Tuesday, November 26, 2013

Forum Systems featured in Network World products of the week

Last month, Forum Systems' API Security Gateway, Forum Sentry, was featured in Newtork World's products of the week! Recently, Forum Systems has enhanced their API Security Gateway with new features that include: intelligent edge caching, Amazon S3 integration and expanded OAuth 2.0 support.

The new intelligent edge caching will help enterprises optimize their network resources and ultimately reduce their overall infrastructure costs by minimizing latency. Amazon S3 integration allows organizations to securely access and control their cloud storage.  And, the expanded OAuth 2.0 support will simplify mobile SSO.

For more information on Forum Sentry, visit Forum Systems.

Friday, May 03, 2013

Forum Systems Recognized for its leadership in Security

Navigating SOA appliances: How to choose the right one

Corporations are increasingly driven to open up their internal systems to external and internal users.  With an accelerated adoption of mobile computing, employees require access to enterprise applications from both within and outside the corporate boundaries.  Corporations are only willing to provide such access with strong security provisions in place.

Crystal Bedell's recent article highlights the drivers for a SOA Appliance:  Security, Integration and Acceleration.  She includes a quote from Randy Heffner of Vice President at Forrester:

In more conversations than not that I have with Forrester clients and others in the industry, security is one of the biggest reasons why they think of this sort of product set within their overall approach to SOA.
For complete article, see Navigating SOA Appliances.

Wednesday, May 30, 2012

Exotic, new connections: Embedded devices

Prepare for a host of new networking problems as devices never meant to be computers become network connected, reports Deb Radcliff. 


Phones, vehicles, traffic lights, medical devices, buildings, even weapons – everything's getting plugged in these days. This connectivity might make sense from a management and efficiency perspective. However, these devices – often chip-enabled and communicating over multiple protocols and channels – present risk management problems that keep IT pros up at night.
 Along with encryption, access controls and authentication will need to be able to operate in an environment with multiple types of traffic. Specifically, these systems must determine what type of devices are sending traffic on the network and how to handle their entree based on what they do or do not know about those devices and users, says Mamoon Yunus, chief executive officer of Newton Mass.-based web services provider Crosscheck Networks. “We believe access and information exchange between exotic endpoints will best be controlled through a gateway that sits behind the network firewall,” he says. This will serve as a proxy for identifying the device requesting access, signing and authenticating tokens and supporting information exchange.

Wednesday, May 09, 2012

Service Technology Magazine: Reducing Application Cost and Risk through Centralized SOA Security

Service Technology Magazine recently published an article on the merits of centralized SOA security.  Here's the abstract:

Abstract: This article compares centralized and decentralized application security models. It focuses on technical costs and organizational considerations while comparing these models. The analysis shows that centralized management of security policies has significant advantages over decentralized application security deployments including cost reduction, better risk mitigation and greater freedom for application developers to focus on creating business value. 

Now, more than ever before, the global business environment expects greater customer service, demands deeper value chain integration and drives fiercer competition while requiring corporations to perform efficiently with diminishing resources. IT departments are in the midst of this global storm and are now pushed to deliver applications rapidly while minimizing costs. Fortunately, with the maturity of agile development, SOA and related standards, and cloud computing, the foundations are available for building resilient, nimble and cost effective IT infrastructure that is responsive to business needs.

Download complete article:  PDF, HTML

Friday, January 06, 2012

IT Knowledge Exchange: XML security appliance shopping advice

James Denman wrote an interesting piece titled XML security appliance shopping advice where he talks about real-life challenges faced by customers and their use of XML appliances such as Forum Sentry to solve such problems.

Earlier this month I wrote an article on a Software as a Service provider that employed a SOA security appliance for authentication and identity federation. OmegaFi, the SaaS provider in question, fills an interesting niche – providing financial services for Greek fraternities and sororities. Helping college kids run their organizations more like a not-for-profit business is not always easy, but OmegaFi has thrived on their particular set of challenges. I recently had some correspondence with the company’s CIO, John Woolbright that I would like to share.
Full Article: XML security appliance shopping advice

Monday, December 12, 2011

SC Magazine Rates Forum Sentry Product Five Stars

What's the difference between a Security Gateway product and a Enterprise Service Bus (ESB)? Security!  You never let users develop and deploy custom code in a gateway.  Custom SOA functionality is better suited for ESBs or application servers.  Deploying such functionality in a SOA/XML gateway is fraught with risk.  It breaks the key paradigm of separating security from application functionality.  Security functionality should never be coded by an enterprise, it should only be configured.

