api management for enterprise mobile access a how-to guide
TRANSCRIPT
![Page 1: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/1.jpg)
API Management for Enterprise Mobile Access
A Layer 7 Technologies Solution
Matt McLarty, VP, Client Solutions, Layer 7 Technologies
![Page 2: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/2.jpg)
Housekeeping
Questions - Chat any questions you have and we’ll answer them at the end of this call
Twitter - Today’s event hashtag:
- #L7webinar
- Follow us on Twitter as well:
- @layer7
facebook.com/layer7
layer7.com/blogs
layer7.com/linkedin
![Page 3: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/3.jpg)
Agenda
“Bring
Your Own Devic
e”
•BYOD and the App Explosion
•Innovation through Consumerization
Enterprise Mobil
e Integration
•Enterprise Mobility and the Mobile App Paradigm
•Leveraging Enterprise Services and Assets
Enterprise API
Manageme
nt
•API Publication, Security and Monetization
•Solutions and Case Studies from Layer 7 Technologies
![Page 4: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/4.jpg)
BYOD: Bring Your Own Device
Courtesy of Click Software
Employees are bringing mobile devices to work en masse…
![Page 5: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/5.jpg)
BYOD: iPad @ Work – from IDG Connect “iPad for Business Survey 2012”
![Page 6: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/6.jpg)
The App Explosion
Courtesy of zendesk Courtesy of [x]cube Labs
![Page 7: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/7.jpg)
Pillars of an Enterprise Mobility Strategy*
“By exposing access … through a standardized mobile-friendly enterprise services layer, the cost of innovation can be dramatically reduced.”
* From “iPad in the Enterprise”, N.
Clevenger, Wiley 2011
Business Drivers
Hardware Ownership & Support
Deployment, Provisioning & Management
Enterprise Services Platform
Application Portfolio & Roadmap
Corporate Governance & Processes
Security Standards & Audit Processes
Enterprise Services Platform
![Page 8: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/8.jpg)
Mobile App-to-Enterprise Service Integration
• Uses existing security policies and technologies
• Leverages proven systems with enterprise SLA’s
• Re-use of API and shared services infrastructure
• Existing enterprise services can create and increase revenue
Increase Revenue
Cost Reduction
ComplianceQuality of Service
![Page 9: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/9.jpg)
Network
Mobile App-to-Enterprise Service Integration Challenges
Enterprise Services
Data Services
Mobile Devices
Proliferation of mobile devices increases message volumes
exponentially
Service API’s unavailable in mobile-
friendly formats & protocols (REST, JSON)
Composite services need API’s from
multiple providers, requiring federation
Data privacy and integrity must be
preserved end-to-end
BYOD approach mixes personal and business
use, blurring the security perimeter
API’s must be reusable across multiple mobile
and non-mobile platforms
How to access business intelligence and Big Data in real-
time
![Page 10: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/10.jpg)
Enterprise Service Platform Evolution
Web Apps and Web Services (2001-2010)
Mobile Apps and API’s (2011 and beyond)
Web Proxy App Server DB Server
API Server Data Services(Hadoop, RDBMS)
Mobile Access Gateway
Thin & ThickClient
MobileApps
On-Prem
Cloud
![Page 11: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/11.jpg)
Enterprise Services
Data Services
Mobile Devices
Network
The Mobile Access Gateway
Enterprise Services
Data Services
Mobile Devices
Proliferation of mobile devices increases message volumes
exponentially
Service API’s unavailable in mobile-
friendly formats & protocols (REST, JSON)
Composite services need API’s from
multiple providers, requiring federation
Data privacy and integrity must be
preserved end-to-end
BYOD approach mixes personal and business
use, blurring the security perimeter
API’s must be reusable across multiple mobile
and non-mobile platforms
How to access business intelligence and Big Data in real-
time
Mobile AccessGateway
Optimized high scale engine for compute-intensive integration
functions
App- and API-specific security handling—including Oauth—
adapts the perimeter
Federated security for 3rd party API’s, data
aggregation for composite API mashups
Real-time bridging from SOAP, XML and legacy formats to REST, JSON
mobile protocols
Single logical gateway cluster configurable to
handle mobile, web and B2B traffic
Existing enterprise access control and
crypto extended to App-API through Gateway
Event-aware integration capability for real-time analytic data synthesis
and integration
![Page 12: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/12.jpg)
Enterprise Services
Data Services
Mobile Devices
The Mobile Access Gateway
Proliferation of mobile devices increases message volumes
exponentially
Service API’s unavailable in mobile-
friendly formats & protocols (REST, JSON)
Composite services need API’s from
multiple providers, requiring federation
Data privacy and integrity must be
preserved end-to-end
BYOD approach mixes personal and business
use, blurring the security perimeter
API’s must be reusable across multiple mobile
and non-mobile platforms
How to access business intelligence and Big Data in real-
time
Mobile AccessGateway
App- and API-specific security handling—including Oauth—
adapts the perimeter
Federated security for 3rd party API’s, data
aggregation for composite API mashups
Real-time bridging from SOAP, XML and legacy formats to REST, JSON
mobile protocols
Single logical gateway cluster configurable to
handle mobile, web and B2B traffic
Existing enterprise access control and
crypto extended to App-API through Gateway
Event-aware integration capability for real-time analytic data synthesis
and integration
Optimized high scale engine for compute-intensive integration
functions
![Page 13: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/13.jpg)
Mobile App-to-Enterprise Integration Stakeholders
API Server Data Services(Hadoop, RDBMS)
Mobile Access Gateway
MobileApps
On-Prem
Cloud
What API’s are available and how
can I use them?
