Vordel and Sophos today announced an integrated solution to protect XML applications from viruses in SOAP attachments.
The concept of viruses in SOAP attachements is, of course, very similar to the concept of viruses in email messages. But, we haven't implemented our SOAP virus processing in exactly the same way as email virus processing. Email virus processing tends to work on the principle of pointing a scanner executable at a file, and this is fine for email since it is mostly written out to spool files and mail queues. So, you are writing it out to a file anyway. But, this approach would add latency to Vordel's products, which are designed for wire-speed XML processing. It would add spinning media, with the associated latency and failure risks. So, together with Sophos, we do the virus checking in memory, without using any spinning media.
The other interesting point about SOAP virus checking is that while people focus on new XML-specific attacks such as XPath Injection and recursive declarations in DTDs, they often forget about "traditional" threats like viruses. We haven't forgotten about viruses, and we believe we have that, through our partners and our in-memory scanning, we have the best AV solution for XML on the market
11:44:26 AM 
|
|
