Try our new research platform with insights from 80,000+ expert users
it_user778623 - PeerSpot reviewer
Enterprise Architect at DXC Technologie
Real User
I love the composability of the policies, and having visibility into who is using which APIs
Pros and Cons
  • "I love the API Gateway, especially the architecture, in terms of the composability of the policies. We approach it from a very software-engineering approach.We build on the policies, like legal blocks, and we deploy them throughout different environments. It's been working out great for us."
  • "Some of the performance matrix that API Gateway gives off, we monitor them via SNMP traps, and then we tie them into our monitoring system. You can actually monitor some of the latencies and some of the performance aspects of both API Gateways, as well back end services. So having that line of sight surely helps in terms DevOps."

    What is our primary use case?

    We have the API Gateway deployed in production. The primary use case is for the API Gateway to provide API access, and authentication, and authorization for the APIs we expose through our product. 

    I am also looking forward to having the API developer portal deploy as well so we get a bit more insights into the analytics part, and also some of the API lifecycle management associated with it.

    I love the API Gateway, especially the architecture, in terms of the composability of the policies. We approach it from a very software-engineering approach.We build on the policies, like legal blocks, and we deploy them throughout different environments. It's been working out great for us.

    How has it helped my organization?

    It definitely helps a lot with the DevOps and the support. Reliability is one thing, and having visibility into who is using which APIs. 

    Some of the performance matrix that API Gateway gives off - we monitor them via SNMP traps - and then we tie them into our monitoring system. You can actually monitor some of the latencies and some of the performance aspects of both API Gateways, as well back end services. So having that line of sight surely helps in terms DevOps.

    What is most valuable?

    The most valuable feature, as I mentioned, is the composability, because we use a lot of functionalities. 

    Also, right now we're looking into the Dockerized version of API Gateway because that would allow us to flow nicely into our Microservice Architecture.

    What needs improvement?

    The more automation the better. I think CA is stepping in the right direction. I went through the micro API Gateway presentations here at the CA World conference, on how you can automate more of the policy deployment via the JSON format, so you don't even having to touch the Policy Manager. Because every time you touch something in the Policy Manager you think, "Well, that's a GUI, humans need to go in and do something with it." So if we can automate everything with the APIs, that helps a lot in the DevOps lifecycle, where we want to automate everything.

    Buyer's Guide
    Layer7 API Management
    December 2024
    Learn what your peers think about Layer7 API Management. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
    824,067 professionals have used our research since 2012.

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    I've always been a fan of API Gateway. In the past we've used various API Gateways, some of them are open source. It's definitely very reliable and robust. The three years that we have them in production, not a single instance of downtime due to the API Gateway. We have issues, but it's mostly because of API backend issues or low balance issues and such, but API Gateway has been pretty reliable for us.

    What do I think about the scalability of the solution?

    The scalability has been good. Now we have exposed the APIs, we have a four-node cluster of API Gateways in production. It's been scaling out well for us. I haven't had any issue yet.

    How are customer service and support?

    I have ended up using technical support several times. I think it's fantastic. I've been working with a particular technical person in CA and he's been really, really helpful. He's been very busy, but the support that he gives me is above and beyond the call of duty.

    Even going through the 24/7 support I usually get the answer back within 24 hours.

    How was the initial setup?

    It was three years back, and at that time there wasn't a lot of automation going on with the API Gateway. It was a lot manuals, so we're using the OVA version of the API Gateway. As time went on, with the API Gateway you can pretty much auto-provision things. But two years back at least, I wasn't aware of that, so there was some manual steps. But even manual it was still quite painless to get it done.

    Which other solutions did I evaluate?

    We did do some evaluations against other products. Just to name a few, we looked at Mulesoft, WS02. We went with CA because the solution is simple to implement, it fits our use case well, and in terms of price point it also chimes well with our VPs.

    What other advice do I have?

    I like that CA is continuing to improve the product, looking for new solutions using the API Gateway. That's something that we're familiar with. And that they're trying to make it work for different types of architectures. As I mentioned, we are moving toward Microservice Architecture and having the Docker form and the micro API Gateway to help with those kind of architectures is really helpful.

    I'm an engineer, so from my perspective things have to be simple. If things get way too complicated then maybe you don't have the right solution, or you're not using the right solution to solve the right problem. In that case you may want to look for a different solution.

    When selecting a vendor, as an engineer the solution that's offered by the vendor needs to be simple enough to solve my problem in an efficient way. Of course, I don't worry too much about cost because I'm not paying for it, but certainly cost does play a part in terms of licensing scheme.

