layer 7 api management for aws - business uninterrupted/media/files/datasheets/layer... · layer 7...
TRANSCRIPT
Copyright © 2013 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies.
Layer 7 API Management for AWS
Secure & Manage APIs Hosted in Amazon EC2 for Simplified Integration with Partners, Federation with Enterprises, Cloud Bursting & External Developer Engagement
Layer 7’s API Management for AWS EC2 solution allows you to:
Manage AWS-Hosted APIs Control API security, SLAs and availability for EC2 applications
Extend Enterprise Identity
Federate enterprise identities with EC2 applications, for simplified access management
Open APIs to Partners Enable API-based integration with key partners
Simplify Cloud Bursting
Enable cloud mirroring and off-peak traffic bursts
Engage Developers Build developer communities and enable developer self-service
Learn More About Layer 7’s Solutions for Cloud API Phone
+1-800-681-9377 (toll free within North America) or +1-604-681-9377
Email [email protected]
Web www.layer7.com
Facebook www.facebook.com/layer7
Twitter @layer7
Open up AWS-Hosted Apps to the Enterprise, Partners & Developers
Hybrid enterprise applications often require communication of data and functionality between Amazon Web Services EC2 and the enterprise datacenter. Sometimes they also need to be integrated with partners or even other cloud services. Many operators of Web and mobile applications on Amazon Web Services (AWS) also want to open up their applications to external developer communities. All these scenarios require that APIs be exposed to systems and developers outside the enterprise. Layer 7’s SecureSpan API Proxy allows AWS customers to do this in a secure and managed way while addressing critical identity, performance, integration and elasticity requirements.
Enterprises exposing APIs from Amazon EC2 want to:
Manage access to APIs, based on federated identities Protect cloud-hosted APIs against attack Optimize API performance Enforce SLA policies for APIs Track API usage Insulate developers from API changes Ensure data privacy and integrity to and from AWS Mediate and translate API requests Dynamically expand capacity to accommodate seasonal/unexpected demand
To address these API security and management requirements in Amazon EC2, Layer 7 offers API publishers the option of deploying an API Proxy and API Portal in the same EC2 environment as their APIs.
The Role of an API Management Solution for APIs in the Cloud
The SecureSpan API Proxy can secure, meter, adapt and abstract REST, OData, SOAP and JSON service interfaces and can provide a secure communication and orchestration channel between hybrid applications residing in both the enterprise and the cloud. Mobile-specific proxy features optimize for mobile app performance and integration to mobile devices.
The Layer 7 API Portal makes it simple to onboard internal and third‐party developers and provides self-registration tools for API usage, management and subscription, with built-in workflow operations for approval of developers and applications. Analytics are provided, allowing developers and publishers to evaluate API effectiveness.
Fully Integrated into the Amazon EC2 Infrastructure
Layer 7’s API Management for AWS Solution provides out-of-the-box integration with Amazon EC2 infrastructure, for performance and scalability. Clusters of SecureSpan API Proxies use centralized RDS stores for policy management and logging, and support failover and disaster recovery scenarios across multiple environments. Integration with CloudWatch and Amazon Auto Scaling provides intelligent distribution of API requests to dynamic backend infrastructure, using built-in load balancing algorithms or Amazon Elastic Load Balancing. The API Proxy cluster can also scale as necessary, based on demand – throughput increases linearly with each new Gateway added to the cluster.
Copyright © 2013 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies.
Figure 1: Layer 7 API Management for Amazon
Web Services EC2 (Basic Architecture)
Use Case 1 – API Management
Layer 7’s SecureSpan API Proxy can be configured in Amazon EC2 with security policies for APIs being exposed from the cloud. The Layer 7 API Portal allows developer onboarding, provides documentation and grants access to the APIs.
Use Case 2 – Federated Identity
The SecureSpan API Proxy can be placed within the enterprise to generate a federated identity token (SAML, for instance) containing important user attributes (group membership, rank etc). Alternatively, this API Gateway can serve as an OAuth authorization server and OpenID provider endpoint, to generate an access token. The API Gateway in Amazon EC2 will validate incoming SAML or OAuth tokens, without requiring actual user credentials.
Use Case 3 – Dynamic Scaling
The API Proxy can integrate with EC2 Auto Scaling to load balance to new API endpoints created due to high seasonal or intermittent load. If necessary, additional Proxies can also be automatically added to Gateway clusters in order to scale the management infrastructure.
Key Features
API Identity & Security
API Security API threat protection and data validation
End-to-end data and protocol security
JSON/XML content filtering
Advanced cryptography
Identity Brokering Identity-based access to services/operations
SSO to API publisher and third-party SaaS
Full support for OAuth integrations
Support for SAML, X.509 certs, custom tokens
Integration with leading identity, access, SSO and federation systems
API Mediation & Translation
API Adaptation & Orchestration
API and data remapping New API composition
Policy-based workflow allows orchestration of multiple backend API calls exposed as a single virtual API tailored to the device or platform of the caller
API Management & Visibility
SLA Enforcement Define rate limiting policies, based on endpoint or
requestor identity
Prioritize traffic requests
Optimize routing, based on latency
API Optimization Cache responses
Compress data
Aggregate message responses for mobile devices
Version Management Support multiple API versions Manage API lifecycle across dev, test
and production
API Metrics Usage metrics by user, developer, application Real-time visibility into API health
Developer Onboarding & Management
Developer API Keys Issue API Keys Allow self-service enrollment
API Discovery & Docs Publish API documentation Explore and test API functionality
Social Tools Create forums Enable rankings
To learn more about Layer 7, call us today at +1-800-681-9377 (toll free within North America) or +1-604-681-9377. You can also: email us at [email protected]; friend us on Facebook at facebook.com/layer7; visit us at layer7.com; follow us on Twitter (@layer7).