SlideShare a Scribd company logo

Layer 7: Managing SOA Security and Operations with SecureSpan

CA API Management
CA API Management

Francois Lascelles presents Managing SOA Security and Operations with Layer 7's SecureSpan.

TechnologyBusiness
1 of 23
Managing SOA Security and Operations with SecureSpan Francois Lascelles Technical Director, Layer 7 Technologies
About Layer 7 ,[object Object],2003 2006 2009 Customers Revenue XML SOA Cloud
Why Layer 7 SecureSpan? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
SecureSpan XML Gateway  secure ws transit point  ws-security implementation  trust management  mediation, integration  threat protection  auditing, sla  monitoring, reporting
Hardware or software appliance form factor ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],COTS appliance form factor enables ‘drop-in’ solution with minimal deployment time and instant value. No agents to deploy, no dependencies.
Policy Studio Policies are created by organizing assertions in logical tree structures. Policies are changed on the fly, without service interruptions. Rich palette, extensible through JAVA API. Design, implementation and deployment in hours, not months or years. Automated, scripted provisioning and management through API.
Message level aware intermediary Web Services Delegate common or expensive XML related tasks from your endpoints to your infrastructure. Cut development costs and increase governance by implementing more business logic at infrastructure level.
How to implement security in the Enterprise SOA? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Security implemented in the service endpoints? endpoints applications IAM ,[object Object],[object Object],[object Object],[object Object],[object Object]
Delegating endpoint security XML Gateway enforces security for incoming traffic on behalf of protected services. XML Gateway secures outgoing traffic on behalf of protected services. protected services
Identity Federation, Trust Management ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Threat Protection ,[object Object],[object Object],[object Object],Schema poisoning Recursive entity attacks Code injections WSDL fishing Parser attacks …
Service level monitoring, enforcement ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Loose coupling, late binding Who does that? Route message to appropriate endpoint ,[object Object],[object Object],[object Object],[object Object],[object Object],New type of request ,[object Object],[object Object],[object Object],[object Object],[object Object]
ESB co-processing ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],JBossESB
Enterprise Service Manager Agent-less WS Management  Enterprise wide view of services  Performance and usage reports  Service and policy migration  Remote gateway start/stop  Custom reports  Remote gateway upgrade, upload modules*
Assisted migration across environments
Enterprise services in the cloud Enterprise deploys own services on cloud provider Monitoring? Msg level security? Quality of service? Reports? Enterprise subscriber Lack of in-house service governance is a barrier to adoption
SecureSpan on public/enterprise cloud
Customer case: air traffic scheduling service provider Hosted service Data agglomeration Fixed file length proprietary format LHR AMS FRA YYZ Runway information fed from airports Repurposed data sent to airlines and outsourced systems EDS flight planner Lufthansa systems Swiss airline ,[object Object],[object Object],[object Object],[object Object]
Customer case: insurance cross platform integration ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Customer case: healthcare electronic exchange - Health records - Prescriptions - Provider services National PKI infrastructure … ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Hospital and emergency applications
Customer case: military CDS ,[object Object],[object Object],[object Object],[object Object],[object Object],AIR FORCE Others ARMY NAVY
For more information about SecureSpan: http://www.layer7tech.com

Recommended

Cloud design patterns - Federated Identity & Gatekeeper
Cloud design patterns - Federated Identity & GatekeeperCloud design patterns - Federated Identity & Gatekeeper
Cloud design patterns - Federated Identity & GatekeeperRoger Chien
 
ACG Company Brief 2010
ACG Company Brief 2010ACG Company Brief 2010
ACG Company Brief 2010doakley
 
Federated Identity Architectures Integrating With The Cloud
Federated Identity Architectures Integrating With The CloudFederated Identity Architectures Integrating With The Cloud
Federated Identity Architectures Integrating With The Cloudrsnarayanan
 
Getting Cloud Architecture Right the First Time Ver 2
Getting Cloud Architecture Right the First Time Ver 2Getting Cloud Architecture Right the First Time Ver 2
Getting Cloud Architecture Right the First Time Ver 2David Linthicum
 
Data Security Service Offering-v3
Data Security Service Offering-v3Data Security Service Offering-v3
Data Security Service Offering-v3Abe Newton
 
WhiteHat Security Presentation
WhiteHat Security PresentationWhiteHat Security Presentation
WhiteHat Security Presentationmarkgmeyer
 
