SlideShare a Scribd company logo

2016 06 - design your api management strategy - axway - Api Management

SmartWave
SmartWave

David Soulalioux, API Gateway pre-sales engineer at Axway illustrated, among others, a concrete use case of cloud API management at a worldwide energy industry leader. The presentation depicted the exposition of customer’s “Fuel Market” intranets website existing APIs to the outside world. This integration outlined the added value of the API Gateway as authentication layer, security and Quality Of Service (QoS) enforcement point. Also, the retained cloud infrastructure enabled for a scalable and reliable solution, allowing developers to focus on services instead of worrying about the infrastructure.

Related slideshows

Jade Global Digital Transformation & Cloud Consulting Partner - Overview
Jade Global Digital Transformation & Cloud Consulting Partner - OverviewJade Global Digital Transformation & Cloud Consulting Partner - Overview
Jade Global Digital Transformation & Cloud Consulting Partner - Overview
 
INTERFACE by apidays_Recommendations for API Governance and an API Economy Ce...
INTERFACE by apidays_Recommendations for API Governance and an API Economy Ce...INTERFACE by apidays_Recommendations for API Governance and an API Economy Ce...
INTERFACE by apidays_Recommendations for API Governance and an API Economy Ce...
 
Introduction to Microservices
Introduction to MicroservicesIntroduction to Microservices
Introduction to Microservices
 
1 of 29
Download to read offline
Axway API Management David Soulalioux PreSales API Management
2016 06 - design your api management strategy - axway - Api Management
DIGITAL BUSINESS CLOUD INTEGRATIONMOBILE ACCESS INTERNET OF THINGS/ BIG DATA THREAT PROTECTIONSOCIAL CONNECTIVITY DEVELOPER ENGAGEMENT API MANAGEMENT
Leveraging the benefits of the Cloud without getting into new technical silos. Internal service virtualization, enrichment, transformation, routing & orchestration. Better Time to Market for all your multi-channel projects (Web site, Mobile, Social, 3rd party app). Secured and real-time communication with your B2B partners.
Secure and Integrate Digital Channels to your Backend Systems REST API APIs Services Applications Data R E S T SOAP Web Services JMS, FTP(s), DB, File, Email Policy Enforcement API Gateway Policy Developers Create and extend policies Integrate with applications and infrastructure APIs
Run your API Business on top of your deployed Services API API Manager Application Developers API Portal API API Registration & Lifecycle API Catalog Partner & Policy Administration Self-Service API consumption Build developer community New channel to market brand API Developers API Administrators Self-register to resources Browse and learn APIs Manage application credentials R E S T Policy Enforcement API Gateway Register and manage API lifecycle Perform partner, policy and process admin Monitor and report API use
API Management: A flexible and open platform, fast to deploy, that scales Security and Protocols: High security with simplicity, mobile & IOT API-based Integration: Visual mapper, connectors, mash-ups Hybrid API Mgt: Continuous Delivery, Build in seconds, Run anywhere Easier API Consumption: client app SDK, IOT SDK, citizen integrator Business Visibility: Analytics & Monetization Enterprise Architect Chief Security Officer API and Integration Developer DevOps Manager Digital App Developer LOB Manager DS1
APIs Administrators Policy Studio Applications developers Technical product owner API Gateway API Manager API Portal Runtime Partners REST, SOAP Design Design/Runtime REST, SOAP, others REST, SOAP, others Services Applications Data Backend Services Messaging API sAPIs REST, SOAP Policies designers API Manager UI
The Hybrid Platform to build your mobile business Integration with Back-End systems amounts up to 70% of Mobile Application Development project costs…. Gartner, 2015 Appcelerator Titanium Build native cross-platform apps at the speed of mobile Appcelerator Arrow Mobile-optimized access to any data source Back-end Services Axway API Management Superior Level of Security Appcelerator Analytics Real time Mobile Analytics
