CA API Management Room for Improvement

79c8d22d 3307 4974 92ff 55b907c3de36 avatar
Founding Partner - Principal at Vanick Digital
Based on a lot of the other tools in the marketplace, the user interface itself is more linear and programmatic based. For a developer it seems to be a very natural interface, but for someone that you'd like to get in there, just doing more configuration, I think there's an opportunity there. view full review »
Anonymous avatar x60
Director of Architecture at a healthcare company with 1,001-5,000 employees
With scalability, it comes to resiliency. If you cannot scale you're not resilient. If you're not resilient your performance is worse. If your performance is worse your API and services are not available. Fine lines of availability is one of the key criteria's in the industry - 99.99% availability. That means 6 hours downtime in a year, so can you really ensure that everything is interlinked. If we talk about software architecture, quality attributes from these are all interlinked. I would say that eventually, it comes down to your customer satisfaction from there on. So that's our number one goal. Right now, scalability is our main goal. Maybe they're not the problems but from the standpoint of onboarding a new API on Layer 7, that's fairly simple. I see that it's an extremely user intuitive and user-friendly software. Our operational personnel who have barely have any experience could get on with it and help the enterprise register as many API's as possible from the get-go. view full review »
A9455bba 4cb5 4ef4 acce 5931bbdc6da6 avatar?1448361674
IT Mobile/Web Solution Delivery Manager at a financial services firm with 1,001-5,000 employees
The products developer portals can be better. It needs a better look and feel. Also, the user experience for developers to discover and develop APIs needs work. view full review »
828dcc73 29a1 4755 a840 dbe4869ec7ad avatar
VP Product Development at a financial services firm with 1,001-5,000 employees
Some of the things that we see as room of improvement are how do you integrate with other systems out there. Integration with the existing systems and infrastructure, which is not necessarily related. How do you integrate those systems in? Examples could be: how does CA integrate with IBM or existing systems? Lot's of large organizations have existing systems they don't want to replace with other systems. How does CA's systems work with those systems concurrently? Those would be important considerations. view full review »
Anonymous avatar x60
Sales Engineer at a tech services company with 51-200 employees
I was hoping that there would be some deeper dive Gateway training than their two day workshop and the self-paced study provided. The only course that focused on the Gateway was a Sales Certification course, for which I never did get my certificate, and it was only a short intro to the Gateway and the Portal. There was nothing that I could find that was more in depth than that. Some of the speakers at CA World spoke about how they used the Gateway, but mostly it was mentioned that partners were using it. So it would be good if there could be more deeper dive Gateway training during the Pre-Conference training sessions. view full review »
Ebe4ea0a 4c76 49bd b0ca 93b4349b0942 avatar?1448916625
Manager - API Management at a insurance company with 1,001-5,000 employees
They have really stabilized the API gateway in the last couple of releases. There’s a developer portal that is used to document your APIs that is woefully behind the times, in terms of being able to provide a really good robust experience for the developers consuming your APIs. You can’t document all of the details you need in the current developer portal and really need a separate web site just to document your API. You need to understand what you want from an enterprise API, what your vision, what your plans are for rolling out an enterprise API, before you just go out and buy a product. view full review »
Anonymous avatar x60
Manager, IT Security & IT Office of the CIO at a engineering company with 1,001-5,000 employees
One item that we’ve had discussions – and they’ve fixed some of it – you had to buy extra products, specifically the CA Mobile API Gateway, to get certain types of token support even though you didn’t need that product for anything else. So, foundational token support should be part of the base product and you shouldn’t have to buy the mobile feature to get those features. For example, in order to get OAUTH we had to buy the MAG product, but I think they’ve fixed that now. But we’re not sure they’ve fixed everything. view full review »
18a3f99e 028f 46f2 b22c a734f1466415 avatar?1449667958
Expert Architect at a tech services company with 1,001-5,000 employees
The UI is very dated. I've talked to some of the development and product managers about that, and I think it's a known issue. It's early 2000's technology. We would like to see something online and a better UI that's easier to use and more intuitive. Reporting could use some enhancements as well. We just moved to the 8.4 version from 7.1, and they've got a new reporting tool called ESM. We're just now starting to use that, so maybe that's going to provide what we need; it's to be determined. view full review »
