOA best practices for federation can be transferred into the cloud -  Avoid key material in the cloud -  Use distributable token validation strategy -  SAML, Kerberos -  Employ authorization based on attributes, not concrete identities -  These have persistence Layer 7 Confidential 24
  • 25. For further information: K. Scott Morrison Layer 7 Technologies 405 – 1100 Melville St. Vancouver, B.C. V6E 4A6 Canada (800) 681-9377 smorrison@layer7tech.com http://www.layer7tech.com