CA Gets A Gateway To SOA

CA has launched a SOA
Security Gateway, part of its IAM (Identity and Access
Management) r12. The announcement brings CA into head-on competition
with vendors including IBM and Cisco, though it doesn't really
represent another player in the market, as much of the technology
comes from an OEM
deal with Web services security vendor Vordel.

CA isn't just re-selling Vordel software. Technically, the SOA
security portion of Identity and Access Management comes in two components: The CA SOA Security Gateway is simply the Vordel XML Gateway, handling format conversion, application firewall and content screening. The CA SOA Security
Manager is a broader offering that integrates the gateway with CA''
own identity management system.

The full IAM suite also includes three other security products: CA
Mainframe Security Manager, its SiteMinder access control software
for Web-based apps, and CA Directory. The theory is that all can work
together as a single sign-on system – one of the original (but
so far mostly unrealized) promises of Web services.

Standalone SOA security gateways already have been under pressure,
with their core firewall functionality absorbed into network
infrastructure hardware or other SOA products. (And increasingly both
at once, as in the case of products like IBM's ESB box. For a closer
look at these, see our rolling
reviews of SOA appliances.) IAM suites represent yet another way
to provide the same features, and are an obvious choice for people
concerned about SSO.

The deal also is very good news for Vordel, which last month
upgraded all its products and moved
into SOA governance. It shows that other SOA vendors are not the
only potential partners (or acquirers) for SOA startups, and could
lead to other security vendors partnering with either Vordel or
competitors such as Layer 7 Technologies.