Contact Free trial Login

Security Policies

Anypoint Security features a high-performance, reliable, and scalable service to enforce policies that apply to all nodes deployed to your Runtime Fabric.

You can protect your APIs using these policies:

  • DoS (Denial of service) Policy
    These policies are designed to protect your network nodes against malicious clients trying to flood your network to prevent legitimate traffic to your APIs.
    Learn more about the DoS policy.

  • IP Whitelist
    Create an explicit list of IP addresses that can access your deployed endpoints.
    Learn more about the IP Whitelist.

  • HTTP Limits
    These policies prevent attacks from clients that send large messages that can consume all of your processing bandwidth.
    Learn more about the HTTP Limits policy.

  • WAF (Web Application Firewall Policy)
    These policies provide the Open Web Application Security Project (OWASP) Core Rule Set (CRS) for checking requests and responses to detect common Web application attacks.
    Learn more about the WAF policy

You can use these policies to handle all traffic to your Runtime Fabric, and leverage API Manager policies for handling specific behaviors to specific APIs.

index e9021

Anypoint Security policies then act as a default router capability through which all traffic traverses.
It provides:

  • Threat detection and prevention.

    • Content attack prevention (HTTP header and message limits checks)

    • Denial of Service

    • IP whitelists

  • Advanced TLS (for example, certificate pinning, CRL)

  • Basic TLS (for example, Mutual TLS, SSL Termination)

API policies configured in API Manager and running through an API gateway give you the ability to further customize or extend certain limitations you are applying at the Mule application level.

This layer of security provides the same control as any API Manager policy offers. For example:

  • Basic TLS (for example, mutual TLS, SSL termination)

  • Rate limiting

  • OAuth

  • Authorization and Accounting (AAA)

You must have Runtime Fabric and Security Edge Policies entitlements enabled for your Anypoint Platform account, in addition to API Manager and Analytics.

To apply policies, you must have the Manage Runtime Fabrics permission assigned to your user.
An administrator for your organization can grant you this permission in Access Management.

Was this article helpful?

💙 Thanks for your feedback!

Edit on GitHub