I-DBC concentrates all incoming IIOP traffic on exactly one transport address (one IP address, one port). It automatically adapts CORBA/EJB object references (IORs) to NAT translated addresses. The I-DBC performs SSL encryption and authenticates clients’ reliable application level firewall security.
The I-DBC performs deep packet inspection on all data streams expected to be IIOP messages and blocks all traffic with incorrect, malformed, or malicious content. The I-DBC protects the internal network and applications infrastructure from attacks, prevents the misuse of CORBA/EJB applications, and stops any unauthorized access. It also protects the IIOP messages in transfer over the outside network from exposure and tampering.
I-DBC ensures a high degree of security by performing strong authentication, authorization, auditing, and reliable encryption. It also enables easy CORBA security management by offering centralized policy administration.
OpenFusion I-DBC IIOP Firewall – in particular the IIOP proxy component – is designed and implemented to follow well-established firewall design principles and implementation practices. It adds an additional layer of security for defense-in-depth to multi-tier applications, not only in scenarios with IIOP end-to-end but also in typical J2EE scenarios.
The I-DBC can integrate with your company's existing network infrastructure without any modifications to your existing applications. High availability is supported through full support for clusters. The IIOP firewall is delivered with all of the software components necessary to operate a corporate IIOP firewall, including a bastion host component, the OpenFusion Security Policy Server, and the OpenFusion Administration Console.
For environments with a variety of installed middleware software, the IIOP DBC can be deployed together with OpenFusion's WS-DBC, the Web Services Domain Boundary Controller, thereby saving investments in scenarios that require security for both technologies.
Micro Focus provides the only turn-key solution for IIOP firewalling and CORBA/EJB server security in high-security, high-availability, and high-performance environments. Traditional firewall technology cannot securely run CORBA and EJB-based distributed applications through existing firewall installations. The only viable solution is an application level firewall component for the enterprise's firewall installation: an IIOP security gateway.