If you were talking to someone whose organization is considering Layer7 API Management, what would you say?
How would you rate it and why? Any other tips or advice?
We are very happy with the solution. The product set currently sits in our development environment and that is a good fit. Some companies would tend to bundle this with security or networking as the product set also functions as a security device. By placing it in security, you are limiting yourself a lot and will never reach the full potential of all the product's capabilities. You need technical in-house people with development background to run the product set. Constantly look at all the features. I found that when revisiting components, which were not important a few months prior, you realise in some meeting a question about a "new" capability would come up.
CA API Management is very helpful. I would rate the product an 8 out of 10. In my opinion, the features are all very good.
This product is available on-premise, in the cloud, and Docker.
I would not recommend the product based on how it has performed to implement it. I did not like working with the product. We have not used it to modernize legacy systems via microservices, APIs, or developing a new platform for mobile. We also did not use it for connecting data to apps via APIs. I am not familiar with the security aspects of the solution. We stopped offering the product as a service a month ago since the product no longer belongs to CA. In Taiwan, I believe no one will buy CA products anymore because it is no longer trustworthy as a company, since the products are no longer supported.
CA API Management is a pretty solid product for what we are using it for. It's been good. It has served our purpose and kept us out of trouble. Evaluate what's out there in the industry. Make sure that you chose the right product for your use cases. I would rate this solution at about six out of ten, overall. At the time when we were evaluating it, it was about the complete lifecycle management. We were looking to build APIs to legacy systems, using IDE deployment strategies - all of those things were lacking. Products like MuleSoft and Apigee had better, more robust software development approaches for both mobile as well as web-based or batch processing.
I would say implement it. If you are new to APIs and things, you won't understand it, but if you have some experience it will be okay. I would rate this as eight of ten.
The tool is very powerful so if you are looking to go with an API platform I would recommend CA. The number of users among our clients is growing, although I don't have an actual number I can give you. Initially, it takes time to get people to understand the platform, but once they understand it, everyone wants to use the platform and have their application exposed to this platform only. Overall, I would rate the solution at nine out of ten.
With respect to supporting a large number of APIs and/or a large number of transactions, we didn't use it for a large number of transactions. It was a PoC so we only used it for limited connectivity. But from what I've read and from what I've heard from other users, the volume management and traffic flow management is actually pretty good for CA's tool. I would rate the solution at six out of ten, overall. It didn't meet all of our needs.
I rate CA API Management as an eight out of ten due to the overall stability of the product. So, we had this implemented and running fine unless we had increased traffic. We never went back and tuned it. In that way, I'm pretty happy with that. It loses the last two points because of the monitoring, as well as the capacity analysis and planning our day-to-day transaction details.
CA API suite is a strong solution with very good security capabilities and end-to-end lifecycle management of APIs. It has been proven over the years and is a very good option for implementing the API gateway for an enterprise.
Familiarise yourself with its policy management to match your requirements for API management and governance.
Begin by using the installation offered on an OVA, then in production environments make use of your own installation, e.g., in CentOS.
You need a team to manage it.
My advice would be, if it is a really complex integration with multiple protocols, multiple APIs, where security is the key, I think you should look at the CA solution. That is where it fits best. If it is you're looking at it more as an enterprise integrator, that you need to integrate internally within an organization and its IT functions, then I would suggest that you talk to CA and see how best the product can be used; you will consultation. It's a very stable, scalable product with good security features. It does the job well.
I would suggest you take a look at all of the components. The API Management Suite that CA offers is broader than simply the API Management Gateway. The Suite has some features, extra components, that really make for a much easier and more accessible way a way of doing API management within the enterprise. There are components like the Mobile API Gateway and Live API Creator. These additional components really expand what the products can do, in a way that makes your value proposition easier to present to the business. I would say this solution is a solid eight. It does everything that it says that it does. It would get a higher rating if it had a little cleaner interface and was easier to administer, but I think that's a pretty solid rating for a product like this.
If you are truly looking for API management features, CA API Management is the best solution. It might be a bit old in terms of cloud-native architecture but they are moving towards that.
My advice would depend on the use case. If it's just a proxy solution that you are looking for, I would say don't go for CA API Gateway because API Gateway is much more than that. If you're looking for a complete API developer platform and securing your APIs, then CA API Gateway is a good product. I give this solution an eight out of 10 because, as an end customer, in terms of managing my API lifecycle, end-to-end, it is pretty good.
I would suggest you do a PoC with CA, for feasibility.
Check what is required and whether it can be achieved easily without any compromise, see how flexible its to use and maintain.