Question: When was the last time you dropped custom code in your firewall?

The SC Magazine Product review of Forum Sentry, the leading security gateway in the industry validates this Security vs. ESB notion by choosing Sentry as the only SOA/XML gateway in the security product review category.  Other gateways are merely application servers or ESBs with prepackaged security functionally that can be readily by-passed by the custom code that they run.

For detailed product review see:  SC Magazine Forum Sentry

Monday, December 05, 2011

SaaS provider hooks frats to Facebook with help from SOA appliances

James Denman's article shows a real-world example of how social media such as Facebook and SOA have converged.  Web Portals now use rich content from a variety of sources and providers.  Users are now not only expecting Web SSO, but also direct integration of their social media content with corporate services.  The Facebook integration used for SSO highlights how SOA, SSO and Social media are now central to corporate IT services.

A Software as a Service (SaaS) provider specializing in financial and information services for Greek fraternal organizations has tapped into Facebook to provide its fraternity and sorority users with easier updates to information. At the same time, it has tapped into a rack-mounted SOA appliance to provide security and federation services. 
OmegaFi is a SaaS specialist that offers a range of services tailored to the Greek crowd. OmegaFi was founded on chapter and alumni management tools but the portfolio has grown to include fundraising tools as well as information management services. 
Forum Systems, a maker of security and identity management appliances for SOA systems, has been a part of OmegaFi's recent growth. According to OmegaFi CIO John Woolbright, Forum's Sentry XML gateway appliance has been instrumental. Woolbright said in a statement, "After collaborating with us to meet the requirements of a three-month proof-of-concept project, we selected Forum Systems as our provider of choice for security and federation."

For full article, see:  SaaS provider hooks frats to Facebook with help from SOA appliances.

Wednesday, August 03, 2011

ITBusiness Edge: Old Reliable - FTP Still Relevant in an SOA, Cloud World

Loraine Lawson covers "Old Reliable" FTP and its relevance to SOA and Cloud Computing.  FTP is "reliable" as in "a reliable friend that you can always call," however, the protocol itself is not reliable for content delivery unless Managed File Transfer (MFT) type products are used to enable reliability using FTP.  The article is well written and covers an important trend that brings SOA, Cloud Computing, and Managed File Transfer under a single, manageable umbrella.  Excerpts from the article are below:

You would think that all this movement toward cloud and services and SOA would mean the end of things like managed file transfer and FTP. Instead, companies that offer these approaches are reinventing themselves and claiming new relevance. 

Complete article: Old Reliable - FTP Still Relevant in an SOA, Cloud World

Wednesday, July 27, 2011

Updated XML gateway brings FTP under the SOA governance umbrella

Jack Vaughan's recent article covers an important emerging trend: convergence between SOA and MFT technologies. Managed File Transfer (MFT) is a baseline mechanism for information movement within and across corporations using legacy protocols such as FTP. However, with the emergence of modern SOA-related protocols, companies are now migrating away from less secure and less reliable MFT transport protocols. This trend is also driven by regulatory requirements including PCI, HIPPA, and GLB

Link to Jack's article: Updated XML gateway brings FTP under SOA Governance umbrella.

Excerpt from the article:

Despite SOAP and SOA inroads, the vaunted File Transfer Protocol (FTP) continues to flourish in organizations that - not surprisingly – need to transfer files. Finance and banking both represent FTP bastions – although both sectors are also on their way to becoming SOA strongholds of sorts.
Bringing FTP - originated in the 1970s - under the general umbrella of governance is an eventual goal for many of these companies. Forum Systems, a Crosscheck Networks' subsidiary, seeks to support such efforts with a recent update to the Forum Sentry Gateway.
The latest version of the gateway offers content-level security for structured and unstructured data for documents of unlimited size using the OpenPGP standard, while also enabling message transfers over a variety of secured and unsecured transport protocols. Moreover, the software allows organizations to plan migrations from batch FTP processing to SOAP with Attachments (SwA)(MIME, DIME, MTOM), while using existing centralized governance policies across both legacy and modern message formats.