Anonymous avatar x60
IT Analyst at a retailer with 1,001-5,000 employees
I don't have enough experience to say what I would like to see improved because I'm still building it into my repertoire right now. I wouldn't say, however, that the setup is simple. It's mildly complex, but given the documentation and the linearity of it, it was fairly straightforward. view full review »
Anonymous avatar x60
VP, EIM Data Architect at a financial services firm with 1,001-5,000 employees
I'd like to be able to import a Swagger file through the gateway. view full review »
Anonymous avatar x60
Team Lead at a pharma/biotech company with 1,001-5,000 employees
Because of our experience with our cloud-hosting provider's image requirements versus what CA provided them, I think an area of improvement would be additional form factors for virtualization. view full review »
Fe3f1484 07f6 40d5 b26d e2e471987f86 avatar
Development Manager API Management - Digital Technology Services at a energy/utilities company with 10,001+ employees
* Ease of use * Ability of development and ops teams to expose and manage their own API view full review »
5948e08c 742b 4c3a 98b8 a2659abc0c64 avatar
Senior Consultant
Improvement in developer portal customization. view full review »
Anonymous avatar x60
Lead Infrastructure Architect with 11-50 employees
CA API Portal 3.5 does not support Swagger documentation. If they were to support that, it would be great. However, their focus is on a newer, enhanced version of their API Portal 4.1 Release. However, it is not very mature and there is no direct migration available in the near future. It is not possible for clients to migrate to a newer version. CA might lose clients mainly for this reason (Swagger Support on API Portal 3.5), unless they develop seamless migration utilities from API portal 3.5 to 4.1. view full review »
45a340a9 3208 4109 a0aa aaca58bc3d30 avatar
Associate Vice President at a financial services firm with 10,001+ employees
The product shouldn’t require to be connected to a server for doing development. view full review »
Anonymous avatar x60
Practice Lead at a tech services company with 11-50 employees
The feature set is quite diverse and community driven, which is a good avenue to promote future features into this product. The policy manager UI shows signs of aging, but it is not a must. Policy manager is probably built using Java SWING, it has all the features, but loses some points on the look and feel, compared to some new generation IDEs. It would be nice to see the PM revamped and some additional features added, such as step debugging for encapsulated assertions etc. view full review »
Anonymous avatar x60
VP Of IT Development at a tech services company with 1-10 employees
The Policy Manager UI is very busy. It lacks a graphical representation for the flow of the assertions that can significantly improve the clarity of the policy. Thus the Policy Manager UI can be improved in terms of usability. For example, instead of policy assertions in the policy being in a line by line form, it could be represented as graphical flow, similar to how Vordel Gateway does it. view full review »
12a4c621 1f47 423c 976b 766ab72a9738 avatar
OSS Enterprise Architect at a comms service provider with 1,001-5,000 employees
Certainly we have cases open around the SQL injection capabilities and things like that, that need improvement. Cross-origin resource sharing policies need to be made a common assertion in the Gateway. That's not there at the moment. Other improvements such as SQL injection are important too. You can't make it node-specific. It gets to the point where CA are having to try and perform an implementation for us. The same applies to script injection and XML injection assertions and cross-origin resource sharing. I'd certainly say if the developer portal fully supported SOAP services, it would certainly push it much higher. view full review »
F8551424 0a12 4dee bf3a e612320fc576 avatar
Integration Platform Manager at a comms service provider with 1,001-5,000 employees
As well as the SOA Gateway - that is, the API Gateway; we call it the SOA Gateway - we also are now deploying the developer portal component of the SOA Gateway. That has limitations. There are two main ways to offer web services to the outside world at the moment. One is RESTful services and one is SOAP-based services. We are predominantly a SOAP service company and the support for SOAP-based services are very limited, almost poor, in the developer portal. All CA's investment is around RESTful services, which is a problem for us. I would also simplify threat protection, I would improve SOAP support, and I would reduce Professional Services rates. Apart from that, everything's pretty good. view full review »
Dc62037d 0fc7 49b2 ad55 5c44c25ae07e avatar
Sr. Systems Engineer at a hospitality company with 10,001+ employees
There is a need for the migration of policies, better reporting, and monitoring integration. view full review »
Anonymous avatar x60
Application Integration Developer I at a financial services firm with 1,001-5,000 employees
There is a need to automate the process of retrieving the SSL certificate when it has expired. Currently, the product doesn't have this feature automated. It is only manual. view full review »
Anonymous avatar x60
Architect at a tech company with 201-500 employees
* Patching/upgrading is a manual process and should be automated. * Configuration synchronizing between nodes (installation instances of this software) is a manual process and should be automated and simplified. * It could use a better dashboard for showing performance metrics (e.g message throughput). * Ideally there should be cheaper development/testing (ie. non-production) licenses available to customers. view full review »
0bbe10ad 91c3 46bb a66e f639427b6e1a avatar
Manager, .Net And Mobile Applications Development at a energy/utilities company with 1,001-5,000 employees
I've used the device since it was the Layer 7 device, and it's come a long way. I think from a mobility standpoint, there's a lot of things that we do, and we have to create our own policies. I think the product's getting better every iteration, and they're adding more and more functionality to it, that allows us more reuse. I would just like to see where it's going to go through the roadmap, and I think it's got great, great potential. view full review »
Anonymous avatar x60
Solution Architecture / Digital Architect at a financial services firm with 1,001-5,000 employees
I would like to see this amazing product have the following enhancements: * Continue integration and delivery (10 points) Currently the tool provides REST APIs, but they are not easy to use. They need to be reviewed and enhanced. The documentation is good, but there are not enough examples. * Monitoring and reporting (20 points) The Admin dashboard provided by the tool is amazing. However, this doesn't allow the service owners to view their services. The gateway admins are always struggling to provide reporting and monitoring status. We need to provide monitoring and reporting out-of-the-box for the management and service owners. We can do custom development, but not every company has time to do so. The Admin dashboard is not business friendly and it doesn't provide rich reporting features. * RAD - Rapid Application Development - Development environment (5 points) The policy editor, at first glance, seems complicated and it scares developers. I would like to see it easier to understand. Maybe it could have a visual drag and drop, like with Borland C++ Builder. view full review »
4e2fd7f3 8a4a 4922 97c7 2a95515fd424 avatar
Manager, Information Technology - Integration Technology Engineering at a financial services firm with 1,001-5,000 employees
I would like more graphical interfaces for better usability. view full review »
Anonymous avatar x60
Enterprise Solutions Architect at Logisticare
They are getting there. Docker-based containers are there now, but it is not completed, I think. There are still some gaps between what we currently have and what the Docker model is. We are going for a pure cloud solution, so I want more emphasis on the hybrid model; deployment strategies that allow me to have on-prem and in-the-cloud interactions using the API Gateway, possibly even defining extended VIPs that we can load balance across the two platforms. They are moving forward, of course, as they go away from the virtual clients and get to Hazelcast. The roadmap could be a little clear for us because I'm making decisions now for the next generation of architecture. It's a little hard to discern where they're headed. view full review »
5be1b527 1de0 4380 8f94 474f0bbae2af avatar
Programmer Analyst at a healthcare company with 1,001-5,000 employees
It's a great product. Just expand on it. I think CA has done a good job bringing the UI component to macOS; that’s good. And I think they're also doing a web UI version where you can create policies. I believe in the past, they had some limitations of what you could or couldn't do, but they are solving some of those issues. CA is the leader in this space. So we look toward them for coming up with best practices to adopt. I'm not really an expert in that area. view full review »
Anonymous avatar x60
API Champion at a tech services company with 501-1,000 employees
I would like to see a lot more information about design, such as design thinking and design UX, UI, information about the technology, and the problems it's solving for everyday customers. view full review »
F1dbb6fe 2a00 4c0a a381 343f02dac153 avatar
Infrastructure Middleware Manager at a health, wellness and fitness company with 1,001-5,000 employees
I would like to see the GMU, the automated deployment framework, available in some sort of graphical interface. This would allow options, outside of automation, so you could see things graphically. view full review »
0b81bf2d 4732 499e b7be efcd5a4a97dd avatar
Lead Software Engineer at a health, wellness and fitness company with 501-1,000 employees
I want a more loosely coupled migration utility. Now they provide a DMU for migration of the code or APIs for continuous delivery. But it's not robust, so I want to see what CA is going to come up with regards to that. In terms of using the tool itself, it is not user-friendly. You can use the product with ease, but once it starts developing the code, there are a lot of APIs and functions that are not readily available for you. You need to refer to a document to learn about that. They should provide some APIs which will drop down the list of all the functions and that are available and ready to use. The world is changing now; we don't want to be stuck in the 80s or 70s, where we need to search for everything and then try to write a code for it one-by-one. It needs be a good tool; easy for the customers to use it. The main missing aspect from this tool is that although continuous delivery is available, it is not that straightforward and we have to work on that. view full review »
Anonymous avatar x60
Enterprise Architect at a retailer with 1,001-5,000 employees
In my opinion, the policies need to be simplified so that developers are able to understand and taking that into consideration they can build their APIs. The support and maintenance needs to be simpler. They need to provide more knowledge and it should not be that only CA is able to provide that service. There is need to pass on the knowledge to the enterprise users. view full review »
Anonymous avatar x60
Head of Group Technology at a logistics company with 1,001-5,000 employees
We would want to see the monetization feature to be a standard function. At the moment, it is a third-party solution. This feature helps you to carry out API billings, so as the APIs are consumed from the outside world, you can charge your users for using them. Currently, it is not a standard feature and is more like an add-on where they have worked out ISV pricing with others. So, if it is made as a standard feature of the product it will be really good because it will take the promise of app economy to a true level; thus, it will be truly monetized. Another improvement we would like to see is that the product should be more relevant with the public cloud infrastructure that is pervasive nowadays. So, the ability to host and run these solutions on Amazon, Azure or Google Cloud should be a standard feature for this product. From what we have been told it is going to be a part of the product’s roadmap. view full review »
5dd48c8b cb78 47a1 9e22 7ea0ab28fa48 avatar
Head of Digital at Banco Votorantim
CA can provide more features to help with performing tests, for example, to create a month of simulated data to perform stress tests using the CA. In the past, we had to pay our client to create a database for us to perform tests using credit card information with simulated customers. We want the CA API management platform to include a specific module for creating this test database. view full review »
Anonymous avatar x60
Leads System Engineer at a consultancy with 1,001-5,000 employees
We'd like to see an updated migration tool. Right now, the migration process works but it is a little clunky because there's not a good tool for migrating it. It's an older version tool so the services need to be restarted every once in a while. view full review »
Anonymous avatar x60
Technical Consultant at a tech company with 501-1,000 employees
* The API Development tool can be made more user friendly by providing folder properties. * Assertions for common functionalities (like mathematical operations, string manipulations, connecting to non-SQL). * Masking the user credentials entered in Identity Provider, JDBC based on user role * Analytics and reporting need to be made better and more user friendly; add some custom reports both on the Developer Portal and API Gateway; exporting of analytics and an email facility. * Logging and tracking of changes done by users in the Developer Portal. view full review »
Aae3f261 7ac4 442a 912a a8a556328e2a avatar
Senior Java Developer/ Solution Architect at a financial services firm with 501-1,000 employees
I feel there is a lot to improve in terms of providing plug-and-play functionalities, as at the moment it requires a lot of coding in their specific language for implementing a medium-complexity use case. It needs to improve the user interface for logging and monitoring. There is no test framework for the APIs, which is a setback. And with respect to providing an end-to-end API management solution, where the API will be charged per usage from the client, configuration is not that easy and straightforward. view full review »
Ca1411a2 89a8 4473 82bf b58cd4796feb avatar
Vice President of API Management Division at a tech company with 51-200 employees
