Introducing the Latest Forum Sentry API Security Gateway

Now, more than ever, organizations are adopting on-demand platforms to power their businesses. In fact, Forrester predicted that this year “more than 50% of global enterprises will rely on at least one public cloud platform.”

Despite cloud computing’s promise, though, security remains a significant issue.

Amazon: Prime Vulnerability

Amazon’s AWS Marketplace provides Amazon Machine Images (AMIs) – preconfigured templates – to help organizations launch a virtual server on the Amazon Elastic Compute Cloud (EC2). However, Amazon requires AMIs to have root administrator access to these organizations’ infrastructures.

While a boon to Amazon – which benefits from a trove of monitoring and metrics data – these pathways lay bare customers’ operating systems to potential attack and compromise. Bad actors can then gain root access to a user’s machine, impersonate the user and take complete control of apps running on the server.

This was the impetus for the latest version of our award-winning Forum Sentry API Security Gateway.

Ensuring customers launch security-hardened Amazon EC2 instances, Forum Sentry is now available in an AMI form factor. By routing all their traffic through Forum Sentry, customers can securely harness the power of Amazon EC2.

It’s no surprise that virtual and cloud technologies are dominating most industry innovation and purchases. It’s true for us too. Customers are turning to the Forum Sentry virtual appliance with more frequency than the traditional hardware.

Addressing this reality, and offering maximum deployment flexibility, we’ve unveiled a new REST API for rapid deployment in virtual, cloud and containerized environments. Supporting autonomous provisioning of Forum Sentry in elastic computing environments, the REST API empowers customers to quickly stand up and tear down virtual Forum Sentry instances with ease.

The only API security gateway to achieve NIST FIPS 140-2 Level 2 and Common Criteria NIAP Network Device Protection Profile certification, Forum Sentry is built on a secure operating system. Unlike other vendors that allow and run third-party code, Forum Sentry’s locked down OS precludes it from being susceptible to vulnerabilities – including the massive Meltdown and Spectre flaws.

To continue to differentiate ourselves from the competition and deliver customer value, we’ve introduced several other key capabilities in this latest version of Forum Sentry, including:

  • Integration with any Big Data analytics engine or monitoring infrastructure for traffic flow profiling, archiving, and heuristics learning of APIs, cloud services and on-premises app performance behavior.
  • Compliance with the FAA SWIM information sharing platform for secure identity using SAML, Binary Security Tokens and Username token formats.
  • Adherence to the strict cryptographic requirements of the U.S. Presidential EO on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure, and the UK’s National Cyber Security Centre.

    • This week, we’ll be showcasing Forum Sentry at WEST 2018, the premier naval conference and exposition on the West Coast. Co-sponsored by AFCEA International and the U.S. Naval Institute, the event is celebrating its 28th year of bringing military, government and industry leaders together.

    If you’ll be attending, please stop by the Forum Systems booth, # 2739. We hope to see you in San Diego!