Is it possible to use Netscaler ADC to provide security to our API Gateway ?

[Harihara Sudhan]

Is it possible to use Netscaler ADC to provide security to our API Gateway ?

[Guest Farhan Ali]

Yes , A netscaler can be put in front of the AWS API gateway and can act as a proxy and help in load balancing the request and provide the security and authentication of user as well. Some of the features that can be used are

1. •Security ( WAF, AAA)
2. •User choice( Responder, backup vserver, round robin methods, HA)
3. •User Defined SSL Certificate
4. •Can be integrated to Citrix Gateway for HTTP links

A simple use case will be

AWS API Proxy

To proxy AWS APIs, use the LB/CS with Rewrite http request to --> If uri contains- citrixapigw ---> https://citrix.execute-api.us-east-1.amazonaws.com/default/lamdaFunction123

API example:

POST/api.citrix.com/citrixapigw123 -- proxies to -- POST/ citrix.execute-api.us-east-1.amazonaws.com/default/lamdaFunction123 I

Need to add rewrite policy on the Citrix ADC

ADC should have DNS to resolve the api gateway URL

sample config:-

add rewrite action lambdatoapi replace http.req.hostname.server ""jthiofcg48.execute-api.us-east-1.amazonaws.com""

add rewrite action httptohttps replace_all "HTTP.RES.BODY(2500)" ""https"" -search "text("http")"

add rewrite policy lambdapolicy "http.req.hostname.server.eq("ec2-52-72-192-77.compute-1.amazonaws.com")" lambdatoapi

add rewrite policy pol_replace_http_with_https HTTP.REQ.IS_VALID httptohttps NOREWRITE