Airlock Microgateway 2.1
With Airlock Microgateway 2.1, we are breaking new ground. The license-free Community Edition of Airlock Microgateway provides important base functionality free of charge! In addition, various settings are now accessible directly via the DSL, which greatly simplifies configuration and deployment in automated pipelines.
Community Edition
With Airlock Microgateway 2.1, we are introducing a freemium licensing model. The license-free community edition of Airlock Microgateway offers free basic functionality. Airlock Microgateway is made available in a public Dockerhub repository and is ready to use without a license key. Premium functions are unlocked by importing a license key. An overview of the basic and premium features can be found in the following table. The documentation is publicly available and a public forum moderated by Ergon employees is available for community support.
Function | Community | Premium |
Reverse Proxy TLS Termination, URL Rewriting | ✔ | ✔ |
Selected Deny Rules SQLi or XSS attack prevention, sanity checks | ✔ | ✔ |
Session Management Keep multiple instances in sync via Redis | ✔ | ✔ |
Connect Airlock IAM Access control und authentication | ✔ | ✔ |
Prometheus Metrics Monitoring and alerting using Prometheus | ✔ | ✔ |
Denial-of-Service Protection Limits, Request Freq., IPs/Session | ✔ | ✔ |
Client Certificates Authentication with a client certificate | ✔ | ✔ |
OpenAPI Enforcement Enforce OpenAPI/Swagger schema | Log only | ✔ |
JWT Access Tokens | Log only | ✔ |
More Deny Rules Over 30 more groups of blacklist rules | Log only | ✔ |
Encoding Enforcement Option for strictly enforcing UTF8 | - | ✔ |
More Security Features Allow Rules, CSRF Tokens, HTTP Parameter Pollution, Multipart Parser, URL Encryption | Log only | ✔ |
Support | Community Support | Premium Support |
Service Life | 1 year after publication | According to license |
New DSL settings
Using the DSL (domain-specific language), DevOps engineers can configure the Airlock Microgateway using common developer tools and do not have to rely on a graphical interface. This makes it easy to version the configuration in a repository and integrate it into automated build pipelines (GitOps). Many settings are now available directly in the DSL, reducing the need for workarounds such as the use of mapping templates. These settings are now available in the DSL: Custom Deny Rules, Custom Allow Rules, Custom Actions, Client Certificates, Error Page Replacement, Cookie Settings, CSRF Token, JSON Rewriting and many more.
For a complete overview and detailed changelog, please refer to the release notes, which will be published with the new release.