Layer7 API Management Overview

Layer7 API Management is the #7 ranked solution in our list of top API Management tools. It is most often compared to Apigee: Layer7 API Management vs Apigee

What is Layer7 API Management?

To compete successfully and thrive today, enterprises across every industry need to transform. This process is not just about incremental improvement, but about evolving core businesses to meet the demands of today’s connected world.

CA API Management accelerates this digital transformation by providing the capabilities you need to bring systems together, secure these integrations, deliver better customer experiences faster and capitalize on new opportunities.

Read more at http://www.ca.com/api

Layer7 API Management is also known as CA API Management, CA Live API Creator, Espresso Logic, CA API Gateway.

Layer7 API Management Buyer's Guide

Download the Layer7 API Management Buyer's Guide including reviews and more. Updated: May 2021

Layer7 API Management Customers

Alaska Airlines, The Advisory Board Company, Amerigroup, IceMobile, R+V Versicherung, U.S. Army - plus hundreds of other customers in the banking, energy, finance, healthcare, government, manufacturing, transportation and retail sectors.

Layer7 API Management Video

Filter Archived Reviews (More than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Consultor de segurança at a tech services company with 1-10 employees
Real User
Top 20
Information Security Features Allow Our Developers to Focus on Just Writing the Support Code

What is our primary use case?

In my company, we use CA API Management for banks in the financial markets. Our primary use case is for the basic protection of the APIs. We also use the authentication feature.

Pros and Cons

  • "I work for an information security company. CA API Management is capable of using tokens for authorization to manage access control for the APIs."
  • "One specific feature that we need is the ability to authenticate directly to the server with API data. It's not complex nowadays. This is a feature that we need and CA doesn't have it."

What other advice do I have?

CA API Management is very helpful. I would rate the product an 8 out of 10. In my opinion, the features are all very good.
VV
Software Engineer at a tech vendor with 501-1,000 employees
Real User
APIs can be developed to provide security and we can show everything in a single pane of glass

What is our primary use case?

Previously, we don't have a security for our web or mobile applications. In a scenario where I have an application that gives APIs to everyone in the world, they can directly access that particular application. However, this allows for different types of attacks on that particular application too. This becomes a problem if a number of users access it, whether they are valid or invalid users, they will see performance issues. If a number of attacks are happening on a particular application, it goes down. So, from a security perspective, CA API Management acts like a reserve proxy. It makes the… more »

Pros and Cons

  • "As an organization grow, you can use CA API Management for authentication purposes through the CA API Gateway. It allows for multiple identity providers with different Active Directories."
  • "They need a workflow for the API Developer Portal, where the process only allows requests to go to the correct person."

What other advice do I have?

This product is available on-premise, in the cloud, and Docker.
Learn what your peers think about Layer7 API Management. Get advice and tips from experienced pros sharing their opinions. Updated: May 2021.
501,818 professionals have used our research since 2012.
Technical Director at SoftPro
Reseller
The product implementation was complex, but the tool has a good user interface and is easy to use

What is our primary use case?

I have used this tool for my customers, as I am a service provider, not an end user. I have dealt with implementations and configurations for CA API Management. We implemented the API versioning for software services and REST services.

Pros and Cons

  • "The solution helped us to quickly publish and monetize APIs. I have used versioning responses to publish or send APIs to different customers with different versions."
  • "The implementation of CA API Management was complex. It is a complicated solution. You have to know so much IT knowledge to do the implementation."

What other advice do I have?

I would not recommend the product based on how it has performed to implement it. I did not like working with the product. We have not used it to modernize legacy systems via microservices, APIs, or developing a new platform for mobile. We also did not use it for connecting data to apps via APIs. I am not familiar with the security aspects of the solution. We stopped offering the product as a service a month ago since the product no longer belongs to CA. In Taiwan, I believe no one will buy CA products anymore because it is no longer trustworthy as a company, since the products are no longer…
MJ
Lead Architect at a energy/utilities company with 1,001-5,000 employees
Real User
Does well protecting APIs against vulnerabilities, but the lifecycle management approach needs improvement

What is our primary use case?

We use it as a gateway for protecting some of our critical infrastructure out on the grid. We have six data centers and it is implemented in each one of them, protecting our grid. We have several applications that talk to the grid, and they pass through that gateway to get out there, ensuring that we terminate connections from the lower security environment and reestablish credentials for the higher security environment.

Pros and Cons

  • "From a security standpoint, it works great. It is the right solution for us. It's lightweight, a software-appliance configuration which was easy to deploy and configure."
  • "The entire lifecycle management approach needs improvement: from the API management, development, deployment, some of the settings around the quotas, and some security policy applications, etc. for the APIs. We found the Apigee platform a lot more robust in that area."

What other advice do I have?

CA API Management is a pretty solid product for what we are using it for. It's been good. It has served our purpose and kept us out of trouble. Evaluate what's out there in the industry. Make sure that you chose the right product for your use cases. I would rate this solution at about six out of ten, overall. At the time when we were evaluating it, it was about the complete lifecycle management. We were looking to build APIs to legacy systems, using IDE deployment strategies - all of those things were lacking. Products like MuleSoft and Apigee had better, more robust software development…
Layer7 API Developer at Allied Globetech
Real User
Built-in assertions for vulnerabilities, like DDoS attacks and IP restrictions, are useful

What is our primary use case?

Our primary use case is basic encryption/decryption using symmetric assertions and then, gradually, SOAP signatures, SOAP encryption, non-SOAP XML encryption, and signing that. In the last six months or so, I have been working on JWT (JSON Web Tokens).

Pros and Cons

  • "There are a few assertions which are built-in for threat protection. I have used them for vulnerabilities, like for DDoS attacks, XML schema validation, IP restriction, and for cross-domain."
  • "There are old algorithms that the tool does not support - and it shouldn't, in my opinion. But sometimes customers need old algorithms, from old use cases and old applications, migrated to the platform. At those times, there are hiccups that happen."

What other advice do I have?

The tool is very powerful so if you are looking to go with an API platform I would recommend CA. The number of users among our clients is growing, although I don't have an actual number I can give you. Initially, it takes time to get people to understand the platform, but once they understand it, everyone wants to use the platform and have their application exposed to this platform only. Overall, I would rate the solution at nine out of ten.
AT
GM - Head of Digital Transformation at a financial services firm with 10,001+ employees
Real User
Monetization module is unique, but security protocols for financial service were not up to par

What is our primary use case?

Our primary use case for this solution is opening up our APIs to the development community so they can help us innovate some of our banking products. We've demoed CA API Management and we've done one proof of concept with it, but we are not using it on an ongoing basis.

Pros and Cons

  • "Containerization and the monetization module are quite unique for an API tool... In addition, the development time and rollout time are pretty quick."
  • "The security protocols in CA's product, for financial services, weren't as good as those in API Connect."

What other advice do I have?

