Alcatel-Lucent Shift: Web Services Security

By its own admission, networking giant Alcatel-Lucent has not been seen in the marketplace as a security player. It’s a perception the networking/hardware provider is now trying to change.

With the release of a new Web Services gateway and network access control (NAC) partnership, Alcatel-Lucent is beefing up its security offerings as part of its strategic goal of becoming a true networking security player.

“What we want to do is move away from the situation where security is mainly an adjective to a situation where security is also a noun,” Michel Emelianoff, vp of enterprise security solutions, told
“We want to be delivering security solutions that bring value and help us to grow and expand on the enterprise market.”

The new OmniAccess 8550 WSG (Web Services Gateway) is one such “noun” that Alcatel-Lucent is floating into the marketplace. At a basic level, the 8550 proxies all the sensitive data that flows out of an organization’s Web Services SOA infrastructure and it ensures that it only gets into the right hands.

Cliff Grossner, product manager for the 8550 at Alcatel-Lucent, explained that the gateway is typically installed in a data center. When a user clicks on a URL, an information request message is sent that is intercepted by the 8550. It then unpacks the message, looks at the credentials and the type of request, checks against the information directory to make sure the user has a valid right and then provides policy in a stateful way.

Grossner claimed that the stateful application of policy to Web Services traffic is a real game changer. “Now it becomes possible for policy to be applied that looks at how many records are accessed in, say, an hour versus looking at individual transactions,” Grossner said.

The use of stateful policy also provides a user-centric approach for audit trails as well.

Securing Web Services is not something that Alcatel-Lucent itself has invented. But the company is making use of the existing WS-Security specification and adding on to it.

“We follow standards for securing the individual Web services, which is what WS-Security addresses, but we also have extended it on the user side to have additional policy for stateful sessions,” Grossner added.

Initially, Alcatel-Lucent is focusing the 8550 at the Health Care industry. Expect other markets to be part of its focus in 2008.

Alcatel-Lucent is also expanding its security offerings in the realm of network access control (NAC). But, unlike the 8550, which was developed directly by Alcatel-Lucent’s own resources, for NAC, the networking vendor is leveraging a new partnership with NAC vendor InfoExpress. Under the partnership Alcatel-Lucent will resell InfoExpress’ NAC solutions.

Emelianoff commented that InfoExpress provides a pre-admission endpoint integrity check solution that is very flexible and that helps Alcatel-Lucent to deal with all types of users and use cases. The InfoExpress solution will complement Alcatel-Lucent’s support for the 802.1x protocol which provides port based security and is often used for NAC.

The partnership with InfoExpress replaces an earlier partnership that Alcatel-Lucent had for NAC with a vendor called Sygate.

Alcatel-Lucent’s new security moves follow the launch of the OmniAccess 3500 Nonstop Laptop Guardian last year. Emelianoff noted that the nonstop guardian which provides laptop data security has been a successful product to date and Alcatel-Lucent plan on further expanding the devices sales in 2008.

News Around the Web