To secure APIs, there are a lot of solutions available in the market, and you can get a lot of different software development licenses, which can be helpful during migration processes. Lots of APIs are on Kubernetes and Docker. Docker is one of the containers which is considered to be safe from a security perspective. I cannot give much in details since our company provides solutions depending on the requirements of the users. Speaking about how the tool improves lifecycle management, I would say that there are lots of users on the internet who use your company's applications from the outside, and if someone compromises your network, it cannot be traced from your firewall because it is a part where you need to inspect it by yourself. If you have a proxy and it is not in forward proxy mode, then it cannot have the details of the certificate or give details about what has been accessed by external users. If one of my organization's internal users accesses some malicious activity at a time when I have provided them with all the accesses in our company, if my proxy or DLP is not able to trace it, it could be very dangerous for me. In terms of security features, they all have the ability to deal with the attacks classified under OWASP Top 10. Every security tool tries to deal with the attacks classified under OWASP Top 10 by incorporating a risk management framework. I have around 20 staff members to look at areas like network, firewall and everything else attached to it. I have recommended to my organization's operation team that I still need three or four members added to my team. I recommend that others should consider having Layer7 API Management in their network since it can provide them with a more robust, scalable, and confident environment. I rate the tool an eight out of ten.
Senior associate at a financial services firm with 10,001+ employees
Real User
Top 5
2023-12-29T10:01:45Z
Dec 29, 2023
Layer7 API Management's availability on an on-premises deployment model, actually decreases the production time if its users have any issues at the server level. Other API management tools are available on the cloud infrastructure, so if anything happens with the server, then users have to connect with the different teams to resolve the issue. When it comes to Layer7 API Management, if a user has an on-premises setup, then such a user can work with the server issues, which will help the user to resolve the issue within the time instead of having to connect with customer care for support. If users have a good technical team, then you can directly work with the tool at the server level. I rate the overall tool a nine out of ten.
Presales Consultant for CA Southern Africa at Hyperion Holding Pty Ltd
Real User
Top 5
2023-05-12T08:32:00Z
May 12, 2023
Broadcom API Gateway has always been a stable product for Security, Development, and Integration services. With the help of assertion, you can build a service that could communicate with backends - DB, GraphQL Server, Rest Server, Soap Server, and a variety of backend applications. It provides a tool for the consolidation and orchestration of your API and APPLICATION. It provides means to access the API with key and secret providing an interface for Developer and API Owner to Collaborate and Share knowledge in the wide community. With top-down rule-driven policies, it becomes easy to write business logic to meet your Application data extraction and deployment needs. There are many places where API Gateway will be a good/excellent fit for your requirement and some places where it may not be a right fit. A dispersed environment needs consolidation. This gateway is your solution but APIs that will have a high query (database activity, extensive translation, and more logic) are possible to achieve but may require planning (e.g. splitting the task between gateways for high processing vs high-security requirements). These activities should also be clustered to get the best performance of the application so this consideration would need to be made when building Complex API with API Gateway. The idea here or approach would be to think big but also ensure it can be sustained with your resources. API Gateway with minimum configuration OOB could provide an awesome TPS for your API and transaction needs, which is one of the reasons why banks, Retailers and other customers prefer this tool over the others.
My company provides Layer7 API Management to customers. I'm working on the latest version of the product. Six to eight team members handled the Layer7 API Management deployment. Some worked on the data, while some worked on the network, hardware, and software configurations. Approximately two hundred to three hundred people use Layer7 API Management, particularly clinicians, nurses, and patients. Layer7 API Management only requires a little maintenance. It only has one upgrade every six months, and my company has an affiliate that handles the maintenance, especially severity three issues. My company will address any level one or two issues. My rating for Layer7 API Management is eight out of ten. My company is a partner and reseller of Layer7 API Management.
This is a good solution. However, it would be ideal if they had a technical team because there is a need for some basic coding knowledge. It requires comprehensive Java knowledge. I rate Layer7 API Management an eight out of ten.
