API Management

---

API Management Recognitions • Gartner MQ Leader for SOA Governance Technologies 2011

• Forrester Wave Leader for SOA Application Gateways 2011 • Deloitte Technology Fast 500 2011

• CODiE Award Finalist Best Web Services Solution 2011 • InfoWorld 100 2010

• OnDemand Top 100 Private Companies in Cloud 2010 • Gartner SOA Cool Vendor 2008

Security & Compliance Certifications • PCI-DSS

• FIPS in software and hardware • EAL 4+ appliance

• STIG Assurance testing

• OASIS WS-Trust Interop

• WS-I Basic Security Profile editor and interop • W3C WS-Policy Interop

Contact Us UK Gainsborough House, 81 Oxford St London, W1D 2EU Phone: +44 (0) 207-903-5435 Fax: +44 (0) 207-903-5333

USA 1200 G Street, NW, Suite 800 Washington, DC 20005 Phone: +1-800-681-9377

Canada 1100 Melville Street, Suite 405 Vancouver, BC V6E 4A6 Phone Direct: +1-604-681-9377 Phone Toll Free: +1-800-681-9377 Fax: + 1-604-681-9387

Copyright ©2011 Layer 7 Technologies Inc. All rights reserved. SecureSpan and the Layer 7 Technologies design mark are trademarks of Layer 7 Technologies Inc. All other trademarks and copyrights are the property of their respective owners.

Layer 7 Technologies provides enterprises with the building blocks for secure integration across departments, partners, Cloud and mobile. The Layer 7 API Management Suite is designed to address the security, operations and lifecycle challenges associated with publishing APIs internally, selectively to partners or to third-party developers. The API Management Suite offers enterprises and service providers a full set of solutions for administering API publication internally and externally.

Industry-Leading Solutions for API Management By exposing data and application functionality to external apps on mobile devices, consoles, smart TVs and affiliate Web sites, via APIs, an organization can remake its business into an extensible platform. However, exposing data and services as APIs creates a number of serious security, management and performance concerns. Layer 7 provides enterprises with the most comprehensive available solutions for exposing APIs internally and externally in a secure, reliable and manageable way. These solutions are built upon the Layer 7 API Management Suite, which includes a robust API Proxy, a developer Portal, a Service Manager and support for OAuth. The API Management Suite addresses API security, version management, SLA enforcement, visibility and developer on-boarding requirements. Deliverable on-premise or from the Cloud, the Layer 7 API Management Suite is certified to support the most rigorous security needs including PCI, FIPS, STIG and OAuth.

The Layer 7 API Management Product Suite Layer 7’s API management products address the security and manageability of Web-Oriented and mobile applications by providing access control features for browser-based and REST-oriented applications, including those requiring OAuth and SAML profiles. Layer 7 supports a range of API security and management profiles for technologies like REST, OData and JSON. •

API Proxy: Secure, meter, adapt and abstract REST, OData, SOAP and JSON service interfaces

•

API Portal: Onboard internal and third-party developers and provide account selfmanagement tools for API usage, management and subscription

•

Enterprise Service Manager: Get a centralized view of API performance and manage API versions across dev, test and production

•

OAuth Toolkit: Simplify two- and three-legged OAuth token exchange for API-based authentication and authorization

Layer 7’s API Management products are available in a wide range of formats

Software

Virtual (VMware)

Amazon Machine Image

Hardware

Federation Across API-Based Services

Customers & Contracts

Problem: Decrease retail customer defection rates by delivering value-added, Web-based services to the home via video phone and set-top boxes

John: gets unlimited SMS messages

Internet

Solution: Layer 7 allows Telco’s Internet customers to access services through their TV set-top box and Internet phone; access control and contract limitations are strictly enforced

75%

25%

100%

100%

[ +20% ]

Change

25%

75%

100%

0%

60%

75%

100%

0%

10%

25%

[ -22% ]

Change

Service Provisioning System

50%

25%

75%

0%

5% [ 20% ]

50%

50%

50% 25%

0%

[ +1% ]

Change

Change

0.3 -4

-3

-2

-1

0

1

2

0.2 0.1 0.0

-4

Results: Telco can now provision differentiated Webbased services to retail customer simply and securely

-3

-2

-1

0

1

1.0

1.5

2.0

2.5

3.0

2

Rachel: gets 3 Pay TV shows/month

TV onDemand

SMS

Yellow Pages/ White Pages

YouTube

Securely Open Web APIs to Affiliate Sites Problem: Needed to securely expose auto and ecommerce information to thirdparty search engines Solution: Layer 7 makes it possible to expose vehicle-for-sale data to thirdparty search engines while ensuring the integrity of APIs against spikes in traffic and DoS attacks Results: Increased revenue and reach by exposing vehicle sales information across affiliate Web sites, in real time

New car, used car, dealer, etc information services Developers

LDAP Databases

Internet

Telecom Services

Web Portal Web Portals

Web Portal & Mobile Enablement Problem: Sought to reduce the overhead associated with creating and maintaining multiple services for multiple Web-based recruiting initiatives across the armed forces Solution: Layer 7 provides the ability to: deliver mash-ups of services; enforce access control; redact sensitive information; provide threat protection and data validation Results: Sped launch of new Web portal and mobile recruiting initiatives; improved security and control; reduced overhead by simplifying the service lifecycle

Portal Widget

Forms

Internet

Locate a Recruiter

Recruitment Web Site

Service for Mobiles Registration

iPhone App for Recruiting >60 major services