Tuesday, July 05, 2011

SC Magazine: Federation 2.0 - An Identity Ecosystem

Deb Radcliff's defining, informative and well thought out article on the current state and future of Federated Identity is a must read for all SOA, Networking and Security professionals. According to Deb (excerpts from article):

Federated identity, the process of authenticating someone across multiple IT systems and organizations, is taking on new meaning with the growth of cloud and mobile.
Synovus Bank, with 30 banks on the East Coast, didn't want to manage the identities of its approximately 100,000 commercial and 200,000 home-based customers. It also wanted its identity management to occur outside its firewall. So Synovus recently started using Crosscheck Network's Forum Sentry XML Gateway service between these users and their applications.
“Users and their sessions authenticate on the Forum structure, their SAML assertions are signed by Forum, and Forum also issues their secure tokens,” says Santosh Kokate, lead technical analyst with Synovus. “The beauty is I have online banking sitting safely behind the identity gateway and the identities and authentication are established there. I don't have to manage those identities or write a single line of code to make federation happen.”
Synovus also supports authentication for mobile users through REST (Representational State Transfer), which supports HTTPS-based assertions for when Kokate estimates are 8,000 mobile banking customers at this point (and more planned in the future). Because Synovus' intermediary, Crosscheck, supports these and other standards, Synovus can adapt to different types of identity federation requirements as needed.
 For complete article, click Federation 2.0:  An Identity Ecosystem.

Monday, April 25, 2011

Network Computing: SOA Security = XML + WAF

WAFs are well designed for protecting static HTML traffic, however, with the wide proliferation of SOA and the reuse of SOA-based components in dynamic web portals, significant XML, JSON and other non-HTML traffic is now generated from portals.  Handling security for sophisticated web portals requires functionality beyond that available in Legacy Web Application Firewalls (WAFs).

Network computing recently published a review of the industry-first integrated WAF + XML appliance, Forum Sentry WAF:

Forum Systems Integrates XML Gateway, Web Application Firewall On Single Appliance

Tuesday, December 21, 2010

SOAPSonar 6.0 from Crosscheck Networks Capable of Testing Unlimited Users in Cloud

Here an article covering SOAPSonar 6.0, the leading SOA Testing product.  The latest version provide a number of capabilities including testing cloud providers as well as testing using clouds.

For detailed article, see: SOAPSonar 6.0 from Crosscheck Networks  Capable of Testing Unlimited Users in Cloud

Thursday, December 16, 2010

Financial firm finds highly scaled testing for proliferating SOA services

Jack Vaughn, Editor-in-Chief of SearchSOA published this article on real life scenarios in SOA Testing and general SOA adoptions trends.  Article highlights are as follows:

  • a well built re-usable service will have high demand and a high number of transactions and consumers
  • through automated SOA Testing products such as SOAPSonar, 100% scenario coverage is possible
  • endurance and performance testing are also a core part of SOA Testing.
  • Service traffic includes traffic from RESTful services and has resulted in portals driving overall JSON, XML and SOAP message structures.  It's not just about A2A communication driving this traffic anymore.

Tuesday, November 30, 2010

Forum Systems: The only patented replacement to Cisco ACE Gateway

Jim Duffy's Network World Blog -- the Cisco Connection -- highlights the Cisco ACE XML Gateway replacement offered by Forum Systems, a wholly owned subsidiary of Crosscheck Networks.  Forum Systems is the only patented XML Gateway in the industry.  Migrating to non-patented products from other XML vendors exposes corporations to excessive liability and non compliance.  Furthermore, "me too" technologies that copy leading patented products eventually fade away much like the Cisco ACE XML Gateway.