We are using Layer 7 API Management product in our organization now for around 1.5 years.Â
It has been an excellent product and covers almost all the capabilities of a mature API Management Product.Â
The weak area is that it misses on Forum kind of functionality, where API Producers and Consumers can interact with each other. Also, check for the service availability from Broadcom in your region because that would be critical for your successful implementation.
Be sure to research this product and its functionalities well prior to moving forward with the solution. Many of my clients will have issues with the solution in regards to their use cases. This solution is easy to deploy and view data in API but you must have a solid plan to manage the environment. I would rate it a ten out of ten.
Software Developer III at a financial services firm with 1,001-5,000 employees
Real User
2021-11-30T20:08:08Z
Nov 30, 2021
We have found it's really difficult to find the right resource in our Canadian market. It is more difficult to hire new developers who can support Layer7 API Management. My advice to those wanting to implement this solution is if they have the right resource, this is a really nice product and I recommend it because it's really flexible and that they can build and customize with the vendor directly. I really am with this product. I rate Layer7 API Management a nine out of ten.
If you wish to implement Layer7 API Management, it is paramount that you understand, first, what you need. Most of the time, the customer doesn't understand the power of APIs and how they should be managed inside an organization. If your customer doesn't have a plan, it doesn't matter what solution they use — nothing will work. Overall, on a scale from one to ten, I would give this solution a rating of nine.
I would recommend this solution to others. This is one of the good solutions for microservices and APIs and for people who need to go the digital way. There are a lot of other solutions that are coming into the market, and the infrastructure landscape is changing. I would rate Layer7 API Management a six out of ten.
IT / Enterprise Architect, IT Consultant at a consultancy with 11-50 employees
Consultant
2020-09-01T05:25:09Z
Sep 1, 2020
On a scale from one to ten where one is the worst and ten is the best, I would rate this solution as a nine-out-of-ten. In order to rate it 10, it would need to be perfect. What I find other people saying is that the product portal for API development lacks some features. People who need that functionality are not impressed. They say it is lagging behind the competition. That is not my experience so I do not know anything about it. I have to guess they are right from their first-hand experience. What I do not know — but it could be a potential problem — is when you have to deploy the products in the cloud. That might be an issue. Because it is best-of-breed, you are not going through Microsoft or Amazon or Google. That means that you are not working with a solution native to those platforms. You may need to implement an infrastructure product somewhere in the hosting platform — for example, in Microsoft cloud — and I think it is kind of a challenge. Layer7 has published on their site that this can be done. But the cloud companies will probably do things in order to help promote the use of their own products and by that measure discourage customers from using products like Layer7. That might be a problem for the people who want to use the Layer7 API Management.
On a scale from one to ten where one is the worst and ten is the best, I would rate Layer7 as a nine. Right now it is a bit premature to rate the product overall but in terms of the disappointment in the community support opportunities, I would rate it as a seven as of now. I think with the situation that we are in and with the current economic atmosphere, there is definitely a reason for those looking for an API solution to also consider open-source products. Instead of going with the proprietary products, sometimes considerations depend on the size of the organization and the budget. Every organization should first analyze what they need. If they need an enterprise-class product definitely Broadcom Layer7 is a good solution. But if an organization can manage their needs with an open-source product, or the team has a good knowledge of the APIs and the ability to customize, then I think that open-source can be a viable option. As long as the product is sufficient to fit the needs, moving forward with some sort of an open-source product is just as well.
We are very happy with the solution. The product set currently sits in our development environment and that is a good fit. Some companies would tend to bundle this with security or networking as the product set also functions as a security device. By placing it in security, you are limiting yourself a lot and will never reach the full potential of all the product's capabilities. You need technical in-house people with development background to run the product set. Constantly look at all the features. I found that when revisiting components, which were not important a few months prior, you realise in some meeting a question about a "new" capability would come up.
I would not recommend the product based on how it has performed to implement it. I did not like working with the product. We have not used it to modernize legacy systems via microservices, APIs, or developing a new platform for mobile. We also did not use it for connecting data to apps via APIs. I am not familiar with the security aspects of the solution. We stopped offering the product as a service a month ago since the product no longer belongs to CA. In Taiwan, I believe no one will buy CA products anymore because it is no longer trustworthy as a company, since the products are no longer supported.
