ACE XML Gateway Replacement Program
Migrate from a Network Leader to a SOA Leader
The Product offers:
Zero Risk Migration
Proven policy migration path from
ACE XML Gateway to SecureSpan
XML Networking Gateway
eliminates risk of redeploying
existing logic on a new platform.
SOA Leadership
As a recognized leader in XML
Gateways, Layer 7 has a decade-
long history of providing Global
Fortune 500 companies with
industry leading XML security,
enterprise-wide management
capabilities, and a cloud-ready SOA
solution.
To learn more about Layer 7 and
how we can help you migrate your
ACE XML Gateway deployment, call
1-800-681-9377 (toll free within
North America) or
+1.604.681.9377
* Magic Quadrant for Integrated SOA Governance Technology Sets; L. Frank Kenney and Daryl
Layer 7 offers a proven, cost-effective
effective migration path for the Cisco ACE XML
Gateway
Gateway, allowing you to move to a SOA leader with confidence
Migrate at Reduced Risk and Cost
Cisco customers who are looking at migration options for their Cisco ACE XML Gateway
implementation now have a safe choice. Layer 7 Technologies has a customer-proven
customer
migration path for existing Cisco customers that greatly reduces the risk of re-implementing
re
Web services security, governance and acceleration policies from ACE XML Gateway
hardware to XML Gateways from Layer 7,, the only dedicated XML Gateway vendor to have
made Gartner’s Leaders Quadrant for integrated SOA Governance Sets.*
Sets
Available as hardware-accelerated
accelerated systems, software, cloud or VMware virtual appliances,
Layer 7 SecureSpan XML Gateways let you match performance requirements to budget:
prototype using SecureSpan VMware images running on developer’s existing hardware; test
on SecureSpan Amazon Machine Images for an hourly fee; or deploy SecureSpan software in
production
duction on commodity servers.
Go with an XML Gateway Leader
Layer 7 XML Gateways are the preferred choice of the most demanding customers in finance,
telecom, healthcare and public sector. Layer 7 only makes XML Gateways and as a
consequence invests all its research into XML Gateway innovation. The result is the most
versatile, reliable, extensible, secure and manageable XML Gateway in the market today.
today
Layer 7 SecureSpan Gateways offer much of the same functionality Cisco ACE XML Gateway
customers are already familiar with, including XML acceleration,, security, comprehensive
threat protection and policy governance
governance. But Layer 7 also offers a number of innovations the
ACE XML Gateway can’t match, including:
• Versatility: Layer 7 XML Gateways come in
Versatility
a variety of form factors to accommodate Layer 7 Cisco
diverse development, test and production Deployment Options
environments
environments, including the cloud. Hardware Appliance


• Reliability: Layer 7 XML Gateways auto-
Reliability Virtual Appliance

cluster for high availability and fault- Software

tolerance. Security policies are applied Amazon Machine Image

cluster
cluster-wide to ensure bullet-proof Partner on-boarding
boarding tool

protection against attacks. SLAs and Operations
availability policies for back-end services
can defined based on message through-
IDE-like
like Policy Composer

put, prioritization and latency. Policy
Operations Dashboard

changes can be made live without down
Client-Side
Side Solution

time. Extensibility
• Extensibility: Layer 7 XML Gateways ship
Extensibility Native Java-based
Java SDK

with a Java-based SDK that extends the SOAP-based
SOAP
Management APIs


range of controls aavailable. Additionally,
diverse administration APIs allow lights
lights- Security Standards
Standard
out operation and easier integration with FIPS Crypto in Software

