Upload
dinhkien
View
247
Download
3
Embed Size (px)
Citation preview
IBM DataPower GatewayOverview & What’s New in V7.5
StefanoTosato,OfferingManager,Gateways
Aug1,2016
Agenda
ØDataPower Gateway Overview
ØRecent Releases
ØWhat’s New in DataPower Gateway V7.5
2
IBM DataPower Gateways provide a low startup cost,helping clients increase ROI and reduce TCO with specialized, consumable, dedicated gateways that
combine superior performance and hardened security in physical, virtual, cloud & Docker container form factors
INTEGRATE Systems of Engagement with Systems of RecordCONTROL & MANAGE Traffic and Service Level Agreements
SECURE Mobile, API, Web, SOA, B2B and Cloud Workloads
OPTIMIZE Data Delivery and User Experiences CONSOLIDATE & Simplify Infrastructure Footprint
DataPowerGateways….
Secure,control&accelerateDigitalworkloads
3B2B
Simplifymobilesecuritywithsingle,purpose-builtgateway;controlmobiletrafficandacceleratedelivery
WebSimplifywebsecuritywithsingle,purpose-builtgateway;controltrafficandacceleratedeliveryforintranetandinternetwebapplications
CloudDeployinmultiplehypervisor,cloudenvironmentsandenablehybrid&intercloudconnectivity
APIEasilysecure,control,
publish,monitor&manageyourAPIs
SOASecure,integrate,control&manageSOAworkloadsintheDMZandTrustedzones
ExtendConnectivity&IntegrationbeyondtheenterprisewithDMZ-readyB2Bedgecapabilities
Mobile
Internet TrustedZoneDMZ
1API Gateway2Mobile Gateway
3WebGateway
4 B2BPartnerGateway
5 API&SOAGateway
6ESB/IntegrationGateway7 InternalSecurityEnforcement
8LegacyIntegration
SystemZ
ESB/Middleware
App ServerorService
InternalLoBApp
Web
TradingPartners
Mobile,IoT
CommonUseCasesIBM DataPower Gateways are the industry-leading
Security & Integration gateways that help provide security, integration, control and optimized access to a full range of Mobile, Web, API, SOA, B2B, & Cloud workloads
ISAMProxyModuleq Useraccesscontrol,sessionmanagement,
webSSOenforcementq Advancedmobilesecurity:mobileSSO,
context-basedaccess,one-timepassword,multi-factorauthn
ApplicationOptimizationModule
q Frontendself-balancingq Backendintelligentloaddistributionq Sessionaffinityq zSysplexDistributorintegration
IntegrationModule
q Any-to-Anymessagetransformationq Databaseconnectivityq MainframeIMSconnectivity
B2BModuleq B2BDMZgatewayq EDIINTAS1,AS2,AS3,ebXMLq Partnerprofilemanagementq B2Btransactionviewerq Any-to-Anymessagetransformationq Databaseconnectivity
TIBCOEMSModule
q IntegratewithTIBCOEMSmessagingmiddleware
q Supportforqueues&topicsq Loadbalancing&fault-tolerance
IBMDataPowerGateway(Base)Secure
§ Authentication,authorization§ Securitytokentranslation§ Service/APIvirtualization§ Threatprotection§ Messageschemavalidation§ Messagefiltering§ Messagedigitalsignature§ Messageencryption§ AVscanningintegration
Integrate§ Transportprotocolbridging§ Any-to-anymessage
transformation§ Messageenrichment§ Databaseconnectivity§ Mainframeconnectivity§ B2Bpartnerconnectivity§ Hybridcloudconnectivity
Control&Manage§ Quota&rateenforcement§ Content-basedrouting§ Messageaccounting§ B2Bpartnermanagement§ Integrationw/governance,
management&monitoringplatformsincludingIBMAPIConnect&WSRRforpolicyenforcement
Optimize&Offload§ HTTP/2§ SSL/TLSoffload§ Hardwareacceleratedcrypto*§ JSON,XMLoffload§ JavaScript,JSONiq,XSLT,
