CA API Management Room for Improvement

Anonymous avatar x60
Sam Bachman
Owner at Clarity Iq Inc
The latest version that just came out at the first of October really was a powerful move in the right direction. I was very, very pleased with that because it allows now beginning to use information of things. We've got this IOT infrastructure that we can plug into, and for my use cases there are a lot of outdoor sensors that provide valuable information to my customers. As we've brought on MQQT, and other ways of talking to those sensors, that just makes my life easier. I'd to continue to see them expand the scope of the product. But I can say that I've been extremely pleased with the work they're doing. They're not sitting around, every six months we get a release with major improvements. Larger organizations have a real challenge. They have to control all the people that touch their data, and when it goes wrong - you've seen it on the news recently - it ends up being major headline news story. "Equifax exposes data to 150 million customers." That's intolerable to these customers. What happens is that the companies that are working with that type of data have extremely rigid policies for who can get access to what. As we continue to develop the product in that regard, we would like to see continued integration with other CA products that accomplish that goal. I'm not saying that it doesn't do it now, I'm just saying that scenario where there can be continuous improvement. View full review »
Anonymous avatar x60
Solution Architect at a pharma/biotech company with 1,001-5,000 employees
The tool itself, I think, could be better. Along with the flexibility it does have, I wish it had a little more modern user interface. For troubleshooting, debugging, that kind of thing, it could definitely be better. I would like to see improvements in the user interface, for sure for Policy Manager. That's the developer's tool. Debugging seems a little bit archaic by modern standards. I would like to see that improved. I would like to see better documentation for the development language itself. I think they took a step backwards, actually, when they published all their documentation online. Accessibility is better because it's on the web. But the content seems to me to have taken a step backwards. Not enough details, more difficult to find specifics. And you would almost think that would be the opposite, but the feedback I've gotten from our developers, and my own experience, is that it's not the case. But in terms of the structure of how the language works, it's pretty good. It gives you a lot of flexibility and allows you to accomplish a lot quickly. So, in general, improvements in the UI, usability. Like I said, it seems dated in terms of how it works, by modern standards. I think they could go a long way to refurbishing the whole UI. View full review »
17ffc863 d795 427a bf0e 631d64ed9685 avatar
Chirag Desai
Head of Sportsbook Delivery at Gala Coral Interactive
What it allows us to do is it's more time to market than the value, actually, so a lot of our affiliate marketing teams, they go and engage with the vendor's affiliates, effectively, and they want a very quick, clean solution to get a lot of customers in, place a bet, see their bet history and then log out and tap on and move on to do something else. What this allows us to do is that, whereas previously, I would have had to a specific project team, they would take two or three months to do an integration, now you can do that in a matter of weeks. You can realize the value of a commercial relationship very quickly. View full review »
Anonymous avatar x60
Director of Architecture at a healthcare company with 1,001-5,000 employees
With scalability, it comes to resiliency. If you cannot scale you're not resilient. If you're not resilient your performance is worse. If your performance is worse your API and services are not available. Fine lines of availability is one of the key criteria's in the industry - 99.99% availability. That means 6 hours downtime in a year, so can you really ensure that everything is interlinked. If we talk about software architecture, quality attributes from these are all interlinked. I would say that eventually, it comes down to your customer satisfaction from there on. So that's our number one goal. Right now, scalability is our main goal. Maybe they're not the problems but from the standpoint of onboarding a new API on Layer 7, that's fairly simple. I see that it's an extremely user intuitive and user-friendly software. Our operational personnel who have barely have any experience could get on with it and help the enterprise register as many API's as possible from the get-go. View full review »
64f824e6 ae93 42c6 bf47 f391253aae27 avatar
Mahesh Rangaswamy
Sr. Manager - Technology Governance and Architecture at a tech services company with 1,001-5,000 employees
