Message Image

Skip main navigation (Press Enter).

Layer7 API Management

Back to discussions

Expand all | Collapse all

Restman Security

Paul ConnorJan 31, 2019 12:54 AM

Is there a way to confine RESTMAN services to a specific internal network interface to prevent all access ...

Mark ODonohueJan 31, 2019 01:02 AM

Hi Paul, - just cutdown answer of the one I sent via email : The feature "Idea" to allow services ...

1. Restman Security

0 Recommend
Broadcom Employee

Paul Connor
Posted Jan 31, 2019 12:54 AM

Reply Reply Privately
Is there a way to confine RESTMAN services to a specific internal network interface to prevent all access from traffic on the internet facing network interface in a DMZ deployed gateway?
2. Re: Restman Security

2 Recommend
Broadcom Employee

Mark ODonohue
Posted Jan 31, 2019 01:02 AM

Reply Reply Privately
Hi Paul, - just cutdown answer of the one I sent via email :

The feature "Idea" to allow services to be selected, is discussed here:
https://communities.ca.com/ideas/235726554

And in the discussion, there is links to the two workarounds, i developed both with their situation in mind:

1) global pre-service policy doing a check before the service is called.

2) listen port hardcoded to specific service, and that service vets the access and then forwards to a proxy.

Normally there would be two API Gateways, internal one with restman installed, and the external one, not having it installed, but could then forward it onto the internal one.

Cheers - Mark

Copyright 2023. All rights reserved.

Powered by Higher Logic