Security Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsSecurity Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsTechcello
 
Ixia/Net Optics - Visibility Architecture Solution Brief
Ixia/Net Optics - Visibility Architecture Solution BriefIxia/Net Optics - Visibility Architecture Solution Brief
Ixia/Net Optics - Visibility Architecture Solution BriefNetwork Performance Channel GmbH
 

Recommended

Cloud design patterns - Federated Identity & Gatekeeper
Cloud design patterns - Federated Identity & GatekeeperCloud design patterns - Federated Identity & Gatekeeper
Cloud design patterns - Federated Identity & GatekeeperRoger Chien
 
ACG Company Brief 2010
ACG Company Brief 2010ACG Company Brief 2010
ACG Company Brief 2010doakley
 
Federated Identity Architectures Integrating With The Cloud
Federated Identity Architectures Integrating With The CloudFederated Identity Architectures Integrating With The Cloud
Federated Identity Architectures Integrating With The Cloudrsnarayanan
 
Getting Cloud Architecture Right the First Time Ver 2
Getting Cloud Architecture Right the First Time Ver 2Getting Cloud Architecture Right the First Time Ver 2
Getting Cloud Architecture Right the First Time Ver 2David Linthicum
 
Data Security Service Offering-v3
Data Security Service Offering-v3Data Security Service Offering-v3
Data Security Service Offering-v3Abe Newton
 
WhiteHat Security Presentation
WhiteHat Security PresentationWhiteHat Security Presentation
WhiteHat Security Presentationmarkgmeyer
 
Security Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsSecurity Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsTechcello
 
Ixia/Net Optics - Visibility Architecture Solution Brief
Ixia/Net Optics - Visibility Architecture Solution BriefIxia/Net Optics - Visibility Architecture Solution Brief
Ixia/Net Optics - Visibility Architecture Solution BriefNetwork Performance Channel GmbH
 
Sem cis ise
Sem cis iseSem cis ise
Sem cis iseLino Quivén
 
SOA Security Model For EAI
SOA Security Model For EAISOA Security Model For EAI
SOA Security Model For EAIvivekjv
 
Enterprise Edge Security with Cisco ISE
Enterprise Edge Security with Cisco ISEEnterprise Edge Security with Cisco ISE
Enterprise Edge Security with Cisco ISEFast Lane Consulting and Education, Inc.
 
Connect security to your business with mc afee epo software
Connect security to your business with mc afee epo softwareConnect security to your business with mc afee epo software
Connect security to your business with mc afee epo softwarewardell henley
 
Webinar compiled powerpoint
Webinar compiled powerpointWebinar compiled powerpoint
Webinar compiled powerpointCloudPassage
 
PCI & Serverless - Everything you need to know
PCI & Serverless - Everything you need to knowPCI & Serverless - Everything you need to know
PCI & Serverless - Everything you need to knowPureSec
 
2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Services2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Servicesssphelps
 
Sweden dst tpam 2014
Sweden dst tpam 2014Sweden dst tpam 2014
Sweden dst tpam 2014Ronny Stavem
 
Implementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudImplementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudAjit Bhingarkar
 
Gallagher Systems Catalogue
Gallagher Systems CatalogueGallagher Systems Catalogue
Gallagher Systems CatalogueClaudiu Sandor
 
Share Point Server Security with Joel Oleson
Share Point Server Security with Joel OlesonShare Point Server Security with Joel Oleson
Share Point Server Security with Joel OlesonJoel Oleson
 
Dell Quest TPAM Privileged Access Control
Dell Quest TPAM Privileged Access ControlDell Quest TPAM Privileged Access Control
Dell Quest TPAM Privileged Access ControlAidy Tificate
 
Security Patterns with the WSO2 ESB
Security Patterns with the WSO2 ESBSecurity Patterns with the WSO2 ESB
Security Patterns with the WSO2 ESBWSO2
 
cloud Resilience
cloud Resilience cloud Resilience
cloud Resilience Integral university, India
 
Security and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureSecurity and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureCloudPassage
 
Haris Sheikh(system administrator)..
Haris Sheikh(system administrator)..Haris Sheikh(system administrator)..
Haris Sheikh(system administrator)..Muhammad Haris Sheikh
 
WAF FOR PCI-DSS COMPLIANCE
WAF FOR PCI-DSS COMPLIANCEWAF FOR PCI-DSS COMPLIANCE
WAF FOR PCI-DSS COMPLIANCE Array Networks
 