XQueryacceleration§ Localresponsecaching§ DistributedcachingwithWXS§ Backendloadbalancing
Single,modular&extensibleGatewayplatform
AvailableFormFactors
6
ISAMProxyModule
IntegrationModule
B2BModule
AOModule
TIBCOEMSModule
Allsoftwaremodulesarefieldupgradeable
Physical,Virtual,Cloud&Docker
AvailableFormFactors:DeployAnywhere
Hardware
GatewayImage
Physical Virtual** Cloud** Docker**4
CryptoAcceleration
TrustedPlatformModule
IBMProvided
Hardware
GatewayImage
Hypervisor1
GatewayImage
OperatingSystem2
(CloudVirtualServer)
Hardware
GatewayImage
DockerEngineHypervisor/OS
All in one solution (HW / SW) * Physical security* Drop-in deployment & mgmt* Performance including HW crypto acceleration
* DMZ drop-inEmbedded HSM option (FIPS 140-2 certified)
Software solution (Virtual machine)* User responsible for providing &
securing HW and HypervisorFlexible deploymentFlexible resource allocationsProd, non-prod, dev editions
Software solution (Application)* Cloud vendor responsible for
securing HW and Hypervisor* User responsible for securing OS
Public Cloud deploymentsRapid scale up/downFirst class Cloud citizen
Software solution (Container)* User responsible for providing &
securing HW, Docker Host OS or hypervisor
Docker optimized image* Apply your DevOps tools &processes
* Provides ability to optionally storeDP config externally in Docker Host filesystem1 SupportedonVMware &CitrixXenServer hypervisors.
2 SupportedviaRHEL&UbuntuonAmazonEC2,MicrosoftAzure,IBMSoftLayer.3 SupportedonDockerContainerbasedonRHEL&Ubuntu.4 DockerImagebuiltusingIBMprovidedpackages.
DockerContainer3
HardwareSecurityModule
Signed&EncryptedGatewayStack
IBMOptimizedEmbeddedOS
Signed&EncryptedGatewayStack
IBMOptimizedApplicationLayer
Hardware
Hypervisor
Signed&EncryptedGatewayStack
IBMOptimizedEmbeddedOS
Signed&EncryptedGatewayStack
IBMOptimizedApplicationLayer
** “Oncedeployed,it’sDataPowerGateway”
Ø Seamless configuration migrationü Easily move configuration between form factors
Ø Deployment flexibility and elasticityü “Right size” the deployment, quickly deploy where needed & rapidly scale
Ø Workload isolationü Projects can use their own instances
Ø Unbounded memory scalabilityü Memory can be added to instances without additional licensing
Ø Low cost for Dev & Test environmentsü Developers & Non-Production versions include add-on software modules at no additional charge
Ø Free disaster recoveryü Warm or cold backup without additional licenses when licensed for Production
Ø Flexible licensing and entitlementü Sub-capacity licensingü Monthly licensing option ü Entitlement to future product versions at no additional charge with active maintenance (S&S)
VirtualEditionBenefits
Ø Non-blockingevent-drivenI/Oarchitecture
ü ArchitecturesimilartoNginx&Node.js
ü Continuedenhancementssince2002
Ø Parsers&compilers forJSON&XMLprocessingwrittenfromground-upwithseveralpatents
Ø SecureandoptimizedJavaScriptruntime calledGatewayScript
Ø Purpose-built,securegatewayimage
ü Singleself-contained,signed&encryptedsecuregatewayimagewithoutexternalsoftwaredependenciesq Noarbitrarysoftware
q Securityexposureminimizedduetosmallervulnerabilitysurface(fewuser-exposedand3rd partycomponents)
ü Highassurance,“locked-down”configuration
ü Optimized,embeddedoperationsystem
Purpose-Built, Secure Gateway
HowDataPowerGatewaysareunique?
