What is our primary use case?
This solution is primarily used for protecting our APIs and web services. All of our APIs are exposed to the outside world, so our internal network is protected by the API gateway. Our landscape inside the company is also divided into different domains and if you go from one domain to another domain, we also want the APIs to be protected.
We have two servers with an API gateway and a load balancer in front of it.
We also use this solution for monitoring, to know how many transactions we have had and who is using our API. These are the runtime capabilities.
Another thing we use this product for is governance, to govern the lifecycle of our API services. It will tell us the state of the service, who is responsible for it, what deliverables belong to that stage, and we also have some quality checkpoints inside the lifecycle.
How has it helped my organization?
With respect to the end-to-end lifecycle management of APIs, this product is very good, feature-wise. We have the ability to govern the end-to-end lifecycle; in the different states, we can do the necessary customization and add our own flavor. This helps us very well in maintaining it.
The API governance capabilities for enforcing standards and security policies are quite good. However, it is a new product that started a few years ago, and you can sometimes tell that it is new and still evolving. For example, there are some bugs and problems that are still being fixed as it is further developed. They are evolving the features and we are happy with the product, but there can be more issues that arise as things change.
These quality checkpoints allow us to have a central team that reviews the deliverables of the service. In the Design phase, for instance, we will review the REST API interface to see if it matches our standards.
This solution has enabled us to create new channels for growth because we can quickly introduce new APIs. Sometimes, you need to quickly set up a marketing campaign with an application that needs to happen fast. The API gateway allows us to introduce APIs that are still good and protected but in a fast way.
We have a good overview of all of our APIs, including who is providing them and who consuming them, which allows us to better work together to resolve issues before they emerge. For example, if there are changes made, we have a better view of the impact and the team can start discussing it. Also, if we are deprecating services and removing them, we know who is using these APIs and they can be contacted in advance.
Another important point is that when a new application wants to use an API, it can provide the necessary information such as the number of transactions. With this knowledge, the provider can adapt accordingly and it will be possible to add it.
Using the product has provided us with a structured API management program. Because we have governance and knowledge about all of the APIs, we have a better overview. Knowing who is using an API, or who is going to use it, means that it is easier to introduce new things.
This solution has given us a competitive advantage because we have better automation and insight. Without it, a lot of automation would not be possible, and doing it manually would take more time.
More generally, this API gateway has improved the way our organization functions because it allows us to enable more partner integrations. Until now, most of our business-to-business integrations were going over EDI. With API instead, it will allow us to onboard other partners. The reason for this is that EDI is a very heavy format, which is very expensive. As a retail company, EDI is affordable when you have a large vendor. But sometimes we have smaller vendors, and if we force them to use EDI, it will sometimes block the ability to sell products to us because they can't afford the complete functionality of sending invoices or receiving orders.
What we are now doing with API management is to make the order and invoicing systems available via API. These smaller vendors can then use these APIs to send an invoice or to receive an order.
What is most valuable?
The two most important features are the lifecycle and the protection of your APIs.
On the topic of protecting your APIs, every API management solution has that, which is the core business. Without it, you don't have an API gateway and it's the basic setup that every API management solution needs. Of course, protecting your APIs is very important.
With respect to the lifecycle, it is helpful because, in our business, we find it important to have an overview of all of our APIs and to guide our different roles, including architects and solution developers, in the necessary work for delivering a web service. Depending on the type of service, we also want to govern the quality. We don't do it for all APIs but for some categories, we find it very important that the quality is at a high level. This means that we want to govern that and to review it.
In these aspects, this solution helps us.
What needs improvement?
In relation to the lifecycle features, the user interface and the performance can be improved. It is not the quickest application and the user interface is not most up to date. It's a tool that has existed for quite some time, and there haven't been a lot of improvements.
With respect to the API gateway, the runtime component, the stability after a new release is something that can be improved.
For how long have I used the solution?
I have been working with the webMethods API Gateway for approximately four years.
What do I think about the stability of the solution?
Once the system is set up and configured properly, it's stable. We don't have outages and it runs very well.
What do I think about the scalability of the solution?
There are two ways to scale this product, and both of them are easy to do. The first is to add another server to your cluster, and the second way is to add more CPU power.
How are customer service and technical support?
I would rate the technical support medium-high. It is comparable with other companies; not worse, but not especially better.
In general, I am happy with the support but my complaints are about the timing. Specifically, if your issue can be handled by the first line then you get feedback quickly. However, if the issue is complex then it needs to go to R&D and it takes time. This is the same experience that I have with other companies.
Which solution did I use previously and why did I switch?
We did not use another similar solution prior to this one.
How was the initial setup?
The installation and initial setup are complex. It is not possible to just keep clicking the Next button during the setup. You need to configure the system such that it works best for your environment. You should plan for deployment over three to six months, at least.
My advice is to involve a consultant from Software AG to help you with the setup. Of course, this is an on-premises situation. In the cloud, I don't know how easy or difficult it is.
What was our ROI?
We have seen ROI from this product and we are able to determine this because of our internal accounting. When a project starts, we always calculate what our benefits are with respect to the technology. Taking into account the number of web services and APIs that we have, we're pretty sure that considering the cost of governance, this solution is better than if we were not using one.
What's my experience with pricing, setup cost, and licensing?
This is not a cheap solution but, compared to other products such as those offered by IBM, the pricing is similar.
Which other solutions did I evaluate?
We did evaluate other options including IBM API Connect and Apigee. Feature-wise, these products are comparable.
Given that we were already using webMethods, using the API gateway had some benefits. There is value in staying with a single vendor, with the advantage that it is easier to integrate with other products in the webMethods stack.
We did not consider using any open-source alternatives.
What other advice do I have?
This solution provides a fully customizable portal that has built-in testing capabilities, although we haven't implemented it yet. This is something that we are planning to do within the next couple of months.
My advice for anybody who is implementing this product is to involve consultants who are familiar with it because they can help you to best set it up. Also, think about the process and steps in your governance because this is a workflow and you want to be sure that it follows the procedures that you have in place.
Overall, I'm happy with the product.
I would rate this solution an eight out of ten.
Which deployment model are you using for this solution?
Which version of this solution are you currently using?