Lead Architect at a energy/utilities company with 1,001-5,000 employees
Real User
2019-01-28T12:30:00Z
Jan 28, 2019
CA API Management is a pretty solid product for what we are using it for. It's been good. It has served our purpose and kept us out of trouble. Evaluate what's out there in the industry. Make sure that you chose the right product for your use cases. I would rate this solution at about six out of ten, overall. At the time when we were evaluating it, it was about the complete lifecycle management. We were looking to build APIs to legacy systems, using IDE deployment strategies - all of those things were lacking. Products like MuleSoft and Apigee had better, more robust software development approaches for both mobile as well as web-based or batch processing.
I would say implement it. If you are new to APIs and things, you won't understand it, but if you have some experience it will be okay. I would rate this as eight of ten.
The tool is very powerful so if you are looking to go with an API platform I would recommend CA. The number of users among our clients is growing, although I don't have an actual number I can give you. Initially, it takes time to get people to understand the platform, but once they understand it, everyone wants to use the platform and have their application exposed to this platform only. Overall, I would rate the solution at nine out of ten.
GM - Head of Digital Transformation at a financial services firm with 10,001+ employees
Real User
2019-01-23T11:26:00Z
Jan 23, 2019
With respect to supporting a large number of APIs and/or a large number of transactions, we didn't use it for a large number of transactions. It was a PoC so we only used it for limited connectivity. But from what I've read and from what I've heard from other users, the volume management and traffic flow management is actually pretty good for CA's tool. I would rate the solution at six out of ten, overall. It didn't meet all of our needs.
Sr. Systems Engineer at a hospitality company with 1,001-5,000 employees
Real User
2018-11-18T07:31:00Z
Nov 18, 2018
I rate CA API Management as an eight out of ten due to the overall stability of the product. So, we had this implemented and running fine unless we had increased traffic. We never went back and tuned it. In that way, I'm pretty happy with that. It loses the last two points because of the monitoring, as well as the capacity analysis and planning our day-to-day transaction details.
Senior Technology Architect at Infosys Technologies Ltd
Real User
2018-08-16T08:28:00Z
Aug 16, 2018
CA API suite is a strong solution with very good security capabilities and end-to-end lifecycle management of APIs. It has been proven over the years and is a very good option for implementing the API gateway for an enterprise.
Business Development - Alliances and Partnerships at a tech services company with 10,001+ employees
Reseller
2018-06-04T11:26:00Z
Jun 4, 2018
My advice would be, if it is a really complex integration with multiple protocols, multiple APIs, where security is the key, I think you should look at the CA solution. That is where it fits best. If it is you're looking at it more as an enterprise integrator, that you need to integrate internally within an organization and its IT functions, then I would suggest that you talk to CA and see how best the product can be used; you will consultation. It's a very stable, scalable product with good security features. It does the job well.
Senior Director IAM Security Engineering at Broadridge Financial Solutions, Inc.
Real User
2018-05-31T09:49:00Z
May 31, 2018
I would suggest you take a look at all of the components. The API Management Suite that CA offers is broader than simply the API Management Gateway. The Suite has some features, extra components, that really make for a much easier and more accessible way a way of doing API management within the enterprise. There are components like the Mobile API Gateway and Live API Creator. These additional components really expand what the products can do, in a way that makes your value proposition easier to present to the business. I would say this solution is a solid eight. It does everything that it says that it does. It would get a higher rating if it had a little cleaner interface and was easier to administer, but I think that's a pretty solid rating for a product like this.
student at a tech services company with 1,001-5,000 employees
Real User
2018-05-31T09:49:00Z
May 31, 2018
If you are truly looking for API management features, CA API Management is the best solution. It might be a bit old in terms of cloud-native architecture but they are moving towards that.
My advice would depend on the use case. If it's just a proxy solution that you are looking for, I would say don't go for CA API Gateway because API Gateway is much more than that. If you're looking for a complete API developer platform and securing your APIs, then CA API Gateway is a good product. I give this solution an eight out of 10 because, as an end customer, in terms of managing my API lifecycle, end-to-end, it is pretty good.
