Layer7 API Management

Expand all | Collapse all

Restman Security

  • 1.  Restman Security

    Broadcom Employee
    Posted 01-31-2019 12:54 AM

    Is there a way to confine RESTMAN services to a specific internal network interface to prevent all access from traffic on the internet facing network interface in a DMZ deployed gateway?



  • 2.  Re: Restman Security

    Broadcom Employee
    Posted 01-31-2019 01:02 AM

    Hi Paul, - just cutdown answer of the one I sent via email : 

     

    The feature "Idea" to allow services to be selected, is discussed here:

    https://communities.ca.com/ideas/235726554

     

    And in the discussion, there is links to the two workarounds, i developed both with their situation in mind:

     

    1) global pre-service policy doing a check before the service is called.

     

    2)  listen port hardcoded to specific service, and that service vets the access and then forwards to a proxy.

     

     

    Normally there would be two API Gateways, internal one with restman installed, and the external one, not having it installed, but could then forward it onto the internal one.

     

     

    Cheers - Mark