The Developer Portal has had some limitations but a new version has already been released which addresses these limitations. It is already available in SaaS form and will also be available as an on-premise solution this October. The previous version of the Portal was a bit more limited in terms of appearance customization (CMS) than the new version. Some other features lacking in the old portal but available in the new version include API-Enabled (functions that can be executed from within the web-based GUI can also be executed from API calls, allowing you to automate tasks), ad-hoc reporting, support for hybrid deployments (Portal in the cloud, API Gateway on-prem), and Swagger support to name a few of the most commonly requested features. view full review »
Anonymous avatar x60
Sr Software XML Gateway Developer at a engineering company with 1,001-5,000 employees
An as-is string API is not available for manipulating, like we do have in Java all operations of String are not present. The hard way is by using regular expressions, which is little difficult to intermediate and beginners. Some kinds of errors have to be reworked. Very recently, I saw a connection reset error message for a handshake (for cipher). Many organizations have recently performed the SHA2 upgrade, so handshake errors are not properly recorded in logs. When backend system sends error message with different MIME layer7 cannot propogate the same message, most of the times it gives blank message, backend error message is never passed to final consumer. (observed in 8.3 for MIME application/problem+json and with error code 403) view full review »
64f824e6 ae93 42c6 bf47 f391253aae27 avatar
Sr. Manager - Technology Governance and Architecture at a tech services company with 1,001-5,000 employees
The additional features are to keep up with the security aspects. That’s one aspect, the market is changing. As we started several years back and where we are today, the technology and the security aspects have pretty much changed starting in the good old days with the PKI, SSL, now with the OR, etc. One thing that I would really look up to is keeping up with all of the evolution and security aspects of it as new features that can be added. The second one is provisioning the users. Right now we do not have a user friendly provisioning utility per se, so we have to do it behind the scenes. Having such a feature would certainly help in the long run, because it could do a lot of internal effort that we have to do in terms of development and maintenance aspects of it if we were using something out of the box. view full review »
E329c2fd 85ed 4db6 aa47 0cb9023aa03b avatar
Sr. Manager - Delivery, Enterprise & Platform Architect at a tech services company with 1,001-5,000 employees
I see a lot in the developer portal. It's not that flexible the way we want it to be, so it's kind of out of the box and we can only do the standard features that they have. If you want to customize, it's a little bit hard for us, so I really want to see some flexibility in the developer portal. For the monitoring module, I also want to see some stability in the ESM module. view full review »
8803fb4f a644 4815 8902 e56d1fc1c43b avatar
Principal Architect at a tech services company with 1,001-5,000 employees
The API Management has few products - Gateway, Portal. So far both Gateway and Portal are good but we would like to see a bit more improvements on the Portal side like giving a polished look for the documentation on the Portal. The Gateway is kind of solid. Today it is not that straightforward to generate a document, even the data generate, and it's not really auto-generating it from the Gateway. I would like to see an auto-generation of the documentation. view full review »
2f938c9f 8871 4040 896f 0d2b9fd225d8 avatar?1457046955
Senior Consultant at a tech services company with 51-200 employees
Some of the common useful functions/assertions (e.g., JWT encoding/decoding) are only available in other CA products. The client needs to purchase and install those products in order to make it available for Layer 7. I don't think it is justified to maintain another product that is not really needed, in order to have just one function. If those common, useful functions could be part of the core Layer7 product, that would be great. Provide complete documentation with examples of usage on its build in assertion/function. Easier to find documents (e.g., cluster setup). view full review »
17ffc863 d795 427a bf0e 631d64ed9685 avatar
Head of Sportsbook Delivery at Gala Coral Interactive
What it allows us to do is it's more time to market than the value, actually, so a lot of our affiliate marketing teams, they go and engage with the vendor's affiliates, effectively, and they want a very quick, clean solution to get a lot of customers in, place a bet, see their bet history and then log out and tap on and move on to do something else. What this allows us to do is that, whereas previously, I would have had to a specific project team, they would take two or three months to do an integration, now you can do that in a matter of weeks. You can realize the value of a commercial relationship very quickly. view full review »
Anonymous avatar x60
Chief Engineer (R&D for VoIP, Networking and P2P) at a tech services company with 1,001-5,000 employees
In two months, we want a new API publishing system to be opened. We need them to have fixed the issues of the API gateway by then. view full review »

Sign Up with Email