In terms of priority: the scalability, uptime and the way that it's versatile. You can load up multiple different kinds of services at the same time. We have multiple different services going live on a particular platform, concurrently. It happens a lot. It's important for a system to handle that. Then CA's API solution also works with multiple solutions which are provided by CA, like LISA tools and all that. Altogether, it's a very cohesive unit.
VP Product Development at a financial services firm with 10,001+ employees
Video Review
I like the scalability, uptime and the way that it's versatile.
What is most valuable?
What needs improvement?
Some of the things that we see as room of improvement are how do you integrate with other systems out there. Integration with the existing systems and infrastructure, which is not necessarily related. How do you integrate those systems in? Examples could be: how does CA integrate with IBM or existing systems? Lot's of large organizations have existing systems they don't want to replace with other systems. How does CA's systems work with those systems concurrently? Those would be important considerations.
What do I think about the stability of the solution?
So far the stability has been really good, we haven't had any problem. I believe we have been using it for sometime. As per the industry standards, it's been quite stable. Personally, I have been involved for almost 2 years but I understand that our organization has been using it for quite some time. We are in a business which sees lots of volume, trillions of volumes of calls. The system that we work with has to handle those trillion number of volumes of calls. All of that also happens in the real time, so the system has to scale up to spikes. Sometimes during holiday season and all that, we see quite a lot of spikes going in. The system has to manage all those spikes and CA has been able to do that.
How are customer service and support?
The technical support has been good. They have dedicated technical support for us, we have dedicated account managers from CA, as well as specialists. It's great to have those kind of partnerships with CA.
Buyer's Guide
Layer7 API Management
December 2024
Learn what your peers think about Layer7 API Management. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
What other advice do I have?
I'll definitely give it 8.5. Whether they can put up the solutions that we want, that's number 1. How long they would take, is it going to provide value addition at this point of time or in the future would we have to invest in technology dollars in order to improve that? What is the pricing? What's the scalability? What's the uptime? All those features. It's been very good.
I think CA's API Management technology is in the top 3 in the industry. It depends upon what kind of things you're looking for or what kind of features you're looking for.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
CA Layer 7 API Gateway Administrator at a computer software company with 10,001+ employees
Helps to monitor the infrastructure but needs improvement in quota policy
Pros and Cons
- "We have more than 50 applications in the backend. We monitor the infrastructure through a database monitoring tool. Our daily tasks involve working on P1 incidents, managing change requests, conducting patching updates, working on P2 tickets, backend server certificate renewals, etc."
- "Layer7 API Management should improve the quota policy for the number of API calls."
What is our primary use case?
We have more than 50 applications in the backend. We monitor the infrastructure through a database monitoring tool. Our daily tasks involve working on P1 incidents, managing change requests, conducting patching updates, working on P2 tickets, backend server certificate renewals, etc.
What needs improvement?
Layer7 API Management should improve the quota policy for the number of API calls.
For how long have I used the solution?
I have been working with the solution for six years.
What do I think about the stability of the solution?
Layer7 API Management is stable.
How are customer service and support?
The solution provides good support, but sometimes, time is taken to solve issues.
How would you rate customer service and support?
Positive
How was the initial setup?
Layer7 API Management is easy to maintain.
What's my experience with pricing, setup cost, and licensing?
The product is moderately priced.
What other advice do I have?
We have large enterprise customers for Layer7 API Management, and I rate it a nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Layer7 API Management
December 2024
Learn what your peers think about Layer7 API Management. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
Senior Consultant at a financial services firm with 10,001+ employees
Stable, scalable, and easy to set up
Pros and Cons
- "Tech support is fast and responsive."
- "Some problems with response time."
What is most valuable?
The most valuable feature is the basic authentication.
What needs improvement?
Some areas for improvement would be the security the product provides and the response time when a client is making a call with their payload.
For how long have I used the solution?
I've been working with this solution for three years.
