Recently I split a big monolithic enterprise application in a bunch of microservices in CloudFoundry, that will feed Spark etc... Just one of them is on the edge and communicates with a service exposed externally. At this stage, we've been asked to add an additional security layer with Apigee. Unfortunately at this stage we cannot use oauth2 yet. My question is: should I use Apigee only on the edge or all the internal microservices should leverage Apigee API as well? My concern is about performance if each service calls Apigee proxy.