Vordel and Chrysalis-ITS Collaborate to Produce Turnkey Integrated XML Security Appliance
Best-of-breed security appliance for cryptography and key management combined with best-of-breed software for XML security
April 29, 2003 – Infosecurity 2003, London, UK
Vordel, the XML security company, and Chrysalis-ITS, the leading provider of hardware security modules, servers and appliances, announced today at Infosecurity that they have been working jointly to produce a fully integrated hardware XML security appliance. This announcement is the first project of a partnership agreement between the two companies.
The appliance, slated for release in the third quarter of this year, will use the powerful cryptographic processing, secure key management, and the market-leading access control and anti-tamper protection of Chrysalis-ITS’ Ultimate Trust Security Platform (UTSP) hardware, which also powers their leading network-attached Luna SA HSM server. The new XML security appliance will safeguard and manage all XML and Web Services communications inside and outside the enterprise by employing scalable, feature-rich and standards-compliant VordelSecure XML security server software. The integrated offering provides centralized security policy management that communicates to distributed security enforcement points at multiple locations throughout the enterprise.
Phil Schacter, VP of Directory and Security Strategies at Burton Group, advised, “Enterprise customers require the flexibility to deploy security infrastructure in both software and appliance form factors. By blending Vordel’s software expertise in Web Services security with Chrysalis-ITS’ anti-tamper security hardware, the two companies will deliver a new generation of hardened security appliance to shield enterprise Web services and application servers from a broad range of threats.”
” The centralized management of security and business policies for multiple enforcement Points enables consistency in policies while distributing the security workload across appliances. This approach supports both administrative and operational scaling for enterprises that expect very high transaction volumes, as a new generation of applications built as Web services begins to displace existing special-purpose transaction networks,” said Schacter.
“We’re very pleased to join forces with Vordel to offer our customers an integrated XML security appliance with unparalleled security, high performance and low cost of deployment,” said David Longbottom, CEO at Chrysalis-ITS. “We have been listening to our many customers in the financial and government verticals in particular – and they have been unanimous in their demand for a fully integrated solution that delivers the security, performance and XML processing functionality they require to protect their web based interactions,” Longbottom continued. “The turnkey Chrysalis-ITS/Vordel appliance meets this need – pre-integrated, and ready for deployment.”
Vic Morris, CEO of Vordel, commented that there is “a compelling case for enterprises to use this hardware appliance as an implementation of best-practice XML security.”
“The scalable, flexible nature of VordelSecure means it can be deployed in front of XML systems as an XML firewall, or alternatively can be used to distribute security enforcement throughout the organization across different XML platforms, with centralized management and reporting,” Morris said. “The joint solution is a robust and scalable security device with all the flexibility to configure and deploy XML security and access control at multiple points in the enterprise – without sacrificing performance.”
Representatives from Chrysalis and Vordel will be available at Booth # 574 at the Infosecurity show.
The appliance is standards-based, implementing a broad range of security specifications to provide a solid foundation that meets all enterprise security requirements in an XML environment. Supported standards include WS-Security, SAML, OPSEC, and FIPS 140-2 Level 3.
Multiple deployment options
This flexible product supports two distinctly different deployment scenarios: first as a centralized XML Firewall appliance, performing content filtering and access control on all incoming and outgoing XML traffic; second, the appliance can be distributed across the enterprise, allowing multiple XML streams across the organization to be secured using a single policy set.
The UTSP from Chrysalis-ITS is a robust hardware technology platform that provides a secure tamper-proof application environment, impervious to physical or electronic attack. It supports both load balancing and high availability configurations, such that solution architectures can survive device or network outages, isolated power faults and other failures without loss of service.
Supports existing security infrastructure
Fully integrated with existing identity management systems, firewalls, PKI, directories, and intrusion detection infrastructure.
Centralized security management with GUI-driven console to manage enterprise XML messaging. Powerful key management that incorporates physical, operational and software safeguards to protect the cryptographic keys at the heart of the XML security operations.
Programmable API allows XML security rules to be enforced across multiple heterogeneous XML systems.
A high performance, scalable security management and enforcement solution, providing reassurance that the processing overheads of XML and security processing do not hamper business objectives and processes. The product offers scalable hardware-accelerated digital signing performance with up to 1200 1024-bit RSA signings per second.
Audit and reporting
Traffic usage and security event reports may be configured or exported. This powerful audit trail functionality, coupled with hardware based key management reduces transaction risks, providing full support for non-repudiation of transactions.
Chrysalis-ITS is a leading vendor of hardware security modules, servers and appliances to secure and accelerate applications including electronic financial transactions, SSL, smart card issuance, document security and digital identity management. The company is revolutionizing hardware security with a line of appliances that dramatically simplify the deployment of secure applications. Chrysalis-ITS products power security solutions deployed to customers spanning the world’s leading financial institutions, service providers, and government agencies. Chrysalis-ITS products are delivered through a global network of distributors and value-added resellers. Founded in 1994, Chrysalis-ITS is headquartered in Ottawa, Canada, with regional offices throughout North America, Europe, and Asia. The company website is www.chrysalis-its.com
Vordel provides security for XML communications. Vordel’s flagship product, VordelSecure, is an enterprise class XML security server that allows organizations to deploy and configure security for XML based communications, both inside and outside the enterprise. It uses open standards including WS-Security and SAML to apply authentication, authorization, audit, and content validation to XML based communications. Vordel is a privately held company headquartered in Dublin, Ireland with offices in Boston, USA and London, UK. www.vordel.com