Making sure that the right people have access to the right resources: This is the core of web and API access management. Web and API access security centralises the access control with a universal security layer for all web-based and mobile apps, including APIs and web services.
A comprehensive set of APIs enables smooth integration into any existing CI/CD (Continuous Integration and Continuous Delivery) pipeline to automate deployment.
Secure Access Gateway
An access gateway offers secure access to specific requirements by using a differentiated approach to user authentication and authorisation. An access gateway controls and limits user access to specific applications and individual resources centrally, based on the user’s authentication, authorisation and context. Centralised authorisation allows access controls to be created at application level.
Identity and Context-Aware Proxy is the Nevis concept that allows customers to connect seamlessly and enables authentication and highly differentiated authorisation for web applications, web services and APIs.
Filtering and Blocking
Attacks such as XSS, CSRF, injection attacks or session-stealing attempts have been at the very top of the OWASP Top 10 list for years. Strict filtering and blocking of all data traffic prevents these types of attacks now and in the future. Attacks rarely conform to standards or follow recognisable and familiar patterns. A powerful filtering and blocking engine can prevent many of these common attacks.
Load Balancing and Reverse Proxying
Reverse proxy servers and load balancers are components in a client-server computing architecture. Both act as intermediaries in communication between the clients and servers and execute functions to boost efficiency. Although they can be implemented as dedicated, specially developed devices, modern web architectures increasingly use them as software applications that are executed on commercial hardware.
Load balancers are most often used if a web page needs multiple servers because the volume of requests is too high to be efficiently processed by a single server. The deployment of multiple servers also eliminates a single «point of failure», making the website more reliable.
Although it only makes sense to deploy a load balancer if you have several servers, it can often be useful to deploy a reverse proxy with just one web server or application server as this provides greater security, scalability and flexibility.
Policy Enforcement Point (PEP)
A policy enforcement point (PEP) is responsible for receiving authorisation requests that are sent to the policy decision point (PDP) for evaluation. A PEP can be installed anywhere in an application where data and resources require protection or where authorisations logic is applied. A PEP is only responsible for requesting and evaluating an authorisation decision and does not require an authorisations logic.
Centralised administration of access guidelines for your end users so that you can configure and customise security settings at one location. Drive profits everywhere – and expand the identity and access control on your web apps and APIs.
Simple integration into your existing web applications and APIs without code or architecture changes.
Reduce your maintenance and operating costs with a flexible security and access gateway that you can use to secure your legacy applications, hybrid applications, web apps, mobile apps and APIs.
The fewer passwords in circulation, the less time your IT helpdesk must spend dealing with password problems. This will save you more time and money than you might have thought possible.