What do I think about the stability of the solution?
There are some issues from the front and backend, but none relating to the API portal.
What do I think about the scalability of the solution?
The scalability depends on configuration, but if that is correct, then the scalability is good.
How are customer service and support?
The tech support is fast and responsive.
How was the initial setup?
The deployment was pretty straightforward.
What other advice do I have?
I would rate this solution as nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior System Engineer at a tech services company with 51-200 employees
The best part about it is that it doesn't stop if something is missing during the installation, it looks for it on its own
What is our primary use case?
We primarily use Layer7 API Management to monitor stuff. I'm the one who installs it. They sent me a TAR file, I unloaded it to TAR, brought it up, and made everything work. I gave it the three different network configurations to talk to the three different domains, and then I turn it over to the guys, and they do what they got to do with it.
What is most valuable?
The best part about it is that it doesn't stop if something is missing during the installation. It looks for it on its own. I don't have to be there to do it physically.
For how long have I used the solution?
I've been using Layer7 API Management for about three months.
What do I think about the stability of the solution?
Layer7 API Management appears to be stable. No one has called me to say that it's not working.
What do I think about the scalability of the solution?
Layer7 API Management is a scalable solution.
How was the initial setup?
The initial setup wasn't that hard. You got all the Postgres and all those other little add-ons. It makes sure you've got this installed and that installed. There are prerequisites for what it needs before it gets up and running, but that's a piece of cake.
It all depends on how good your developers are. I know Nutanix and VMware. If you want to do a quick setup with VMware, they have everything preloaded, everything comes in one package, and everything needed for your application to work is already loaded into the bundle.
With SolarWinds, everything is configured for their SolarWinds app, and it's like having a Windows disc with the little features you can add. It's like, if you install the software for Windows or some of these other applications, you can break it down to where you can add in features as needed.
What other advice do I have?
I'd rate it an eight out of 10, no solution is perfect.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Layer7 API Developer at Allied Globetech
Built-in assertions for vulnerabilities, like DDoS attacks and IP restrictions, are useful
Pros and Cons
- "There are a few assertions which are built-in for threat protection. I have used them for vulnerabilities, like for DDoS attacks, XML schema validation, IP restriction, and for cross-domain."
- "There are old algorithms that the tool does not support - and it shouldn't, in my opinion. But sometimes customers need old algorithms, from old use cases and old applications, migrated to the platform. At those times, there are hiccups that happen."
What is our primary use case?
Our primary use case is basic encryption/decryption using symmetric assertions and then, gradually, SOAP signatures, SOAP encryption, non-SOAP XML encryption, and signing that. In the last six months or so, I have been working on JWT (JSON Web Tokens).
How has it helped my organization?
Using this solution, the deployment and development processes become easier when compared to before, when complete Java development was necessary. Now, the encryption part is very easy and our clients don't have to continuously depend on logic. On this platform, it's very easy for them to understand and to do testing. It saves them time.
What is most valuable?
I haven't found that there are any most-valuable features. I'm not using any feature most often in any of my use cases. The use cases depend upon the customers' requirements.
In terms of protecting APIs against threats and vulnerabilities, there are a few assertions which are built-in for threat protection. I have used them for vulnerabilities, like for DDoS attacks, XML schema validation, IP restriction, and for cross-domain.
What needs improvement?
There are old algorithms that the tool does not support - and it shouldn't, in my opinion. But sometimes customers need old algorithms, from old use cases and old applications, migrated to the platform. At those times, there are hiccups that happen. It's a bit of a challenge to make the customer understand that we should not be going with these old applications.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
We have not faced many issues with its stability.
What do I think about the scalability of the solution?
Scalability is a bit tough if it is a production environment. If you are planning to scale it and increase the number of servers within one to two years, that can be challenging. Up until now, if I have installed four servers, I haven't been given requirements to add more than that.
How is customer service and technical support?
