Microgateway in detail
Best-in-class protection for cloud-native applications
More and more web applications and APIs are being run in Kubernetes. In this environment, Airlock's proven protection features ensure that unwanted visitors and unauthorized users don't even make it to the application:
- Multi-level security filters
to protect against known attacks (OWASP and OWASP API Top 10)
- Decentralized authorization check
for example by validating JWT tokens
- Reverse proxy based on Envoy
with request routing, TLS termination, client certificate authentication, caller IP address forwarding, etc.
At home in Kubernetes
With or without service mesh, Airlock Microgateway integrates seamlessly into the Kubernetes environment using typical concepts such as operators, sidecars and custom resource definitions (CRD). This simplifies the onboarding process for Kubernetes users and supports modern DevOps processes.
- Simple and modular configuration using custom resources with and without templates (with kustomize, helm, etc.).
- Kubernetes operator for automatic sidecar injection
- Hot Reload: Policy and configuration changes without rebooting
- Istio service mesh support
- Support for typical Kubernetes environments such as Amazon EKS, Google GKE, Microsoft AKS, Red Hat OpenShift
- Company-wide security guidelines: Using tools such as Open Policy Agent, Kyverno or Kubewarden, security experts can define guardrails and, for example, prevent important security filters from being disabled in production.
- Plug-ins for modern IDEs provide automatic validation, code completion and tooltips when editing the Microgateway configuration.
Documentation
The following links and documentation pages are worth reading to get started:
Microgateway Labs
Airlock Microgateway Labs are easy to understand tutorials. Each of the tracks covers an important aspect of Airlock Microgateway, from installation to configuration in a cloud-based Kubernetes environment.
Try it out: with the Community Edition or an evaluation licence
The Community Edition of Airlock Microgateway offers an easy introduction to the Gateway API and reverse proxy use cases, and can be used free of charge and without a licence.
If you would like to test all the features of Airlock Microgateway, we recommend the evaluation licence, which is also free of charge. Once you have provided your contact details, you will receive a licence key.
You can find a list of all the differences in the comparison between the evaluation licence and the Premium Edition in the English documentation.
Microgateway 5.1
Airlock Microgateway 5.1 makes it easier to get started with Gateway API-based architectures thanks to the new, licence-free Community Edition. At the same time, this release introduces more flexible licensing options for the Premium Edition and extends Gateway API support for larger Kubernetes setups.
Whitepaper: Security for cloud-native applications
You can read how companies manage to ensure the security of web applications and APIs in Kubernetes in the white paper "Security for cloud-native applications", which was created in collaboration between Isovalent, Heise and Airlock.
Support
- Check the documentation and examples listed above.
- Make sure you use the latest Microgateway release before reporting any bugs.
- For the community edition, check the community forum for FAQs or register to post your question.
- As a customer using the premium edition with a paid license, please follow the premium support process.
Further information
