Cequence API Security Platform (ASP) supports integration with an existing Apigee Edge, Apigee X, or a hybrid Apigee installation.
What is Apigee?
Apigee is a platform for developing and managing APIs. Apigee provides a managed proxy layer along with services for security, rate limiting, quotas, and analytics.
For more information on Apigee itself, see Google Cloud: What is Apigee?
Overview
There are two approaches for integrating Cequence API Security Platform (ASP) into an Apigee proxy configuration: Inline and Passive.
In an Inline configuration, API traffic is routed through Cequence ASP. This deployment approach supports both Bot Defense managed mitigation and API Sentinel API discovery and risk analysis. Inline integration deployment has two flavors: Upstream and Hairpin.
In Passive integration, Apigee "SharedFlow" policies in Apigee are configured to send Cequence ASP a copy of request/response transactions.
If needed, the Cequence Customer Success Team can assist in determining the best approach for your requirements.
Inline Configuration
Inline Upstream
Inline Upstream deploys Cequence ASP directly into the data flow such that requests and responses flow through Cequence ASP and then to/from the existing API backend ("origin"). A failover path is configured to maintain connectivity and services to the original 'origin' services.
Hairpin
Hairpin deployment is similar to the Inline Upstream model with the major difference being that Apigee sees the same request traffic twice that allows Apigee to provide additional services and logging.
Passive (SharedFlow)
Passive integration configures Apigee SharedFlow policies to obtain and send request/response transaction information to Cequence ASP. The connection to Cequence ASP is secure and authenticated. There is no change to the data flow through Apigee from the client to the backend.
Additional Information
Detailed step-by-step instructions are available to Cequence customers.