The Datapower has an internal structure of components that can inherit or be reused, depending on their place in the inheritance chain. Here’s the secret internal architecture of the DataPower:
And here’s the Datapower’s capabilities in a nutshell:
Multi-Protocol Gateway: (superset of XML Firewall)
Transformations – Any-to-any transformation engine: MPGW can parse and transform arbitrary binary, flat text, and XML messages, including EDI, COBOL Copybook, ISO 8583, CSV, ASN.1, and ebXML.
Transport Bridging – protocols such as HTTP, HTTPS, MQ, SSL, IMS Connect, FTP, and more
Message-level Security - Messages can be filtered, validated, encrypted, and signed, helping to provide more secure enablement of high-value applications. Supported technologies include WS-Security, WS-Trust, SAML, and LDAP.
Logging - logging and audit trail, including non-repudiation support
Web Service Proxy:
Load-Balancing w/Peers based on SLA
Protect Externally Exposed Services
XML Threat Protection
Heavy Authentication, Authorization, Validation
Dos, Virus, SQL Injection Prevention, XML Node Attack Prevention
Attachment transformation/conversion/interface with virus scanner
Web Application Firewall:
To protect an internet exposed web application in the DMZ.
Accelerate XML Parsing
Accelerate Schema Validation
Accelerate XSLT Processing
XML Compression/Decompression ***no one uses it anymore
A quick way to select the best service can be found by answering some questions:
_ Does the service use a WSDL? If so, then use WS-Proxy.
_ Does the service uses multiple transports? If so, then use MPGW.
_ Does the service use only XML over HTTP? If so, then use XML firewall.
_ Is there only non-XML and HTTP traffic? If so, then use Web application firewall.…and that’s a wrap on our Datapower information at this time.