With respect to supporting a large number of APIs and/or a large number of transactions, we didn't use it for a large number of transactions. It was a PoC so we only used it for limited connectivity. But from what I've read and from what I've heard from other users, the volume management and traffic flow management is actually pretty good for CA's tool. I would rate the solution at six out of ten, overall. It didn't meet all of our needs.
SH
Sr. Tech lead at a manufacturing company with 10,001+ employees
Real User
A helpful tool for authentication purposes

What is our primary use case?

The security checking authentication is our primary use case for this solution.

What is most valuable?

The API gateway is good. 

What needs improvement?

We have experienced technical difficulties with the product in the past. 

For how long have I used the solution?

Three to five years.

How is customer service and technical support?

Tech support is helpful. I would give it an 8 out of 10 rating. 

What's my experience with pricing, setup cost, and licensing?

I do not have any experience with the pricing or licensing of the product.
Sr. Systems Engineer at a hospitality company with 1,001-5,000 employees
Real User
The out-of-the-box security features are useful. We feel secure using the Gateway.

What is our primary use case?

We use CA API Management for our brand mobile app and our outbound traffic. Our brand mobile apps are for Olive Garden, Capital Grill and LongHorn Steak House. We also use API Management to modernize legacy systems via microservices. We have our internet application, which is connected to PeopleSoft and other tools so we can export through API gateway. So we have a custom mobile app built for our internal application, where people can check their paychecks, benefits, and other perks, such as gift cards.

Pros and Cons

  • "The out-of-the-box security features are useful. Right now, you can just right-click and drag and drop the assertions with the rate limit. That, as well as the x-amount surge protection, is built in so we can bring that in."
  • "On the monitoring side, we need a better way to monitor it. CA has not given a clear understanding of what external tools we can use to do this."

What other advice do I have?

I rate CA API Management as an eight out of ten due to the overall stability of the product. So, we had this implemented and running fine unless we had increased traffic. We never went back and tuned it. In that way, I'm pretty happy with that. It loses the last two points because of the monitoring, as well as the capacity analysis and planning our day-to-day transaction details.
SK
Technical Consultant at a computer software company with 501-1,000 employees
Consultant
Provides different form factors, API virtualization and lifecycle management, data security, and scalability. Improvements needed in analytics, reporting, logging, tracking, SSO and user experience.

What is our primary use case?

* Digitalization * API Life Cycle Management CA API Management powers the next generation of mobile and Internet of Things (IoT) applications by providing reliable connectivity between data, people, apps and devices. You can aggregate and orchestrate data from multiple data sources into modern REST APIs almost instantly. Whether your data is in legacy systems, disparate databases, or the cloud, you will be able to bring it all together to power new digital initiatives at scale in modern apps or SaaS applications.

Pros and Cons

  • "Initial setup is straightforward. It is simple and easy to do."
  • "The level of technical support is good."
  • "Scalability: API Gateway is easily scalable horizontally and managed easily."
  • "The API Development tool can be made more user-friendly by providing folder properties."

What other advice do I have?

Check what is required and whether it can be achieved easily without any compromise, see how flexible its to use and maintain.
VK
Senior Technology Architect at a tech services company with 10,001+ employees
Real User
API Portal capabilities are very nice, with several adapters to all leading identity suites

What is our primary use case?

RESTful API implementation and exposure.

Pros and Cons

  • "API discovery using CA Live API Creator is helpful for integrating with multiple backends, for discovering and kickstarting the API creation process. It is a very good feature."
  • "Mobile app capabilities is good for building mobile apps to consume developed APIs. Also, the API Portal capabilities are very nice, up to and including the ability to do monetization. Security features are exhaustive, with several adapters to all leading identity suites."
  • "The development toolkit used for creating APIs should be more online and user-friendly. Deployment and tracking could also be improved. Tools like Apigee provide a complete online experience along with RESTful APIs, to manage all activities. It is a very nice and user-friendly solution compared to CA."

What other advice do I have?

CA API suite is a strong solution with very good security capabilities and end-to-end lifecycle management of APIs. It has been proven over the years and is a very good option for implementing the API gateway for an enterprise.
Transformation and Change Management Leader at a logistics company with 1,001-5,000 employees
Real User
Resilient solution with robust policy configuration

What is our primary use case?

We use CA API Management to publish APIs for secure and fast integration with customers and partners.

Pros and Cons

  • "It is able to withstand the number of API calls and handle different API requirements to secure, transform, log, and track API usage patterns."
  • "They should incorporate deeper monitoring features into the solution to make the offering more complete. Doing so would help to showcase traffic patterns and usage to better engage customers and partners proactively. It would also help with API management and capacity planning."

What other advice do I have?

Familiarise yourself with its policy management to match your requirements for API management and governance.
IT Consultant at Entiis Pte Ltd
User
Almost all security features are available out-of-the-box and can be deployed rapidly

What is our primary use case?

API security and API onboarding. We have on-premise deployment with legacy backends.

How has it helped my organization?

It improved the integration channel between partner companies. It also improved the time it took to onboard a new partner.

What is most valuable?

API security. Implementing security is hard in general but for this product, almost all security features are available out-of-the-box and can be deployed rapidly.

What needs improvement?

The product needs to keep up with newer trends even though customers might not be requesting it yet. For example, the usage of newer versions of Swagger and YAML format.

For how long have I used the solution?

Three to five years.
BL
Senior System Analyst at National Institute of Education
User
It has improved API governance and gives analytics to API performance

What is our primary use case?

We use it primary for API management in my data center, for mobile applications and application-to-application integration.

How has it helped my organization?

It has improved API governance, gives analytics to API performance, and provided abstraction to the solution providers.

What is most valuable?

Policy assertion Policy manager SSO Authentication HA features Analytics Very extension logs

What needs improvement?

Better GUI for the policy manager. Needs better professional services in my country.  Better mobile features. Better HA configuration.

For how long have I used the solution?

One to three years.
Experts in Integration Models at a consultancy with 5,001-10,000 employees
Real User
Support through the forum is very good and efficient for partners

What is our primary use case?

We use it for public API security.

Pros and Cons

  • "The product documentation helps the client and/or user to evolve quickly while using the tool."
  • "As the number of instances increases, its complexity of installation increases if you do not use the OVA."

What other advice do I have?

Begin by using the installation offered on an OVA, then in production environments make use of your own installation, e.g., in CentOS.
Solution Architect at a construction company with 1,001-5,000 employees
Real User
Standardizes our API deployment, improves security

What is our primary use case?

Managing all of our APIs and the security around them.

Pros and Cons

  • "The Portal API helps us with deployments. It also helps to have a catalog of everything. The replication is also a critical feature for us. It helps to have a more robust architecture and makes our systems are highly available."
  • "The portal is not the most intuitive and the way things are displayed makes it difficult to find the information we need."

What other advice do I have?

You need a team to manage it.
Business Development - Alliances and Partnerships at a tech services company with 10,001+ employees
Reseller
Works best where there are multiple protocols, multiple APIs, and security is the key

What is our primary use case?

My company is a CA partner. We do implementations for end-customers, using CA API Management. So my company doesn't use the product, but we install, configure, and implement the product for our end-customers. Primary use for the solution is to have access to APIs that are generally difficult and not available. An example would be critical APIs that should be available 24/7 but they are not available most of the time, because of one or another constraint. That is where the API Management solution is used to the maximum by end-customers.