Summer School Soa Governance 09 Jul
Summer School Soa Governance 09 JulSummer School Soa Governance 09 Jul
Summer School Soa Governance 09 JulWSO2
 
Layer 7: Enterprise SOA with SecureSpan and JavaCaps
Layer 7: Enterprise SOA with SecureSpan and JavaCapsLayer 7: Enterprise SOA with SecureSpan and JavaCaps
Layer 7: Enterprise SOA with SecureSpan and JavaCapsCA API Management
 
Layer 7: Enterprise Service Governance with SecureSpan
Layer 7: Enterprise Service Governance with SecureSpanLayer 7: Enterprise Service Governance with SecureSpan
Layer 7: Enterprise Service Governance with SecureSpanCA API Management
 
Cisco Sona
Cisco SonaCisco Sona
Cisco Sonajayconde
 
Monetizing The Enterprise: Borderless Networks
Monetizing The Enterprise: Borderless NetworksMonetizing The Enterprise: Borderless Networks
Monetizing The Enterprise: Borderless NetworksCisco Service Provider
 

More Related Content

What's hot

SOA Security Model For EAI
SOA Security Model For EAISOA Security Model For EAI
SOA Security Model For EAIvivekjv
 
Connect security to your business with mc afee epo software
Connect security to your business with mc afee epo softwareConnect security to your business with mc afee epo software
Connect security to your business with mc afee epo softwarewardell henley
 
Webinar compiled powerpoint
Webinar compiled powerpointWebinar compiled powerpoint
Webinar compiled powerpointCloudPassage
 
PCI & Serverless - Everything you need to know
PCI & Serverless - Everything you need to knowPCI & Serverless - Everything you need to know
PCI & Serverless - Everything you need to knowPureSec
 
2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Services2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Servicesssphelps
 
Sweden dst tpam 2014
Sweden dst tpam 2014Sweden dst tpam 2014
Sweden dst tpam 2014Ronny Stavem
 
Implementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudImplementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudAjit Bhingarkar
 
Gallagher Systems Catalogue
Gallagher Systems CatalogueGallagher Systems Catalogue
Gallagher Systems CatalogueClaudiu Sandor
 
Share Point Server Security with Joel Oleson
Share Point Server Security with Joel OlesonShare Point Server Security with Joel Oleson
Share Point Server Security with Joel OlesonJoel Oleson
 
Dell Quest TPAM Privileged Access Control
Dell Quest TPAM Privileged Access ControlDell Quest TPAM Privileged Access Control
Dell Quest TPAM Privileged Access ControlAidy Tificate
 
Security Patterns with the WSO2 ESB
Security Patterns with the WSO2 ESBSecurity Patterns with the WSO2 ESB
Security Patterns with the WSO2 ESBWSO2
 
Security and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureSecurity and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureCloudPassage
 
Haris Sheikh(system administrator)..
Haris Sheikh(system administrator)..Haris Sheikh(system administrator)..
Haris Sheikh(system administrator)..Muhammad Haris Sheikh
 
WAF FOR PCI-DSS COMPLIANCE
WAF FOR PCI-DSS COMPLIANCEWAF FOR PCI-DSS COMPLIANCE
WAF FOR PCI-DSS COMPLIANCE Array Networks
 
Summer School Soa Governance 09 Jul
Summer School Soa Governance 09 JulSummer School Soa Governance 09 Jul
Summer School Soa Governance 09 JulWSO2
 

What's hot (18)

Sem cis ise
Sem cis iseSem cis ise
Sem cis ise
 
SOA Security Model For EAI
SOA Security Model For EAISOA Security Model For EAI
SOA Security Model For EAI
 
Enterprise Edge Security with Cisco ISE
Enterprise Edge Security with Cisco ISEEnterprise Edge Security with Cisco ISE
Enterprise Edge Security with Cisco ISE
 
Connect security to your business with mc afee epo software
Connect security to your business with mc afee epo softwareConnect security to your business with mc afee epo software
Connect security to your business with mc afee epo software
 
Webinar compiled powerpoint
Webinar compiled powerpointWebinar compiled powerpoint
Webinar compiled powerpoint
 
PCI & Serverless - Everything you need to know
PCI & Serverless - Everything you need to knowPCI & Serverless - Everything you need to know
PCI & Serverless - Everything you need to know
 
