The Advisor continuesly continuously monitors and analyses your Layer7 API Gateways and helps you in staying secure and adhering to the latest best practices.

...

Types of Advices

Expiring Private Keys

Introduced: Winter 2021

Whenever the advisor detects, that one of a gateway’s private keys is about to expire it will create a advice. Expiring private keys have the potential to cause serious issues in production when API consumers stop calling your APIs because they cannot establish a trusted and secure connection to your gateway.

Expiring Trusted Certificates

Introduced: Winter 2021

As private keys, expiring trusted certificates have the potential to bring down production as well. Be it because backend systems can’t be called anymore or that authentication tokens cannot be signed.

Missing Resources Within the Same Environment

...

With the trend to decluster environments it is crucial that all the needed resources are prent on all gateways of an environment. Whenever a new resource is detected that is missing on other gateways within the same environment, this recommendation is created. It is aware of ongoing migrations (when conducted via the API Gateway Manager), so that it does not create false positives during migration runs.

Differing Resources Within the Same Environment

...

Similar to the missing resources recommendation, this one checks the resources for their content. Changing information like version number or IDs are extracted before the comparison. This makes it easy to spot differences within your environment that lead to bugs or - even worse - different behaviour depending on on which gateway a request is processed. These are probably the bugs that are most hard to find, especially with a lot of gateways in a environment.

Insecure Listening Ports

...

This advice warn you about listen ports, that do not use SSL/TLS to establish a secure and encrypted connection. Only using secure TLS-enabled traffic is considered a best practice and conforms to the Zero Trust mindset.