Would like to understand what is the difference between WAF and APIM (Like APIGEE or AZURE APIM).
What are capabilities of WAF and which needs to be choose to protect the backend web application.
Thank you in advance.
- Aaditya
0
votes
2 Answers
1
votes
WAF protects your backend web server by stopping every request that having malicious values. Malicious requests can be SQL injection, Cross site scripting.
Modern WAF also protects server from blacklisted IPS (tor or bots).
You can also define rules like whitelist IP or regex match for parameters and header.
Regards,
Jaikey sarraf
0
votes
Google Apigee plateform also has capabilities like whitelisting, security(OAuth, JWT, Basic and key based), CORS header and others.
I think that you should more focus on what kind of architecture you might need in order to support future requirement. As with Apigee, Google has great support for cloud as well(AWS, GCP and Azure) with support to almost all type of language and virtual target backend for complex mesh ups as well.
Apigee provides inbuild support for Analytics and Monetization services as well, which you might want to consider.
Apigee has 24X7 support for all your issue/concern for different level of environments.