2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Services2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Services
 
Sweden dst tpam 2014
Sweden dst tpam 2014Sweden dst tpam 2014
Sweden dst tpam 2014
 
Implementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudImplementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloud
 
Gallagher Systems Catalogue
Gallagher Systems CatalogueGallagher Systems Catalogue
Gallagher Systems Catalogue
 
Share Point Server Security with Joel Oleson
Share Point Server Security with Joel OlesonShare Point Server Security with Joel Oleson
Share Point Server Security with Joel Oleson
 
Dell Quest TPAM Privileged Access Control
Dell Quest TPAM Privileged Access ControlDell Quest TPAM Privileged Access Control
Dell Quest TPAM Privileged Access Control
 
Security Patterns with the WSO2 ESB
Security Patterns with the WSO2 ESBSecurity Patterns with the WSO2 ESB
Security Patterns with the WSO2 ESB
 
cloud Resilience
cloud Resilience cloud Resilience
cloud Resilience
 
Security and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureSecurity and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud Infrastructure
 
Haris Sheikh(system administrator)..
Haris Sheikh(system administrator)..Haris Sheikh(system administrator)..
Haris Sheikh(system administrator)..
 
WAF FOR PCI-DSS COMPLIANCE
WAF FOR PCI-DSS COMPLIANCEWAF FOR PCI-DSS COMPLIANCE
WAF FOR PCI-DSS COMPLIANCE
 
Summer School Soa Governance 09 Jul
Summer School Soa Governance 09 JulSummer School Soa Governance 09 Jul
Summer School Soa Governance 09 Jul
 

Similar to Layer 7: Managing SOA Security and Operations with SecureSpan

Layer 7: Enterprise SOA with SecureSpan and JavaCaps
Layer 7: Enterprise SOA with SecureSpan and JavaCapsLayer 7: Enterprise SOA with SecureSpan and JavaCaps
Layer 7: Enterprise SOA with SecureSpan and JavaCapsCA API Management
 
Layer 7: Enterprise Service Governance with SecureSpan
Layer 7: Enterprise Service Governance with SecureSpanLayer 7: Enterprise Service Governance with SecureSpan
Layer 7: Enterprise Service Governance with SecureSpanCA API Management
 
Cisco Sona
Cisco SonaCisco Sona
Cisco Sonajayconde
 
Monetizing The Enterprise: Borderless Networks
Monetizing The Enterprise: Borderless NetworksMonetizing The Enterprise: Borderless Networks
Monetizing The Enterprise: Borderless NetworksCisco Service Provider
 
Layer 7: Getting Your SOA to Production Without Cost and Complexity
Layer 7: Getting Your SOA to Production Without Cost and ComplexityLayer 7: Getting Your SOA to Production Without Cost and Complexity
Layer 7: Getting Your SOA to Production Without Cost and ComplexityCA API Management
 
An Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the CloudAn Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the CloudAmazon Web Services
 
Web Api services using IBM Datapower
Web Api services using IBM DatapowerWeb Api services using IBM Datapower
Web Api services using IBM DatapowerSigortam.net
 
Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Rishabh Dangwal
 
Cross selling 5
Cross selling 5Cross selling 5
Cross selling 5Sen Nathan
 
20070605 Radware
20070605 Radware20070605 Radware
20070605 RadwareINFOTIME
 
WebSphere DataPower B2B Appliance overview
WebSphere DataPower B2B Appliance overviewWebSphere DataPower B2B Appliance overview
WebSphere DataPower B2B Appliance overviewSarah Duffy
 
Azure Serrvices Platform Pro Dev Partners
Azure Serrvices Platform Pro Dev PartnersAzure Serrvices Platform Pro Dev Partners
Azure Serrvices Platform Pro Dev PartnersJohn Stame
 
Common DataPower use cases, incl Caching with XC-10 appliance.
Common DataPower use cases, incl Caching with XC-10 appliance.Common DataPower use cases, incl Caching with XC-10 appliance.
Common DataPower use cases, incl Caching with XC-10 appliance.sflynn073
 
Data power use cases
Data power use casesData power use cases
Data power use casessflynn073
 
Information Security
Information SecurityInformation Security
Information SecurityMohit8780
 
CloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingCloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingAmazon Web Services
 

Similar to Layer 7: Managing SOA Security and Operations with SecureSpan (20)