    The solution you choose depends a lot on the use case, so without really understanding a colleague's use case it would be hard for me to recommend anything at all. Definitely, if they want functionality like API management, I would recommend looking at CA to see it fits their use case or not.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    CyberSec9bc8 - PeerSpot reviewer
    Cyber Security Advisor
    Real User
    The Gateway Migration Utility is a pretty good tool to use. Overall, this solution is not easy to integrate with others​.

    What is our primary use case?

    Our primary use case is to enable our customers who are on the Internet. We want them to access our protective web series behind a corporate firewall. To do that, we like to use the OAuth ToolKit within the CA API. It can minimize the password exposure by generating a token using the ToolKit, then use the token to make the web services calls to our protected back-end services.

    What is most valuable?

    • The ToolKit with OAuth Manager
    • The Policy Manager
    • The Gateway Migration Utility (GMU) is a pretty good tool to use.

    How has it helped my organization?

    We are still evaluating it, so I cannot comment much on this. 

    What needs improvement?

    I would like to see more documentation. The current documentation is there, but we do not find it very useful. For example, we wanted to integrate with PingFederate TV provider and there was not enough information to customize the way we wanted. It took a lot of effort and we had to reach out to the Gateway folks to help us out on how to do that customization. Thus, it is not easy to integrate with other solutions.

    For how long have I used the solution?

    Still implementing.

    What do I think about the stability of the solution?

    It is pretty stable. We have not seen any issues, anywhere, where we need to restart.

    What do I think about the scalability of the solution?

    We are still doing a PSA, so we will have to see how it scales once we ramp up volume and we roll out to the production with real life traffic.

    How is customer service and technical support?

    We engaged an architect from CA. They were pretty good.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Layer7 API Management
    December 2024
    Learn what your peers think about Layer7 API Management. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
    824,067 professionals have used our research since 2012.
    it_user558363 - PeerSpot reviewer
    Manager, Information Technology - Integration Technology Engineering at a financial services firm with 5,001-10,000 employees
    Real User
    We route all our policies and traffic through the gateway. It's reliable.

    What is most valuable?

    The best features of CA API Management are high quality and high reliability.

    How has it helped my organization?

    It provides a centralized security mechanism so that we can route all our policies and all our traffic through the gateway.

    What needs improvement?

    I would like more graphical interfaces for better usability.

    What do I think about the stability of the solution?

    API Management is highly reliable and highly available, so we haven't any problems with it.

    What do I think about the scalability of the solution?

    We haven't had any scalability problems. I don't know how far it can be scaled. We are a mid-sized company.

    How are customer service and technical support?

    I would say that the quality of technical support is moderate. It’s better than some, but not as good as others.

    Which solution did I use previously and why did I switch?

    I don't know if we had a previous solution before going with API Managment. We have a number of CA products. Some of them, we started with the CA product and some of them we started with other products and then switched to CA because of their high availability and high reliability. We are not looking to switch it. It’s nice and stable.

    How was the initial setup?

    I was not involved with the initial setup.

    What other advice do I have?

    Focus on developing a relationship with CA. They have a variety of products and they do a lot of cross selling, so it's important to develop a relationship and figure out how to manage that relationship as you go forward.

    When selecting a vendor, the most important element is relationship.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    CEO at Next Generation Technocom Pvt Ltd
    Real User
    Top 5
    Has a flexible implementation process and good scalability
    Pros and Cons
    • "The initial setup process is easy and flexible."
    • "Layer7 API Management’s price could be reduced."

    What is our primary use case?

    We use Layer7 API Management to manage API gateway and customize policy scripts.

    What is most valuable?

    The product works well from an implementation perspective.

    What needs improvement?

    Layer7 API Management’s price could be reduced.

    What do I think about the stability of the solution?

    I rate the product’s stability an eight out of ten.

    What do I think about the scalability of the solution?

    We can create multiple gateways using the product. It has good scalability. It is suitable for enterprise customers who have many APIs and microservices.

    Which solution did I use previously and why did I switch?

    We have used WSO2, Kong, MuleSoft, and other open-source products.

    How was the initial setup?

    The initial setup process is easy and flexible.

    What's my experience with pricing, setup cost, and licensing?

    Our customers found the product’s cost a little higher. They are looking for open-source solutions.

    Which other solutions did I evaluate?

    We evaluated Salesforce.

    What other advice do I have?

    I rate Layer7 API Management an eight out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    PeerSpot user
    Stefan Zivanovic - PeerSpot reviewer
    Cyber Security Consultant at CyberGate Dfenese
    Consultant
    Top 5
    Stable product with a user-friendly interface
    Pros and Cons
    • "It is a stable product."
    • "There could be more integration options included in the product."

    What is most valuable?

