On-Demand Recording: https://www.nginx.com/resources/webinars/successfully-implement-your-api-strategy-with-nginx/ About the Webinar Cloud-native applications are distributed and decentralized by design, composed of dozens, hundreds, or even thousands of APIs connecting services deployed across cloud, on-premises, and edge environments. Without an effective API strategy in place, API sprawl quickly gets out-of-control and becomes unmanageable as the number of APIs in production outpaces your ability to govern and secure them. In this webinar we explore trends that are accelerating API sprawl and look at some well-established best practices for managing, governing, and securing APIs in distributed environments. Our presenters also demo how to use API Connectivity Manager, part of F5 NGINX Management Suite, to streamline and accelerate your API operations.

1. Implement Your API Strategy
with NGINX
Andrew Stiefel, Product Marketing Manager
Akash Ananthanarayanan, Technical Marketing Manager

2. ©2022 F5
2
10-Year API Growth (Estimated)1
APIs are growing at an exponential rate
Without a holistic strategy, APIs sprawl across distributed teams and environments
SOURCES: Continuous API Sprawl (F5, 2021); State of Application Strategy Report (F5, 2021 and 2022); Cyber Magazine (2022)
Baseline
Aggressive
Conservative
93%
51%
15,564
201%
of enterprises operate across two or more architectures2
of enterprises are running more than 200 applications2
growth in the number of APIs over the past 12 months3
average number of APIs in production3

3. ©2022 F5
3
What are the causes of API sprawl?
Adoption of Microservices
Applications are composed of dozens
or even thousands of discrete services
Multi-Cloud Architectures
Complex architectures result in APIs
spread across multiple environments
Continuous Software Development
More teams are building more APIs
and releasing more changes faster

4. ©2022 F5
4
Direct and hidden costs from API sprawl
include longer development cycles, rework,
and longer outages
API sprawl creates risks
Reduced visibility
Hard to monitor traffic for
threats and performance
Diminished reliability
Increased risk of outages due
to misconfigurations
Increased complexity
Difficult to manage policies
across the enterprise
Elevated threats
Unsecured APIs are easy
targets for attacks

5. ©2022 F5
5
$41B
estimated global losses
caused by API security breaches
over the last 12 months1
41%
of organizations experienced
an API security incident
in the last 12 months2
APIs will become the most common attack vector this year
But IT leaders say they would turn off security measures to improve performance
76%
of software engineering leaders
would turn off security measures
to improve performance3
SOURCES: “API Attacks Soar Amid Growing Application Surface Area” (Dark Reading, 2022); State of Application Strategy Report (F5, 2022)

6. ©2022 F5
6
Plan your API strategy
These four stage span the people, processes, and technology building blocks of your API strategy
01
Align stakeholders around
the business case
02
Educate and evangelize to
build an API-first culture
03
Evaluate and build core API
technology stack
04
Engage customers, partners
and your wider ecosystem

7. ©2022 F5
7
Implement best practices to fight API sprawl
Operate in any environment
Give teams agency
Use API-first tools
Create a single source of truth
Keep documentation up-to-date
Apply API security at scale
Deploy across cloud, on-premises, and edge
environments with cloud and runtime agnostic tools
Give teams access to shared infrastructure and
enable them to manage their services
Integrate into CI/CD pipelines with declarative APIs
to manage infrastructure and API lifecycles
Streamline API discovery and onboarding with a
centralized API catalog
Ensure proper documentation and versioning by
using the OpenAPI Specification
Protect APIs across every touchpoint with basic and
advanced API security from edge to runtime

8. ©2022 F5
8
How NGINX Can Help
Simplify the complexity of connecting, governing, and securing APIs across distributed teams and environments
Scalability
Ensure uncompromised
performance and reliability
with NGINX API Gateways
Insights
Gain visibility into API gateway
traffic and configurations
across environments
Governance
Ensure uniform governance
while empowering developers
to manage API-level controls
Security
Defend APIs against common
and advanced threats with out-
of-the-box protection

9. ©2022 F5
9
Secure API Connectivity with F5 NGINX
Advanced API security with out-of-the-box
protection from the OWASP API Top Ten
Deliver unparalleled performance with
NGINX Plus as an API gateway
Connect, govern, and secure APIs for
cloud-native applications

10. ©2022 F5
10
Architecture Overview/API Gateway/ API
Management

11. ©2022 F5
11
Architecture Overview
Backend
API
servers
Infra Admin API Owner
API Gateway
Dev Portal
API Consumers

12. ©2022 F5
12
• Role
• Dataplane – exposes API
• Route API requests
• Apply API security policies
• Personas
• Deployed by Infrastructure Team
• API exposed by API Team
• Deployment
• Standalone
• As a container (Docker, Kubernetes)
API Gateway

13. ©2022 F5
13
• Role
• Management Plane – Create,
publish, and document API
• Enforcement (security policies)
• Governance
• Components
• GUI (mgmt plane)
• Developer portal
• Reporting and analytics
• Personas
• Infrastructure team, API team, Developers
API Management

14. ©2022 F5
14
F5NGINXMANAGEMENTSUITE
API Connectivity Manager Demo

15. ©2022 F5
15
Logical Illustration of API Connectivity Manager

16. ©2022 F5
16
Request a Free Trial of NGINX Management Suite
https://www.nginx.com/free-trial-request-nginx-management-suite

17. ©2022 F5
17
Questions?