Silicon Valley Web Guild

1
Silicon Valley Web Guild The Challenges and
Future of Web Services March 12, 2003
2
What Are Web Services?

• Technical Definition XML/SOAP Over HTTP for
  Application to Application Communication.
• Very Few People Work off the Technical
  Definition.
• Reality Web Services Are Anything Over HTTP(s)
  E.G. ERP With a Web Interface Can Equal Web
  Service

ResultWeb Services Give Us A World Without
Boundaries.
3
Who Are the Players?
IDC Predicts Market Will Grow From 1.6 B in 2004
to 34 B by 2007.
4
The Emerging Enterprise

• Access to Information and Services by User ID
  Not IP/URL Address.
• Current Remote Access Technologies (VPN) Are
  Inadequate
• Requires Full Proxy To Intercept All Requests and
  Analysis All Responses
• Requires Comprehensive HTTP, HTML XML Content
  Analysis
• Requires Fully Integrated Content Networking
• Requires Very High SSL Acceleration Performance

5
Benefits of Web Services

• Location Is No Longer an Issue Anywhere/Anytime
  Access.
• All Transactions Are Authenticated/Authorized.
• User of a Browser Instead of a Heavy-Weight
  Application on the Desktop.

Browser Based Applications Are No Longer the
Domain of .Com Toys
6
The Challenges of Web Services

• Security and Performance
• Every Transaction Must Be Authenticated and
  Authorized.
• Every Transaction Must Be SSL Encrypted.
• Every Transaction Must Be Fast Enough for
  Interactive Use.
• Every Transaction Must Be NATTED.

What Then Is The Role Of The Firewall?
7
Firewalls Arent Going To Cut It

• Firewalls Are Primarily Network Level Only.
• Firewalls Do Not Provide Application Networking
  Security.
• Firewalls Cannot NAT Application Content.
• Application Content Can Allow Others To Map Your
  Network.

Firewalls Are No Longer Enough.
8
Where Are The Bad Guys?
9
A New Paradigm

• Proxies Will Be Crucial
• Proxies Must Be Well Positioned So All
  Application Access Can Be Centrally
  Authenticated and Authorized.
• Proxies Must Handle SSL Traffic on Behalf of the
  Server.
• Proxies Must Provide Some Kind of HTTP Level NAT
  for Both HTML and Javascript.

10
Centralized AAA
11
(No Transcript)
12
(No Transcript)
13
(No Transcript)
14
Handling SSL For The Server
Cipher Text To The Client

• The Server Is Your Revenue.
• SSL Is A Requirement To Do Business, But Not A
  Strategic Advantage.
• Proxies That Handle SSL On Your Servers
  Behalf Keep The The Servers Focused On
  Making Money.

Clear Text To The Server
15
HTTP Level NAT
Proxies Should Protect The Server From Revealing
Private Datae.g. http//proxy.company.com/708790
f9d1c84a1d2640e5af2515a699
Application Data From Server Can Reveal Private
Informatione.g. http//server.company.com/applic
ation/erp.asp?logincxoacct12345valueimportant
16
The Future of Web Services

• SOAP/XML Will Be the Enabling Technology to Let
  Us Webify Applications.
• Web Browsers Will Become the De-facto Platform
  for Enterprise Applications.
• Homogeneous Application Networking Can Be
  Accomplished.

Web Services Will Succeed Not Because It Is
Cool, But Because It Saves Money.