Pros and Cons

  • "Security is the most important parameter of the solution, for me, because whenever you are exposing your APIs to third-parties, it is critical that the data remains anonymous and that data is retained within the system, that it is not leaked. CA API Management provides good security features."
  • "The CA API Management solution has good security features, but when it comes to being used in areas like enterprise integration, where it is being used as middleware for all the IT environments, that particular feature is quite limited. It doesn't support as many protocols as an industry standard, competing product should."
  • "What is really important is that they offer the solution as a service, on a subscription or monthly basis, which will make it more attractive. That is where the market is headed. There are competitors within the industry that are doing that currently. I would encourage CA to do that."

What other advice do I have?

My advice would be, if it is a really complex integration with multiple protocols, multiple APIs, where security is the key, I think you should look at the CA solution. That is where it fits best. If it is you're looking at it more as an enterprise integrator, that you need to integrate internally within an organization and its IT functions, then I would suggest that you talk to CA and see how best the product can be used; you will consultation. It's a very stable, scalable product with good security features. It does the job well.
Director Identity & Access Management at a financial services firm with 10,001+ employees
Real User
Substantially decreases the amount of time it takes to secure new APIs

What is our primary use case?

API management, for security.

Pros and Cons

  • "One of the features that the tool provides is the ability to simply onboard new APIs to an existing security platform. We build all the policies for security upfront, and then we can add those policies pretty simply and straightforwardly to any new API that gets developed in the enterprise."
  • "One of the features that the tool provides is the ability to simply onboard new APIs to an existing security platform. We build all the policies for security upfront, and then we can add those policies pretty simply and straightforwardly to any new API that gets developed in the enterprise."

What other advice do I have?

I would suggest you take a look at all of the components. The API Management Suite that CA offers is broader than simply the API Management Gateway. The Suite has some features, extra components, that really make for a much easier and more accessible way a way of doing API management within the enterprise. There are components like the Mobile API Gateway and Live API Creator. These additional components really expand what the products can do, in a way that makes your value proposition easier to present to the business. I would say this solution is a solid eight. It does everything that it says…
SG
student at a tech services company with 1,001-5,000 employees
Real User
Provides secure API exposure but the cloud-native architecture needs improvement

What is our primary use case?

API security, API management, OAuth security, microservices, mobile app security.

Pros and Cons

  • "The most valuable feature is the security with its out-of-the-box policies."
  • "The cloud-native architecture of the product needs improvement."

What other advice do I have?

If you are truly looking for API management features, CA API Management is the best solution. It might be a bit old in terms of cloud-native architecture but they are moving towards that.
PB
Computer Scientist at a tech company with 10,001+ employees
Real User
Helps me manage my API lifecycle, end-to-end

What is our primary use case?

Our primary use case is as an API gateway for authentication and authorization, and then lightweight transformation or lightweight mediation. But it's mostly, authentication and authorization, mostly security-based.

Pros and Cons

  • "Key features include: lightweight mediation, transformation from JSON to XML and XML to JSON, API portal and API key management, the Developer Portal, and Circuit Breaker is a cool feature, too."
  • "One area where it certainly needs to improve is the way it allocates requests, in terms of rate limiting. Also, there is no native Kafka connectivity."
  • "we cannot add gateways on the fly because there are a lot of moving parts; endpoint connectivity is one of them. If we add more nodes then the rate-limiting feature is affected. This kind of gateway always has the scalability issue. But, I think CA is coming up with its Microgateway, which is in Beta. If they stabilize their Microgateway platform, we could do very well in terms of scalability."

What other advice do I have?

My advice would depend on the use case. If it's just a proxy solution that you are looking for, I would say don't go for CA API Gateway because API Gateway is much more than that. If you're looking for a complete API developer platform and securing your APIs, then CA API Gateway is a good product. I give this solution an eight out of 10 because, as an end customer, in terms of managing my API lifecycle, end-to-end, it is pretty good.
Senior Director at a tech services company with 10,001+ employees
Consultant
We can create multiple orgs and set up policies and management for them

What is our primary use case?

API gateway.

Pros and Cons

  • "We can create multiple orgs and set up policies and management. We can also integrate with an APM solution"
  • "The only issue we have is that we have to buy an APM license separately for end-to-end monitoring."

What other advice do I have?

I would suggest you do a PoC with CA, for feasibility.
Arquitecto de Soluciones at Puntos Colombia S.A.S.
Real User
Keeps clear traceability of the changes made in each of our APIs

What is our primary use case?

Administration and configuration of the platform API management version 9.2. SaaS, security configuration, design, and implementation of APIs, which are exposed to partners of the company for the execution of business flows. All this is done quickly and easily with minimal effort.

Pros and Cons

  • "It allows us to keep clear traceability of the changes made in each of our APIs."
  • "The speed and versatility in the implementation of APIs without writing a line of code in any programming language."
  • "The solution has numerous configuration options to increase security in communication."
  • "The administration interface (Policy Manager) is very easy to understand and use."
  • "As a SaaS product, control over some configuration elements and environments is lost."
  • "Increase tools for manipulation of JSON messages."
Design Engineer at Automatic Data Processing, Inc.
Consultant
We are able to go to market and deploy our functionalities very quickly

What is our primary use case?

It is primarily used for API Security. It has performed very well on the basic security front, but then this product is a suite of products, so it has multiples of products. We are not using all of the subproducts. Now, we are looking for a new use case where we want to use it for mobile apps. That is what we are currently exploring.

Pros and Cons

  • "Compared to other vendors, this product is much faster in coming up with new features, which is good."
  • "We definitely get good responses from the technical team and they are quite responsive.​"
  • "We are able to go to market very quickly and deploy our functionalities very quickly."
  • "​There is still room for improvement for the CA API Developer Portal. It is still not on par with what the competencies are."

What other advice do I have?

Getting new security standards so quickly into the product is definitely a new surprise. In the CA World, I am seeing a lot of new subproducts that they are introducing, which I was not even aware of. I think that definitely surprised me that CA is investing in the CA API management product and building new offerings and new solutions, which is really nice. That is where the industry is going and they are putting their time and efforts in the right solution and the right product. The gateway and the new offerings that they are coming in are very capable. The two points that I am missing are…
VP Enterprise Solutions - Financial Services at Samsung
Video Review
Real User
A compelling platform that enables organizations to easily develop and roll out mobile applications

Pros and Cons

  • "They have got a very compelling platform that enables organizations to easily develop and roll out mobile applications."

    What other advice do I have?

    I would put it up in the eight to nine category out of a 10, if I had pinpoint a number. Most important criteria when selecting a vendor: CA is extremely appealing because of the reach that they have across industries, and they are pretty deep in many industries. They bring some brand recognition to the table, and obviously Samsung has a very strong brand as well. You combine those two brands, and that just creates a compelling offering which will get the attention of companies out there. Obviously, the support piece is important, the product stability, and how robust that product are very…
    OSS Enterprise Architect
    Real User
    Cyber security and having a centralised API management platform is very important.