    The product has a user-friendly interface. There are customization options, unlike the previous version, where we had to do manual coding. We use the configuration wizard to set it up. It saves us a lot of time.

    What needs improvement?

    There could be more integration options included in the product. It needs active connections added in the present version.

    For how long have I used the solution?

    We have been using Layer7 API Management for three months. At present, we are using the latest version.

    What do I think about the stability of the solution?

    It is a stable product.

    What do I think about the scalability of the solution?

    We have 12 Layer7 API Management users in our organization.

    How was the initial setup?

    The initial setup process is easy. The deployment time depends on the custom applications. It takes time to integrate configuration to explain the process to small business vendors.

    What's my experience with pricing, setup cost, and licensing?

    There are various licensing models for Layer7 API Management. We have to buy additional licenses to get new versions.

    What other advice do I have?

    I rate Layer7 API Management an eight out of ten. It takes time to learn and understand the product.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Reviewer960 - PeerSpot reviewer
    Sr. Tech lead at a manufacturing company with 10,001+ employees
    Real User
    A helpful tool for authentication purposes
    Pros and Cons
    • "The security checking authentication is our primary use case for this solution."
    • "We have experienced technical difficulties with the product in the past."

    What is our primary use case?

    The security checking authentication is our primary use case for this solution.

    What is most valuable?

    The API gateway is good. 

    What needs improvement?

    We have experienced technical difficulties with the product in the past. 

    For how long have I used the solution?

    Three to five years.

    How is customer service and technical support?

    Tech support is helpful. I would give it an 8 out of 10 rating. 

    What's my experience with pricing, setup cost, and licensing?

    I do not have any experience with the pricing or licensing of the product.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Architeca111 - PeerSpot reviewer
    student at a tech services company with 1,001-5,000 employees
    Real User
    Provides secure API exposure but the cloud-native architecture needs improvement
    Pros and Cons
    • "The most valuable feature is the security with its out-of-the-box policies."
    • "The cloud-native architecture of the product needs improvement."

    What is our primary use case?

    API security, API management, OAuth security, microservices, mobile app security.

    How has it helped my organization?

    Secure API exposure and driving Innovation through microservices.

    What is most valuable?

    Security, out-of-the-box policies.

    What needs improvement?

    Cloud-native architecture of the product.

    For how long have I used the solution?

    More than five years.

    What do I think about the stability of the solution?

    We haven't encountered any issues with stability. The hardware and virtual appliance-based form factor are solid. It's a stable product.

    What do I think about the scalability of the solution?

    The product does not scale the way cloud-native architecture does.

    How is customer service and technical support?

    Technical support is good.

    How was the initial setup?

    The initial setup was moderately complex, due to various deployment models and integration with its own components.

    What's my experience with pricing, setup cost, and licensing?

    It is in the lowest price range for such products but the pricing model needs to be changed.

    Which other solutions did I evaluate?

    I have experimented with all of the APIM solutions. Each one is fit for different situations but, overall, CA API Management is the best product for the expected functionality.

    I have evaluated Apigee, Mulesoft, SoftwareAG, Akana, Kong, and IBM API Connect.

    What other advice do I have?

    If you are truly looking for API management features, CA API Management is the best solution. It might be a bit old in terms of cloud-native architecture but they are moving towards that.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
    PeerSpot user
    it_user778641 - PeerSpot reviewer
    Senior Engineer at a transportation company with 1,001-5,000 employees
    Real User
    Streamlines initial set up for single sign-on for web services, save us time

    What is our primary use case?

    Web services authentication. 

    So far so good, in terms of performance.

    What is most valuable?

    Quick response to the setup authentication for web services. That's important to us because we generally don't have a lot of time.

    How has it helped my organization?

    It's separating web services versus web applications, single sign-on. I would say that is the main benefit.

    What needs improvement?

    • More throughput
    • More scalability
    • Better built-in monitoring

    What do I think about the stability of the solution?

    So far stability is pretty good. We haven't experienced lag time or crashes.

    What do I think about the scalability of the solution?

    Scalability is very good.

    How are customer service and technical support?

    I think we have used tech support but the response has been so-so. They need more knowledgeable people.

    Which solution did I use previously and why did I switch?

    We didn't have a previous solution.

    What other advice do I have?

    When selecting a vendor the most important factors for us are 

    • cost
    • validity of the product
    • stable product

    It's a very good product to use to initially set up single sign-on for web services authentication.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Download our free Layer7 API Management Report and get advice and tips from experienced pros sharing their opinions.
    Updated: December 2024
    Product Categories
    API Management
    Buyer's Guide
    Download our free Layer7 API Management Report and get advice and tips from experienced pros sharing their opinions.