API security gateway technology leads to innovation

Staff Report | DFW Newsflash | January 2018

BOSTON, — Forum Systems Inc., a pioneer in API security technology, today announced industry-first capabilities in its award-winning Forum Sentry API Security Gateway that enable enterprises and government organizations to securely leverage the Amazon Elastic Compute Cloud (EC2) for key business initiatives. Further advancing the state-of-the-art in API security gateway technology, Forum Sentry now features a REST API for rapid deployment in virtual, cloud and containerized environments.

Now, more than ever, organizations are adopting on-demand platforms to power their businesses. In fact, Forrester forecasts that in 2018 “more than 50 percent of global enterprises will rely on at least one public cloud platform to drive digital transformation and delight customers.”

Addressing these realities, while offering maximum deployment flexibility, Forum Systems is making Forum Sentry available in an Amazon Machine Image (AMI) form factor to ensure customers launch security-hardened Amazon EC2 instances. Additionally, the new REST API supports autonomous deployment and fully automated provisioning of Forum Sentry in elastic computing environments.

“Amazon and other major cloud providers require customers to allow root administrator access to their infrastructure. While a boon to the cloud companies – which benefit from a wealth of monitoring and metrics data – these pathways lay bare customers’ operating systems to potential attack and compromise,” said Forum Systems CEO Mamoon Yunus. “By routing their network traffic through Forum Sentry, organizations can securely harness the power of virtualization, cloud computing and containers – and achieve peace of mind.”

The only API security gateway to achieve NIST FIPS 140-2 Level 2 and Common Criteria NIAP Network Device Protection Profile certification, Forum Sentry protects and accelerates data exchange and API service access across networks and business boundaries, significantly reducing the cost and complexity of centralizing security, identity and governance. Serving as an information broker deployed as a logical API protecting applications and services,

Forum Sentry precludes clients from directly accessing application and services tiers. This unmatched level of security prevents identity compromise and enables SSO authentication and session management achievement – without required code changes or manipulation to backend systems.

To continue to differentiate itself from the competition and deliver customer value, Forum Systems introduced several other key capabilities in this latest version of Forum Sentry, including:

  • Richer Performance Metrics, Analytics and Reporting Capabilities – Forum Sentry now provides more granular visibility into individual transaction latencies (with seven-segment latency breakdown). Additionally, customers can seamlessly integrate with any Big Data analytics engine or monitoring infrastructure for real-time and historical traffic flow profiling, archiving, and heuristics learning of APIs, cloud services and on-premises application performance behavior.
  • Support for the Federal Aviation Administration’s (FAA) System Wide Information Management (SWIM) Program – Forum Sentry now complies with the FAA SWIM information sharing platform for secure identity using SAML, Binary Security Tokens and Username token formats.
  • Compliance with Exacting Critical Infrastructure Security Mandates – Forum Sentry is now certified to comply with the strict cryptographic requirements of the U.S. Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure, and the UK’s National Cyber Security Centre.

Notably, in the recent KuppingerCole Executive View: Forum Sentry API Security Gateway report, Senior Analyst Alexei Balaganski recognized Forum Sentry as an “integrated platform for API and service security, access management and legacy application modernization with a strong focus on ‘security by design.'” Emphasizing that Forum Sentry is “still the only product on the market where security forms the integral foundation of the architecture,” Balaganski deemed it “recommended for evaluation by any organization looking for the highest grade of security and reliability for their API infrastructure.”

SOURCE: Forum Systems Inc.