Try our new research platform with insights from 80,000+ expert users
Stefan Zivanovic - PeerSpot reviewer
Cyber Security Consultant at CyberGate Dfenese
Consultant
Top 5
Stable product with a user-friendly interface
Pros and Cons
  • "It is a stable product."
  • "There could be more integration options included in the product."

What is most valuable?

The product has a user-friendly interface. There are customization options, unlike the previous version, where we had to do manual coding. We use the configuration wizard to set it up. It saves us a lot of time.

What needs improvement?

There could be more integration options included in the product. It needs active connections added in the present version.

For how long have I used the solution?

We have been using Layer7 API Management for three months. At present, we are using the latest version.

What do I think about the stability of the solution?

It is a stable product.

Buyer's Guide
Layer7 API Management
November 2024
Learn what your peers think about Layer7 API Management. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.

What do I think about the scalability of the solution?

We have 12 Layer7 API Management users in our organization.

How was the initial setup?

The initial setup process is easy. The deployment time depends on the custom applications. It takes time to integrate configuration to explain the process to small business vendors.

What's my experience with pricing, setup cost, and licensing?

There are various licensing models for Layer7 API Management. We have to buy additional licenses to get new versions.

What other advice do I have?

I rate Layer7 API Management an eight out of ten. It takes time to learn and understand the product.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer2263797 - PeerSpot reviewer
CA Layer 7 API Gateway Administrator at a computer software company with 10,001+ employees
MSP
Top 20
Helps to monitor the infrastructure but needs improvement in quota policy
Pros and Cons
  • "We have more than 50 applications in the backend. We monitor the infrastructure through a database monitoring tool. Our daily tasks involve working on P1 incidents, managing change requests, conducting patching updates, working on P2 tickets, backend server certificate renewals, etc."
  • "Layer7 API Management should improve the quota policy for the number of API calls."

What is our primary use case?

We have more than 50 applications in the backend. We monitor the infrastructure through a database monitoring tool. Our daily tasks involve working on P1 incidents, managing change requests, conducting patching updates, working on P2 tickets, backend server certificate renewals, etc. 

What needs improvement?

Layer7 API Management should improve the quota policy for the number of API calls. 

For how long have I used the solution?

I have been working with the solution for six years. 

What do I think about the stability of the solution?

Layer7 API Management is stable. 

How are customer service and support?

The solution provides good support, but sometimes, time is taken to solve issues. 

How would you rate customer service and support?

Positive

How was the initial setup?

Layer7 API Management is easy to maintain. 

What's my experience with pricing, setup cost, and licensing?

The product is moderately priced. 

What other advice do I have?

We have large enterprise customers for Layer7 API Management, and I rate it a nine out of ten. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Layer7 API Management
November 2024
Learn what your peers think about Layer7 API Management. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
reviewer1721013 - PeerSpot reviewer
Senior Consultant at a financial services firm with 10,001+ employees
Real User
Stable, scalable, and easy to set up
Pros and Cons
  • "Tech support is fast and responsive."
  • "Some problems with response time."

What is most valuable?

The most valuable feature is the basic authentication.

What needs improvement?

Some areas for improvement would be the security the product provides and the response time when a client is making a call with their payload. 

For how long have I used the solution?

I've been working with this solution for three years.

What do I think about the stability of the solution?

There are some issues from the front and backend, but none relating to the API portal.

What do I think about the scalability of the solution?

The scalability depends on configuration, but if that is correct, then the scalability is good.

How are customer service and support?

The tech support is fast and responsive.

How was the initial setup?

The deployment was pretty straightforward.

What other advice do I have?

I would rate this solution as nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1466349 - PeerSpot reviewer
Senior System Engineer at a tech services company with 51-200 employees
Real User
The best part about it is that it doesn't stop if something is missing during the installation, it looks for it on its own

What is our primary use case?

We primarily use Layer7 API Management to monitor stuff. I'm the one who installs it. They sent me a TAR file, I unloaded it to TAR, brought it up, and made everything work. I gave it the three different network configurations to talk to the three different domains, and then I turn it over to the guys, and they do what they got to do with it.

What is most valuable?

The best part about it is that it doesn't stop if something is missing during the installation. It looks for it on its own. I don't have to be there to do it physically.

For how long have I used the solution?

I've been using Layer7 API Management for about three months.

What do I think about the stability of the solution?

Layer7 API Management appears to be stable. No one has called me to say that it's not working.

What do I think about the scalability of the solution?

Layer7 API Management is a scalable solution.

How was the initial setup?

The initial setup wasn't that hard. You got all the Postgres and all those other little add-ons. It makes sure you've got this installed and that installed. There are prerequisites for what it needs before it gets up and running, but that's a piece of cake.

