Forum XWall is now Forum Sentry

Forum XWall is no longer offered as a separate gateway product. Instead we have integrated our award-winning XWall XML firewall component as standard available feature with Forum Sentry. Forum XWall is now included with all Forum Sentry gateway products, both hardware and software based.

Forum XWall technology is the industry's leading Web Services Firewall equipped with data authentication as well as XML intrusion prevention to actively protect against XML viruses, data corruption and denial of Web service attacks. Forum XWall ensures critical applications are appropriately accessible and continuously available by allowing network administrators to enforce perimeter policies that check the integrity of data and control access to exposed enterprise Web services.

Today's network firewall's are blind to Web services because ports 80 and 443 are open to HTTP traffic, allowing SOAP and XML messages to flow undetected into a company's internal network. The security challenge becomes even greater as hackers bury malicious commands and data within Web services.

Only by decrypting the communications channel (e.g. Secure Sockets Layer sessions) and simultaneously checking the content of the messages can the network protect itself from hidden threats. Forum's Web Services Firewall peers into the "XML packet" using a unique blend of threat detection and real-time preventative countermeasures.

Major Web Services Threat Categories


Vulnerability discovery

Similar to a thief searching for an open window or unlocked door, revealing internal weaknesses and exposures. E.g. WSDL scanning.

Probing attacks

Similar to a thief jumping over the fence and then running back out, stealing bits and pieces of information. E.g. Parameter Tampering and Replay Attacks.

Coercive Parsing

Similar to a thief cutting the wires to a core system of a house - the XML parser - in order to gain access. E.g. Recursive Payloads, Oversize Payloads and Denial of Web service Attacks.

External Reference Attack

Similar to letting a stranger into your house who you think is a friend. E.g. External URI Reference.

Malicious Content

Similar to a thief delivering a misleading package that results in stolen identities, information leaks and fraudulent transactions. E.g. Schema Poisoning and SQL Injections.