Live API Creator.
Associate Vice President at a financial services firm with 10,001+ employees
Go ahead. A very good product and a market leader in its segment.
What is most valuable?
How has it helped my organization?
The simple REST based APIs can now be delivered in hours which took days previously.
What needs improvement?
The product shouldn’t require to be connected to a server for doing development.
For how long have I used the solution?
Six months.
Buyer's Guide
Layer7 API Management
December 2024
Learn what your peers think about Layer7 API Management. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
What do I think about the stability of the solution?
No.
What do I think about the scalability of the solution?
No.
How are customer service and support?
Good.
Which solution did I use previously and why did I switch?
No.
How was the initial setup?
Very easy.
What's my experience with pricing, setup cost, and licensing?
Not sure on that front.
Which other solutions did I evaluate?
Mashery and IBM.
What other advice do I have?
Go ahead. A very good product and a market leader in its segment.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Mobile/Web Solution Delivery Manager at a insurance company with 5,001-10,000 employees
It allows you to much more rapidly expose enterprise services to front-end applications, but the user experience for developers to discover and develop APIs needs work.
What is most valuable?
I'd say the API gateway that routes traffic in REST-to-SOAP conversions is a feature we find most valuable. SOAP is a type of web service, and REST is another.
How has it helped my organization?
It allows you to much more rapidly expose enterprise services to front-end applications, such as mobile and web.
What needs improvement?
The products developer portals can be better. It needs a better look and feel.
Also, the user experience for developers to discover and develop APIs needs work.
For how long have I used the solution?
We've been using it for two years.
What do I think about the stability of the solution?
It's very good.
What do I think about the scalability of the solution?
We've just started so there's not a lot of traffic yet.
How are customer service and technical support?
They've been responsive, but they're pricey.
Which solution did I use previously and why did I switch?
This is the first API gateway product we’ve used, and we looked for a vendor who has a reputation for establishing long-term partnerships.
How was the initial setup?
Initial setup was pretty straightforward.
Which other solutions did I evaluate?
We also looked at Axway, IBM, and Mashery. We went through a long evaluation and CA's number one strength was the built-in security management features.
What other advice do I have?
As part of your evaluation, make sure that the companies can set up a proof of concept to check real situations.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Layer7 API Management
December 2024
Learn what your peers think about Layer7 API Management. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
Senior Consultant at a tech services company with 51-200 employees
Manages and secures APIs
Pros and Cons
- "It is flexible in how it creates custom policies and uses builds with impressive methods."
- "Provide complete documentation with examples of usage on its build in assertion/function."
What is most valuable?
It's a purveyor of tools for managing and securing APIs. It is flexible in how it creates custom policies and uses builds with impressive methods.
How has it helped my organization?
We implemented few Layer7 project to various organizations. Most of them just use it as a 'proxy' for policy checking. For example, limit the number of access attempts on specific page from the same IP for a specific duration.
Other clients use it for logic flow, to create a workflow integrated with the Australian government's MyGov framework, which is beyond just security checks.
What needs improvement?
Some of the common useful functions/assertions (e.g., JWT encoding/decoding) are only available in other CA products. The client needs to purchase and install those products in order to make it available for Layer 7. I don't think it is justified to maintain another product that is not really needed, in order to have just one function. If those common, useful functions could be part of the core Layer7 product, that would be great.
Provide complete documentation with examples of usage on its build in assertion/function.
Easier to find documents (e.g., cluster setup).
For how long have I used the solution?
We have been using this solution for two years.
What was my experience with deployment of the solution?
- When more than one developer is working on separate policies, it is hard to export, import, and merge the policies to other parties
- When migrating to different environments
- When integrating with SVN/Git: This is not well documented
What do I think about the stability of the solution?
There were no stability issues. It is a very stable and mature product. So far, there have not been many complaints from clients regarding the stability.
What do I think about the scalability of the solution?
Scalability performance has always been an issue. It behaves slowly when communicating with Windows-based servers (e.g., F5 load balancer or DB server, as compared to when communicating with a UNIX server.)
How are customer service and technical support?
Customer Service:
Customer service provides good and fast responses. They help a lot when problems occur. They always respond in a timely fashion.
Technical Support:Technical support provides good and fast responses. They help a lot when problems occur. By the way, the forum is also helpful for self-service.
Which solution did I use previously and why did I switch?
We didn't use other solutions before this one.
How was the initial setup?
