Our economy’s embrace of mobile technology is loaded with promise. Enterprises hope to gain the best position to satisfy their customers who expect the purchasing moment—and all the information that goes with it—to be reliable and like their phones always at arm’s reach.

But any company knows that security of mobile transactions is paramount for confident processing that both the customer and the company can trust. Time too is an issue as apps and mobile web interface can spend vital seconds moving data that everyone wants to access immediately—including the customer.

With these challenges clear to IT and management staffs IBM’s Tony French Tim Smith and Ozair Sheikh gathered to discuss mobile traffic optimization in a Webcast on the Global WebSphere Community.

“Secure and Optimize Mobile and Web Traffic Using DataPower” was an hour-long view of the choices professionals can make when integrating resources with web and mobile technologies.

Ozair Sheikh announced new IBM features in the DataPower package and the newly-added WebSocket support which allows developers “to proxy WebSocket traffic to enable communication for both web and mobile communications.”

IBM’s DataPower appliance works across enterprise networks and permits validation authentication authorization and data limiting.

“REST JSON—these are the capabilities that DataPower supports” said Sheikh. “We’re able to natively understand JSON on the wire…and support two-legged and three-legged scenarios.”

“Given our multi-step technology we can apply different rules based on the particular REST interaction that is occurring.”

Sheikh continued: “DataPower is well positioned in terms of being able to enable your mobile-based applications with support for these technologies. DataPower supports various security protocols [and] allows you to integrate with both your on-premise applications and existing enterprise assets. It also is positioned to be deployed in the cloud.”

“Given that DataPower can be deployed at the edge of your network it has optimization capabilities to improve the user experience for web and mobile applications.”

Deployed in the DMZ and interfacing with a mobile application Datapower can handle SSL workflow from backend servers; handle large volumes of traffic; perform schema validation; accomplish filtering; and permit data access from enterprise with threat protection capabilities in place offering developers the security that is so crucial in today’s insecure time.

DataPower has backend service provision over MQ and HTTP—allowing developers to manage their backend applications with confidence as these fundamental systems perform to their fullest optimization.

“DataPower can be used for solo-based applications as well as mobile and web” said Sheikh “so you can have mobile web or desktop applications. As a security best practice you want your defense layer to...handle mobile authentication with” SSO tokens user validation cookie and session management and other security measures. The access of external services—APIs—demands that developers take security as seriously as possible Sheikh stressed.

The Webcast team reviewed a use case that used DataPower to secure data for mobile apps while optimizing the process.

Deployed between the customer interface with the dozens of popular sites—Flickr PayPal—DataPower Gateway routes transactions through these external APIs. DataPower secures these transactions away from the backend IBM Worklight server. The solution includes a built-in WebSphere On-Demand Router for load balancing.

Optimization can answer everyday problems the unglamorous ones that catch up the savvy user. Intelligent load balancing can improve internal functioning and DataPower includes a Worklight server run on WebSphere Application Server ND. But the customer has a simpler need for faster transactions: Their battery won’t run out so fast if their app transactions don’t take so long.

The Webcast also looked at Gateway Scripts and its posture toward some of the more common frustrations developers have when developing mobile apps. According to IBM marketing Gateway scripting achieves compiled cached and reused scripting for high performance. Tony Ffrench explained that the Gateway improvements were meant to offer seamless inclusion with DataPower.

Beyond the ever-present security concerns error handling should be flexible to meet the dozens of different processing missteps that occur across the mobile interaction. Commonality in language too can ease inconsistencies that leave out critical information or worsen the compatibility problems that arise in the digital landscape. Script processing can always be faster.

Said Tony Ffrench “One of the most important goals we have for Gateway Script is the development experience. We wanted to dramatically improve the ability and quickness with which you could create scripting material. We also wanted a language that was familiar and friendly to a large audience.” Security was also an important feature of this language.

“And what we’re looking for here is to give you the ability to manipulate JSON payloads”.

Gateway Script’s language is based on JavaScript; JSON being a core technology of JavaScript. With Gateway’s script mode the language behavior is more consistent and disciplined. Developers can achieve stronger error checking and handling. Security features include Limited File Access clean environments for script executions and limitations on the APIs accessing DataPower components.

View the Webcast replay here.