The additional features are to keep up with the security aspects. That’s one aspect, the market is changing. As we started several years back and where we are today, the technology and the security aspects have pretty much changed starting in the good old days with the PKI, SSL, now with the OR, etc. One thing that I would really look up to is keeping up with all of the evolution and security aspects of it as new features that can be added. The second one is provisioning the users. Right now we do not have a user friendly provisioning utility per se, so we have to do it behind the scenes. Having such a feature would certainly help in the long run, because it could do a lot of internal effort that we have to do in terms of development and maintenance aspects of it if we were using something out of the box. View full review »
Anonymous avatar x60
Integration Architect at a comms service provider with 1,001-5,000 employees
Microservices gateway is one thing in which we thought would be really good. It has come up, we just have to see how it's going to play out. Obviously, it's not going to replace the classic gateway, although we want to see that something in the microservices gateway that can actually replace classic gateway. That would be really nice. Right now, I don't think it's completely replaceable. It's just a part of it, but eventually they're saying that it will replace. So one day, where we can have a microservices gateway and we will not need the classic gateway at all, that is what we want to see. View full review »
Anonymous avatar x60
Enterprise Architect at DXC Technologie
The more automation the better. I think CA is stepping in the right direction. I went through the micro API Gateway presentations here at the CA World conference, on how you can automate more of the policy deployment via the JSON format, so you don't even having to touch the Policy Manager. Because every time you touch something in the Policy Manager you think, "Well, that's a GUI, humans need to go in and do something with it." So if we can automate everything with the APIs, that helps a lot in the DevOps lifecycle, where we want to automate everything. View full review »
0bbe10ad 91c3 46bb a66e f639427b6e1a avatar
James Lepianka
Manager, .Net And Mobile Applications Development at a energy/utilities company with 1,001-5,000 employees
I've used the device since it was the Layer 7 device, and it's come a long way. I think from a mobility standpoint, there's a lot of things that we do, and we have to create our own policies. I think the product's getting better every iteration, and they're adding more and more functionality to it, that allows us more reuse. I would just like to see where it's going to go through the roadmap, and I think it's got great, great potential. View full review »
Anonymous avatar x60
Michael Quintero
Enterprise Solutions Architect at Logisticare
They are getting there. Docker-based containers are there now, but it is not completed, I think. There are still some gaps between what we currently have and what the Docker model is. We are going for a pure cloud solution, so I want more emphasis on the hybrid model; deployment strategies that allow me to have on-prem and in-the-cloud interactions using the API Gateway, possibly even defining extended VIPs that we can load balance across the two platforms. They are moving forward, of course, as they go away from the virtual clients and get to Hazelcast. The roadmap could be a little clear for us because I'm making decisions now for the next generation of architecture. It's a little hard to discern where they're headed. View full review »
Anonymous avatar x60
Enterprise Architect
The solution is divided into their Gateway and to their Developer Portal components. For the Gateway component, our expectation was that it is provided as a Docker image, but it turned out that it was not supported in production up to the version that we are currently using. But the next version is obviously provided as a complete containerized version for production, which is quite good. On the other hand, the Portal provides some questions so to speak, at the moment, because as we decided on the product last year, at the end of 2016, and it turned out that CA completely rewrote the Portal solution and the current version of it is not at the level of the functionality of the previous 3.5 version. That's quite a problem for us because we expected some functions in the Portal which are currently not available. Unfortunately, the new version is also not being introduced here at CA World, so I'm somewhat doubtful as to whether it will be provided this year. So it will probably be available only next year. View full review »
Anonymous avatar x60
Head of Group Technology at a logistics company with 1,001-5,000 employees
We would want to see the monetization feature to be a standard function. At the moment, it is a third-party solution. This feature helps you to carry out API billings, so as the APIs are consumed from the outside world, you can charge your users for using them. Currently, it is not a standard feature and is more like an add-on where they have worked out ISV pricing with others. So, if it is made as a standard feature of the product it will be really good because it will take the promise of app economy to a true level; thus, it will be truly monetized. Another improvement we would like to see is that the product should be more relevant with the public cloud infrastructure that is pervasive nowadays. So, the ability to host and run these solutions on Amazon, Azure or Google Cloud should be a standard feature for this product. From what we have been told it is going to be a part of the product’s roadmap. View full review »
