IBM Cloud Internet Services provides a strong feature set for security-conscious users
December 16, 2019

IBM Cloud Internet Services provides a strong feature set for security-conscious users

Anonymous | TrustRadius Reviewer
Score 3 out of 10
Vetted Review
Verified User

Overall Satisfaction with IBM Cloud Internet Services

IBM Cloud Internet Services is currently used as an inbound reverse proxy for DNS name resolution, TLS endpoint, traffic metrics, intrusion detection, source IP address limiting, and other firewall features.

In both single- and multi-tenant scenarios, IBM Cloud Internet Services is provisioned once per IBM Cloud Kubernetes Service cluster (one cluster per single- or multi-tenant solution).
  • Supports source IP address limiting.
  • Supports intrusion detection.
  • Request proxying is done by way of DNS name resolution, which is inflexible.
  • Proxy services do not work on wildcard DNS entries.
  • IBM Cloud Internet Services acts primarily as a DNS server with reverse proxy capabilities and TLS endpoint termination in the most basic use cases, so it represents a rather expensive option in that regard.
The UI is a bit clunky and requiring DNS name resolution as a method for intercepting and proxying requests is not always appropriate.

For example, if we wanted to have regional application instances with domains/hostnames that include the region details (e.g., tor01.example.com, wdc01.example.com), but wanted to hide the region-specific implementations from end-users, typically one would use CNAME DNS records (e.g., myapp.example.com) to hide the underlying A DNS records. However, IBM Cloud Internet Services does not support the use of CNAME records unless the destination is not proxied.