Grafik Airlock API

Airlock API

Customized protection of your interfaces
Request an online demo
About API GatewayHighlightsDownloadsContact

Modern applications and services shift the user guidance into the end devices of the users, as Single-Page Application (SPA) in the browser or as Smartphone App. Communication with the servers thus focuses on the exchange of process data via APIs (Application Programming Interfaces). REST/JSON APIs, in particular, are currently in vogue. The new architecture exposes them to a large extent and they require the same level of protection against web attacks. Airlock API is therefore based on Airlock WAF and comes with a solid filter arsenal for web security.

 

Airlock API Gateway

Highlights
  • Enforces API Specification
  • Prevents invalid & unauthorized requests
  • Blocks API attacks
  • DevSecOps: guaranteed safe DevOps
  • Reporting, statistics & monitoring
  • Load balancing
  • Mobile Security

Advanced API Protection

The Airlock API gateway offers a range of protective mechanisms that are tailor-made for APIs. JSON Schema and OpenAPI specifications for APIs can be uploaded and enforced via the gateway. Only API calls that meet these specifications will be forwarded to the internal APIs. Innovative functions such as dynamic value endorsement (DyVE) also enable dynamic whitelisting of permitted variables within an API interaction.

API access control

One of the main reasons for using API gateways is to ensure access control to APIs. The Airlock API gateway validates access tokens and permits role-based access authorisation for API end points. The Airlock API gateway works in conjunction with Airlock IAM to support OAuth 2.0, OpenID Connect 1.0 and SAML 2.0 in protecting access to APIs.

High availability

The Airlock API gateway is a reverse proxy with failover and load-balancing functions, efficiently ensuring high availability of connected services. When modifications are made to the application infrastructure (e.g. starting/stoping of additional instances), Airlock API automatically takes over and enables high scalability. TLS is also terminated in advance, relieving the burden on APIs and enabling simple scaling.

Learn more about high availability

API monitoring, statistics and reporting

Built-in dynamic reporting provides an overview of all API access attempts at all times. Access logs for API calls can be forwarded to peripheral systems and, therefore, be used as a basis for monetisation of accesses. Interactive dashboards ensure an overview of both attempted attacks and specification violations, highlighting performance problems and displaying back-end faults.

Learn more about Reporting and SIEM integration

DevSecOps

Thanks to its comprehensive REST API, the Airlock API gateway is easy to integrate into DevOps pipelines. The outcomes of service events in a microservice architecture environment can be tracked automatically via the API gateway. For example, a service update can automatically deploy the new OpenAPI specification to the API gateway.

Learn more about DevSecOps

Deployment

Virtual Appliance

Hardware Appliance

Airlock Cloud Image

Downloads

Datasheet

Airlock API

Download PDF
Summary

Airlock Secure Access Hub Brochure

Download PDF
Summary

OWASP Top 10

Download PDF

Ready for excellent IT security?

Contact us now.
Ergon Informatik AG+41 44 268 87 00
Consult expert for free
This website uses cookies to ensure you get the best experience on our website. If you continue browsing, you agree to the use of cookies. Learn more

Your Feedback

Your feedback concerns*


If you like, please leave us your contact details so that we can come back to you if necessary.