The setup was simple, as it comes with the OVA file. It reduced a lot of time and problems in the deployment. The main focus is on integration with client's exiting infrastructure, instead of setting up Layer 7.
What about the implementation team?
We are the vendor. I have worked on this product for more than two years and implemented it in at least three organizations.
What was our ROI?
We are the vendor and we implemented it for clients. We do not use it for ourselves. We are not aware of the ROI.
What's my experience with pricing, setup cost, and licensing?
The pricing and licensing issues are done by other staff members. I have no idea on how much it costs or what the pricing structures look like.
Which other solutions did I evaluate?
I believe the company already did a lot evaluations with other similar products.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
CEO at Next Generation Technocom Pvt Ltd
A good solution for microservices and APIs, but its price is high
Pros and Cons
- "We loved the portal part the most, which had monetization and showed how people were using the stuff. It is a good product as a whole and has a lot of microservices and granular features."
- "The delivery is bulky in terms of implementation. Its price could also be better. It is a very good product as compared to CA API, Google API, and WSO2 API, but its price is high. From the cloud-native perspective, some new features need to be added. It could also be made simpler to implement."
What is our primary use case?
We had a test version, which was more of an on-prem version, and we also had some on the Docker for a live API creator.
We are a security service company, and we provide a lot of solutions in that space. We were just trying to have a frictionless authentication product, so we were working on that. We were looking for a Gateway that can serve in an API, and we've already got an open-source solution.
What is most valuable?
We loved the portal part the most, which had monetization and showed how people were using the stuff. It is a good product as a whole and has a lot of microservices and granular features.
What needs improvement?
The delivery is bulky in terms of implementation. Its price could also be better. It is a very good product as compared to CA API, Google API, and WSO2 API, but its price is high.
From the cloud-native perspective, some new features need to be added. It could also be made simpler to implement.
For how long have I used the solution?
We have been using this solution for four to five years.
How are customer service and technical support?
Technical support was okay. We were getting good support. We had access to the portal, and the support was good enough.
How was the initial setup?
It was a little complex initially. We struggled a bit initially to understand this solution, but later on, it was okay. I do not exactly remember the issues, but initially, our team was facing a lot of problems in terms of virtualization.
What's my experience with pricing, setup cost, and licensing?
It was very high at that time. We are a Broadcom CA partner, and we got it only for testing purposes. We didn't pay anything for it.
What other advice do I have?
I would recommend this solution to others. This is one of the good solutions for microservices and APIs and for people who need to go the digital way. There are a lot of other solutions that are coming into the market, and the infrastructure landscape is changing.
I would rate Layer7 API Management a six out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Transformation and Change Management Leader at a logistics company with 1,001-5,000 employees
Resilient solution with robust policy configuration
Pros and Cons
- "It is able to withstand the number of API calls and handle different API requirements to secure, transform, log, and track API usage patterns."
- "They should incorporate deeper monitoring features into the solution to make the offering more complete. Doing so would help to showcase traffic patterns and usage to better engage customers and partners proactively. It would also help with API management and capacity planning."
What is our primary use case?
We use CA API Management to publish APIs for secure and fast integration with customers and partners.
How has it helped my organization?
It helps to improve customer satisfaction. When customers need to integrate with our platform, they are able to self-serve by using the online documentation and tool and then test their integration independently in a sandbox environment. Once the testing is complete they can request the switch to production.
What is most valuable?
It provides us with a resilient solution and robust policy configuration. It is able to withstand the number of API calls and handle different API requirements to secure, transform, log, and track API usage patterns.
What needs improvement?
They should incorporate deeper monitoring features into the solution to make the offering more complete. Doing so would help to showcase traffic patterns and usage to better engage customers and partners proactively. It would also help with API management and capacity planning.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
It is a very resilient solution.
What do I think about the scalability of the solution?
No issues.
How is customer service and technical support?
Technical support is very knowledgeable and helpful.
How was the initial setup?
The initial setup was somewhere between straightforward and complex, requiring an intermediate level of effort on our part due to our particular requirements. Otherwise, the solution is relatively straightforward to set up.
What's my experience with pricing, setup cost, and licensing?
Subscription licensing and pricing are competitive with other solutions.
Which other solutions did I evaluate?
What other advice do I have?
Familiarise yourself with its policy management to match your requirements for API management and governance.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Solution Architect
Protects our web services from external attacks, with security and authentication
What is our primary use case?
To protect the web services, security, authentication; protect against any kind of attacks from external sites.
