Web Application + API Protection (WAAP)
Airlock Gateway protects mission-critical, web-based applications and APIs from attacks and undesired visitors. As a central security instance, it examines every HTTP(S) request for attacks and thus blocks any attempt at data theft and manipulation. In combination with Airlock Microgateway and Airlock IAM, this creates a unique architecture for stronger application security.
Airlock Gateway is both a web application firewall (WAF) and an API security gateway. It also protects against undesired bots and DoS attacks. This product category is also called Web Application and API Protection (WAAP).
WAAP Capabilities
Identity-centric security
The trusted combination of IAM and WAAPAirlock Secure Access Hub is the central hub for secure access management in a digitalized world: identity-centric security from a single source, perfectly designed to work together. The following graphic illustrates the interaction of IAM and WAAP.
Friendly to users. Relentless to uninvited guests.
The Airlock components work together to provide maximum ease of use and effective protection without compromise. The diagram illustrates how this works.
Click on the (+) symbols to learn more about the Airlock components.
Protection against cyberattacks on APIs and applications
Be it malicious bots, zero-day exploits or typical attacks according to OWASP Top 10: Airlock Gateway keeps undesirable and malicious visitors away from your web applications and APIs, e.g. with hardened filter rules and anomaly detection based on machine learning. And in conjunction with Airlock IAM, only authenticated and authorized users are granted access to the application.
Protect yourself today from the risks of tomorrow.
Authentication and access control
Airlock's Identity and Access Management guarantees secure and efficient access to digital services. Users benefit from an excellent user experience and single sign-on, in combination with Airlock Gateway even for non-standard applications. Airlock IAM protects against identity theft and shines with flexible registration and login flows including a large number of authentication methods.
Ensure user-friendly and secure access to your applications.
Distributed security checks for modern applications
Application protection for today's APIs and tomorrow's microservices: Airlock Microgateway is designed for use in Kubernetes environments. Security policies and compliance can be perfectly automated thanks to Security as Code. This ensures better integration of security and governance throughout the DevSecOps lifecycle. Modern zero-trust architectures also benefit from micro-segmentation and distributed access controls.
Protect your cloud-native applications.
Gateway
IAM
Microgateways
Airlock Gateway
Highlights- Filtering + Virtual Patching (attack blocking)
- Betrugserkennung (Fraud Prevention)
- Threat Intelligence
- Bot Defense
- L7 DoS Prevention
- Continuous Adaptive Trust
- AI-based anomaly detection
- API schema enforcement
- API Keys und Throttling
- Rapid deployment – DevSecOps
- Reporting & SIEM Integration
- Load Balancing
Airlock Microgateway
With the advent of microservice architectures and DevOps practices, central security gateways concentrating many tasks for all services on a single system have increasingly been challenged. The various stakeholders may have differing requirements, timelines and policies for the single system they share.
Airlock Microgateway is also available as a community edition.
Airlock Gateway can be quickly and easily deployed in the Google Cloud. Existing Airlock licenses can be used for operation in the Google Cloud. The operation follows the BYOL model (Bring your own Licence).
Airlock Gateway can be operated in the Azure Cloud as well. In the Azure Cloud the operation is also carried out in the BYOL model (Bring your own Licence).
Airlock Gateway 8.3
Airlock 8.3 contains numerous functional improvements. These include further development of the Airlock Anomaly Shield, improved back-end protection and automated certificate management.
Filters of a Web Application Firewall
Airlock Gateway analyses traffic moving between users and services. Attempted attacks on applications are blocked before they can reach the in-house systems.
Airlock Gateway provides comprehensive protection against the OWASP Top 10 vulnerabilities and enables centralised management of security policies. Thanks to these innovative security functions, you can always stay ahead of attackers.
API access control
One of the main reasons for using API gateways is to ensure access control to APIs. Airlock Gateway validates access tokens and permits role-based access authorisation for API end points. Airlock Gateway works in conjunction with Airlock IAM to support these protocols when protecting access to APIs:
- OAuth 2.0
- OpenID Connect 1.0
- SAML 2.0
Security dashboards
Thanks to built-in dynamic reporting, decision makers have an overview of attempted attacks at all times. Operational problems such as performance bottlenecks or back-end problems are also displayed. Interactive drill-down from the dashboards, along with the display of the log lines causing the issue, facilitate the in-depth analysis of every attempted attack.
Airlock Threat Intelligence
Airlock Gateway seamlessly integrates Webroot's Threat Intelligence Service. Based on the categories and trust levels provided, this automatically blocks dangerous clients and further increases application protection against misuse. Webroot BrightCloud® Threat Intelligence Services is a proactive, automated security solution that provides effective, real-time policy enforcement against the latest threats.
Central hub
Airlock Gateway provides a host of interfaces with peripheral systems such as SIEM systems, virus scanners, fraud-prevention systems and HSMs. Thanks to its integrated threat intelligence feed, Airlock Gateway reacts immediately to real-time threat situations on the Internet, protecting systems from new and potentially harmful hazards. Additional components can be integrated via the high-availability capable ICAP interface.
DevSecOps
With its comprehensive REST API, Airlock Gateway is easy to integrate into modern DevOps pipelines and can be supplied as virtual appliance or cloud image.