I guess you need an XML firewall, like IBM Datapower one.
There are some more application-specific XML firewalling tools out there.

On Thu, Mar 20, 2008 at 02:28:53PM -0400, Ginski, Richard J wrote:
>
> There's talk in our org to directly interface one of our back-end
> servers to provide web services for external entities via the
> Internet. On the surface, this is a risky option for me. Although
> firewall "protected", I don't want a "protected device" directly
> interacting with web service "consumers" from the Internet. It sounds
> like a bad idea to me.
>
> I have been searching around looking for sample diagrams (etc) on
> environments that support Web Services. I am trying to determine where
> stuff goes in this environment and how a firewall/DMZ fit into the
> picture. Can anyone point me to where info would be available for
> this? I've checked the archives for the past year and checked at
> OASIS, W3C, OWASP, and XML.com, with no luck. The "web services sites"
> focus on coding practices, coding architecture, and coding frameworks.
> Although very important, it's not the info I am looking for. We are
> trying to determine how web services fit in our environment using best
> practices in network design and network security to support web
> services.
>
>
> Any help would be greatly appreciated. TIA!
>
>
> email protected and scanned by AdvascanTM - keeping email useful -
> www.advascan.com


> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@listserv.icsalabs.com
> https://listserv.icsalabs.com/mailma...rewall-wizards


_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailma...rewall-wizards