Overview
|
|
Oracle Enterprise Gateway provides governance, acceleration, integration,
and security for SOA systems. Oracle Enterprise Gateway is available
on Windows, Linux, and Solaris (for more details, see
System
Requirements). The following sections describe the
high-level functionality available in the Oracle Enterprise Gateway.
|
Performance
|
|
Oracle Enterprise Gateway accelerates performance as follows:
Processing Offload
The Enterprise Gateway can be used to offload the heavy lifting of XML from
application servers, and on to the network. This frees up resources on
application servers and enables applications to run faster. The patented
high-performance core XML Acceleration engine (VXA), coupled with hardware
acceleration ensures wirespeed network performance.
VXA Platform
The core VXA engine is integrated into the Enterprise Gateway to accelerate the
essential XML security primitives. This engine provides XML processing
at faster levels than those performed by common JAXP implementations in
application servers and other applications that sit downstream from the
Enterprise Gateway. The VXA engine performs Document Object Model (DOM) processing,
XPath, XSLT conversion, and XML validation.
XML Data Enrichment
The Enterprise Gateway can automatically populate content in XML documents from
sources such as databases. By putting this functionality on to the XML network
infrastructure, data is automatically populated in XML messages before they reach
the consuming Web Services. This simplifies and accelerates applications in ESBs
and application servers.
|
Governance
|
|
Oracle Enterprise Gateway provides the following governance features:
Ease of Deployment
The Enterprise Gateway includes many features that speed up deployment. For example,
certificates and private keys, necessary for many XML security functions,
can be issued on board. The Enterprise Gateway has a deny-by-default
defense posture, to detect and block any unauthorized deployments of Web Services.
Policies can be re-applied across multiple application endpoints using simple drop-down
menus. Policies can also be imported and exported as XML files. This minimizes the time
needed to replicate policies across multiple Enterprise Gateways, or to move from a staging
system to production environment.
Centralized Management
A policy management console enables administrators to add security and management
policies to the Enterprise Gateway. You can manage policy versions across multiple
Enterprise Gateways using the Oracle Policy Studio enterprise policy management tool.
This enables enterprise policy management to be brought under centralized
control, rather than be managed separately on each Enterprise Gateway.
Web-based system administration tools are also provided to simplify Enterprise Gateway
management tasks. Oracle Service Manager provides quick and easy access to
enable you to manage your services and policies. You can use the Traffic Monitor
and Real-time Monitoring tools to monitor the messages sent through the Enterprise Gateway.
Traffic Throttling
The Oracle Enterprise Gateway protects Web Services from unanticipated traffic spikes
by smoothing out the traffic. It also limits clients to agreed Web Service consumption
levels in accordance with service usage agreements. This enables Oracle customers
to charge their clients for different levels of Web Services usage.
|
Integration
|
|
Oracle Enterprise Gateway provides the following integration features:
Identity Management
Oracle Enterprise Gateway can use an existing Identity Management (IM) infrastructure
to perform authentication and authorization of message traffic. For example, integration
is provided with LDAP, Microsoft Active Directory, Oracle Access Manager,
CA SiteMinder, Entrust GetAccess, IBM Tivoli Access Manager, RSA Access Manager,
and other IM products. The Enterprise Gateway also interoperates with leading XML products
and platforms, including Microsoft .NET, Oracle WebLogic, IBM WebSphere, and SAP
NetWeaver.
Pluggable Pipeline
The Enterprise Gateway’s internal message-handling pipeline is extensible, enabling
extra access control and content-filtering rules to be added with ease.
Customers do not have to wait for a full product release before receiving
updates of support for emerging standards and for additional adapters.
Scalable Architecture
The Enterprise Gateway is designed to offer a highly flexible and scalable solution.
Network administrators can deploy new Enterprise Gateway instances as needed, and deploy the
same or different policies as required. This enables administrators to apply polices at
any point in their SOA system. Policy enforcement points can be distributed around the
network, anywhere traffic is being passed.
|
Security
|
|
Oracle Enterprise Gateway includes the following security features:
Identity Mediation
Through its support for a wide range of security standards,
Oracle Enterprise Gateway enables identity mediation between
different identity schemes. For example, the Enterprise Gateway can
authenticate external Web Services clients using passwords, but
then issue SAML tokens that are used for identity propagation
to application servers.
Application-level Networking
The Enterprise Gateway routes data based on sender identity, content, and content type.
This enables XML messages to be sent to the appropriate application in a secure manner.
This also enables service virtualization to be performed, whereby
Web Services are exposed to clients with virtual addresses to mask their actual addresses
for security and application-delivery reasons. In this way, the Enterprise Gateway serves as an
important control point for traffic on the network by shielding endpoint Web Services
from direct access.
Audit Trail
The Enterprise Gateway satisfies audit requirements by enabling Web Services transactions
to be archived in a tamper-proof store for subsequent audit. Oracle also
facilitates privacy compliance support by allowing sensitive information,
such as customer names, to be encrypted or stripped out of message traffic.
|
|