Layer 7: Enterprise SOA with SecureSpan and JavaCaps
Layer 7: Enterprise SOA with SecureSpan and JavaCapsLayer 7: Enterprise SOA with SecureSpan and JavaCaps
Layer 7: Enterprise SOA with SecureSpan and JavaCaps
 
Layer 7: Enterprise Service Governance with SecureSpan
Layer 7: Enterprise Service Governance with SecureSpanLayer 7: Enterprise Service Governance with SecureSpan
Layer 7: Enterprise Service Governance with SecureSpan
 
Cisco Sona
Cisco SonaCisco Sona
Cisco Sona
 
Monetizing The Enterprise: Borderless Networks
Monetizing The Enterprise: Borderless NetworksMonetizing The Enterprise: Borderless Networks
Monetizing The Enterprise: Borderless Networks
 
Layer 7: Getting Your SOA to Production Without Cost and Complexity
Layer 7: Getting Your SOA to Production Without Cost and ComplexityLayer 7: Getting Your SOA to Production Without Cost and Complexity
Layer 7: Getting Your SOA to Production Without Cost and Complexity
 
Intorduction to Datapower
Intorduction to DatapowerIntorduction to Datapower
Intorduction to Datapower
 
An Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the CloudAn Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the Cloud
 
Web Api services using IBM Datapower
Web Api services using IBM DatapowerWeb Api services using IBM Datapower
Web Api services using IBM Datapower
 
Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...
 
Cross selling 5
Cross selling 5Cross selling 5
Cross selling 5
 
20070605 Radware
20070605 Radware20070605 Radware
20070605 Radware
 
WebSphere DataPower B2B Appliance overview
WebSphere DataPower B2B Appliance overviewWebSphere DataPower B2B Appliance overview
WebSphere DataPower B2B Appliance overview
 
Ikon Managed Services
Ikon Managed ServicesIkon Managed Services
Ikon Managed Services
 
Ikon Managed Services
Ikon Managed ServicesIkon Managed Services
Ikon Managed Services
 
Azure Serrvices Platform Pro Dev Partners
Azure Serrvices Platform Pro Dev PartnersAzure Serrvices Platform Pro Dev Partners
Azure Serrvices Platform Pro Dev Partners
 
Tci reference architecture_v2.0
Tci reference architecture_v2.0Tci reference architecture_v2.0
Tci reference architecture_v2.0
 
Common DataPower use cases, incl Caching with XC-10 appliance.
Common DataPower use cases, incl Caching with XC-10 appliance.Common DataPower use cases, incl Caching with XC-10 appliance.
Common DataPower use cases, incl Caching with XC-10 appliance.
 
Data power use cases
Data power use casesData power use cases
Data power use cases
 
Information Security
Information SecurityInformation Security
Information Security
 
CloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingCloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security Scaling
 

More from CA API Management

Api architectures for the modern enterprise
Api architectures for the modern enterpriseApi architectures for the modern enterprise
Api architectures for the modern enterpriseCA API Management
 
Mastering Digital Channels with APIs
Mastering Digital Channels with APIsMastering Digital Channels with APIs
Mastering Digital Channels with APIsCA API Management
 
Takeaways from API Security Breaches Webinar
Takeaways from API Security Breaches WebinarTakeaways from API Security Breaches Webinar
Takeaways from API Security Breaches WebinarCA API Management
 
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...CA API Management
 
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...CA API Management
 
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...CA API Management
 
API Monetization: Unlock the Value of Your Data
API Monetization: Unlock the Value of Your DataAPI Monetization: Unlock the Value of Your Data
API Monetization: Unlock the Value of Your DataCA API Management
 
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...CA API Management
 
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...CA API Management
 
Enabling the Multi-Device Universe
Enabling the Multi-Device UniverseEnabling the Multi-Device Universe
Enabling the Multi-Device UniverseCA API Management
 
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...CA API Management
 
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...CA API Management
 
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...CA API Management
 
Adapting to Digital Change: Use APIs to Delight Customers & Win
Adapting to Digital Change: Use APIs to Delight Customers & WinAdapting to Digital Change: Use APIs to Delight Customers & Win
Adapting to Digital Change: Use APIs to Delight Customers & WinCA API Management
 
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...CA API Management
 
5 steps end to end security consumer apps
5 steps end to end security consumer apps5 steps end to end security consumer apps
5 steps end to end security consumer appsCA API Management
 
