Review: Protecting API connections with Forum Sentry

The Forum Sentry API Security Gateway goes beyond access control and deep into security, monitoring all the connections that it forms between systems and enforcing very granular security policies.

network of connections / digital matrix
Gremlin / Getty Images

The unsung hero of today’s modern networks is the application program interface (API), the tiny programs and protocols that act as the bridges bringing users, networks, systems and information together. But they also make it difficult to connect legacy systems such as application servers with modern tools like smartphones. And, they are often targeted by attackers, because whoever controls the bridges can compromise or control the network.

There are lots of ways to try and manage APIs, from hand-written code that addresses a specific instance to systems that can install thousands of agents to generate APIs when needed. The Forum Sentry API Security Gateway from Forum Systems takes a novel approach, using an appliance to link everything from modern to legacy systems, while also hardening and monitoring those connections to keep them free from compromise or tampering. And, by protecting the APIs and enforcing security policies on those connections, it can also protect the core network.

The API Security Gateway is installed as a hardware appliance, but it can also be virtualized and put into a network as software. Each appliance can handle about 1,000 transactions per second before a second one would need to installed. Pricing is based on the number of appliances or virtual appliances that each organization needs.

Forum Sentry appliance Forum Systems

The Forum Sentry appliance is available as a rack-mounted hardware device, or it can be completely virtualized and deployed as software.

Getting started

Installing Forum Sentry is relatively easy, since it’s designed to sit inline between wherever applications are based, and the end users – which includes automated programs – that need to connect to those applications. There are no agents needed. Administrators simply need to point programs at the gateway and define what types of connections are allowed.

To continue reading this article register now

7 hot cybersecurity trends (and 2 going cold)