Introduction

Airlock Microgateway has a sophisticated filtering engine which is based on an allow and deny rules concept.

First, a request must pass the allow rules. In a second step the deny rules are checked. The request is only sent to the back-end if no allow and deny rule block the request.

Overview

The illustration shows that, if the request has been blocked because of allow rules, the request is not processed anymore. Only if the allow or deny rule are in log only mode, the request will be forwarded to the back-end, although it would be normally blocked.

Patterns

The rules are based on patterns defined in regular expressions. The documentation contains two pages about regular expressions which might be helpful during the configuration task.

What's next

With these basic concepts in mind, integration of a web application behind Airlock Microgateway is straightforward. Chapter Integration and its subchapters provide useful instructions for the integration steps.

Further details about the rules

Further details about the different filtering mechanism are described in the following subchapters.