Many organizations today are on a journey to digital transformation. A key aspect of this transition has been the mass adoption of APIs and the way they are used to offer services in API ecosystems.
As the adoption of APIs (and the dependence on them) grows, organizations are requiring that APIs are always:
- Available: Available where consumers need them and with five nines or better availability
- Secure: Provide the right data to the right consumer, with no data leakage, infiltration, exfiltration, or other issues
- Relevant: Offer the right tier of service to the right customer.
In the past, developers would have worked with IT/Sec Ops to instantiate and configure these security policies on load balancers or API gateways. But for cloud-native applications built upon containers and Kubernetes, the old paradigm doesn’t work.
Developers now leverage their CI/CD pipeline to deploy hundreds of times per week, often without IT/SecOps even knowing about it. In this new paradigm, it’s critical that the configuration for API protection is automated so that developers and IT/SecOps can have mutual awareness and alerting into the APIs’ security, availability, and access patterns.
Today, Citrix ADC can be deployed as an Ingress device in a Kubernetes deployment. We are excited to announce that soon customers will be able to leverage that same Ingress device to offer API protection for microservices-based applications for north-south traffic. This ingress device can be an existing Citrix ADC form factor like MPX/VPX or a new CPX (containerized ADC) deployment.
With easy-to-use custom resource definitions (CRDs) and notations, DevOps can operationalize all the necessary security requirements.
Some of the key functions needed in a typical API security deployment include:
With the Citrix solution, developers looking to expose their services/APIs to consumers outside the Kubernetes cluster can do so without worrying about compliance and security. This enables both SecOps and DevOps to move more quickly and with less friction to meet the business needs around liberating data, speeding up release times, and bringing services to market more rapidly.
Citrix API Protection will be offered as part of Citrix ADC premium licensing and will also available as part of pooled license. Citrix API Protection CRDs for cloud-native environments will be available soon on GitHub at https://github.com/citrix.