The requirement is to exploit an on-prem soap service from a cloud hosted micro service through Apigee layer. Why we have chosen Apigee is to simply apply the policies for XML to JSON and vice versa conversion. But Security is a big concern here. How currently the on-prem works is based on IP white-listing, but that's not possible in this case as we should whitelist the Apigee CIDR which again will be another security issue as other applications on the range can access the service.Another possible option we looked at is to route the traffic from Apigee to an HA proxy (This server comes under the service specific subnet) and then to on-prem service, so we only need to white list the ranges where HA proxy resides. We cannot change the on-prem service to accept any ApiKey, so that's also not an option. Is there any better solution do you think can be done to achieve this?