0b81bf2d 4732 499e b7be efcd5a4a97dd avatar
Ramana Ranga Raju
Lead Software Engineer at a health, wellness and fitness company with 501-1,000 employees
I want a more loosely coupled migration utility. Now they provide a DMU for migration of the code or APIs for continuous delivery. But it's not robust, so I want to see what CA is going to come up with regards to that. In terms of using the tool itself, it is not user-friendly. You can use the product with ease, but once it starts developing the code, there are a lot of APIs and functions that are not readily available for you. You need to refer to a document to learn about that. They should provide some APIs which will drop down the list of all the functions and that are available and ready to use. The world is changing now; we don't want to be stuck in the 80s or 70s, where we need to search for everything and then try to write a code for it one-by-one. It needs be a good tool; easy for the customers to use it. The main missing aspect from this tool is that although continuous delivery is available, it is not that straightforward and we have to work on that. View full review »
Ca1411a2 89a8 4473 82bf b58cd4796feb avatar
Jeff Nibler
Vice President of API Management Division at a tech company with 51-200 employees
The Developer Portal has had some limitations but a new version has already been released which addresses these limitations. It is already available in SaaS form and will also be available as an on-premise solution this October. The previous version of the Portal was a bit more limited in terms of appearance customization (CMS) than the new version. Some other features lacking in the old portal but available in the new version include API-Enabled (functions that can be executed from within the web-based GUI can also be executed from API calls, allowing you to automate tasks), ad-hoc reporting, support for hybrid deployments (Portal in the cloud, API Gateway on-prem), and Swagger support to name a few of the most commonly requested features. View full review »
Anonymous avatar x60
Randall Beatty
Lead Software Developer at United Services Automobile Association
It would be nice if we could create APIs directly from Swagger files. We're doing that ourselves with a middle layer. But if you could integrate with open API Swagger specs, and then just create a Swagger and upload it to the gateway and it would create all my API template policy, and would apply the OAuth restrictions, the types of security restrictions I have on there, that would be pretty cool. View full review »
12a4c621 1f47 423c 976b 766ab72a9738 avatar
Ian Frawley
OSS Enterprise Architect at a comms service provider
We have cases open around the SQL injection capabilities that need improvement. Cross-origin resource sharing policies need to be made a common assertion in the Gateway, that's not there at the moment out of the box (although it is available as a policy fragment). The developer portal needs to fully supported SOAP services (including WSDL publication with security), it would certainly push adoption for us. View full review »
F7c6ac8e b689 4e83 bf4d 89164c5c4d7f avatar
Atul Raut
Design Engineer at Automatic Data Processing, Inc.
There is still room for improvement for the CA API Developer Portal. It is still not on par with where the competitors are. Other than that, the Core API seems to be very resilient and strong on the security front, but then the CA API Developer Portal is the only piece which I think can be improved. View full review »
F8551424 0a12 4dee bf3a e612320fc576 avatar
Neil Callaghan
Integration Platform Manager at a comms service provider with 1,001-5,000 employees
As well as the SOA Gateway - that is, the API Gateway; we call it the SOA Gateway - we also are now deploying the developer portal component of the SOA Gateway. That has limitations. There are two main ways to offer web services to the outside world at the moment. One is RESTful services and one is SOAP-based services. We are predominantly a SOAP service company and the support for SOAP-based services are very limited, almost poor, in the developer portal. All CA's investment is around RESTful services, which is a problem for us. I would also simplify threat protection, I would improve SOAP support, and I would reduce Professional Services rates. Apart from that, everything's pretty good. View full review »
8803fb4f a644 4815 8902 e56d1fc1c43b avatar
Vijay Alagarasan
Principal Architect at a tech services company with 1,001-5,000 employees
The API Management has few products - Gateway, Portal. So far both Gateway and Portal are good but we would like to see a bit more improvements on the Portal side like giving a polished look for the documentation on the Portal. The Gateway is kind of solid. Today it is not that straightforward to generate a document, even the data generate, and it's not really auto-generating it from the Gateway. I would like to see an auto-generation of the documentation. View full review »
