Web services rely on the transfer of XML data. This poses a threat from the point of view that every packet possible could be malicious. Hackers may send SOAP (Simple Object Access Protocol) packets containing executable messages, crafted windows/SQL executables within XML packets or even initiate a XDoS (XML DoS attack).
As the name suggested XML Firewalls help you protect your web services from such attacks and are designed to solely listen on port 80 and mitigate malicious XML based “traffic” using Layer 7 inspection.
The main advantage of using XML Firewalls is that as they are solely designed for XML handling the performance impact is much smaller then that of “other” XML Layer 7 solutions (such as Inline IPS, Layer 7 Firewalls or AV Proxies etc). Though on the flip side the main disadvantage being the setup costs involved in introducing a hardware based XML appliance within your organisation.
Additional Resources :
- http://www.infoq.com/articles/service-firewall
- http://www.infoworld.com/d/security-central/closing-xml-security-gap-522
- How to Configure a BIND Server on Ubuntu - March 15, 2018
- What is a BGP Confederation? - March 6, 2018
- Cisco – What is BGP ORF (Outbound Route Filtering)? - March 5, 2018
Want to become an IT Security expert?
Here is our hand-picked selection of the best courses you can find online:
Internet Security Deep Dive course
Complete Cyber Security Course – Hackers Exposed
CompTIA Security+ (SY0-601) Certification Complete course
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial