Favorite Quote

"..the market seems to have come to the conclusion that cloud computing has a lot in common with obscenity-- you may not be able to to define it, but you'll know it when you see it." James Urquant

Monday, November 15, 2010

Replacing Your Cisco XML Gateway? Forum Systems Can Help!

Company Augments Cisco ACE XML Gateway Replacement Program to Offer Direct Trade-in Credit for Any XML Vendor Gear, No-cost Training, Migration Best Practices and More

BOSTON, Nov. 15, 2010 /PRNewswire/ -- Forum Systems, a wholly owned subsidiary of Crosscheck Networks, Inc., today announced a comprehensive program to reduce costs, allay concerns and answer questions for organizations seeking to deploy XML Gateways.

On the heels of introducing the latest version of its flagship Forum Sentry XML Gateway, Forum Systems has extended its Cisco ACE XML Gateway Replacement Program. Effective now through March 31, 2011, the Program includes:

-Direct trade-in credit in exchange for any XML Gateway hardware and software;

-No-cost, on-site migration to Forum Sentry XML Gateway policies;

-No-cost Forum Sentry Training Certification Program;

-Dedicated 24x7x365 support by experts with a minimum of five years experience.

Additionally, to help organizations ensure a smooth migration, Forum Systems offers the following Best Practices for Selecting an XML Gateway:

-Choose a Patented Product: Selecting a non-patented XML Gateway only leads to product replacement, and ultimately, additional acquisition costs.

-Scrutinize XML Gateway Architectures: Understand XML Gateway and ESB/Application Server differences. With security of paramount importance, clear role segregation should be enforced – and custom code never introduced into an XML Gateway.

-Demand an Independent Security Assessment: Integrating an HSM crypto card into the appliance does not improve security or constitute compliance. The entire XML Gateway must be FIPS 140-2 certified in order to guarantee security and compliance.

-Validate Comparable Functionality: To eliminate functional gaps, the selected XML Gateway must be architected with modular policy design for fundamental constructs so that keys, encryption/signature policies and firewall rules can be easily transitioned.

-Stipulate Flexible Replacement Costs and Options: Demand vendors that will work within corporate budgets and timelines. Vendors should be flexible in offering options that help reduce capital expenditure expense, migration and maintenance costs.

"XML Gateways represent a critical, foundational element for IT groups and the run-the-business applications and services that drive their organizations," said Crosscheck Networks CEO Mamoon Yunus. "By abandoning the Cisco ACE XML Gateway, Cisco is forcing its customers to find other alternatives. Our expanded Replacement Program – coupled with our best-in-class Forum Sentry – gives these, and other enterprise organizations evaluating replacing their XML Gateway, a smooth migration path to a better solution from a company they can depend on."

Forum Sentry: The XML Gateway Gold Standard
Processing more than one billion transactions per day globally, Forum Sentry is the industry standard for XML and SOAP security, access control and integration. Unlike other vendors that introduce runtime code into their appliances to compensate for inherent design limitations, Forum Systems' Forum Sentry is certified by NIST and the U.S. Department of Defense, and the XML Gateway of choice for 300 global organizations in transaction- and security-intensive sectors including government, financial services, telecommunications and healthcare. The latest version, Forum Sentry v8.0, helps organizations securely extend their enterprise SOA deployments to harness the power of the public cloud.

-No-cost Cisco ACE XML Gateway Replacement Quote

-No-cost Forum Sentry XML Gateway Evaluation

-Cisco ACE XML Gateway Migration Strategies

-Forum Sentry XML Gateway Data Sheet

Press Releases
-Forum Sentry Eases Enterprise-to-Cloud Migration; Enable Seamless Extension of SOA to the Cloud

-Forum Sentry Issued Industry-first Patent for XML Security Functions Including XML-encryption, -XML-decryption and XML-signatures

-Forum Sentry Provides Secure, Unified Integration of XML and SOA Web Services and Portals for Seamless End-user Experience

