Letters update from November 2003

Aw, Go On!
Lori MacVittie's "Dive Carefully" (Oct. 16, 2003) was a great piece. She obviously knows the Web services market, including its security pitfalls. Her points pertaining to SSL and TLS were right on.

I'm heavily involved in the area of Web services, and I think Lori MacVittie does an excellent job in helping to clarify the current security imbroglio surrounding Web services security.
Russell Ruggiero, Chairman
HumanMarkup.org
[email protected]

Missing Gateways?
Lori MacVittie's recent articles on Web services security ("Dive Carefully") and Web services gateways ("Enemy at the Gateway," Oct. 16, 2003) have been very useful. My company is in the middle of a security assessment relating to the use of Web services, and we're researching Actional's SOAPstation. Why wasn't it included in the review of WS gateways? Is it not of the same ilk? Have you heard of it, and do you have any information or concerns about its use?
Benny Jones; Senior Security Engineer
Company name withheld by request
[email protected]

I noticed you didn't include Check Point Software's firewall product in your competitive comparison of WS Security gateways.I thought that it could perform SOAP protection on XML.
Andras Kis-Szabo
Security Product Manager
DNS Hungary Ltd.
[email protected]

Lori MacVittie responds:
Actional's product was considered, but it fits into the management arena more than the security one. Many Web services management products are including security components by necessity, but security is not their core competency nor their focus.

Actional, AmberPoint, Confluent and Digital Evolution are prominent players in Web services management. We plan to test Web services management products next year and hope to invite those companies to participate.

Check Point does perform some SOAP protections on XML data. I've spoken to Check Point representatives about the company's product, and we'll be sure to include it next time around.

Renaissance Man
Don MacVittie's column "One Tool Doesn't Cut It" (Oct. 16, 2003)

was great. I have been in the IT field, mostly as a consultant, for more than 15 years and have seen my share of platforms, applications, APIs, languages, databases and so on. With ever-changing technology, the demands and expectations placed on application developers increase at least threefold (multitasking in different roles).

A former sales exec/recruiter once told me that I was a jack-of-all-trades and master of none. He said I needed to focus on one technology and become an "SME" (subject matter expert), which would make me "a valuable commodity within the IT arena." Then I noticed a big poster in his office that said, "Failure To Adapt Means Failure To Exist!" Without saying a word, I took the poster off his wall, handed it to him and walked out of his office.

Yes, we still need the fundamentals when it comes to application development. And, speaking from personal experience, the successful path to the solution that best meets the business need is in the hands of a "jack-of-all-trades and a master of some."
John Duvall, Application Development
Analyst-Adviser, Bank One
[email protected]

Tell us how you really feel. Send e-mail to us at [email protected], fax to (516) 562-7293 or mail letters to Network Computing, 600 Community Drive, Manhasset, NY 11030. Include your name, title, company name, e-mail address and phone number. All correspondence becomes the property of Network Computing.