Is your DataPower implementation supporting your corporate security?
The right implementation will be agile, secure and efficient. Depending on who, and how long ago, the DataPower Gateways were implemented, you might find these key features are missing.
And, don’t forget how agility in implementing your services through the Gateway allows your company to deliver products to customers quickly. Winning business and protecting your assets will help you sleep at night.
So, does your DataPower Gateway have these key features?
Here is what you should look for:
1. Logging information to your SIEM (eg. QRadar)
Security plays an important part in your DataPower configurations by identifying and protecting you against threats. While DataPower finds these threats and acts appropriately to keep your company protected, it’s a best practice to configure a Log Target to output the messages to your company SIEM (Security Information and Event Management).
2. Repeatable Agile Framework to speed implementations
Configuring DataPower doesn’t require programming, which makes it very agile in providing capabilities in a short time. To improve the agility even more, you can configure an Agile Framework that will allow you to build new services, faster, and adhere to standards with little fuss. If you aren’t using a custom framework you are probably doing more work than necessary by replicating similar configurations that cause more ongoing maintenance.
3. Utilizing DataPower’s threat protection
DataPower comes out of the box with built-in threat protection for your XML payloads. There are additional configurable protection methods that guard against Denial of Service and SQL Injections, to name a few. You can even add virus protection as part of your DataPower configuration. Since these features are readily available out-of-the-box, ensure you turn them on.
4. Wire speed transformations
Who doesn’t want the fastest processing of XML parsing? DataPower has a built in XML Parser that will parse at “Wire speed”. If you are using multiple servers to load balance parsing of XML traffic, you should consider routing those transactions through DataPower and apply your parser on the “Wire”. You can reduce the effort to support the server farm, improve the speed for parsing XML messages, all while saving money (always a good thing!).
Takeaway & Action Items:
- Take the time, regularly, to investigate your DataPower implementation to see if you are taking full advantage of the all features of DataPower, inlcuding new features in updates of the firmware from IBM.
- DataPower is a secure appliance. Involve your architects and security teams to ensure you maximize your return on you DataPower investment.
- Consider a DataPower Advisor to review your implementation, share best practices, and assure you keep up-to-date on all of the latest DataPower features, including acting as an API Gateway.