App Developer
IT Operator
Info Security
API Owner
Who is allowed to use my API’s? Are they being used?
What is changing? Is everything
running smoothly?
How is our data being protected and access controlled?
![Page 14: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/14.jpg)
API Proxy
- Enterprise-grade Mobile Access Gateway
API Portal
- Developer on-boarding, support and resources
- API metrics and reporting
Enterprise Service Manager (ESM)
- API migration, management and dashboarding
Secure OAuth Toolkit
- Support for 2 and 3-legged OAuth
Layer 7 API Management Suite
![Page 15: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/15.jpg)
API Management – How it All Works
Enterprise APIs
1. Publish & Secure APIs 2. Onboard Developers
3. Monetize your APIs
Developer
Security Architect
Business Manager/API Owner
4. Close the Loop
IT Operator
![Page 16: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/16.jpg)
Mobile Access Gateway – API Proxy
Enterprise APIs
1. Publish & Secure APIs
Feature/Function API Proxy
Credentialing Y
Custom Assertion SDK Y
JDBC support Y
SAML support Full
Convert SOAP<->REST Y
WS* support Y
XACML support Y
MTOM support Y
Transports supported JMS, MQ, FTP(s), HTTP(s), raw TCP
Concurrent Assertion support Y
OAuth support 1.0 and 2.0, HMAC, RSA
Rate Limiting Y
Multiple Form Factors Hardware, Software, VMware, AMI
![Page 17: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/17.jpg)
Mobile Access Gateway – OAuth
API Dev Portal or Client API Key store
ID ProviderFor resource owner authentication
Resource owner(subscriber)
Client application(REST client)
1. Handshake2. Service call
Handshake only(optional)
• Plug in your ID providers, IAM, CA Siteminder, OAM, …
• Plug in any developer portal, api key management system
Layer 7 implements OAuth Authorization Server
Layer 7 implements OAuth Resource Server for your REST services, APIs
![Page 18: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/18.jpg)
API Portal – Onboard and Manage Developers
2. Onboard Developers
Feature/Function API Portal
Developer Registration Y
API Key Management Y
API Explorer Y
API Rate Limiting Y
API Reporting Y
Developer Support Y
Fully-branded CMS Y
Account Management Y
Enterprise APIs
![Page 19: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/19.jpg)
ESM – API Migration and Lifecycle Management
Automated dependency resolution when migrating policies between environments
Development Test (Enterprise) Production (Cloud)dev01LDAP
prod01LDAP
cloud01LDAP
3. Monetize your API’s
![Page 20: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/20.jpg)
Example Scenario – Web Application Security
Web Proxy App Server DB Server
Thin & ThickClient
Policy Server(e.g. SiteMinder)
Directory(e.g. AD)
Monitoring & Logging
![Page 21: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/21.jpg)
Example Scenario – Web Services Security
Web Proxy App Server DB Server
Mobile Access Gateway(L7 SecureSpan Gateway)
Thin & ThickClient
Policy Server(e.g. SiteMinder)
Directory(e.g. AD)
Monitoring & LoggingL7 Enterprise
Service Manager
B2BClients
![Page 22: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/22.jpg)
Example Scenario – API Management
Web Proxy App Server DB Server
Mobile Access Gateway(L7 SecureSpan Gateway)
Thin & ThickClient
MobileApps
L7 API Portal
Policy Server(e.g. SiteMinder)
Directory(e.g. AD)
Monitoring & LoggingL7 Enterprise
Service Manager
B2BClients
![Page 23: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/23.jpg)
Challenge: Reduce cost and delay in processing Medicaid member information by bringing the process online
Solution: Mobile Access Gateway allows iPad application to securely connect to existing backend APIs; data routing, strict authN & authZ, comprehensive threat protection
Results: Improved the provider’s health care coverage and member services, while increasing the effectiveness and efficiency of its Medicaid program
Case Study: API-Enabling Health Care
![Page 24: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/24.jpg)
Case Study: Mobile-Enable Airline Services
Challenge: Securely expose existing services to third party developers in order to expand their market reach
Solution: The Layer 7 API Proxy allows the airline to securely expose and manage their APIs, while caching Sabre requests
Results: Significantly grew market reach, while controlling costs associated with constantly pulling data from Sabre to service Developer requests
![Page 25: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/25.jpg)
Case Study: Smart Grid Gateway
Challenge: Migrate energy services to Smart Grid technology, leveraging the new capabilities offered by additional data and communication
Solution: SOA, Web and API Security Gateway enables high volume meter data collection, assisted service and upcoming mobile self-service for enhanced client experience
Results: Cost avoidance for higher volume meter traffic, improved customer service through real-time channels, improved service availability through proactive system monitoring
![Page 26: API Management for Enterprise Mobile Access a How-to Guide](https://reader031.vdocuments.us/reader031/viewer/2022032514/55d55d3cbb61ebe76c8b45bb/html5/thumbnails/26.jpg)
Conclusions
Employees are bringing mobile
devices to work en masse…
…and IT groups must accommodate them
without compromising security and SLA’s
Mobile Apps are being built to
improve productivity and reduce cost…
…existing enterprise services can be used to
quickly and reliably enable these apps
Enterprise API Management
integrates Mobile Apps and Enterprise
Services…
…through a Secure Mobile Access Gateway, an API Portal, and open
standards