How api management supports the digital transformation process

How API Management supports the digital transformation
process
Customer Testimonial
#ESSR
Salons eCom | Swiss IT Business | SMARC | Retail-Expo
24 & 25 Avril 2018 - Palexpo Genève
Stand IT 25

|
Your speakers
Julien Cornouiller
Integration Architect
Chris Dixon
Security Consultant
April 2018How API Management supports the digital transformation process 2

|
Digital Transformation?
April 2018How API Management supports the digital transformation process
Your clients expect to consume your services the way they want to
• On any device
• PC, tablet, mobile phone, smart television, …
• Using their existing accounts
• Facebook, LinkedIn, Twitter, Google, …
• Using well known standards
• HTTP, REST, JSON, OAuth 2, OIDC, …
An API centric approach is essential for todays digital enterprises
An API Management Platform can API-ify your existing legacy services

|
API Management Platform
API Management
Platform
API
Transformation
API Control
API Security
API Monitoring
API Management
(incl. API
Development
Lifecycle)
API Administration
Manage your API consumers
• API documentation
• Versioning
Create REST compliant APIs from
your existing legacy services
Define SLAs to control access to your
services
Implement Throttling to block hacking
and Denial of Service Attacks
Enable support for authentication and
authorisation standards with no change
to underlying services
Implement centralised data security
such as Encryption, Message Signing and
Data Leak Prevention
Monitor your usage of cloud services in
real-time
Provide end-to-end audit capability for all
of your services
Manage the platform
• APIs
• API Developers
• Partners

|
API Management – Business Benefits

|
API Management – Want to Hear More?
To hear more about how API Management can assist your digital
transformation
Contact us at stand IT 25
Attend "API Trends & Cases Studies"
Wednesday
14:00 SALLE D

MSC MEDITERRANEAN SHIPPING COMPANY

MSC SERVICES WORLDWIDE
TRADE SERVICES REEFER SERVICES / INTERMODAL – TRUCKING SERVICES DRY CARGO / INTERMODAL - RAIL SERVICES
INTERMODAL - BARGE SERVICESPROJECT CARGO DEPOT & WAREHOUSING
8

CARGO DIVISION
• 490 vessels
Current Capacity of 19,224 TEUs
Expected 23’000 TEUs
• 500 ports of call
• 18 million TEU carried annually
• 480 offices
• 155 countries
9© Copyright MSC Mediterranean Shipping Company S.A
THE MSC GROUP – CARGO DIVISION

3 Major IT Agency solutions + 10 Local Agency
Solutions + VIP Customers Solutions
• Booking
• Bill of Lading
• Invoice
Several architecture, 90% Database oriented
THE MSC GROUP – CURRENT IT SYSTEMS
HQ IT Systems
• Financial data
• Route & Schedule Management
• Compliance Manager
• Logistic & EDI
• CRM
• Reporting
Database architecture oriented
Communication Inter-System
• Database Synchronization -> 15 TB
• EDI File Transfer -> 300-700 Message/seconds

THE MSC GROUP – IT TRANSITION - ONEVISION
120 dedicated peoples
3 Countries – Geneva, Warren and Chennai
15 Products
Service and API oriented

PROJECT ARCHITECTURE
12
© Copyright MSC Mediterranean Shipping Company S.A.
- Follow OV Standard
- Created by Team and Architect
- Validated by PO
- Communicated to the entire program

OBSERVATION 1 : TIGHTLY COUPLED MONOLITH
13© Copyright MSC Mediterranean Shipping Company S.A.
OBSERVATION
• Tight coupling
• Considering two linked components is one
=> then it’s a monolith.
RISK
• Release cycle between projects are dependent
• Hard to test during development
• Initial deployment will be a pain
• Transition path is quite impossible to implement
• Change management will be a pain

OBSERVATION 2 : MULTIPLE VERSIONING
MDM develop APIs to provide master data
information
OBSERVATION
• All OV HQ projects are dependent to MDM
• MDM must provide ASAP a lot of data
• Service delivery flow is not managed
RISK
• Don’t implement major changes that risk other projects to
failed
• Since MDM will go live in V1 it will be complicated to
change and switch
• API Governance almost impossible to do properly

OBSERVATION 3 : SECURITY
Several data source, several authentication, several
authorization
OBSERVATION
• Several User authentications
• Several Application authorizations
• Several User role based management
RISK
• By pass security due to complex implementation
• No monitoring
User authentication
• O365 Token
• AD
• Custom DB
• External Service (ServiceNow)
User authorization
• O365 for new applications
• None for others
Application authorization
• O365 for new applications
• None for others
Deny of service
• None

ANTI PATTERN : BUILD A GATEWAY FOR EACH
SERVICE
Component 1
Component 2
Service 1
DB 1
Service 2
v1
Service 2
v2
Component 1
Component 2
Service 1
DB 1
Service 2
v1
Service 2
v2
IntegrationSolution
Anti pattern Valid pattern
BENEFITS
• The gateway is reliable
• Each component can be delivered separately
• The transition can be managed changing old service by
new one without re-deploying the components
• Manage versioning
• Reinforce security

INFRASTRUCTURE
• 5 Environments INT, TEST, DEMO, UAT and PROD
• 30 Servers to deploy and support
• Continuous deployment with VisualStudio Team Site
• Swagger file for API definition
• Policy packages for custom Axway development

API MANAGEMENT
• 7 Organizations
• 100 Devs all trained
• 18 Applications
• 60 APIs all secured + quota
activated
• Workflow promotion

SECURITY
Backend authorization standard
• Custom JWT Signed with MSC
certificate
• Transformation from O365, SAML,
Two way SSL and HTTP Basic
Authentication
• O365 authentication
• SAML authentication
• Two way SSL authentication
• HTTP Basic (only for internal
legacy system)
Quota
• Threshold by application
activated

MONITORING / ALERTING
• Nagios for IT
• Elasticsearch stack for APIs
• Grafana for All
• Alert on issue
• Alert on response time

ADOPTION AND DELIVERY
• Internal knowledge ramp-up with AXWAY + SmartWave support
• Switzerland, India, USA
• API Platforms review
• Productivity/reliability: platform + configuration + development
• Operational support (on-going)

KEY BENEFITS WITH THIS SOLUTION
23
© Copyright MSC Mediterranean Shipping Company S.A.
Faster Solution Delivery
• Reduced development demands due to centralized security
implementation
• Significant development workload savings due to
standardization of application interface
• Independence of deliverables breeds business agility
• More effective team communication due to well understood
integration pattern
Simplified Transition Model
• Eased product transition as existing SOAP services can be
transformed on the gateway for REST clients
Improved Security Posture
• Enforce Security layer for each backend API
• Implement custom security checks
• Propose custom authorization for specialized application needs
• Protect services against Denial of Service attacks
Reduced Support and Maintenance Costs
• Centralized component from which to monitor service availability
and investigate failures
• Standardized monitoring interface with full end-to-end audit trail for
traceability
• Due diligence process based on known and proven software
• Management of entire lifecycle: versioning, promotion and
decommissioning of APIs
• Visibility over which APIs are used by which clients avoids
decommissioning legacy versions before all clients have migrated
Increased Performance
• Caching of frequently accessed data
API Consumer Comfort
• Presentation of standardized API hides implementation specifics
• API Consumers can adopt new API versions at their own pace
• Self discovery of available capabilities via API Catalogue

How api management supports the digital transformation process

How api management supports the digital transformation process

More Related Content

Similar to How api management supports the digital transformation process

More from SmartWave

Recently uploaded

How api management supports the digital transformation process