Best-in-class protection for cloud-native applications
More and more web applications and APIs are being run in Kubernetes. In this environment, Airlock's proven protection features ensure that unwanted visitors and unauthorized users don't even make it to the application:
- Multi-level security filters
to protect against known attacks (OWASP and OWASP API Top 10)
- Decentralized authorization check
for example by validating JWT tokens
- Reverse proxy based on Envoy
with request routing, TLS termination, client certificate authentication, caller IP address forwarding, etc.
Whitepaper: Security for cloud-native applications
You can read how companies manage to ensure the security of web applications and APIs in Kubernetes in the white paper "Security for cloud-native applications", which was created in collaboration between Isovalent, Heise and Airlock.
At home in Kubernetes
With or without service mesh, Airlock Microgateway integrates seamlessly into the Kubernetes environment using typical concepts such as operators, sidecars and custom resource definitions (CRD). This simplifies the onboarding process for Kubernetes users and supports modern DevOps processes.
- Simple and modular configuration using custom resources with and without templates (with kustomize, helm, etc.).
- Kubernetes operator for automatic sidecar injection
- Hot Reload: Policy and configuration changes without rebooting
- Istio service mesh support
- Support for typical Kubernetes environments such as Amazon EKS, Google GKE, Microsoft AKS, Red Hat OpenShift
- Company-wide security guidelines: Using tools such as Open Policy Agent, Kyverno or Kubewarden, security experts can define guardrails and, for example, prevent important security filters from being disabled in production.
- Plug-ins for modern IDEs provide automatic validation, code completion and tooltips when editing the Microgateway configuration.
Free Community Edition
The Community Edition of Airlock Microgateway can be used free of charge: After providing your contact information, you will receive a free license key.
The Community Edition has the same protection features as the Premium Edition. For a complete list of differences, see the comparison between the Community and Premium Edition in the documentation.
Airlock Microgateway 4 is now based on Envoy Proxy. Other important new features can be found on the following page:
Airlock Microgateway 4.1 supports OpenAPI. Other important new features can be found on the following page:
Microgateway Labs
Airlock Microgateway Labs are easy to understand tutorials. Each of the tracks covers an important aspect of Airlock Microgateway, from installation to configuration in a cloud-based Kubernetes environment.
Documentation
The following links and documentation pages are worth reading to get started:
Support
- Check the documentation and examples listed above.
- Make sure you use the latest Microgateway release before reporting any bugs.
- For the community edition, check the community forum for FAQs or register to post your question.
- As a customer using the premium edition with a paid license, please follow the premium support process.
Further information