We have contacted support. There were two cases where there wasn't support for old algorithms, the assertions weren't supporting them, and we reached out to the support team. They were very helpful. It depends on the problem you are asking them about. If it's easy, they give you solutions quickly. If there is a requirement for the engineering team to be involved, then it takes time. But they're very helpful.
How was the initial setup?
The setup is straightforward. If I'm doing it on a local machine, it takes 20 to 30 minutes for a single client. I don't have any implementation strategies. It's a straightforward process where you just need to select the options, click enter, enter, enter, and provide whatever input is required.
Before starting the implementation with a customer, we give them the prerequisites that are required. If those prerequisites are met, it doesn't take much time to do the deployment. They have to provide the IP, the hostnames, and the port openings.
In our last deployment, it took me two days to install all the port services. There was one replication and there were two persisting nodes. I did the complete installation and was initially involved in the API development. After that, my colleagues were involved in the development of APIs.
It requires a minimum of two people for maintenance, once it's up and running.
What other advice do I have?
The tool is very powerful so if you are looking to go with an API platform I would recommend CA.
The number of users among our clients is growing, although I don't have an actual number I can give you. Initially, it takes time to get people to understand the platform, but once they understand it, everyone wants to use the platform and have their application exposed to this platform only.
Overall, I would rate the solution at nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Senior Lead Engineer at a tech consulting company with 10,001+ employees
It has improved the way our company functions by streamlining the effort and getting people out of the process
Pros and Cons
- "For developers to be able to come, sign up, or find APIs."
- "I would like to be able to see the publisher role be able to be organized within organizations, so somebody within that role can only manipulate their particular policies."
What is our primary use case?
Primary user case is producing APIs as products, essentially, and creating the environment for developers to sign up to use APIs.
It has performed well so far. We just got a test instance installed, and did a PoC earlier in the year. We are more or less just getting started with it.
What is most valuable?
- For developers to be able to come, sign up, or find APIs.
- Sign up for the API and start using it in their applications without a Gateway developer having to get involved.
How has it helped my organization?
The benefit of it is being able to create a sense of the API marketplace. It has improved the way our company functions by streamlining the effort and getting people out of the process.
What needs improvement?
I would like to be able to see the publisher role be able to be organized within organizations, so somebody within that role can only manipulate their particular policies.
For how long have I used the solution?
Less than one year.
What do I think about the stability of the solution?
We had some problems getting it installed, but it has been running fine ever since.
What do I think about the scalability of the solution?
It is all docker containers. So, it seems to be pretty good.
How are customer service and technical support?
The technical support is good, knowledgeable, and responsive.
They are all friendly to work with and really seem to care about us being successful.
Which solution did I use previously and why did I switch?
We were using the API Gateway before.
The industry is moving is to be more API-oriented and more self-service oriented, which is why we invested in a new solution.
How was the initial setup?
The initial setup was complex. It ran into a lot of problems. It was a new release. It was a 4.1 release. We spent the first day or so, probably almost two days, getting it to accept the proper IP from the DNS name. We ran into certificate problems. Mainly, just the installation script in our particular environment did not work very well. So, instead of what should have taken us a couple hours, or what we planned for a few hours, it ended up taking about three and a half days.
What about the implementation team?
I did a PoC in the earlier part of the year. We built out some APIs on that, then we just installed the test instance a couple weeks ago.
What's my experience with pricing, setup cost, and licensing?
Purchase 4.0 now and wait until they flush out the 4.1 problems.
Which other solutions did I evaluate?
We evaluated CA and Google. We chose CA because we already had an embedded solution with them and a good relationship. Pricing was also a factor.
What other advice do I have?
Most important criteria when selecting a vendor:
- Reliability
- Support
- Pricing.
CA is a large company. It is not like they are going to go upside down tomorrow. You want to make sure that the company is going to be around for awhile if you are investing in them.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Associate at a financial services firm
As a financial services company, the security it provides is key for us
What is our primary use case?
