Layer7 API Management Reviews

This product is used to expose some internal APIs to help us automate different activities.

It is helpful to have a central API that is hosted and managed.  It reduces costs and customers, suppliers, and vendors receive a uniform interface.

The license model and the cost of licensing can be improved. Especially given that we are in a stable operational mode.

We have been using Layer7 API Management for five or six years, and we have been actively using it this year.

It has been working quite well for a long time.

It's been working for us, from a scalability perspective. It's implemented within a central group, so there are just a couple of roles that run it. The APIs we host are stable.

We are in a stable maintenance mode, so we haven't had to engage customer service/technical support for some time.

We did not use another similar solution prior to this one.

It's a complex product, but I would say that the initial setup is straightforward.

Our in-house team handled the deployment.

We have a handful of IT admins and app admins who specialize in maintaining Layer 7 

It is a pricey product, although priced to the market. 

Overall, this is a good product. It's been stable and working for us, and our main difficultly is people calling out the price point on it.

We have the API Gateway deployed in production. The primary use case is for the API Gateway to provide API access, and authentication, and authorization for the APIs we expose through our product. 

I am also looking forward to having the API developer portal deploy as well so we get a bit more insights into the analytics part, and also some of the API lifecycle management associated with it.

I love the API Gateway, especially the architecture, in terms of the composability of the policies. We approach it from a very software-engineering approach.We build on the policies, like legal blocks, and we deploy them throughout different environments. It's been working out great for us.

It definitely helps a lot with the DevOps and the support. Reliability is one thing, and having visibility into who is using which APIs. 

Some of the performance matrix that API Gateway gives off - we monitor them via SNMP traps - and then we tie them into our monitoring system. You can actually monitor some of the latencies and some of the performance aspects of both API Gateways, as well back end services. So having that line of sight surely helps in terms DevOps.

The most valuable feature, as I mentioned, is the composability, because we use a lot of functionalities. 

Also, right now we're looking into the Dockerized version of API Gateway because that would allow us to flow nicely into our Microservice Architecture.

The more automation the better. I think CA is stepping in the right direction. I went through the micro API Gateway presentations here at the CA World conference, on how you can automate more of the policy deployment via the JSON format, so you don't even having to touch the Policy Manager. Because every time you touch something in the Policy Manager you think, "Well, that's a GUI, humans need to go in and do something with it." So if we can automate everything with the APIs, that helps a lot in the DevOps lifecycle, where we want to automate everything.

I've always been a fan of API Gateway. In the past we've used various API Gateways, some of them are open source. It's definitely very reliable and robust. The three years that we have them in production, not a single instance of downtime due to the API Gateway. We have issues, but it's mostly because of API backend issues or low balance issues and such, but API Gateway has been pretty reliable for us.

The scalability has been good. Now we have exposed the APIs, we have a four-node cluster of API Gateways in production. It's been scaling out well for us. I haven't had any issue yet.

I have ended up using technical support several times. I think it's fantastic. I've been working with a particular technical person in CA and he's been really, really helpful. He's been very busy, but the support that he gives me is above and beyond the call of duty.

Even going through the 24/7 support I usually get the answer back within 24 hours.

It was three years back, and at that time there wasn't a lot of automation going on with the API Gateway. It was a lot manuals, so we're using the OVA version of the API Gateway. As time went on, with the API Gateway you can pretty much auto-provision things. But two years back at least, I wasn't aware of that, so there was some manual steps. But even manual it was still quite painless to get it done.

We did do some evaluations against other products. Just to name a few, we looked at Mulesoft, WS02. We went with CA because the solution is simple to implement, it fits our use case well, and in terms of price point it also chimes well with our VPs.

I like that CA is continuing to improve the product, looking for new solutions using the API Gateway. That's something that we're familiar with. And that they're trying to make it work for different types of architectures. As I mentioned, we are moving toward Microservice Architecture and having the Docker form and the micro API Gateway to help with those kind of architectures is really helpful.

I'm an engineer, so from my perspective things have to be simple. If things get way too complicated then maybe you don't have the right solution, or you're not using the right solution to solve the right problem. In that case you may want to look for a different solution.