    What is our primary use case?

    We use this as a Cyber security appliance and also as a centralised API management platform for partners.

    Pros and Cons

    • "The actual management of APIs is fundamental to us, as we're a heavy API user/provider. So, obviously, a centralised management platform is important."
    • "The developer portal needs to fully supported SOAP services (including WSDL publication with security), it would certainly push adoption for us."

    What other advice do I have?

    I would say that, although the Gateway is geared up for managing SOAP services, the developer portal isn't. It's a gap for us, which means the developer portal isn't quite as good as we thought it was going to be for managing SOAP services ( which we have quite a lot of). They're not discoverable in the portal, as are RESTful services.
    Owner at Clarity Iq Inc
    Real User
    Rapid development and deployment of APIs; I can present data in the format in which the client wants to consume it

    What is our primary use case?

    I use CA Live API Creator to integrate data from a variety of sources, and then to provide an API response to calls from my client applications. There are a couple aspects of performance. One is just speed and uptime, and it's stellar in that regard. The other is, how much effort is it to put it in place in the first place, and then how much effort is it to keep it operational. That's where its real strength is. I'm able to do things quickly and easily that I couldn't do before.

    Pros and Cons

    • "There are a couple aspects of performance. One is just speed and uptime, and it's stellar in that regard. The other is, how much effort is it to put it in place in the first place, and then how much effort is it to keep it operational. That's where its real strength is. I'm able to do things quickly and easily that I couldn't do before​."
    • "The benefits are rapid development and deployment of APIs, which means that your information, your ability to handle information, to receive it and to send it, to visualize it, to report on it, to get intelligence out of it, happens fast and happens with accuracy."
    • "The most valuable feature is that it enables me to present data in the format that the client wants to consume it. That client might be a visualization tool, that client might be a report, that client might be a customer's API requirements."
    • "The latest version that just came out at the first of October really was a powerful move in the right direction. I was very, very pleased with that because it allows now beginning to use information of things. We've got this IOT infrastructure that we can plug into, and for my use cases there are a lot of outdoor sensors that provide valuable information to my customers."

      What other advice do I have?

      When selecting a vendor, there are a couple of things that you have to look at. One is: Are they going to be around? That's always a concern because if you've committed to something and the rug gets pulled out from under you, then you're scrambling. Depending on the time that happens, you might not have the time or the money to scramble. What if you're in the middle of a big implementation? CA has been around since the beginning. They're a four billion dollar a year company, something like 13,000 employees, I'm not worried about that. Yet they're easy to work with. There are a couple of…
      Lead Software Developer at United Services Automobile Association
      Real User
      Easy to use, and with templating we can easily add new APIs, apply security to them

      What is our primary use case?

      Mainly for our API gateway. We use it for onboarding APIs and then getting those internally. We have them through the B-to-B channel, we have them through a member channel, and then internally as well, to service our APIs. It has performed pretty well. We've had an issued with scaling, internally, when we slammed it one time with a very, very high rate of transactions; we're talking like 65 million an hour. Whenever we did that we weren't ready for it yet, so we had to back out, but it's been good.

      Pros and Cons

      • "It's pretty easy to use, and once we have templating set up we can add new APIs, at least through the gateway, and apply the security to them; it takes a minute."
      • "The scalability has been good. We haven't had to scale up a whole lot, even with all the extra transactions we're running through it. We're in the area of about 2 and 1/2 million OAuth tokens issued per hour, and it's performing fine with that."
      • "It would be nice if we could create APIs directly from Swagger files. We're doing that ourselves with a middle layer. But if you could integrate with open API Swagger specs, and then just create a Swagger and upload it to the gateway and it would create all my API template policy, and would apply the OAuth restrictions, the types of security restrictions I have on there, that would be pretty cool."
      • "The OTK, however, is a complex upgrade. They tend to change the schemas on the database behind it, between the versions, which can be a pain to have to migrate all of our existing clients from one database schema to the other."

      What other advice do I have?

      I don't really select the vendors, but my most important criteria would be * available support * industry use of the tool * that it can solve all the problems I need it to solve, as many out-of-the-box without customizing it as possible. CA is great. It depends on your use case of course, how much you want to go with that, because it can get pricey and depends on the size of your company. I've got a bunch of friends with little start-ups, so it's nothing they would be able to onboard, but I would definitely tell them to check it out.
      Prof IT System at a comms service provider with 10,001+ employees
      Real User
      Maintains the security of our APIs and our business transactions

      What is our primary use case?

      We have a full, classic, API gateway currently. We want to leverage it to use the microservices, with the help of micro API gateway, to support our business or e-commerce platform, the API traffic. That's our main our goal, to move further toward a microservice with a Docker container. We implemented it in a non-prod and it is good. But we want to move into production going forward. Performance-wise it’s good, and we are not seeing any issues.

      Pros and Cons

        • "We are looking for improvements related to integration. We want to see them add integration tools to the CA bundle. That would be helpful."

        What other advice do I have?

        The main thing we look at when selecting a vendor is what partners are using them and how successful they are in that business with the product. Then we'll look at industry ratings. Based on that we will consider if we need to go with that product or not. I rate it a nine out of 10 because the product is not only one product, API Gateway. If I want to monitor the gateways, I need to go with other CA products. It's not like a package, it is multiple products. So if it was a complete bundle, then I would rate it better. I would recommend going with it.
        Integration Architect at a comms service provider with 10,001+ employees
        Real User
        Provides API security as well as performance and flexibility, on-premise, on-cloud, hosted

        What is our primary use case?

        Security. We have a lot of APIs, a lot of web services inside Motorola, and we wanted to have a solution which can secure all our APIs. So far it has been doing well. But we are looking towards microservices technology. And we heard here, at this CA World conference, that they are coming up with a microservices API gateway. That is something that we would be interested in looking into. But as far as far as the classic API gateway goes, I think it is definitely doing well. We were bought by Lenovo, and eventually Lenovo, which did not have this solution, has also been convinced to use it. So… more »

        Pros and Cons

        • "It can be scaled as we need. And it can be used in different regions. We have different data centers in the U.S. and Beijing. We use it on-premise, on-cloud, and it can be hosted and used at any place and scaled across the regions."
        • "Every API that we get from external or from internal goes through this layer first, and it should not be a bottleneck. That was the problem we had before. Now it's no longer a bottleneck. It's more like a throughput, this process is less than 10 milliseconds for any particular API."
        • "One day, where we can have a microservices gateway and we will not need the classic gateway at all, that is what we want to see."

        What other advice do I have?

        Among most important criteria when selecting a vendor, the first thing is pricing. After that features, obviously, and then the performance and stability. We would definitely recommend implementing Layer 7. The only reason you might not implement it is if you are looking at open source, but open source comes with its own issues and cons. But if the cost is not an issue, Layer 7 is the top and I would definitely recommend it to anybody.
        Technical Principal at FedEx Corporation
        Real User
        We can get more visibility into our data with their tool, however their upgrade solutions are complex

        What is our primary use case?

