By providing centralized administration of both management and security, AmberPoint addresses two of the largest challenges companies face in implementing production-ready Web services and enables businesses to deploy trustworthy intra- and inter-enterprise Web services applications.
"Security remains a primary concern for companies looking to deploy Web services outside the enterprise," said Bill Robins at Stencil Group. "These issues must be resolved before organizations use Web services to provide core business functions to partners and customers. AmberPoint helps overcome these challenges."
Bringing Added Security to Web Services
The new release of AmberPoint Management Foundation provides a distributed XML firewall with centralized control, securing both incoming and outgoing messages across federated Web services systems—both within and beyond corporate boundaries. Additionally, it can provide the appropriate levels of security for different audiences. For example, it can sign and encrypt messages to external users while leaving messages to internal users unencrypted.
AmberPoint also integrates with an organization’s existing security systems (such as user authentication, LDAP servers, certificate servers and SSL solutions) and applies them to the Web services it manages. Because it reuses existing security mechanisms, customers can leverage existing investments for faster deployment of secure Web services applications. The agent-based AmberPoint solution is completely platform agnostic—it manages Web services built on Microsoft (NASDAQ:MSFT) .NET as well as J2EE-based Web services platforms such as IBM’s (NYSE:IBM) WebSphere, Sun Microsystems’ (NASDAQ: SUNW) Sun ONE and BEA’s (NASDAQ: BEAS) WebLogic.
Managing Secure Web Services
AmberPoint has solved the problem of gaining meaningful management and business information from encrypted messages. Use of XML Signatures and Encryption enables AmberPoint to enforce management and security policies based on message content (such as dollar value of orders) and context (such as user or time of day), even if all or portions of the messages are encrypted.
“AmberPoint is answering the call from the industry for heightened Web services security,” said Paul Butterworth, AmberPoint chief technology officer. “Our management solution now incorporates essential capabilities for implementing Web services applications that are secure beyond the firewall, regardless of the platforms, development environments or transports used for those Web services. AmberPoint Management Foundation meets customer requirements for more trustworthy Web services deployments by incorporating new security standards, such as XML Signatures and Encryption, WS Security and SAML.”
AmberPoint Delivers Key Security Capabilities:
Based on Existing and Emerging Standards – AmberPoint supports industry standards and actively participates in the development of emerging standards, such as XML Signatures, XML Encryption, WS Security, SAML and XACML.
Higher Levels of Security – AmberPoint integrates with existing security infrastructure, such as authentication mechanisms, LDAP servers, trust servers and transport-layer security (SSL, for example).
Streamlined Management and Security – AmberPoint centralizes administration of both security and management.
Distributed Security and Management – AmberPoint’s distributed-agent architecture allows fine-grained policy enforcements, security decisions and management actions at any point in the Web services environment.
Leveraging Content and Context – AmberPoint can make use of message content and context to secure both incoming and outgoing messages and leverages the security context for all management actions.
Heterogeneous Systems – AmberPoint supports both Java-based and Microsoft .NET platforms. Its standards-based solutions can be deployed and managed across heterogeneous environments and is extensible to other agents and policy stores.
Press Contacts:
AmberPoint, Inc.
510-433-6553
bdever@amberpoint.com
Kim Abreu
Atomic Public Relations
415.703.9454
kim@atomicpr.com