We have been using API Gateway for four years and we have huge class actions, like 600 parts per second, and we have not seen any issues as of now. It's stable.
What is most valuable?
Security.
We get a lot of class actions, payloads, which have real security requirements, like personal identification information. So we need to protect all of this information, make sure it is secure.
Also, we can handle the huge class actions we get from different clients.
How has it helped my organization?
It really benefits us a lot because, since we are maintaining financial information, personal identification information, we need to protect the customers' data as well as the clients' information. We can encrypt the payloads and decrypt the payloads and do SSL authentication. We can also store the files in the Amazon bucket with the encryption file.
What needs improvement?
We're integrating the cloud. I would like some more integration of cloud capabilities.
For how long have I used the solution?
Three to five years.
What do I think about the stability of the solution?
Regarding stability, we have not seen any issues as of now. It's a more stable product.
What do I think about the scalability of the solution?
Scalability is very good.
How are customer service and technical support?
We haven't had any issues. It's more stable. We didn't even have to touch anything.
It's a more stable product and we have very good support from technical point of view, but not from a professional point of view. We have some issues with Profession Services. But technical are always good, they support us as quickly as they. They give us solutions for customers, which is really helpful.
Which solution did I use previously and why did I switch?
We were using an IBM product. We switched because we had some constraints, technical issues, support issues, and some other issues like use cases.
How was the initial setup?
I developed the PoC and then moved it to production.
The setup is not complex, and we got very good support from CA technical support and Professional Services. I felt the technical support was really good compared to the Professional Services.
Which other solutions did I evaluate?
We did evaluate other vendors but we finally chose API Gateway.
What other advice do I have?
In general when we are picking vendors, the most important criterion is support. When they can really help us we feel more confident.
I give it a 10 out of 10 compared to other products. I would definitely recommend CA API Gateway.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Enterprise Architect
The latest version is less functional than the previous version but security assertions bound to APIs are valuable
What is our primary use case?
The primary use case would be services for APIs that we are going to expose either internally, within the enterprise, or at the outside edge of the enterprise.
What is most valuable?
Most valuable might be the security assertions, the policy assertions that are able to be bound somehow to the APIs.
How has it helped my organization?
We are a company with a rather complex process when it comes to integration of applications. Our expectation - we are only about to get this product into a productive state so we are not using it productively at the moment - so the expectation is that it will simplify the on-boarding of either internal or external developers when they are using our APIs.
What needs improvement?
The solution is divided into their Gateway and to their Developer Portal components. For the Gateway component, our expectation was that it is provided as a Docker image, but it turned out that it was not supported in production up to the version that we are currently using. But the next version is obviously provided as a complete containerized version for production, which is quite good.
On the other hand, the Portal provides some questions so to speak, at the moment, because as we decided on the product last year, at the end of 2016, and it turned out that CA completely rewrote the Portal solution and the current version of it is not at the level of the functionality of the previous 3.5 version. That's quite a problem for us because we expected some functions in the Portal which are currently not available. Unfortunately, the new version is also not being introduced here at CA World, so I'm somewhat doubtful as to whether it will be provided this year. So it will probably be available only next year.
What do I think about the stability of the solution?
We are not in the production state at the moment so I cannot say anything about its stability.
How are customer service and technical support?
We have quite good support by the guys from sales support so far but, as I said, as we are not in production yet, we cannot evaluate the normal support services.
Which solution did I use previously and why did I switch?
It's a completely new solution for us as we were not dealing with REST-based APIs up to that point, and internally we are used to using SOAP Vitsa-based web services instead, as the major application technology. Now it's more and more moving to the REST-based approach with some kind of mircrosource architecture concepts that are being introduced, so we need to look for another solution or some kind of add-on to a existing integration infrastructure.
How was the initial setup?
I was not directly involved but I was on the side getting feedback from the guys who were doing the real set up. It was a mixture out of straightforward implementation or installation and rather complex stuff. We're dealing with a specific installation image that was due to the fact that we were using specific combination of hardware, software and operating system.
Which other solutions did I evaluate?
Without naming them, they are the top contenders in the well-known ratings, so the ones that you find there were used as a basis for evaluation and, from then on, we did some deep-dives into the functional capabilities of these products and then decided on a shortlist. Those vendors were then were evaluated by our procurement concerning the financial aspect of the old stuff.
What other advice do I have?
