logging in or signing up Why and How to Replace Your Cisco ACE XML Gateway Layer7 Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 230 Category: Science & Tech.. License: All Rights Reserved Like it (0) Dislike it (0) Added: January 17, 2011 This Presentation is Public Favorites: 0 Presentation Description Cisco has officially discontinued production their ACE XML Gateway. This presentation looks at the history of the ACE Gateway, things to consider when migrating and two real-life use cases. Visit Layer7tech.com/library to download this presentation with audio. Comments Posting comment... Premium member Presentation Transcript Why and How to Replace Your Cisco ACE XML Gateway : Why and How to Replace Your Cisco ACE XML Gateway Presentation Overview : Presentation Overview Cisco ACE XML Gateway background What Cisco customers are saying Replacement questions Layer 7 for Cisco customers Layer 7 client case study Migrating services / policies Summary Product History : Product History Reactivity Inc. 1998 - Company founded 2003 - Software Service Firewall replaced with hardware XML Firewall 2005 - Introduces XML Security Gateway and SOA Gateway Cisco 2005 - Cisco AON (Application-Oriented Networking) announced Includes XML hardware 2007 - Cisco Systems acquires Reactivity Rebrands Reactivity XML Firewallas ACE XML Gateway (AXG) Feedback From Cisco AXG Customers : Feedback From Cisco AXG Customers Why they originally bought Reactivity / AXG Technology – Wrote their own engine (“Reactor”) for software acceleration Usability – Helped users address typical use cases Functionally – Good range of capabilities and third party support Motivation for replacement Performance issues – No longer meeting needs Interoperability issues – Standards and third party support Addressing specific use cases – Enhancement or feature request? Upcoming product obsolescence – Potentially stranding investment Future Projects / Services / Business Offerings / ??? Questions to Ask Before Considering Options : Questions to Ask Before Considering Options What are my functional needs? Existing services, policies, test cases ... Are those needs going to change? New project phases, new services, new business models ... Which form factor(s) fit my needs best? Hardware for Production, Software/Virtual for Dev/Test ... What are my performance or availability objectives? Hardware acceleration, larger clusters, disaster recovery ... Do I need to support or leverage other third party entities? Identity, Management, Registry/Repository, Anti-Virus ... Are there other benefits I could derive? Revisiting scope, advances in technology, ??? Layer 7 Products : Layer 7 Products Monitor Enterprise Service Manager Global management Policy Manager Local management Control SecureSpan Suite: XML Accelerator Hardware acceleration XML Data Screen Threat protection XML Firewall AAA security XML Networking Gateway Policy enforcement Adapt Custom Assertion SDK Software Virtual Appliance/AMI OSB Appliance XML VPN Client SecureSpan XML Firewall : Secure and Share your SOA Identity-based access to services and operations Manage security for cross-domain and B2B relationships Enforce WS* and WS-I standards Secure service WSDL interfaces Audit transactions SecureSpan XML Firewall Partner, customer, branch office, etc Securely share your application services LDAP, SSO, MS AD, STS, etc SecureSpan XML Networking Gateway : Implement a Turnkey Runtime Governance Solution Runtime enforcement of SOA governance policies Transport and protocol mediation Centralized SLA enforcement Service virtualization XML routing SecureSpan XML Networking Gateway Enforce policies in real time Control: Monitor: Adapt to: Security Compliance Reliability etc SLA QoS Content etc Enterprise X-domain Cloud etc SecureSpan Hardware Appliance : SecureSpan Hardware Appliance Accelerate XML Processing, Validation and Transformation 1U multiprocessor 64-bit appliance, Intel Xeon-based Quad FE/GE NICs with dual PSUs Optional XML acceleration ASIC from LSI/Tarari Optional hardware-based SSL and FIPS 140-2 Level 3 compliant crypto with HSM Appliance throughput scales linearly as SecureSpan cluster Single point of management through Layer 7 Manager Automatic replication between appliances in a cluster Simple, license-key based upgrade between appliances (Freedom License) SecureSpan XML Virtual Appliance : SecureSpan XML Virtual Appliance A viable alternative to hardware appliances that scales easily Also useful for Development or PoC environments Same capabilities and policy language as hardware appliances Support for VMware and ESX Highly portable, deploy internally or in the Cloud Isolate, monitor and control SecureSpan XML Gateway AMI : SecureSpan XML Gateway AMI Local authentication/authorization, monitoring, intrusion protection and VPN functionality in a single instance Supports Amazon’s CloudFront, Virtual Private Cloud and CloudWatch Supports EC2’s OnDemand and Reserved instances Provides first and last mile Web services security All interactions are tracked Isolate, monitor and control CloudFront Elastic Cloud Computing (EC2) Layer 7 Manager (Web, Thick Client, API) : July 2008 Layer 7 Manager (Web, Thick Client, API) Policy Editing Graphical environment for building policies Expandable palette of atomic policy elements Policy branching, comparisons and variables Built-in validation tool flags potential errors Policy Deployment Policies replicated across SecureSpan cluster Rollback to previous versions