To efficiently use Apinizer, it is recommended to decide on how it will be used, and then install and configure Apinizer with these settings. Therefore, having answers to some questions ready will greatly expedite the installation and configuration process. The Apinizer team has shared these questions below, along with some alternative suggestions. These alternatives are written in the order of recommendation based on the experience of the Apinizer team. In the "Your Preference" field, you are expected to provide your feedback by either writing the suggested item and your comments or directly stating your preference.


Our Recommendations

Your Preference

Will the necessary applications such as Kubernetes Cluster and MongoDB be installed, or are they already in place and ready for use by Apinizer?

If installation is required, will your organization's staff handle it, or will the Apinizer team be provided with a dedicated server?

  1. If your organization already has these components, utilize them
  2. If installation is required, your team will handle the preparation
  3. If installation is required, Apinizer team will handle

Is there any product other than WAF and firewall that controls the network where Apinizer will be installed and tightens security?

  1. If Apinizer is capable of blocking internal traffic within the cluster, it is important to report any such product that may accelerate the resolution of potential issues. This information can be obtained from your organization's Network and Security Unit staff.

Is there any usage of the 10.244.x.x block in the network where Apinizer will be installed?

  1. If it is in use, it is necessary to install Apinizer on another block. This information should be obtained from your organization's network team.

Which ports should Apinizer broadcast from on the servers it is installed on?

  1. Between ports 30000-32767, 32080 for Manager, and 30080 or 30090 for Worker.
  2. The ports to be configured under the management of your organization's DevOps team (either from the same range or by using nginx ingress)

Will the DNS resolution for Apinizer be handled automatically on the servers there Apinizer is located? If not, are the IP-host mappings already available?

  1. Due to the rare possibility of these addresses changing, it is recommended to configure the servers for automatic resolution.
  2. Preparing a list of hostname-IP pairs to be added to Apinizer

Will the Apinizer interface and workers be accessed via DNS? If yes, what will be the DNS configurations?

Where will SSL termination be performed?

  1. In your organization's firewall
  2. In the application where your organization performs DNS redirection and load balancing
  3. Apinizer worker applications

If Apinizer is to be used outside your organization, from which IP address will it exit? Have the necessary (NAT) processes been implemented to allow Apinizer servers to exit from this address?

  1. Your organization's current exit should not be changed and Apinizer will exit from this address

How will the Apinizer worker application (Core and RAM usage, JVM parameters) be configured?

  1. By dividing the existing license into two or three and entering the corresponding JVM parameters, distribute it across multiple containers

  2. With different configurations depending on the policy implemented by your organization

How will the Kubernetes systems on which Apinizer will be installed be managed?

  1. Through the Apinizer interface

  2. Using the methodsspecific to your organization

Where should traffic logs be written?

  1. To one of the servers allocated for Elasticsearch, which will be set up by Apinizer

  2. To another application configured by your organization

If the traffic logs are in the Elasticsearch managed by Apinizer, how will the backup of this data be taken?

  1. Your organization's System team employees will back up the disk where logs are written as is

  2. Your organization's System team employees will back up the server where logs are located as is

  3. A snapshot policy will be established to send logs from a specific server to a designated address, and the logs will be backed up there

Are there sensitive information in the traffic logs that should not be visible? If yes, what are these? In which parts of the messages should they not appear?

  1. Your organization's Information Security Team can be requested to provide the organizational policy. Key values containing personal data such as identification number

Where should application and token acquisition logs be written, if the settings are active?

  1. Into the configuraiton database of Apinizer
  2. To another application configured by your organization

If there are logs to be stored in the database, how will the growth be controlled?

  1. These logs will be deleted at regular intervals

  2. The disk will be expanded as it fills up

Will the admin user account created with the initial installation be used for the Apinizer interface? If yes, who will be using it?

  1. Apinizer will be used by Integration Unit employees if available, and individual authorized user accounts will be created for the users. The admin account will be deactivated
  2. The admin user will be used by a single person responsible for Apinizer, and new users will be assigned to other individuals who will use it

Will user management for those accesing the Apinizer interface be entirely handled through Apinizer, or will password authentication be done with LDAP/Active Directory?

  1. Users should always be defined in Apinizer, but password authentication will be configured with your organization's LDAP/AD application. This involves creating a user or service account in Apinizer that has authority to authenticate users connecting to Apinizer through the defined LDAP/AD
  2. Complete management of users through Apinizer

How will the Apinizer support team provide support to your team using Apinizer, the Apinizer application and, if desired, the servers on which Apinizer is installed?

  1. Defining VPN and granting access to the Apinizer interface only through Apinizer servers
  2. With applications that provide remote access, such as AnyDesk and TeamViewer
  3. With meeting applications that allow remote access, such as Zoom, Cisco Webex, Microsoft Teams, Skype
  4. With meeting applications like Whereby, Turkcell Bip Meet
  5. Via email, phone, and, when necessary, phyically as a guest to the organization