Back when Service Oriented Architectures (SOA) were all the rage and SOAP-based web services were the primary means of integration, there arose a need for SOA Gateways in the market. These solutions offered management, versioning, HTTP routing, and more. What they didn't offer - at least not comprehensively - was security. For that, we saw the rise of SOA Security Gateways.
Today, APIs are all the rage and RESTful, JSON-based services provide the backbone for mobile and cloud-native apps to exchange data. APIs need the same set of services as SOA gateways - including security. But like their predecessors, most API Gateways are focused on business and application-specific capabilities.
API Gateways like 3scale evaluate, transform, and secure messages across an organization. They provide support for versioning, rate limiting, and business-focused functions like integration with payment gateways. Dashboards offer developers a view of performance and usage.
But API Gateways don't necessarily provide comprehensive security coverage. DoS protection, ferreting out malicious content, and blocking bots is the purview of security services like an advanced WAF. By pairing the two, you raise the bar on security and increase confidence in the integrity of your APIs.
This is particularly important considering that 60% of organizations offer a public API (State of API Integration 2018, Cloud Elements) available to any developer. Any developer might be a good thing for opening up opportunity, but it also opens the business to attack by those harboring malicious intent.
F5 has teamed up with 3scale to enable customers to enjoy a comprehensively secure application environment. By layering an F5 Advanced WAF in front of a 3scale API gateway, you can benefit from additional security measures that include the use of IP intelligence to identify threats faster and more accurately, the ability to offer a secure API façade internally or externally, and protection against a variety of application layer attacks.
That's increasingly important as APIs take center stage as the primary means of integration both internally and externally. As noted in a Forbes article in 2018:
The list of high-profile companies that exposed information on customers due to API problems in just the last few months includes online retail giant Amazon, telecom T-Mobile, food retailer Panera Bread and the Black Hat security conference
This is not a list you want to find yourself on, and that's why we partnered with 3scale to bring this solution to market.
You can find out more about how F5 Advanced WAF works with 3scale to protect APIs in this solutions brief.
About the Author
Related Blog Posts
SaaS-first strategies reshape cloud-native application delivery
F5 NGINXaaS empowers cloud and platform architects to unify operations, reduce complexity, and deliver exceptional digital experiences at scale.
F5 ADSP Partner Program streamlines adoption of F5 platform
The new F5 ADSP Partner Program creates a dynamic ecosystem that drives growth and success for our partners and customers.
Accelerate Kubernetes and AI workloads with F5 BIG-IP and AWS EKS
The F5 BIG-IP Next for Kubernetes software will soon be available in AWS Marketplace to accelerate managed Kubernetes performance on AWS EKS.
F5 NGINX Gateway Fabric is a certified solution for Red Hat OpenShift
F5 collaborates with Red Hat to deliver a solution that combines the high-performance app delivery of F5 NGINX with Red Hat OpenShift’s enterprise Kubernetes capabilities.
F5 Silverline Mitigates Record-Breaking DDoS Attacks
Malicious attacks are increasing in scale and complexity, threatening to overwhelm and breach the internal resources of businesses globally. Often, these attacks combine high-volume traffic with stealthy, low-and-slow, application-targeted attack techniques, powered by either automated botnets or human-driven tools.
Phishing Attacks Soar 220% During COVID-19 Peak as Cybercriminal Opportunism Intensifies
David Warburton, author of the F5 Labs 2020 Phishing and Fraud Report, describes how fraudsters are adapting to the pandemic and maps out the trends ahead in this video, with summary comments.