of policy Policy updates automatically deployed to optional XML VPN Client Import or store policies from UDDI registry Operations Centralized control of SecureSpan cluster Establish connections to identity management systems Granular, role-based administration Log/audit event viewing & forwardingto NMS and sinks Customer Case Study : Customer Case Study Problem: Existing Cisco solution lacking support for specific service parameters and overall performance was becoming an issue. This was blocking deployment of enhanced services. Solution: SecureSpan XML Networking Gateway was dropped in and clients existing Cisco-defined service polices migrated over Layer 7 Client Services staff provided overall Implementation Plan Client contributed overall design information on existing services and policies Layer 7 migrated first few policies and helped establish best-practices methodology Client completed balance of migration and final acceptance test Results: Clients objectives met with minimal downtime and rest of plans are proceeding Migrating Cisco-Based Policies : Migrating Cisco-Based Policies Layer 7 has collaborated with customers to develop a stepwise process: Understand the content of shared (global) policy between existing services Implement shared policy as fragments on SecureSpan Determine entity mappings such as identity, schema, transforms, end points, certificates, etc Implement entities on SecureSpan For each service map the flow of a message through the existing policy Publish service on SecureSpan and recreate policy Test new policy Critical Factors for Success : Critical Factors for Success Good working knowledge of functional use cases and policies Impacts both overall technical compliance and migration time Corresponding test cases need to be available Stepwise testing of “core” policy pieces ensures no surprises Versions and interface types of third party systems need to be determined Ensure there are no significant version mismatches Critical entity-related information needs to be available Required credentials, keys, certificates, addresses, etc. Good relationship with vendor and solid project plan Clear defined roles, training plan and hand-off procedure Why Layer 7? : Why Layer 7? XML Firewalls are our core business Layer 7 is consistently recognized as a market and technology leader We are subject matter experts in this space We offer deployment options to fit your needs The only vendor to protect your investment with our Freedom license We probably already service your competition We have a growing product line with a solid road map We have experience helping other customers replace Cisco AXG Slide 17: For More Information www.layer7tech.com info@layer7tech.com +1-604-681-9377 You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
Why and How to Replace Your Cisco ACE XML Gateway Layer7 Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 230 Category: Science & Tech.. License: All Rights Reserved Like it (0) Dislike it (0) Added: January 17, 2011 This Presentation is Public Favorites: 0 Presentation Description Cisco has officially discontinued production their ACE XML Gateway. This presentation looks at the history of the ACE Gateway, things to consider when migrating and two real-life use cases. Visit Layer7tech.com/library to download this presentation with audio. Comments Posting comment... Premium member Presentation Transcript Why and How to Replace Your Cisco ACE XML Gateway : Why and How to Replace Your Cisco ACE XML Gateway Presentation Overview : Presentation Overview Cisco ACE XML Gateway background What Cisco customers are saying Replacement questions Layer 7 for Cisco customers Layer 7 client case study Migrating services / policies Summary Product History : Product History Reactivity Inc. 1998 - Company founded 2003 - Software Service Firewall replaced with hardware XML Firewall 2005 - Introduces XML Security Gateway and SOA Gateway Cisco 2005 - Cisco AON (Application-Oriented Networking) announced Includes XML hardware 2007 - Cisco Systems acquires Reactivity Rebrands Reactivity XML Firewallas ACE XML Gateway (AXG) Feedback From Cisco AXG Customers : Feedback From Cisco AXG Customers Why they originally bought Reactivity / AXG Technology – Wrote their own engine (“Reactor”) for software acceleration Usability – Helped users address typical use cases Functionally – Good range of capabilities and third party support Motivation for replacement Performance issues – No longer meeting needs Interoperability issues – Standards and third party support Addressing specific use cases – Enhancement or feature request? Upcoming product obsolescence – Potentially stranding investment Future Projects / Services / Business Offerings / ??? Questions to Ask Before Considering Options : Questions to Ask Before Considering Options What are my functional needs? Existing services, policies, test cases ... Are those needs going to change? New project phases, new services, new business models ... Which form factor(s) fit my needs best? Hardware for Production, Software/Virtual for Dev/Test ... What are my performance or availability objectives? Hardware acceleration, larger clusters, disaster recovery ... Do I need to support or leverage other third party entities? Identity, Management, Registry/Repository, Anti-Virus ... Are there other benefits I could derive? Revisiting scope, advances in technology, ??? Layer 7 Products : Layer 7 Products Monitor Enterprise Service Manager Global management Policy