API Management Plus 10 Multi-channel UX Employees, Customers, Suppliers Cloud and On premise Applications Partners Native APIs REST, SOAP REST, SOAP Services Applications Data Backend Services Messaging API Management • Security/Qos • Monitoring API Gateway • Self-service • Discover & Try • Support API Portal (add-on) • Lifecycle Mgmt. • API Catalog • Partner mgmt. API Manager REST, SOAP Mobile SDK (from API Manager 7.5.2) REST API Creation Data APIs Appcelerator Arrow • Protocol Conversion • Data Transformation • Security Integration API Gateway for Backend IntegrationREST CREATECREATECONTROLCONTROLCONSUMECONSUME REST
End to end digital lifecycle End to end coverage with Axway 11 BUILD DOCUMENTCONNECT TEST DEPLOY PUBLISH DISCOVER MONITOR SCALE PROTECT ANALYZE THROTTLE ACCESS AUTHENTICATE CREATECREATE CONTROLCONTROL CONSUMECONSUME BUILD DOCUMENTCONNECT TEST DEPLOY PUBLISH DISCOVER MONITOR SCALE PROTECT ANALYZE THROTTLE ACCESS AUTHENTICATE API MANAGEMENT API MANAGEMENT
Axway Cloud
Part of the core Axway Cloud infrastructure ! Axway is SOC 1/SSAE16 (SOC 2 for 2016) certified ! Axway is ISO27001 certified ! Axway has an advanced security architecture on Amazon ! CSPN et Common Criterial : certification process on-going (2016) ! Axway is ISO9001 certified ! Cloud Axway resources are ITIL foundation V3 certified ! Axway follow ITIL principles & best practices ! Amazon is leader in cloud security : – SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70 Type II) – SOC 2 – FISMA, DIACAP, and FedRAMP – PCIDSS Level 1 – ISO27001 – ITAR – FIPS 140‐2 – https://aws.amazon.com/security/ 13
Customer use cases
SolutionChallenges Axway API Management • ERDF, is a subsidiary of EDF, in charge of distributing power supply in France . The global turnover is around 13.2 billion € (2014) • Enable agility of the IT infrastructure • Interoperability of the IT • Faster delivery cycles • Ability to deploy in hybrid mode (SAAS and cloud) • Secure, measure, control and monitor access to ERDF resources towards Digital programmers • Ability to publish a catalog, exposure external entities to limited scope of the IT resources • 1st API Management Plus platform in France • Hybrid model on SAAS and on Premise • API Management and Appcelerator Mbaas to faster data service releases. • Key products: AppCelerator Mbaas, API Manager, API Gateway, API Portal • On premise and SAAS deployment
2016 06 - design your api management strategy - axway - Api Management
Total M&S
18
• Start fast… • A cloud solution aligned with Total strategy • Outside of Total security constraints and firewall • Ubiquitous service • Able to answer quickly to any kind of complexity • Able to answer quickly to business development needs 19
20
• Fuel use cases – Expose “Fuel Market” intranets website existing APIs to the outside world – Invoice status, Available fuel, Orders, +++ • API Gateway added value: – Authentication Layer (IP black & white lists, signatures) – Security enforcement (Threat detection) – Implements Quality Of Service (throttling) – Controls Messages (Checks formats – REST JSON) – Maintains VPN Backend-to-Backend connection 21
• Turkish Partner – SAP synchronization – Rationalize & extend external Partner interconnections – Synchronize orders information • API Gateway role: – Replaces existing “hard-to-maintain” TOTAL internal connections – Offers a secured, standardized channel for their SOAP exchanges – Brings agility & flexibility to both TOTAL & their Turkish partner 22
• “Bitumen” (Tar) Management – Business need: Virtualize existing Web service from a Total applicative backend platform for end customer benefit • Avoid disintermediation • Renew contact with end customer • Boost tar sales • API Gateway role: – Webservices virtualization – Internet exposition – QoS Management 23
• Corporate GR Card Holder Program (PILOT) – Business need: Provide new services through a mobile application around corporate card program – Connect to user space – List card set associated to manager user – Oppose cards • 90+ other business needs • Target users: – Pilot – Local Card Holder Manager (3,5M people) – Target – Card Holders 24
25
26 Sécurité Authentification QoS Transport avec les partenaires Contrôle des messages Contrôle des formats Transport avec les Back end
27
28
29

