Anypoint Security Policy and Runtime Fabric Inbound Traffic API

(1 review)
Anypoint Security Policy and Runtime Fabric Inbound Traffic API provides the ability to configure an edge for a given runtime fabric

home

Overview
The Runtime Fabric (RTF) Inbound Traffic (referred to as Edge) is a high-performant, reliable, scalable and resilient layer in the RTF to enforce security policies of HTTP Limit, DoS (Denial of Service), ACL (Access Control List), and WAF (Web Application Firewall).
This API allows provisioning of TLS secrets to use for the Edge for all the inbound traffic, which is the best practice and first step to gain API security.
Security Policies apply to all inbound traffic as well. Note that one Edge may have one or more applications behind it (API Gateways or Mules).
Usage
Edge is a Kubernetes Ingress Controller with dedicated security enhancements.
It is bound to an RTF. Any runtime fabric user can enable the Edge and can configure and/or assign following security policies to an Edge:
1. ACL -- Allow-list IP addresses that applies to all applications.
2. DoS -- Protect Runtime Fabric Ingress traffic from Denial of Service (DoS) attacks
3. HTTP Limits -- Header and Message limits checks done directly at the Edge. Violations in the runtime to these limits escalate as Protocol Errors to the DoS policy.
4. WAF -- Web Application Firewall checks. Can be performed on Ingress and Egress traffic


Reviews