Garphic Airlock Secure Access Hub

Airlock Gateway 7.6

Airlock Gateway 7.6 breaks new ground in anomaly detection. The Airlock Anomaly Shield is based on machine learning and is trained directly with the data of the application to be protected.

No less important are secure connections to the backend: an absolute must in times of zero trust. Maintaining these is now even easier thanks to a separate section in the configuration of Airlock Gateway.

For the perfect implementation of barrier-free websites, the remaining time until the session expires can now also be sent to the browser. Reliable protection of REST resources makes it necessary to distinguish precisely whether a resource is addressed with or without a slash. A small but subtle difference that Airlock Gateway now knows exactly.

Anomaly Detection using Machine Learning

The latest gateway release marks a new era in the defense against unwanted access. The Airlock Anomaly Shield uses machine learning technologies to detect anomalies in sessions and react to them with appropriate actions. The Anomaly Shield is trained directly on the data of the protected application and is therefore optimally adapted to the protection of these applications. 

Monitoring of the Anomaly Shield is integrated in logging and reporting,  new dashboards show the protection effect. 

Simplified SSL/TLS Settings for Back-ends

The assumption that back-end hosts reside in a secure internal zone and therefore do not need an encrypted connection is outdated. Zero-trust considerations require that traffic between two systems be encrypted. There is now a separate tab for SSL/TLS settings on the back-end groups, making it easy to configure secure connections between Airlock Gateway and the back-end hosts. Client certificates, CAs, ciphers and protocol versions for mutual SSL in the back-end can thus be easily administered. It is now also possible to configure the SSL/TLS version and the cipher suite directly on virtual hosts.

Protecting Microservices

The heart of the Airlock Gateway also drives the Airlock Microgateway. This brings the protection of microservice architectures into focus. Various small improvements ensure a well-rounded solution. This includes, e.g., the distinction between REST resources with and without trailing slashes, the use of role-based access control in a distributed scenario with multiple gateways, and the logging of tracing headers. 

Accessibility and session lifetime

Accessible applications face the challenge of showing users the remaining lifetime of the current session. Since Airlock Gateway manages these sessions, this is not an easy task for applications. With the new rewrite variables containing this timing information, it is now possible to make this data available to the application, for example by writing it to a header.

Airlock Microgateway 2.0 was also published in May 2021.

Information for you

-Our whitepapers-

Study Application and API Security 2022

In a recent study in cooperation with CIO, CSO and COMPUTERWOCHE, Ergon Airlock looked at application and API security in the container environment.

Request study

Zero Trust is a journey

The digital transformation of the world continues to progress, and it is profoundly affecting private life and job profiles in a manner that was hard to imagine just a few years ago.

This whitepaper covers the effects of continuous digitization and its implications.

Request free of charge

Toward DevSecOps

In this whitepaper, you will learn the most important insights into how you can successfully and efficiently implement DevSecOps, which security components are required for this, and what benefits a microgateway architecture brings.

Request free of charge

Airlock 2FA - Strong Authentication. Easy.

The two-factor authentication in the area of IT security offers double the security.

Find out more about strong authentication and the possibilities that Airlock offers in our whitepaper.

Request free of charge

Further whitepapers

We provide whitepapers on these and other topics free of charge:

  • successful IAM projects
  • Compliance
  • Data protection (GDPR)
  • Introduction of PSD2
  • PCI DSS requirements
Request free of charge