Airlock Header

Microgateway 5.1

Ready for the Gateway API era

With Airlock Microgateway 5.1, organisations get a future-ready, Kubernetes-native path forward: The new release lowers the entry barrier for Gateway API-based ingress architectures with the new Community Edition, introduces more flexible licensing options, and adds Gateway API extensions for larger and more demanding Kubernetes environments. 

Airlock Microgateway 5.1 makes the move to Gateway API easy, flexible and secure.

Kubernetes Ingress is frozen and Ingress NGINX is archived – Microgateway is ready for this shift

Kubernetes Ingress is frozen and Ingress NGINX has reached the end of its lifecycle (source: Kubernetes blog). The Ingress NGINX GitHub repository has been officially archived on 24th of March 2026. For organizations running Kubernetes in production, this is a clear signal to move towards the official successor:

Kubernetes Gateway API

Airlock Microgateway 5.1 makes this transition easy. The new licensing model introduced with Microgateway 5.1 also supports organisations looking for a cost-effective drop-in replacement option for Ingress NGINX-based setups.

Airlock Microgateway is your path forward

Airlock Microgateway passed the official Gateway API conformance tests with v4.4 and has significantly expanded its feature set since then. We also actively contribute our expertise to the further development of the standard alongside vendors such as Google, Microsoft, Red Hat and Isovalent, for example on the BackendTLSPolicy in Gateway API 1.4.

Airlock Microgateway is currently the only Kubernetes-native WAAP solution combining:

In short: a future-proof platform for API and microservice security.

Gateway API for everyone and flexible licensing

Airlock Microgateway’s Community Edition has been repositioned to make Gateway API adoption as simple as possible. It now includes the Gateway API features without requiring a license and without throughput limitations. Selected Microgateway capabilities, such as globally configured custom responses and telemetry, are also included.

Teams that want to evaluate Microgateway's security features can request an evaluation licence.

For the Premium Edition, two additional licensing options are now available: Gateway API-only deployments without security features such as filtering or authentication enforcement, and authentication enforcement without filtering. The existing options for filtering only, as well as combined filtering and authentication enforcement, remain available. All Premium Edition options include first-class Airlock support.

Key benefits:

  • Lower entry barrier:Teams can use Airlock Microgateway as a modern Gateway API-based ingress option without license handling or throughput restrictions.
  • More tailored licensing: Customers can license the capabilities they need, whether for Gateway API-only deployments, authentication-focused use cases, filtering-focused use cases, or deployments that combine authentication and filtering.

With the retirement of Kubernetes Ingress NGINX, organizations need a sustainable migration path for existing ingress setups. Airlock Microgateway provides a Gateway API-based alternative and gives the community a free option to start that transition.

Gateway API extensions for larger Kubernetes setups

We extended the Gateway API support in Airlock Microgateway with ListenerSet and RegularExpression path matching in HTTPRoute.

ListenerSet allows additional listeners to be attached to a Gateway, making it easier for application teams to manage listener and TLS settings while avoiding the previous limitation of 64 listeners per Gateway.

Regex-based path matching enables more sophisticated routing rules for applications with complex URL structures.

Key benefits:

  • More flexible ownership: Application teams can manage their own listener and TLS configuration without overloading a central Gateway resource.
  • More powerful routing: HTTPRoutes can now use regular expressions to match paths that cannot be covered well with exact or prefix matching.

These extensions help teams model larger and more complex Kubernetes ingress setups with standard Gateway API resources.

Request Frequency Filter for better backend resilience

Airlock Microgateway can now limit the number of requests forwarded to a backend within a defined time window. This helps protect applications and APIs from excessive request rates and reduces the impact of denial-of-service attempts.

Key benefits:

  • Improved resilience: Helps keep backend services responsive during traffic spikes or abusive request patterns.
  • Better resource control: Allows teams to define clear request thresholds and reduce the risk of unrestricted resource consumption.

Rate limiting is also recommended by OWASP as a measure to prevent unrestricted resource consumption in APIs.

On-site trainings now available

News from the Airlock Academy

Over the past months, we have expanded the Airlock Academy with brand-new Microgateway content designed to get teams productive faster. These two additions make it easier to start, learn, and roll out Airlock Microgateway with confidence.

New self-study labs: In 7 hands-on labs, you can explore the features of Airlock Microgateway step by step. Start the labs and get hands-on today!

On-site training 2026: Our on-site trainings in 2026 are open for registration! Find the next dates here.

 

 

This new release introduces numerous improvements for greater security, flexibility, and seamless integration. We look forward to your suggestions and feedback as we continue to improve Microgateway!

Release video

Airlock Microgateway 5.1

Watch our release video to find out about all the new features of Airlock Microgateway 5.1.

Information for you

-Our whitepapers-
White paper: The puzzle pieces of modern authentication

White paper: The puzzle pieces of modern authentication

Identity management is like a puzzle: you have to understand the big picture, identify the relevant pieces and put them together in the right order. This white paper shows how to do that.

 

Request white paper

Whitepaper: How to make cIAM a success

Increasing requirements for security and user-friendliness make Customer Identity and Access Management an essential. Read our whitepaper to find out how you can secure your competitive advantage with the right CIAM strategy.

 

Request whitepaper

Whitepaper: Security for cloud-native applications

You can read about how companies can ensure the security of web applications and APIs in Kubernetes in the white paper "Security for cloud-native applications", which was created in collaboration between heise and Airlock.

 

Request whitepaper

Whitepaper: Zero Trust is a journey

The ongoing digital transformation of the world is progressing and having a profound impact on our personal and professional lives in ways that were difficult to imagine just a few years ago.


This white paper discusses the effects of continuous digitalization and its impact.

Request free of charge

Off to DevSecOps

In this white paper, you will learn the most important insights into how you can implement DevSecOps successfully and efficiently, which security components are required for this and the advantages of a microgateway architecture.

 

Request free of charge

Airlock 2FA - Strong authentication. Simple.

Double security - this is what two-factor authentication offers in the field of IT security.


Find out more about strong authentication and the possibilities offered by Airlock in our white paper.

Download for free

Further whitepapers

We provide you with free white papers on these and other topics:

 

  • Successful IAM projects
  • compliance
  • Data protection (DSGVO)
  • Introduction of PSD2
  • PCI DSS requirementsPCI DSS requirements
Request free of charge