Layer7 API Management is a comprehensive solution that enables organizations to securely expose, manage, and monetize their APIs.
It provides features such as API gateway, developer portal, analytics, and security to ensure seamless integration and control over API traffic.
With Layer7 API Management, businesses can streamline their API operations and drive innovation.
I would definitely recommend it. Overall, I would rate the solution an eight out of ten. It was good for the healthcare industry.
To secure APIs, there are a lot of solutions available in the market, and you can get a lot of different software development licenses, which can be helpful during migration processes. Lots of APIs are on Kubernetes and Docker. Docker is one of the containers which is considered to be safe from a security perspective. I cannot give much in details since our company provides solutions depending on the requirements of the users. Speaking about how the tool improves lifecycle management, I would say that there are lots of users on the internet who use your company's applications from the outside, and if someone compromises your network, it cannot be traced from your firewall because it is a part where you need to inspect it by yourself. If you have a proxy and it is not in forward proxy mode, then it cannot have the details of the certificate or give details about what has been accessed by external users. If one of my organization's internal users accesses some malicious activity at a time when I have provided them with all the accesses in our company, if my proxy or DLP is not able to trace it, it could be very dangerous for me. In terms of security features, they all have the ability to deal with the attacks classified under OWASP Top 10. Every security tool tries to deal with the attacks classified under OWASP Top 10 by incorporating a risk management framework. I have around 20 staff members to look at areas like network, firewall and everything else attached to it. I have recommended to my organization's operation team that I still need three or four members added to my team. I recommend that others should consider having Layer7 API Management in their network since it can provide them with a more robust, scalable, and confident environment. I rate the tool an eight out of ten.
Layer7 API Management's availability on an on-premises deployment model, actually decreases the production time if its users have any issues at the server level. Other API management tools are available on the cloud infrastructure, so if anything happens with the server, then users have to connect with the different teams to resolve the issue. When it comes to Layer7 API Management, if a user has an on-premises setup, then such a user can work with the server issues, which will help the user to resolve the issue within the time instead of having to connect with customer care for support. If users have a good technical team, then you can directly work with the tool at the server level. I rate the overall tool a nine out of ten.
I would rate it an eight out of ten.
I rate Layer7 API Management an eight out of ten.
I rate Layer7 API Management an eight out of ten. It takes time to learn and understand the product.
We have large enterprise customers for Layer7 API Management, and I rate it a nine out of ten.
Broadcom API Gateway has always been a stable product for Security, Development, and Integration services. With the help of assertion, you can build a service that could communicate with backends - DB, GraphQL Server, Rest Server, Soap Server, and a variety of backend applications. It provides a tool for the consolidation and orchestration of your API and APPLICATION. It provides means to access the API with key and secret providing an interface for Developer and API Owner to Collaborate and Share knowledge in the wide community. With top-down rule-driven policies, it becomes easy to write business logic to meet your Application data extraction and deployment needs. There are many places where API Gateway will be a good/excellent fit for your requirement and some places where it may not be a right fit. A dispersed environment needs consolidation. This gateway is your solution but APIs that will have a high query (database activity, extensive translation, and more logic) are possible to achieve but may require planning (e.g. splitting the task between gateways for high processing vs high-security requirements). These activities should also be clustered to get the best performance of the application so this consideration would need to be made when building Complex API with API Gateway. The idea here or approach would be to think big but also ensure it can be sustained with your resources. API Gateway with minimum configuration OOB could provide an awesome TPS for your API and transaction needs, which is one of the reasons why banks, Retailers and other customers prefer this tool over the others.
My company provides Layer7 API Management to customers. I'm working on the latest version of the product. Six to eight team members handled the Layer7 API Management deployment. Some worked on the data, while some worked on the network, hardware, and software configurations. Approximately two hundred to three hundred people use Layer7 API Management, particularly clinicians, nurses, and patients. Layer7 API Management only requires a little maintenance. It only has one upgrade every six months, and my company has an affiliate that handles the maintenance, especially severity three issues. My company will address any level one or two issues. My rating for Layer7 API Management is eight out of ten. My company is a partner and reseller of Layer7 API Management.