Enterprisegradesecurityrequiresasecureplatform
Ø Physicalsecurityviahardware
ü Sealed,tamper-evidentcase
ü NousableUSB,VGA,otherports
ü Customizedintrusiondetectionswitch
ü TrustedPlatformModule
ü Encryptedflashdrive
ü Cryptographicaccelerationcard
ü OptionalFIPS140-2level3certifiedHardwareSecurityModule
Simple&SecureArchitecture§ How is DataPower Gateway different? Purpose-built, secure gateway platform
Ø Complete gateway platform delivered as hardened image
§ Guiding philosophy is to centralize common security, traffic management, mediation, acceleration functions and optimize them in a security-hardened gateway stack delivered in physical, virtual, cloud & Docker container form factors
Display Ports
database
config
App Server
config
HTTP Server
config
JVM
config
Proprietary Software
config
Linux Daemons
configJSP Engineglibclibxml
Full Linux OS(including shells and user accounts)
config
Bootable CDROM
Drive
Bootable USB Ports Hardware
config
Hardware
DataPower Gateway PlatformDigitally Signed and Encrypted
Image
FlashMemory
Crypto Acceleration
IBM Optimized Embedded Operating Environment
DataPower Gateways(Secure & Easy to Manage)
Commodity Gateways(In-Secure & Hard to Manage)
• JavaScript-basedgatewayruntimewhichsimplifiesconfigurationfordevelopersandprovidesaneasierdevelopmentparadigmforAPI,Mobile,Web,&IoT
• Security• Transactionisolationtopreventmemory-basedattacks• Codeinjectionprotectiontopreventsecurityexposuresfrommaliciouscode
• Performance• HighlyoptimizedJavaScriptcompiler• Builtonintellectualcapitalandexpertisefrom10+yearssecuringandoptimizing
parsing/compilertechnology
GatewayScriptTM:Secure&optimizedJavaScriptruntime
Purpose-built, Secure Gateway
API,Mobile,Cloud,B2B Built-in security, traffic mgmt,
mediation, acceleration
Developer, Enterprise & DevOps Friendly
Operations Dashboard
Flexible & ExtensibleDeploy Anywhere
DataPowerGateways….
• Usedby95%oftopglobalinsurancesfirms
• SaaSproviders,ASPs,regulators,etc.
• Agenciesandministries• Defenseandsecurityorganizations• Crowncorporations
InsuranceGovernment
Banking• Healthcare• Retailers• Utilities,Power,OilandGas• Telecom• Airlines• Others
Many,many,more• MajorityofthebigUSandEuropeanbanks• Allofthebig5Canadianbanks• Numerousregionalbanksandcreditunions
Over 15 years of innovation & 2000 global installations
DataPowerGateways
DataPower’ingIBMBluemix!!!• Security
• Control
• Filtering
• Content-BasedRouting• Loadbalancing
• MonitoringandLogging
Mobile client
Bluemix Tooling
VM
Application Manager
AppAppAppApp ServiceServiceServiceService
Open Stack
External Services
Internet
DataPower has been trusted to be the exclusive gatewayfor Bluemix, IBM’s global Platform as a Service
Didyouknow?
• Data format & language– JavaScript‒ JSON ‒ JSON Schema ‒ REST, SOAP 1.1, 1.2 ‒ WSDL 1.1 ‒ XML 1.0 ‒ XML Schema 1.0 ‒ XPath 1.0, XPath 2.0 (XQuery only) ‒ XSLT 1.0 ‒ XQuery 1.0, JSONiq
• Security policy enforcement‒ OAuth 2.0, OpenID Connect, Social Login‒ JWE, JWS, JWT, JWK‒ SAML 1.0/1.1/2.0, SAML Tkn Profile, SAML queries‒ XACML 2.0 ‒ Kerberos (including S4U2Self, S4U2Proxy)‒ SPNEGO ‒ RADIUS, RSA SecurID OTP using RADIUS ‒ LDAP versions 2 and 3 ‒ Lightweight Third-Party Authentication‒ Microsoft Active Directory ‒ FIPS 140-2 Level 3 (w/ optional HSM)‒ FIPS 140-2 Level 1 (w/ certified crypto module) ‒ SAF & IBM RACF® integration with z/OS ‒ Internet Content Adaptation Protocol‒ W3C XML Encryption ‒ W3C XML Signature ‒ S/MIME encryption and digital signature ‒ WS-Security 1.0, 1.1 ‒ WS-I Basic Security Profile 1.0, 1.1 ‒ WS-SecurityPolicy ‒ WS-SecureConversation 1.3