        The primary use case is we are using the API Management Suite. It has the Gateway and Portal, and we are using the Gateway to front all the APIs in FedEx. The Gateway is performing very well. The Portal is not.

        Pros and Cons

        • "It is fairly stable for the Gateway side."
        • "We can get more visibility into our data."
        • "The Gateway can front our APIs very easily."
        • "​The initial setup was very complex."
        • "The Portal is not stable."

        What other advice do I have?

        From CA's new technologies, it looks like CA is moving in the right direction. Look to your performance matrix and your benchmarks. What are you interested in? If you are looking for support, this is definitely the best solution. Most important criteria when selecting a vendor: Performance is one of the major ones. Security is another.
        Enterprise Architect at DXC Technologie
        Real User
        I love the composability of the policies, and having visibility into who is using which APIs

        What is our primary use case?

        We have the API Gateway deployed in production. The primary use case is for the API Gateway to provide API access, and authentication, and authorization for the APIs we expose through our product. I am also looking forward to having the API developer portal deploy as well so we get a bit more insights into the analytics part, and also some of the API lifecycle management associated with it. I love the API Gateway, especially the architecture, in terms of the composability of the policies. We approach it from a very software-engineering approach.We build on the policies, like legal blocks, and… more »

        Pros and Cons

        • "I love the API Gateway, especially the architecture, in terms of the composability of the policies. We approach it from a very software-engineering approach.We build on the policies, like legal blocks, and we deploy them throughout different environments. It's been working out great for us."
        • "Some of the performance matrix that API Gateway gives off, we monitor them via SNMP traps, and then we tie them into our monitoring system. You can actually monitor some of the latencies and some of the performance aspects of both API Gateways, as well back end services. So having that line of sight surely helps in terms DevOps."

          What other advice do I have?

          I like that CA is continuing to improve the product, looking for new solutions using the API Gateway. That's something that we're familiar with. And that they're trying to make it work for different types of architectures. As I mentioned, we are moving toward Microservice Architecture and having the Docker form and the micro API Gateway to help with those kind of architectures is really helpful. I'm an engineer, so from my perspective things have to be simple. If things get way too complicated then maybe you don't have the right solution, or you're not using the right solution to solve the…
          Senior Manager Global Devops at Encore Capital Group
          Vendor
          Ease of use, a good search feature, and reliability are the decisive features for us

          What is our primary use case?

          Our primary use case is for API management. We use it as a security gateway in our DMZ and ESB and our trusted zone. It works great. We haven't had any problems, it just runs.

          Pros and Cons

          • "Easy to use, nice UI, and good search functionality."
          • "Needs to work better with DB2 UDB."

          What other advice do I have?

          When choosing a company to work with and buy from, they need to be industry-rated, they need to be one of the upper-right companies for strength, vision, and performance. If I were advising a colleague at another company who's searching for a similar product I would tell them to talk to CA.
          Solution Architect
          Vendor
          Protects our web services from external attacks, with security and authentication

          What is our primary use case?

          To protect the web services, security, authentication; protect against any kind of attacks from external sites. We have been using API Gateway for four years and we have huge class actions, like 600 parts per second, and we have not seen any issues as of now. It's stable.

          What other advice do I have?

          In general when we are picking vendors, the most important criterion is support. When they can really help us we feel more confident. I give it a 10 out of 10 compared to other products. I would definitely recommend CA API Gateway.
          Solution Architect at a pharma/biotech company with 1,001-5,000 employees
          Vendor
          Facilitates securely exposing APIs to the internet, but the Policy Manager UI needs work

          What is our primary use case?

          We use the API Gateway as a front door to access our APIs that we host internally, to enable us to get involved in the digitalization. It has performed very well, actually. It's given us new capabilities that we never had before and gives us more confidence in increasing the number of APIs that we actually have.

          What other advice do I have?

          What's important to us when selecting a vendor, besides the product, the vendor needs to be of significant size to be able to continue to evolve the product. It needs to be able to provide enterprise-level support. We're a large company, so we expect the vendor to provide that backing of their product and SLAs. When we choose a product we don't want it to be a product that comes and goes. We want there to be a clear vision of where it's going, that's important to us. CA was able to demonstrate that to us. It's very good in terms of what we wanted out of the product, initially. But now that…
          Enterprise Architect
          Vendor
          The latest version is less functional than the previous version but security assertions bound to APIs are valuable

          What is our primary use case?

          The primary use case would be services for APIs that we are going to expose either internally, within the enterprise, or at the outside edge of the enterprise.

          What other advice do I have?

          When considering the most important criteria when selecting a vendor, of course there are all kinds of functional criteria according to the product that we are evaluating. On the other hand, it's important, of course, that the vendor is stable. And because we are a large company, it is for us important that the vendor also provide some kind of stability due to its size and its footprint internationally. Brand name isn't a big consideration for us. On the other hand, you have different analysts' reports that are quite important for us, as we don't have time and budget, from an architecture…
          Senior Lead Engineer at a tech consulting company with 10,001+ employees
          Consultant
          It has improved the way our company functions by streamlining the effort and getting people out of the process

          What is our primary use case?

          Primary user case is producing APIs as products, essentially, and creating the environment for developers to sign up to use APIs. It has performed well so far. We just got a test instance installed, and did a PoC earlier in the year. We are more or less just getting started with it.

          Pros and Cons

          • "For developers to be able to come, sign up, or find APIs."
          • "I would like to be able to see the publisher role be able to be organized within organizations, so somebody within that role can only manipulate their particular policies."

          What other advice do I have?

          Most important criteria when selecting a vendor: * Reliability * Support * Pricing. CA is a large company. It is not like they are going to go upside down tomorrow. You want to make sure that the company is going to be around for awhile if you are investing in them.
          Technical Principal at FedEx Corporation
          Vendor
          The company partners with us within the account and our organization. The vendor team for our install was lacking expertise.

          What is our primary use case?

          We have many use cases. We are doing an enterprise install for all CA API management tool searches which are covered under the ELA, Enterprise License Agreement. We have close to a 100 plus use cases that we want to deploy, the next is over a six months to one year timeline.

          Pros and Cons

          • "The Mobile API Gateway is also great."
          • "CA double up portal is a pain. It is something that we are struggling with right now."

          What other advice do I have?

          CA is worth trying. It is definitely a key contender in the API management space. Most important criteria when selecting a vendor: size and brand value.
          Senior Engineer at a transportation company with 1,001-5,000 employees
          Vendor
          Streamlines initial set up for single sign-on for web services, save us time

          What is our primary use case?

          Web services authentication. So far so good, in terms of performance.

          What other advice do I have?

          When selecting a vendor the most important factors for us are * cost * validity of the product * stable product It's a very good product to use to initially set up single sign-on for web services authentication.
          SC
          Cyber Security Advisor
          Real User
          The Gateway Migration Utility is a pretty good tool to use. Overall, this solution is not easy to integrate with others​.

          What is our primary use case?