This is a good solution. However, it would be ideal if they had a technical team because there is a need for some basic coding knowledge. It requires comprehensive Java knowledge. I rate Layer7 API Management an eight out of ten.
We are using Layer 7 API Management product in our organization now for around 1.5 years.Â
It has been an excellent product and covers almost all the capabilities of a mature API Management Product.Â
The weak area is that it misses on Forum kind of functionality, where API Producers and Consumers can interact with each other. Also, check for the service availability from Broadcom in your region because that would be critical for your successful implementation.
I rate Layer7 API Management an eight out of ten.
Be sure to research this product and its functionalities well prior to moving forward with the solution. Many of my clients will have issues with the solution in regards to their use cases. This solution is easy to deploy and view data in API but you must have a solid plan to manage the environment. I would rate it a ten out of ten.
We have found it's really difficult to find the right resource in our Canadian market. It is more difficult to hire new developers who can support Layer7 API Management. My advice to those wanting to implement this solution is if they have the right resource, this is a really nice product and I recommend it because it's really flexible and that they can build and customize with the vendor directly. I really am with this product. I rate Layer7 API Management a nine out of ten.
I would rate this solution as nine out of ten.
I would recommend this solution to others. I really like the solution. I rate Layer7 API Management a nine out of ten.
I'd rate it an eight out of 10, no solution is perfect.
If you wish to implement Layer7 API Management, it is paramount that you understand, first, what you need. Most of the time, the customer doesn't understand the power of APIs and how they should be managed inside an organization. If your customer doesn't have a plan, it doesn't matter what solution they use — nothing will work. Overall, on a scale from one to ten, I would give this solution a rating of nine.
I would recommend this solution to others. This is one of the good solutions for microservices and APIs and for people who need to go the digital way. There are a lot of other solutions that are coming into the market, and the infrastructure landscape is changing. I would rate Layer7 API Management a six out of ten.
Overall, this is a good product. It's been stable and working for us, and our main difficultly is people calling out the price point on it.
On a scale from one to ten where one is the worst and ten is the best, I would rate this solution as a nine-out-of-ten. In order to rate it 10, it would need to be perfect. What I find other people saying is that the product portal for API development lacks some features. People who need that functionality are not impressed. They say it is lagging behind the competition. That is not my experience so I do not know anything about it. I have to guess they are right from their first-hand experience. What I do not know — but it could be a potential problem — is when you have to deploy the products in the cloud. That might be an issue. Because it is best-of-breed, you are not going through Microsoft or Amazon or Google. That means that you are not working with a solution native to those platforms. You may need to implement an infrastructure product somewhere in the hosting platform — for example, in Microsoft cloud — and I think it is kind of a challenge. Layer7 has published on their site that this can be done. But the cloud companies will probably do things in order to help promote the use of their own products and by that measure discourage customers from using products like Layer7. That might be a problem for the people who want to use the Layer7 API Management.
On a scale from one to ten where one is the worst and ten is the best, I would rate Layer7 as a nine. Right now it is a bit premature to rate the product overall but in terms of the disappointment in the community support opportunities, I would rate it as a seven as of now. I think with the situation that we are in and with the current economic atmosphere, there is definitely a reason for those looking for an API solution to also consider open-source products. Instead of going with the proprietary products, sometimes considerations depend on the size of the organization and the budget. Every organization should first analyze what they need. If they need an enterprise-class product definitely Broadcom Layer7 is a good solution. But if an organization can manage their needs with an open-source product, or the team has a good knowledge of the APIs and the ability to customize, then I think that open-source can be a viable option. As long as the product is sufficient to fit the needs, moving forward with some sort of an open-source product is just as well.
We are very happy with the solution. The product set currently sits in our development environment and that is a good fit. Some companies would tend to bundle this with security or networking as the product set also functions as a security device. By placing it in security, you are limiting yourself a lot and will never reach the full potential of all the product's capabilities. You need technical in-house people with development background to run the product set. Constantly look at all the features. I found that when revisiting components, which were not important a few months prior, you realise in some meeting a question about a "new" capability would come up.