• Transport & connectivity– HTTP, HTTP/2, HTTPS, WebSocket Proxy– FTP, FTPS, SFTP – WebSphere MQ– WebSphere MQ File Transfer Edition – TIBCO EMS – WebSphere Java Message Service– IBM IMS Connect, & IMS Callout– NFS – AS1, AS2, AS3, ebMS 2.0, CPPA 2.0, POP,
SMTP (B2B Module) – DB2, Microsoft SQL Server, Oracle, Sybase, IMS
• Transport Layer Security ‒ TLS versions 1.0, 1.1, and 1.2‒ SSL versions 2 and 3 ‒ SNI, PFS, ECC Ciphers
• Public key infrastructure (PKI)‒ RSA, 3DES, DES, AES, SHA, X.509, CRLs,
OCSP ‒ PKCS#1, PKCS#5, PKCS#7, PKCS#8, PKCS#10,
PKCS#12‒ XKMS for integration with Tivoli Security Policy
Manager (TSPM)
• Management‒ Simple Network Management Protocol‒ SYSLOG ‒ IPv4, IPv6
Link to Product Documentation
• Web services– WS-I Basic Profile 1.0, 1.1 – WS-I Simple SOAP Basic Profile – WS-Policy Framework – WS-Policy 1.2, 1.5 – WS-Trust 1.3 – WS-Addressing – WS-Enumeration – WS-Eventing – WS-Notification – Web Services Distributed Management– WS-Management – WS-I Attachments Profile – SOAP Attachment Feature 1.2 – SOAP with Attachments (SwA) – Direct Internet Message Encapsulation– Multipurpose Internet Mail Extensions– XML-binary Optimized Packaging (XOP) – Message Transmission Optimization Mechanism
(MTOM) – WS-MediationPolicy (IBM standard) – Universal Description, Discovery, and Integration
(UDDI versions 2 and 3), UDDI version 3 subscription
– WebSphere Service Registry and Repository (WSRR)
DataPower Gateway V7.5.1: Supported standards & protocols
See slide deck for Common Use Cases:slideshare.net/ibmdatapower/data-power-common-use-cases
Agenda
ØDataPower Gateway Overview
ØRecent Releases
ØWhat’s New in DataPower Gateway V7.5
Secure. Integrate. Control. Optimize.
ReleasedJun 2015
New Cloud Offerings
Secure Gateway for Bluemix
Easier DevOps with new REST API
GatewayScript Enhancements
Robust Platform Security
Deploy DataPower Gateways on Amazon EC2, Microsoft Azure and SoftLayer CCI to provide enhanced cloud elasticity for cloud workloads
Enhanced hybrid cloud integration to securely connect between IBM Bluemix applications and on-premise services protected using DataPower Gateways
Protect mission-critical applications from security vulnerabilities with enhanced TLS protocol support using Elliptic Curve Cryptography, Server Name Indication, and Perfect Forward Secrecy
New REST-based management API to build deployment and automation scripts, enabling easier devops for continuous software delivery and quicker problem resolution
Enhanced Mobile and API security
Easily transform between XML and JSONmessages to quickly integrate System of Records data sources with Systems of Engagement interfaces
Increased mobile and API security for protecting mission-critical transactions with JSON Encryption, JSON Signature, JSON Key, and JSON Token
7.2
Agenda
ØDataPower Gateway Overview
ØRecent Releases
ØWhat’s New in DataPower Gateway V7.5
NewCloudOfferings
DeploymentFlexibilityusingDocker
NewModernizedUserExperience
EnhancedAPI Security
RunDataPowerasanRedHatEnterpriseLinux(RHEL) applicationoncloudplatforms(Amazon/SoftLayer)foreasiermanagementusingcloudmanagementtools
DeployDataPowerasaDockercontainer forenhancedportability,scalabilityandenvironmentprovisioning
Modernizeduserexperiencetoreducecomplexityandallowquickercreationofgatewayservices
NetworkHSMIntegration
FlexibleuserauthenticationforSingleSign-On(SSO)toWeb,mobileandAPI workloadsusingsocial(eg.Google)orenterpriseidentitiesbasedonOpenIDConnect
IntegratewithGemalto(formerlySafenet)networkHSMtoprovidesecurekeymanagementandoffloadofcryptooperationsincloudandvirtualenvironments.
