Offload Security Enforcement to a Dedicated System

Start Your Free Trial


Problem

Internal applications no longer run in isolation, and are now connected to partners, customers and services outside the control of IT and application owners. Security for these API connections is critical for enterprises but puts a burden on application development. Controlling and tracking access outside the firewall becomes a complex task for IT. A system dedicated to secure control of API usage is the answer.

Example details

Authentication and Key Management for API Publishers

API Gateway Methods authenticates and validates inbound user and service requests. For IT operations API Gateway Methods centralizes the complex and diverse task of establishing identity, determining access rights, and distributing tokens to be used for API access. Brokering external and internal token systems, standards based or proprietary, places a complex burden on API developers and their applications. API Gateway Methods packages these functions in a simple, dedicated utility.

Communications Security

Ensure integrity of messages exchanged and protect internal systems

API exchanges with external services and data consumers can open a vulnerability to attacks, loss of integrity, or unauthorized access to internal systems. Infrastructure and security teams need a control point to encrypt, track and regulate the inbound and outbound flow of data from the enterprise. API Gateway Methods enables IT to centralize encryption and signature management for all API applications, and creates an API firewall to cut off attacks and malware.

Access Control and Policy Enforcement

Enforce policies for external data exchange

When data is exchanged outside the enterprise, controls should be applied the same way as for internal access. IT operations needs a way to use enterprise directories such as LDAP or Active Directory to control access to services outside the firewall.

For requests coming in, IT needs explicit control over which systems and services are accessible. Filtering of specific users, services or content based on internal governance policies may be required. All of these policy and filtering controls necessitate the use of a gateway to examine, filter and forward messages at the enterprise perimeter. API Gateway Methods puts control and visibility over API traffic in the hands of IT and program management.

Access Control and Policy Enforcement

When data is exchanged outside the enterprise, controls should be applied the same way as for internal access. IT operations needs a way to use enterprise directories such as LDAP or Active Directory to control access to services outside the firewall.

For requests coming in, IT needs explicit control over which systems and services are accessible. Filtering of specific users, services or content based on internal governance policies may be required. All of these policy and filtering controls necessitate the use of a gateway to examine, filter and forward messages at the enterprise perimeter.

Control for Applications Consuming External APIs

API Gateway Methods manages the enterprise interaction with external and cloud APIs. When multiple applications or “Shadow IT” projects begin consuming external data or configuring cloud services via API, the exchange of information outside the network perimeter can get out of control.

For application architects and line-of-business application owners, data from multiple API based services, can be consumed without maintaining authentication processes for each one. This includes cloud based services like Amazon and SalesForce.com, each using proprietary authentication schemes.

Communications Security

API exchanges with external services and data consumers can open a vulnerability to attacks, loss of integrity, or unauthorized access to internal systems. Infrastructure and security teams need a control point to encrypt, track and regulate the inbound and outbound flow of data from the enterprise. API Gateway Methods enables IT to centralize encryption and signature management for all API applications, and protect from attacks and malware.


API Gateway Methods lets you secure and control API access across the enterprise firewall

Get API Gateway Methods today

Start Your Free Trial

adminAPI Authentication, Security and Access Control