          Our primary use case is to enable our customers who are on the Internet. We want them to access our protective web series behind a corporate firewall. To do that, we like to use the OAuth ToolKit within the CA API. It can minimize the password exposure by generating a token using the ToolKit, then use the token to make the web services calls to our protected back-end services.
          Senior Associate at a financial services firm
          Vendor
          As a financial services company, the security it provides is key for us

          What is our primary use case?

          We use it for security. So far so good. We have our own challenges - some monitoring and some performance related things - but at the same time, I think it's pretty good.

          What other advice do I have?

          What's important to us when selecting a vendor, support is the most important factor. I would tell anyone who is researching this type of solution to go for API Management.
          Software Engineer at a tech services company with 10,001+ employees
          Consultant
          It scales really well and does a lot of load balancing

          What is our primary use case?

          Our primary use case is to host a handful of different API services for the consumers of our customer. We build and maintain several of those APIs right on the Gateway using their policies. We use it to kind of proxy request through to Java services and other things that we have created.

          Pros and Cons

          • "You can create little, custom Java assertions that you can insert to do your business logic, which might not be covered by the commercial product out-of-the-box."
          • "More developer focused tools. They have a nice debugger inside of the program, but when you are developing code with their policies, it is tough to visualize that sometimes as a developer."

          What other advice do I have?

          It is better than similar Gateway products that I have used in the past. Again, that flexibility really lends itself to us, and our program, a lot. However, there are certainly some areas for continued improvement and it seems like they are going in the right direction, so hopefully that continues.
          Development Manager API Management - Digital Technology Services at a energy/utilities company with 10,001+ employees
          Vendor
          Provides key, up to date information to our customer-facing engineers but ease of use needs improvement

          What other advice do I have?

          Consider if the product is needed – there are cheaper, less complex solutions out there. Consultancy costs for CA should be considered – worth the money as it saves time (and therefore cost) with configuration.
          Senior Consultant
          Consultant
          You Can Expose APIs With An Advanced Authentication Mechanism

          What other advice do I have?

          CA APIM is the best product in the market. With API Gateway, you can expose APIs with an advanced authentication mechanism and security, within days.
          Lead Infrastructure Architect with 11-50 employees
          Real User
          The most valuable features are API Enhanced Portal 4.1 and API Gateway policy manager for writing policies

          Pros and Cons

          • "API Enhanced Portal 4.1 looks very promising. API Gateway policy manager for writing policies is excellent. It is the best in the industry for policy writing."
          • "It is not possible for clients to migrate to a newer version."

          What other advice do I have?

          Follow CA documentation thoroughly.
          Associate Vice President at a financial services firm with 10,001+ employees
          Vendor
          ​Go ahead. A very good product and a market leader in its segment.​

          What is most valuable?

          Live API Creator.

          How has it helped my organization?

          The simple REST based APIs can now be delivered in hours which took days previously.

          What needs improvement?

          The product shouldn’t require to be connected to a server for doing development.

          For how long have I used the solution?

          Six months.

          What do I think about the stability of the solution?

          No.

          What do I think about the scalability of the solution?

          No.

          How are customer service and technical support?

          Good.

          Which solution did I use previously and why did I switch?

          No.

          How was the initial setup?

          Very easy.

          What's my experience with pricing, setup cost, and licensing?

          Not sure on that front.

          Which other solutions did I evaluate?

          Mashery and IBM.

          What other advice do I

          Senior Consultant at a tech services company with 51-200 employees
          Consultant
          Manages and secures APIs

          Pros and Cons

          • "It is flexible in how it creates custom policies and uses builds with impressive methods."
          • "Provide complete documentation with examples of usage on its build in assertion/function."
          Head of Sportsbook Delivery at Gala Coral Interactive
          Vendor
          It's a great tool, it's a great product. It's good for us because it does specifically what I need it to do.

          What other advice do I have?

          Break it into small chunks, so what we did was we had a very defined use case, and we could have gone to a much larger project, but the ideas was to focus on the component that we were after, what we had to go and deliver, break that down, get it working, and then that gives the business more confidence to then invest in it further, future phases, and we just broke it down to that. We were able to very quickly deliver something of value, and that then allows you to move on from there, as opposed to doing the full solution first up, and then we could have failed on the way through, the…
          AS
          Practice Lead at a tech services company with 11-50 employees
          Real User
          The solution kits are customizable. We can implement micro-services architecture.

          What other advice do I have?

          * The product is feature rich and can solve a myriad of use cases. * We have noticed that building frameworks on the product set, with the help of a senior architect who drives the adoption early on, is a key. They can help create reference architecture for your organization that pays dividends in the end. * Aim for CA certified resources or partners for a good quality solution.
          VP Of IT Development at a tech services company with 1-10 employees
          Consultant
          We have secured APIs, exposing them to the international and domestic partners.

          What other advice do I have?

          You should read the documentation.
          Integration Platform Manager at a comms service provider with 1,001-5,000 employees
          Real User
          The Gateway is our strategic front door into the company for all APIs.

          Pros and Cons

          • "The Gateway is most important because it is our strategic front door into the company for all APIs."
          • "As well as the SOA Gateway - that is, the API Gateway; we call it the SOA Gateway - we also are now deploying the developer portal component of the SOA Gateway. That has limitations."

          What other advice do I have?

          I would say CA are a good company to work for. I would say that the Professional Services people are fairly expensive but pretty good. I would say that the Gateway is a good tool but you need to be careful of the limitations for SOAP services. Also try and get over to CA World because that's good fun.
          Senior Java Developer/ Solution Architect at a financial services firm with 501-1,000 employees
          Vendor
          It provides a simple way to create REST APIs and easy integration with REST and SOAP service. It requires a lot of specific coding for medium-complexity use cases.

          Pros and Cons

          • "It has its own language, which make it possible to design and implement the complete flow using existing services and databases, and to create and aggregate fine-and coarse-grained APIs."
          • "I feel there is a lot to improve in terms of providing plug-and-play functionalities, as at the moment it requires a lot of coding in their specific language for implementing a medium-complexity use case."

          What other advice do I have?

          I would advise also evaluating Apigee API management if you are looking for an end-to-end API management solution. Otherwise, CA API Management is not a bad choice.
          Sr. Systems Engineer at a hospitality company with 1,001-5,000 employees
          Real User
          We were able to market our mobile app products with their security features.

          What is most valuable?

          Time to market Ease of use Strong support

          How has it helped my organization?

          We were able to market our mobile app products with their strong security features.

          What needs improvement?

          There is a need for the migration of policies, better reporting, and monitoring integration.

          For how long have I used the solution?

          I have used this solution for two years.

          What do I think about the stability of the solution?

          There were no stability issues so far.

          What do I think about the scalability of the solution?

          I did encounter scalability issues. I wish they could extend the MySQL replication to multiple nodes.

          How are customer service and technical support?

          The technical support provided is the best.

          Which solution did I use previously and why did

          Application Integration Developer I at a financial services firm with 1,001-5,000 employees
          Vendor
          The built-in routing platform is the most valuable feature.

          What is most valuable?

          The built-in routing platform is the most valuable feature. It is easy to use.

