What is solution of A10 for API?

Hi everyone,

Our customer have a web service system communicate with mobile app via API (RESTful API protocol).

Now they want to a solution of A10 to support and protect this API. I have informed that is aXAPI, right?

Please give me some advice about this issues

Thanks

Tagged:

Comments

  • john_allenjohn_allen Member

    aXAPI is A10's API....From your post, it looks like you are asking how A10 can protect your customer's API Endpoint.

    There are a couple of ways to do this. Thunder ADC has some basic protections for API Endpoints like Bandwidth Limiting and Connection Rate Limiting that can be used to protect their API Endpoint from being swamped by in-bound traffic. If you know the size of the API Request packets, you can also do Payload Validation by looking at the size of the incoming request and compare it with the expected size. If the difference is too great, drop the packet, as it is most likely an attack of some sort.

    You can also use A10's Threat Protection Systems (or TPS) for DDoS Mitigation as well.

  • AldenAlden Member

    Hi John,

    Let me be more specific about the stream of API to protect: Our customer have a web service system communicate with Mobile app via API (RESTful API protocol). Now they want to a solution of A10 to support and protect this API.

    I also discuss with TAC Engineer A10 and he said that aXAPI is the A10 API that can be used by 3rd party tools to manage A10 devices, not for protecting other API traffic.

    For protecting API traffic, A10 has security features that can fulfill the requirement e.g. WAF and DDoS protection. Or as your advice, it can be Bandwidth Limiting, Connection Rate Limiting. Threat Protection Systems (or TPS) is not suitable because we need the features available in the ADC, no need to buy additional licenses.

    If you don't mind, I hope you can provide me the deployment guide for this feature as I have never implemented it and now I have to POC to the customer.

    Thanks for your help!

  • john_allenjohn_allen Member

    The A10 WAF guide can be found here: https://documentation.a10networks.com/ACOS/521x/ACOS_5_2_1-P3/pdf/A10_5.2.1-P3_WAF.pdf

    You will need a Support login to access it.

Sign In or Register to comment.