When considering the most important criteria when selecting a vendor, of course there are all kinds of functional criteria according to the product that we are evaluating. On the other hand, it's important, of course, that the vendor is stable. And because we are a large company, it is for us important that the vendor also provide some kind of stability due to its size and its footprint internationally.
Brand name isn't a big consideration for us. On the other hand, you have different analysts' reports that are quite important for us, as we don't have time and budget, from an architecture point of view, to evaluate all existing solutions in detail. So we have to have a starting point, which of course is the analysts' ratings and then, with some products, we usually do some kind of PoC and workshops to find out if they match our requirements.
I would actually divide my rating into two parts. The CA Gateway solution I would rate at nine out of 10, based on its mature capabilities in all the areas that are relevant for us. On the Portal, I would give only four out of 10 because I actually I don't quite understand the CA market strategy in that area, and the fact that the current version doesn't provide the same capabilities that they used to have with 3.5. There are some major capabilities that we miss there and which have not been introduced in the current 4.x version schemes; we're waiting for that to happen.
I would advise you plan a thorough PoC with the top two or three contenders on the list to find out about not only the functional criteria on the paper, but also how the product works and looks and feels in real life.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Architect at a tech company with 201-500 employees
The ability to bridge messaging protocols and transform data enables us to input/output data from/to/through various backend systems.
What is most valuable?
- Any-to-any integration.
- The abilities to bridge messaging protocols and transform data enable us to input/output data from/to/through SOAP, JSON, MQ, JMS, databases, FTP between various backend systems, facilitating business process automation.
How has it helped my organization?
We use it to integrate various different customer and backend systems, in order to automate business processes.
What needs improvement?
- Patching/upgrading is a manual process and should be automated.
- Configuration synchronizing between nodes (installation instances of this software) is a manual process and should be automated and simplified.
- It could use a better dashboard for showing performance metrics (e.g message throughput).
- Ideally there should be cheaper development/testing (ie. non-production) licenses available to customers.
For how long have I used the solution?
We have used the solution for more than five years.
What do I think about the stability of the solution?
We did not encounter any issues with stability.
What do I think about the scalability of the solution?
We did not encounter any issues with scalability.
How are customer service and technical support?
The technical support is quite excellent. Support staff usually respond quickly and are helpful.
Which solution did I use previously and why did I switch?
We didn't use any previous solutions in production. We tried different products in the prototyping phase more than five years ago. This one fits our needs the best.
How was the initial setup?
The setup was quite straightforward, for experienced software developers. Layer7 Technologies back then provided (for a fee) a week-long on-site training for our staff, including myself. Extended trial licenses (longer than the usual 30 days) were also provided for us to become familiar with the product before we committed to buying licenses.
What's my experience with pricing, setup cost, and licensing?
There are now two licensing tiers - Essential and Enterprise - whereas before there used to be only one. Make sure you’re buying the correct one for your needs.
Which other solutions did I evaluate?
We evaluated some other options such as IBM WebSphere Message Broker, WSO2 ESB, Oracle ESB, Actional SOAPstation, Fuse ESB / Apache ServiceMix, Mule ESB.
What other advice do I have?
Get the proper training for your staff and don’t hesitate to ask CA for help if needed. The product is extensible and CA offers custom solutions. We had some small customer development done for us (for a fee), which was productized in a later version of the product.
Disclosure: My company has a business relationship with this vendor other than being a customer: In general we’d like to think we work with them as partners, especially when the product is developed in the same city we’re in (the legacy Layer7 Technologies team), but we don’t get any preferred status.
Buyer's Guide
Download our free Layer7 API Management Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Product Categories
API ManagementPopular Comparisons
Microsoft Azure API Management
Amazon API Gateway
webMethods.io
MuleSoft API Manager
Kong Gateway Enterprise
IBM API Connect
IBM DataPower Gateway
WSO2 API Manager
3scale API Management
Axway AMPLIFY API Management
TIBCO Cloud API Management
Akana API Management
OpenLegacy
Buyer's Guide
Download our free Layer7 API Management Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- When evaluating API Management, what aspect do you think is the most important to look for?
- What is the difference between an API Gateway and ESB?
- In a Digital Banking Environment how do we see the role of ESB/ API Managers?
- What is an API Gateway?
- How do you protect your API from security threats?
- What should one take into consideration when choosing an API management solution to manage Microservices?
- Which API Management tools have the best developer portal?
- Which API management tool is the best?
- What is your favorite API Management tool?
- What are the key parts of an API strategy at an enterprise?