April 22, 2005 12:48 PM PDT

Firewall to zap XML viruses

Related Stories

Extra headaches of securing XML

March 29, 2004
Web services security specialist Forum Systems has teamed up with Computer Associates to create an antivirus device to protect XML applications, an area expected to see a rise in attacks.

The licensing deal will allow Forum to include CA's eTrust antivirus software in its XML firewall for blocking unwanted traffic into company networks, Forum said on Friday. The product, called Forum XWall, will be able to scan traffic for viruses, worms and other malicious software in applications that use XML code.

"Virus attackers are looking for other ways of getting into the organization. E-mail and the Web are the two dominant forms now and are well-protected," said Bill Mann, vice president of product management at CA. "But XML isn't really protected at the moment."

Salt Lake City-based Forum Systems plans to announce the addition of the antivirus module to XWall on Monday. It will be available at the beginning of May, with pricing ranging from $5,000 to $40,000.

The 5-year-old company is one of several companies that make software or devices for securing applications that use XML to format data or XML-based communications protocols, called Web services.

There is a need for XML-specific products, according to these companies and industry analysts, because traditional security products are designed primarily to inspect Internet protocols, rather than XML or Web services protocols.

Although they have not seen viruses written specifically for XML, these applications are still not adequately protected, executives from Forum Systems and CA said.

The licensing agreement with Forum Systems is not exclusive, CA's Mann said.

Forum Systems CEO Wes Swenson predicted that XML viruses will become common as people store Office documents in XML format and as developers use the Simple Object Access Protocol, which is written in XML, in tools for company-to-company communication.

"When you do have an XML-based virus attack, it will affect mission-critical servers as opposed to e-mail server and Web servers," Swenson said.

 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.