Built-inPoliciesonIBMAPI Connect
NewAPI gatewaypoliciesforIBMAPI CONNECTtoenablequickdeliveryofgatewaycapabilitieswithoutanycustompolicyauthoringorcoding
Create Run
ManageSecure
7.5 ReleasedMar 2016
DataPowerV7.5OfferingDetails(1of2)
• RunDataPowerGatewaysoncloudplatforms(Amazon/SoftLayer)usingRedHatEnterpriseLinux(RHEL) virtualserverforincreaseddeploymentflexibilityandsecurity throughimplementationofRHELbestpractices.
• UseDataPowerGatewaysonMicrosoftAzure tosecureandintegrateservicesdeployedonAzureCloud.
• DeployDataPowersecureimageinaDockercontainer forincreasedportability onbare-metal,virtualandcloudplatforms,allowingDataPowertorunonanyDockersupportedenvironment.
• EnhancedvirtualandcloudplatformsecurityusingGemalto(formerlySafenet)networkHSM(CertifiedFIPS140-2Level3)toprovidesecurekeymanagementandoffloadofcryptooperations
• Newmodernizeduserexperience toreducecomplexityandallowquickercreationofgateways
• Easilydeploygatewayaccelerators usingBlueprintsconsoleandseamlesslycustomizetomeetenterpriserequirements
DataPowerV7.5OfferingDetails(2of2)
• Flexibleuserauthentication forSingleSign-On(SSO)toWeb,mobileandAPI workloadsusingsocial(eg.Google)orenterpriseidentitiesbasedonOpenIDconnect.
• OutoftheboxAPI gatewaypoliciesforIBMAPI management toenablequickdeliveryofgatewaycapabilities withoutanycustompolicyauthoringorcoding.
• UseDataPowerGatewaystoenforcemobileandAPI securitypoliciesusing CASSO(formerlySiteminder) forincreasedsecurityinteroperability
• Simplifiedpackaging ofISAMmoduleforDataPower withentitlementtoIBMSecurityAccessManagerV9virtualedition
• EnhancedmobilesecuritytoprotectaccesstoMobileandAPI servicesmanagedfromIBMMobileFirstPlatform,enablingquickertime-to-marketofmobileapplications
ISAM
Cloud
DeployanywhereusingDockercontainers
• PerformregularDockertasks(build,pull,andrun)onanyDockersupportedhosts• PullDataPowerimagesfromDockerprivateregistries• HigherdensitytorunmultipleconcurrentDataPowerinstancesonasinglemachine
24
QuicklyprovisionenvironmentsusingDataPowerDockerimage
25
Dev
PrivateRegistry
Test Prod
DockerImages
Containers Containers
MultipleContainersforHA
OperatingSystem
HostSystem
Quicklybuildandtestgatewaycapabilitieswithsharedvolumes• MapsharedvolumefromhostfilesystemtoDockercontainertoenablelocaldevelopment
– MappedtoDataPowerfilesystem- local:andconfig:directories
• Enhanceddevelopmentexperiencetoquicklybuildandtestchanges
Container
docker run idg
Gatewayscript.js Gatewayscript.js
DataPowerCloudGatewayinpubliccloudplatforms• DataPowerGatewaysprovidesecurityandintegrationcapabilitiestoprotectandoptimize
cloudworkloadsonSoftLayer,MicrosoftAzure(new),andAmazonEC2platforms• DeployedwithinthepubliccloudvirtualserverenvironmentusingeitherRedHat
EnterpriseLinux(new) orUbuntu
SystemofRecord VirtualServer
New
New
IntegrationwithSafeNetNetworkHSM
• Current - DataPowerGatewaysprovideanembeddedHSMforoffloadofsecurecryptooperationsforenhancedsecuritythatisFIPS140-2Level3certified
• New – DataPowerGatewaysintegratewithGemalto(formerlySafeNet)network HSMtoprovidesecurekeymanagementandoffloadofcryptooperationsincloudandvirtualenvironments.