For the complete article, see: http://www.networkworld.com/community/blog/third-option-cisco-ace-xml-gateway

Forum Systems Cisco Replacement Program:

  1. Program Details: http://www.forumsys.com/products/cisco_ace_replacement.php
  2. Best Practices: http://www.forumsys.com/resources/cisco-ace-replacement-program.php

Forum Systems Other Gateway Replacement Programs:

  1. IBM DataPower: http://www.forumsys.com/products/datapower_replacement_eol.php
  2. Other NON-PATENTED Gateways: http://www.forumsys.com/products/xml_gateway_replacement.php

Monday, November 08, 2010

Cisco ACE Replacement Strategy: Choosing the right XML Gateway

XML Gateways are a core component of SOA deployments.  SOA testers, developers, architect are intimately familiar with XML Gateways as a central component for enabling XML Security, Integration, Identity and Management.

Recently, Cisco published End-of-Life (EOL) and End-of-Sale (EOS) notices to its customer base for the Cisco ACE XML Gateway.

Forum Systems pioneered the XML Gateway Appliance space in 2001 with the launch of its product Forum Sentry.  A number of vendors followed this path by morphing their existing technologies to the XML Gateway Appliance space.  Reactivity, the company Cisco acquired for a $135M in 2007  was one such company that changed direction to enter this space.

In 2003, Network Computing published a bake-off between vendors in XML Gateway space.  Reactivity (acquired by Cisco), DataPower (acquired by IBM) and a number of other vendors including Forum Systems, Westbridge, Verisgn were also a part of the assessment.  Looking back at this vendor assessment, one can see a clear trend:  companies that changed their directions to come after the pioneer (Forum Systems) eventually gave up on the space.

Although the strategy of a company changing direction to follow a viable market seems like a good idea at that time, it has profound implications in the future.  When a product is not built ground-up to address a specific market, architectural comprises ensue that result in the demise of such products in the future.  The key factor in picking any technology solution is to identify the leaders and the followers.

New vendors continue to follow the leader in the XML Gateway space, by changing their ESB products to look like XML Gateways, however, they lack the innovation and intellectual property established by the leader.  See fore example, Forum System Issued Patent 7,516,333 for XML Security Gateway.

As corporations replace their XML Gateway from Cisco ACE or any other non-patented product, they should consider the following points:

  1. Select a patented product or face replacement issues as the patents are enforced.
  2. Pick an XML Gateway and not a product that is like an ESB/Application server.
  3. Demand an Independent Security Assessment on the ENTIRE XML Gateway.
  4. Validate feature/function availability and innovation leadership.
  5. Demand flexible replacement costs and options.
For a detailed article on Cisco ACE replacement strategy, see Cisco ACE Gateway EOL:  How to Pick a Replacement XML Gateway.

For Cisco ACE Replacement Programs, see Cisco ACE Replacement.

Thursday, August 05, 2010

MIT System Design and Management Program Hosts Experts on Cloud Computing, Entrepreneurship, Leadership

The MIT System Design and Management (SDM) summer 2010 business trip kicked off at the Faculty Club with a keynote address on entrepreneurship and leadership by Mamoon Yunus (MIT Mechanical Engineering, 1993 and 1995), President and CEO of Crosscheck Networks.

Yunus, who was introduced by Unatek CTO Charles Iheagwara (SDM 2010) after an opening statement by SDM director Pat Hale, saw a "gap" in the cloud computing movement and in 2004 founded Crosscheck to build technology that would scrub XML traffic in the cloud. Seeing gaps, said Yunus, is key to success.

"You can’t innovate in a vacuum," Yunus said. For example, after speaking at Harvard Business School he was approached by several MBA students who asked him, "‘How does one generate ideas? We know business, but are looking for ideas where we can apply our business skills."

Read More >>

Friday, July 09, 2010

Understanding Enterprise-to-Cloud Migration Costs and Risks

For CIOs, CTOs and business application architects, cloud computing has become inescapable aspect of their overall IT strategy. As businesses consider approaches to migrating parts of their infrastructure to the cloud, IT organizations wrestle with fundamental questions such as:

  • What applications or its components should be migrated to the cloud?
  • What should be the order/priority of migration?
  • Which IaaS cloud provider should be selected based on application performance and reliability requirements?
  • How do I mitigate enterprise-to-cloud migration risk?