5be1b527 1de0 4380 8f94 474f0bbae2af avatar
Programmer Analyst at a healthcare company with 1,001-5,000 employees
It's a great product. Just expand on it. I think CA has done a good job bringing the UI component to macOS; that’s good. And I think they're also doing a web UI version where you can create policies. I believe in the past, they had some limitations of what you could or couldn't do, but they are solving some of those issues. CA is the leader in this space. So we look toward them for coming up with best practices to adopt. I'm not really an expert in that area. View full review »
Anonymous avatar x60
Enterprise Architect at a retailer with 1,001-5,000 employees
In my opinion, the policies need to be simplified so that developers are able to understand and taking that into consideration they can build their APIs. The support and maintenance needs to be simpler. They need to provide more knowledge and it should not be that only CA is able to provide that service. There is need to pass on the knowledge to the enterprise users. View full review »
79c8d22d 3307 4974 92ff 55b907c3de36 avatar
Lou Powell
Founding Partner - Principal at Vanick Digital
Based on a lot of the other tools in the marketplace, the user interface itself is more linear and programmatic based. For a developer it seems to be a very natural interface, but for someone that you'd like to get in there, just doing more configuration, I think there's an opportunity there. View full review »
Anonymous avatar x60
Software Engineer at a tech services company with 1,001-5,000 employees
More developer focused tools. They have a nice debugger inside of the program, but when you are developing code with their policies, it is tough to visualize that sometimes as a developer. So, tools that are a little more focused on rapidly creating those policies would be beneficial. View full review »
E329c2fd 85ed 4db6 aa47 0cb9023aa03b avatar
Sr. Manager - Delivery, Enterprise & Platform Architect at a tech services company with 1,001-5,000 employees
I see a lot in the developer portal. It's not that flexible the way we want it to be, so it's kind of out of the box and we can only do the standard features that they have. If you want to customize, it's a little bit hard for us, so I really want to see some flexibility in the developer portal. For the monitoring module, I also want to see some stability in the ESM module. View full review »
Aae3f261 7ac4 442a 912a a8a556328e2a avatar
Arun (Kumar) Singh
Senior Java Developer/ Solution Architect at a financial services firm with 501-1,000 employees
I feel there is a lot to improve in terms of providing plug-and-play functionalities, as at the moment it requires a lot of coding in their specific language for implementing a medium-complexity use case. It needs to improve the user interface for logging and monitoring. There is no test framework for the APIs, which is a setback. And with respect to providing an end-to-end API management solution, where the API will be charged per usage from the client, configuration is not that easy and straightforward. View full review »
79179ef5 dfbd 455f a9c2 a5c24eabe289 avatar
Hirouk Choudhury
Technical Principal at FedEx Corporation
At a high level, I would say the portal is a pain. CA double up portal is a pain. It is something that we are struggling with right now. That is just one of the products which is probably not sufficiently satisfactory. We are struggling to get it installed to be used now. It is not a fully-baked product as a whole. So, individual solutions may be good, but they are evolving in their silos. There needs to be wholistic thinking about how each one of these products functions. Each one of these CA products under API management needs to work in synergy, and evolve in a more cohesive, coherent way so we as enterprise we can take it seamlessly without much pain. View full review »
2f938c9f 8871 4040 896f 0d2b9fd225d8 avatar?1457046955
Song Jing Lim
Senior Consultant at a tech services company with 51-200 employees
Some of the common useful functions/assertions are only available in other CA products. The client needs to purchase and install those products in order to make it available for Layer 7. I don't think it is justified to maintain another product that is not really needed, in order to have just one function. If those common, useful functions could be part of the core Layer7 product, that would be great. Provide complete documentation with examples of usage on its build in assertion/function. Easier to find documents (e.g., cluster setup). View full review »
Anonymous avatar x60
Sr Software XML Gateway Developer at a engineering company with 1,001-5,000 employees
An as-is string API is not available for manipulating, like we do have in Java all operations of String are not present. The hard way is by using regular expressions, which is little difficult to intermediate and beginners. Some kinds of errors have to be reworked. Very recently, I saw a connection reset error message for a handshake View full review »
Anonymous avatar x60
Senior Lead Engineer at a tech consulting company with 1,001-5,000 employees
I would like to be able to see the publisher role be able to be organized within organizations, so somebody within that role can only manipulate their particular policies. View full review »
Anonymous avatar x60
Prof IT System at a comms service provider with 1,001-5,000 employees
We are looking for improvements related to integration. We want to see them add integration tools to the CA bundle. That would be helpful. View full review »
Anonymous avatar x60
API Champion at a tech services company with 501-1,000 employees
I would like to see a lot more information about design, such as design thinking and design UX, UI, information about the technology, and the problems it's solving for everyday customers. View full review »
Anonymous avatar x60
Sampath Kumar Palati
Technical Consultant at a tech company with 501-1,000 employees
* The API Development tool can be made more user-friendly by providing folder properties. * Assertions for common functionalities (like mathematical operations, string manipulations, connecting to non-SQL). * Masking the user credentials entered in Identity Provider, JDBC based on user role * Analytics and reporting need to be made better and more user-friendly; add some custom reports both on the Developer Portal and API Gateway; exporting of analytics and an email facility. * Logging and tracking of changes done by users in the Developer Portal. View full review »
Anonymous avatar x60
Reza Motevallizadeh
Solution Architecture / Digital Architect at a financial services firm with 1,001-5,000 employees
I would like to see this amazing product have the following enhancements: * Continue integration and delivery (10 points) Currently the tool provides REST APIs, but they are not easy to use. They need to be reviewed and enhanced. The documentation is good, but there are not enough examples. * Monitoring and reporting (20 points) The Admin dashboard provided by the tool is amazing. However, this doesn't allow the service owners to view their services. The gateway admins are always struggling to provide reporting and monitoring status. We need to provide monitoring and reporting out-of-the-box for the management and service owners. We can do custom development, but not every company has time to do so. The Admin dashboard is not business friendly and it doesn't provide rich reporting features. * RAD - Rapid Application Development - Development environment (5 points) The policy editor, at first glance, seems complicated and it scares developers. I would like to see it easier to understand. Maybe it could have a visual drag and drop, like with Borland C++ Builder. View full review »
828dcc73 29a1 4755 a840 dbe4869ec7ad avatar
VP Product Development at a financial services firm with 1,001-5,000 employees
Some of the things that we see as room of improvement are how do you integrate with other systems out there. Integration with the existing systems and infrastructure, which is not necessarily related. How do you integrate those systems in? Examples could be: how does CA integrate with IBM or existing systems? Lot's of large organizations have existing systems they don't want to replace with other systems. How does CA's systems work with those systems concurrently? Those would be important considerations. View full review »
Anonymous avatar x60
Kalyan Reddy
Lead Infrastructure Architect with 11-50 employees
CA API Portal 3.5 does not support Swagger documentation. If they were to support that, it would be great. However, their focus is on a newer, enhanced version of their API Portal 4.1 Release. However, it is not very mature and there is no direct migration available in the near future. It is not possible for clients to migrate to a newer version. CA might lose clients mainly for this reason (Swagger Support on API Portal 3.5), unless they develop seamless migration utilities from API portal 3.5 to 4.1. View full review »
Anonymous avatar x60
Solution Architect
We're integrating the cloud. I would like some more integration of cloud capabilities. View full review »
01677664 02f9 4f5b 8c3a 0950a3961407 avatar
Aman Khurana
Technical Principal at FedEx Corporation
For additional features, I would like to see how it can be deployed into the cloud platform out-of-the-box and not having to do a lot of the initial setup. If it can be done out-of-the-box, that will make customer's life very easy. Their upgrade solutions are not straightforward. Therefore, we are running the older version. We wanted to go to the latest and greatest. However, it is really complex going from where we are to the next one. View full review »
F1dbb6fe 2a00 4c0a a381 343f02dac153 avatar
Brent Beermann
Infrastructure Middleware Manager at a health, wellness and fitness company with 1,001-5,000 employees
I would like to see the GMU, the automated deployment framework, available in some sort of graphical interface. This would allow options, outside of automation, so you could see things graphically. View full review »
Anonymous avatar x60
Adnan Siddiqui
Practice Lead at a tech services company with 11-50 employees