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...CA API Management
 
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...CA API Management
 
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...CA API Management
 
Using APIs to Create an Omni-Channel Retail Experience
Using APIs to Create an Omni-Channel Retail ExperienceUsing APIs to Create an Omni-Channel Retail Experience
Using APIs to Create an Omni-Channel Retail ExperienceCA API Management
 

More from CA API Management (20)

Api architectures for the modern enterprise
Api architectures for the modern enterpriseApi architectures for the modern enterprise
Api architectures for the modern enterprise
 
Mastering Digital Channels with APIs
Mastering Digital Channels with APIsMastering Digital Channels with APIs
Mastering Digital Channels with APIs
 
Takeaways from API Security Breaches Webinar
Takeaways from API Security Breaches WebinarTakeaways from API Security Breaches Webinar
Takeaways from API Security Breaches Webinar
 
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
API Design Methodology - Mike Amundsen, Director of API Architecture, API Aca...
 
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
Liberating the API Economy with Scale-Free Networks - Mike Amundsen, Director...
 
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
API360 – A How-To Guide for Enterprise APIs - Learn how to position your ente...
 
API Monetization: Unlock the Value of Your Data
API Monetization: Unlock the Value of Your DataAPI Monetization: Unlock the Value of Your Data
API Monetization: Unlock the Value of Your Data
 
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
Revisiting Geddes' Outlook Tower - Mike Amundsen, Director of API Architectur...
 
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
Managing Identity by Giving Up Control - Scott Morrison, SVP & Distinguished ...
 
Enabling the Multi-Device Universe
Enabling the Multi-Device UniverseEnabling the Multi-Device Universe
Enabling the Multi-Device Universe
 
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...
Building APIs That Last for Decades - Irakli Nadareishvili, Director of API S...
 
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...
The Art of API Design - Ronnie Mitra, Director of API Design, API Academy at ...
 
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
 
Adapting to Digital Change: Use APIs to Delight Customers & Win
Adapting to Digital Change: Use APIs to Delight Customers & WinAdapting to Digital Change: Use APIs to Delight Customers & Win
Adapting to Digital Change: Use APIs to Delight Customers & Win
 
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
 
5 steps end to end security consumer apps
5 steps end to end security consumer apps5 steps end to end security consumer apps
5 steps end to end security consumer apps
 
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
 
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
Drones, Phones & Pwns the Promise & Dangers of IoT APIs: Use APIs to Securely...
 
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...
Gartner AADI Summit Sydney 2014 Implementing the Layer 7 API Management Pla...
 
Using APIs to Create an Omni-Channel Retail Experience
Using APIs to Create an Omni-Channel Retail ExperienceUsing APIs to Create an Omni-Channel Retail Experience
Using APIs to Create an Omni-Channel Retail Experience
 

Recently uploaded

DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 

Recently uploaded (20)

DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 

Layer 7: Managing SOA Security and Operations with SecureSpan

  • 1. Managing SOA Security and Operations with SecureSpan Francois Lascelles Technical Director, Layer 7 Technologies
  • 2.
  • 3.
  • 4. SecureSpan XML Gateway  secure ws transit point  ws-security implementation  trust management  mediation, integration  threat protection  auditing, sla  monitoring, reporting
  • 5.
  • 6. Policy Studio Policies are created by organizing assertions in logical tree structures. Policies are changed on the fly, without service interruptions. Rich palette, extensible through JAVA API. Design, implementation and deployment in hours, not months or years. Automated, scripted provisioning and management through API.
  • 7. Message level aware intermediary Web Services Delegate common or expensive XML related tasks from your endpoints to your infrastructure. Cut development costs and increase governance by implementing more business logic at infrastructure level.
  • 8.
  • 9. Delegating endpoint security XML Gateway enforces security for incoming traffic on behalf of protected services. XML Gateway secures outgoing traffic on behalf of protected services. protected services
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15. Enterprise Service Manager Agent-less WS Management  Enterprise wide view of services  Performance and usage reports  Service and policy migration  Remote gateway start/stop  Custom reports  Remote gateway upgrade, upload modules*
  • 17. Enterprise services in the cloud Enterprise deploys own services on cloud provider Monitoring? Msg level security? Quality of service? Reports? Enterprise subscriber Lack of in-house service governance is a barrier to adoption
  • 19.
  • 20.
  • 21.
  • 22.
  • 23. For more information about SecureSpan: http://www.layer7tech.com