In addition to the Airlock Gateway, which combines functions such as a Web Application Firewall (WAF) and API Security, the Swiss company Ergon Informatik AG offers an Airlock Microgateway tailored to cloud-native Kubernetes and OpenShift environments. Comparable to service meshes, the Microgateway DevSecOps team opens up the possibility of implementing extended security functions individually at the level of individual services. In addition to the paid premium edition, Ergon is now also offering the Airlock Microgateway in the freemium model as a free community edition – accompanied by a moderated forum.
Integrate security into the development process
Like many comparable API microgateways, the Airlock product as a Docker container in Kubernetes can be handled just as easily as the microservices. The Microgateway already masters SOAP and REST interfaces as well as HTTP services and classic web applications; developers can also use the interface description based on OpenAPI. Thanks to the integrated WAF, SQLi and XSS attacks as well as automated scans can be blocked – the Airlock Microgateway also takes into account the particularly critical OWASP Top 10.
In order to be able to keep an eye on the utilization of all services at all times, health checks and Prometheus metrics are available, which can be processed meaningfully via Grafana, for example. DevSecOps teams can forward log data in JSON format to analysis platforms such as Kibana. In terms of a zero trust architecture, the Microgateway also takes on access control to the respective applications. By connecting to Airlock IAM, which, however, requires a separate license, multi-factor authentication (MFA) and identity federation are also possible. Access control with tokens and extended application protection, on the other hand, are reserved for users of the premium version.
the Airlock Microgateway Community Edition is available from version 2.1 available via Dockerhub repositories. The Docker image contains a YAML configuration and can be easily installed using a provided Helm Chart. If you want to familiarize yourself with the Microgateway, can find an example based on Minikube on GitHub, which illustrates the use in interaction with applications, logging, monitoring and access control (Airlock IAM). An update to Airlock Microgateway 3.0 should follow this month.