The feature set is quite diverse and community driven, which is a good avenue to promote future features into this product. The policy manager UI shows signs of aging, but it is not a must. Policy manager is probably built using Java SWING, it has all the features, but loses some points on the look and feel, compared to some new generation IDEs. It would be nice to see the PM revamped and some additional features added, such as step debugging for encapsulated assertions etc. View full review »
Anonymous avatar x60
Architect at a tech company with 201-500 employees
* Patching/upgrading is a manual process and should be automated. * Configuration synchronizing between nodes licenses available to customers. View full review »
Anonymous avatar x60
Heather Lilly
Sales Engineer at a tech services company with 51-200 employees
I was hoping that there would be some deeper dive Gateway training than their two day workshop and the self-paced study provided. The only course that focused on the Gateway was a Sales Certification course, for which I never did get my certificate, and it was only a short intro to the Gateway and the Portal. There was nothing that I could find that was more in depth than that. Some of the speakers at CA World spoke about how they used the Gateway, but mostly it was mentioned that partners were using it. So it would be good if there could be more deeper dive Gateway training during the Pre-Conference training sessions. View full review »
Anonymous avatar x60
VP Of IT Development at a tech services company with 1-10 employees
The Policy Manager UI is very busy. It lacks a graphical representation for the flow of the assertions that can significantly improve the clarity of the policy. Thus the Policy Manager UI can be improved in terms of usability. For example, instead of policy assertions in the policy being in a line by line form, it could be represented as graphical flow, similar to how Vordel Gateway does it. View full review »
Anonymous avatar x60
Eric Krauss
Senior Manager Global Devops at Encore Capital Group
I would like to see it work better with one of our back-end databases, DB2 UDB. Other than that, I really don't have any complaints so far. It's doing everything we need it do. View full review »
Anonymous avatar x60
Cyber Security Advisor
I would like to see more documentation. The current documentation is there, but we do not find it very useful. For example, we wanted to integrate with PingFederate TV provider and there was not enough information to customize the way we wanted. It took a lot of effort and we had to reach out to the Gateway folks to help us out on how to do that customization. Thus, it is not easy to integrate with other solutions. View full review »
Anonymous avatar x60
Senior Associate
We are evaluating the next release, actually. We would like to see more stability. View full review »
5dd48c8b cb78 47a1 9e22 7ea0ab28fa48 avatar
Roberto Hengist
Head of Digital at Banco Votorantim
CA can provide more features to help with performing tests, for example, to create a month of simulated data to perform stress tests using the CA. In the past, we had to pay our client to create a database for us to perform tests using credit card information with simulated customers. We want the CA API management platform to include a specific module for creating this test database. View full review »
4e2fd7f3 8a4a 4922 97c7 2a95515fd424 avatar
Steve Schilhabel
Manager, Information Technology - Integration Technology Engineering at a financial services firm with 1,001-5,000 employees
I would like more graphical interfaces for better usability. View full review »
Anonymous avatar x60
Ron Toward
Leads System Engineer at a consultancy with 1,001-5,000 employees
We'd like to see an updated migration tool. Right now, the migration process works but it is a little clunky because there's not a good tool for migrating it. It's an older version tool so the services need to be restarted every once in a while. View full review »
Fe3f1484 07f6 40d5 b26d e2e471987f86 avatar
Alan Fairhurst
Development Manager API Management - Digital Technology Services at a energy/utilities company with 10,001+ employees
* Ease of use * Ability of development and ops teams to expose and manage their own API View full review »
Anonymous avatar x60
Senior Engineer at a transportation company with 1,001-5,000 employees
* More throughput * More scalability * Better built-in monitoring View full review »
Dc62037d 0fc7 49b2 ad55 5c44c25ae07e avatar
Sekar Purushothaman
Sr. Systems Engineer at a hospitality company with 10,001+ employees
There is a need for the migration of policies, better reporting, and monitoring integration. View full review »
5948e08c 742b 4c3a 98b8 a2659abc0c64 avatar
Senior Consultant
Improvement in developer portal customization. View full review »
Anonymous avatar x60
Application Integration Developer I at a financial services firm with 1,001-5,000 employees
There is a need to automate the process of retrieving the SSL certificate when it has expired. Currently, the product doesn't have this feature automated. It is only manual. View full review »
45a340a9 3208 4109 a0aa aaca58bc3d30 avatar
Siddharth Saxena
Associate Vice President at a financial services firm with 10,001+ employees
The product shouldn’t require to be connected to a server for doing development. View full review »

Sign Up with Email