          What needs improvement?

          There is a need to automate the process of retrieving the SSL certificate when it has expired. Currently, the product doesn't have this feature automated. It is only manual.

          For how long have I used the solution?

          I have used this solution for two years.

          What do I think about the stability of the solution?

          There were no stability issues.

          What do I think about the scalability of the solution?

          There were no scalability issues.

          How is customer service and technical support?

          I am very satisfied with the level of technical support.

          How was the initial setup?

          The setup was straightforward. I started using the product after it was already built-in.…
          Architect at a tech company with 201-500 employees
          Vendor
          The ability to bridge messaging protocols and transform data enables us to input/output data from/to/through various backend systems.

          What other advice do I have?

          Get the proper training for your staff and don’t hesitate to ask CA for help if needed. The product is extensible and CA offers custom solutions. We had some small customer development done for us (for a fee), which was productized in a later version of the product.
          Manager, .Net And Mobile Applications Development at a energy/utilities company with 1,001-5,000 employees
          Video Review
          Real User
          We write a policy one time, and then we're just able to just drag it over and reuse it for other things.

          What other advice do I have?

          I think it can get better, and it has over the different versions. 9.1 came out, and it offered some more functionality. They've added more products around the solution to make it better, so I think there's always room for improvement. I think it's been very, very stable for us. It's worked every time we've needed it, and it's allowed us to do a lot better for as a company.
          Solution Architecture / Digital Architect at a financial services firm with 10,001+ employees
          Real User
          The tool can handle complex security requirements. On-boarding APIs is agile.

          What other advice do I have?

          CA API Gateway provides rich policy sets in regards to XML and REST services. This baby is great for all B2B integrations and it’s a very agile component to set up and use. You can set it up with complex security requirements on your service side in less than an hour. (I am very biased about this. No product can do that at this speed.)
          Manager, Information Technology - Integration Technology Engineering at a financial services firm with 5,001-10,000 employees
          Vendor
          We route all our policies and traffic through the gateway. It's reliable.

          What other advice do I have?

          Focus on developing a relationship with CA. They have a variety of products and they do a lot of cross selling, so it's important to develop a relationship and figure out how to manage that relationship as you go forward. When selecting a vendor, the most important element is relationship.
          Enterprise Solutions Architect at Logisticare
          Real User
          It provides a front door where we can separate and abstract services from APIs.

          What other advice do I have?

          Clearly this is the solution to have, but you need to have an internal appetite for the upcoming technology. It's not a keep-the-lights-on kind of tool set that would enable you to just turn it on and let it do its own thing. You need to have an administrator who understands it. There are so many opportunities to let it help you that don't come right out-of-the-box and grab you. You need to learn how it enables some of the tips, tricks and traps. Put a good engineer on it and give them the education they need. The device does so much.
          Programmer Analyst at a healthcare company with 10,001+ employees
          Vendor
          We leveraged the UAR tool kit to design a hospital patient portal. Developers can focus on functionality.

          What other advice do I have?

          I would certainly recommend using this product. We've had a wonderful success story. And we've not had any issues with it. Even when the consultants do come out, they are very knowledgeable. They know the product inside and out and can implement it right on site. That is a plus. When selecting a vendor, the interoperability between their different products that we have is important, as well as expandability. Additionally, we want to be able to configure the product to our liking. That helps us adopt it.
          API Champion at a tech services company with 501-1,000 employees
          Consultant
          It integrates with other solutions that we already have. We can move people around because they already have a basic skill set.

          What other advice do I have?

          Dig in really deep, not only from a technical standpoint but also from a design and product standpoint. That's probably the biggest piece of advice that I can give you. If you miss this, you will forget to see the forest through the trees.
          Infrastructure Middleware Manager at a wellness & fitness company with 10,001+ employees
          Vendor
          Easy development of policies to securely expose APIs to third-party vendors.

          What other advice do I have?

          When selecting a vendor, look at the partnership with the company. See if they're able to listen to you about your needs. See if they are able to respond quickly. See that the product provides good value. Work closely with the vendor to make sure you get things set up correctly. If you don't, you'll be very disappointed.
          Director of Architecture at a healthcare company with 10,001+ employees
          Video Review
          Real User
          We leverage the solution to make our business services available on the Cloud.

          What other advice do I have?

          The product overall on a scale of 1 to 10 - from a scalability standpoint I would give it an 8. I would certainly give 8, because although I would have loved to go 9 or 10, no product in this world can scale any needs from the get-go but the customer service and the technical support has been outstanding. They have been very helpful so at least they are helping us out. Considering CA from an holistic perspective, not just the product, their ability to meet our needs, their ability to support us, their ability to answer our calls, and answer our specific technical questions, I think I would…
          Lead Software Engineer at a wellness & fitness company with 501-1,000 employees
          Vendor
          We use it to transmit data from one format to another format, including content-based data routing.

          What other advice do I have?

          Overall, this is a good product. Those who are interested in a similar product should try to do a PoC first and then see what you want from it.
          Head of Group Technology at a logistics company with 1,001-5,000 employees
          Vendor
          Controls usage of digital assets and access to systems from the outside world. Monetization should be standard, not an add-on.

          What other advice do I have?

          Just do your own homework and make sure your own metrics are ready, specific to your organization. Every organization is different and make sure that you maximize the value of the investment that you are putting in. The roadmap of the product is the most important criteria while selecting a vendor. In addition, another important factor is the ability to invest in continuous releases/new releases that are coming up in the product. In short, how much the vendor is willing to invest in the product to keep it updated. We had a little bit of mishaps for the installation. Overall, regarding the…
          Enterprise Architect at a retailer with 1,001-5,000 employees
          Vendor
          Enforces security policies on APIs so that the user transaction is secured, real, and authorized.

          What other advice do I have?

          We came up with a reference architecture, so there's got to be some standardization in regards to how you want to build APIs, expose the APIs, naming conventions and so on. The way to manage the policies needs to be simplified and developers need to be trained. In my opinion, CA API Gateway in that security space is very ideal and it's one of the best out there.
          Head of Digital at Banco Votorantim
          Vendor
          We are using it to integrate our back-end platform and our front end.

          What other advice do I have?

          This API management software platform is great for us. We are extremely satisfied with the platform.
          Leads System Engineer at a consultancy with 1,001-5,000 employees
          Consultant
          The logs help us troubleshoot. Easy to manage policies.

          What other advice do I have?

          I recommend this product because of how successful we've been with it. The most important criteria for me when selecting a vendor is the quality of their support and technical staff. If they are able to help us, it makes it a lot easier.
          Sr Software XML Gateway Developer at a manufacturing company with 10,001+ employees
          Vendor
          We rely exclusively on it for web services and RESTful APIs.

          What other advice do I have?

          This is a good tool compared to open source solutions. There still is a lot to be done to improve user experience.
          Vice President of API Management Division at a tech company with 51-200 employees
          Vendor
          We have been able to accelerate our clients’ transition to digital organizations by using the CA API Gateway to rapidly expose legacy business services as RESTful APIs.

          What other advice do I have?

          API management solutions have many additional valuable features that some IT development purists might not feel “should” be handled by an API gateway. Two examples include the API gateway’s ability to process business rules on a service, and the API gateway’s ability to provide orchestration. One could certainly have a lively debate about whether the API gateway is the “right” place to do this, but the point I try to make is that in the real world, work comes at you fast; you have to be nimble and responsive to customer demands. I have been in situations where a business requirement and…
          Sr. Manager - Technology Governance and Architecture at a tech company with 10,001+ employees
          Video Review
          Vendor
          Provides good performance and the ability to scale.

          What other advice do I have?

          The stability of the company and the customer base are the two most important aspect because we want to make sure the company is going to be around for years to come. Also, who is there customer base at the moment. We want to make sure and learn from their experiences. We don’t want to be a guinea pig to begin with. Rating: I would say CA is around a nine plus. I would strongly recommend them. The first think I’ll tell anyone is to do your homework because wherever you venture into a new product, there are lots of unknowns and those unknowns are what makes people feel, “Well, this is…
          Principal Architect at a tech services company with 1,001-5,000 employees
          Video Review
          Consultant
          The operational side of API Management is pretty simple.

          What other advice do I have?

          On a scale of one to ten, I would give CA API Management a nine. The scalability of the Gateway is pretty straightforward and easy, because it's simply contained within as an image, or as a simple container form. You can easily deploy and add, and it supports a cluster architecture so that you can add new nodes on the go and it automatically gets all the things that is already available, so that is pretty neat. I would always go back and look at the business benefit behind it rather than the technical aspect. We have to think from the business standpoint, "Why do you need API Management? Do…
          Sr. Manager - Delivery, Enterprise & Platform Architect at a tech company with 10,001+ employees
          Video Review
          Vendor
          Most valuable feature is security along with performance and scalability.

          What other advice do I have?

          Rating: for CA API Management I would give it a 9 out of 10, but for the developer portal I would give it a 6 out of 7. ESM I would give a 5 out of 6. It's definitely a great product, I would ask to have an open mind and check out the features. I haven't seen any problems, and I have seen so many problems in my previous product, with ESB, so it's definitely a top notch product.
          VP Product Development at a financial services firm with 10,001+ employees
          Video Review
          Vendor
          I like the scalability, uptime and the way that it's versatile.

          What other advice do I have?

          I'll definitely give it 8.5. Whether they can put up the solutions that we want, that's number 1. How long they would take, is it going to provide value addition at this point of time or in the future would we have to invest in technology dollars in order to improve that? What is the pricing? What's the scalability? What's the uptime? All those features. It's been very good. I think CA's API Management technology is in the top 3 in the industry. It depends upon what kind of things you're looking for or what kind of features you're looking for.
          Founding Partner - Principal at Vanick Digital
          Video Review
          Consultant
          The most valuable features of the solution is the gateway and the power of the gateway.

          What other advice do I have?

          It depends on the customer and the industry. Typically, the customers are choosing CA because of the broad capabilities of the gateway, the performance of the gateway; the gateway is one of the top performing gateways in the market, and security. It's absolutely the best security product in the market from a gateway perspective. I give it a 9, because everybody's got room for improvement. I would definitely recommend the product. As you start looking at releasing APIs, some of the biggest concerns that we have are performance, because consumption is based on how usable the API is. When you…
          Sales Engineer at a tech services company with 51-200 employees
          Real User
          It has built-in identity management so that when someone logs into the UI, it can confirm their identity and give them access to what they need to see.

          What other advice do I have?

          Definitely do your research and, if possible, take the two day workshop to show you how to use the tool. Also, get recommendations from people and get their feedback.
          Manager - API Management at a insurance company with 5,001-10,000 employees
          Vendor
          With the API model, access to the backend is already available so you can concentrate on building a good user experience. You can’t document all details in the current developer portal.
          Team Lead at a pharma/biotech company with 1,001-5,000 employees
          Vendor
          We needed a way to secure our externally-facing services. This solution was a lot more lightweight and its security chops were more apparent.
          IT Analyst at a retailer with 1,001-5,000 employees
          Vendor
          It will fill a lot of the gaps where we are developing in new spaces, especially in mobile spaces, and I predict it's going to be adopted globally in the near future.

          What other advice do I have?

          The problem with API Management is it's solving a problem that not many people understand. If you look at the options in the market, there's not much. I would a to a it only advise to get it because it's actually very friendly in what it's trying to do in terms of UI. The learning curve is very short and it's something that you can rely on to work properly.
          Expert Architect at a tech services company with 1,001-5,000 employees
          Consultant
          Using it creates a single set of APIs, even though the back-end REST, UI, and GUI technologies are different. Its UI is very outdated and we'd like something easier and more intuitive.

          What other advice do I have?

          I saw some things this week at CA World which I think will make the product better, more intuitive to use with a better interface and easier deployment. There are things I saw on the road map that they'll address in the near future. I would advice that someone go through the self-training before just jumping in. I learned from co-workers as well.
          Chief Engineer (R&D for VoIP, Networking and P2P) at a tech services company with 1,001-5,000 employees
          Consultant
          I used to use a proxy to publish APIs, and now we want to use the CA API gateway, as it's more advantageous. They need to fix a bug so that we can publish new APIs with a socket.

          What is most valuable?

          The published API is easy. We don’t have any idea how to create or add value to the API to aggregate security, and we want to add the CA API gateway.

          How has it helped my organization?

          The API gateway is a great solution.

          What needs improvement?

          In two months, we want a new API publishing system to be opened. We need them to have fixed the issues of the API gateway by then.

          What was my experience with deployment of the solution?

          We had no issues with deployment, but it's not a stable solution.

          What do I think about the stability of the solution?

          It's not stable. I want to publish new APIs with a socket, but it’s not stable enough for this. They need to fix this bug in order for it to be stable.

          What do I think about the scalability of the

          VP, EIM Data Architect at a financial services firm with 1,001-5,000 employees
          Vendor
          It provides us security on the gateway to handle the throughput from digital channel projects that require back-end integration. I'd like to be able to import a Swagger file through the gateway.

          What other advice do I have?

          It takes longer than you would think; timing it is essential.
          Manager, IT Security & IT Office of the CIO at a engineering company with 1,001-5,000 employees
          Vendor
          It provides a simple endpoint for applications to call and for customers to call, so it reduces a lot of the complication of API services. But, in order to get OAUTH, we had to buy the MAG product.

          What other advice do I have?

          It fits in well with our other security middleware. We’re also a SiteMinder customer so there are some synergies there. When CA bought Layer 7, that was a good thing for us, and we sort of fell into those kinds of synergies. They should make sure they find a product that supports industry security standards, and has good management capabilities, good manageability.
          IT Mobile/Web Solution Delivery Manager at a insurance company with 5,001-10,000 employees
          Vendor
          It allows you to much more rapidly expose enterprise services to front-end applications, but the user experience for developers to discover and develop APIs needs work.

          What other advice do I have?

          As part of your evaluation, make sure that the companies can set up a proof of concept to check real situations.