• Enablessecurekeymanagementandcryptooffloadinvirtualandcloudenvironments
• TheSafeNetNetworkHSMstoresthekeysandperformsthecryptographicoperationsintheHSMpartitions.– Cryptographicrequestsaresentoveranetworktrustlink(NTL).
28
Network
NetworkHSMClient
NetworkHSMServer
UseDataPowerGatewaystoenableHybridcloud integration
VirtualServer
SystemofRecord
User
User
SSLMutualAuth
On-PremisesPublicCloud
SecureGateway
SecureChannel
SecureGatewayServiceEnhanced portability and scalability on public
cloud platforms
NetworkHSM
NetworkHSM
Secure Gateway Client
API
IBM API Connect: Simplified & Comprehensive API foundation
What is API Connect?An integrated creation, runtime, management, and security foundation for enterprise grade API’s and Microservices to power modern digital applications
What does API Connect provide?•Automated, visual and coding options for creating APIs•Automated discovery of system of records APIs•Node.js and Java support for creating Microservices•Integrated enterprise grade clustering, management and security for Node.js and Java•Lifecycle and governance for APIs, Products and Plans•Access control over API’s, API Plans and API Products•Advanced API usage analytics •Customizable, self service developer portal for publishing APIs •Policy enforcement, security and control
Create Run
ManageSecure
IBM API Connect: Capabilities Delivered
• API discovery• API, Plan & Product policy creation• API, Plan & Product lifecycle mgmt.• Self-service, customizable, developer
portal• Advanced Analytics• Subscription & community mgmt.
• Policy enforcement• Enterprise security• Quota management & rate limiting• Content-based routing• Response caching, load-balancing
and offload processing• Message format & transport
protocol mediation
• Rapid model-driven API creation• Datasource to API mapping automation• Standards-based visual API spec
creation in Swagger 2.0• Local API creation and testing• On-cloud & on-premises staging
of APIs, Plans & Products
• Node.js & Java Microservice runtime• Node.js & Java integrated runtime
management• Enterprise HA & scaling• On-cloud & on-premises staging of
Microservice applicationsCreate Run
ManageSecure
IBMAPI Connect:Additionalbuilt-inpolicies
Create Run
ManageSecure
• Built-inpoliciesforIBMAPI ConnectthatareenforcedonDataPowerGatewaytoquicklysecure,controlandoptimizeaccesstoAPI services
Mobile&AdvancedSecurity
MobileFirstPlatformFoundationEssentialmobilebackendservicespre-integratedwithadvancedsafeguards,managementandanalytics
DataPowerGatewayHighperformancegatewaytosecuremulti-channeltrafficacrossmobile,IoT,cloud,web,B2B,SOAandAPIs
API ConnectCreate,Run,Manage&SecureneworexistingAPIsandMicroservicesinahybriddeploymentwithNode.jsandJavatopowermoderndigitalapplications
Useoneorallofthesecomponentstogetherbasedonprojectneeds
SingleGatewayforAPI &Mobilepolicyenforcement
MobileFirst Foundation
wwwTH GSIN Cloud
DataPower
APIConnect
IntegrationwithIBMMobileFirstPlatformSecure&controlMobileapps
• EnforcesecuritypoliciesfromIBMMobileFirstPlatformusingDataPowerGateways• IBMMobileFirstPlatformprovidespolicyauthoring&decisionpoint(egapproved/rejected)withDataPowerGatewaysastheenforcementpoint
36
SystemofRecordMobile Gateway
MQIMSCICSDB2z/OSConnect
P1:ApplicationAuthenticationP2:Step-upAuthentication
API Policy=MFP(P1,P2)
P1
P2
A1A2
A1:RESTAdapterA2:SOAPAdapter
MyAPI(Policy=MFP)-GETA1-POSTA2
37
Mobile Gateway SystemofRecord
ISAMModule
ESB/Middleware
MQIMSCICSDB2z/OSConnect