We use it for security.
So far so good. We have our own challenges - some monitoring and some performance related things - but at the same time, I think it's pretty good.
What is most valuable?
The security that it provides, actually. Being in the financial services industry, obviously security is very important for us.
How has it helped my organization?
I'm part of an engineering team so this product coming with out-of-the-box security, that is valuable to our organization.
What needs improvement?
We are evaluating the next release, actually. We would like to see more stability.
What do I think about the stability of the solution?
It needs to be a bit more stable. I think they see that, as Support is working on that. We have our own challenges related to the stability. For example, the log space filling up the entire disk because of gateway went down. CA is aware of this issue.
But otherwise, as I said, we have had a pretty good experience with the product.
What do I think about the scalability of the solution?
We do not use it on a massive scale at this point, so it's pretty good.
How are customer service and technical support?
It's pretty good. It's been a fruitful experience so far.
Which solution did I use previously and why did I switch?
We were transitioning from another product, DataPower. We switched because of the native support for APIs in API Management.
Which other solutions did I evaluate?
We didn't consider any other vendors.
What other advice do I have?
What's important to us when selecting a vendor, support is the most important factor.
I would tell anyone who is researching this type of solution to go for API Management.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
VP Of IT Development at a tech services company with 1-10 employees
We have secured APIs, exposing them to the international and domestic partners.
What is most valuable?
- Availability of Security Assertions: Addresses all the industry security standards
- High Flexibility: Allows policy-driven orchestration and security mediation, in a drag-and-drop manner
How has it helped my organization?
Thanks to this product, we have successfully secured SOAP and REST APIs and exposed them to international/domestic partners using the standard industry protocols.
What needs improvement?
The Policy Manager UI is very busy. It lacks a graphical representation for the flow of the assertions that can significantly improve the clarity of the policy. Thus the Policy Manager UI can be improved in terms of usability. For example, instead of policy assertions in the policy being in a line by line form, it could be represented as graphical flow, similar to how Vordel Gateway does it.
For how long have I used the solution?
I have used this solution for six years.
What do I think about the stability of the solution?
We have not experienced any stability issues. The product has been very stable.
What do I think about the scalability of the solution?
The CA API Gateway solution is highly scalable. It is very easy to add more nodes to the cluster, which increases the processing power.
How are customer service and technical support?
The technical support is excellent and very timely. The engineers are extremely knowledgeable, not only in regards to the product, but also in terms of the protocols and standards that are used by the product.
Which solution did I use previously and why did I switch?
We were using Vordel Gateway, but it lacked the flexibility and integration capabilities that CA API Gateway provided at the time.
How was the initial setup?
The initial setup was very straightforward. CA has clear and concise documentation to walk you through the initial setup process for both simple and complex deployments.
Which other solutions did I evaluate?
Vordel Gateway and IBM DataPower. Both these solutions were evaluated from our end, before CA API Gateway was selected.
What other advice do I have?
You should read the documentation.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Buyer's Guide
Download our free Layer7 API Management Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Product Categories
API ManagementPopular Comparisons
Microsoft Azure API Management
Amazon API Gateway
webMethods.io
MuleSoft API Manager
Kong Gateway Enterprise
IBM API Connect
IBM DataPower Gateway
WSO2 API Manager
3scale API Management
Axway AMPLIFY API Management
TIBCO Cloud API Management
Akana API Management
OpenLegacy
Buyer's Guide
Download our free Layer7 API Management Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- When evaluating API Management, what aspect do you think is the most important to look for?
- What is the difference between an API Gateway and ESB?
- In a Digital Banking Environment how do we see the role of ESB/ API Managers?
- What is an API Gateway?
- How do you protect your API from security threats?
- What should one take into consideration when choosing an API management solution to manage Microservices?
- Which API Management tools have the best developer portal?
- Which API management tool is the best?
- What is your favorite API Management tool?
- What are the key parts of an API strategy at an enterprise?