existing middleware and management Integrated STS

infrastructure.
Dar C. Plummer; March 31, 2009.
Key Features
Threat Protection • Filter XML content for Web 2.0 and SOA
• Comprehensive XML attack prevention
Identity and Message • Runtime enforcement of security, reliability, availability and compliance policies
Level Security • Integration with leading identity, access, SSO and federation systems from Oracle, Sun, Microsoft, CA,
IBM Tivoli, Novell
Encryption and Signing • FIPS 140-2 support in both hardware (Level 3) and software (Level 1)
• Integrated STS/SAML issuer and PKI Certificate Authority
Policy-based • Automated policy rollback and versioning
Provisioning and • Enterprise-wide management enables automated migration of policies, while resolving discrepancies
Versioning between environments
Accelerated XML • High speed message transformations and schema validation, as well as high speed message searching,
Message Processing element detection and content comparisons
Virtualization and Load • Smart WSDL generation for non-SOAP services
Balancing for XML data • WSDL remapping and service virtualization based on requestor identities
streams • Authorization controls for access to specific service operations
• Service availability features include support for strict failover, round robin, best effort and latency-based
routing
Traffic Management • Granular rate limiting and traffic shaping
• Route XML messages based on availability, message content or latency
Monitoring • Integrated operations console provides a single, real time view of all Gateways across the enterprise and
cloud showing audits, events and key metrics
Audit and Logging • Log message-level transaction information
• Spool log data to off-board data stores and management systems
Bridging, Transformation, • Policy SDK allows for custom policy assertion creation using Java
and Extensibility • Transport mediation between HTTP, HTTPS, MQS, JMS
API Publication • Secure, manage, monitor and control access to APIs exposed to third parties
• API usage can be throttled to ensure backend services are not overwhelmed; limited by user, time of
day, location, etc; and quota managed (i.e., # of uses / user / day)
API Metrics and • Configurable, out-of-the-box reports provide insight into API performance: measure throughput, routing
Reporting failures, utilization and availability rates, etc
• Failed authentications and/or policy violations can be tracked to identify patterns and potential threats
API Security • Support for all major WS* and WS-I security protocols
• Support for all major authentication and authorization standards, including SAML, Kerberos, digital
signatures, X.509 certificates, LDAP, XACML, etc
Hardware Specifications
Chassis • 1RU standard rack mount: 1.71 x 16.75 x 27.0 in. (43.43 x 425.5 x 658.8 mm)
Processor • Dual Intel Xeon processor E5540 2.53 GHz (quad core = 8 logical cores)
Hardware Acceleration • Offload SSL and XML processing operations to optional acceleration card
Cryptography • Optional onboard HSM, as well as support for external HSMs (i.e., SafeNet)
• FIPS 140-2 support in both hardware (Level 3) and software (Level 1)
Ports • 4 x Gigabit Network Cards
Memory • 12GB RAM (maximum memory of 72GB)
Storage • Mirrored, hot-swappable 146GB RAID 1 SAS HDD
Power • Dual redundant, hot-swappable; 750 watts (W)
Performance • Able to handle more than 10,000 requests/sec
Supported Standards
XML 1.0, SOAP 1.2, REST, AJAX, XPath 1.0, XSLT 1.0, WSDL 1.1, XML Schema, LDAP 3.0, SAML 1.1/2.0, PKCS #10, X.509 v3 Certificates, FIPS
140-2, Kerberos, W3C XML Signature 1.0, W3C XML Encryption 1.0, SSL/TLS 3.0/1.1, SNMP, SMTP, POP3, IMAP4, HTTP/HTTPS, JMS 1.0,
MQ Series, Tibco EMS, FTP, WS-Security 1.1, WS-Trust 1.0, WS-Federation, WS-Addressing, WSSecureConversation, WSIL, WS-I, WS-I BSP,
WS-MetadataExchange, WS-Policy, WS-SecurityPolicy, WS-PolicyAttachment, WS-SecureExchange, UDDI 3.0, XACML 2.0, MTOM

To learn more about how Layer 7 can address your needs, call us today at +1 800.681.9377 or visit us at
www.layer7tech.com.

Copyright © 2010 Layer 7 Technologies Inc. All rights reserved. SecureSpan and the Layer 7 Technologies design mark are
trademarks of Layer 7 Technologies Inc. All other trademarks and copyrights are the property of their respective owners.