The VeriSign Trust Gateway has a software component that sits at the customer premises in front of the application server, checking, securing and routing SOAP messages as they pass into and out of the enterprise.
The idea of a web services security gateway is not new, there are a dozen startup companies addressing the problem of security and management for this new application model. VeriSign’s differentiator is integration with its PKI services.
VeriSign product line manager Sundar Krishnamurthy said: You can issue a certificate to partners that are sending messages to you, and use it to authenticate them in real time.
The gateway can be configured with policies about how to encrypt, sign, route and validate web services traffic. The PKI component of the offering is provided as a managed service, much like VeriSign’s existing offerings.
The lowest price is $50,000 per year, rising depending on how many gateways are deployed. This is pricier than some full licenses for rival products, but Krishnamurthy said these competitive products assume the existence of a separate PKI.
We’re not going to solve half the problem… the complete solution comprises PKI and the trust gateway, he said. If you did a cost comparison with any of our competitors, their products plus PKI, you’d see ours is very competitive.
Companies in the space already include Vordel Ltd, Reactivity Inc, Westbridge Technology Inc and DataPower Inc. Gateways are offered either as software or as appliances, but VeriSign is believed to be the first to offer the managed PKI.
As previously reported by ComputerWire, VeriSign is also tapping partners to provide parts of the offering. nCipher Plc and Chrysalis-ITS Inc are providing compatible hardware acceleration modules for servers on which the gateway is deployed.
Confluent Software Inc, a provider of web services management software, is also part of the offering. Its software will provide monitoring and analysis of the gateway, much as it provides for the application server in typical deployments.
