From DevOps to DevSecOps
"Information security is seen as an inhibitor to DevOps agility!" IT security as a roadblock - that was the disillusioning conclusion at Gartner's Security Symposium in 2017. But that's not necessarily true. If central security gateways offer practical interfaces, they can be turned into enablers and offer real value.
Airlock WAF 7.1 accepts the challenge! The comprehensive REST interface for configuration is a solid basis for automated deployment. Automatic enforcement of OpenAPI specifications raises API protection to a new level, both in terms of convenience and security. Moreover, management of SSL/TLS certificates can be automated using Let's Encrypt. And last but not least: the new Airlock cloud image enables quick and non-interactive cloud installations.
Strong security, automatically deployed. That's DevSecOps with Airlock WAF 7.1.
API Security with OpenAPI
Services based on APIs - that's the future of web applications. While being technological state-of-the-art already, APIs are now actually demanded by regulations such as PSD2 for the European financial industry.
Airlock WAF 7.1 takes a giant step towards an API security gateway by supporting formal OpenAPI specifications for REST APIs. Access to back-end APIs is automatically controlled and nonconforming requests are rejected. Maintenance of manually created or learned filter policies becomes obsolete, because activation of updated specifications can be automated. This creates a win-win situation for security and operations: precise whitelist rules for API access, automatically updated!
REST API for Configuration
DevOps means delivering software updates though agile and mostly automated processes. These updates inevitably cause changes in security policies on the central gateway. Of course, these changes must be automated as well.
In order to achieve this, Airlock WAF 7.1 comes with a comprehensive REST API enabling automated configuration of virtual hosts, mappings, back-end services, and certificates. This closes the DevOps loop in a simple but nevertheless secure manner.
Airlock Cloud Image
On-premise, in the cloud or hybrid? The choice is yours. But no matter how you decide, Airlock will fit your needs. Airlock WAF 7.1 is designed for cloud deployments and automatically adjusts to dynamic environments using DHCP an cloud-init. Using the official Airlock cloud image, new instances can be created quickly and without interaction. Moreover, clusters of active Airlock WAF nodes are possible by externalising the session database. Simply scale Airlock together with your services.
Managing SSL/TLS certificates in large environments is a tedious and time-consuming job. Let's Encrypt offers a secure and automatic solution for creating and updating certificates. Airlock WAF 7.1 brings these benefits right to the center of your IT by supporting Let's Encrypt for virtual host certificates.
Time is short and there is no room to cover all the new features and improvements. For a complete release overview, Please refer to the release notes on Techzone.
Airlock WAF 7.1 has been published in October 2018.