More Related Content

2016 06 - design your api management strategy - axway - Api Management

  • 3. DIGITAL BUSINESS CLOUD INTEGRATIONMOBILE ACCESS INTERNET OF THINGS/ BIG DATA THREAT PROTECTIONSOCIAL CONNECTIVITY DEVELOPER ENGAGEMENT API MANAGEMENT
  • 4. Leveraging the benefits of the Cloud without getting into new technical silos. Internal service virtualization, enrichment, transformation, routing & orchestration. Better Time to Market for all your multi-channel projects (Web site, Mobile, Social, 3rd party app). Secured and real-time communication with your B2B partners.
  • 5. Secure and Integrate Digital Channels to your Backend Systems REST API APIs Services Applications Data R E S T SOAP Web Services JMS, FTP(s), DB, File, Email Policy Enforcement API Gateway Policy Developers Create and extend policies Integrate with applications and infrastructure APIs
  • 6. Run your API Business on top of your deployed Services API API Manager Application Developers API Portal API API Registration & Lifecycle API Catalog Partner & Policy Administration Self-Service API consumption Build developer community New channel to market brand API Developers API Administrators Self-register to resources Browse and learn APIs Manage application credentials R E S T Policy Enforcement API Gateway Register and manage API lifecycle Perform partner, policy and process admin Monitor and report API use
  • 7. API Management: A flexible and open platform, fast to deploy, that scales Security and Protocols: High security with simplicity, mobile & IOT API-based Integration: Visual mapper, connectors, mash-ups Hybrid API Mgt: Continuous Delivery, Build in seconds, Run anywhere Easier API Consumption: client app SDK, IOT SDK, citizen integrator Business Visibility: Analytics & Monetization Enterprise Architect Chief Security Officer API and Integration Developer DevOps Manager Digital App Developer LOB Manager DS1
  • 8. APIs Administrators Policy Studio Applications developers Technical product owner API Gateway API Manager API Portal Runtime Partners REST, SOAP Design Design/Runtime REST, SOAP, others REST, SOAP, others Services Applications Data Backend Services Messaging API sAPIs REST, SOAP Policies designers API Manager UI
  • 9. The Hybrid Platform to build your mobile business Integration with Back-End systems amounts up to 70% of Mobile Application Development project costs…. Gartner, 2015 Appcelerator Titanium Build native cross-platform apps at the speed of mobile Appcelerator Arrow Mobile-optimized access to any data source Back-end Services Axway API Management Superior Level of Security Appcelerator Analytics Real time Mobile Analytics
  • 10. API Management Plus 10 Multi-channel UX Employees, Customers, Suppliers Cloud and On premise Applications Partners Native APIs REST, SOAP REST, SOAP Services Applications Data Backend Services Messaging API Management • Security/Qos • Monitoring API Gateway • Self-service • Discover & Try • Support API Portal (add-on) • Lifecycle Mgmt. • API Catalog • Partner mgmt. API Manager REST, SOAP Mobile SDK (from API Manager 7.5.2) REST API Creation Data APIs Appcelerator Arrow • Protocol Conversion • Data Transformation • Security Integration API Gateway for Backend IntegrationREST CREATECREATECONTROLCONTROLCONSUMECONSUME REST
  • 11. End to end digital lifecycle End to end coverage with Axway 11 BUILD DOCUMENTCONNECT TEST DEPLOY PUBLISH DISCOVER MONITOR SCALE PROTECT ANALYZE THROTTLE ACCESS AUTHENTICATE CREATECREATE CONTROLCONTROL CONSUMECONSUME BUILD DOCUMENTCONNECT TEST DEPLOY PUBLISH DISCOVER MONITOR SCALE PROTECT ANALYZE THROTTLE ACCESS AUTHENTICATE API MANAGEMENT API MANAGEMENT
  • 13. Part of the core Axway Cloud infrastructure ! Axway is SOC 1/SSAE16 (SOC 2 for 2016) certified ! Axway is ISO27001 certified ! Axway has an advanced security architecture on Amazon ! CSPN et Common Criterial : certification process on-going (2016) ! Axway is ISO9001 certified ! Cloud Axway resources are ITIL foundation V3 certified ! Axway follow ITIL principles & best practices ! Amazon is leader in cloud security : – SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70 Type II) – SOC 2 – FISMA, DIACAP, and FedRAMP – PCIDSS Level 1 – ISO27001 – ITAR – FIPS 140‐2 – https://aws.amazon.com/security/ 13
  • 15. SolutionChallenges Axway API Management • ERDF, is a subsidiary of EDF, in charge of distributing power supply in France . The global turnover is around 13.2 billion € (2014) • Enable agility of the IT infrastructure • Interoperability of the IT • Faster delivery cycles • Ability to deploy in hybrid mode (SAAS and cloud) • Secure, measure, control and monitor access to ERDF resources towards Digital programmers • Ability to publish a catalog, exposure external entities to limited scope of the IT resources • 1st API Management Plus platform in France • Hybrid model on SAAS and on Premise • API Management and Appcelerator Mbaas to faster data service releases. • Key products: AppCelerator Mbaas, API Manager, API Gateway, API Portal • On premise and SAAS deployment
  • 18. 18
  • 19. • Start fast… • A cloud solution aligned with Total strategy • Outside of Total security constraints and firewall • Ubiquitous service • Able to answer quickly to any kind of complexity • Able to answer quickly to business development needs 19
  • 20. 20
  • 21. • Fuel use cases – Expose “Fuel Market” intranets website existing APIs to the outside world – Invoice status, Available fuel, Orders, +++ • API Gateway added value: – Authentication Layer (IP black & white lists, signatures) – Security enforcement (Threat detection) – Implements Quality Of Service (throttling) – Controls Messages (Checks formats – REST JSON) – Maintains VPN Backend-to-Backend connection 21
  • 22. • Turkish Partner – SAP synchronization – Rationalize & extend external Partner interconnections – Synchronize orders information • API Gateway role: – Replaces existing “hard-to-maintain” TOTAL internal connections – Offers a secured, standardized channel for their SOAP exchanges – Brings agility & flexibility to both TOTAL & their Turkish partner 22
  • 23. • “Bitumen” (Tar) Management – Business need: Virtualize existing Web service from a Total applicative backend platform for end customer benefit • Avoid disintermediation • Renew contact with end customer • Boost tar sales • API Gateway role: – Webservices virtualization – Internet exposition – QoS Management 23
  • 24. • Corporate GR Card Holder Program (PILOT) – Business need: Provide new services through a mobile application around corporate card program – Connect to user space – List card set associated to manager user – Oppose cards • 90+ other business needs • Target users: – Pilot – Local Card Holder Manager (3,5M people) – Target – Card Holders 24
  • 25. 25
  • 26. 26 Sécurité Authentification QoS Transport avec les partenaires Contrôle des messages Contrôle des formats Transport avec les Back end
  • 27. 27
  • 28. 28
  • 29. 29