About Forum Systems
Forum Systems and its parent company Crosscheck Networks deliver solutions for deploying robust, resilient, secure and reliable Service Oriented Architecture (SOA). More than 50,000 users in 42 countries across organizations such as the U.S. Treasury, British Telecommunications, Fidelity, Premera Blue Cross and the Dutch Health Care System rely on Forum Systems and Crosscheck Networks as the backbone of their secure transaction processing. Recognized as a technology innovator and security leader, Forum Systems is the only company granted a patent for its Forum Sentry XML Gateway and has been certified by NIST and the U.S. Department of Defense. Forum Sentry is the de facto standard for XML and SOAP security, and Forum Systems has key OEM relationships with Barracuda Networks and Radware, among others. For more information, please visit www.forumsys.com.

All product and company names herein may be trademarks of their respective owners.

Friday, January 8, 2010

Multi-cloud Mayhem

If you're having trouble getting your head around a single cloud deployment, please feel free to skip this article.  Now if you're someone who thinks that most IT resource will eventually live in a private or public cloud-based domain, you're not alone, and you may start looking into how best to work in a multi-cloud environment.

Paul Krill's article "Cerf urges standards for cloud computing" highlights cloud interoperability and portability issues discussed by Vint Cerf, co-designer of the TCP/IP protocol that forms the back bone of modern communication.  It behooves us to consider Cerf's viewpoint on what's required for successful cloud computing.  Some of the points that he makes are as follows:

According to Cerf, "Strong authentication will be a critical element in the securing of clouds."  We know that authentication is a core for establishing trust between transacting parties.  This requirement is now further heightened because of the expansion of corporate boundaries out to cloud-based services.  Authenticating to cloud services and accessing only authorized services in a multi-tenant environment will continue to be the most important aspect of establishing trusted connections between enterprises and IaaS, PaaS and SaaS providers.

Now imagine having a set of enterprise applications and systems that have to interact with a set of cloud providers, in a many-to-many topology.  You may, for example, call a SaaS for a commodity business service to create your composite service, while archiving information to Amazon S3 and running intensive business intelligence queries on Amazon EC2.  In this scenario, cloud services, even from the same vendor, may expect different identity tokens, some standards-based, others proprietary.  The problem of multi-cloud computing decomposes to fundamental issues including identity token management, security, and central management and control of such functions.

Here are a couple of resources that are helpful in highlighting identity related issues surrounding cloud computing:

The second item that Cerf points out is regarding moving your data (business information, virtual images, algorithms, database instances, etc.) between different cloud providers. According to Cerf, "At some point, it makes sense for somebody to say, 'I want to move my data from cloud A to cloud B,' " but the different clouds do not know each other."

Cloud interoperability has a number of dimensions including communication interoperability (HTTP, SOAP, REST), cloud management and interaction API interoperability (createImage, terminateImage, etc.), and image portability.

The good news is that at least most cloud providers have a REST-XML/JSON or a SOAP-based API.  The API calls signatures are all different, but one can readily consume such APIs for image provisioning/de-provisioning and other IaaS functions.  There has been a recent effort to standardize cloud API operations including Open Cloud Computing Interface Working Group.

In addition to such API standardization, moving entire images between various cloud providers would also provide the portability necessary for establishing reliability across multi-cloud environments.  Instead of maintaining multiple images for say Amazon EC2 and Rackspace, having a single image that runs across IaaS providers would reduce management burden on enterprises.  The DMTF Open Virtualization Format provides a common container formats for greater multi-cloud portability.  Here are a couple of resources that one should review while looking at best practices for cloud interoperability and portability:
Cloud gateways have become a core component of managing not just the traffic between enterprises and their cloud providers, but also for managing and protecting security and identity tokens required for enterprise-to-cloud interaction. To avoid Multi-cloud Mayhem, the industry now needs to show greater commitment towards standardization for inter-cloud interoperability, portability and security. Unless our desire is to relive the stone-age era of pre-TCP/IP communication, ask Vint Cerf, he'll give you a few reason on why not to.