It all depends on how good your developers are. I know Nutanix and VMware. If you want to do a quick setup with VMware, they have everything preloaded, everything comes in one package, and everything needed for your application to work is already loaded into the bundle.

With SolarWinds, everything is configured for their SolarWinds app, and it's like having a Windows disc with the little features you can add. It's like, if you install the software for Windows or some of these other applications, you can break it down to where you can add in features as needed.

What other advice do I have?

I'd rate it an eight out of 10, no solution is perfect.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Layer7 API Developer at Allied Globetech
Real User
Built-in assertions for vulnerabilities, like DDoS attacks and IP restrictions, are useful
Pros and Cons
  • "There are a few assertions which are built-in for threat protection. I have used them for vulnerabilities, like for DDoS attacks, XML schema validation, IP restriction, and for cross-domain."
  • "There are old algorithms that the tool does not support - and it shouldn't, in my opinion. But sometimes customers need old algorithms, from old use cases and old applications, migrated to the platform. At those times, there are hiccups that happen."

What is our primary use case?

Our primary use case is basic encryption/decryption using symmetric assertions and then, gradually, SOAP signatures, SOAP encryption, non-SOAP XML encryption, and signing that. In the last six months or so, I have been working on JWT (JSON Web Tokens).

How has it helped my organization?

Using this solution, the deployment and development processes become easier when compared to before, when complete Java development was necessary. Now, the encryption part is very easy and our clients don't have to continuously depend on logic. On this platform, it's very easy for them to understand and to do testing. It saves them time.

What is most valuable?

I haven't found that there are any most-valuable features. I'm not using any feature most often in any of my use cases. The use cases depend upon the customers' requirements.

In terms of protecting APIs against threats and vulnerabilities, there are a few assertions which are built-in for threat protection. I have used them for vulnerabilities, like for DDoS attacks, XML schema validation, IP restriction, and for cross-domain.

What needs improvement?

There are old algorithms that the tool does not support - and it shouldn't, in my opinion. But sometimes customers need old algorithms, from old use cases and old applications, migrated to the platform. At those times, there are hiccups that happen. It's a bit of a challenge to make the customer understand that we should not be going with these old applications.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

We have not faced many issues with its stability.

What do I think about the scalability of the solution?

Scalability is a bit tough if it is a production environment. If you are planning to scale it and increase the number of servers within one to two years, that can be challenging. Up until now, if I have installed four servers, I haven't been given requirements to add more than that.

How is customer service and technical support?

We have contacted support. There were two cases where there wasn't support for old algorithms, the assertions weren't supporting them, and we reached out to the support team. They were very helpful. It depends on the problem you are asking them about. If it's easy, they give you solutions quickly. If there is a requirement for the engineering team to be involved, then it takes time. But they're very helpful.

How was the initial setup?

The setup is straightforward. If I'm doing it on a local machine, it takes 20 to 30 minutes for a single client. I don't have any implementation strategies. It's a straightforward process where you just need to select the options, click enter, enter, enter, and provide whatever input is required.

Before starting the implementation with a customer, we give them the prerequisites that are required. If those prerequisites are met, it doesn't take much time to do the deployment. They have to provide the IP, the hostnames, and the port openings.

In our last deployment, it took me two days to install all the port services. There was one replication and there were two persisting nodes. I did the complete installation and was initially involved in the API development. After that, my colleagues were involved in the development of APIs.

It requires a minimum of two people for maintenance, once it's up and running.

What other advice do I have?

The tool is very powerful so if you are looking to go with an API platform I would recommend CA.

The number of users among our clients is growing, although I don't have an actual number I can give you. Initially, it takes time to get people to understand the platform, but once they understand it, everyone wants to use the platform and have their application exposed to this platform only.

Overall, I would rate the solution at nine out of ten. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
it_user778611 - PeerSpot reviewer
Senior Lead Engineer at a tech consulting company with 10,001+ employees
Consultant
It has improved the way our company functions by streamlining the effort and getting people out of the process
Pros and Cons
  • "For developers to be able to come, sign up, or find APIs."
  • "I would like to be able to see the publisher role be able to be organized within organizations, so somebody within that role can only manipulate their particular policies."

What is our primary use case?

Primary user case is producing APIs as products, essentially, and creating the environment for developers to sign up to use APIs. 

It has performed well so far. We just got a test instance installed, and did a PoC earlier in the year. We are more or less just getting started with it. 

What is most valuable?

  • For developers to be able to come, sign up, or find APIs. 
  • Sign up for the API and start using it in their applications without a Gateway developer having to get involved. 

How has it helped my organization?

The benefit of it is being able to create a sense of the API marketplace. It has improved the way our company functions by streamlining the effort and getting people out of the process.

What needs improvement?

I would like to be able to see the publisher role be able to be organized within organizations, so somebody within that role can only manipulate their particular policies.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

We had some problems getting it installed, but it has been running fine ever since.

