Please [purchase directly](https://l.fizzgate.com/#/shop/purchase) or [contact us](https://www.fizzgate.com/fizz/cms/article/about/contact/).
## What 's FizzGate?
**Note:** The community version is for testing only and does not include technical support. For commercial support, please contact us via WeCom (WeChat Work).
An Aggregation API Gateway in Java. FizzGate is a microservice aggregation gateway developed in Java, a domestic alternative for application gateways with independent intellectual property. It enables hot service orchestration aggregation, automatic authorization selection, online service script coding, online testing, high-performance routing, API audit management, callback management, etc. With a powerful custom plugin system, it can be extended and provides a friendly graphical configuration interface to help enterprises quickly implement API service governance, reduce middleware code, lower coding investment, and improve the stability and security of API services.
---
## What is FizzGate?
## Demo
**FizzGate** is a Java-based microservice aggregation gateway designed as a Chinese domestic alternative with full IP ownership. It enables real-time service orchestration, dynamic API aggregation, authorization management, scriptable API logic, online testing, high-performance routing, approval workflows, callback handling, and more.
https://demo.fizzgate.com/
It features a powerful plugin system and an intuitive GUI for API governance, helping enterprises reduce glue code, streamline development, and improve API stability and security.
In order to provide better services to everyone, the community version no longer provides any technical consultation. For the commercial version, please add Enterprise WeChat for business support.
---
account/password:Please contact the official enterprise WeChat to obtain
## Official Website
health checking url:https://demo.fizzgate.com/admin/health
👉 https://www.fizzgate.com/
API access:https://demo.fizzgate.com/proxy/[Service Name]/[API Path]
## Demo Environment
## Design Philosophy
👉 https://demo.fizzgate.com/
Username / Password: *Commercial software. Trial accounts available via purchase or WeCom request.*
Intelligent interface, minimal dependencies, comprehensive features, and easy deployment. We strive for a simple and clear interface design, aiming to simplify complex configuration steps and operations to meet the needs of users at different levels. This enables developers, operations personnel, and others to efficiently manage and configure the system.
- Health check: https://demo.fizzgate.com/admin/health (Restrict `/admin` path in production)
- API access: https://demo.fizzgate.com/proxy/[service-name]/[api-path]
- Intelligent Interface: FizzGate focuses on intelligent design to enhance user experience. When users input data, the system will provide automatic input features whenever possible, reducing the complexity of user operations. Additionally, real-time prompts and reminders will be provided near the input area to assist users in configuring and operating the system quickly and accurately.
- Minimal Dependencies: FizzGate is designed with careful consideration of external middleware and third-party dependencies, ensuring no intrusion into existing systems. Most features are based on self-developed technologies, minimizing the need for external dependencies, reducing resource consumption during deployment, while maintaining system efficiency and maintainability. This design makes FizzGate more stable and flexible for deployment within corporate networks.
- Comprehensive Features: FizzGate covers the entire API lifecycle management, supporting various stages including API definition, integration, data masking, traceability, and security protection, thereby improving API management efficiency. As one of the most feature-rich products on the market, FizzGate offers a complete enterprise-level solution, helping companies achieve efficient and secure API management.
- Easy Deployment: FizzGate has been designed with enterprise deployment requirements in mind, supporting disaster recovery needs for small and medium enterprises, as well as large-scale cluster deployments and geographically distributed deployments for larger enterprises. The deployment process is quick and simple, with deployment issues solved in less than a minute.
---
## Supported Architectures
Supports arm64/amd64/x86/x86_64 architectures, compatible with Mac, Windows, and Linux, and supports Xinchuang components such as Kirin V10 and Dameng V8.
-Application Management: Supports management of integrated applications.
-API Management: Supports backend service configuration after API definition.
-Group Management: Supports managing API-related configurations by grouping them.
- Service Authentication: Through plugins, the service can apply access control, verification, and other chain interception strategies.
-Cluster Management: FizzGate gateway nodes are stateless, with configuration information automatically synchronized. It supports horizontal scaling of nodes and multi-cluster deployment.
-Security Authorization: Supports built-in authorization methods such as key-auth, JWT, and basic-auth, with easy control.
- Service Orchestration: Supports hot service orchestration for HTTP, Dubbo, gRPC, and Soap protocols. Supports both frontend and backend encoding and JSON/XML output, allowing updates to the API anytime, anywhere.
-Version Control: Supports the release of operations and multiple rollbacks.
-Integration Testing: Provides API integration testing to ensure API interface reliability and availability.
-Release Approval: Supports an approval process for API orchestration releases.
-
### API Data Masking
### API Desensitization
-Sensitive data classification and grading
-Structured/unstructured desensitization
-Visual strategy configuration
- Sensitive data detection
Classification and Leveling: Supports the classification and hierarchical management of sensitive data, enabling reasonable masking strategies.
API Data Masking: Supports masking sensitive data in APIs, both structured and unstructured.
Masking Strategies: Supports visual masking strategy configurations, applying these strategies based on context.
Sensitive Data Recognition: Supports the identification of sensitive data in APIs.
API Traceability
### API Traceability
- Web watermarking for HTML/Word/Excel/PPT/PDF/Images
- Leak traceability and contextual data history
Web File Watermark: Supports adding visible watermarks to proxy pages. Supports types such as HTML, Word/Excel/PPT/PDF, PNG/JPEG/TIFF, etc.
Leak Traceability: Supports tracing all contexts and terminal information of data queries related to leaks. Supports types such as JSON/HTML, Word/Excel/PPT/PDF, PNG/JPEG/TIFF, etc.
API Security (Bypass Analysis)
### API Security (Out-of-Band Analysis)
- API asset analysis and API spec generation
- Sensitive data detection
- Threat detection and response
- Vulnerability scanning
- Anomaly blocking (automatic/manual)
Asset Analysis: Analyzes and manages API security assets, generating API specifications to help detect potential security risks.
API Vulnerabilities: Scans and reports security vulnerabilities in API interfaces, improving API security.
API Anomalies: Supports anomaly detection for API access, enabling prompt response to abnormal behaviors.
API Blocking: Automatically or manually blocks API access upon detecting anomalies to prevent attack spread.
---
## Benchmarks
## Performance Benchmark
We compare FzzGate with the major gateway products on the market, using the same environment and conditions, and the test objects are under single node. The Mock interface simulates a 20ms latency with a packet size of about 2K.
**Test Environment**
- Intel Xeon E5-2650 v3 @ 2.30GHz ×4
- Linux 3.10.0-957.21.3.el7.x86_64
- 8GB RAM
- Mock API with 20ms latency and 2KB payload
- Intel(R) Xeon(R) CPU E5-2650 v3 @ 2.30GHz * 4
- Linux version 3.10.0-957.21.3.el7.x86_64
- 8G RAM
| Category | Product name | QPS of <br/>600 connections | 90% Latency(ms) of <br/>600 connections | QPS of <br/>1000 connections | 90% Latency(ms) of <br/>1000 connections |
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
