
Gloo Gateway
Modern API management requires secure, scalable, modern API gateway architectures. While today's applications and deployment architectures may be more complex, Gloo Gateway simplifies API management at scale, while increasing security and reducing the risk of data breaches. Gloo Gateway is a modular component of Gloo Platform.
Experience the Modern API Gateway
Secure
Quickly introduce zero trust security into your application deployments and infrastructure
Scale
Next-generation architecture built to grow with your multi-cluster applications
Simplify

Single interface and API for managing your gateway and service mesh together
Build Security Into Your Infrastructure
Application development and operations teams need to work together to securely deploy applications into any cloud environment, while maintaining security and compliance.
- Application development teams need to have the ability to manage their applications and APIs in a self-service environment
- Operations teams need to securely deploy into any cloud target, while maintaining security and compliance for these applications
- DevSecOps, GitOps and DevOps models need to be supported at the infrastructure layer to streamline deployments
Making security easier for everyone to achieve can improve adoption and minimize outside attacks on your applications.

Deliver Results Today

An API gateway receives requests from clients and manages ingress to the appropriate services within its domain. The API gateway sits in the data plane and manages “north-south” traffic by providing services including security, reliability, filtering, transformations, and routing.
“Next-generation” gateways are purpose-built for highly dynamic environments orchestrated by Kubernetes and built for decentralized ownership and self-service collaboration. Abstracting the networking management outside of the application simplifies how you introduce a zero trust model to your application to secure how external users connect to your application.
By introducing next-generation API security to your applications, you can:
- Significantly reduce your API gateway footprint
- Improve overall security and application scalability
- Reduce application latency times for users
Introducing Gloo Gateway
Gloo Gateway extends the open source Envoy Proxy with a rich set of security, scalability, resiliency, and cloud integrations. The ease of use capabilities bring simplicity to Gloo Gateway, helping our customers rapidly enable zero trust security for both applications and APIs.
- Significantly reduce the API gateway footprint (vs. legacy API gateways)
- Improve overall scalability in any cloud, any Kubernetes environments, or within a Virtual Machine.
- Reduce application latency and improve your customer experience


Gloo Gateway is enabled by two popular open source projects – Envoy Proxy and Istio. Gloo Gateway’s use of Envoy and Istio provides a robust, scalable, and flexible solution for managing API traffic in a microservices architecture.
- Extends Envoy Proxy with a rich set of security, scalability, resiliency, cloud integrations, and ease of use capabilities
- Enhances Istio with the control plane to manage scalability of multi-gateway and FIPS deployments
- Includes advanced authentication, mTLS encryption, and centralized policy management capabilities
Along with both API gateway and Kubernetes Ingress functionality, Gloo Gateway provides services such as high availability, load balancing, failover, zero-trust security, tracing, and metrics gathering.
Reduce the overhead and friction of building zero trust security into your infrastructure today.

Add in Gloo Portal
As a part of Gloo Platform, Gloo Portal provides a Kubernetes-native framework for managing the definitions of APIs, API client identity, and API policies that enables GitOps and CI/CD workflows. The portal abstracts the complexity and enables developers to publish, document, share, discover, and use APIs.
- Rich policy controls
- Detailed configuration information
- Comprehensive security

Include GraphQL

GraphQL is a query language for your APIs with a server for fulfilling queries from your user interfaces, providing a more powerful and flexible alternative to REST for pulling data from your microservices. Instead of multiple endpoints that return fixed data structures, a GraphQL server only exposes a single endpoint and responds with precisely the data a client requested.
Gloo GraphQL is another module that can be added to Gloo Platform to further simplify your API consumption.
- Embeds a GraphQL server natively into Envoy enabling federated queries of your APIs using your service mesh and API gateways.
- Improve performance by eliminating the additional network hop to a separate GraphQL server
- No additional GraphQL servers required!
Solve Real Problems with Gloo Gateway
Gloo Gateway is frequently deployed for the following use-cases:
- Integrated API Gateway for Kubernetes (north-south traffic)
- Ingress gateway (routing) for Kubernetes (east-west traffic)
- Part of a broader zero trust security architecture for APIs and microservices
- Application modernization projects requiring next-generation access security
- Replace or augment Apigee API Gateway (improved performance, scalability, security)
- Replace or augment Kong API Gateway (improved performance, scalability, security)
- Replace AWS API Gateway (reduce costs, improved Kubernetes integration)
At the core of Solo.io’s product offerings is Gloo Platform, which integrates API gateway, service mesh and networking technologies into a unified application networking platform. Gloo Mesh delivers service mesh functionality and management for Kubernetes clusters, virtual machines and microservice applications to secure the internal communication between each of the services.
