Microgateway 5.1
With Airlock Microgateway 5.1, organisations get a future-ready, Kubernetes-native path forward: The new release lowers the entry barrier for Gateway API-based ingress architectures with the new Community Edition, introduces more flexible licensing options, and adds Gateway API extensions for larger and more demanding Kubernetes environments.
Airlock Microgateway 5.1 makes the move to Gateway API easy, flexible and secure.
Kubernetes Ingress is frozen and Ingress NGINX is archived – Microgateway is ready for this shift
Kubernetes Ingress is frozen and Ingress NGINX has reached the end of its lifecycle (source: Kubernetes blog). The Ingress NGINX GitHub repository has been officially archived on 24th of March 2026. For organizations running Kubernetes in production, this is a clear signal to move towards the official successor:
Kubernetes Gateway API
Airlock Microgateway 5.1 makes this transition easy. The new licensing model introduced with Microgateway 5.1 also supports organisations looking for a cost-effective drop-in replacement option for Ingress NGINX-based setups.
Airlock Microgateway is your path forward
Airlock Microgateway passed the official Gateway API conformance tests with v4.4 and has significantly expanded its feature set since then. We also actively contribute our expertise to the further development of the standard alongside vendors such as Google, Microsoft, Red Hat and Isovalent, for example on the BackendTLSPolicy in Gateway API 1.4.
Airlock Microgateway is currently the only Kubernetes-native WAAP solution combining:
- Gateway API support
- native OIDC RP integration
- strong deny rules
- Red Hat OpenShift certification
In short: a future-proof platform for API and microservice security.
Gateway API for everyone and flexible licensing
Airlock Microgateway’s Community Edition has been repositioned to make Gateway API adoption as simple as possible. It now includes the Gateway API features without requiring a license and without throughput limitations. Selected Microgateway capabilities, such as globally configured custom responses and telemetry, are also included.
Teams that want to evaluate Microgateway's security features can request an evaluation licence.
For the Premium Edition, two additional licensing options are now available: Gateway API-only deployments without security features such as filtering or authentication enforcement, and authentication enforcement without filtering. The existing options for filtering only, as well as combined filtering and authentication enforcement, remain available. All Premium Edition options include first-class Airlock support.
Key benefits:
- Lower entry barrier:Teams can use Airlock Microgateway as a modern Gateway API-based ingress option without license handling or throughput restrictions.
- More tailored licensing: Customers can license the capabilities they need, whether for Gateway API-only deployments, authentication-focused use cases, filtering-focused use cases, or deployments that combine authentication and filtering.
With the retirement of Kubernetes Ingress NGINX, organizations need a sustainable migration path for existing ingress setups. Airlock Microgateway provides a Gateway API-based alternative and gives the community a free option to start that transition.
Gateway API extensions for larger Kubernetes setups
We extended the Gateway API support in Airlock Microgateway with ListenerSet and RegularExpression path matching in HTTPRoute.
ListenerSet allows additional listeners to be attached to a Gateway, making it easier for application teams to manage listener and TLS settings while avoiding the previous limitation of 64 listeners per Gateway.
Regex-based path matching enables more sophisticated routing rules for applications with complex URL structures.
Key benefits:
- More flexible ownership: Application teams can manage their own listener and TLS configuration without overloading a central Gateway resource.
- More powerful routing: HTTPRoutes can now use regular expressions to match paths that cannot be covered well with exact or prefix matching.
These extensions help teams model larger and more complex Kubernetes ingress setups with standard Gateway API resources.
Request Frequency Filter for better backend resilience
Airlock Microgateway can now limit the number of requests forwarded to a backend within a defined time window. This helps protect applications and APIs from excessive request rates and reduces the impact of denial-of-service attempts.
Key benefits:
- Improved resilience: Helps keep backend services responsive during traffic spikes or abusive request patterns.
- Better resource control: Allows teams to define clear request thresholds and reduce the risk of unrestricted resource consumption.
Rate limiting is also recommended by OWASP as a measure to prevent unrestricted resource consumption in APIs.
On-site trainings now available
News from the Airlock AcademyOver the past months, we have expanded the Airlock Academy with brand-new Microgateway content designed to get teams productive faster. These two additions make it easier to start, learn, and roll out Airlock Microgateway with confidence.
New self-study labs: In 7 hands-on labs, you can explore the features of Airlock Microgateway step by step. Start the labs and get hands-on today!
On-site training 2026: Our on-site trainings in 2026 are open for registration! Find the next dates here.
This new release introduces numerous improvements for greater security, flexibility, and seamless integration. We look forward to your suggestions and feedback as we continue to improve Microgateway!
Release video
Airlock Microgateway 5.1Watch our release video to find out about all the new features of Airlock Microgateway 5.1.
