API Management for Enterprise Mobile Access  a How-to Guide
 

API Management for Enterprise Mobile Access a How-to Guide

on

  • 1,689 views

 

Statistics

Views

Total Views
1,689
Views on SlideShare
1,688
Embed Views
1

Actions

Likes
1
Downloads
17
Comments
0

1 Embed 1

http://www.linkedin.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Technical/security architects work with the Layer 7 Gateway to create policy that secures their enterprise APIsWeb administrators work with the Layer 7 API Portal to customize the look and feel; create API documentation and resources; etc, enabling developers to quickly understand how to work with the APIs and build out an applicationBusiness Managers and API Owners tasked with monetizing their APIs (or expand their market reach) create business rules around who can use which APIs in what waysThose business rules created on the API Portal are written down to the Layer 7 Gateway and enforced at runtime to ensure proper API interaction
  • Enterprise Service Manager also provides operational reporting and dashboarding

API Management for Enterprise Mobile Access  a How-to Guide API Management for Enterprise Mobile Access a How-to Guide Presentation Transcript

  • API Management for Enterprise Mobile AccessA Layer 7 Technologies Solution Matt McLarty, VP, Client Solutions, Layer 7 Technologies
  • Housekeeping Questions - Chat any questions you have and we’ll answer them at the end of this call Twitter facebook.com/layer7 - Today’s event hashtag: layer7.com/linkedin - #L7webinar layer7.com/blogs - Follow us on Twitter as well: - @layer7
  • Agenda • BYOD and the App Explosion “Bring Your • Innovation through ConsumerizationOwn Device” • Enterprise Mobility and the Mobile App Paradigm Enterprise Mobile • Leveraging Enterprise Services and Assets Integration • API Publication, Security and MonetizationEnterprise API • Solutions and Case Studies from Layer 7 TechnologiesManagement
  • BYOD: Bring Your Own Device Courtesy of Click Software
  • BYOD: iPad @ Work – from IDG Connect “iPad for Business Survey 2012”
  • The App ExplosionCourtesy of zendesk Courtesy of [x]cube Labs
  • Pillars of an Enterprise Mobility Strategy*  “By exposingBusiness Drivers access … throughHardware Ownership & Support a standardized mobile-friendlyDeployment, Provisioning & Management enterpriseEnterprise Services Platform services layer, the cost ofApplication Portfolio & Roadmap innovation can be dramaticallyCorporate Governance & Processes reduced.”Security Standards & Audit Processes * From “iPad in the Enterprise”, N. Clevenger, Wiley 2011
  • Mobile App-to-Enterprise Service Integration • Existing enterprise • Re-use of API and services can create shared services and increase infrastructure revenue Increase Cost Revenue Reduction Quality of Compliance Service • Leverages proven • Uses existing systems with security policies enterprise SLA’s and technologies
  • Mobile App-to-Enterprise Service Integration Challenges Mobile Devices Enterprise Services Data Services Network Composite services Proliferation of mobile Service API’s need API’s from Data privacy and devices increases unavailable in mobile- multiple integrity must be message volumes friendly formats & providers, requiring preserved end-to-end exponentially protocols (REST, JSON) federation BYOD approach mixes API’s must be reusable How to access personal and business across multiple mobile business intelligence use, blurring the and non-mobile and Big Data in real- security perimeter platforms time
  • Enterprise Service Platform Evolution Web Apps and Web Services (2001-2010) Thin & Thick Client Web Proxy App Server DB Server Mobile Apps and API’s (2011 and beyond) Mobile On- Apps Prem Cloud Mobile Access Gateway API Server Data Services (Hadoop, RDBMS)
  • The Mobile Access Gateway Mobile Devices Enterprise Services Real-time bridging from SOAP, XML and legacys Data Services JSON formats to REST, Network mobile protocols Optimized high scale engine for compute- Single logical gateway intensive integration cluster configurable to functions handle mobile, web and B2B traffic Proliferation of mobile Composite services App- and API-specific Service API’s Data privacy and Existing enterprise devices increases need API’s from security handling— unavailable in mobile- message volumes multiple providers, friendly formats & access control andbe integrity must including Oauth— preserved end-to-end crypto extended to App- exponentially requiring federation adapts the perimeter protocols (REST, JSON) API through Gateway BYOD approach mixesFederated security for reusable API’s must be How to accessEvent-aware integration 3rd party API’s, multiple mobile personal and business across data capability for real-time business intelligence use, blurring the aggregation for and non-mobile analytic data synthesis and Big Data in real- composite API mashups security perimeter platforms time and integration