IBMSecurityAccessManager
/apiconnect
Trusteer
IntegrationwithIBMSecurityAccessManagerEnforce“context-aware”API securitytoprotectagainstfraudandsecurityexposures
RecentAPI &Mobilesecurityenhancements
• OpenIDConnect:FlexibleuserauthenticationforSingleSign-On(SSO)toWeb,mobileandAPI workloadsusingsocial(eg.Google)andenterpriseidentities– UsesocialprovidertoauthenticateresourceownerinanOAuthflow– Provideidentityas-a-serviceforauthenticationusers(OpenIDConnectprovider)
• StrongerAPI securitywithJWTprofileforOAuthforprotectingaccesstoAPIresources
• Enhancedinteroperabilityacrossenterprisesecurityproductswith JWTsupportinDataPowersecurityframework(AAA)
• Dynamicsecuritypolicysupportforenhancedauthoringflexibilityofuserauthentication,authorizationandtokenmanagementpolicies
Otherenhancements
• SecureBackup/RestorescryptbetweenDataPowervirtualeditions• EllipticalCurveCryptography(ECC)enhancementsinGatewayScriptAPIsandTLSprotocols
• GatewayScriptupgradetoECMAScript6.0(Blockscoping,promises,templatestrings,andmore)
• AccesscontrolusingIBMSecurityAccessManager(V8/V9)federateddirectories
39
UX
DataPowerUXmodernization
Modernizedlookandfeelwithupdatedthemeandsimplifiednavigationexperience
Current
New
Simplifiednavigationexperience
Listfrequenttasksandsearchbartofindanytasksorconfigurationobjects
New
Current
§ Knownasthe‘bible’ ofDataPowerplanning,implementation,andusage.
§ Newcontenttocovernewproducts/features,including9006/7.2!
§ Volume1consistsofDataPowerIntro,SetupGuide,CommonUseCases,DeploymentChecklist,newPrefaceandthreeinvaluablenewappendicesforphysicalandvirtualgateways.
§ VolumeIIisanin-depthcoverageofDataPowernetworkingtopics,includingVLAN,linkaggregation,highavailability.
§ VolumeIII isanin-depthcoverageofDataPowerdevelopment,includingXSLT,EXSLT,JavaScript/GatewayScript,JSON,JSONiq,XQuery,binary/secondarydataformats,anddevelopmenttools.
§ VolumeIVcoversDataPowerB2Bprocessingandfiletransfer,includingrelevanceofB2Bintoday’sAPI drivenworld.
Available in softcover and e-book formats
DataPowerHandbook,SecondEdition,VolumeI,II,III,IV
WherecanIlearnmoreaboutIBMDataPowerGateway?
• OverviewVideo– youtube.com/watch?v=RqT3f_TmSMM
• ProductPage– ibm.com/software/products/en/datapower-gateway
• ProductDocumentation– ibm.com/support/knowledgecenter/SS9H2Y
• Videos– youtube.com/channel/UCV2_-gdea5LM58S-E3WCqew
• SlideDecks– http://slideshare.net/ibmdatapower
• GitHubRepository– github.com/ibm-datapower/
• Twitter– twitter.com/IBMGateways
• LinkedIn– Privateusergroup‘IBMDataPowerGateway’– linkedin.com/groups?gid=4820454
• UserForum– ibm.biz/dpuserforum
BACKUP
Multi-ChannelGatewayforDigitalEdgeProcessingImprove security & control while reducing cost
Ø Uses intuitive policy pipeline message processing to secure, control, optimize, & integrate services and application traffic
Ø Enforce security standards with zero codingØ Import/export configurations between environments
Ø Transaction probe shows message content between actions for debugging
Policy-drivenapproachspeedstimetomarket
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011/12
OptimalInterpreterandCompiler
OptimizedHardware
Acceleration
XA35 XI50
WebSphereTransformation
ExtenderModel9004
XI52| XB62
Gigabit/SecOEMHWSolution Acquisition
ITCAMforSOA
AOSelf-BalancingandIntelligent
LoadDistribution
Model9005
XS40Model9003
XB60
Blade
XG45API
Management
DataPowerGateway
DataPowerDocker
2015/162013 2014
DataPowerCloudEdition
DataPowerVirtualEdition
Overa15+yearsofinnovation