CA API Management Valuable Features

Venkatesh Vanigalla
Software Engineer at a tech vendor with 501-1,000 employees
It takes an existing service, like JSON or SOAP, and converts it for use on the application (e.g., REST services). From a security point of view, there are different types of attacks: cross-origin resource sharing, SQL injection, shell scripting, and code injection. These type of attacks can be eliminated with the help of this tool because they are built-in with rules. If I drag and drop one rule called cross-origin resource sharing to the website I want to allow it on, only that website can contact CA API Management regarding this assertion. For an OAuth perspective, the application needs to be registered at my API Gateway. Once the application is registered, every time a user requests access to my API Gateway, I have to capture whether it is a valid application or not. Once it is getting validated, only then will it show them the access page for the login page to the application. View full review »
Sekar Purushothaman
Sr. Systems Engineer at a hospitality company with 1,001-5,000 employees
The out-of-the-box security features are useful. Right now, you can just right-click and drag and drop the assertions with the rate limit. That, as well as the x-amount surge protection, is built in so we can bring that in. View full review »
Atyab Tahir
GM - Head of Digital Transformation at a financial services firm with 10,001+ employees
* Containerization * The monetization module They're quite unique for an API tool. Although we didn't test the monetization, the flexibility of the tool could be quite useful. Right now, we're not looking to monetize any of our open APIs for the next few months, but it will be a focus for banks in a year or so. The nimbleness of the monetization tool is very good, where you can just drag and drop elements that would make up the monetization. In addition, the development time and rollout time are pretty quick. View full review »
Find out what your peers are saying about CA (A Broadcom Company), Google, IBM and others in API Management. Updated: December 2019.
389,475 professionals have used our research since 2012.
Tanmoy Bandyopadhyay
Technology Analyst at Infosys Technologies Ltd
I think it's very valuable because of the support desk in one application. It protects us well. That is very important. In terms of security, it's mostly been enough until now. I had used them in my local work. I was playing with them and saw that they support everything. It's almost all covered so far. View full review »
Pradeep Bharadwaj
Computer Scientist at a tech company with 10,001+ employees
* The lightweight mediation * Transformation from JSON to XML and XML to JSON * API portal and API key management * The Developer Portal * Some of the key SSL sessions, inside the gateway * Circuit Breaker is a cool feature, too View full review »
Moses Johnson
Lead Architect at a energy/utilities company with 1,001-5,000 employees
We use a pretty simplistic approach and it does what we need it to do for terminating connections and then reestablishing what we needed to do in a DMZ. All of those features are pretty good. We don't really use the full-blown API management solution which they offer, more just the gateway components. From a security standpoint, it works great. It is the right solution for us. It's lightweight, a software-appliance configuration which was easy to deploy and configure. It is what we need. It does well protecting APIs against vulnerabilities. It is okay for incorporating identity access control with OAuth. View full review »
Richard Lobovsky
VP Enterprise Solutions - Financial Services at Samsung
CA has incredible reach in the market across industries. To have the opportunity to partner with CA has been great for us, a great exposure. They have got a very compelling platform that enables organizations to easily develop and roll out mobile applications. A lot of their customers have come and said, "We'd like to be able to enable these mobile applications with biometric authentication capabilities." It is really a nice blend. We are able to provide that capability to enable that platform to deliver that to their client base. View full review »
Atul Raut
Design Engineer at Automatic Data Processing, Inc.
Security is definitely the top one, and other than that, it is a quite customizable product. I have seen that they are coming up with newer features and they are quick, coming into the market very quickly. Compared to other vendors, this product is much faster in coming up with new features, which is good. View full review »
Layer7 API Developer at Allied Globetech
I haven't found that there are any most-valuable features. I'm not using any feature most often in any of my use cases. The use cases depend upon the customers' requirements. In terms of protecting APIs against threats and vulnerabilities, there are a few assertions which are built-in for threat protection. I have used them for vulnerabilities, like for DDoS attacks, XML schema validation, IP restriction, and for cross-domain. View full review »
Abhishek Valsangkar
Business Development - Alliances and Partnerships at a tech services company with 10,001+ employees
Security is the most important parameter of the solution, for me, because whenever you are exposing your APIs to third-parties, it is critical that the data remains anonymous and that data is retained within the system, that it is not leaked. CA API Management provides good security features and that is very critical. View full review »
Director Identity & Access Management at a financial services firm with 10,001+ employees
The security features are the most important because that's what we're using the application for, specifically. View full review »
Sampath Kumar Palati
Technical Consultant at a software R&D company with 501-1,000 employees
The most valuable features to me are: * Different Form Factors: Available as Software, Virtual Appliance, Amazon Machine Image and Hardware. * API Virtualization: Creating virtual APIs by shielding the actual enterprise resources on API Gateway. * Security: Enterprise data security and central management in API Gateway. * API Lifecycle Management: Enable, Disable, Assigning, Deprecating and Deleting APIs on API Portal * Scalability: API Gateway is easily scalable horizontally and managed easily. * Mobile SSO is another feature/capability which available. View full review »
Rogerio Sachett
Consultor de segurança at a tech services company with 1-10 employees
I work for an information security company. CA API Management is capable of using tokens for authorization to manage access control for the APIs. View full review »
Gary Sun
Technical Director at SoftPro
Controlling microservices for my customers. It provides a good user interface and is easy to use. View full review »
Senior Technology Architect at a tech services company with 10,001+ employees
API discovery using CA Live API Creator is helpful for integrating with multiple backends, for discovering and kickstarting the API creation process. It is a very good feature. Mobile app capabilities are good for building mobile apps to consume developed APIs. API Portal capabilities are very nice, up to and including the ability to do monetization. Security features are exhaustive, with several adapters to all leading identity suites. View full review »
Senior Director at a tech services company with 10,001+ employees
CA API Developer Portal and API Security policy. View full review »
Christian Villamizar Lamus
Experts in Integration Models at a consultancy with 5,001-10,000 employees
* Current security models which are the focus of the industry. * The product documentation helps the client and/or user to evolve quickly while using the tool. * Support has efficiently combined with the forum. View full review »
Transformation and Change Management Leader at a logistics company with 1,001-5,000 employees
It provides us with a resilient solution and robust policy configuration. It is able to withstand the number of API calls and handle different API requirements to secure, transform, log, and track API usage patterns. View full review »
student at a tech services company with 1,001-5,000 employees
Security, out-of-the-box policies. View full review »
Wilmer Jesús González Pacheco
Arquitecto de Soluciones at a program development consultancy with 1,001-5,000 employees
* The speed and versatility in the implementation of APIs without writing a line of code in any programming language. * The solution has numerous configuration options to increase security in communication. * The administration interface (Policy Manager) is very easy to understand and use. View full review »
Solution Architect at a construction company with 1,001-5,000 employees
The Portal API helps us with deployments. It also helps to have a catalog of everything. The replication is also a critical feature for us. It helps to have a more robust architecture and makes our systems are highly available. View full review »
Rofans Manao
IT Consultant at a tech services company with 11-50 employees
API security. Implementing security is hard in general but for this product, almost all security features are available out-of-the-box and can be deployed rapidly. View full review »
Benny Lam
Senior System Analyst with 501-1,000 employees
* Policy assertion * Policy manager * SSO * Authentication * HA features * Analytics * Very extension logs View full review »
Sr. Tech lead at a manufacturing company with 10,001+ employees
The API gateway is good. View full review »
Find out what your peers are saying about CA (A Broadcom Company), Google, IBM and others in API Management. Updated: December 2019.
389,475 professionals have used our research since 2012.