Manager Local management Control SecureSpan Suite: XML Accelerator Hardware acceleration XML Data Screen Threat protection XML Firewall AAA security XML Networking Gateway Policy enforcement Adapt Custom Assertion SDK Software Virtual Appliance/AMI OSB Appliance XML VPN Client SecureSpan XML Firewall : Secure and Share your SOA Identity-based access to services and operations Manage security for cross-domain and B2B relationships Enforce WS* and WS-I standards Secure service WSDL interfaces Audit transactions SecureSpan XML Firewall Partner, customer, branch office, etc Securely share your application services LDAP, SSO, MS AD, STS, etc SecureSpan XML Networking Gateway : Implement a Turnkey Runtime Governance Solution Runtime enforcement of SOA governance policies Transport and protocol mediation Centralized SLA enforcement Service virtualization XML routing SecureSpan XML Networking Gateway Enforce policies in real time Control: Monitor: Adapt to: Security Compliance Reliability etc SLA QoS Content etc Enterprise X-domain Cloud etc SecureSpan Hardware Appliance : SecureSpan Hardware Appliance Accelerate XML Processing, Validation and Transformation 1U multiprocessor 64-bit appliance, Intel Xeon-based Quad FE/GE NICs with dual PSUs Optional XML acceleration ASIC from LSI/Tarari Optional hardware-based SSL and FIPS 140-2 Level 3 compliant crypto with HSM Appliance throughput scales linearly as SecureSpan cluster Single point of management through Layer 7 Manager Automatic replication between appliances in a cluster Simple, license-key based upgrade between appliances (Freedom License) SecureSpan XML Virtual Appliance : SecureSpan XML Virtual Appliance A viable alternative to hardware appliances that scales easily Also useful for Development or PoC environments Same capabilities and policy language as hardware appliances Support for VMware and ESX Highly portable, deploy internally or in the Cloud Isolate, monitor and control SecureSpan XML Gateway AMI : SecureSpan XML Gateway AMI Local authentication/authorization, monitoring, intrusion protection and VPN functionality in a single instance Supports Amazon’s CloudFront, Virtual Private Cloud and CloudWatch Supports EC2’s OnDemand and Reserved instances Provides first and last mile Web services security All interactions are tracked Isolate, monitor and control CloudFront Elastic Cloud Computing (EC2) Layer 7 Manager (Web, Thick Client, API) : July 2008 Layer 7 Manager (Web, Thick Client, API) Policy Editing Graphical environment for building policies Expandable palette of atomic policy elements Policy branching, comparisons and variables Built-in validation tool flags potential errors Policy Deployment Policies replicated across SecureSpan cluster Rollback to previous versions of policy Policy updates automatically deployed to optional XML VPN Client Import or store policies from UDDI registry Operations Centralized control of SecureSpan cluster Establish connections to identity management systems Granular, role-based administration Log/audit event viewing & forwardingto NMS and sinks Customer Case Study : Customer Case Study Problem: Existing Cisco solution lacking support for specific service parameters and overall performance was becoming an issue. This was blocking deployment of enhanced services. Solution: SecureSpan XML Networking Gateway was dropped in and clients existing Cisco-defined service polices migrated over Layer 7 Client Services staff provided overall Implementation Plan Client contributed overall design information on existing services and policies Layer 7 migrated first few policies and helped establish best-practices methodology Client completed balance of migration and final acceptance test Results: Clients objectives met with minimal downtime and rest of plans are proceeding Migrating Cisco-Based Policies : Migrating Cisco-Based Policies Layer 7 has collaborated with customers to develop a stepwise process: Understand the content of shared (global) policy between existing services Implement shared policy as fragments on SecureSpan Determine entity mappings such as identity, schema, transforms, end points, certificates, etc Implement entities on SecureSpan For each service map the flow of a message through the existing policy Publish service on SecureSpan and recreate policy Test new policy Critical Factors for Success : Critical Factors for Success Good working knowledge of functional use cases and policies Impacts both overall technical compliance and migration time Corresponding test cases need to be available Stepwise testing of “core” policy pieces ensures no surprises Versions and interface types of third party systems need to be determined Ensure there are no significant version mismatches Critical entity-related information needs to be available Required credentials, keys, certificates, addresses, etc. Good relationship with vendor and solid project plan Clear defined roles, training plan and hand-off procedure Why Layer 7? : Why Layer 7? XML Firewalls are our core business Layer 7 is consistently recognized as a market and technology leader We are subject matter experts in this space We offer deployment options to fit your needs The only vendor to protect your investment with our Freedom license We probably already service your competition We have a growing product line with a solid road map We have experience helping other customers replace Cisco AXG Slide 17: For More Information www.layer7tech.com info@layer7tech.com +1-604-681-9377