Layer7 API Management

 View Only
  • 1.  Restman Security

    Broadcom Employee
    Posted Jan 31, 2019 12:54 AM

    Is there a way to confine RESTMAN services to a specific internal network interface to prevent all access from traffic on the internet facing network interface in a DMZ deployed gateway?

  • 2.  Re: Restman Security

    Broadcom Employee
    Posted Jan 31, 2019 01:02 AM

    Hi Paul, - just cutdown answer of the one I sent via email : 


    The feature "Idea" to allow services to be selected, is discussed here:


    And in the discussion, there is links to the two workarounds, i developed both with their situation in mind:


    1) global pre-service policy doing a check before the service is called.


    2)  listen port hardcoded to specific service, and that service vets the access and then forwards to a proxy.



    Normally there would be two API Gateways, internal one with restman installed, and the external one, not having it installed, but could then forward it onto the internal one.



    Cheers - Mark