iWay's Secure Messaging Option:

iWay Secure Messaging Option (PDF).
Download free Adobe Acrobat Reader.

Exchanging Messages Securely and Reliably

Exchanging messages over a secure environment – both internally and externally – is one of the many challenges facing businesses today. Users who are looking for solutions beyond pure standards-based options and simple deployment patterns are in luck.

With iWay Software's Secure Messaging Option, users can exchange messages reliably, either internally or externally, over the Internet between business entities using different transports, security contexts, and messaging formats.

A Targeted Solution
iWay Service Manager's Secure Messaging Option allows business users, and their partners, to enhance the security and “harden” the integration infrastructure used to exchange messages between organizations. It enables organizations to deploy a targeted solution of products that deliver the highest reliability and security available today, while also enabling the most flexible and controlled deployment that can be tailored to specific gateway needs. Featuring an extra thin footprint, this iWay product can provide end-to-end auditing and non-repudiation of all messages, along with reliable, synchronous or asynchronous delivery.

iWay's Secure Messaging Option provides users with a host of value-added features that include:

  • New Security Configuration Architecture – Based on a provider and consumer model, this feature allows a “gateway” developer to define their specific needs in a single place and consume that configuration where necessary – without having to redefine any security parameters. Different security configurations can be centrally created for each gateway need, while each user of the security configuration need only reference the desired/mandatory configuration.
  • Enhanced Digital Signature Support – With the iWay Secure Messaging Option, iWay extends its support for PKI-based signed payloads from S/MIME to XML Digital Signatures, including support for SOAP with Attachments (SwA). This release includes components to sign and validate messages in either of the two primary industry standards anywhere along the integration pipeline. Additionally, with the XML D-Sig support, configurations can be signed, ensuring that runtime deployments are controlled, such that no changes are made to the authorized integration configuration.
  • Enhanced Performance and Operating Metrics Tracking – Allows enhanced performance and fine-grained usage monitoring.
  • Standalone Runtime Image Generation Facility – Packages and deploys runnable, configured instances of iWay Service Manager.
  • Custom User Console Framework – iWay provides a default runtime console to adjust the runtime deployment parameters defined for any integration channel. Additionally, this facility provides an extension framework that allows integration administrators and developers to tailor the user interface and allow for as little or as much control of the running server as desired.
  • Auditing – As part of the integrated iWay Activity Driver facility, the Secure Messaging option has automated the auditing of any security sensitive action, including the signing or validation of any message or channel, as well as the encryption or decryption of any message or channel. By running with the enhanced iWay Activity Driver, one can be assured that if a security operation is performed, a record of the action will be audited.
  • High-Performance Transports – A complete re-architecting of the HTTP and AS2 transports using Java™ I/O (NIO), a new technology available in the Java virtual machine, provides the most scalable and performant message transports available in the industry. Using these new transports a connection that would typically use an entire system thread to handle an HTTP connection can now be shared across many connections delivering tremendous scalability over this scarce system resource

The iWay implementations of these transports make full use of the many features available with
HTTP 1.1, including:

  • Persistent Connections – The ability to maintain a pool of connections allow interactions to have drastically reduced latency by reducing session establishment; iWay connection pools can be configured with their own time-outs and shared across channels to maximize system utilization
  • Request Pipelining – The ability to handle multiple requests on the same connection; and with iWay, the ability to use this on both the client and server side provides tremendous latency reduction and connection efficiency
  • SSL Session Resumption – The ability to re-establish a secure channel even after any potential persistent HTTP connection has timed out can be a tremendous saving in session startup. And the iWay implementation allows for separate, fine-grained control of the SSL pool separate, and in addition to, the HTTP connection pool

Securing a Confident Deployment
Thanks to iWay's Secure Messaging Option, systems requiring a higher level of security in their message exchange, from privacy, message integrity, to authentication, authorization and auditing along with non-repudiation, can now take advantage of improved integration facilities and a tighter cross-organization system landscape that can be developed and deployed with confidence.

This iWay product makes possible the kind of B2B2A, cross-organization integration opportunities that were too hard or too sensitive to deploy over the Internet or on what used to be the most controlled and expensive environments.

Learn More

White Paper

Download Now!

Call Me