  • The Mobile Access Gateway Mobile Devices Mobile Access Enterprise Services Service API’s Real-time bridging from unavailable in mobile- SOAP, XML and legacy Gateway friendly formats & Data Services JSON formats to REST, protocols (REST, JSON) mobile protocols Proliferation of mobile Optimized high scale devices increases engine for compute- API’s must be reusable Single logical gateway message volumes intensive integration across multiple mobile cluster configurable to exponentially functions and non-mobile handle mobile, web and platforms B2B traffic BYOD approach mixes App- and API-specific Existing enterprise personal and business security handling— Data privacy and access control and use, blurring the including Oauth— integrity must be crypto extended to App- security perimeter adapts the perimeter preserved end-to-end API through Gateway Composite services Federated security for How to access Event-aware integration need API’s from 3rd party API’s, data business intelligence capability for real-time multiple providers, aggregation for and Big Data in real- analytic data synthesis requiring federation composite API mashups time and integration
  • Mobile App-to-Enterprise Integration Stakeholders App Who is allowed to API Developer use my API’s? Are Owner What API’s are they being used? available and how can I use them? Mobile On- Apps Prem Cloud Mobile Access Gateway API Server Data Services (Hadoop, RDBMS) IT Info How is our data Security Operator being protected and What is changing? access controlled? Is everything running smoothly?
  • Layer 7 API Management Suite API Proxy - Enterprise-grade Mobile Access Gateway API Portal - Developer on-boarding, support and resources - API metrics and reporting Enterprise Service Manager (ESM) - API migration, management and dashboarding Secure OAuth Toolkit - Support for 2 and 3-legged OAuth
  • API Management – How it All Works Enterprise APIs 1. Publish & Secure APIs 2. Onboard Developers Developer Security Architect 4. Close the Loop 3. Monetize your APIs IT Operator Business Manager/ API Owner
  • Mobile Access Gateway – API Proxy Enterprise APIs Feature/Function API Proxy Credentialing Y Custom Assertion SDK Y JDBC support Y SAML support Full Convert SOAP<->REST Y WS* support Y XACML support Y 1. Publish & Secure APIs MTOM support Y Transports supported JMS, MQ, FTP(s), HTTP(s), raw TCP Concurrent Assertion support Y OAuth support 1.0 and 2.0, HMAC, RSA Rate Limiting Y Multiple Form Factors Hardware, Software, VMware, AMI
  • Mobile Access Gateway – OAuth• Plug in your ID providers, IAM, CA Siteminder, OAM, …• Plug in any developer portal, api key management system Layer 7 implements OAuth Layer 7 implements OAuth Resource Server for your REST Authorization Server services, APIsClient application (REST client) API Dev Portal or Client API Key store 1. Handshake 2. Service call Handshake only (optional) Resource owner (subscriber) ID Provider For resource owner authentication
  • API Portal – Onboard and Manage Developers Enterprise APIs 2. Onboard Developers Feature/Function API Portal Developer Registration Y API Key Management Y API Explorer Y API Rate Limiting Y API Reporting Y Developer Support Y Fully-branded CMS Y Account Management Y
  • ESM – API Migration and Lifecycle Management Automated dependency resolution when migrating policies between environments cloud01LDAP prod01LDAP Development Test (Enterprise) Production (Cloud) dev01LDAP 3. Monetize your API’s
  • Example Scenario – Web Application Security Thin & Thick Client Web Proxy App Server DB Server Policy Server Directory (e.g. SiteMinder) (e.g. AD) Monitoring & Logging
  • Example Scenario – Web Services Security Thin & Thick Client Web Proxy App Server DB Server B2B Clients Policy Server Directory (e.g. SiteMinder) (e.g. AD) Mobile Access Gateway (L7 SecureSpan Gateway) L7 Enterprise Service Manager Monitoring & Logging
  • Example Scenario – API Management Thin & Thick Client Web Proxy App Server DB Server B2B L7 API Portal Clients Policy Server Directory (e.g. SiteMinder) (e.g. AD) Mobile Apps Mobile Access Gateway (L7 SecureSpan Gateway) L7 Enterprise Service Manager Monitoring & Logging
  • Case Study: API-Enabling Health Care Challenge: Reduce cost and delay in processing Medicaid member information by bringing the process online Solution: Mobile Access Gateway allows iPad application to securely connect to existing backend APIs; data routing, strict authN & authZ, comprehensive threat protection Results: Improved the provider’s health care coverage and member services, while increasing the effectiveness and efficiency of its Medicaid program
  • Case Study: Mobile-Enable Airline Services Challenge: Securely expose existing services to third party developers in order to expand their market reach Solution: The Layer 7 API Proxy allows the airline to securely expose and manage their APIs, while caching Sabre requests Results: Significantly grew market reach, while controlling costs associated with constantly pulling data from Sabre to service Developer requests
  • Case Study: Smart Grid Gateway Challenge: Migrate energy services to Smart Grid technology, leveraging the new capabilities offered by additional data and communication Solution: SOA, Web and API Security Gateway enables high volume meter data collection, assisted service and upcoming mobile self-service for enhanced client experience Results: Cost avoidance for higher volume meter traffic, improved customer service through real-time channels, improved service availability through proactive system monitoring
  • Conclusions Employees are …and IT groups must bringing mobile accommodate them devices to work en without compromising masse… security and SLA’s Mobile Apps are …existing enterprise being built to services can be used to improve productivity quickly and reliably and reduce cost… enable these apps Enterprise API Management …through a Secure Mobile Access Gateway, integrates Mobile an API Portal, and open Apps and Enterprise standards Services…