What do I think about the scalability of the solution?

It is all docker containers. So, it seems to be pretty good.

How are customer service and technical support?

The technical support is good, knowledgeable, and responsive.

They are all friendly to work with and really seem to care about us being successful.

Which solution did I use previously and why did I switch?

We were using the API Gateway before. 

The industry is moving is to be more API-oriented and more self-service oriented, which is why we invested in a new solution.

How was the initial setup?

The initial setup was complex. It ran into a lot of problems. It was a new release. It was a 4.1 release. We spent the first day or so, probably almost two days, getting it to accept the proper IP from the DNS name. We ran into certificate problems. Mainly, just the installation script in our particular environment did not work very well. So, instead of what should have taken us a couple hours, or what we planned for a few hours, it ended up taking about three and a half days.

What about the implementation team?

I did a PoC in the earlier part of the year. We built out some APIs on that, then we just installed the test instance a couple weeks ago. 

What's my experience with pricing, setup cost, and licensing?

Purchase 4.0 now and wait until they flush out the 4.1 problems.

Which other solutions did I evaluate?

We evaluated CA and Google. We chose CA because we already had an embedded solution with them and a good relationship. Pricing was also a factor.

What other advice do I have?

Most important criteria when selecting a vendor:

  • Reliability
  • Support
  • Pricing.

CA is a large company. It is not like they are going to go upside down tomorrow. You want to make sure that the company is going to be around for awhile if you are investing in them. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user778536 - PeerSpot reviewer
Senior Associate at a financial services firm
Real User
As a financial services company, the security it provides is key for us

What is our primary use case?

We use it for security.

So far so good. We have our own challenges - some monitoring and some performance related things - but at the same time, I think it's pretty good.

What is most valuable?

The security that it provides, actually. Being in the financial services industry, obviously security is very important for us.

How has it helped my organization?

I'm part of an engineering team so this product coming with out-of-the-box security, that is valuable to our organization.

What needs improvement?

We are evaluating the next release, actually. We would like to see more stability.

What do I think about the stability of the solution?

It needs to be a bit more stable. I think they see that, as Support is working on that. We have our own challenges related to the stability. For example, the log space filling up the entire disk because of gateway went down. CA is aware of this issue.

But otherwise, as I said, we have had a pretty good experience with the product.

What do I think about the scalability of the solution?

We do not use it on a massive scale at this point, so it's pretty good.

How are customer service and technical support?

It's pretty good. It's been a fruitful experience so far.

Which solution did I use previously and why did I switch?

We were transitioning from another product, DataPower. We switched because of the native support for APIs in API Management.

Which other solutions did I evaluate?

We didn't consider any other vendors.

What other advice do I have?

What's important to us when selecting a vendor, support is the most important factor.

I would tell anyone who is researching this type of solution to go for API Management.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user631233 - PeerSpot reviewer
VP Of IT Development at a tech services company with 1-10 employees
Consultant
We have secured APIs, exposing them to the international and domestic partners.

What is most valuable?

  • Availability of Security Assertions: Addresses all the industry security standards
  • High Flexibility: Allows policy-driven orchestration and security mediation, in a drag-and-drop manner

How has it helped my organization?

Thanks to this product, we have successfully secured SOAP and REST APIs and exposed them to international/domestic partners using the standard industry protocols.

What needs improvement?

The Policy Manager UI is very busy. It lacks a graphical representation for the flow of the assertions that can significantly improve the clarity of the policy. Thus the Policy Manager UI can be improved in terms of usability. For example, instead of policy assertions in the policy being in a line by line form, it could be represented as graphical flow, similar to how Vordel Gateway does it.

For how long have I used the solution?

I have used this solution for six years.

What do I think about the stability of the solution?

We have not experienced any stability issues. The product has been very stable.

What do I think about the scalability of the solution?

The CA API Gateway solution is highly scalable. It is very easy to add more nodes to the cluster, which increases the processing power.

How are customer service and technical support?

The technical support is excellent and very timely. The engineers are extremely knowledgeable, not only in regards to the product, but also in terms of the protocols and standards that are used by the product.

Which solution did I use previously and why did I switch?

We were using Vordel Gateway, but it lacked the flexibility and integration capabilities that CA API Gateway provided at the time.

How was the initial setup?

The initial setup was very straightforward. CA has clear and concise documentation to walk you through the initial setup process for both simple and complex deployments.

Which other solutions did I evaluate?

Vordel Gateway and IBM DataPower. Both these solutions were evaluated from our end, before CA API Gateway was selected.

What other advice do I have?

You should read the documentation.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Buyer's Guide
Download our free Layer7 API Management Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
Product Categories
API Management
Buyer's Guide
Download our free Layer7 API Management Report and get advice and tips from experienced pros sharing their opinions.