Without addressing such questions, enterprises are faced with ad-hoc decisions during their cloud migration process that can add immeasurable risks to their business operations and undermine the efficiencies that they seek by migrating to the cloud.

This article, Understanding enterprise-to-Cloud Migration Costs and Risks,  tackles these issues and helps companies in making informed and measured decisions regarding their cloud migration strategy.

Friday, June 25, 2010

Europe CloudExpo : Understanding Enterprise-to-Cloud Migration Costs and Risks

Migrating to Infrastructure-as-a-Service (IaaS) is an attractive option for corporations that want to shift from a capital expense to a pay-as-you go model. Regardless of the business driver for cloud computing, of which there are many including reducing costs and adding nimbleness, large enterprises are now faced with re-evaluating their core IT assets with an eye towards enterprise-to-cloud migration for improving business efficiencies. However, beyond qualitatively appreciating the benefits of cloud computing, IT executives lack the ability to quantitatively assess the risk-reward structure of which application should be migrated from the enterprise to a cloud. Without having a quantifiable impact assessment of migrating enterprise resources to a cloud, enterprises are faced with ad-hoc decisions during their cloud migration process.

For all tracks and sessions presented during this event, see:

Monday, May 24, 2010

Using SQL Azure for SOA Quality Testing

SQL Azure provides affordable and rapid collaboration across SOA Test teams using SOAPSonar, the industry leading, comprehensive SOA and Cloud Testing product. This article provides an overview of using a shared repository: SQL Azure for collaborative SOA testing across dispersed SOA Test teams.

SQL Azure is a promising option for corporations that deploy Micrsoft technology and are interested in leveraging cloud computing to reduce IT costs and respond rapidly to business requirements. For companies that are simply looking for hosted relational databases, other options such as MySQL hosted by Amazon EC2, Rackspace, GoGrid or OpSource serve as strong alternatives.
Our impressions of SQL Azure have been positive. Through firewall rules, security provisions are adequete and not overwhelming for database and application developers. We do expect a richer web-based management interface in the future that goes beyond just creating an dropping databases. Although SQL Management Studio, installed locally on your machine, provides powerful management capabilities, it dilutes the power of installation-free, cloud-based components.
Corporations can use Quality Assurance and Testing as low-hanging use-cases for cloud computing. Companies should be less concerned about storing test data in external clouds compared to, for example, real customer data. Using SQL Azure for SOA test automation provides better collaboration for test teams, ease of database management and a cheaper alternative to procuring and maintaining on-premise test infrastructure.
For complete article, see:  http://soa.sys-con.com/node/1379631 

Monday, May 10, 2010

Network World: 15 Cloud Companies to Watch - Crosscheck Makes the List

Innovative vendors offering ways to make the transition to a cloud-based world less daunting.

Here are excerpts from the article published by Beth Schultz of Network World:

Why we're watching the company: Service-oriented architecture (SOA) testing companies have begun rounding out their product lines with tools aimed at giving IT organizations more confidence as they plan for application migrations to the cloud. The product can also ease the infrastructure and cost burdens of building out lab environments.
With CloudPort, developers can profile and measure the impacts of moving to cloud platforms while modeling the risk and cost benefits, the company says. From a central console, the tool provides information about cloud providers such as performance metrics, geographic latency and service initiation times; outages and application error states; and security, capacity and interoperability. Plus, it offers the ability to run what-if modeling scenarios. It leverages cloud instances from Amazon EC2, OpSource Cloud, GoGrid and Rackspace, and says its pay-as-you-go model lets enterprises realize cost savings of up to 60% when compared to reference architectures, while compressing the services life cycle and reducing time-to-market.
Who heads the company: CEO Mamoon Yunus, who founded Forum Systems, where he pioneered Web services security gateways and firewalls.
How the company got into cloud computing: Crosscheck comes from the Web services/SOA testing world. As SOA and virtualization come together in the cloud, adding cloud testing tools to its portfolio was a logical next step.

For complete article, see: