The WebSphere DataPower boxes are self-contained, highly reliable, and very secure.

To quote one of IBM's security experts, "I can't figure out a way to hack this box!" We've never heard him say that before, and never thought he would, so this is significant.

The DataPower box is a networking appliance hardware box with built-in software. There's nothing for you to install, nor do you need a server computer to install it on. So it's very self-contained, a very controlled environment.

The box has no hard disk or moving parts. Hard disks tend to be the most unreliable part of a server, the part most likely to crash. Also, if each function the box is performing, such as inspecting an XML message, requires writing to the hard disk (such as to store the message), the hard disk would become a bottleneck and constrain scalability. So because DataPower was intentionally designed without a hard disk, that alone makes it much more reliable and scalable.

The box uses flash memory to store its programming and configuration. The programming is all firmware. The firmware is digitally signed and encrypted, so even if someone could figure out a way to hack the programming, they wouldn't be able to install the hack onto the box without DataPower private certificate.

The DataPower operating system is very simple, which makes it both fast and difficult to hack. It's a Unix/Linux-like microkernel with a very small subset of instructions. For example, it doesn't implement telnet because people shouldn't be able to telnet into the box. If you want a session on the box, that's what the serial port is for.

The box is sealed inside its case with no doors. It has no slots, disk drives, USB ports, etc. Everything has to be loaded to it via Ethernet, and those ports are disabled until you enable them by running commands over the serial port. If you reverse the screws to open the case, the box detects this and disables itself; you have to return it to the manufacturer to reactivate it.

This box is really difficult to mess with.