CA API Management is very helpful. I would rate the product an 8 out of 10. In my opinion, the features are all very good.
This product is available on-premise, in the cloud, and Docker.
I would not recommend the product based on how it has performed to implement it. I did not like working with the product. We have not used it to modernize legacy systems via microservices, APIs, or developing a new platform for mobile. We also did not use it for connecting data to apps via APIs. I am not familiar with the security aspects of the solution. We stopped offering the product as a service a month ago since the product no longer belongs to CA. In Taiwan, I believe no one will buy CA products anymore because it is no longer trustworthy as a company, since the products are no longer supported.
CA API Management is a pretty solid product for what we are using it for. It's been good. It has served our purpose and kept us out of trouble. Evaluate what's out there in the industry. Make sure that you chose the right product for your use cases. I would rate this solution at about six out of ten, overall. At the time when we were evaluating it, it was about the complete lifecycle management. We were looking to build APIs to legacy systems, using IDE deployment strategies - all of those things were lacking. Products like MuleSoft and Apigee had better, more robust software development approaches for both mobile as well as web-based or batch processing.
I would say implement it. If you are new to APIs and things, you won't understand it, but if you have some experience it will be okay. I would rate this as eight of ten.
The tool is very powerful so if you are looking to go with an API platform I would recommend CA. The number of users among our clients is growing, although I don't have an actual number I can give you. Initially, it takes time to get people to understand the platform, but once they understand it, everyone wants to use the platform and have their application exposed to this platform only. Overall, I would rate the solution at nine out of ten.
With respect to supporting a large number of APIs and/or a large number of transactions, we didn't use it for a large number of transactions. It was a PoC so we only used it for limited connectivity. But from what I've read and from what I've heard from other users, the volume management and traffic flow management is actually pretty good for CA's tool. I would rate the solution at six out of ten, overall. It didn't meet all of our needs.
I rate CA API Management as an eight out of ten due to the overall stability of the product. So, we had this implemented and running fine unless we had increased traffic. We never went back and tuned it. In that way, I'm pretty happy with that. It loses the last two points because of the monitoring, as well as the capacity analysis and planning our day-to-day transaction details.
CA API suite is a strong solution with very good security capabilities and end-to-end lifecycle management of APIs. It has been proven over the years and is a very good option for implementing the API gateway for an enterprise.
Familiarise yourself with its policy management to match your requirements for API management and governance.
Begin by using the installation offered on an OVA, then in production environments make use of your own installation, e.g., in CentOS.
You need a team to manage it.
My advice would be, if it is a really complex integration with multiple protocols, multiple APIs, where security is the key, I think you should look at the CA solution. That is where it fits best. If it is you're looking at it more as an enterprise integrator, that you need to integrate internally within an organization and its IT functions, then I would suggest that you talk to CA and see how best the product can be used; you will consultation. It's a very stable, scalable product with good security features. It does the job well.
I would suggest you take a look at all of the components. The API Management Suite that CA offers is broader than simply the API Management Gateway. The Suite has some features, extra components, that really make for a much easier and more accessible way a way of doing API management within the enterprise. There are components like the Mobile API Gateway and Live API Creator. These additional components really expand what the products can do, in a way that makes your value proposition easier to present to the business. I would say this solution is a solid eight. It does everything that it says that it does. It would get a higher rating if it had a little cleaner interface and was easier to administer, but I think that's a pretty solid rating for a product like this.
If you are truly looking for API management features, CA API Management is the best solution. It might be a bit old in terms of cloud-native architecture but they are moving towards that.
My advice would depend on the use case. If it's just a proxy solution that you are looking for, I would say don't go for CA API Gateway because API Gateway is much more than that. If you're looking for a complete API developer platform and securing your APIs, then CA API Gateway is a good product. I give this solution an eight out of 10 because, as an end customer, in terms of managing my API lifecycle, end-to-end, it is pretty good.
I would suggest you do a PoC with CA, for feasibility.
Check what is required and whether it can be achieved easily without any compromise, see how flexible its to use and maintain.