When selecting a vendor, as an engineer the solution that's offered by the vendor needs to be simple enough to solve my problem in an efficient way. Of course, I don't worry too much about cost because I'm not paying for it, but certainly cost does play a part in terms of licensing scheme.

The solution you choose depends a lot on the use case, so without really understanding a colleague's use case it would be hard for me to recommend anything at all. Definitely, if they want functionality like API management, I would recommend looking at CA to see it fits their use case or not.

Our primary use case is to enable our customers who are on the Internet. We want them to access our protective web series behind a corporate firewall. To do that, we like to use the OAuth ToolKit within the CA API. It can minimize the password exposure by generating a token using the ToolKit, then use the token to make the web services calls to our protected back-end services.

• The ToolKit with OAuth Manager
• The Policy Manager
• The Gateway Migration Utility (GMU) is a pretty good tool to use.

We are still evaluating it, so I cannot comment much on this. 

I would like to see more documentation. The current documentation is there, but we do not find it very useful. For example, we wanted to integrate with PingFederate TV provider and there was not enough information to customize the way we wanted. It took a lot of effort and we had to reach out to the Gateway folks to help us out on how to do that customization. Thus, it is not easy to integrate with other solutions.

It is pretty stable. We have not seen any issues, anywhere, where we need to restart.

We are still doing a PSA, so we will have to see how it scales once we ramp up volume and we roll out to the production with real life traffic.

We engaged an architect from CA. They were pretty good.

The best features of CA API Management are high quality and high reliability.

It provides a centralized security mechanism so that we can route all our policies and all our traffic through the gateway.

I would like more graphical interfaces for better usability.

API Management is highly reliable and highly available, so we haven't any problems with it.

We haven't had any scalability problems. I don't know how far it can be scaled. We are a mid-sized company.

I would say that the quality of technical support is moderate. It’s better than some, but not as good as others.

I don't know if we had a previous solution before going with API Managment. We have a number of CA products. Some of them, we started with the CA product and some of them we started with other products and then switched to CA because of their high availability and high reliability. We are not looking to switch it. It’s nice and stable.

I was not involved with the initial setup.

Focus on developing a relationship with CA. They have a variety of products and they do a lot of cross selling, so it's important to develop a relationship and figure out how to manage that relationship as you go forward.

When selecting a vendor, the most important element is relationship.

The security checking authentication is our primary use case for this solution.

The API gateway is good. 

We have experienced technical difficulties with the product in the past. 

Tech support is helpful. I would give it an 8 out of 10 rating. 

I do not have any experience with the pricing or licensing of the product.

API security, API management, OAuth security, microservices, mobile app security.

Secure API exposure and driving Innovation through microservices.

Security, out-of-the-box policies.

Cloud-native architecture of the product.

We haven't encountered any issues with stability. The hardware and virtual appliance-based form factor are solid. It's a stable product.

The product does not scale the way cloud-native architecture does.

Technical support is good.

The initial setup was moderately complex, due to various deployment models and integration with its own components.

It is in the lowest price range for such products but the pricing model needs to be changed.

I have experimented with all of the APIM solutions. Each one is fit for different situations but, overall, CA API Management is the best product for the expected functionality.

I have evaluated Apigee, Mulesoft, SoftwareAG, Akana, Kong, and IBM API Connect.

If you are truly looking for API management features, CA API Management is the best solution. It might be a bit old in terms of cloud-native architecture but they are moving towards that.

Web services authentication. 

So far so good, in terms of performance.

Quick response to the setup authentication for web services. That's important to us because we generally don't have a lot of time.

It's separating web services versus web applications, single sign-on. I would say that is the main benefit.

• More throughput
• More scalability
• Better built-in monitoring

So far stability is pretty good. We haven't experienced lag time or crashes.

Scalability is very good.

I think we have used tech support but the response has been so-so. They need more knowledgeable people.

We didn't have a previous solution.

When selecting a vendor the most important factors for us are 

• cost
• validity of the product
• stable product

It's a very good product to use to initially set up single sign-on for web services authentication.

Live API Creator.

The simple REST based APIs can now be delivered in hours which took days previously.

The product shouldn’t require to be connected to a server for doing development.

Six months.

No.

No.

Good.

No.

Very easy.

Not sure on that front.

Mashery and IBM.

Go ahead. A very good product and a market leader in its segment.